92769c823343d8be9db047a2d554fc49ed4b6b27
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-08-16  Adam Barth  <abarth@webkit.org>
2
3         Unreviewed. Sort the xcodeproj file.
4
5         * WebCore.xcodeproj/project.pbxproj:
6
7 2012-08-16  Adam Barth  <abarth@webkit.org>
8
9         Unreviewed. Update bindings tests results from my recent VoidCallback
10         patch. The new result is correct.
11
12         * bindings/scripts/test/V8/V8TestCallback.cpp:
13
14 2012-08-16  Andrey Kosyakov  <caseq@chromium.org>
15
16         Web Inspector: CPU profiler status bar is broken.
17         https://bugs.webkit.org/show_bug.cgi?id=94212
18
19         Reviewed by Pavel Feldman.
20
21         - properly compute floating status bar buttons offset for profile and timeline panels,
22             taking actual number of panel status bar buttons and panel sidebar offset into account;
23
24         * inspector/front-end/ProfilesPanel.js:
25         (WebInspector.ProfilesPanel.prototype.get statusBarItems):
26         (WebInspector.ProfilesPanel.prototype.sidebarResized):
27         (WebInspector.ProfilesPanel.prototype.onResize):
28         * inspector/front-end/SplitView.js:
29         (WebInspector.SplitView.prototype.sidebarWidth):
30         * inspector/front-end/StatusBarButton.js:
31         * inspector/front-end/TimelinePanel.js:
32         (WebInspector.TimelinePanel.prototype.sidebarResized):
33         (WebInspector.TimelinePanel.prototype.onResize):
34
35 2012-08-16  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
36
37         Fix the Mac build.
38
39         Unreviewed build fix.
40
41         * WebCore.exp.in: Export FrameView::didFirstLayout()
42
43 2012-08-16  Konrad Piascik  <kpiascik@rim.com>
44
45         Add BB10 User Agent String to Web Inspector.
46         https://bugs.webkit.org/show_bug.cgi?id=94217
47
48         Reviewed by George Staikos.
49
50         Add the new BlackBerry 10 User Agent String and device metrics for
51         emulation.
52
53         * inspector/front-end/SettingsScreen.js:
54         (WebInspector.UserAgentSettingsTab.prototype._createUserAgentSelectRowElement.get const):
55
56 2012-08-16  Marcelo Lira  <marcelo.lira@openbossa.org>
57
58         [Qt] Input method hints are not being set.
59         https://bugs.webkit.org/show_bug.cgi?id=92386
60
61         Reviewed by Kenneth Rohde Christiansen.
62
63         Input method hints for an editable element must be obtained from a proper
64         HTML element. If the editable element is a complex one, it will have elements
65         in the Shadow DOM, and it's one of those that will be returned as the root
66         editable element. This works for editable DIVs, but not for INPUT elements.
67         Using Element::shadowHost() on the root editable element will provide the
68         needed HTML element, and for further clarity a method that does this was added
69         to FrameSelection.
70
71         * editing/FrameSelection.cpp:
72         (WebCore::FrameSelection::rootEditableElementRespectingShadowTree): Similar to
73         WebCore::FrameSelection::rootEditableElement, but returns the first ancestor of
74         the editable element outside the shadow tree.
75         (WebCore):
76         * editing/FrameSelection.h:
77         (FrameSelection):
78
79 2012-08-16  Zeno Albisser  <zeno@webkit.org>
80
81         Make GraphicsSurface double buffered by default.
82         https://bugs.webkit.org/show_bug.cgi?id=93252
83
84         Create only a single GraphicsSurface per canvas
85         on both supported platforms Mac/Linux.
86         The GraphicsSurface on Mac internally uses two IOSurface
87         to provide a front and a back buffer.
88         The GLX implementation of GraphicsSurface uses
89         an XWindow which already provides a front and a back buffer.
90
91         Reviewed by Noam Rosenthal.
92
93         * platform/graphics/qt/GraphicsContext3DQt.cpp:
94         (GraphicsContext3DPrivate):
95             Remove creation of second GraphicsSurface.
96         (WebCore::GraphicsContext3DPrivate::GraphicsContext3DPrivate):
97         (WebCore::GraphicsContext3DPrivate::copyToGraphicsSurface):
98         (WebCore):
99         (WebCore::GraphicsContext3DPrivate::graphicsSurfaceToken):
100         (WebCore::GraphicsContext3DPrivate::createGraphicsSurfaces):
101         * platform/graphics/surfaces/GraphicsSurface.cpp:
102         (WebCore::GraphicsSurface::create):
103             Adjust token type to uint64_t.
104         (WebCore::GraphicsSurface::exportToken):
105             Adjust return type to uint64_t.
106         (WebCore::GraphicsSurface::frontBuffer):
107         (WebCore):
108         (WebCore::GraphicsSurface::swapBuffers):
109             Add forwarding function to swap buffers inside GraphicsSurface.
110         * platform/graphics/surfaces/GraphicsSurface.h:
111         (GraphicsSurface):
112             Add SupportsSingleBuffered flag to allow for single buffered implementations.
113             Currently single buffered surfaces are either not implemented or disabled.
114         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
115             Move implementation details into GraphicsSurfacePrivate.
116             This way the platform specific code can be hidden in the specific cpp file
117             instead of polluting the global GraphicsSurface header.
118         (WebCore::createTexture):
119         (GraphicsSurfacePrivate):
120         (WebCore::GraphicsSurfacePrivate::GraphicsSurfacePrivate):
121         (WebCore::GraphicsSurfacePrivate::~GraphicsSurfacePrivate):
122         (WebCore::GraphicsSurfacePrivate::swapBuffers):
123         (WebCore::GraphicsSurfacePrivate::token):
124         (WebCore::GraphicsSurfacePrivate::frontBufferTextureID):
125         (WebCore::GraphicsSurfacePrivate::backBufferTextureID):
126         (WebCore::GraphicsSurfacePrivate::frontBuffer):
127         (WebCore::GraphicsSurfacePrivate::backBuffer):
128         (WebCore):
129         (WebCore::GraphicsSurface::platformExport):
130         (WebCore::GraphicsSurface::platformGetTextureID):
131         (WebCore::GraphicsSurface::platformCopyToGLTexture):
132         (WebCore::GraphicsSurface::platformCopyFromFramebuffer):
133         (WebCore::GraphicsSurface::platformFrontBuffer):
134         (WebCore::GraphicsSurface::platformSwapBuffers):
135         (WebCore::GraphicsSurface::platformCreate):
136         (WebCore::GraphicsSurface::platformImport):
137         (WebCore::ioSurfaceLockOptions):
138         (WebCore::GraphicsSurface::platformLock):
139         (WebCore::GraphicsSurface::platformUnlock):
140         (WebCore::GraphicsSurface::platformDestroy):
141         * platform/graphics/surfaces/qt/GraphicsSurfaceGLX.cpp:
142         (WebCore::OffScreenRootWindow::get):
143         (WebCore::GraphicsSurfacePrivate::swapBuffers):
144             Make sure that framebuffer bindings remain consistent
145             after swapping buffers on the XWindow.
146         (WebCore::GraphicsSurface::platformExport):
147             Make sure the GLXPixmap is only bound to the texture once.
148         (WebCore::GraphicsSurface::platformGetTextureID):
149         (WebCore::GraphicsSurface::platformCopyFromFramebuffer):
150         (WebCore):
151         (WebCore::GraphicsSurface::platformFrontBuffer):
152             The GLX surface does not know how to destinguish between
153             the front and the back buffer by an id. This is not necessary
154             for GraphicsSurfaceGLX, because the texture can just be
155             read from the XWindow at any time.
156         (WebCore::GraphicsSurface::platformSwapBuffers):
157         (WebCore::GraphicsSurface::platformCreate):
158         (WebCore::GraphicsSurface::platformImport):
159         * platform/graphics/texmap/TextureMapperBackingStore.cpp:
160             Remove code that was used for switching between two GraphicsSurfaces,
161             as this is now handled directly inside GraphicsSurface.
162         (WebCore::TextureMapperSurfaceBackingStore::setGraphicsSurface):
163         (WebCore::TextureMapperSurfaceBackingStore::paintToTextureMapper):
164         (WebCore::TextureMapperSurfaceBackingStore::setSurface):
165         (WebCore):
166         * platform/graphics/texmap/TextureMapperBackingStore.h:
167             Remove GraphicsSurfaceData struct. This class is not needed anymore
168             as we do not keep track of more than one GraphicsSurface at the time.
169         (WebCore):
170         (TextureMapperSurfaceBackingStore):
171         (WebCore::TextureMapperSurfaceBackingStore::graphicsSurface):
172         (WebCore::TextureMapperSurfaceBackingStore::TextureMapperSurfaceBackingStore):
173         * platform/graphics/texmap/TextureMapperPlatformLayer.h:
174         (WebCore::TextureMapperPlatformLayer::graphicsSurfaceToken):
175
176 2012-08-16  Mike West  <mkwst@chromium.org>
177
178         Implement the form-action Content Security Policy directive.
179         https://bugs.webkit.org/show_bug.cgi?id=93777
180
181         Reviewed by Jochen Eisinger.
182
183         The CSP 1.1 editor's draft defines the 'form-action' directive as a
184         mechanism for whitelisting valid targets for form submission from a
185         protected resource. A web author might desire to restrict form
186         submissions to the same origin as the protected resource itself via
187         a Content Security Policy of "form-action 'self'", or ensure that all
188         submissions were sent over an SSL connection via "form-action https:".
189
190         Specification details available at: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#form-action--experimental
191
192         This experimental directive is gated on the ENABLE_CSP_NEXT flag, which
193         is currently only enabled in Chromium.
194
195         Tests: http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed.html
196                http/tests/security/contentSecurityPolicy/1.1/form-action-src-blocked.html
197                http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored.html
198                http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed.html
199                http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked.html
200                http/tests/security/contentSecurityPolicy/1.1/form-action-src-javascript-blocked.html
201                http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked.html
202
203         * loader/FrameLoader.cpp:
204         (WebCore::FrameLoader::checkIfFormActionAllowedByCSP):
205             Adding a callback to FrameLoader in order to allow the
206             MainResourceLoader to check the relevant CSP status without knowing
207             anything about CSP.
208         (WebCore):
209         * loader/FrameLoader.h:
210         (FrameLoader):
211         * loader/MainResourceLoader.cpp:
212         (WebCore::MainResourceLoader::willSendRequest):
213             Check against the protected resource's Content Security Policy when
214             presented with a request that is itself a form submission, or is the
215             result of a redirect in response to a form submission. If CSP would
216             block the target, cancel the request.
217         * page/ContentSecurityPolicy.cpp:
218         (CSPDirectiveList):
219         (WebCore::CSPDirectiveList::checkSourceAndReportViolation):
220             Added explanatory text to the source violation console warning that
221             specifically calls out sending form data (as opposed to "connect to"
222             or "load the").
223         (WebCore::CSPDirectiveList::allowFormAction):
224             Check a URL against a directive list's the 'form-action' source list.
225         (WebCore):
226         (WebCore::CSPDirectiveList::addDirective):
227             Recognize the 'form-action' CSP directive.
228         (WebCore::ContentSecurityPolicy::allowFormAction):
229             Public interface to check a form action.
230         * page/ContentSecurityPolicy.h:
231
232 2012-08-16  Arvid Nilsson  <anilsson@rim.com>
233
234         [BlackBerry] WebGL and Canvas fail to display after being restored from page cache
235         https://bugs.webkit.org/show_bug.cgi?id=94105
236
237         Reviewed by George Staikos.
238
239         The EGLImage was being destroyed when releasing layer resources on the
240         compositing thread, but the WebKit thread layer never found out and
241         failed to create a new image.
242
243         Fixed by extending the release layer resources mechanism to also make a
244         pass on the WebKit thread so that thread's layers have a chance to
245         delete their textures and related resources.
246
247         WebGL and canvas layers now take this opportunity to release their
248         textures so the EGLImage gets recreated when compositing commits
249         resume.
250
251         The only detail that deserves extra explanation is the ownership of the
252         EGLImage.
253
254         Since the EGLImage is created in updateTextureContentsIfNeeded() and
255         that one is always followed by commitPendingTextureUploads() which
256         transfers the EGLImage to the compositing thread layer's custody, the
257         EGLImage currently referenced by EGLImageLayerWebKitThread::m_image
258         should never be deleted by the WebKit thread layer.
259
260         Thus all we have to do in deleteFrontBuffer() is to set the m_image
261         member to 0 so the image gets recreated on the next commit. It will be
262         deleted by the part of releaseLayerResources() that executes on the
263         compositing thread (which, if you recall, was the original source of
264         this bug).
265
266         Reviewed internally by Filip Spacek.
267
268         PR 192899
269
270         Not currently testable by the BlackBerry testing infrastructure.
271
272         * platform/graphics/blackberry/CanvasLayerWebKitThread.cpp:
273         (WebCore::CanvasLayerWebKitThread::deleteTextures):
274         (WebCore):
275         * platform/graphics/blackberry/CanvasLayerWebKitThread.h:
276         (CanvasLayerWebKitThread):
277         * platform/graphics/blackberry/EGLImageLayerWebKitThread.cpp:
278         (WebCore::EGLImageLayerWebKitThread::~EGLImageLayerWebKitThread):
279         (WebCore::EGLImageLayerWebKitThread::deleteFrontBuffer):
280         * platform/graphics/blackberry/EGLImageLayerWebKitThread.h:
281         (EGLImageLayerWebKitThread):
282         * platform/graphics/blackberry/LayerWebKitThread.cpp:
283         (WebCore::LayerWebKitThread::releaseLayerResources):
284         (WebCore):
285         * platform/graphics/blackberry/LayerWebKitThread.h:
286         (LayerWebKitThread):
287         (WebCore::LayerWebKitThread::deleteTextures):
288         * platform/graphics/blackberry/WebGLLayerWebKitThread.cpp:
289         (WebCore::WebGLLayerWebKitThread::~WebGLLayerWebKitThread):
290         (WebCore::WebGLLayerWebKitThread::deleteTextures):
291         (WebCore):
292         * platform/graphics/blackberry/WebGLLayerWebKitThread.h:
293         (WebGLLayerWebKitThread):
294
295 2012-08-16  Andrey Kosyakov  <caseq@chromium.org>
296
297         Web Inspector: enable instrumentation of platform code
298         https://bugs.webkit.org/show_bug.cgi?id=94125
299
300         Reviewed by Pavel Feldman.
301
302         - add PlatformInstrumentation class that exposes instrumentation methods that may be used by code under WebCore/platform;
303         - move TRACE_EVENT_XXX() macros into PlatformInstrumentation.h to minimize instrumentation hassle in the client code;
304         - implement PlatformInstrumentationClient by InspectorTimelineAgent;
305         - only install PlatformInstrumentationClient when we have outer events for which we expect low-level details
306
307         * CMakeLists.txt:
308         * GNUmakefile.list.am:
309         * Target.pri:
310         * WebCore.gypi:
311         * WebCore.vcproj/WebCore.vcproj:
312         * inspector/InspectorTimelineAgent.cpp:
313         (WebCore::InspectorTimelineAgent::willDecodeImage): to be implemented by subsequent change;
314         (WebCore::InspectorTimelineAgent::didDecodeImage): to be implemented by subsequent change;
315         (WebCore::InspectorTimelineAgent::willResizeImage): to be implemented by subsequent change;
316         (WebCore::InspectorTimelineAgent::didResizeImage): to be implemented by subsequent change;
317         (WebCore::InspectorTimelineAgent::didCompleteCurrentRecord):
318         (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
319         (WebCore::InspectorTimelineAgent::pushCurrentRecord):
320         (WebCore::InspectorTimelineAgent::clearRecordStack):
321         * inspector/InspectorTimelineAgent.h:
322         (InspectorTimelineAgent):
323         * platform/PlatformInstrumentation.cpp: Added.
324         (WebCore):
325         (WebCore::PlatformInstrumentation::setClient):
326         * platform/PlatformInstrumentation.h: Added.
327         (WebCore):
328         (PlatformInstrumentationClient):
329         (PlatformInstrumentation):
330         (WebCore::PlatformInstrumentation::hasClient):
331         (WebCore::PlatformInstrumentation::willDecodeImage):
332         (WebCore::PlatformInstrumentation::didDecodeImage):
333         (WebCore::PlatformInstrumentation::willResizeImage):
334         (WebCore::PlatformInstrumentation::didResizeImage):
335         * platform/graphics/skia/NativeImageSkia.cpp:
336         (WebCore::NativeImageSkia::resizedBitmap): added calls to PlatformInstrumentation, removed TRACE_EVENT();
337         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
338         (WebCore::BMPImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
339         (WebCore::BMPImageDecoder::decode): removed TRACE_EVENT()
340         * platform/image-decoders/gif/GIFImageDecoder.cpp:
341         (WebCore::GIFImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
342         (WebCore::GIFImageDecoder::decode): removed TRACE_EVENT()
343         * platform/image-decoders/ico/ICOImageDecoder.cpp:
344         (WebCore::ICOImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
345         (WebCore::ICOImageDecoder::decode): removed TRACE_EVENT()
346         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
347         (WebCore::JPEGImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
348         (WebCore::JPEGImageDecoder::decode): removed TRACE_EVENT()
349         * platform/image-decoders/png/PNGImageDecoder.cpp:
350         (WebCore::PNGImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
351         * platform/image-decoders/webp/WEBPImageDecoder.cpp:
352         (WebCore::WEBPImageDecoder::frameBufferAtIndex): added calls to PlatformInstrumentation;
353         (WebCore::WEBPImageDecoder::decode): removed TRACE_EVENT();
354         * inspector/InspectorInstrumentation.cpp: removed orphan event support;
355         (WebCore):
356         * inspector/InspectorInstrumentation.h: ditto.
357
358 2012-08-16  Vsevolod Vlasov  <vsevik@chromium.org>
359
360         Web Inspector: Breakpoints are not correctly restored on reload.
361         https://bugs.webkit.org/show_bug.cgi?id=94209
362
363         Reviewed by Pavel Feldman.
364
365         BreakpointManager now resets uiLocations on workspace reset (was doing it on GlobalObjectCleared).
366         Breakpoint manager now calls restoreBreakpoints automatically when uiSourceCode is added to workspace.
367
368         * inspector/front-end/BreakpointManager.js:
369         (WebInspector.BreakpointManager):
370         (WebInspector.BreakpointManager.prototype._uiSourceCodeAdded):
371         (WebInspector.BreakpointManager.prototype._workspaceReset):
372         * inspector/front-end/UISourceCode.js:
373         (WebInspector.UISourceCode):
374         * inspector/front-end/inspector.js:
375
376 2012-08-16  Pierre Rossi  <pierre.rossi@gmail.com>
377
378         [Qt] Remove FontQt4, HAVE_QRAWFONT flag and the related dead code
379         https://bugs.webkit.org/show_bug.cgi?id=93960
380
381         Reviewed by Simon Hausmann.
382
383         Following the removal of Qt 4 support from trunk in r124879.
384
385         No new tests. Simple cleanup job.
386
387         * Target.pri:
388         * platform/graphics/Font.cpp:
389         (WebCore::Font::codePath):
390         * platform/graphics/Font.h:
391         (Font):
392         * platform/graphics/GraphicsContext.cpp:
393         (WebCore):
394         * platform/graphics/SimpleFontData.cpp:
395         (WebCore::SimpleFontData::platformGlyphInit):
396         (WebCore::SimpleFontData::glyphForCharacter):
397         * platform/graphics/SimpleFontData.h:
398         (SimpleFontData):
399         (WebCore::SimpleFontData::widthForGlyph):
400         * platform/graphics/qt/FontCacheQt.cpp:
401         (WebCore::rawFontForCharacters):
402         (WebCore::FontCache::getFontDataForCharacters):
403         * platform/graphics/qt/FontCustomPlatformData.h:
404         (FontCustomPlatformData):
405         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
406         (WebCore::FontCustomPlatformData::fontPlatformData):
407         (WebCore::createFontCustomPlatformData):
408         * platform/graphics/qt/FontPlatformData.h:
409         (WebCore::FontPlatformDataPrivate::FontPlatformDataPrivate):
410         (FontPlatformDataPrivate):
411         (FontPlatformData):
412         (WebCore::FontPlatformData::FontPlatformData):
413         * platform/graphics/qt/FontPlatformDataQt.cpp:
414         (WebCore::FontPlatformData::FontPlatformData):
415         (WebCore::FontPlatformData::operator==):
416         (WebCore::FontPlatformData::hash):
417         * platform/graphics/qt/FontQt4.cpp: Removed.
418         * platform/graphics/qt/GlyphPageTreeNodeQt.cpp:
419         (WebCore::GlyphPage::fill):
420         * platform/graphics/qt/SimpleFontDataQt.cpp:
421         (WebCore::SimpleFontData::determinePitch):
422         (WebCore::SimpleFontData::platformBoundsForGlyph):
423         (WebCore::SimpleFontData::platformInit):
424         (WebCore::SimpleFontData::platformCharWidthInit):
425         * rendering/svg/SVGTextMetricsBuilder.cpp:
426         (WebCore::SVGTextMetricsBuilder::advance):
427         (WebCore::SVGTextMetricsBuilder::advanceSimpleText):
428         (WebCore::SVGTextMetricsBuilder::initializeMeasurementWithTextRenderer):
429
430 2012-08-16  Yury Semikhatsky  <yurys@chromium.org>
431
432         Web Inspector: memory instrumentation for Resource{Request/Response}Base
433         https://bugs.webkit.org/show_bug.cgi?id=94109
434
435         Reviewed by Vsevolod Vlasov.
436
437         Added reportMemoryUsage methods to ResourceRequestBase, ResourceResponseBase
438         and several related classes.
439
440         * dom/MemoryInstrumentation.cpp:
441         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl): added overrides
442         for String, StringImpl and AtomicString object types so that we can reuse
443         existing addInstrumentedCollection method instead of adding a counterpart
444         that would operate on not instrumented content. Next step would be to get
445         rid od addObject overrides for these types so that all kinds of Strings are
446         considered as instrumented classes despite they don't have reportMemoryUsage
447         method.
448         (WebCore):
449         * dom/MemoryInstrumentation.h:
450         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
451         (MemoryInstrumentation):
452         * loader/DocumentLoader.cpp:
453         (WebCore::DocumentLoader::reportMemoryUsage):
454         * platform/network/FormData.cpp:
455         (WebCore::FormData::reportMemoryUsage):
456         (WebCore):
457         * platform/network/FormData.h:
458         (WebCore):
459         (FormData):
460         * platform/network/ResourceRequestBase.cpp:
461         (WebCore::ResourceRequestBase::reportMemoryUsage):
462         (WebCore):
463         * platform/network/ResourceRequestBase.h:
464         (ResourceRequestBase):
465         * platform/network/ResourceResponseBase.cpp:
466         (WebCore):
467         (WebCore::ResourceResponseBase::reportMemoryUsage):
468         * platform/network/ResourceResponseBase.h:
469         (WebCore):
470         (ResourceResponseBase):
471
472 2012-08-16  Adam Barth  <abarth@webkit.org>
473
474         Delete DOMWindow::securityOrigin()
475         https://bugs.webkit.org/show_bug.cgi?id=93991
476
477         Reviewed by Eric Seidel.
478
479         DOMWindow::securityOrigin() just calls through to
480         document()->securityOrigin(). This patch updates all the callers to do
481         that work themselves, making it clearer what's going on at each call
482         site.
483
484         * bindings/generic/BindingSecurity.cpp:
485         (WebCore::canAccessDocument):
486         * bindings/js/JSDOMWindowBase.cpp:
487         (WebCore::JSDOMWindowBase::allowsAccessFrom):
488         * bindings/js/JSDOMWindowCustom.h:
489         (WebCore::JSDOMWindowBase::allowsAccessFromPrivate):
490         * bindings/js/ScriptController.cpp:
491         (WebCore::ScriptController::collectIsolatedContexts):
492         * page/DOMWindow.cpp:
493         (WebCore::DOMWindow::isInsecureScriptAccess):
494         (WebCore::DOMWindow::createWindow):
495         * page/DOMWindow.h:
496         (DOMWindow):
497         * page/Location.cpp:
498         (WebCore::Location::reload):
499
500 2012-08-16  Sheriff Bot  <webkit.review.bot@gmail.com>
501
502         Unreviewed, rolling out r125751.
503         http://trac.webkit.org/changeset/125751
504         https://bugs.webkit.org/show_bug.cgi?id=94206
505
506         we shouldn't be rolling out this patch without a formal
507         review. (Requested by rniwa_ on #webkit).
