Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-16  John Wilander  <wilander@apple.com>
2
3         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
4         https://bugs.webkit.org/show_bug.cgi?id=158855
5         <rdar://problem/26142632>
6
7         Reviewed by Alex Christensen.
8
9         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
10                http/tests/dom/window-open-about-webkit-org-and-access-document.html
11
12         Document.cpp previously checked whether a document should inherit its owner's 
13         security origin by checking if the URL is either empty or blank. URL.cpp in 
14         turn only checks if the protocol is "about:" in the isBlankURL() function. 
15         Thus all about:* URLs inherited security origin. This patch restricts 
16         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
17
18         Quotes and links from the WHATWG spec regarding about:srcdoc:
19
20         7.1 Browsing contexts
21         A browsing context can have a creator browsing context, the browsing context 
22         that was responsible for its creation. If a browsing context has a parent 
23         browsing context, then that is its creator browsing context. Otherwise, if the 
24         browsing context has an opener browsing context, then that is its creator 
25         browsing context. Otherwise, the browsing context has no creator browsing 
26         context.
27         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
28
29         7.1.1 Nested browsing contexts
30         Certain elements (for example, iframe elements) can instantiate further 
31         browsing contexts. These are called nested browsing contexts. If a browsing 
32         context P has a Document D with an element E that nests another browsing 
33         context C inside it, then C is said to be nested through D, and E is said to 
34         be the browsing context container of C. If the browsing context container 
35         element E is in the Document D, then P is said to be the parent browsing 
36         context of C and C is said to be a child browsing context of P. Otherwise, 
37         the nested browsing context C has no parent browsing context.
38         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
39
40         4.8.5 The iframe element
41         The iframe element represents a nested browsing context.
42         ...
43         If the srcdoc attribute is specified
44             Navigate the element's child browsing context to a new response whose 
45             url list consists of about:srcdoc ...
46         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
47
48         * dom/Document.cpp:
49         (WebCore::Document::initSecurityContext):
50             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
51         (WebCore::Document::initContentSecurityPolicy):
52             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
53         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
54             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
55         * platform/URL.cpp:
56         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
57         * platform/URL.h:
58             Moved the function from Document and restricted the check to only allow
59             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
60
61 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
62
63         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
64         https://bugs.webkit.org/show_bug.cgi?id=158629
65         rdar://problem/26521616
66
67         Reviewed by Enrica Casucci.
68
69         When focussing elements in iframes, the page could scroll to an incorrect location.
70         This happened because code in Element::focus() tried to disable scrolling on focus,
71         but did so only for the current frame, so ancestor frames got programmatically scrolled.
72         On iOS we handle the scrolling in the UI process, so never want the web process to
73         do programmatic scrolling.
74
75         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
76         rather than manually prohibiting frame scrolling.
77
78         Tests: fast/forms/ios/focus-input-in-iframe.html
79                fast/forms/ios/programmatic-focus-input-in-iframe.html
80
81         * dom/Element.cpp:
82         (WebCore::Element::focus):
83         * history/CachedPage.cpp:
84         (WebCore::CachedPage::restore):
85
86 2016-06-16  Zalan Bujtas  <zalan@apple.com>
87
88         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
89         https://bugs.webkit.org/show_bug.cgi?id=158854
90
91         Reviewed by David Hyatt.
92
93         Test: fast/block/inside-inlines/crash-on-first-line-change.html
94
95         * rendering/RenderBlockLineLayout.cpp:
96         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
97
98 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
99
100         Include cstdlib before using std::atexit
101         https://bugs.webkit.org/show_bug.cgi?id=158681
102
103         Reviewed by Brent Fulgham.
104
105         * platform/graphics/PlatformDisplay.cpp:
106
107 2016-06-16  Chris Dumez  <cdumez@apple.com>
108
109         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
110         https://bugs.webkit.org/show_bug.cgi?id=158853
111
112         Reviewed by Brent Fulgham.
113
114         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
115         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
116         then atomizing it.
117
118         * html/HTMLImageElement.cpp:
119         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
120
121 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
122
123         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
124         https://bugs.webkit.org/show_bug.cgi?id=156558
125
126         Reviewed by Simon Fraser.
127
128         The pseudo selectors :in-range and :out-of-range should only
129         apply if:
130         -minimum/maximum are defined for the input type
131         -the input value is/is-not suffering from underflow/overflow.
132
133         Only certain types have a valid minimum and maximum:
134         -number
135         -range
136         -date
137         -month
138         -week
139         -time
140         -datetime-local
141
142         Of those, only one has a default minimum and maximum: range.
143         For all the others, the minimum or maximum is only defined
144         if the min/max attribute is defined and valid.
145
146         This patch addresses these constraints for number and range.
147         The date types range validation is severely broken and is
148         left untouched. It really needs a clean rewrite.
149
150         Tests: fast/css/pseudo-in-range-basics.html
151                fast/css/pseudo-in-range-out-of-range-trivial.html
152                fast/css/pseudo-out-of-range-basics.html
153
154         * html/DateInputType.cpp:
155         (WebCore::DateInputType::createStepRange):
156         * html/DateTimeInputType.cpp:
157         (WebCore::DateTimeInputType::createStepRange):
158         * html/DateTimeLocalInputType.cpp:
159         (WebCore::DateTimeLocalInputType::createStepRange):
160         * html/InputType.cpp:
161         (WebCore::InputType::isInRange):
162         (WebCore::InputType::isOutOfRange):
163         Notice the isEmpty() shortcut.
164         A value can only overflow/underflow if it is not empty.
165
166         * html/MonthInputType.cpp:
167         (WebCore::MonthInputType::createStepRange):
168         * html/NumberInputType.cpp:
169         (WebCore::NumberInputType::createStepRange):
170         * html/RangeInputType.cpp:
171         (WebCore::RangeInputType::createStepRange):
172         * html/StepRange.cpp:
173         (WebCore::StepRange::StepRange):
174         * html/StepRange.h:
175         (WebCore::StepRange::hasRangeLimitations):
176         * html/WeekInputType.cpp:
177         (WebCore::WeekInputType::createStepRange):
178
179 2016-06-16  Anders Carlsson  <andersca@apple.com>
180
181         Fix macOS Sierra build
182         https://bugs.webkit.org/show_bug.cgi?id=158849
183
184         Reviewed by Tim Horton.
185
186         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
187         
188         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
189         as the contents of a CALayer.
190
191         * platform/graphics/cocoa/IOSurface.h:
192         * platform/graphics/cocoa/IOSurface.mm:
193
194 2016-06-16  Andreas Kling  <akling@apple.com>
195
196         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
197         <https://webkit.org/b/158848>
198         <rdar://problem/26609622>
199
200         Unreviewed rollout.
201
202         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
203
204         * loader/FrameLoader.cpp:
205         (WebCore::FrameLoader::commitProvisionalLoad):
206
207 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
208
209         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
210         https://bugs.webkit.org/show_bug.cgi?id=151303
211
212         Reviewed by Youenn Fablet.
213
214         Check type of 'this' in RTCPeerConnection JS built-in functions.
215
216         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
217
218         * Modules/mediastream/RTCPeerConnection.js:
219         (createOffer):
220         (createAnswer):
221         (setLocalDescription):
222         (setRemoteDescription):
223         (addIceCandidate):
224         (getStats):
225         Reject if 'this' isn't of type RTCPeerConnection.
226         * Modules/mediastream/RTCPeerConnectionInternals.js:
227         (isRTCPeerConnection):
228         Add helper function to perform type check. Needs further robustifying.
229
230 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
231
232         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
233         https://bugs.webkit.org/show_bug.cgi?id=158297
234
235         Reviewed by Darin Adler.
236
237         In an effort to reduce the flash of unstyled content, we force all elements
238         to have display: none during an external stylesheet load. We do this by
239         ignoring the CSS cascade and forcing all elements to have a placeholder style
240         which hardcodes display: none. (This is necessary to make elements created by
241         script during the stylesheet load not flash.)