508
509         * dom/CharacterData.cpp:
510         (WebCore::CharacterData::setDataAndUpdate):
511         * editing/FrameSelection.cpp:
512         (WebCore::updatePositionAfterAdoptingTextReplacement):
513         (WebCore::FrameSelection::textWasReplaced):
514         * editing/FrameSelection.h:
515         (FrameSelection):
516
517 2012-08-16  Marja Hölttä  <marja@chromium.org>
518
519         FormController, FileInputType: Enable reading selected file names from document state
520         https://bugs.webkit.org/show_bug.cgi?id=91231
521
522         Reviewed by Jochen Eisinger.
523
524         This change enables Chromium to set up file permissions properly when
525         the session restore feature restores a page with selected files.
526
527         Test: fast/forms/file/selected-files-from-history-state.html
528
529         * WebCore.exp.in: Exported FormController::getReferencedFilePaths.
530         * html/FileInputType.cpp:
531         (WebCore::FileInputType::filesFromFormControlState): Added. Extracts FileChooserFileInfos from a FormControlState.
532         (WebCore):
533         (WebCore::FileInputType::restoreFormControlState): Refactored to use filesFromFormControlState.
534         * html/FileInputType.h:
535         (FileInputType): Added filesFromFormControlState.
536         * html/FormController.cpp:
537         (SavedFormState): Added getReferencedFilePaths.
538         (WebCore::SavedFormState::getReferencedFilePaths): Added. Extracts selected file paths from SavedFormState.
539         (WebCore):
540         (WebCore::FormController::setStateForNewFormElements): Refactored to use formStatesFromStateVector.
541         (WebCore::FormController::formStatesFromStateVector):
542         (WebCore::FormController::getReferencedFilePaths): Added. Static. Extracts selected file paths from a document state.
543         * html/FormController.h:
544         (FormController): Added getReferencedFilePaths and formStatesFromStateVector.
545         * html/HTMLInputElement.cpp:
546         (WebCore::HTMLInputElement::filesFromFileInputFormControlState): Added. Delegates to FileInputType::filesFromFormControlState.
547         (WebCore):
548         * html/HTMLInputElement.h: Added filesFromFileInputFormControlState.
549         (HTMLInputElement):
550         * testing/Internals.cpp:
551         (WebCore::Internals::getReferencedFilePaths): Calls FormController::getReferencedFilePaths.
552         (WebCore):
553         * testing/Internals.h:
554         (Internals): Added getReferencedFilePaths.
555         * testing/Internals.idl: Added binding for getReferencedFilePaths.
556
557 2012-08-15  Shawn Singh  <shawnsingh@chromium.org>
558
559         [chromium] set scissorRect per quad so that quads are correctly clipped
560         https://bugs.webkit.org/show_bug.cgi?id=94050
561
562         Reviewed by Adrienne Walker.
563
564         Certain quad types rely on scissoring to do correct
565         clipping. Refactoring the quad types to remove this assumption
566         will be done in a later patch, but for now, we have to apply the
567         scissor rect to every quad to ensure that those quads are
568         correctly clipped.
569
570         Test: compositing/overflow/overflow-hidden-canvas-layer.html
571
572         Also updated two unit tests to reflect the change in semantics.
573
574         * platform/graphics/chromium/LayerRendererChromium.cpp:
575         (WebCore::LayerRendererChromium::drawRenderPass):
576         (WebCore::LayerRendererChromium::drawQuad):
577
578 2012-08-16  Yoshifumi Inoue  <yosin@chromium.org>
579
580         [Forms] Wheel event support in multiple fields time input UI
581         https://bugs.webkit.org/show_bug.cgi?id=94166
582
583         Reviewed by Kent Tamura.
584
585         This patch makes multiple fields time input UI to handle wheel event
586         on spin button.
587
588         This patch affects if ENABLE_INPUT_TYPE_TIME and ENABLE_INPUT_TYPE_MULTIPLE_FIELDS
589         are enabled.
590
591         Test: fast/forms/time-multiple-fields/time-multiple-fields-wheel-event.html
592
593         * html/shadow/DateTimeEditElement.cpp:
594         (WebCore::DateTimeEditElement::defaultEventHandler): Changed to forward
595         event to spin button if available.
596
597 2012-08-16  Zhigang Gong  <zhigang.gong@linux.intel.com>
598
599         TextureMapperGL::beginPainting has a duplicate call to get GL_FRAMEBUFFER_BINDING.
600         https://bugs.webkit.org/show_bug.cgi?id=94180
601
602         Reviewed by Noam Rosenthal.
603
604         * platform/graphics/texmap/TextureMapperGL.cpp:
605         (WebCore::TextureMapperGL::beginPainting):
606
607 2012-08-16  Sheriff Bot  <webkit.review.bot@gmail.com>
608
609         Unreviewed, rolling out r119705.
610         http://trac.webkit.org/changeset/119705
611         https://bugs.webkit.org/show_bug.cgi?id=94192
612
613         Causing crash on ClusterFuzz due to incorrect layout ordering
614         change (Requested by inferno-sec on #webkit).
615
616         * dom/CharacterData.cpp:
617         (WebCore::CharacterData::setDataAndUpdate):
618         * editing/FrameSelection.cpp:
619         (WebCore::updatePositionAfterAdoptingTextReplacement):
620         (WebCore::FrameSelection::textWillBeReplaced):
621         * editing/FrameSelection.h:
622         (FrameSelection):
623
624 2012-08-15  Kent Tamura  <tkent@chromium.org>
625
626         [Chromium] Refactoring: Introduce a new function for some part of PopupContainer::layoutAndCalculateWidgetRect()
627         https://bugs.webkit.org/show_bug.cgi?id=94087
628
629         Reviewed by Hajime Morita.
630
631         Move some part of PopupContainer::layoutAndCalculateWidgetRect() to a
632         new function which is not a member of PopupContainer because we'd like
633         to add a unit test for the position calculation code, and to reduce the
634         dependency.
635
636         No new tests. Popup positioning code is not testable in WebKit.
637
638         * platform/chromium/PopupContainer.cpp:
639         (WebCore::layoutAndCalculateWidgetRectInternal):
640         Added. Move the code from PopupContainer::layoutAndCalculateWidgetRect.
641         In order to avoid to call member functions of PopupContainer, we
642         don't call layoutAndGetRTLOffset() and height(). Use
643         PopupListBox::layout() to recalculate the popup content size, and use
644         PopupListBox::height() + kBorderSize * 2 instead of height(). We
645         resize the view after finishing layoutAndCalculateWidgetRectInternal
646         in PopupContainer::layoutAndCalculateWidgetRect.
647         (WebCore::PopupContainer::layoutAndCalculateWidgetRect):
648         Move some code to layoutAndCalculateWidgetRectInternal.
649         (WebCore::PopupContainer::fitToListBox):
650         Added. Move the code from PopupContainer::layoutAndGetRTLOffset.
651         (WebCore::PopupContainer::layoutAndGetRTLOffset):
652         Move some code to fitToListBox.
653         * platform/chromium/PopupContainer.h:
654         (PopupContainer): Added fitToListBox.
655
656 2012-08-15  Adam Barth  <abarth@webkit.org>
657
658         VoidCallback should not be a special snowflake
659         https://bugs.webkit.org/show_bug.cgi?id=94119
660
661         Reviewed by Eric Seidel.
662
663         VoidCallback is the oldest of the callbacks and it predates our ability
664         to autogenerate callback objects. The existing implementation of
665         VoidCallback is wrong because it doesn't call
666         ActiveDOMCallback::canInvokeCallback. The net result of that is that
667         void callbacks can race with navigations and occationally execute after
668         the Frame has navigated to a new Document, which was causing the
669         flakiness.
670
671         This patch changes VoidCallback to no longer be a unique snowflake.
672         Instead, we autogenerate the implementation, just like every other
673         callback in WebCore.
674
675         Tests: storage/websql/database-lock-after-reload.html is no longer flaky.
676
677         * DerivedSources.make:
678         * GNUmakefile.list.am:
679         * Modules/filesystem/SyncCallbackHelper.h:
680         (WebCore::SyncCallbackHelper::SuccessCallbackImpl::handleEvent):
681         * Target.pri:
682         * UseJSC.cmake:
683         * UseV8.cmake:
684         * WebCore.gyp/WebCore.gyp:
685         * WebCore.gypi:
686         * WebCore.vcproj/WebCore.vcproj:
687         * WebCore.xcodeproj/project.pbxproj:
688         * bindings/cpp/WebDOMCustomVoidCallback.cpp: Removed.
689         * bindings/cpp/WebDOMCustomVoidCallback.h: Removed.
690         * bindings/js/JSBindingsAllInOne.cpp:
691         * bindings/js/JSCustomVoidCallback.cpp: Removed.
692         * bindings/js/JSCustomVoidCallback.h: Removed.
693         * bindings/js/JSDesktopNotificationsCustom.cpp:
694         (WebCore::JSNotificationCenter::requestPermission):
695         * bindings/scripts/CodeGeneratorCPP.pm:
696         (GetClassName):
697         (AddIncludesForType):
698         * bindings/scripts/CodeGeneratorJS.pm:
699         (GetCallbackClassName):
700         (GenerateCallbackImplementation):
701         (JSValueToNative):
702         * bindings/scripts/CodeGeneratorV8.pm:
703         (GenerateCallbackImplementation):
704         (TypeCanFailConversion):
705         (GetCallbackClassName):
706         * bindings/scripts/test/JS/JSTestCallback.cpp:
707         (WebCore::JSTestCallback::callbackWithNoParam):
708         * bindings/scripts/test/V8/V8TestCallback.cpp:
709         * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
710         * bindings/v8/custom/V8CustomVoidCallback.cpp: Removed.
711         * bindings/v8/custom/V8CustomVoidCallback.h: Removed.
712         * bindings/v8/custom/V8MutationCallbackCustom.cpp:
713         * bindings/v8/custom/V8NotificationCenterCustom.cpp:
714         (WebCore::V8NotificationCenter::requestPermissionCallback):
715         * html/VoidCallback.h:
716         (VoidCallback):
717         * html/VoidCallback.idl:
718         * inspector/InspectorDatabaseAgent.cpp:
719         (WebCore):
720
721 2012-08-15  Hayato Ito  <hayato@chromium.org>
722
723         [Shadow] Stop 'load' and 'error' events at shadow boundaries
724         https://bugs.webkit.org/show_bug.cgi?id=93425
725
726         Reviewed by Dimitri Glazkov.
727
728         The shadow DOM spec has added these events as 'always-be-stopped' events at shadow boundaries.
729         http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html#events-that-are-always-stopped
730
731         Test: fast/dom/shadow/events-stopped-at-shadow-boundary.html
732
733         * dom/EventDispatcher.cpp:
734         (WebCore::EventDispatcher::determineDispatchBehavior):
735
736 2012-08-15  Kent Tamura  <tkent@chromium.org>
737
738         Calendar Picker: Localize numbers in a calendar picker
739         https://bugs.webkit.org/show_bug.cgi?id=93704
740
741         Reviewed by Hajime Morita.
742
743         Because Number.toLocaleString() of V8 returns no localized
744         numbers, we provide a localization function via
745         PagePopupController.
746
747         No new tests. We have no ways to change the locale in layout tests.
748
749         * Resources/pagepopups/calendarPicker.js:
750         (localizeNumber): Added. A wrapper for pagePopupController.localizeNumberString().
751         (formatJapaneseImperialEra): Use localizeNumber().
752         (formatYearMonth): ditto.
753         (DaysTable.prototype._renderMonth): ditto.
754         * page/PagePopupController.cpp:
755         (WebCore::PagePopupController::localizeNumberString):
756         Added. Just calls WebCore::convertToLocalizedNumber().
757         * page/PagePopupController.h:
758         (PagePopupController): Declare localizeNumberString().
759         * page/PagePopupController.idl: Add localizeNumberString().
760
761 2012-08-15  MORITA Hajime  <morrita@google.com>
762
763         Regression(121518) TextFieldDecorationElement formatting is broken.
764         https://bugs.webkit.org/show_bug.cgi?id=90913
765
766         Reviewed by Dimitri Glazkov.
767
768         NodeRenderingContext::nextRenderer() has a problem which cannot retrieve the renderer
769         across an insertion point in some case. That is because ad-hoc composed tree traversal on
770         NodeRenderingContext is broken. The problem is hidden before r121518 though.
771
772         This change rewrite nextRenderer() using ComposedShadowTreeWalker to eliminate the ad-hoc
773         traversal. previousRenderer() is also rewritten in the same way.
774
775         Test: fast/dom/shadow/shadow-div-reflow.html
776
777         * dom/NodeRenderingContext.cpp:
778         (WebCore):
779         (WebCore::NodeRenderingContext::nextRenderer):
780         (WebCore::NodeRenderingContext::previousRenderer):
781
782 2012-08-15  Julien Chaffraix  <jchaffraix@webkit.org>
783
784         Add a was-inserted-into-tree notification to RenderObject
785         https://bugs.webkit.org/show_bug.cgi?id=93874
786
787         Reviewed by Eric Seidel.
788
789         This change adds insertedIntoTree to RenderObject so that renderers
790         can now do their post-insertion task inside this function.
791
792         Our current architecture has 2 ways of doing post-insertion tasks:
793         - overriding RenderObject::addChild
794         - RenderObjectChildList::insertChildNode / appendChildNode
795
796         Because the former is not guaranteed to be called for each insertion
797         (on top of being called on the parent and not the inserted child), the
798         2 latter functions are the one that have been mostly used recently. This
799         led to code duplication between the functions but also doesn't scale as
800         other renderers need to hop on this notification and currently don't (for
801         example, table parts). The other renderer's migration will be done in
802         follow-up patches.
803
804         Refactoring covered by existing tests.
805
806         * rendering/RenderObjectChildList.cpp:
807         (WebCore::RenderObjectChildList::removeChildNode):
808         * rendering/RenderObject.cpp:
809         (WebCore::RenderObject::enclosingRenderNamedFlowThread):
810         Moved the code from renderNamedFlowThreadContainer to RenderObject::enclosingRenderNamedFlowThread.
811         This is needed as now 2 classes need to access the function.
812
813         * rendering/RenderObjectChildList.cpp:
814         (WebCore::RenderObjectChildList::appendChildNode):
815         (WebCore::RenderObjectChildList::insertChildNode):
816         Moved the code duplicated from those 2 functions into
817         the instances of insertedIntoTree below.
818
819         * rendering/RenderObject.cpp:
820         (WebCore::RenderObject::insertedIntoTree):
821         Base function that needs to be called from all the other
822         specialized functions below.
823
824         * rendering/RenderListItem.cpp:
825         (WebCore::RenderListItem::insertedIntoTree):
826         * rendering/RenderListItem.h:
827         * rendering/RenderObject.h:
828         * rendering/RenderObjectChildList.h:
829         * rendering/RenderRegion.cpp:
830         (WebCore::RenderRegion::insertedIntoTree):
831         * rendering/RenderRegion.h:
832         Added the overriden insertedIntoTree function.
833
834         * rendering/RenderQuote.h:
835         Moved the comment from RenderObjectChildList about RenderQuote here.
836
837 2012-08-14  Jeffrey Pfau  <jpfau@apple.com>
838
839         Allow blocking of Web SQL databases in third-party documents
840         https://bugs.webkit.org/show_bug.cgi?id=94057
841
842         Reviewed by Adam Barth.
843
844         Add a check for pages in third-party pages to allow third-party storage blocking of Web SQL databases.
845
846         Tests: http/tests/security/cross-origin-websql-allowed.html
847                http/tests/security/cross-origin-websql.html
848
849         * Modules/webdatabase/DOMWindowWebDatabase.cpp:
850         (WebCore::DOMWindowWebDatabase::openDatabase): Pass top origin to canAccessDatabase
851         * page/SecurityOrigin.cpp:
852         (WebCore::SecurityOrigin::canAccessStorage): Common method for various types of storage that use the same criteria
853         * page/SecurityOrigin.h:
854         (WebCore::SecurityOrigin::canAccessDatabase): Use canAccessStorage
855         (WebCore::SecurityOrigin::canAccessLocalStorage): Change to using canAccessStorage
856         (SecurityOrigin):
857
858 2012-08-15  Nikhil Bhargava  <nbhargava@google.com>
859
860         Improve Document.h compile time - reduce includes of ScriptCallStack.h
861         https://bugs.webkit.org/show_bug.cgi?id=94161
862
863         Reviewed by Eric Seidel.
864
865         ScriptCallStack.h no longer included from ScriptExecutionContext. It's
866         relatively expensive to compile and gets compiled a ton because
867         Document.h indirectly includes it.
868
869         No new tests. Functionality should remain the same
870
871         * Modules/indexeddb/IDBDatabase.cpp:
872         * Modules/indexeddb/IDBIndex.cpp:
873         * Modules/indexeddb/IDBObjectStore.cpp:
874         * bindings/js/ScriptController.cpp:
875         * dom/ScriptElement.cpp:
876         * dom/ScriptExecutionContext.h:
877         (WebCore):
878         * fileapi/Blob.cpp:
879         * fileapi/WebKitBlobBuilder.cpp:
880         * html/HTMLTrackElement.cpp:
881         * loader/TextTrackLoader.cpp:
882         * page/DOMSecurityPolicy.cpp:
883
884 2012-08-15  Alec Flett  <alecflett@chromium.org>
885
886         IndexedDB: IDB*::keyPath should return IDBKeyPath, not IDBAny
887         https://bugs.webkit.org/show_bug.cgi?id=92434
888
889         Reviewed by Tony Chang.
890
891         Clean up IDBKeyPath conversion to IDBAny objects. This gets rid of
892         some implicit conversion from IDBKeyPath to IDBAny.
893
894         No new tests, just changing method signatures.
895
896         * Modules/indexeddb/IDBAny.cpp:
897         (WebCore::IDBAny::set):
898         (WebCore):
899         * Modules/indexeddb/IDBAny.h:
900         (WebCore):
901         (WebCore::IDBAny::create):
902         (IDBAny):
903         * Modules/indexeddb/IDBIndex.h:
904         (WebCore::IDBIndex::keyPathAny):
905         (WebCore::IDBIndex::keyPath):
906         * Modules/indexeddb/IDBIndex.idl:
907         * Modules/indexeddb/IDBKeyPath.cpp:
908         * Modules/indexeddb/IDBKeyPath.h:
909         * Modules/indexeddb/IDBObjectStore.h:
910         (WebCore::IDBObjectStore::keyPathAny):
911         (WebCore::IDBObjectStore::keyPath):
912         * Modules/indexeddb/IDBObjectStore.idl:
913
914 2012-08-15  Ryosuke Niwa  <rniwa@webkit.org>
915
916         EFL build fix attempt after r125711. Touch an IDL file to regenerate derived sources.
917
918         * html/HTMLAllCollection.idl:
919
920 2012-08-15  Alec Flett  <alecflett@chromium.org>
921
922         IndexedDB: generate index keys for existing data in createIndex in front end
923         https://bugs.webkit.org/show_bug.cgi?id=91125
924
925         Reviewed by Tony Chang.
926
927         Make createIndex() do index key generation in the frontend, rather
928         than the backend. When an index is created, the frontend uses the
929         cursor API to iterate through the values in the backend to
930         generate keys, sending them back to the backend using
931         IDBObjectStore::setIndexKeys()
932
933         This confines all key injection/extraction to the frontend.
934
935         The new test verifies the implemented behavior with respect to
936         error handling in degenerate uses of put(), though that behavior
937         is still in discussion as the spec is vague on the proper error
938         behavior.
939
940         Test: storage/indexeddb/lazy-index-population.html
941
942         * Modules/indexeddb/IDBCursorBackendImpl.cpp: Make sure that the
943         TaskType propagates throught the cursor and all subsequent
944         continue() calls.
945         (WebCore::IDBCursorBackendImpl::IDBCursorBackendImpl):
946         (WebCore::IDBCursorBackendImpl::continueFunction):
947         (WebCore::IDBCursorBackendImpl::prefetchContinue):
948         * Modules/indexeddb/IDBCursorBackendImpl.h:
949         (WebCore::IDBCursorBackendImpl::create):
950         (IDBCursorBackendImpl):
951         * Modules/indexeddb/IDBObjectStore.cpp: Add an IndexPopulator
952         class to run a cursor from the frontend.
953         (WebCore):
954         (WebCore::IDBObjectStore::createIndex):
955         (WebCore::IDBObjectStore::openCursor):
956         * Modules/indexeddb/IDBObjectStore.h:
957         (WebCore::IDBObjectStore::openCursor):
958         (IDBObjectStore):
959         (WebCore::IDBObjectStore::createIndex):
960         * Modules/indexeddb/IDBObjectStore.idl: Pass along ScriptContext
961         so that openCursor can be called from createIndex.
962         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
963         (WebCore):
964         (WebCore::makeIndexWriters):
965         (WebCore::IDBObjectStoreBackendImpl::setIndexKeys):
966         (WebCore::IDBObjectStoreBackendImpl::setIndexesReady):
967         (WebCore::IDBObjectStoreBackendImpl::setIndexesReadyInternal):
968         (WebCore::IDBObjectStoreBackendImpl::putInternal):
969         (WebCore::IDBObjectStoreBackendImpl::deleteInternal):
970         (WebCore::IDBObjectStoreBackendImpl::createIndexInternal):
971         (WebCore::IDBObjectStoreBackendImpl::openCursor):
972         (WebCore::IDBObjectStoreBackendImpl::openCursorInternal):
973         * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
974         (IDBObjectStoreBackendImpl):
975         (WebCore::IDBObjectStoreBackendImpl::iterIndexesBegin):
976         (WebCore::IDBObjectStoreBackendImpl::iterIndexesEnd):
977         (WebCore::IDBObjectStoreBackendImpl::backingStore):
978         (WebCore::IDBObjectStoreBackendImpl::databaseId):
979         * Modules/indexeddb/IDBObjectStoreBackendInterface.h:
980         * Modules/indexeddb/IDBRequest.cpp:
981         Allow requests to keep their own TaskType, to give certain
982         requests priority over others.
983         (WebCore::IDBRequest::create):
984         (WebCore):
985         (WebCore::IDBRequest::IDBRequest):
986         (WebCore::IDBRequest::abort):
987         * Modules/indexeddb/IDBRequest.h:
988         (IDBRequest):
989         (WebCore::IDBRequest::taskType):
990         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
991         Introduce a second, higher priority event queue, m_preemptiveTaskQueue,
992         which takes priority over the regular task queue.
993         (WebCore::IDBTransactionBackendImpl::IDBTransactionBackendImpl):
994         (WebCore::IDBTransactionBackendImpl::scheduleTask):
995         (WebCore::IDBTransactionBackendImpl::isTaskQueueEmpty):
996         (WebCore):
997         (WebCore::IDBTransactionBackendImpl::commit):
998         (WebCore::IDBTransactionBackendImpl::taskTimerFired):
999         (WebCore::IDBTransactionBackendImpl::taskEventTimerFired):
1000         * Modules/indexeddb/IDBTransactionBackendImpl.h:
1001         (WebCore::IDBTransactionBackendImpl::scheduleTask):
1002         (IDBTransactionBackendImpl):
1003         (WebCore::IDBTransactionBackendImpl::addEarlyEvent):
1004         (WebCore::IDBTransactionBackendImpl::didCompleteEarlyEvent):
1005         * Modules/indexeddb/IDBVersionChangeRequest.cpp:
1006         (WebCore::IDBVersionChangeRequest::IDBVersionChangeRequest):
1007
1008 2012-08-15  Hayato Ito  <hayato@chromium.org>
1009
1010         A 'load' event should be fired on the shadow host directly, not on an inner image element of shadow dom subtree.
1011         https://bugs.webkit.org/show_bug.cgi?id=93920
1012
1013         Reviewed by Dimitri Glazkov.
1014
1015         A 'load' event is a must-stoppable event at shadow boundary. So we
1016         should fire a 'load' event on a shadow host directly, not on an
1017         inner image element.
1018
1019         Test: fast/dom/shadow/shadowdom-for-image-event.html
1020
1021         * html/HTMLImageLoader.cpp:
1022         (WebCore::HTMLImageLoader::dispatchLoadEvent):
1023         * loader/ImageLoaderClient.h:
1024         (WebCore::ImageLoaderClient::eventTarget):
1025
1026 2012-08-15  Otto Derek Cheung  <otcheung@rim.com>
1027
1028         [BlackBerry] Show custom error page when 407 is received
1029         https://bugs.webkit.org/show_bug.cgi?id=94138
1030
1031          Reviewed by George Staikos.
1032          Internally reviewed by Lianghui Chen
1033
1034          Adding a new custom error page when the browser receieves
1035          a Wifi proxy authentication error. The previous behaviour
1036          is to ask for user credentials everytime, and silently fails
1037          when the username and password fields in the Wifi settings
1038          are not empty. UX suggests modifying the behaviour to simply
1039          asks the user to change their credentials in the Wifi settings
1040          when we receive such an error.
1041
1042          The fix is to prevent notifyAuthReceived from sending another
1043          networkjob when authCallbacks are called, and to listen to any 407
1044          calls in notifyStatusReceived. Once we hit a 407, tell the frame we
1045          failed and should load the custom error page.
1046
1047          Also removed checking functions in sendRequestWithCredentials because
1048          proxy auth requests won't get into that function anymore.
1049
1050          #PR163400
1051
1052          Tested by loading on device and loading/reloading pages under
1053          these scenarios:
1054          - Connected to wifi (no proxy)
1055          - Connected to wifi (proxy with no credentials)
1056          - Connected to wifi (proxy with invalid credentials)
1057          - Connected to wifi (proxy with valid credentials)
1058
1059          * platform/network/blackberry/NetworkJob.cpp:
1060          (WebCore::NetworkJob::handleNotifyStatusReceived):
1061          (WebCore::NetworkJob::notifyAuthReceived):
1062          (WebCore::NetworkJob::sendRequestWithCredentials):
1063
1064 2012-08-15  Dan Carney  <dcarney@google.com>
1065
1066         Refactor away IsolatedWorld
1067         https://bugs.webkit.org/show_bug.cgi?id=93971
1068
1069         Reviewed by Adam Barth.
1070
1071         Remove IsolatedWorld class as it was 1:1 with DOMWrapperWorld.
1072         This paves the way towards a JSC-like use of DOMWrapperWorld.
1073
1074         No tests.  No change in functionality.
1075
1076         * UseV8.cmake:
1077         * WebCore.gypi:
1078         * bindings/v8/DOMWrapperWorld.cpp:
1079         (WebCore):
1080         (WebCore::mainThreadNormalWorld):
1081         * bindings/v8/DOMWrapperWorld.h:
1082         (WebCore):
1083         (DOMWrapperWorld):
1084         (WebCore::DOMWrapperWorld::create):
1085         (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
1086         (WebCore::DOMWrapperWorld::count):
1087         (WebCore::DOMWrapperWorld::worldId):
1088         (WebCore::DOMWrapperWorld::domDataStore):
1089         (WebCore::DOMWrapperWorld::DOMWrapperWorld):
1090         * bindings/v8/IsolatedWorld.cpp: Removed.
1091         * bindings/v8/IsolatedWorld.h: Removed.
1092         * bindings/v8/V8DOMWrapper.h:
1093         (WebCore::V8DOMWrapper::getCachedWrapper):
1094         * bindings/v8/V8IsolatedContext.cpp:
1095         (WebCore::V8IsolatedContext::V8IsolatedContext):
1096         (WebCore::V8IsolatedContext::destroy):
1097         * bindings/v8/V8IsolatedContext.h:
1098         (WebCore::V8IsolatedContext::getEntered):
1099         (WebCore::V8IsolatedContext::world):
1100         (V8IsolatedContext):
1101
1102 2012-08-15  Bruno de Oliveira Abinader  <bruno.abinader@basyskom.com>
1103
1104         [css3-text] Add CSS3 Text decoration compile flag
1105         https://bugs.webkit.org/show_bug.cgi?id=93863
1106
1107         Reviewed by Julien Chaffraix.
1108
1109         This patch handles the compile flag implementation, which will come disabled by
1110         default, thus not exposing the CSS3 text decoration features to the web, unless
1111         when explicitly enabling it with "--css3-text-decoration" build parameter.
1112
1113         Changeset r125205 added "-webkit-text-decoration-line" support without proper
1114         compile flag. I am fixing this on this patch by adding #ifdef's along the added
1115         code and reverting getComputedStyle* layout test changes until further notice.
1116         The text-decoration-line.html layout test is now moved to
1117         fast/css3-text-decoration directory, which is skipped on all platforms until
1118         feature is sound and ready to be exposed to web.
1119
1120         Test: fast/css3-text-decoration/text-decoration-line.html
1121
1122         * Configurations/FeatureDefines.xcconfig:
1123         * GNUmakefile.am:
1124         * css/CSSComputedStyleDeclaration.cpp:
1125         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1126         * css/CSSParser.cpp:
1127         (WebCore::CSSParser::parseValue):
1128         (WebCore::CSSParser::addTextDecorationProperty):
1129         (WebCore::CSSParser::parseTextDecoration):
1130         * css/CSSProperty.cpp:
1131         (WebCore::CSSProperty::isInheritedProperty):
1132         * css/CSSPropertyNames.in:
1133         * css/StyleBuilder.cpp:
1134         (WebCore::StyleBuilder::StyleBuilder):
1135         * css/StyleResolver.cpp:
1136         (WebCore::StyleResolver::collectMatchingRulesForList):
1137         Added #ifdefs to enable/disable CSS3 Text Decoration code implemented by r125205.
1138
1139 2012-08-15  Iain Merrick  <husky@chromium.org>
1140
1141         Refactoring: move EventHandler::targetNode into HitTestResult
1142         https://bugs.webkit.org/show_bug.cgi?id=94107
1143
1144         Reviewed by Dimitri Glazkov.
1145
1146         This static helper method in EventHandler was made public so that
1147         WebFrameImpl can call it. That's untidy because EventHandler isn't
1148         really involved. This patch turns it into an instance method of
1149         HitTestResult (with a wrapper in MouseEventWithHitTestResult for
1150         convenience).
1151     
1152         Pure refactoring, no behavior change, no new test needed.
1153
1154         * page/EventHandler.cpp:
1155         (WebCore::EventHandler::selectClosestWordFromMouseEvent):
1156         (WebCore::EventHandler::selectClosestWordOrLinkFromMouseEvent):
1157         (WebCore::EventHandler::handleMousePressEventTripleClick):
1158         (WebCore::EventHandler::handleMousePressEventSingleClick):
1159         (WebCore::EventHandler::handleMousePressEvent):
1160         (WebCore::EventHandler::handleMouseDraggedEvent):
1161         (WebCore::EventHandler::updateSelectionForMouseDrag):
1162         (WebCore::EventHandler::handleMouseReleaseEvent):
1163         (WebCore::EventHandler::subframeForHitTestResult):
1164         (WebCore::EventHandler::selectCursor):
1165         (WebCore::EventHandler::handleMouseDoubleClickEvent):
1166         (WebCore::EventHandler::handleMouseMoveEvent):
1167         (WebCore::EventHandler::updateDragAndDrop):
1168         (WebCore::EventHandler::handleGestureEvent):
1169         (WebCore::EventHandler::sendContextMenuEvent):
1170         * page/EventHandler.h:
1171         (EventHandler):
1172         * page/MouseEventWithHitTestResults.h:
1173         (WebCore::MouseEventWithHitTestResults::targetNode):
1174         * page/chromium/EventHandlerChromium.cpp:
1175         (WebCore::EventHandler::passMousePressEventToSubframe):
1176         (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
1177         * page/efl/EventHandlerEfl.cpp:
1178         (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
1179         * page/gtk/EventHandlerGtk.cpp:
1180         (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
1181         * page/mac/EventHandlerMac.mm:
1182         (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
1183         (WebCore::EventHandler::passSubframeEventToSubframe):
1184         * page/wx/EventHandlerWx.cpp:
1185         (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
1186         * rendering/HitTestResult.cpp:
1187         (WebCore::HitTestResult::targetNode):
1188         (WebCore):
1189         * rendering/HitTestResult.h:
1190         (HitTestResult):
1191
1192 2012-08-15  David Grogan  <dgrogan@chromium.org>
1193
1194         IndexedDB: Add some ASSERTs
1195         https://bugs.webkit.org/show_bug.cgi?id=94055
1196
1197         Reviewed by Ojan Vafai.
1198
1199         These are just some additional ASSERTS and some ASSERT_WITH_MESSAGE in
1200         place of ASSERT. They are from the patch in
1201         https://bugs.webkit.org/show_bug.cgi?id=92897
1202
1203         No new tests - we should never hit this behavior.
1204
1205         * Modules/indexeddb/IDBDatabase.cpp:
1206         (WebCore::IDBDatabase::setVersion):
1207         (WebCore::IDBDatabase::registerFrontendCallbacks):
1208         * Modules/indexeddb/IDBRequest.cpp:
1209         (WebCore::IDBRequest::dispatchEvent):
1210         (WebCore::IDBRequest::enqueueEvent):
1211         * Modules/indexeddb/IDBTransaction.cpp:
1212         (WebCore::IDBTransaction::setActive):
1213
1214 2012-08-15  Sheriff Bot  <webkit.review.bot@gmail.com>
1215
1216         Unreviewed, rolling out r125687.
1217         http://trac.webkit.org/changeset/125687
1218         https://bugs.webkit.org/show_bug.cgi?id=94147
1219
1220         It broke the whole world (Requested by Ossy_night on #webkit).
1221
1222         * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
1223         (WebCore::JSSQLStatementErrorCallback::handleEvent):
1224         * bindings/js/JSDOMWindowCustom.cpp:
1225         (WebCore::JSDOMWindow::addEventListener):
1226         (WebCore::JSDOMWindow::removeEventListener):
1227         * bindings/js/JSDataViewCustom.cpp:
1228         (WebCore::getDataViewMember):
1229         * bindings/js/JSDeviceMotionEventCustom.cpp:
1230         (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
1231         * bindings/js/JSDeviceOrientationEventCustom.cpp:
1232         (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
1233         * bindings/js/JSDictionary.cpp:
1234         (WebCore::JSDictionary::convertValue):
1235         * bindings/js/JSDirectoryEntryCustom.cpp:
1236         (WebCore::JSDirectoryEntry::getFile):
1237         (WebCore::JSDirectoryEntry::getDirectory):
1238         * bindings/js/JSDirectoryEntrySyncCustom.cpp:
1239         (WebCore::getFlags):
1240         * bindings/js/JSHTMLCanvasElementCustom.cpp:
1241         (WebCore::JSHTMLCanvasElement::getContext):
1242         * bindings/js/JSInspectorFrontendHostCustom.cpp:
1243         (WebCore::populateContextMenuItems):
1244         * bindings/js/JSMessageEventCustom.cpp:
1245         (WebCore::handleInitMessageEvent):
1246         * bindings/js/JSWebGLRenderingContextCustom.cpp:
1247         (WebCore::dataFunctionMatrix):
1248         * bindings/js/JSXMLHttpRequestCustom.cpp:
1249         (WebCore::JSXMLHttpRequest::open):
1250         * bindings/js/JavaScriptCallFrame.cpp:
1251         * bindings/js/JavaScriptCallFrame.h:
1252         (JavaScriptCallFrame):
1253         * bindings/js/ScriptDebugServer.cpp:
1254         (WebCore::ScriptDebugServer::hasBreakpoint):
1255         * bindings/scripts/CodeGeneratorJS.pm:
1256         (GenerateEventListenerCall):
1257         (GenerateHeader):
1258         (JSValueToNative):
1259         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1260         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
1261         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
1262         * bindings/scripts/test/JS/JSTestEventTarget.h:
1263         (WebCore::JSTestEventTarget::create):
1264         * bindings/scripts/test/JS/JSTestObj.cpp:
1265         (WebCore::setJSTestObjCreate):
1266         (WebCore::setJSTestObjReflectedBooleanAttr):
1267         (WebCore::setJSTestObjReflectedCustomBooleanAttr):
1268         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
1269         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
1270         * bridge/c/c_utility.cpp:
1271         (JSC::Bindings::convertValueToNPVariant):
1272         * bridge/jni/jni_jsobject.mm:
1273         (JavaJSObject::convertValueToJObject):
1274         * bridge/qt/qt_runtime.cpp:
1275         (JSC::Bindings::convertValueToQVariant):
1276
1277 2012-08-15  Dominic Mazzoni  <dmazzoni@google.com>
1278
1279         AX: Calls to AXObjectCache should prefer Node over Renderer
1280         https://bugs.webkit.org/show_bug.cgi?id=91794
1281
1282         Reviewed by Chris Fleizach.
1283
1284         Now that it's possible for nodes inside a canvas subtree to be focused and
1285         represent accessible content, accessibility notifications should be triggered
1286         with a Node* rather than with a RenderObject* whenever possible.
1287
1288         Every public API in AXObjectCache that took a RenderObject* before now either
1289         takes a Node* instead, or has a parallel method that takes a Node*.
1290
1291         Tests: accessibility/accessibility-node-memory-management.html
1292                accessibility/accessibility-node-reparent.html
1293                accessibility/canvas-fallback-content.html
1294
1295         * accessibility/AXObjectCache.cpp:
1296         (WebCore::AXObjectCache::focusedImageMapUIElement):
1297         (WebCore::AXObjectCache::focusedUIElementForPage):
1298         (WebCore::AXObjectCache::get):
1299         (WebCore::AXObjectCache::getOrCreate):
1300         (WebCore::AXObjectCache::contentChanged):
1301         (WebCore):
1302         (WebCore::AXObjectCache::updateCacheAfterNodeIsAttached):
1303         (WebCore::AXObjectCache::childrenChanged):
1304         (WebCore::AXObjectCache::postNotification):
1305         (WebCore::AXObjectCache::checkedStateChanged):
1306         (WebCore::AXObjectCache::selectedChildrenChanged):
1307         (WebCore::AXObjectCache::nodeTextChangeNotification):
1308         (WebCore::AXObjectCache::handleAriaExpandedChange):
1309         (WebCore::AXObjectCache::handleActiveDescendantChanged):
1310         (WebCore::AXObjectCache::handleAriaRoleChanged):
1311         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1312         (WebCore::AXObjectCache::rootAXEditableElement):
1313         (WebCore::AXObjectCache::nodeIsTextControl):
1314         * accessibility/AXObjectCache.h:
1315         (AXObjectCache):
1316         (WebCore::AXObjectCache::setNodeInUse):
1317         (WebCore::AXObjectCache::removeNodeForUse):
1318         (WebCore::AXObjectCache::isNodeInUse):
1319         (WebCore::AXObjectCache::checkedStateChanged):
1320         (WebCore::AXObjectCache::childrenChanged):
1321         (WebCore::AXObjectCache::contentChanged):
1322         (WebCore::AXObjectCache::updateCacheAfterNodeIsAttached):
1323         (WebCore::AXObjectCache::handleActiveDescendantChanged):
1324         (WebCore::AXObjectCache::handleAriaExpandedChange):
1325         (WebCore::AXObjectCache::handleAriaRoleChanged):
1326         (WebCore::AXObjectCache::handleFocusedUIElementChanged):
1327         (WebCore::AXObjectCache::nodeTextChangeNotification):
1328         (WebCore::AXObjectCache::postNotification):
1329         (WebCore::AXObjectCache::selectedChildrenChanged):
1330         * accessibility/AccessibilityListBoxOption.cpp:
1331         (WebCore::AccessibilityListBoxOption::parentObject):
1332         * accessibility/AccessibilityObject.cpp:
1333         (WebCore::appendAccessibilityObject):
1334         (WebCore::replacedNodeNeedsCharacter):
1335         * accessibility/AccessibilityRenderObject.cpp:
1336         (WebCore::AccessibilityRenderObject::menuForMenuButton):
1337         (WebCore::AccessibilityRenderObject::menuButtonForMenu):
1338         (WebCore::AccessibilityRenderObject::checkboxOrRadioRect):
1339         (WebCore::AccessibilityRenderObject::addRadioButtonGroupMembers):
1340         (WebCore::AccessibilityRenderObject::titleUIElement):
1341         (WebCore::AccessibilityRenderObject::isTabItemSelected):
1342         (WebCore::AccessibilityRenderObject::accessibilityParentForImageMap):
1343         (WebCore::AccessibilityRenderObject::nodeIsTextControl):
1344         (WebCore::AccessibilityRenderObject::activeDescendant):
1345         (WebCore::AccessibilityRenderObject::correspondingControlForLabelElement):
1346         (WebCore::AccessibilityRenderObject::correspondingLabelForControlElement):
1347         * accessibility/AccessibilityRenderObject.h:
1348         (AccessibilityRenderObject):
1349         * accessibility/AccessibilityScrollView.cpp:
1350         (WebCore::AccessibilityScrollView::webAreaObject):
1351         (WebCore::AccessibilityScrollView::parentObject):
1352         (WebCore::AccessibilityScrollView::parentObjectIfExists):
1353         * accessibility/chromium/AXObjectCacheChromium.cpp:
1354         (WebCore::AXObjectCache::postPlatformNotification):
1355         (WebCore::AXObjectCache::handleFocusedUIElementChanged):
1356         * accessibility/gtk/AXObjectCacheAtk.cpp:
1357         (WebCore::AXObjectCache::handleFocusedUIElementChanged):
1358         * accessibility/mac/AXObjectCacheMac.mm:
1359         (WebCore::AXObjectCache::handleFocusedUIElementChanged):
1360         * accessibility/win/AXObjectCacheWin.cpp:
1361         (WebCore::AXObjectCache::handleFocusedUIElementChanged):
1362         * bindings/cpp/WebDOMCustomVoidCallback.cpp:
1363         (toWebCore):
1364         * dom/Document.cpp:
1365         (WebCore::Document::setFocusedNode):
1366         * dom/Element.cpp:
1367         (WebCore::Element::attributeChanged):
1368         * dom/Node.cpp:
1369         (WebCore::Node::~Node):
1370         (WebCore::Node::attach):
1371         * editing/AppendNodeCommand.cpp:
1372         (WebCore::sendAXTextChangedIgnoringLineBreaks):
1373         * editing/DeleteFromTextNodeCommand.cpp:
1374         (WebCore::DeleteFromTextNodeCommand::doApply):
1375         (WebCore::DeleteFromTextNodeCommand::doUnapply):
1376         * editing/Editor.cpp:
1377         (WebCore::Editor::respondToChangedContents):
1378         (WebCore::Editor::markAndReplaceFor):
1379         * editing/InsertIntoTextNodeCommand.cpp:
1380         (WebCore::InsertIntoTextNodeCommand::doApply):
1381         (WebCore::InsertIntoTextNodeCommand::doUnapply):
1382         * editing/InsertNodeBeforeCommand.cpp:
1383         (WebCore::InsertNodeBeforeCommand::doApply):
1384         (WebCore::InsertNodeBeforeCommand::doUnapply):
1385         * editing/chromium/FrameSelectionChromium.cpp:
1386         (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
1387         * html/HTMLInputElement.cpp:
1388         (WebCore::HTMLInputElement::setChecked):
1389         * html/HTMLSelectElement.cpp:
1390         (WebCore::HTMLSelectElement::childrenChanged):
1391         (WebCore::HTMLSelectElement::optionElementChildrenChanged):
1392         * html/HTMLTextFormControlElement.cpp:
1393         (WebCore::HTMLTextFormControlElement::setInnerTextValue):
1394         * html/InputType.cpp:
1395         (WebCore::InputType::applyStep):
1396         * html/RangeInputType.cpp:
1397         (WebCore::RangeInputType::handleKeydownEvent):
1398         * page/FocusController.cpp:
1399         (WebCore::FocusController::setInitialFocus):
1400
1401 2012-08-15  Andreas Kling  <kling@webkit.org>
1402
1403         NinePieceImage: Avoid unnecessary duplication of default data in assignment operator.
1404         <http://webkit.org/b/94046>
1405
1406         Reviewed by Geoffrey Garen.
1407
1408         If copying a NinePieceImage with a null m_data, don't create a copy of it's data()
1409         as that will point to the default NinePieceImageData. ~200kB progression on Membuster.
1410
1411         * rendering/style/NinePieceImage.h:
1412         (WebCore::NinePieceImage::operator=):
1413
1414 2012-08-15  Gregg Tavares  <gman@google.com>
1415
1416         Mark Skia and Compositor Contexts
1417         https://bugs.webkit.org/show_bug.cgi?id=94129
1418
1419         Reviewed by James Robinson.
1420
1421         Marks the Skia and Compositor contexts to aid in debugging.
1422
1423         No new tests as no new functionality.
1424
1425         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1426         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
1427         * platform/graphics/skia/ImageBufferSkia.cpp:
1428         (WebCore::createAcceleratedCanvas):
1429
1430 2012-08-15  Ian Vollick  <vollick@chromium.org>
1431
1432         [chromium] Must account for empty transformation lists when checking for big rotations.
1433         https://bugs.webkit.org/show_bug.cgi?id=93975
1434
1435         Reviewed by James Robinson.
1436
1437         AnimationTranslationUtil.cpp is supposed to reject large rotations 
1438         (>= 180 degrees between keyframes). The current code assumes that if 
1439         the lists of transforms at two consecutive keyframes do not match 
1440         (i.e., are different types), then do not need to reject. The rationale
1441         is that we will revert to matrix blending -- we will collapse the lists
1442         of transform operations to matrices at each keyframe and blend those. 
1443         Unfortunately, this is not true if a list is empty. It can be the case 
1444         that we transition from no transform to a rotation about the z axis of 
1445         360 degrees. In this case, the first list of transform operations will 
1446         be empty and the second will have a single rotation of 360 degrees. An 
1447         empty list should be treated as a rotation of zero degrees.
1448
1449         Unit tested in: GraphicsLayerChromiumTest.createTransformAnimationWithBigRotationAndEmptyTransformOperationList
1450
1451         * platform/graphics/chromium/AnimationTranslationUtil.cpp:
1452         (WebCore::causesRotationOfAtLeast180Degrees):
1453
1454 2012-08-15  Beth Dakin  <bdakin@apple.com>
1455
1456         https://bugs.webkit.org/show_bug.cgi?id=93693
1457         [WK2] REGRESSION(125091): pixel results don't sow scrollbars 
1458         anymore
1459
1460         Reviewed by Sam Weinig.
1461
1462         This is a regression from http://trac.webkit.org/changeset/125091 
1463         in which I failed to noticed that 
1464         WKBundlePageCreateSnapshotInViewCoordinates() did actually do 
1465         something different than 
1466         WKBundlePageCreateSnapshotInDocumentCoordinates(). Specifically, 
1467         it used ScrollView::paint() to paint instead of 
1468         FrameView::paintContents(). So this patch restores that 
1469         functionality by adding a value to SnapshotOptions indicating 
1470         whether the snapshot should be taken in ViewCoordinates 
1471         (otherwise it defaults to DocumentCoordinates).
1472
1473         FrameView:: paintContentsForSnapshot() now takes a new parameter 
1474         that indicates whether to take the snapshot in document 
1475         coordinates or view coordinates.
1476         * WebCore.exp.in:
1477         * page/FrameView.cpp:
1478         (WebCore::FrameView::paintContentsForSnapshot):
1479         * page/FrameView.h:
1480
1481 2012-08-15  Benjamin Poulain  <bpoulain@apple.com>
1482
1483         Use literal initialization for CSS's pseudo types
1484         https://bugs.webkit.org/show_bug.cgi?id=94066
1485
1486         Reviewed by Kenneth Rohde Christiansen.
1487
1488         Initialize CSS pseudo type strings with the new initialization from literal.
1489
1490         The first invocation of nameToPseudoTypeMap() becomes 20% faster and we use
1491         less memory to store the strings.
1492
1493         * css/CSSSelector.cpp:
1494         (WebCore::nameToPseudoTypeMap):
1495
1496 2012-08-15  Brady Eidson  <beidson@apple.com>
1497
1498         Removing a plug-in element from a page opened in a background tab in Safari crashes
1499         <rdar://problem/12057991> and https://bugs.webkit.org/show_bug.cgi?id=93913
1500
1501         Reviewed by Beth Dakin.
1502
1503         Expose Page::setCanStartMedia to regression tests so they can pretend to be in a non-windowed WebView.
1504
1505         Test: platform/mac-wk2/plugins/asynchronous-destroy-before-initialization.html
1506
1507         * testing/InternalSettings.cpp:
1508         (WebCore::InternalSettings::Backup::Backup):
1509         (WebCore::InternalSettings::Backup::restoreTo):
1510         (WebCore::InternalSettings::setCanStartMedia):
1511         (WebCore):
1512         * testing/InternalSettings.h:
1513         (Backup):
1514         (InternalSettings):
1515         * testing/InternalSettings.idl:
1516
1517 2012-08-15  Levi Weintraub  <leviw@chromium.org>
1518
1519         AutoTableLayout truncates preferred widths for cells when it needs to ceil them to contain the contents
1520         https://bugs.webkit.org/show_bug.cgi?id=93911
1521
1522         Reviewed by Eric Seidel.
1523
1524         Avoiding truncation of sub-pixel accumulated values when determining the preferred width of a table cell
1525         in AutoTableLayout. Since we continue to layout tables using integers, we need to ceil the contents to
1526         prevent premature wrapping of the contents.