242
243         This style is exposed to web content via getComputedStyle(), which means it
244         needs to maintain the invariant that font-families can never be null strings.
245         We enforce this by forcing the font-family to be the standard font name.
246
247         Test: fast/text/placeholder-renderstyle-null-font.html
248
249         * style/StyleTreeResolver.cpp:
250         (WebCore::Style::ensurePlaceholderStyle):
251
252 2016-06-16  Chris Dumez  <cdumez@apple.com>
253
254         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
255         https://bugs.webkit.org/show_bug.cgi?id=158827
256
257         Reviewed by Darin Adler.
258
259         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
260         implementation has a fast path which gets the internal characters
261         of the CFStringRef when possible and constructs a StringView for
262         it in order to call findHTTPHeaderName(). As a result, we avoid
263         allocating a temporary String when findHTTPHeaderName() succeeds.
264
265         This new HTTPHeaderMap::set() overload is called from both the
266         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
267
268         I have confirmed locally on both Mac and iOS that the fast path
269         is used ~93% of the time. CFStringGetCStringPtr() returns null in
270         rare cases, causing the regular code path to be used.
271
272         * platform/network/HTTPHeaderMap.cpp:
273         (WebCore::HTTPHeaderMap::set):
274         * platform/network/HTTPHeaderMap.h:
275
276 2016-06-15  Zalan Bujtas  <zalan@apple.com>
277
278         Decouple the percent height and positioned descendants maps.
279         https://bugs.webkit.org/show_bug.cgi?id=158773
280
281         Reviewed by David Hyatt and Chris Dumez.
282
283         We track renderers with percent height across multiple containers using
284         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
285         We also use the same data structure to track positioned descendants.
286         However a positioned renderer can have only one containing block so tracking it
287         with a 1:many type is defective.
288         It allows multiple inserts for positioned descendants, which could lead to
289         inconsistent layout state as the rendering logic expects these type of renderers
290         with only one containing block.
291         This patch decouples percent height and positioned tracking by introducing
292         the PositionedDescendantsMap class. This class is responsible for tracking
293         the positioned descendants inbetween layouts.
294
295         No change in functionality.
296
297         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
298                fast/block/positioning/change-containing-block-for-fixed-positioned.html
299
300         * rendering/RenderBlock.cpp:
301         (WebCore::insertIntoTrackedRendererMaps):
302         (WebCore::removeFromTrackedRendererMaps):
303         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
304         to the double insert branch when webkit.org/b/158772 gets fixed.
305         (WebCore::PositionedDescendantsMap::removeDescendant):
306         (WebCore::PositionedDescendantsMap::removeContainingBlock):
307         (WebCore::PositionedDescendantsMap::positionedRenderers):
308         (WebCore::positionedDescendantsMap):
309         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
310         (WebCore::RenderBlock::~RenderBlock):
311         (WebCore::RenderBlock::positionedObjects):
312         (WebCore::RenderBlock::insertPositionedObject):
313         (WebCore::RenderBlock::removePositionedObject):
314         (WebCore::RenderBlock::addPercentHeightDescendant):
315         (WebCore::RenderBlock::removePercentHeightDescendant):
316         (WebCore::RenderBlock::percentHeightDescendants):
317         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
318         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
319         * rendering/RenderBlock.h:
320
321 2016-06-15  David Kilzer  <ddkilzer@apple.com>
322
323         Move SoftLinking.h to platform/cococa from platform/mac
324         <https://webkit.org/b/158825>
325
326         Reviewed by Andy Estes.
327
328         * PlatformMac.cmake: Update for new directory.
329         * WebCore.xcodeproj/project.pbxproj: Ditto.