1527
1528         This only affects ports with sub-pixel layout enabled, and fixes regressions of a handful of tests that
1529         were missed when updating expectations when sub-pixel was enabled.
1530
1531         Test: fast/sub-pixel/auto-table-layout-should-avoid-text-wrapping.html
1532
1533         * rendering/AutoTableLayout.cpp:
1534         (WebCore::AutoTableLayout::recalcColumn):
1535
1536 2012-08-10  Ojan Vafai  <ojan@chromium.org>
1537
1538         z-index should work without position on flexitems
1539         https://bugs.webkit.org/show_bug.cgi?id=91405
1540
1541         Reviewed by Tony Chang.
1542
1543         Require a layer on any RenderBox that has a non-auto z-index.
1544         Statically positioned, non-flex-item's have their z-index coerced to auto,
1545         so it's safe to check z-index unconditionally.
1546
1547         Test: css3/flexbox/z-index.html
1548
1549         * css/StyleResolver.cpp:
1550         (WebCore::StyleResolver::adjustRenderStyle):
1551         -Don't coerce z-index to auto on statically positioned flex-items.
1552         -Use the parentStyle to determine if the parent is a flexbox instead of
1553         looking at the element's parentNode's renderer.
1554         * rendering/RenderBox.h:
1555         -Add having a non-auto z-index to the list of things that require a layer.
1556
1557 2012-08-15  Joanmarie Diggs  <jdiggs@igalia.com>
1558
1559         [Gtk] atk_text_set_caret_offset() fails for table cells
1560         https://bugs.webkit.org/show_bug.cgi?id=83501
1561
1562         Reviewed by Chris Fleizach.
1563
1564         Allow using text ranges in accessible table cells.
1565
1566         * accessibility/gtk/AccessibilityObjectAtk.cpp:
1567         (WebCore::AccessibilityObject::allowsTextRanges):
1568         Add table cells to the list of accessibility objects supporting text ranges.
1569
1570 2012-08-15  Scott Graham  <scottmg@chromium.org>
1571
1572         Rename window.internals.fastMallocStatistics to mallocStatistics
1573         https://bugs.webkit.org/show_bug.cgi?id=94033
1574
1575         Reviewed by Adam Barth.
1576
1577         Mechanical rename. In preparation for plumbing allocation information
1578         from allocators that aren't "fastMalloc".
1579
1580         * CMakeLists.txt:
1581         * DerivedSources.make:
1582         * DerivedSources.pri:
1583         * GNUmakefile.list.am:
1584         * Target.pri:
1585         * WebCore.gyp/WebCore.gyp:
1586         * WebCore.gypi:
1587         * WebCore.vcproj/WebCoreTestSupport.vcproj:
1588         * WebCore.xcodeproj/project.pbxproj:
1589         * loader/DocumentLoader.h:
1590         (WebCore::DocumentLoader::didTellClientAboutLoad):
1591         * loader/cache/CachedResourceLoader.cpp:
1592         (WebCore::CachedResourceLoader::loadResource):
1593         * testing/FastMallocStatistics.h: Removed.
1594         * testing/FastMallocStatistics.idl: Removed.
1595         * testing/Internals.cpp:
1596         (WebCore::Internals::mallocStatistics):
1597         * testing/Internals.h:
1598         (WebCore):
1599         (Internals):
1600         * testing/Internals.idl:
1601         * testing/MallocStatistics.h: Added.
1602         * testing/MallocStatistics.idl: Added.
1603
1604 2012-08-15  Joshua Netterfield  <jnetterfield@rim.com>
1605
1606         [BlackBerry] Upstream BlackBerry build fixes
1607         https://bugs.webkit.org/show_bug.cgi?id=94121
1608
1609         Reviewed by Rob Buis.
1610
1611         This includes several build fixes due to incorrect upstream patches.
1612         These mistakes were never present downstream.
1613
1614         No new tests, because no new functionality is added.
1615
1616         * platform/graphics/GraphicsContext3D.cpp:
1617         (WebCore::GraphicsContext3D::computeFormatAndTypeParameters):
1618         * platform/graphics/GraphicsContext3D.h:
1619         (GraphicsContext3D):
1620         (WebCore::GraphicsContext3D::ShaderSourceEntry::ShaderSourceEntry):
1621         * platform/graphics/blackberry/LayerFilterRenderer.cpp:
1622         (WebCore::LayerFilterRendererAction::LayerFilterRendererAction):
1623         * platform/graphics/blackberry/LayerFilterRenderer.h:
1624         (LayerFilterRendererAction):
1625
1626 2012-08-15  Adam Barth  <abarth@webkit.org>
1627
1628         JSDOMWrapper should ASSERT that it has an associated ScriptExecutionContext
1629         https://bugs.webkit.org/show_bug.cgi?id=94053
1630
1631         Reviewed by Sam Weinig.
1632
1633         Previously we were unable have this ASSERT because DOMWindow needed a
1634         Frame to find Document. Now that we can find the Document without a
1635         Frame, we can include the ASSERT and sanity will rein across the land.
1636
1637         * bindings/js/JSDOMWrapper.h:
1638         (WebCore::JSDOMWrapper::globalObject):
1639         (WebCore::JSDOMWrapper::scriptExecutionContext):
1640         (WebCore::JSDOMWrapper::JSDOMWrapper):
1641
1642 2012-08-14  Mark Hahnenberg  <mhahnenberg@apple.com>
1643
1644         Change behavior of MasqueradesAsUndefined to better accommodate DFG changes
1645         https://bugs.webkit.org/show_bug.cgi?id=93884
1646
1647         Reviewed by Geoffrey Garen.
1648
1649         With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of 
1650         MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines, 
1651         we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined 
1652         objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject). 
1653         For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not 
1654         masquerade as undefined within frame B, but it will continue to masquerade in frame A.
1655
1656         Test: fast/js/document-all-between-frames.html
1657
1658         All of the changes in WebCore are simply passing the additional ExecState argument to JSValue::toBoolean.
1659
1660         * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
1661         (WebCore::JSSQLStatementErrorCallback::handleEvent):
1662         * bindings/js/JSDOMWindowCustom.cpp:
1663         (WebCore::JSDOMWindow::addEventListener):
1664         (WebCore::JSDOMWindow::removeEventListener):
1665         * bindings/js/JSDataViewCustom.cpp:
1666         (WebCore::getDataViewMember):
1667         * bindings/js/JSDeviceMotionEventCustom.cpp:
1668         (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
1669         * bindings/js/JSDeviceOrientationEventCustom.cpp:
1670         (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
1671         * bindings/js/JSDictionary.cpp:
1672         (WebCore::JSDictionary::convertValue):
1673         * bindings/js/JSDirectoryEntryCustom.cpp:
1674         (WebCore::JSDirectoryEntry::getFile):
1675         (WebCore::JSDirectoryEntry::getDirectory):
1676         * bindings/js/JSDirectoryEntrySyncCustom.cpp:
1677         (WebCore::getFlags):
1678         * bindings/js/JSHTMLCanvasElementCustom.cpp:
1679         (WebCore::JSHTMLCanvasElement::getContext):
1680         * bindings/js/JSInspectorFrontendHostCustom.cpp:
1681         (WebCore::populateContextMenuItems):
1682         * bindings/js/JSMessageEventCustom.cpp:
1683         (WebCore::handleInitMessageEvent):
1684         * bindings/js/JSWebGLRenderingContextCustom.cpp:
1685         (WebCore::dataFunctionMatrix):
1686         * bindings/js/JSXMLHttpRequestCustom.cpp:
1687         (WebCore::JSXMLHttpRequest::open):
1688         * bindings/js/JavaScriptCallFrame.cpp:
1689         (WebCore::JavaScriptCallFrame::exec):
1690         (WebCore):
1691         * bindings/js/JavaScriptCallFrame.h:
1692         (JavaScriptCallFrame):
1693         * bindings/js/ScriptDebugServer.cpp:
1694         (WebCore::ScriptDebugServer::hasBreakpoint):
1695         * bindings/scripts/CodeGeneratorJS.pm: Also add the custom create function for MasqueradesAsUndefined JS DOM wrappers.
1696         (GenerateEventListenerCall):
1697         (GenerateHeader):
1698         (JSValueToNative):
1699         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1700         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
1701         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
1702         * bindings/scripts/test/JS/JSTestEventTarget.h:
1703         (WebCore::JSTestEventTarget::create):
1704         * bindings/scripts/test/JS/JSTestObj.cpp:
1705         (WebCore::setJSTestObjCreate):
1706         (WebCore::setJSTestObjReflectedBooleanAttr):
1707         (WebCore::setJSTestObjReflectedCustomBooleanAttr):
1708         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
1709         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
1710         * bridge/c/c_utility.cpp:
1711         (JSC::Bindings::convertValueToNPVariant):
1712         * bridge/jni/jni_jsobject.mm:
1713         (JavaJSObject::convertValueToJObject):
1714         * bridge/qt/qt_runtime.cpp:
1715         (JSC::Bindings::convertValueToQVariant):
1716
1717 2012-08-15  Joanmarie Diggs  <jdiggs@igalia.com>
1718
1719         [Gtk] atk_text_get_text_at_offset() fails to provide the correct line for paragraphs in list items whose text wraps
1720         https://bugs.webkit.org/show_bug.cgi?id=83435
1721
1722         Reviewed by Chris Fleizach.
1723
1724         Fix a logic error when checking if an object is a list marker.
1725
1726         * accessibility/gtk/WebKitAccessibleInterfaceText.cpp:
1727         (textForRenderer):
1728
1729 2012-08-15  Arpita Bahuguna  <arpitabahuguna@gmail.com>
1730
1731         There is additional space not belonged to a table between the table cells
1732         https://bugs.webkit.org/show_bug.cgi?id=74864
1733
1734         Reviewed by Julien Chaffraix.
1735
1736         Hittest for a point on the edge, i.e. between two table columns, currently
1737         does not return any matching underlying element.
1738
1739         A hittest on such a point (on the edge of two table columns) should return
1740         the column that lies either on the logical right/bottom of the said point.
1741
1742         Tests: fast/table/hittest-tablecell-bottom-edge.html
1743                fast/table/hittest-tablecell-right-edge.html
1744                fast/table/hittest-tablecell-with-borders-bottom-edge.html
1745                fast/table/hittest-tablecell-with-borders-right-edge.html
1746
1747         * rendering/RenderTableSection.cpp:
1748         (WebCore::RenderTableSection::spannedRows):
1749         Removed the FIXME regarding the correctness of the usage of the upper_bound algorithm
1750         since that is now verified by the testcases in this patch. Also, the comment
1751         regarding the inconsistency between the algorithms used in spannedRows and spannedColumns
1752         is no longer valid.
1753
1754         (WebCore::RenderTableSection::spannedColumns):
1755         Changed lower_bound() algorithm to upper_bound() for obtaining the next column.
1756         This is now similar to what is used for obtaining the next row in spannedRows().
1757
1758 2012-08-15  Anna Cavender  <annacc@chromium.org>
1759
1760         Add the timestampOffset attribute to SourceBuffer.
1761         https://bugs.webkit.org/show_bug.cgi?id=93303
1762
1763         Reviewed by Dimitri Glazkov.
1764
1765         On the 30 July 2012 version of the Media Source Extensions spec, a timestampOffset 
1766         attribute was added to the SourceBuffer object:
1767         http://dvcs.w3.org/hg/html-media/raw-file/tip/media-source/media-source.html#dom-timestampoffset
1768
1769         Tests: additions to http/tests/media/media-source/video-media-source-objects.html
1770
1771         * Modules/mediasource/MediaSource.cpp:
1772         (WebCore::MediaSource::setTimestampOffset): Set the timestampOffset on MediaPlayer.
1773         (WebCore):
1774         * Modules/mediasource/MediaSource.h:
1775         (MediaSource):
1776         * Modules/mediasource/SourceBuffer.cpp:
1777         (WebCore::SourceBuffer::SourceBuffer): Let the timestampOffset be 0 initially
1778         (WebCore::SourceBuffer::timestampOffset): Return the last value set.
1779         (WebCore):
1780         (WebCore::SourceBuffer::setTimestampOffset): Forward the call onto MediaSouce.
1781         * Modules/mediasource/SourceBuffer.h:
1782         (SourceBuffer):
1783         * Modules/mediasource/SourceBuffer.idl: Create the new timestampOffset attr.
1784         * platform/graphics/MediaPlayer.cpp:
1785         (WebCore::NullMediaPlayerPrivate::sourceSetTimestampOffset): A null media player
1786             should just return false (nothing to set).
1787         (WebCore):
1788         (WebCore::MediaPlayer::sourceSetTimestampOffset):  Forward the call.
1789         * platform/graphics/MediaPlayer.h:
1790         * platform/graphics/MediaPlayerPrivate.h:
1791         (WebCore::MediaPlayerPrivateInterface::sourceSetTimestampOffset):
1792
1793 2012-08-15  Pavel Chadnov  <chadnov@google.com>
1794
1795         Web Inspector: Incorrect XHR responses when two async xhrs are sent synchronously
1796         https://bugs.webkit.org/show_bug.cgi?id=91630
1797         
1798         Reviewed by Vsevolod Vlasov.
1799
1800         CachedResource object for XHR response is now taken from ResourceLoader (if it's possible).
1801
1802         Test: http/tests/inspector/network/network-xhr-async-double.html
1803
1804         * inspector/InspectorInstrumentation.cpp:
1805         (WebCore):
1806         (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl):
1807         (WebCore::InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl):
1808         * inspector/InspectorInstrumentation.h:
1809         (InspectorInstrumentation):
1810         (WebCore::InspectorInstrumentation::didReceiveResourceResponse):
1811         * inspector/InspectorResourceAgent.cpp:
1812         (WebCore::InspectorResourceAgent::willSendRequest):
1813         (WebCore::InspectorResourceAgent::didReceiveResponse):
1814         * inspector/InspectorResourceAgent.h:
1815         (WebCore):
1816         (InspectorResourceAgent):
1817         * loader/DocumentThreadableLoader.cpp:
1818         (WebCore::DocumentThreadableLoader::didReceiveResponse):
1819         * loader/ResourceLoadNotifier.cpp:
1820         (WebCore::ResourceLoadNotifier::didReceiveResponse):
1821         (WebCore::ResourceLoadNotifier::dispatchDidReceiveResponse):
1822         * loader/ResourceLoadNotifier.h:
1823         (ResourceLoadNotifier):
1824         * loader/ResourceLoader.cpp:
1825         (WebCore::ResourceLoader::isSubresourceLoader):
1826         (WebCore):
1827         * loader/ResourceLoader.h:
1828         (ResourceLoader):
1829         * loader/SubresourceLoader.cpp:
1830         (WebCore::SubresourceLoader::cachedResource):
1831         (WebCore):
1832         (WebCore::SubresourceLoader::isSubresourceLoader):
1833         * loader/SubresourceLoader.h:
1834         (SubresourceLoader):
1835         * loader/appcache/ApplicationCacheGroup.cpp:
1836         (WebCore::ApplicationCacheGroup::didReceiveResponse):
1837
1838 2012-08-15  Taiju Tsuiki  <tzik@chromium.org>
1839
1840         Web Inspector: Use default parameter on reportResult in InspectorFileSystemAgent
1841         https://bugs.webkit.org/show_bug.cgi?id=93930
1842
1843         Reviewed by Vsevolod Vlasov.
1844
1845         No functional change.
1846
1847         * inspector/InspectorFileSystemAgent.cpp:
1848         (WebCore):
1849
1850 2012-08-15  Vsevolod Vlasov  <vsevik@chromium.org>
1851
1852         Web Inspector: TabbedEditorContainer Doens't show '*' near modified file name sometimes.
1853         https://bugs.webkit.org/show_bug.cgi?id=94095
1854
1855         Reviewed by Pavel Feldman.
1856
1857         TabbedEditorContainer now correctly updates event listeners on UISourceCodeReplaced event.
1858
1859         * inspector/front-end/TabbedEditorContainer.js:
1860         (WebInspector.TabbedEditorContainer.prototype._appendFileTab):
1861         (WebInspector.TabbedEditorContainer.prototype._tabClosed):
1862         (WebInspector.TabbedEditorContainer.prototype._addUISourceCodeListeners):
1863         (WebInspector.TabbedEditorContainer.prototype._removeUISourceCodeListeners):
1864
1865 2012-08-15  Vsevolod Vlasov  <vsevik@chromium.org>
1866
1867         Web Inspector: Scroll/selection are not saved in sources panel editors sometimes.
1868         https://bugs.webkit.org/show_bug.cgi?id=94098
1869
1870         Reviewed by Pavel Feldman.
1871
1872         SourceFrame listeners and _currentFile field are now cleared only when currently open tab is closed.
1873
1874         * inspector/front-end/TabbedEditorContainer.js:
1875         (WebInspector.TabbedEditorContainer.prototype._tabClosed):
1876
1877 2012-08-15  Vsevolod Vlasov  <vsevik@chromium.org>
1878
1879         Web Inspector: [REGRESSION] "save as" of edited source in developer mode fails to update saved file
1880         https://bugs.webkit.org/show_bug.cgi?id=94074
1881
1882         Reviewed by Pavel Feldman.
1883
1884         Added dirty flag check when saving uiSourceCode to save working copy in this case.
1885
1886         * inspector/front-end/HandlerRegistry.js:
1887         (WebInspector.HandlerRegistry.prototype.appendApplicableItems.save):
1888         (WebInspector.HandlerRegistry.prototype.appendApplicableItems):
1889
1890 2012-08-15  Thiago Marcos P. Santos  <thiago.santos@intel.com>
1891
1892         Relative units are not set when the canvas has not parent
1893         https://bugs.webkit.org/show_bug.cgi?id=93840
1894
1895         Reviewed by Kenneth Rohde Christiansen.
1896
1897         Set the default font when no parent style is set. It will make
1898         possible to apply relative units when a parent is not set.
1899
1900         No new tests, unskipped the existing ones.
1901
1902         * css/StyleBuilder.cpp:
1903         (WebCore::ApplyPropertyFontSize::applyValue):
1904         Make it possible to apply relative units if a parent style exist but
1905         not a parent node. It works like this for em and ex, but not for
1906         percent units.
1907         * html/canvas/CanvasRenderingContext2D.cpp:
1908         (WebCore):
1909         (WebCore::CanvasRenderingContext2D::setFont):
1910
1911 2012-08-14  Pavel Feldman  <pfeldman@chromium.org>
1912
1913         Web Inspector: split standalone test runner, test scanner and test stub.
1914         https://bugs.webkit.org/show_bug.cgi?id=94001
1915
1916         Reviewed by Vsevolod Vlasov.
1917
1918         This change starts sending loacCompleted message to the embedder.
1919
1920         * inspector/front-end/InspectorFrontendAPI.js:
1921         (InspectorFrontendAPI.loadCompleted):
1922         * inspector/front-end/test-runner.html: Added.
1923
1924 2012-08-15  Shinya Kawanaka  <shinyak@chromium.org>
1925
1926         [Refactoring] The debug version and release version of toHTMLSelectElement can be merged without any penalty
1927         https://bugs.webkit.org/show_bug.cgi?id=94084
1928
1929         Reviewed by Kent Tamura.
1930
1931         We have two versions of toHTMLSelectElement. One has ASSERT() and the other one does not have ASSERT().
1932         We can merge them without any penalty.
1933
1934         No new tests, no change in behavior.
1935
1936         * html/HTMLSelectElement.cpp:
1937         * html/HTMLSelectElement.h:
1938         (WebCore::isHTMLSelectElement):
1939         (WebCore::toHTMLSelectElement):
1940         (WebCore):
1941
1942 2012-08-15  Shinya Kawanaka  <shinyak@chromium.org>
1943
1944         AuthorShadowDOM for meter element
1945         https://bugs.webkit.org/show_bug.cgi?id=91970
1946
1947         Reviewed by Hajime Morita.
1948
1949         We add support for AuthorShadowDOM for a meter element.
1950
1951         According to the Shadow DOM spec, a meter element should behave like having a UserAgentShadowRoot and
1952         an element in UserAgentShadowRoot draws a real 'meter' bar. In this patch, we change the inner structure
1953         of a meter element so that we can distribute an element having RenderMeter to AuthorShadowDOM.
1954
1955         Before this patch, a meter element has the following inner structure.
1956
1957             <meter>--UserAgentShadowRoot -- -- -- -- -- -- -- -- -- -- AuthorShadowRoot
1958                                |
1959                                +-- MeterBarElement
1960                                |
1961                                +-- MeterValueElement
1962
1963         After this patch, a meter element will have the following inner structure.
1964
1965             <meter>--UserAgentShadowRoot -- -- -- -- -- -- -- -- -- -- AuthorShadowRoot
1966                                |
1967                                +-- MeterInnerElement
1968                                            |
1969                                            +-- MeterBarElement
1970                                            |
1971                                            +-- MeterValueElement
1972
1973         However, if RenderTheme supports rendering meter, MeterInnerElement will not create a renderer
1974         unless an AuthorShadowDOM is attached to it so that we can keep the current rendering style.
1975
1976         Tests: fast/dom/shadow/shadowdom-for-meter-dynamic.html
1977                fast/dom/shadow/shadowdom-for-meter-multiple.html
1978                fast/dom/shadow/shadowdom-for-meter-with-style.html
1979                fast/dom/shadow/shadowdom-for-meter-without-appearance.html
1980                fast/dom/shadow/shadowdom-for-meter-without-shadow-element.html
1981                fast/dom/shadow/shadowdom-for-meter.html
1982
1983         * css/html.css:
1984         (meter): Changed the display type. inline-box is not supported WebKit. inline-block is true.
1985         (meter::-webkit-meter-inner-element):
1986         * html/HTMLMeterElement.cpp:
1987         (WebCore::HTMLMeterElement::HTMLMeterElement):
1988         (WebCore::HTMLMeterElement::createRenderer):
1989         (WebCore):
1990         (WebCore::HTMLMeterElement::attach): Added didElementStateChange.
1991         (WebCore::HTMLMeterElement::didElementStateChange):
1992         (WebCore::HTMLMeterElement::willAddAuthorShadowRoot):
1993         (WebCore::HTMLMeterElement::renderMeter):
1994         (WebCore::HTMLMeterElement::createShadowSubtree):
1995         * html/HTMLMeterElement.h:
1996         (WebCore):
1997         (WebCore::HTMLMeterElement::hasAuthorShadowRoot):
1998         (HTMLMeterElement):
1999         (WebCore::isHTMLMeterElement):
2000         (WebCore::toHTMLMeterElement):
2001         * html/shadow/MeterShadowElement.cpp:
2002         (WebCore::MeterShadowElement::meterElement):
2003         (WebCore::MeterShadowElement::rendererIsNeeded):
2004         (WebCore):
2005         (WebCore::MeterInnerElement::MeterInnerElement): We introduce a new element having RenderMeter
2006         so that we can distribute an element having RenderMeter to AuthorShadowDOM.
2007         (WebCore::MeterInnerElement::rendererIsNeeded): Different from a progress element, meter element will not be
2008         rendered using a theme. So we don't need to check the style appearance.
2009         (WebCore::MeterInnerElement::createRenderer):
2010         (WebCore::MeterInnerElement::shadowPseudoId):
2011         * html/shadow/MeterShadowElement.h:
2012         (WebCore):
2013         (MeterInnerElement):
2014         (WebCore::MeterInnerElement::create):
2015         * rendering/RenderMeter.cpp:
2016         (WebCore::RenderMeter::RenderMeter):
2017         (WebCore::RenderMeter::meterElement):
2018         (WebCore):
2019         (WebCore::RenderMeter::valueRatio):
2020         * rendering/RenderMeter.h:
2021         (RenderMeter):
2022         * rendering/RenderThemeMac.mm:
2023         (WebCore::RenderThemeMac::levelIndicatorFor):
2024
2025 2012-08-15  Adam Barth  <abarth@webkit.org>
2026
2027         [Chromium] fast/dom/Window/dom-access-from-closure-window.html is flaky on Linux
2028         https://bugs.webkit.org/show_bug.cgi?id=94060
2029
2030         Reviewed by Kentaro Hara.
2031
2032         Previously, the V8 garbage collector might have collected the Document
2033         wrapper before the DOMWindow wrapper because we overwrite the
2034         "document" property of the DOMWindow during navigation.
2035
2036         This patch adds a hidden document property on the global object to
2037         ensure that the Document wrapper lives at least as long as the
2038         DOMWindow wrapper, ensuring that DOMWindows that we obtain from V8
2039         always have non-null Document objects.
2040
2041         The JavaScriptCore bindings already have this behavior.
2042
2043         Test: fast/dom/Window/dom-access-from-closure-window-with-gc.html
2044
2045         * bindings/v8/V8DOMWindowShell.cpp:
2046         (WebCore::V8DOMWindowShell::updateDocumentWrapperCache):
2047         * bindings/v8/V8HiddenPropertyName.h:
2048         (WebCore):
2049
2050 2012-08-14  Andrey Kosyakov  <caseq@chromium.org>
2051
2052         Web Inspector: Calling getEventListeners() on element with malformed javascript event listeners crashes
2053         https://bugs.webkit.org/show_bug.cgi?id=93937
2054
2055         Reviewed by Pavel Feldman.
2056
2057         - check listener function to be non-null (happens upon an exception while compiling attribute listeners)
2058
2059         * bindings/js/JSInjectedScriptHostCustom.cpp:
2060         (WebCore::getJSListenerFunctions):
2061         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
2062         (WebCore::getJSListenerFunctions):
2063
2064 2012-08-14  Jan Keromnes  <janx@linux.com>
2065
2066         Web Inspector: CodeMirrorTextEditor doesn't clear execution line
2067         https://bugs.webkit.org/show_bug.cgi?id=94069
2068
2069         Reviewed by Pavel Feldman.
2070
2071         Make CodeMirrorTextEditor use line handles instead of numbers, remove
2072         typeof == "number" checks.
2073
2074         * inspector/front-end/CodeMirrorTextEditor.js:
2075         (WebInspector.CodeMirrorTextEditor.prototype.clearExecutionLine):
2076         (WebInspector.CodeMirrorTextEditor.prototype.highlightLine):
2077         (WebInspector.CodeMirrorTextEditor.prototype.clearLineHighlight):
2078
2079 2012-08-14  Yuta Kitamura  <yutak@google.com>
2080
2081         Unreviewed. Fix Chromium-Android builds.
2082
2083         * html/TimeInputType.cpp:
2084         (WebCore::TimeInputType::TimeInputType):
2085         Declare the function as a constructor.
2086
2087 2012-08-14  Sukolsak Sakshuwong  <sukolsak@google.com>
2088
2089         Text selection in text area in auto scroll mode goes wrong.
2090         https://bugs.webkit.org/show_bug.cgi?id=74346
2091
2092         Reviewed by Ojan Vafai.
2093
2094         WebKit triggers autoscroll in text area when the user drags the cursor from inside
2095         the text area to the outside. When that happens, it gets the local cursor position
2096         relative to the node under the cursor from hit-testing, converts it to
2097         the absolute position, and then converts it to the local position relative to the
2098         text area. However, the hit-testing method of text area did not take scrolling
2099         offset into account. This caused it to give an incorrect value of the local cursor
2100         position. Make the hit-testing take scrolling offset into account.
2101
2102         Test: fast/events/autoscroll-in-textarea.html
2103
2104         * html/shadow/TextControlInnerElements.cpp:
2105         (WebCore::TextControlInnerTextElement::createRenderer):
2106         * rendering/RenderTextControl.cpp:
2107         (WebCore::RenderTextControl::hitInnerTextElement):
2108         * rendering/RenderTextControlSingleLine.cpp:
2109         (WebCore):
2110         * rendering/RenderTextControlSingleLine.h:
2111         (WebCore::RenderTextControlInnerBlock::RenderTextControlInnerBlock):
2112         (WebCore::RenderTextControlInnerBlock::hasLineIfEmpty):
2113
2114 2012-08-14  Shinya Kawanaka  <shinyak@chromium.org>
2115
2116         [Refactoring] RenderMenuList and RenderListBox should have a method to return HTMLSelectElement.
2117         https://bugs.webkit.org/show_bug.cgi?id=94061
2118
2119         Reviewed by Kent Tamura.
2120
2121         This is a preparation patch for Bug 91487. Since RenderMenuList::node() and RenderListBox::node()
2122         will not return HTMLSelectElement to fix Bug 91487, it would be good to have a method to HTMLSelectElement.
2123
2124         No new tests, no change in behavior.
2125
2126         * rendering/RenderListBox.cpp:
2127         (WebCore::RenderListBox::selectElement):
2128         (WebCore):
2129         (WebCore::RenderListBox::updateFromElement):
2130         (WebCore::RenderListBox::scrollToRevealSelection):
2131         (WebCore::RenderListBox::size):
2132         (WebCore::RenderListBox::numItems):
2133         (WebCore::RenderListBox::addFocusRingRects):
2134         (WebCore::RenderListBox::paintItemForeground):
2135         (WebCore::RenderListBox::paintItemBackground):
2136         (WebCore::RenderListBox::panScroll):
2137         (WebCore::RenderListBox::autoscroll):
2138         (WebCore::RenderListBox::stopAutoscroll):
2139         (WebCore::RenderListBox::valueChanged):
2140         (WebCore::RenderListBox::nodeAtPoint):
2141         * rendering/RenderListBox.h:
2142         (WebCore):
2143         (RenderListBox):
2144         * rendering/RenderMenuList.cpp:
2145         (WebCore::RenderMenuList::selectElement):
2146         (WebCore):
2147         (WebCore::RenderMenuList::updateOptionsWidth):
2148         (WebCore::RenderMenuList::updateFromElement):
2149         (WebCore::RenderMenuList::setTextFromOption):
2150         (WebCore::RenderMenuList::showPopup):
2151         (WebCore::RenderMenuList::valueChanged):
2152         (WebCore::RenderMenuList::listBoxSelectItem):
2153         (WebCore::RenderMenuList::multiple):
2154         (WebCore::RenderMenuList::didSetSelectedIndex):
2155         (WebCore::RenderMenuList::didUpdateActiveOption):
2156         (WebCore::RenderMenuList::itemText):
2157         (WebCore::RenderMenuList::itemAccessibilityText):
2158         (WebCore::RenderMenuList::itemToolTip):
2159         (WebCore::RenderMenuList::itemIsEnabled):
2160         (WebCore::RenderMenuList::itemStyle):
2161         (WebCore::RenderMenuList::itemBackgroundColor):
2162         (WebCore::RenderMenuList::listSize):
2163         (WebCore::RenderMenuList::selectedIndex):
2164         (WebCore::RenderMenuList::itemIsSeparator):
2165         (WebCore::RenderMenuList::itemIsLabel):
2166         (WebCore::RenderMenuList::itemIsSelected):
2167         (WebCore::RenderMenuList::setTextFromItem):
2168         * rendering/RenderMenuList.h:
2169         (WebCore):
2170         (RenderMenuList):
2171
2172 2012-08-10  Kinuko Yasuda  <kinuko@chromium.org>
2173
2174         FileWriter fails with assertion when trying to write empty Blob
2175         https://bugs.webkit.org/show_bug.cgi?id=93694
2176
2177         Reviewed by Kent Tamura.
2178
2179         if the given data size is zero (i.e. m_bytesToWrite is zero) the assertion 'bytes + m_bytesWritten > 0' should not be tested.
2180
2181         Tests: fast/filesystem/file-writer-empty-blob.html
2182                fast/filesystem/workers/file-writer-empty-blob.html
2183
2184         * Modules/filesystem/FileWriter.cpp:
2185         (WebCore::FileWriter::didWrite):
2186
2187 2012-08-14  Keishi Hattori  <keishi@webkit.org>
2188
2189         Share common code between calendar picker and color suggestion picker
2190         https://bugs.webkit.org/show_bug.cgi?id=93802
2191
2192         Reviewed by Kent Tamura.
2193
2194         We want to share common code like utility functions between picker page popups.
2195
2196         No new tests because no behavior change. Covered by existing tests, color-suggestion-picker-appearance.html and calendar-picker-apeparance.html.
2197
2198         * Resources/pagepopups/calendarPicker.js:
2199         (YearMonthController.prototype.attachTo):
2200         (YearMonthController.prototype._showPopup):
2201         * Resources/pagepopups/colorSuggestionPicker.js:
2202         (handleMessage):
2203         (handleArgumentsTimeout):
2204         * Resources/pagepopups/pickerCommon.css: Added.
2205         (body):
2206         * Resources/pagepopups/pickerCommon.js: Added.
2207         (createElement):
2208         (resizeWindow):
2209         (getScrollbarWidth):
2210         * WebCore.gyp/WebCore.gyp: Add actions for pickerCommon.{css,js}
2211         * html/shadow/CalendarPickerElement.cpp:
2212         (WebCore::CalendarPickerElement::writeDocument):
2213
2214 2012-08-14  Ojan Vafai  <ojan@chromium.org>
2215
2216         Fix access to m_markupBox in WebCore::EllipsisBox::paint
2217         https://bugs.webkit.org/show_bug.cgi?id=91138
2218
2219         Reviewed by Abhishek Arya.
2220
2221         EllipsisBox would hold on to m_markupBox, which would then get destroyed during
2222         the followup layoutIfNeeded in layoutVerticalBox. Instead, have EllipsisBox
2223         dynamically grab to pointer to the markup box during paint since there's no
2224         straightforward way to notify the EllipsisBox that the markupBox has been destroyed
2225         and/or point it at the new markupBox.
2226
2227         Test: fast/overflow/line-clamp-and-columns.html
2228
2229         * rendering/EllipsisBox.cpp:
2230         (WebCore::EllipsisBox::paint):
2231         (WebCore):
2232         (WebCore::EllipsisBox::paintMarkupBox):
2233         * rendering/EllipsisBox.h:
2234         (WebCore::EllipsisBox::EllipsisBox):
2235         Just store a boolean that we have a markup box that needs painting.
2236         * rendering/RenderDeprecatedFlexibleBox.cpp:
2237         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
2238         Clearing the override size right after setting it was incorrect because
2239         there are cases where we'll do a followup layout in layoutVerticalBox, at which
2240         point we'll still need the override size.
2241         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
2242         Clear the override size here to handle cases where line clamp is removed since
2243         we don't call applyLineClamp in those cases.
2244
2245 2012-08-14  Yoshifumi Inoue  <yosin@chromium.org>
2246
2247         [Forms] Make input type "time" to use multiple field time input UI
2248         https://bugs.webkit.org/show_bug.cgi?id=93929
2249
2250         Reviewed by Kent Tamura.
2251
2252         This patch changes input type "time" UI to use multiple field time
2253         input UI when build flag ENABLE_INPUT_TYPE_TIME_MULTIPLE_FIELDS
2254         enabled.
2255
2256         No new tests. This patch doesn't change behavior for users, however,
2257         this patch changes behavior on layout tests. Tests will be added
2258         in another patch with runtime enabled feature flag is enabled.
2259
2260         Test expectations for following tests are updated:
2261          - fast/forms/time/time-input-visible-string.html
2262          - fast/forms/time/time-stepup-stepdown-from-renderer.html
2263
2264         * html/BaseDateAndTimeInputType.h:
2265         (BaseDateAndTimeInputType): Exposed serialize() to derived classes.
2266         * html/TimeInputType.cpp:
2267         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::DateTimeEditControlOwnerImpl):
2268         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::~DateTimeEditControlOwnerImpl):
2269         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::editControlMouseFocus):
2270         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::editControlValueChanged):
2271         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::isEditControlOwnerDisabled):
2272         (WebCore::TimeInputType::DateTimeEditControlOwnerImpl::isEditControlOwnerReadOnly):
2273         (WebCore::TimeInputType::TimeInputType):
2274         (WebCore::TimeInputType::~TimeInputType):
2275         (WebCore::TimeInputType::createRenderer):
2276         (WebCore::TimeInputType::createShadowSubtree):
2277         (WebCore::TimeInputType::destroyShadowSubtree):
2278         (WebCore::TimeInputType::forwardEvent):
2279         (WebCore::TimeInputType::disabledAttributeChanged):
2280         (WebCore::TimeInputType::handleKeydownEvent):
2281         (WebCore::TimeInputType::handleDOMActivateEvent):
2282         (WebCore::TimeInputType::isKeyboardFocusable):
2283         (WebCore::TimeInputType::isMouseFocusable):
2284         (WebCore::TimeInputType::minOrMaxAttributeChanged):
2285         (WebCore::TimeInputType::readonlyAttributeChanged):
2286         (WebCore::TimeInputType::isTextField):
2287         (WebCore::TimeInputType::setValue):
2288         (WebCore::TimeInputType::shouldUseInputMethod):
2289         (WebCore::TimeInputType::stepAttributeChanged):
2290         (WebCore::TimeInputType::updateEditElementLayout):
2291         (WebCore::TimeInputType::updateInnerTextValue):
2292         (WebCore::TimeInputType):
2293         * html/TimeInputType.h:
2294         (TimeInputType):
2295         (DateTimeEditControlOwnerImpl):
2296
2297 2012-08-14  Dean Jackson  <dino@apple.com>
2298
2299         Initial call to webkitRequestAnimationFrame returns 0, Spec indicates the handle should always be > 0
2300         https://bugs.webkit.org/show_bug.cgi?id=85819
2301
2302         Reviewed by James Robinson.
2303
2304         The callback id returned by requestAnimationFrame was beginning at zero, when the spec
2305         says it should be above one. Use a pre-increment rather than a post-increment.
2306
2307         Test: fast/animation/request-animation-frame-callback-id.html
2308
2309         * dom/ScriptedAnimationController.cpp:
2310         (WebCore::ScriptedAnimationController::registerCallback): Pre-increment rather than post-increment.
2311
2312 2012-08-14  Levi Weintraub  <leviw@chromium.org>
2313
2314         r125591 broke tests with SUBPIXEL_LAYOUT disabled
2315         https://bugs.webkit.org/show_bug.cgi?id=94027
2316
2317         Reviewed by Eric Seidel.
2318
2319         The previous patch to fix block preferred widths for subpixel layout broke ports
2320         without the flag enabled. This patch adds a static inline function --
2321         adjustFloatForSubPixelLayout -- that truncates with sub-pixel layout disabled, and
2322         ceil's to the nearest FractionalLayoutUnit when sub-pixel layout is enabled.
2323
2324         A block's max preferred width should be enough to layout the entire line without
2325         wrapping. r125591 addressed a bug whereby converting floats to LayoutUnits with sub-
2326         pixel layout enabled lost precision in certain cases, and could result in a line
2327         being layed out to slightly over the max preferred width of the block.
2328
2329         This patch reverts the behavior when sub-pixel layout is disabled to truncating
2330         sub-pixel values (such as those that originate in Length) when assigning them to
2331         LayoutUnits, and ceiling the length of the entire line to the next largest integer.
2332
2333         Covered by existing tests.
2334
2335         * rendering/RenderBlock.cpp:
2336         (WebCore):
2337         (WebCore::adjustFloatForSubPixelLayout):
2338         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
2339
2340 2012-08-14  Chris Evans  <cevans@google.com>
2341
2342         Handle the XPath / (root) operator correctly for nodes that aren't attached to the document.
2343         https://bugs.webkit.org/show_bug.cgi?id=36427
2344
2345         Reviewed by Abhishek Arya.
2346
2347         We now behave the same as Firefox 14.
2348         The consensus seems to be that the XPath spec is ambiguous for the case of detached nodes, and that using the fragment root is more intuitive than the document root for the case of detached nodes.
2349         For example, http://www.w3.org/TR/xpath/ section 2 "Location Paths" is only clear for attached nodes: "A / by itself selects the root node of the document containing the context node. If it is followed by a relative location path, then the location path selects the set of nodes that would be selected by the relative location path relative to the root node of the document containing the context node."
2350
2351         Test: fast/xpath/xpath-detached-nodes.html
2352
2353         * xml/XPathPath.cpp:
2354         (WebCore::XPath::LocationPath::evaluate): Jump to the root of the detached subtree instead of the parent document if the node isn't attached to the document.
2355
2356 2012-08-14  Alexandru Chiculita  <achicu@adobe.com>
2357
2358         [CSS Shaders][Chromium] Filters area applied twice when CustomFilterOperation is in the list
2359         https://bugs.webkit.org/show_bug.cgi?id=93900
2360
2361         Reviewed by James Robinson.
2362
2363         Whenever the platform cannot render a shader in hardware it will fallback to software. 
2364         In such cases, the platform should remove any old filters applied, so that the filters do not apply twice.
2365         
2366         Test: css3/filters/custom/filter-fallback-to-software.html
2367
2368         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
2369         (WebCore::GraphicsLayerChromium::setFilters):
2370
2371 2012-08-14  Alec Flett  <alecflett@chromium.org>
2372
2373         IndexedDB: add tracing to IDBLevelDBBackingStore
2374         https://bugs.webkit.org/show_bug.cgi?id=93914
2375
2376         Reviewed by Tony Chang.
2377
2378         Add a bunch of trace events to the lower level
2379         database layer, to separate database slowness
2380         from core IDB slowness.
2381
2382         Also moving findKeyInIndex into IDBLevelDBBackingStore to
2383         eventually make it const.
2384
2385         No new tests, just adding debug logging.
2386
2387         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2388         (WebCore::IDBLevelDBBackingStore::open):
2389         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2390         (WebCore::IDBLevelDBBackingStore::getObjectStores):
2391         (WebCore::IDBLevelDBBackingStore::createObjectStore):
2392         (WebCore::IDBLevelDBBackingStore::deleteObjectStore):
2393         (WebCore::IDBLevelDBBackingStore::getObjectStoreRecord):
2394         (WebCore):
2395         (WebCore::IDBLevelDBBackingStore::putObjectStoreRecord):
2396         (WebCore::IDBLevelDBBackingStore::clearObjectStore):
2397         (WebCore::IDBLevelDBBackingStore::deleteObjectStoreRecord):
2398         (WebCore::IDBLevelDBBackingStore::keyExistsInObjectStore):
2399         (WebCore::IDBLevelDBBackingStore::getIndexes):
2400         (WebCore::IDBLevelDBBackingStore::createIndex):
2401         (WebCore::IDBLevelDBBackingStore::deleteIndex):
2402         (WebCore::IDBLevelDBBackingStore::putIndexDataForRecord):
2403         (WebCore::IDBLevelDBBackingStore::findKeyInIndex):
2404         (WebCore::IDBLevelDBBackingStore::getPrimaryKeyViaIndex):
2405         (WebCore::IDBLevelDBBackingStore::keyExistsInIndex):
2406         (WebCore::IDBLevelDBBackingStore::openObjectStoreCursor):
2407         (WebCore::IDBLevelDBBackingStore::openIndexKeyCursor):
2408         (WebCore::IDBLevelDBBackingStore::openIndexCursor):
2409         (WebCore::IDBLevelDBBackingStore::Transaction::commit):
2410         (WebCore::IDBLevelDBBackingStore::Transaction::rollback):
2411         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2412         (IDBLevelDBBackingStore):
2413         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
2414         (WebCore):
2415         * Modules/indexeddb/IDBTransaction.cpp:
2416         (WebCore::IDBTransaction::onAbort):
2417         (WebCore::IDBTransaction::onComplete):
2418
2419 2012-08-14  Hayato Ito  <hayato@chromium.org>
2420
2421         Refactor EventDispatcher, moving code to make actual changes easier to review later.
2422         https://bugs.webkit.org/show_bug.cgi?id=93959
2423
2424         Reviewed by Dimitri Glazkov.
2425
2426         No new tests - no new functionality.
2427
2428         * dom/EventDispatcher.cpp:
2429         (WebCore::EventDispatcher::dispatchScopedEvent):
2430         (WebCore):
2431         (WebCore::EventDispatcher::dispatchSimulatedClick):
2432
2433 2012-08-14  Kihong Kwon  <kihong.kwon@samsung.com>
2434
2435         Clear pattern to prevent timing problem between cancelVibration and vibrate
2436         https://bugs.webkit.org/show_bug.cgi?id=93957
2437
2438         Reviewed by Kentaro Hara.
2439
2440         There is a timing issue in the cancelVibration.
2441         Since vibrate works based on timer, cancelVibration might be called
2442         eariler than vibrate when cancelVibration is called just after vibrate call.
2443         It can be prevented from clearing m_pattern in the cancelVibration.
2444
2445         * Modules/vibration/Vibration.cpp:
2446         (WebCore::Vibration::cancelVibration):
2447
2448 2012-08-14  Alexandru Chiculita  <achicu@adobe.com>
2449
2450         Layout Test css3/filters/custom/custom-filter-animation.html is failing
2451         https://bugs.webkit.org/show_bug.cgi?id=91769
2452
2453         Reviewed by Dean Jackson.
2454
2455         Mountain Lion added support for accelerated filter animations, but CSS Shaders are still
2456         rendered in software mode. The setFilters method is using PlatformCALayer::filtersCanBeComposited to check
2457         if the filters can be handled in hardwawre, so I've reused that in the createFilterAnimationsFromKeyframes
2458         to check if the animations can also run in hardware.
2459
2460         Also the GraphicsContext3D doesn't update its own internal m_boundFBO when a framebuffer is deleted,
2461         so I've added that to the FECustomFilter. Otherwise, if the next framebuffer is created using the same
2462         identifier, bindFramebuffer will just return without calling the glBindFramebuffer because of this optimization.
2463
2464         The documentation for glDeleteFramebuffer says that the bound framebuffer is unbound before deleting it.
2465         This is not reproduceable from WebGL, because WebGLRenderingContext::deleteFramebuffer
2466         already knows to unbind the framebuffer when needed. However, I'm also adding that in GraphicsContext3DOpenGLCommon.cpp
2467         and efl/GraphicsContext3DPrivate.cpp, to make sure that m_boundFBO is not used for other purposes.
2468
2469         No new tests, this patch fixes a failing test.
2470
2471         * platform/graphics/ca/GraphicsLayerCA.cpp:
2472         (WebCore::GraphicsLayerCA::createFilterAnimationsFromKeyframes):
2473         * platform/graphics/efl/GraphicsContext3DPrivate.cpp:
2474         (WebCore::GraphicsContext3DPrivate::deleteFramebuffer):
2475         * platform/graphics/filters/FECustomFilter.cpp:
2476         (WebCore::FECustomFilter::deleteRenderBuffers):
2477         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2478         (WebCore::GraphicsContext3D::deleteFramebuffer):
2479
2480 2012-08-14  Adam Barth  <abarth@webkit.org>
2481
2482         Delete Frame::domWindow() and Frame::existingDOMWindow()
2483         https://bugs.webkit.org/show_bug.cgi?id=93990
2484
2485         Reviewed by Eric Seidel.
2486
2487         These functions just call through to document()->domWindow(). This
2488         patch updates the callers so it's clearer what's going on.