330         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
331
332 2016-06-15  Chris Dumez  <cdumez@apple.com>
333
334         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
335         https://bugs.webkit.org/show_bug.cgi?id=158809
336
337         Reviewed by Darin Adler.
338
339         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
340
341         * platform/network/HTTPParsers.cpp:
342         (WebCore::extractReasonPhraseFromHTTPStatusLine):
343         * platform/network/HTTPParsers.h:
344         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
345         Reason is stored as an AtomicString on ResourceResponse. Have the
346         implementation use StringView::subString()::toAtomicString().
347
348         * platform/network/cocoa/ResourceResponseCocoa.mm:
349         (WebCore::stripLeadingAndTrailingDoubleQuote):
350         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
351         to its own function. Have it use StringView::subString()::toAtomicString()
352         to avoid unnecessarily atomizing the textEncodingName that has surrounding
353         double-quotes.
354
355         (WebCore::initializeHTTPHeaders):
356         Move HTTP headers initialization to its own function for clarity.
357
358         (WebCore::extractHTTPStatusText):
359         Move HTTP status Text extraction to its own function for clarity.
360
361         (WebCore::ResourceResponse::platformLazyInit):
362         - The function is streamlined a bit because most of the logic was moved
363           into separate functions.
364         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
365           if case and replace with an assertion. This function is always called
366           with CommonFieldsOnly or above (AllFields).
367         - Drop unnecessary (m_initLevel < AllFields) check in the second if
368           case as this is always true. If not, we would have returned early
369           at the beginning of the function when checking
370           m_initLevel >= initLevel.
371         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
372           only 1 pool instead of 2.
373         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
374           CFHTTPMessageCopyResponseStatusLine() since we already have a
375           CFHTTPMessageRef at the call site.
376
377 2016-06-15  Tim Horton  <timothy_horton@apple.com>
378
379         <attachment> elements jump around a lot around when subtitle text changes slightly
380         https://bugs.webkit.org/show_bug.cgi?id=158818
381         <rdar://problem/24450270>
382
383         Reviewed by Simon Fraser.
384
385         Test: fast/attachment/attachment-subtitle-resize.html
386
387         * rendering/RenderAttachment.cpp:
388         (WebCore::RenderAttachment::layout):
389         * rendering/RenderAttachment.h:
390         * rendering/RenderThemeMac.mm:
391         (WebCore::AttachmentLayout::AttachmentLayout):
392         (WebCore::RenderThemeMac::paintAttachment):
393         In order to avoid changes to the centered subtitle text causing the whole
394         attachment to bounce around a lot, make it so that attachment width can only
395         increase, never decrease, and round the subtitle's width up to the nearest
396         increment of 10px when determining its affect on the whole element's width.
397         Also, center the attachment in its element, instead of left-aligning it,
398         so that the extra width we may have is evenly distributed between the two sides.
399
400 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
401
402         Reset bindings test results after r202105
403
404         Unreviewed test gardening.
405
406         * bindings/scripts/test/JS/JSTestObj.cpp:
407
408 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
409
410         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
411         https://bugs.webkit.org/show_bug.cgi?id=158779
412
413         Reviewed by Eric Carlson.
414
415         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
416
417         No change in behavior.
418
419         * Modules/mediastream/RTCPeerConnection.idl:
420
421 2016-06-15  Chris Dumez  <cdumez@apple.com>
422
423         Drop some unnecessary header includes
424         https://bugs.webkit.org/show_bug.cgi?id=158788
425
426         Reviewed by Alexey Proskuryakov.
427
428         Drop some unnecessary header includes in headers to speed up build time.
429
430         * Modules/encryptedmedia/MediaKeySession.cpp:
431         * Modules/gamepad/GamepadManager.cpp:
432         * Modules/indexeddb/IDBDatabase.cpp:
433         * Modules/indexeddb/IDBOpenDBRequest.cpp:
434         * Modules/indexeddb/IDBRequest.cpp:
435         * Modules/indexeddb/IDBTransaction.cpp:
436         * Modules/mediasource/MediaSource.cpp:
437         * Modules/mediasource/SourceBuffer.cpp:
438         * Modules/mediasource/SourceBufferList.cpp:
439         * Modules/mediastream/MediaStream.cpp:
440         * Modules/mediastream/MediaStreamTrack.cpp:
441         * Modules/speech/SpeechSynthesis.cpp:
442         * Modules/webaudio/AudioScheduledSourceNode.cpp:
443         * Modules/webaudio/ScriptProcessorNode.cpp:
444         * bindings/scripts/CodeGeneratorJS.pm:
445         (GenerateImplementation):
446         * dom/CharacterData.cpp:
447         * dom/ContainerNode.cpp:
448         * dom/DOMNamedFlowCollection.cpp:
449         * dom/DeviceMotionController.cpp:
450         * dom/DeviceOrientationController.cpp:
451         * dom/Document.cpp:
452         * dom/Document.h:
453         * dom/DocumentEventQueue.cpp:
454         * dom/DocumentOrderedMap.h:
455         * dom/Element.cpp:
456         * dom/Event.cpp:
457         * dom/EventDispatcher.cpp:
458         * dom/EventTarget.cpp:
459         * dom/EventTarget.h:
460         * dom/KeyboardEvent.cpp:
461         * dom/MessageEvent.cpp:
462         * dom/MessagePort.cpp:
463         * dom/ScriptElement.cpp:
464         * dom/ScriptExecutionContext.cpp:
465         * dom/ScriptExecutionContext.h:
466         * dom/SecurityContext.h:
467         * dom/SimulatedClick.cpp:
468         * dom/TextEvent.cpp:
469         * dom/WebKitNamedFlow.cpp:
470         * editing/FrameSelection.cpp:
471         * fileapi/FileReader.cpp:
472         * html/HTMLLinkElement.cpp:
473         * html/HTMLPlugInImageElement.cpp:
474         * html/HTMLStyleElement.cpp:
475         * html/HTMLSummaryElement.cpp:
476         * html/HTMLTrackElement.cpp:
477         * html/HTMLVideoElement.cpp:
478         * html/InputType.cpp:
479         * html/MediaController.cpp:
480         * html/TextFieldInputType.cpp:
481         * html/canvas/WebGLRenderingContextBase.cpp:
482         * html/parser/HTMLScriptRunner.cpp:
483         * html/shadow/MediaControlElementTypes.cpp:
484         * html/shadow/MediaControls.cpp:
485         * html/shadow/MediaControlsApple.cpp:
486         * html/shadow/SliderThumbElement.cpp:
487         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
488         * inspector/InspectorIndexedDBAgent.cpp:
489         * loader/DocumentLoader.cpp:
490         * loader/ImageLoader.cpp:
491         * loader/PolicyChecker.cpp:
492         * mathml/MathMLSelectElement.cpp:
493         * page/DOMWindow.h:
494         * page/EventSource.cpp:
495         * page/FrameView.cpp:
496         * page/Performance.cpp:
497         * page/csp/ContentSecurityPolicy.cpp:
498         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
499         * platform/network/HTTPHeaderMap.h:
500         * platform/network/ResourceHandle.cpp:
501         * rendering/RenderEmbeddedObject.cpp:
502         * rendering/RenderSnapshottedPlugIn.cpp:
503         * svg/SVGSVGElement.cpp:
504         * svg/SVGUseElement.cpp:
505         * svg/animation/SVGSMILElement.cpp:
506         * workers/WorkerGlobalScope.h:
507         * xml/XMLHttpRequest.cpp:
508         * xml/XMLHttpRequestProgressEventThrottle.cpp:
509         * xml/XMLHttpRequestUpload.cpp:
510
511 2016-06-15  Antti Koivisto  <antti@apple.com>
512
513         GoogleMaps transit schedule explorer comes up blank initially
514         https://bugs.webkit.org/show_bug.cgi?id=158803
515         rdar://problem/25818080
516
517         Reviewed by Andreas Kling.
518
519         In case we had something like
520
521         .foo bar { ... }
522
523         and later a new stylesheet was added dynamically that contained
524
525         .foo baz { ... }
526
527         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
528         cause some style invalidations to be missed.