2489
2490         * bindings/js/JSDOMBinding.cpp:
2491         (WebCore::shouldAllowAccessToFrame):
2492         (WebCore::printErrorMessageForFrame):
2493         * bindings/js/JSDocumentCustom.cpp:
2494         (WebCore::JSDocument::location):
2495         (WebCore::JSDocument::setLocation):
2496         * bindings/js/JSEventListener.cpp:
2497         (WebCore::JSEventListener::handleEvent):
2498         * bindings/js/ScriptCachedFrameData.cpp:
2499         (WebCore::ScriptCachedFrameData::restore):
2500         * bindings/js/ScriptController.cpp:
2501         (WebCore::ScriptController::createWindowShell):
2502         * bindings/objc/DOMAbstractView.mm:
2503         (core):
2504         * bindings/v8/NPV8Object.cpp:
2505         (WebCore::toV8Context):
2506         * bindings/v8/ScriptController.cpp:
2507         (WebCore::createScriptObject):
2508         (WebCore::ScriptController::createScriptObjectForPluginElement):
2509         * bindings/v8/V8DOMWindowShell.cpp:
2510         (WebCore::V8DOMWindowShell::initContextIfNeeded):
2511         * bindings/v8/V8IsolatedContext.cpp:
2512         (WebCore::V8IsolatedContext::V8IsolatedContext):
2513         * bindings/v8/V8Proxy.cpp:
2514         (WebCore::V8Proxy::retrieveFrame):
2515         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2516         (WebCore::V8DOMWindow::indexedPropertyGetter):
2517         (WebCore::V8DOMWindow::namedPropertyGetter):
2518         * bindings/v8/custom/V8DocumentLocationCustom.cpp:
2519         (WebCore::V8Document::locationAccessorGetter):
2520         (WebCore::V8Document::locationAccessorSetter):
2521         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
2522         (WebCore::V8HTMLDocument::GetNamedProperty):
2523         * bindings/v8/custom/V8HTMLFrameSetElementCustom.cpp:
2524         (WebCore::V8HTMLFrameSetElement::namedPropertyGetter):
2525         * dom/Document.cpp:
2526         (WebCore::printNavigationErrorMessage):
2527         * dom/ViewportArguments.cpp:
2528         (WebCore::reportViewportWarning):
2529         * editing/AlternativeTextController.cpp:
2530         (WebCore::AlternativeTextController::insertDictatedText):
2531         * editing/Editor.cpp:
2532         (WebCore::Editor::pasteAsPlainText):
2533         (WebCore::Editor::pasteAsFragment):
2534         (WebCore::Editor::setComposition):
2535         * history/PageCache.cpp:
2536         (WebCore::logCanCacheFrameDecision):
2537         (WebCore::PageCache::canCachePageContainingThisFrame):
2538         * html/HTMLFormElement.cpp:
2539         (WebCore::HTMLFormElement::validateInteractively):
2540         * html/HTMLFrameOwnerElement.cpp:
2541         (WebCore::HTMLFrameOwnerElement::contentWindow):
2542         * html/canvas/WebGLRenderingContext.cpp:
2543         (WebCore):
2544         (WebCore::WebGLRenderingContext::printWarningToConsole):
2545         * inspector/InspectorDOMStorageAgent.cpp:
2546         (WebCore::InspectorDOMStorageAgent::storageId):
2547         * loader/DocumentLoader.cpp:
2548         (WebCore::DocumentLoader::checkLoadComplete):
2549         * loader/DocumentWriter.cpp:
2550         (WebCore::DocumentWriter::begin):
2551         * loader/FrameLoader.cpp:
2552         (WebCore::FrameLoader::stopLoading):
2553         (WebCore::FrameLoader::didOpenURL):
2554         (WebCore::FrameLoader::checkIfDisplayInsecureContent):
2555         (WebCore::FrameLoader::checkIfRunInsecureContent):
2556         (WebCore::FrameLoader::reportLocalLoadFailed):
2557         (WebCore::FrameLoader::prepareForCachedPageRestore):
2558         (WebCore::FrameLoader::open):
2559         (WebCore::FrameLoader::fireBeforeUnloadEvent):
2560         * loader/MainResourceLoader.cpp:
2561         (WebCore::MainResourceLoader::didReceiveResponse):
2562         * loader/appcache/ApplicationCacheGroup.cpp:
2563         (WebCore::ApplicationCacheGroup::abort):
2564         (WebCore::ApplicationCacheGroup::didReceiveResponse):
2565         (WebCore::ApplicationCacheGroup::didFinishLoading):
2566         (WebCore::ApplicationCacheGroup::didFail):
2567         (WebCore::ApplicationCacheGroup::didReceiveManifestResponse):
2568         (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
2569         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
2570         * loader/cache/CachedResourceLoader.cpp:
2571         (WebCore::CachedResourceLoader::printAccessDeniedMessage):
2572         * page/DOMWindow.cpp:
2573         (WebCore::DOMWindow::isCurrentlyDisplayedInFrame):
2574         (WebCore::DOMWindow::self):
2575         (WebCore::DOMWindow::opener):
2576         (WebCore::DOMWindow::parent):
2577         (WebCore::DOMWindow::top):
2578         (WebCore::DOMWindow::createWindow):
2579         (WebCore::DOMWindow::open):
2580         * page/DOMWindowProperty.cpp:
2581         (WebCore::DOMWindowProperty::DOMWindowProperty):
2582         (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
2583         * page/DragController.cpp:
2584         (WebCore::DragController::dispatchTextInputEventFor):
2585         * page/EventHandler.cpp:
2586         (WebCore::EventHandler::handleTextInputEvent):
2587         * page/Frame.cpp:
2588         * page/Frame.h:
2589         (Frame):
2590         * page/Location.cpp:
2591         (WebCore::Location::replace):
2592         (WebCore::Location::reload):
2593         (WebCore::Location::setLocation):
2594         * storage/StorageEventDispatcher.cpp:
2595         (WebCore::StorageEventDispatcher::dispatch):
2596         * svg/SVGDocumentExtensions.cpp:
2597         (WebCore::reportMessage):
2598         * xml/XSLStyleSheetLibxslt.cpp:
2599         (WebCore::XSLStyleSheet::parseString):
2600         * xml/XSLTProcessorLibxslt.cpp:
2601         (WebCore::docLoaderFunc):
2602         * xml/XSLTProcessorQt.cpp:
2603         (WebCore::XSLTMessageHandler::handleMessage):
2604
2605 2012-08-14  Mike West  <mkwst@chromium.org>
2606
2607         Tighten up parsing the 'script-nonce' CSP directive value.
2608         https://bugs.webkit.org/show_bug.cgi?id=93783
2609
2610         Reviewed by Adam Barth.
2611
2612         Currently we're accepting any non-whitespace character. This patch
2613         limits the valid characters to VCHAR minus ',' and ';', and pulls the
2614         validity check out into a named function for clarity.
2615
2616         Test: http/tests/security/contentSecurityPolicy/1.1/scriptnonce-separators-allowed.html
2617
2618         * page/ContentSecurityPolicy.cpp:
2619         (WebCore::CSPDirectiveList::parseScriptNonce):
2620
2621 2012-08-14  Adam Barth  <abarth@webkit.org>
2622
2623         Delete DOMWindow::m_url
2624         https://bugs.webkit.org/show_bug.cgi?id=93989
2625
2626         Reviewed by Eric Seidel.
2627
2628         There's no reason for DOMWindow to keep a separate copy of the
2629         Document's URL now that there is a predictable way to get a Document
2630         from a DOMWindow.
2631
2632         * loader/DocumentWriter.cpp:
2633         (WebCore::DocumentWriter::begin):
2634         * loader/FrameLoader.cpp:
2635         (WebCore::FrameLoader::open):
2636         * page/DOMWindow.cpp:
2637         (WebCore::DOMWindow::crossDomainAccessErrorMessage):
2638         * page/DOMWindow.h:
2639         (DOMWindow):
2640
2641 2012-08-14  Nikhil Bhargava  <nbhargava@google.com>
2642
2643         De-inline stuff from RenderStyle.h
2644         https://bugs.webkit.org/show_bug.cgi?id=94019
2645
2646         Reviewed by Eric Seidel.
2647
2648         De-inline things from RenderStyle.h in preparation of fixing a series of
2649         errant includes.
2650
2651         No new tests. Doesn't change functionality
2652
2653         * WebCore.exp.in:
2654         * rendering/style/RenderStyle.cpp:
2655         (WebCore::RenderStyle::listStyleImage):
2656         (WebCore::RenderStyle::setListStyleImage):
2657         (WebCore):
2658         (WebCore::RenderStyle::color):
2659         (WebCore::RenderStyle::visitedLinkColor):
2660         (WebCore::RenderStyle::setColor):
2661         (WebCore::RenderStyle::setVisitedLinkColor):
2662         (WebCore::RenderStyle::horizontalBorderSpacing):
2663         (WebCore::RenderStyle::verticalBorderSpacing):
2664         (WebCore::RenderStyle::setHorizontalBorderSpacing):
2665         (WebCore::RenderStyle::setVerticalBorderSpacing):
2666         (WebCore::RenderStyle::font):
2667         (WebCore::RenderStyle::fontMetrics):
2668         (WebCore::RenderStyle::fontDescription):
2669         (WebCore::RenderStyle::fontSize):
2670         (WebCore::RenderStyle::wordSpacing):
2671         (WebCore::RenderStyle::letterSpacing):
2672         (WebCore::RenderStyle::setFontDescription):
2673         (WebCore::RenderStyle::lineHeight):
2674         (WebCore::RenderStyle::setLineHeight):
2675         (WebCore::RenderStyle::computedLineHeight):
2676         (WebCore::RenderStyle::setWordSpacing):
2677         (WebCore::RenderStyle::setLetterSpacing):
2678         * rendering/style/RenderStyle.h:
2679
2680 2012-08-14  Andrei Onea  <onea@adobe.com>
2681
2682         [CSSRegions]Region overset property is incorectly computed when content has negative letter spacing and is flowed near to the edge of a region
2683         https://bugs.webkit.org/show_bug.cgi?id=92506
2684
2685         Reviewed by Eric Seidel.
2686
2687         When the content which is flowed inside a region creates visual overflow in
2688         the writing direction, the overflow rect is also extended in the other direction, and
2689         that forces regionOverset to become "fit" for all regions.
2690
2691         Tests: fast/regions/element-region-overset-state-negative-letter-spacing.html
2692                fast/regions/element-region-overset-state-vertical-rl-negative-letter-spacing.html
2693
2694         * rendering/RenderFlowThread.cpp:
2695         (WebCore::RenderFlowThread::computeOverflowStateForRegions):
2696
2697 2012-08-14  Florin Malita  <fmalita@chromium.org>
2698
2699         beginElement() does not observe updated animation attributes
2700         https://bugs.webkit.org/show_bug.cgi?id=93972
2701
2702         Reviewed by Dirk Schulze.
2703
2704         The SVG animation attributes 'from', 'to' and 'by' should be registered as supported
2705         SVGSMILElement attributes in order to trigger animationAttributeChanged() on dynamic
2706         updates.
2707
2708         Test: svg/animations/updated-attributes.html
2709
2710         * svg/SVGAnimationElement.cpp:
2711         (WebCore::SVGAnimationElement::updateAnimation):
2712         Minor optimization - avoid recalculating animationMode().
2713
2714         * svg/animation/SVGSMILElement.cpp:
2715         (WebCore::SVGSMILElement::isSupportedAttribute):
2716         Register 'from', 'to' and 'by' as supported SVGSMILElement attributes.
2717
2718 2012-08-14  Filip Spacek  <fspacek@rim.com>
2719
2720         [BlackBerry] Don't crash on OOM in AC
2721         https://bugs.webkit.org/show_bug.cgi?id=93999
2722
2723         Reviewed by George Staikos.
2724
2725         Internally reviewed by George Staikos.
2726
2727         Fail gracefully in case we fail to allocate the bitmap
2728         for the AC layer contents.
2729
2730         * platform/graphics/blackberry/InstrumentedPlatformCanvas.h:
2731         (WebCore::InstrumentedPlatformCanvas::InstrumentedPlatformCanvas):
2732         * platform/graphics/blackberry/LayerWebKitThread.cpp:
2733         (WebCore::LayerWebKitThread::paintContents):
2734
2735 2012-08-14  Lauro Neto  <lauro.neto@openbossa.org>
2736
2737         Convert signals/slots to Q_* macros.
2738
2739         [Qt] Use Q_SLOTS and Q_SIGNALS instead of slots and signals
2740         https://bugs.webkit.org/show_bug.cgi?id=93996
2741
2742         Reviewed by Kenneth Rohde Christiansen.
2743
2744         Change usage of keyword-conflicting 'signals' and 'slots' for
2745         Q_SIGNALS and Q_SLOTS macro.
2746
2747         * bridge/testqtbindings.cpp:
2748         (MyObject):
2749         * platform/graphics/gstreamer/PlatformVideoWindowPrivate.h:
2750         * platform/graphics/qt/MediaPlayerPrivateQt.h:
2751         (MediaPlayerPrivateQt):
2752         * platform/network/qt/DnsPrefetchHelper.h:
2753         (DnsPrefetchHelper):
2754         * platform/network/qt/NetworkStateNotifierPrivate.h:
2755         (NetworkStateNotifierPrivate):
2756         * platform/network/qt/QNetworkReplyHandler.h:
2757         (QNetworkReplyHandler):
2758         * platform/network/qt/QtMIMETypeSniffer.h:
2759         (QtMIMETypeSniffer):
2760         * platform/network/qt/SocketStreamHandlePrivate.h:
2761         (SocketStreamHandlePrivate):
2762         * platform/qt/GamepadsQt.cpp:
2763         (GamepadDeviceLinuxQt):
2764         (GamepadsQt):
2765         * platform/qt/SharedTimerQt.cpp:
2766         (SharedTimerQt):
2767
2768 2012-08-14  Andrei Onea  <onea@adobe.com>
2769
2770         [CSSRegions]regionOverset is computed as "overset" even though the region is not the last in the chain
2771         https://bugs.webkit.org/show_bug.cgi?id=93102
2772
2773         Reviewed by Eric Seidel.
2774
2775         Making Element.webkitRegionOverset return "overset" only for the last region in a region chain, 
2776         if the content cannot fit inside it, to reflect current spec. http://www.w3.org/TR/css3-regions/#dom-region-regionoverset
2777
2778         * rendering/RenderFlowThread.cpp:
2779         (WebCore::RenderFlowThread::computeOverflowStateForRegions):
2780
2781 2012-08-14  Jan Keromnes  <janx@linux.com>
2782
2783         Web Inspector: Render breakpoint gutter markers and execution line in CodeMirrorTextEditor
2784         https://bugs.webkit.org/show_bug.cgi?id=93686
2785
2786         Reviewed by Pavel Feldman.
2787
2788         Divided TextEditor.addDecoration into addBreakpoint, setExecutionLine
2789         and addDecoration. Same for removeDecoration. Render breakpoint
2790         markers and execution line in CodeMirrorTextEditor.
2791
2792         * inspector/front-end/CodeMirrorTextEditor.js:
2793         (WebInspector.CodeMirrorTextEditor):
2794         (WebInspector.CodeMirrorTextEditor.prototype._onGutterClick):
2795         (WebInspector.CodeMirrorTextEditor.prototype.addBreakpoint):
2796         (WebInspector.CodeMirrorTextEditor.prototype.removeBreakpoint):
2797         (WebInspector.CodeMirrorTextEditor.prototype.setExecutionLine):
2798         (WebInspector.CodeMirrorTextEditor.prototype.clearExecutionLine):
2799         (WebInspector.CodeMirrorTextEditor.prototype.addDecoration):
2800         (WebInspector.CodeMirrorTextEditor.prototype.removeDecoration):
2801         (WebInspector.CodeMirrorTextEditor.prototype.highlightLine):
2802         (WebInspector.CodeMirrorTextEditor.prototype.clearLineHighlight):
2803         (WebInspector.CodeMirrorTextEditor.prototype.removeAttribute):
2804         * inspector/front-end/DefaultTextEditor.js:
2805         (WebInspector.DefaultTextEditor.prototype._onMouseDown):
2806         (WebInspector.DefaultTextEditor.prototype.addBreakpoint):
2807         (WebInspector.DefaultTextEditor.prototype.removeBreakpoint):
2808         (WebInspector.DefaultTextEditor.prototype.setExecutionLine):
2809         (WebInspector.DefaultTextEditor.prototype.clearExecutionLine):
2810         (WebInspector.DefaultTextEditor.prototype.addDecoration):
2811         (WebInspector.DefaultTextEditor.prototype.removeDecoration):
2812         * inspector/front-end/JavaScriptSourceFrame.js:
2813         (WebInspector.JavaScriptSourceFrame):
2814         (WebInspector.JavaScriptSourceFrame.prototype._addBreakpointDecoration):
2815         (WebInspector.JavaScriptSourceFrame.prototype._removeBreakpointDecoration):
2816         (WebInspector.JavaScriptSourceFrame.prototype.setExecutionLine):
2817         (WebInspector.JavaScriptSourceFrame.prototype.clearExecutionLine):
2818         (WebInspector.JavaScriptSourceFrame.prototype._handleGutterClick):
2819         * inspector/front-end/TextEditor.js:
2820         (WebInspector.TextEditor.prototype.addBreakpoint):
2821         (WebInspector.TextEditor.prototype.removeBreakpoint):
2822         (WebInspector.TextEditor.prototype.setExecutionLine):
2823         (WebInspector.TextEditor.prototype.clearExecutionLine):
2824         (WebInspector.TextEditor.prototype.addDecoration):
2825         (WebInspector.TextEditor.prototype.removeDecoration):
2826         * inspector/front-end/cmdevtools.css:
2827         (.CodeMirror):
2828         (.cm-highlight):
2829         (@-webkit-keyframes fadeout):
2830         (to):
2831         (.cm-breakpoint):
2832         (.cm-breakpoint-disabled):
2833         (.cm-breakpoint-conditional):
2834         (.cm-execution-line):
2835         (.webkit-html-message-bubble):
2836         (.webkit-html-warning-message):
2837         (.webkit-html-error-message):
2838         (.webkit-html-message-line):
2839         (.webkit-html-message-line-hover):
2840
2841 2012-08-13  Adrienne Walker  <enne@google.com>
2842
2843         REGRESSION (r109851): Video controls do not render
2844         https://bugs.webkit.org/show_bug.cgi?id=93859
2845
2846         Reviewed by Simon Fraser.
2847
2848         Because video layers can't act as an ancestor composited layer whose
2849         backing can be shared by child layers, any child layer of a video
2850         layer needs to be put into its own composited layer. Because this is
2851         technically overlap, the "overlap" indirect compositing reason is
2852         reused for this case.
2853
2854         Test: compositing/video/video-controls-layer-creation.html
2855
2856         * rendering/RenderLayerCompositor.cpp:
2857         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
2858
2859 2012-08-14  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
2860
2861         WebKitTestRunner needs layoutTestController.dumpResourceLoadCallbacks
2862         https://bugs.webkit.org/show_bug.cgi?id=42332
2863
2864         Reviewed by Kenneth Rohde Christiansen.
2865
2866         Provide build for mac.
2867
2868         * WebCore.exp.in: Added __ZNK7WebCore19ResourceRequestBase20firstPartyForCookiesEv.
2869
2870 2012-08-14  Adam Barth  <abarth@webkit.org>
2871
2872         DOMWindow::document() should not reach through Frame
2873         https://bugs.webkit.org/show_bug.cgi?id=27640
2874
2875         Reviewed by Eric Seidel.
2876
2877         Originally, the lifetime of DOMWindow was similar to that of Frame in
2878         that it was reused for each document that was displayed in the Frame.
2879         To fix some tricky security issues, all modern browsers use a "split
2880         window" architecture whereby the DOMWindow is not reused by each
2881         Document in a Frame. Instead a JavaScript "window shell" object
2882         redirects JavaScript references to the active Document's DOMWindow.
2883
2884         When we implemented split windows, we left DOMWindow attached to the
2885         Frame and attempted to keep it in sync with the Document via a lot of
2886         delicate code. One of the main problems with this approach is that
2887         finding the DOMWindow associated with a Document or the Document
2888         associated with a DOMWindow required traversing through the Frame.
2889         Because there is a many-to-one relationship between both Documents and
2890         Frames (as well as DOMWindows and Frames), this traversal is error
2891         prone and not always available (e.g., for inactive documents).
2892
2893         This patch moves the "owning" reference for DOMWindow to Document so
2894         that we can directly traverse from Document to DOMWindow. For
2895         traversing from DOMWindow to Document, each DOMWindow keeps a Document
2896         pointer via a ContextDestructionObserver base class.
2897
2898         The main sublties in this patch are related to situations in which
2899         there isn't precisely a one-to-one relationship between Documents and
2900         DOMWindows. Previously, these situations were handled implicitly by the
2901         "flex and slop" of having separate Document and DOMWindow pointers in
2902         Frame. In this patch, these sublties are made explicit via
2903         Document::takeDOMWindowFrom, which explicitly transfers the DOMWindow
2904         (as well as ASSERTs that all the relevant objects exist in a sensible
2905         constellation).
2906
2907         * WebCore.exp.in:
2908             - These functions are no longer exported because they're inline.
2909         * bindings/js/ScriptController.cpp:
2910         (WebCore::ScriptController::clearWindowShell):
2911         * bindings/js/ScriptController.h:
2912         (ScriptController):
2913             - clearWindowShell now explicitly takes the new DOMWindow that will
2914               be pointed to by the WindowShell. Previously, clearWindowShell
2915               would implicitly create the new DOMWindow by accessing
2916               Frame::domWindow (which used to lazily create the DOMWindow).
2917         * bindings/v8/BindingState.cpp:
2918         (WebCore::currentDocument):
2919         * bindings/v8/BindingState.h:
2920         (WebCore):
2921             - currentDocument provides a directly path from the current
2922               v8::Context to the Document (by way of DOMWindow). Previously,
2923               code transited via the Frame using currentFrame.
2924         * bindings/v8/ScriptController.cpp:
2925         (WebCore::ScriptController::clearWindowShell):
2926         * bindings/v8/ScriptController.h:
2927         (ScriptController):
2928             - Mirror JSC changes to clearWindowShell.
2929         * bindings/v8/V8Utilities.cpp:
2930         (WebCore::getScriptExecutionContext):
2931             - Update getScriptExecutionContext to transit directly from the
2932               DOMWindow to the Document rather than detouring via the Frame.
2933         * dom/ContextDestructionObserver.cpp:
2934         (WebCore::ContextDestructionObserver::ContextDestructionObserver):
2935         (WebCore::ContextDestructionObserver::~ContextDestructionObserver):
2936         (WebCore):
2937         (WebCore::ContextDestructionObserver::observeContext):
2938         * dom/ContextDestructionObserver.h:
2939         (ContextDestructionObserver):
2940             - When we transfer a DOMWindow from one Document to another, we
2941               need to update the Document pointer in the DOMWindow to point to
2942               the new Document. The DOMWindow holds the Document pointer via
2943               ContextDestructionObserver, so this patch teaches
2944               ContextDestructionObserver how to change which
2945               ScriptExecutionContext it is observing. This code mirrors similar
2946               code in FrameDestructionObserver.
2947         * dom/Document.cpp:
2948         (WebCore::Document::~Document):
2949         (WebCore::Document::detach):
2950         (WebCore::Document::createDOMWindow):
2951             - createDOMWindow now explicitly creates the DOMWindow. Previously,
2952               we created the DOMWindow implicitly in Frame::domWindow when it
2953               was first accessed.
2954         (WebCore::Document::takeDOMWindowFrom):
2955             - takeDOMWindowFrom explicitly transfers the DOMWindow from one
2956               Document to another. The main benefit of this function is the
2957               ASSERTs that ensure that the Document, DOMWindow, and Frame all
2958               point to each other the correct configuration.
2959         (WebCore::Document::didUpdateSecurityOrigin):
2960             - We no longer need to keep the SecurityOrigin pointer in DOMWindow
2961               in sync with the Document because DOMWindow no longer has a
2962               SecurityOrigin object.
2963         * dom/Document.h:
2964         (Document):
2965         (WebCore::Document::domWindow):
2966         * history/CachedFrame.cpp:
2967         (WebCore::CachedFrame::CachedFrame):
2968         (WebCore::CachedFrame::destroy):
2969         * history/CachedFrame.h:
2970         (CachedFrameBase):
2971             - Previously, CachedFrame held the Document and the DOMWindow with
2972               separate pointers. Now, the CachedFrame holds the DOMWnidow via
2973               the Document, which makes adding and removing Documents from the
2974               PageCache simpler because we don't need to keep the Frame's
2975               DOMWindow pointer synchronized.
2976         * loader/DocumentWriter.cpp:
2977         (WebCore::DocumentWriter::begin):
2978             - begin now explicitly creates the DOMWindow and transfers
2979               DOMWindow when performing a "secure transition." Previously, both
2980               of these processes were handled implicitly: the DOMWindow was
2981               created implicitly by Frame::domWindow, and the DOMWindow was
2982               reused during navigation by not clearing Frame::m_domWindow.
2983         * loader/FrameLoader.cpp:
2984         (WebCore::FrameLoader::cancelAndClear):
2985         (WebCore::FrameLoader::clear):
2986             - These functions now pass the new Document so that we have access
2987               to the new DOMWindow in clearDOMWindowShell.
2988         (WebCore::FrameLoader::setOpener):
2989             - We no longer need to keep the DOMWindow's SecurityOrigin in sync
2990               with the Document's SecurityOrigin because DOMWindow no longer
2991               has a duplicate SecurityOrigin pointer.
2992         (WebCore::FrameLoader::open):
2993             - We no longer need to keep the Frame::m_domWindow in sync with the
2994               Document because the Document carries its own DOMWindow.
2995         * loader/FrameLoader.h:
2996         (FrameLoader):
2997         * page/DOMWindow.cpp:
2998         (WebCore::DOMWindow::DOMWindow):
2999             - DOMWindow now uses Document as its primary context object. In a
3000               future patch, we should remove the FrameDestructionObserver base
3001               class and instead access the frame via DOMWindow::document().