529
530         * css/DocumentRuleSets.cpp:
531         (WebCore::DocumentRuleSets::collectFeatures):
532
533         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
534         are added (==collectFeatures is called).
535
536 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
537
538         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
539         https://bugs.webkit.org/show_bug.cgi?id=158258
540
541         Reviewed by Darin Adler.
542
543         The "fill-available" size is defined as the containing block's size less
544         the box's border and padding size. However, when used for min-width we
545         should ensure we don't get negative values as result of logical width
546         computation.
547
548         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
549
550         This patch ensure fill-available value computed value will be always
551         greater than box's boder and padding width.
552
553         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
554
555         * rendering/RenderBox.cpp:
556         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
557
558 2016-06-15  Alex Christensen  <achristensen@webkit.org>
559
560         Fix 2d canvas transform after r192900
561         https://bugs.webkit.org/show_bug.cgi?id=158725
562         rdar://problem/26774230
563
564         Reviewed by Dean Jackson.
565
566         Test: fast/canvas/canvas-transform-inverse.html
567
568         * html/canvas/CanvasRenderingContext2D.cpp:
569         (WebCore::CanvasRenderingContext2D::transform):
570         r192900 was intended to have no change in behavior, but I made a typo.
571         We need to apply the inverse of the original transform to the path to be correct.
572         This affects transforms applied to the canvas during the creation of a path.
573
574 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
575
576         [iOS] Make HTMLMediaElement.muted mutable
577         https://bugs.webkit.org/show_bug.cgi?id=158787
578         <rdar://problem/24452567>
579
580         Reviewed by Dean Jackson.
581
582         Tests: media/audio-playback-restriction-removed-muted.html
583                media/audio-playback-restriction-removed-track-enabled.html
584
585         * html/HTMLMediaElement.cpp:
586         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
587           the track state was changed as a result of a user gesture.
588         (WebCore::HTMLMediaElement::setMuted): Ditto.
589         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
590           parameter so caller can choose which restrictions are removed.
591         * html/HTMLMediaElement.h:
592
593         * html/MediaElementSession.cpp:
594         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
595         * html/MediaElementSession.h:
596
597         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
598         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
599         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
600           was called before the player was created.
601         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
602           is no AVPlayer, not if we won't have metadata yet.
603         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
604
605 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
606
607         Enabling Shadow DOM for all platforms
608         https://bugs.webkit.org/show_bug.cgi?id=158738
609
610         Reviewed by Ryosuke Niwa.
611
612         No new tests (no new behavior to be tested).
613
614         Removed Shadow DOM from options (enabled by default)
615         (comprises removal of corresponding preprocessor directives)
616
617         * Configurations/FeatureDefines.xcconfig:
618         * DerivedSources.make:
619         * bindings/generic/RuntimeEnabledFeatures.h:
620         * bindings/js/JSDocumentFragmentCustom.cpp:
621         * bindings/js/JSNodeCustom.cpp:
622         * css/CSSGrammar.y.in:
623         * css/CSSParser.cpp:
624         * css/CSSParserValues.cpp:
625         * css/CSSParserValues.h:
626         * css/CSSSelector.cpp:
627         * css/CSSSelector.h:
628         * css/ElementRuleCollector.cpp:
629         * css/ElementRuleCollector.h:
630         * css/RuleSet.cpp:
631         * css/RuleSet.h:
632         * css/SelectorChecker.cpp:
633         * css/SelectorChecker.h:
634         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
635         * css/StyleResolver.cpp:
636         * cssjit/SelectorCompiler.cpp:
637         * dom/ComposedTreeAncestorIterator.h:
638         * dom/ComposedTreeIterator.cpp:
639         * dom/ComposedTreeIterator.h:
640         * dom/ContainerNode.cpp:
641         * dom/Document.cpp:
642         * dom/Document.h:
643         * dom/Element.cpp:
644         * dom/Element.h:
645         * dom/Element.idl:
646         * dom/Event.idl:
647         * dom/EventPath.cpp:
648         * dom/Node.cpp:
649         * dom/Node.h:
650         * dom/NonDocumentTypeChildNode.idl:
651         * dom/ShadowRoot.cpp:
652         * dom/ShadowRoot.h:
653         * dom/ShadowRoot.idl:
654         * dom/SlotAssignment.cpp:
655         * dom/SlotAssignment.h:
656         * html/HTMLSlotElement.cpp:
657         * html/HTMLSlotElement.h:
658         * html/HTMLSlotElement.idl:
659         * html/HTMLTagNames.in:
660         * page/FocusController.cpp:
661         * style/StyleSharingResolver.cpp:
662         * style/StyleTreeResolver.cpp:
663
664 2016-06-15  Andreas Kling  <akling@apple.com>
665
666         [Cocoa] Add two notify listeners for poking the garbage collector.