3002         (WebCore::DOMWindow::didSecureTransitionTo):
3003             - Notify the DOMWindow that it is now associated with a new
3004               Document.
3005         (WebCore::DOMWindow::scriptExecutionContext):
3006         (WebCore::DOMWindow::document):
3007         (WebCore::DOMWindow::securityOrigin):
3008             - These functions now retrieve the Document directly rather than
3009               transiting via the Frame.
3010         * page/DOMWindow.h:
3011         (WebCore::DOMWindow::create):
3012         (DOMWindow):
3013         * page/Frame.cpp:
3014         (WebCore::Frame::setDocument):
3015             - Add more ASSERTs that the Document and its DOMWindow are properly
3016               wired up to this Frame.
3017         (WebCore::Frame::domWindow):
3018             - Rather than lazily creating the DOMWindow, this function now just
3019               accesses the already-created DOMWindow on Document. Eventually,
3020               all callers should retreive the DOMWindow from the Document
3021               directly.
3022         * page/Frame.h:
3023         (WebCore::Frame::existingDOMWindow):
3024             - The DOMWindow always exists, so there is no distinction between
3025               domWindow() and existingDOMWindow().
3026         * xml/XMLHttpRequest.cpp:
3027         (WebCore::XMLHttpRequest::open):
3028             - Previously, open would exit early if it was unable to find its
3029               ScriptExecutionContext (e.g., if the ScriptExecutionContext was
3030               inactive). Now we can always locate the ScriptExecutionContext
3031               and so we need to test whether the ScriptExecutionContext is
3032               still attached to the Page before accessing Settings. Tests
3033               verify that the platform-visible behaviors of XMLHttpRequest are
3034               unchanged, even for XMLHttpRequest constructors associated with
3035               inactive Documents.
3036         * xml/XSLTProcessor.cpp:
3037         (WebCore::XSLTProcessor::createDocumentFromSource):
3038             - Make it explicit that XSLT re-uses the DOMWindow from the source
3039               Document in the transformed Document.
3040
3041 2012-08-14  Levi Weintraub  <leviw@chromium.org>
3042
3043         Accumulating LayoutUnits with floats for determining block preferred width can lead to wrapping
3044         https://bugs.webkit.org/show_bug.cgi?id=93513
3045
3046         Reviewed by Eric Seidel.
3047
3048         Sub-pixel values from floats are subject to small losses in precision when accumulated with
3049         floating point values, as we do in RenderBlock. This patch adds a new method to FractionalLayoutUnit --
3050         ceilToFloat -- which guarantees us a floating point value at least as big as our original LayoutUnit
3051         value, and uses it along with ceiledLayoutUnit to avoid underprovisioning RenderBlock's preferred
3052         widths due to lost precision.
3053
3054         Test: fast/sub-pixel/block-preferred-widths-with-sub-pixel-floats.html
3055
3056         * platform/FractionalLayoutUnit.h:
3057         (WebCore::FractionalLayoutUnit::ceilToFloat): Returns a float value the same or larger than the
3058         FractionalLayoutUnit value.
3059         (FractionalLayoutUnit):
3060         (WebCore::FractionalLayoutUnit::epsilon): Now returns 0 when sub-pixel is disabled.
3061         * rendering/RenderBlock.cpp:
3062         (WebCore::RenderBlock::computeLogicalLocationForFloat): Adding a LayoutUnit::epsilon fudge factor
3063         for fitting floats. This is probably necessary due to precision being lost elsewhere.
3064         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths): Ensure no precision is lost due to conversion
3065         when accumulating our min/max width with floats.
3066
3067 2012-08-14  Jer Noble  <jer.noble@apple.com>
3068
3069         Fullscreen/normal volume sliders don't stay in sync
3070         https://bugs.webkit.org/show_bug.cgi?id=93867
3071
3072         Reviewed by Eric Carlson.
3073
3074         Change the full screen volume slider, if present, when the media element's volume
3075         changes.
3076
3077         Test: media/video-controls-fullscreen-volume.html
3078
3079         * html/shadow/MediaControlRootElement.cpp:
3080         (WebCore::MediaControlRootElement::changedVolume):
3081
3082 2012-08-14  Olivier Blin  <olivier.blin@softathome.com>
3083
3084         Remove unused yyparse method in CSSParser
3085         https://bugs.webkit.org/show_bug.cgi?id=93986
3086
3087         Reviewed by Darin Adler.
3088
3089         This method is unused and not even declared.
3090
3091         No new tests, it just removes unused code.
3092
3093         * css/CSSParser.h:
3094
3095 2012-08-14  Zan Dobersek  <zandobersek@gmail.com>
3096
3097         [Gtk] Include all files guarded by ENABLE_* guards in Source/WebCore/GNUmakefile.list.am into the build
3098         https://bugs.webkit.org/show_bug.cgi?id=90696
3099
3100         Reviewed by Philippe Normand.
3101
3102         Include all files in the Autotools build that are currently guarded by ENABLE_* guards in
3103         the WebCore GNUmakefile.list.am, regardless of the feature being enabled. Compilation should
3104         rely on proper use of guards inside source files and preprocessor work to keep the disabled
3105         features out.
3106
3107         The only exception left is the ENABLE_WEBGL guard that includes the ANGLE into compilation
3108         only if WebGL feature is enabled.
3109
3110         No new tests - no new functionality.
3111
3112         * GNUmakefile.am:
3113         * GNUmakefile.list.am:
3114         * bindings/gobject/GNUmakefile.am: Add StorageInfo to the DOM bindings, despite
3115         the feature being currently disabled.
3116
3117 2012-08-14  Gregg Tavares  <gman@google.com>
3118
3119         Plumb through EXT_debug_marker entry points
3120         https://bugs.webkit.org/show_bug.cgi?id=93860
3121
3122         Reviewed by Kenneth Russell.
3123
3124         insertEventMarkerEXT, pushGroupMarkerEXT, popGroupMarkerEXT,
3125         are all entry points exposed by the OpenGL ES
3126         EXT_debug_marker extension
3127
3128         No new tests as no new functionality exposed to web.
3129
3130         * html/canvas/WebGLRenderingContext.cpp:
3131         (WebCore):
3132         (WebCore::WebGLRenderingContext::create):
3133         * platform/chromium/support/Extensions3DChromium.cpp:
3134         (WebCore::Extensions3DChromium::insertEventMarkerEXT):
3135         (WebCore):
3136         (WebCore::Extensions3DChromium::pushGroupMarkerEXT):
3137         (WebCore::Extensions3DChromium::popGroupMarkerEXT):
3138         * platform/graphics/Extensions3D.h:
3139         (Extensions3D):
3140         * platform/graphics/chromium/Extensions3DChromium.h:
3141         (Extensions3DChromium):
3142         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
3143         (WebCore::Extensions3DOpenGL::insertEventMarkerEXT):
3144         (WebCore):
3145         (WebCore::Extensions3DOpenGL::pushGroupMarkerEXT):
3146         (WebCore::Extensions3DOpenGL::popGroupMarkerEXT):
3147         * platform/graphics/opengl/Extensions3DOpenGL.h:
3148         (Extensions3DOpenGL):
3149         * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
3150         (WebCore::Extensions3DOpenGLES::insertEventMarkerEXT):
3151         (WebCore):
3152         (WebCore::Extensions3DOpenGLES::pushGroupMarkerEXT):
3153         (WebCore::Extensions3DOpenGLES::popGroupMarkerEXT):
3154         * platform/graphics/opengl/Extensions3DOpenGLES.h:
3155         (Extensions3DOpenGLES):
3156
3157 2012-06-24  Robert Hogan  <robert@webkit.org>
3158
3159         CSS 2.1 failure: Word-spacing affects each space and non-breaking space
3160         https://bugs.webkit.org/show_bug.cgi?id=89826
3161
3162         Reviewed by Eric Seidel.
3163
3164         Add word spacing to consecutive spaces in a run per http://www.w3.org/TR/CSS21/text.html#spacing-props.
3165
3166         Test: fast/css/word-spacing-characters.html
3167               fast/css/word-spacing-characters-complex-text.html
3168               fast/css/word-spacing-characters-linebreak.html
3169               css2.1/20110323/word-spacing-characters-002.htm
3170               css2.1/20110323/word-spacing-characters-003.htm
3171               css2.1/20110323/word-spacing-remove-space-001.htm
3172               css2.1/20110323/word-spacing-remove-space-002.htm
3173               css2.1/20110323/word-spacing-remove-space-003.htm
3174               css2.1/20110323/word-spacing-remove-space-004.htm
3175               css2.1/20110323/word-spacing-remove-space-005.htm
3176               css2.1/20110323/word-spacing-remove-space-006.htm
3177               css2.1/20110323/c541-word-sp-001.htm
3178               css2.1/20110323/c541-word-sp-000.htm
3179
3180         * platform/graphics/WidthIterator.cpp:
3181         (WebCore::WidthIterator::advance): All spaces (ordinary space or &nbsp;) get word-spacing added, even
3182           if they are consecutive.
3183         * platform/graphics/harfbuzz/HarfBuzzShaperBase.cpp:
3184         (WebCore::HarfBuzzShaperBase::isWordEnd): ditto, but for the complex text case on Chromium. Had to use
3185           m_run rather than m_normalizedBuffer here as m_normalizedBuffer turns tabs into spaces! Unlike the simple
3186           text path, '\n' gets word-spacing - I observed this from fast/text/atsui-spacing-features.html but can't
3187           find it specified anywhere.
3188         * platform/graphics/harfbuzz/HarfBuzzShaperBase.h:
3189         (WebCore::HarfBuzzShaperBase::isCodepointSpace):
3190         * rendering/RenderBlockLineLayout.cpp:
3191         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Tested by word-spacing-linebreak.html
3192
3193 2012-08-14  Antoine Labour  <piman@chromium.org>
3194
3195         [chromium] race between CCLayerTreeHostImpl::releaseContentsTextures and CCThreadProxy::beginFrameCompleteOnImplThread
3196         https://bugs.webkit.org/show_bug.cgi?id=93684
3197
3198         Reviewed by James Robinson.
3199
3200         This keeps track of whether we're between the beginFrame post and the
3201         commit when releaseContentsTextures comes, and if that is the case, we
3202         prune the texture uploads, keep the "textures purged" flag on and kick a
3203         new commit.
3204
3205         Added CCLayerTreeHostTestEvictTextures test.
3206
3207         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3208         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
3209         (WebCore::CCLayerTreeHostImpl::beginFramePosted):
3210         (WebCore):
3211         (WebCore::CCLayerTreeHostImpl::commitComplete):
3212         (WebCore::CCLayerTreeHostImpl::canDraw):
3213         (WebCore::CCLayerTreeHostImpl::releaseContentsTextures):
3214         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
3215         (CCLayerTreeHostImpl):
3216         (WebCore::CCLayerTreeHostImpl::contentsTexturesPurged):
3217         (WebCore::CCLayerTreeHostImpl::contentsTexturesWerePurgedSinceLastBeginFrame):
3218         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
3219         (WebCore::CCSingleThreadProxy::stop):
3220         (WebCore::CCSingleThreadProxy::commitAndComposite):
3221         * platform/graphics/chromium/cc/CCTextureUpdateController.h:
3222         (CCTextureUpdateController):
3223         * platform/graphics/chromium/cc/CCTextureUpdateQueue.cpp:
3224         (WebCore::CCTextureUpdateQueue::clearUploads):
3225         (WebCore):
3226         * platform/graphics/chromium/cc/CCTextureUpdateQueue.h:
3227         (CCTextureUpdateQueue):
3228         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
3229         (WebCore::CCThreadProxy::scheduledActionBeginFrame):
3230         (WebCore::CCThreadProxy::beginFrameCompleteOnImplThread):
3231         (WebCore::CCThreadProxy::layerTreeHostClosedOnImplThread):
3232
3233 2012-08-14  Yong Li  <yoli@rim.com>
3234
3235         [BlackBerry] Pass URL String's 8-bit buffer directly to platform layer when possible
3236         https://bugs.webkit.org/show_bug.cgi?id=93861
3237
3238         Reviewed by Rob Buis.
3239
3240         PR# 187605.
3241         URL strings and HTTP header strings usually use 8-bit buffers internally. We can
3242         just pass the buffers to platform calls when only Latin1 strings are needed.
3243
3244         * platform/blackberry/ReadOnlyLatin1String.h: Added.
3245         (WebCore):
3246         (ReadOnlyLatin1String): A utility class that uses either WTF::CString or WTF::String's 8-bit buffer.
3247         (WebCore::ReadOnlyLatin1String::ReadOnlyLatin1String): Can only be constructed with WTF::String for now.
3248         (WebCore::ReadOnlyLatin1String::data):
3249         (WebCore::ReadOnlyLatin1String::length):
3250         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
3251         (WebCore::ResourceRequest::initializePlatformRequest):
3252         * platform/network/blackberry/SocketStreamHandleBlackBerry.cpp:
3253         (WebCore::SocketStreamHandle::SocketStreamHandle):
3254
3255 2012-08-14  Christophe Dumez  <christophe.dumez@intel.com>
3256
3257         Fix  LayoutTests/canvas/philip/tests/2d.text.draw.space.collapse.nonspace.html
3258         https://bugs.webkit.org/show_bug.cgi?id=92974
3259
3260         Reviewed by Kenneth Rohde Christiansen.
3261
3262         Replace space characters by U+0020 SPACE characters in
3263         CanvasRenderingContext2D::drawTextInternal() in order to
3264         comply with the HTML Canvas 2D Context specification:
3265         - http://www.w3.org/TR/2dcontext/#drawing-text-to-the-canvas
3266
3267         No new tests, already tested by canvas/philip/tests/2d.text.draw.space.collapse.nonspace.html.
3268
3269         * html/canvas/CanvasRenderingContext2D.cpp:
3270         (WebCore::replaceCharacterInString):
3271         (WebCore):
3272         (WebCore::CanvasRenderingContext2D::drawTextInternal):
3273
3274 2012-08-14  George Staikos  <staikos@webkit.org>
3275
3276         [BlackBerry] Avoid assertion failure in App Cache.
3277         https://bugs.webkit.org/show_bug.cgi?id=93926
3278
3279         Reviewed by Rob Buis.
3280
3281         Short-circuit data url decoding if we know it's not a data URL to
3282         avoid an assertion failure in debug mode.  No functional change.
3283
3284         No new tests since this is just a debug mode assertion failure.
3285
3286         * loader/appcache/ApplicationCacheGroup.cpp:
3287         (WebCore::ApplicationCacheGroup::createResourceHandle):
3288
3289 2012-08-14  Thiago Marcos P. Santos  <thiago.santos@intel.com>
3290
3291         [EFL] Do not warn when the default theme is not found
3292         https://bugs.webkit.org/show_bug.cgi?id=93968
3293
3294         Reviewed by Kenneth Rohde Christiansen.
3295
3296         Even if you are using a custom theme, we always try to load first the
3297         theme at the default path (that may or may not exist). In the case it
3298         doesn't exist and you have a custom theme, we were always getting a
3299         misleading error message.
3300
3301         * platform/efl/RenderThemeEfl.cpp:
3302         (WebCore::RenderThemeEfl::createEdje):
3303
3304 2012-08-14  Joshua Bell  <jsbell@chromium.org>
3305
3306         IndexedDB: Pass cursor continue results back in callback
3307         https://bugs.webkit.org/show_bug.cgi?id=92278
3308
3309         Reviewed by Tony Chang.
3310
3311         Supply the updated cursor key/primaryKey/value in the success callback,
3312         rather than forcing the callee to make three calls into the back end to
3313         fetch them. Callbacks onSuccess(cursor) and onSuccessWithContinuation()
3314         are given the three new payload parameters (and the latter is renamed.)
3315
3316         No new tests - no behavioral changes.
3317
3318         * Modules/indexeddb/IDBCallbacks.h: Updated callbacks.
3319         (IDBCallbacks):
3320         * Modules/indexeddb/IDBCursor.cpp:
3321         (WebCore::IDBCursor::setValueReady): Takes values rather than fetching them.
3322         * Modules/indexeddb/IDBCursor.h:
3323         (IDBCursor):
3324         * Modules/indexeddb/IDBCursorBackendImpl.cpp: Delete accessors.
3325         (WebCore::IDBCursorBackendImpl::advanceInternal): Pass along updated cursor state.
3326         (WebCore::IDBCursorBackendImpl::continueFunctionInternal): Ditto.
3327         * Modules/indexeddb/IDBCursorBackendImpl.h:
3328         (IDBCursorBackendImpl): Delete accessors from interface...
3329         (WebCore::IDBCursorBackendImpl::key): ...but keep them for use within back-end.
3330         (WebCore::IDBCursorBackendImpl::primaryKey):
3331         (WebCore::IDBCursorBackendImpl::value):
3332         * Modules/indexeddb/IDBCursorBackendInterface.h: Delete accessors.
3333         * Modules/indexeddb/IDBIndexBackendImpl.cpp:
3334         (WebCore::IDBIndexBackendImpl::openCursorInternal): Pass along new cursor state.
3335         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
3336         (WebCore::IDBObjectStoreBackendImpl::openCursorInternal): Ditto.
3337         * Modules/indexeddb/IDBRequest.cpp:
3338         (WebCore::IDBRequest::setResultCursor): Stash updated cursor state until dispatch.
3339         (WebCore::IDBRequest::onSuccess):
3340         (WebCore::IDBRequest::dispatchEvent): Update cursor with new state.
3341         * Modules/indexeddb/IDBRequest.h:
3342         (IDBRequest):
3343         * inspector/InspectorIndexedDBAgent.cpp: Update iteration code to use new callbacks.
3344         (WebCore):
3345
3346 2012-08-14  Arvid Nilsson  <anilsson@rim.com>
3347
3348         [BlackBerry] Get rid of glCopyTexImage2D in Canvas and WebGL code paths
3349         https://bugs.webkit.org/show_bug.cgi?id=93614
3350
3351         Reviewed by Antonio Gomes.
3352
3353         We used to set up resource sharing between the compositing thread
3354         context and the Canvas and WebGL contexts, and use glCopyTexImage2D to
3355         get a copy of the framebuffer to use as front buffer for compositing
3356         purposes.
3357
3358         Now we instead create an EGLImage and blit the Canvas/WebGL output to
3359         it. The compositing thread creates a texture from the EGLImage in order
3360         to composite the output.
3361
3362         Created a new EGLImageLayerWebKitThread base class that handles the
3363         EGLImage and does the blitting. CanvasLayerWebKitThread and
3364         WebGLLayerWebKitThread now inherit from this new base class.
3365
3366         However, we need to be careful to restore state after the blit because
3367         it's done using the Canvas/WebGL context.
3368
3369         The BlackBerry implementation of GraphicsContext3D::prepareTexture()
3370         was changed to no longer call glCopyTexImage, and
3371         GraphicsContext3D::platformLayer() now returns the target texture
3372         directly.
3373
3374         Reviewed internally by Filip Spacek.
3375
3376         PR 188472
3377
3378         No change in behavior, new tests.
3379
3380         * PlatformBlackBerry.cmake:
3381         * platform/graphics/blackberry/CanvasLayerWebKitThread.cpp:
3382         (WebCore::CanvasLayerWebKitThread::CanvasLayerWebKitThread):
3383         (WebCore::CanvasLayerWebKitThread::~CanvasLayerWebKitThread):
3384         (WebCore::CanvasLayerWebKitThread::setDevice):
3385         (WebCore::CanvasLayerWebKitThread::makeContextCurrent):
3386         (WebCore::CanvasLayerWebKitThread::textureSize):
3387         (WebCore):
3388         (WebCore::CanvasLayerWebKitThread::textureID):
3389         * platform/graphics/blackberry/CanvasLayerWebKitThread.h:
3390         (CanvasLayerWebKitThread):
3391         * platform/graphics/blackberry/EGLImageLayerCompositingThreadClient.cpp: Added.
3392         (WebCore):
3393         (WebCore::EGLImageLayerCompositingThreadClient::~EGLImageLayerCompositingThreadClient):
3394         (WebCore::EGLImageLayerCompositingThreadClient::uploadTexturesIfNeeded):
3395         (WebCore::EGLImageLayerCompositingThreadClient::drawTextures):
3396         (WebCore::EGLImageLayerCompositingThreadClient::deleteTextures):
3397         (WebCore::EGLImageLayerCompositingThreadClient::bindContentsTexture):
3398         (WebCore::EGLImageLayerCompositingThreadClient::setImage):
3399         * platform/graphics/blackberry/EGLImageLayerCompositingThreadClient.h: Added.
3400         (WebCore):
3401         (EGLImageLayerCompositingThreadClient):
3402         (WebCore::EGLImageLayerCompositingThreadClient::create):
3403         (WebCore::EGLImageLayerCompositingThreadClient::layerCompositingThreadDestroyed):
3404         (WebCore::EGLImageLayerCompositingThreadClient::layerVisibilityChanged):
3405         (WebCore::EGLImageLayerCompositingThreadClient::EGLImageLayerCompositingThreadClient):
3406         * platform/graphics/blackberry/EGLImageLayerWebKitThread.cpp: Added.
3407         (WebCore):
3408         (WebCore::EGLImageLayerWebKitThread::EGLImageLayerWebKitThread):
3409         (WebCore::EGLImageLayerWebKitThread::~EGLImageLayerWebKitThread):
3410         (WebCore::EGLImageLayerWebKitThread::setNeedsDisplay):
3411         (WebCore::EGLImageLayerWebKitThread::makeContextCurrent):
3412         (WebCore::EGLImageLayerWebKitThread::updateTextureContentsIfNeeded):
3413         (WebCore::EGLImageLayerWebKitThread::commitPendingTextureUploads):
3414         (WebCore::EGLImageLayerWebKitThread::createImageIfNeeded):
3415         (WebCore::EGLImageLayerWebKitThread::createShaderIfNeeded):
3416         (WebCore::EGLImageLayerWebKitThread::drawTexture):
3417         * platform/graphics/blackberry/EGLImageLayerWebKitThread.h: Copied from Source/WebCore/platform/graphics/blackberry/CanvasLayerWebKitThread.h.
3418         (WebCore):
3419         (EGLImageLayerWebKitThread):
3420         * platform/graphics/blackberry/GraphicsContext3DBlackBerry.cpp:
3421         (WebCore::GraphicsContext3D::prepareTexture):
3422         (WebCore):
3423         (WebCore::GraphicsContext3D::platformTexture):
3424         * platform/graphics/blackberry/LayerCompositingThread.cpp:
3425         (WebCore::LayerCompositingThread::drawTextures):
3426         (WebCore::LayerCompositingThread::releaseTextureResources):
3427         * platform/graphics/blackberry/LayerCompositingThread.h:
3428         (WebCore::LayerCompositingThread::setClient):
3429         (LayerCompositingThread):
3430         * platform/graphics/blackberry/LayerData.h:
3431         (WebCore::LayerData::LayerData):
3432         (LayerData):
3433         * platform/graphics/blackberry/LayerWebKitThread.cpp:
3434         (WebCore::LayerWebKitThread::~LayerWebKitThread):
3435         (WebCore::LayerWebKitThread::updateTextureContentsIfNeeded):
3436         (WebCore::LayerWebKitThread::commitPendingTextureUploads):
3437         (WebCore::LayerWebKitThread::commitOnCompositingThread):
3438         * platform/graphics/blackberry/LayerWebKitThread.h:
3439         (LayerWebKitThread):
3440         * platform/graphics/blackberry/WebGLLayerWebKitThread.cpp:
3441         (WebCore::WebGLLayerWebKitThread::WebGLLayerWebKitThread):
3442         (WebCore::WebGLLayerWebKitThread::updateTextureContentsIfNeeded):
3443         (WebCore::WebGLLayerWebKitThread::makeContextCurrent):
3444         (WebCore):
3445         (WebCore::WebGLLayerWebKitThread::textureSize):
3446         (WebCore::WebGLLayerWebKitThread::textureID):
3447         * platform/graphics/blackberry/WebGLLayerWebKitThread.h:
3448         (WebGLLayerWebKitThread):
3449         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3450         (WebCore):
3451         (WebCore::GraphicsContext3D::prepareTexture):
3452
3453 2012-08-14  Arvid Nilsson  <anilsson@rim.com>
3454
3455         [BlackBerry] Texture cache must adapt to HashMap changes
3456         https://bugs.webkit.org/show_bug.cgi?id=93955
3457
3458         Reviewed by Rob Buis.
3459
3460         This was fixed locally, but not upstreamed yet.
3461
3462         Based on an original patch by Konrad Piascik.
3463
3464         * platform/graphics/blackberry/TextureCacheCompositingThread.cpp:
3465         (WebCore::TextureCacheCompositingThread::textureForTiledContents):
3466
3467 2012-08-14  Arvid Nilsson  <anilsson@rim.com>
3468
3469         [BlackBerry] LayerCompositingThread.h doesn't compile
3470         https://bugs.webkit.org/show_bug.cgi?id=93956
3471
3472         Reviewed by Rob Buis.
3473
3474         I forgot to upstream this local change.
3475
3476         * platform/graphics/blackberry/LayerCompositingThread.h:
3477         (WebCore::LayerOverride::setBounds):
3478         (WebCore::LayerOverride::setOpacity):
3479
3480 2012-08-14  Ed Baker  <edbaker@rim.com>
3481
3482         [BlackBerry] LayerAnimation is not immutable, which makes dereferencing an expensive operation
3483         https://bugs.webkit.org/show_bug.cgi?id=93946
3484
3485         Reviewed by Antonio Gomes.
3486
3487         Make LayerAnimation immutable so it can be dereferenced from the main
3488         WebKit thread without having to dispatch to the compositing thread,
3489         which is an expensive operation.
3490
3491         TransformOperation and TimingFunction need to be made thread safe as
3492         they are referenced in LayerAnimation, but that effort is being tracked
3493         by a separate bug, #86483.
3494
3495         Reviewed internally by Arvid Nilsson.
3496
3497         No change in behavior, no new tests.
3498
3499         * platform/graphics/blackberry/LayerAnimation.h:
3500         (WebCore::LayerAnimation::name):
3501         (LayerAnimation):
3502         (WebCore::LayerAnimation::LayerAnimation):
3503         (WebCore::LayerAnimation::setName):
3504         * platform/graphics/blackberry/LayerCompositingThread.cpp:
3505         (WebCore):
3506         * platform/graphics/blackberry/LayerCompositingThread.h:
3507         (LayerCompositingThread):
3508         * platform/graphics/blackberry/LayerWebKitThread.cpp:
3509         (WebCore::LayerWebKitThread::~LayerWebKitThread):
3510
3511 2012-08-14  Arvid Nilsson  <anilsson@rim.com>
3512
3513         [BlackBerry] GraphicsLayerBlackBerry::willBeDestroyed() must call superclass implementation
3514         https://bugs.webkit.org/show_bug.cgi?id=93947
3515
3516         Reviewed by Rob Buis.
3517
3518         This was fixed locally, but not upstreamed yet.
3519
3520         Based on an original patch by Konrad Piascik.
3521
3522         * platform/graphics/blackberry/GraphicsLayerBlackBerry.cpp:
3523         (WebCore::GraphicsLayerBlackBerry::willBeDestroyed):
3524
3525 2012-08-14  Vineet Chaudhary  <rgf748@motorola.com>
3526
3527         Remove custom JSC bindings from ConvolverNode.idl
3528         https://bugs.webkit.org/show_bug.cgi?id=93952
3529
3530         Reviewed by Kentaro Hara.
3531
3532         We should remove custom bindings as CodeGenerator uses UNUSED_PARAM macro.
3533
3534         No new tests. No behavioural changes.
3535         All tests under webaudio/* should behave same.
3536
3537         * GNUmakefile.list.am: Removed JSConvolverNodeCustom.cpp from builds.
3538         * Modules/webaudio/ConvolverNode.idl: Removed [JSCustomSetter].
3539         * UseJSC.cmake: Removed JSConvolverNodeCustom.cpp from builds.
3540         * WebCore.gypi: Ditto.
3541         * WebCore.xcodeproj/project.pbxproj: Ditto
3542         * bindings/js/JSConvolverNodeCustom.cpp: Removed.
3543
3544 2012-08-14  Pavel Feldman  <pfeldman@chromium.org>
3545
3546         Web Inspector: add external test runner for running inspector front-end tests with no TestRunner infrastructure.
3547         https://bugs.webkit.org/show_bug.cgi?id=93833
3548
3549         Reviewed by Yury Semikhatsky.
3550
3551         Added mock test runner that allows running front-end layout tests.
3552         InspectorFrontendAPI can now dispatch whatever it receives from its embedder (opener).
3553
3554         * inspector/front-end/InspectorFrontendAPI.js:
3555         (InspectorFrontendAPI.evaluateForTest):
3556         (InspectorFrontendAPI.dispatch):
3557         (InspectorFrontendAPI.loadCompleted):
3558         (.onMessageFromOpener):
3559
3560 2012-08-14  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
3561
3562         [Qt] Incomplete repaint of link underline
3563         https://bugs.webkit.org/show_bug.cgi?id=66034
3564
3565         Reviewed by Kenneth Rohde Christiansen.
3566
3567         When trying to point a line of width 30, we end up painting on of width 31, because Qt 
3568         interprets the line as end-inclusive. So adjust for end-include/exclusive difference 
3569         before requesting the draw from Qt.
3570
3571         * platform/graphics/qt/GraphicsContextQt.cpp:
3572         (WebCore::GraphicsContext::drawLine):
3573
3574 2012-08-14  Mike West  <mkwst@chromium.org>
3575
3576         Fix crash in http/tests/plugins/plugin-document-has-focus
3577         https://bugs.webkit.org/show_bug.cgi?id=93949
3578
3579         Reviewed by Jochen Eisinger.
3580
3581         Covered by http/tests/plugins/plugin-document-has-focus.html. If that
3582         doesn't crash, we're good!
3583
3584         * loader/SubframeLoader.cpp:
3585         (WebCore::SubframeLoader::pluginIsLoadable):
3586             Check the PluginDocument's ownerElement before derefing.
3587
3588 2012-08-14  KwangYong Choi  <ky0.choi@samsung.com>
3589
3590         [EFL] Fixed displaying buffering progress in the media control.
3591         https://bugs.webkit.org/show_bug.cgi?id=75681
3592
3593         Reviewed by Kenneth Rohde Christiansen.
3594
3595         It is required "rangeRect" instead of "rect" to display buffering
3596         progress properly.
3597
3598         * platform/efl/RenderThemeEfl.cpp:
3599         (WebCore::RenderThemeEfl::paintMediaSliderTrack):
3600
3601 2012-08-14  Yoshifumi Inoue  <yosin@chromium.org>
3602
3603         [Forms] Copy Source/WebCore/html/shadow/TextControlInnerElements.{cpp,h} to SpinButtonElement.{cpp,h}
3604         https://bugs.webkit.org/show_bug.cgi?id=93943
3605
3606         Reviewed by Kent Tamura.
3607
3608         This patch copys html/shadow/TextControlInnerElement.{cpp,h} to SpinButtonElement.{cpp,h} for
3609         preparation of bug 93941, Set SpinButtonElement free from HTMLInputElement.
3610
3611         No new tests. This patch doesn't change behavior.
3612
3613         * html/shadow/SpinButtonElement.cpp: Copied from Source/WebCore/html/shadow/TextControlInnerElements.cpp.
3614         * html/shadow/SpinButtonElement.h: Copied from Source/WebCore/html/shadow/TextControlInnerElements.h.
3615
3616 2012-08-14  Mike West  <mkwst@chromium.org>
3617
3618         Implement the plugin-types Content Security Policy directive.
3619         https://bugs.webkit.org/show_bug.cgi?id=91919
3620
3621         Reviewed by Adam Barth.
3622
3623         The CSP 1.1 editor's draft defines the 'plugin-types' directive as a
3624         mechanism for whitelisting only specific types of plugin content on a
3625         page. A protected resource might trust only Flash content, for instance,
3626         and could enforce that preference via a Content Security Policy of
3627         'plugin-types application/x-shockwave-flash'. Flash would load, no other
3628         plugin type would.
3629
3630         Specification details available at: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#plugin-types--experimental
3631
3632         This experimental directive is gated on the ENABLE_CSP_NEXT flag, which
3633         is currently only enabled in Chromium.
3634
3635         Tests: http/tests/security/contentSecurityPolicy/1.1/plugintypes-invalid.html
3636                http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-data.html
3637                http/tests/security/contentSecurityPolicy/1.1/plugintypes-mismatched-url.html
3638                http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html
3639                http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-url.html
3640                http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-allowed.html
3641                http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html
3642                http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-01.html
3643                http/tests/security/contentSecurityPolicy/1.1/plugintypes-url-02.html
3644
3645         * loader/SubframeLoader.cpp:
3646         (WebCore::SubframeLoader::pluginIsLoadable):
3647             Adding a check against 'allowPluginType', and passing in both the
3648             MIME type of the plugin, as well as the declared MIME type from the
3649             object/embed element (ensuring that we do this correctly, even if
3650             we're inside a PluginDocument).
3651         (WebCore::SubframeLoader::createJavaAppletWidget):
3652             Same as 'pluginIsLoadable', but hard-coded to
3653             'application/x-java-applet'.
3654         * page/ContentSecurityPolicy.cpp:
3655         (CSPDirectiveList):
3656         (WebCore::CSPDirectiveList::logInvalidPluginTypes):
3657             Plugin types that don't match the grammar ('not/a/mime/type') are
3658             logged to the console, and ignored for purposes of matching.
3659         (WebCore):
3660         (WebCore::CSPDirectiveList::checkPluginType):
3661             Given both the plugin type and the declared type attribute, returns
3662             true if both types match, and are contained in the list of accepted
3663             plugin types.
3664         (WebCore::CSPDirectiveList::checkPluginTypeAndReportViolation):
3665             Calls out to checkPluginType, and reports a violation if that check
3666             fails.
3667         (WebCore::CSPDirectiveList::allowPluginType):
3668             Analog to the other 'CSPDirectiveList::allowXXX' methods, this
3669             branches between simply checking the type against the policy, and
3670             checking against the policy and then reporting violations.
3671         (WebCore::CSPDirectiveList::parsePluginTypes):
3672             Given a directive value, parse out the media types contained within
3673             by splitting on spaces, and validating each token. Valid tokens are
3674             added to 'm_pluginTypes' for use in 'checkPluginType'.
3675         (WebCore::CSPDirectiveList::addDirective):
3676             Wire up 'plugin-types' as a valid directive (if the ENABLE_CSP_NEXT
3677             flag is set). This has been combined with the other implemented 1.1
3678             header, 'script-nonce'.
3679         (WebCore::ContentSecurityPolicy::allowPluginType):
3680             The public interface to this set of functionality.
3681         * page/ContentSecurityPolicy.h:
3682
3683 2012-08-14  Charles Wei  <charles.wei@torchmobile.com.cn>
3684
3685         [BlackBerry] Enable DNS prefetch
3686         https://bugs.webkit.org/show_bug.cgi?id=93846
3687
3688         Reviewed by George Staikos.
3689
3690         No new tests.
3691
3692         * PlatformBlackBerry.cmake:
3693         * platform/blackberry/TemporaryLinkStubs.cpp:
3694         * platform/network/blackberry/DNSBlackBerry.cpp: Copied from Source/WebCore/platform/blackberry/TemporaryLinkStubs.cpp.
3695         (WebCore):
3696         (WebCore::prefetchDNS):
3697
3698 2012-08-14  Hans Wennborg  <hans@chromium.org>
3699
3700         Speech Input: wrong position was reported for scolled-down elements
3701         https://bugs.webkit.org/show_bug.cgi?id=93634
3702
3703         Reviewed by Kent Tamura.
3704
3705         When clicking on a speech-enabled input element, WebKit reports
3706         the position of the element to the embedder, so that it can show
3707         a bubble indicating that speech recognition is in progress for
3708         the element that the user clicked on.
3709
3710         On a page that was scrolled, this position was being reported
3711         erroneously: it was given relative to the frame content as opposed to
3712         the root view, and the in-progress bubble would be shown in the wrong
3713         place.
3714
3715         Test: fast/speech/bubble-position-scrolled.html
3716
3717         * html/shadow/TextControlInnerElements.cpp:
3718         (WebCore::InputFieldSpeechButtonElement::startSpeechInput):
3719
3720 2012-08-14  Taiju Tsuiki  <tzik@chromium.org>
3721
3722         Web Inspector: Drop "Loading..." message from FileContentView
3723         https://bugs.webkit.org/show_bug.cgi?id=91732
3724
3725         Reviewed by Vsevolod Vlasov.
3726
3727         * inspector/front-end/FileContentView.js:
3728         (WebInspector.FileContentView.prototype.wasShown):
3729
3730 2012-08-14  Sheriff Bot  <webkit.review.bot@gmail.com>
3731
3732         Unreviewed, rolling out r125519.
3733         http://trac.webkit.org/changeset/125519
3734         https://bugs.webkit.org/show_bug.cgi?id=93945
3735
3736         New ref-tests caused image failures on chromium-mac bots.
3737         (Requested by yutak on #webkit).
3738
3739         * css/html.css:
3740         (meter):
3741         * html/HTMLMeterElement.cpp:
3742         (WebCore::HTMLMeterElement::HTMLMeterElement):
3743         (WebCore::HTMLMeterElement::createRenderer):
3744         (WebCore::HTMLMeterElement::didElementStateChange):
3745         (WebCore::HTMLMeterElement::createShadowSubtree):
3746         * html/HTMLMeterElement.h:
3747         (WebCore):
3748         (HTMLMeterElement):
3749         * html/shadow/MeterShadowElement.cpp:
3750         (WebCore::MeterShadowElement::meterElement):
3751         (WebCore::MeterShadowElement::rendererIsNeeded):
3752         (WebCore):
3753         * html/shadow/MeterShadowElement.h:
3754         (WebCore):
3755         * rendering/RenderMeter.cpp:
3756         (WebCore::RenderMeter::RenderMeter):
3757         (WebCore::RenderMeter::valueRatio):
3758         * rendering/RenderMeter.h:
3759         (RenderMeter):
3760
3761 2012-08-14  Keishi Hattori  <keishi@webkit.org>
3762
3763         Move page popup resources to separate directory
3764         https://bugs.webkit.org/show_bug.cgi?id=93932
3765
3766         Reviewed by Kent Tamura.
3767
3768         Keeping the resources organized.
3769
3770         No new tests.
3771
3772         * Resources/pagepopups/calendarPicker.css: Renamed from Source/WebCore/Resources/calendarPicker.css.
3773         * Resources/pagepopups/calendarPicker.js: Renamed from Source/WebCore/Resources/calendarPicker.js.
3774         * Resources/pagepopups/calendarPickerMac.css: Renamed from Source/WebCore/Resources/calendarPickerMac.css.
3775         * Resources/pagepopups/colorSuggestionPicker.css: Renamed from Source/WebCore/Resources/colorSuggestionPicker.css.
3776         * Resources/pagepopups/colorSuggestionPicker.js: Renamed from Source/WebCore/Resources/colorSuggestionPicker.js.
3777         * WebCore.gyp/WebCore.gyp:
3778
3779 2012-08-14  Yoshifumi Inoue  <yosin@chromium.org>
3780
3781         [Forms] Move wheel event handler to spin button class
3782         https://bugs.webkit.org/show_bug.cgi?id=93928
3783
3784         Reviewed by Kent Tamura.
3785
3786         This patch moves implmentation of wheel event handling from TextFieldInput
3787         class to SpinButtonElement class to share implementation in TextFieldInput
3788         class, and DateTimeEditElement.
3789
3790         No new tests. This patch doesn't change behavior. fast/orms/number/number-wheel.html
3791         covers this change.
3792
3793         * html/BaseDateAndTimeInputType.cpp: Removed handleWheelEvent() implementation.
3794         * html/BaseDateAndTimeInputType.h:
3795         (BaseDateAndTimeInputType): Removed handleWheelEvent() declaration.
3796         * html/HTMLInputElement.cpp:
3797         (WebCore::HTMLInputElement::defaultEventHandler): Removed wheel event handling.
3798         * html/InputType.cpp: Removed handleWheelEvent() implementation.
3799         * html/InputType.h:
3800         (InputType): Removed handleWheelEvent() declaration.
3801         * html/NumberInputType.cpp: Removed handleWheelEvent() implementation.
3802         * html/NumberInputType.h:
3803         (NumberInputType): Removed handleWheelEvent() declaration.
3804         * html/TextFieldInputType.cpp: Removed handleWheelEventForSpinButton() declaration.
3805         (WebCore::TextFieldInputType::forwardEvent): Changed to call SpinButtonElement::forwardEvent().
3806         * html/TextFieldInputType.h:
3807         (TextFieldInputType): Removed handleWheelEventForSpinButton() declaration.
3808         * html/shadow/TextControlInnerElements.cpp:
3809         (WebCore::SpinButtonElement::forwardEvent): Moved implementation of wheel event handling code
3810         from TextFieldInputType::handleWheelEventForSpinButton().
3811         * html/shadow/TextControlInnerElements.h:
3812         (SpinButtonElement): Added forwardEvent() declaration.
3813
3814 2012-08-14  Shinya Kawanaka  <shinyak@chromium.org>
3815
3816         AuthorShadowDOM for meter element
3817         https://bugs.webkit.org/show_bug.cgi?id=91970
3818
3819         Reviewed by Hajime Morita.
3820
3821         We add support for AuthorShadowDOM for a meter element.
3822
3823         According to the Shadow DOM spec, a meter element should behave like having a UserAgentShadowRoot and
3824         an element in UserAgentShadowRoot draws a real 'meter' bar. In this patch, we change the inner structure
3825         of a meter element so that we can distribute an element having RenderMeter to AuthorShadowDOM.
3826
3827         Before this patch, a meter element has the following inner structure.
3828
3829             <meter>--UserAgentShadowRoot -- -- -- -- -- -- -- -- -- -- AuthorShadowRoot
3830                                |
3831                                +-- MeterBarElement
3832                                |
3833                                +-- MeterValueElement
3834
3835         After this patch, a meter element will have the following inner structure.
3836
3837             <meter>--UserAgentShadowRoot -- -- -- -- -- -- -- -- -- -- AuthorShadowRoot
3838                                |
3839                                +-- MeterInnerElement
3840                                            |
3841                                            +-- MeterBarElement
3842                                            |
3843                                            +-- MeterValueElement
3844
3845         However, if RenderTheme supports rendering meter, MeterInnerElement will not create a renderer
3846         unless an AuthorShadowDOM is attached to it so that we can keep the current rendering style.
3847
3848         Tests: fast/dom/shadow/shadowdom-for-meter-dynamic.html
3849                fast/dom/shadow/shadowdom-for-meter-multiple.html
3850                fast/dom/shadow/shadowdom-for-meter-with-style.html
3851                fast/dom/shadow/shadowdom-for-meter-without-appearance.html
3852                fast/dom/shadow/shadowdom-for-meter-without-shadow-element.html
3853                fast/dom/shadow/shadowdom-for-meter.html
3854
3855         * css/html.css:
3856         (meter): Changed the display type. inline-box is not supported WebKit. inline-block is true.
3857         (meter::-webkit-meter-inner-element):
3858         * html/HTMLMeterElement.cpp:
3859         (WebCore::HTMLMeterElement::HTMLMeterElement):
3860         (WebCore::HTMLMeterElement::createRenderer):
3861         (WebCore):
3862         (WebCore::HTMLMeterElement::didElementStateChange):
3863         (WebCore::HTMLMeterElement::willAddAuthorShadowRoot):
3864         (WebCore::HTMLMeterElement::renderMeter):
3865         (WebCore::HTMLMeterElement::createShadowSubtree):
3866         * html/HTMLMeterElement.h:
3867         (WebCore):
3868         (WebCore::HTMLMeterElement::hasAuthorShadowRoot):
3869         (HTMLMeterElement):
3870         (WebCore::isHTMLMeterElement):
3871         (WebCore::toHTMLMeterElement):
3872         * html/shadow/MeterShadowElement.cpp:
3873         (WebCore::MeterShadowElement::meterElement):
3874         (WebCore::MeterShadowElement::rendererIsNeeded):
3875         (WebCore):
3876         (WebCore::MeterInnerElement::MeterInnerElement): We introduce a new element having RenderMeter
3877         so that we can distribute an element having RenderMeter to AuthorShadowDOM.
3878         (WebCore::MeterInnerElement::rendererIsNeeded): Different from a progress element, meter element will not be
3879         rendered using a theme. So we don't need to check the style appearance.
3880         (WebCore::MeterInnerElement::createRenderer):
3881         (WebCore::MeterInnerElement::shadowPseudoId):
3882         * html/shadow/MeterShadowElement.h:
3883         (WebCore):
3884         (MeterInnerElement):
3885         (WebCore::MeterInnerElement::create):
3886         * rendering/RenderMeter.cpp:
3887         (WebCore::RenderMeter::RenderMeter):
3888         (WebCore::RenderMeter::meterElement):
3889         (WebCore):
3890         (WebCore::RenderMeter::valueRatio):
3891         * rendering/RenderMeter.h:
3892         (RenderMeter):
3893
3894 2012-08-14  Christophe Dumez  <christophe.dumez@intel.com>
3895
3896         regression(r124510) webintents/web-intents-obj-constructor.html is crashing
3897         https://bugs.webkit.org/show_bug.cgi?id=93096
3898
3899         Reviewed by Kentaro Hara.
3900
3901         Add null-check for JSC::ExecState pointer in JSDictionary constructor
3902         before using it. The exec may indeed be null, thus causing crashes.
3903
3904         No new test, already tested by webintents/web-intents-obj-constructor.html
3905
3906         * bindings/js/JSDictionary.cpp:
3907         (WebCore::JSDictionary::tryGetProperty):
3908         (WebCore::JSDictionary::getWithUndefinedOrNullCheck):
3909         * bindings/js/JSDictionary.h:
3910         (WebCore::JSDictionary::JSDictionary):
3911
3912 2012-08-13  Keishi Hattori  <keishi@webkit.org>
3913
3914         Remove fade in transition from calendar picker
3915         https://bugs.webkit.org/show_bug.cgi?id=93816
3916
3917         Reviewed by Kent Tamura.
3918
3919         The fade in transition was incomplete because it was only fading in the
3920         popup content and not the popup itself. Removing the effect for now.
3921
3922         No new tests. Can't test animation.
3923
3924         * Resources/calendarPicker.css:
3925         (#main):
3926         * Resources/calendarPicker.js:
3927         (initialize):
3928         (fixWindowSize):
3929
3930 2012-08-13  Alex Christensen  <alex.christensen@flexsim.com>
3931
3932         WPARAM and LPARAM are incorrectly defined for x64
3933         https://bugs.webkit.org/show_bug.cgi?id=89902
3934
3935         Reviewed by Brent Fulgham.
3936
3937         Include WindowsExtras.h for PLATFORM(WIN) to define WPARAM and LPARAM correctly
3938         * platform/PlatformKeyboardEvent.h:
3939         * platform/PlatformMouseEvent.h:
3940         * platform/PlatformWheelEvent.h:
3941         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h:
3942         * platform/win/WindowMessageListener.h:
3943
3944 2012-08-13  John Bates  <jbates@google.com>
3945
3946         [Chromium] Patch CCThreadProxy to call setTimebaseAndInterval on CCScheduler
3947         https://bugs.webkit.org/show_bug.cgi?id=93918
3948
3949         Reviewed by James Robinson.
3950
3951         Also, update some trace events.
3952
3953         * platform/graphics/chromium/cc/CCDelayBasedTimeSource.cpp:
3954         (WebCore::CCDelayBasedTimeSource::setActive):
3955         * platform/graphics/chromium/cc/CCFrameRateController.cpp:
3956         (WebCore::CCFrameRateController::setActive):
3957         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
3958         (WebCore::CCThreadProxy::onVSyncParametersChanged):
3959
3960 2012-08-13  Douglas Stockwell  <dstockwell@chromium.org>
3961
3962         Crash in WebCore::RenderBlock::LineBreaker::nextLineBreak
3963         https://bugs.webkit.org/show_bug.cgi?id=93806
3964
3965         Reviewed by Abhishek Arya.
3966
3967         When looking for line breaks on the first line, existing code was
3968         checking for text-combine only in the first-line style. Since
3969         text-combine isn't inherited this resulted in a line break being
3970         chosen before combineText was called. When this happened and then
3971         combineText was called subsequently, the position of the line break
3972         iterator would be invalid.
3973
3974         This patch changes the check to use the regular style as in
3975         skipLeadingWhitespace and textWidth.
3976
3977         Test: fast/text/text-combine-first-line-crash.html
3978
3979         * rendering/RenderBlockLineLayout.cpp:
3980         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Don't use the
3981         first-line style when checking text-combine.
3982
3983 2012-08-13  Kwang Yul Seo  <skyul@company100.net>
3984
3985         Remove unused method HTMLDocumentParser::script()
3986         https://bugs.webkit.org/show_bug.cgi?id=93916
3987
3988         Reviewed by Eric Seidel.
3989
3990         The use of HTMLDocumentParser::script() was removed in r61640 and has never been used since then.
3991