667         <https://webkit.org/b/158783>
668
669         Reviewed by Antti Koivisto.
670
671         Add two new notify listeners:
672
673         - com.apple.WebKit.fullGC
674
675             Trigger a full garbage collection in the main WebCore VM immediately.
676
677         - com.apple.WebKit.deleteAllCode
678
679             Throw away all of JSC's linked and unlinked code, and do a full GC.
680
681         These will make it easier to diagnose memory growth issues by having a lever that
682         eliminates many of the large object graphs without going after behavior-changing things
683         like the memory cache.
684
685         * platform/MemoryPressureHandler.cpp:
686         (WebCore::MemoryPressureHandler::platformInitialize):
687         * platform/MemoryPressureHandler.h:
688         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
689         (WebCore::MemoryPressureHandler::platformInitialize):
690
691 2016-06-15  Antti Koivisto  <antti@apple.com>
692
693         Vary:Cookie validation doesn't work in private browsing
694         https://bugs.webkit.org/show_bug.cgi?id=158616
695         <rdar://problem/26755067>
696
697         Reviewed by Andreas Kling.
698
699         There wasn't a way to get cookie based on SessionID from WebCore.
700
701         * platform/CookiesStrategy.h:
702
703             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
704
705         * platform/network/CacheValidation.cpp:
706         (WebCore::headerValueForVary):
707
708             Use it.
709
710         (WebCore::verifyVaryingRequestHeaders):
711
712 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
713
714         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
715         https://bugs.webkit.org/show_bug.cgi?id=158732
716
717         Reviewed by Brent Fulgham.
718
719         Implement support for getting selected text range.
720
721         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
722         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
723
724 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
725
726         Addressing post-review comments after r201971
727         https://bugs.webkit.org/show_bug.cgi?id=158450
728
729         Unreviewed.
730
731         * css/CSSFontFaceSet.cpp:
732         (WebCore::CSSFontFaceSet::add):
733         (WebCore::CSSFontFaceSet::remove):
734
735 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
736
737         Honor bidi unicode codepoints
738         https://bugs.webkit.org/show_bug.cgi?id=149170
739         <rdar://problem/26527378>
740
741         Reviewed by Simon Fraser.
742
743         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
744         unexpected output when they are present. Fix by considering such code points as
745         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
746         the codepoints fully in our Bidi algorithm.
747
748         Test: fast/text/isolate-ignore.html
749
750         * platform/graphics/Font.cpp:
751         (WebCore::createAndFillGlyphPage):
752         * platform/text/BidiResolver.h:
753         (WebCore::Subclass>::createBidiRunsForLine):
754
755 2016-06-14  Antoine Quint  <graouts@apple.com>
756
757         [iOS] Play glyph is pixelated when the page zoom is large
758         https://bugs.webkit.org/show_bug.cgi?id=158770
759         <rdar://problem/26092124>
760
761         Reviewed by Dean Jackson.
762
763         Use the same technique that we use to scale the video controls by using a combination
764         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
765         native size regardless of page zoom.
766
767         * Modules/mediacontrols/mediaControlsiOS.js:
768         (ControllerIOS.prototype.set pageScaleFactor):
769
770 2016-06-14  Chris Dumez  <cdumez@apple.com>
771
772         Regression(r201534): Compile time greatly regressed
773         https://bugs.webkit.org/show_bug.cgi?id=158765
774         <rdar://problem/26587342>
775
776         Reviewed by Darin Adler.
777
778         Compile time greatly regressed by r201534 due to Document.h now including
779         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
780         restore pre-r201534 behavior.
781
782         * WebCore.xcodeproj/project.pbxproj:
783         * dom/Document.cpp:
784         (WebCore::TextAutoSizingTraits::constructDeletedValue):
785         (WebCore::TextAutoSizingTraits::isDeletedValue):
786         * dom/Document.h:
787         * rendering/TextAutoSizing.h:
788         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
789         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
790
791 2016-06-14  Antoine Quint  <graouts@apple.com>
792
793         Inline media controls cut off PiP and fullscreen buttons on cnn.com
794         https://bugs.webkit.org/show_bug.cgi?id=158766
795         <rdar://problem/24175161>
796
797         Reviewed by Dean Jackson.
798
799         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
800         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
801         both those buttons are updated when the number of video tracks has changed since the controls
802         may be populated prior to the availability of video tracks.
803
804         * Modules/mediacontrols/mediaControlsApple.js:
805         (Controller.prototype.updateHasVideo):
806
807 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
808
809         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
810         https://bugs.webkit.org/show_bug.cgi?id=158762
811
812         Reviewed by Timothy Hatcher.
813
814         Test: inspector/timeline/setInstruments-errors.html
815
816         * inspector/InspectorTimelineAgent.cpp:
817         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
818         (WebCore::InspectorTimelineAgent::setInstruments):
819         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
820         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
821         * inspector/InspectorTimelineAgent.h:
822
823 2016-06-14  Dean Jackson  <dino@apple.com>
824
825         decompose4 return value is unchecked, leading to potentially uninitialized data.
826         https://bugs.webkit.org/show_bug.cgi?id=158761
827         <rdar://problem/17526268>
828
829         Reviewed by Simon Fraser.
830
831         WebCore::decompose4 could return early without initializing data.
832         I now initialize it, but I also started checking the return
833         value at all the call sites to make sure everything is sensible.
834
835         Test: transforms/undecomposable.html
836
837         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
838         (WebCore::PerspectiveTransformOperation::blend):
839         * platform/graphics/transforms/RotateTransformOperation.cpp:
840         (WebCore::RotateTransformOperation::blend):
841         * platform/graphics/transforms/TransformationMatrix.cpp:
842         (WebCore::decompose4):
843         (WebCore::TransformationMatrix::blend4):
844         * platform/graphics/transforms/TransformationMatrix.h:
845
846 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
847
848         Add the unprefixed version of the pseudo element ::placeholder
849         https://bugs.webkit.org/show_bug.cgi?id=158653
850
851         Reviewed by Dean Jackson.
852
853         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
854
855         The pseudo element ::-webkit-input-placeholder is stupidly popular
856         which forces other engines to support this exact name.
857
858         The pseudo-element spec provides a new standard name we can adopt
859         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
860
861         This patch does just that, make ::placeholder the standard name to select
862         the placeholder element in the shadow dom of input elements.
863
864         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
865         I want to keep the absurdly efficient matching we currently use for styling
866         because style updates are more common than stylesheet updates.
867         With that constraint in mind, the value of CSSSelector has to be the unprefixed
868         version for both forms of input.
869
870         This leaves us with the problem of displaying the CSSSelector for CSSOM.
871         To differentiate the legacy form from the standard form, I added
872         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
873         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
874         the original value "-webkit-input-placeholder" by the standard value.
875         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
876         let us replace the standard for by the legacy form.
877
878         * css/CSSParserValues.cpp:
879         (WebCore::CSSParserSelector::parsePseudoElementSelector):
880         * css/CSSSelector.cpp:
881         (WebCore::CSSSelector::pseudoId):
882         (WebCore::CSSSelector::selectorText):
883         * css/CSSSelector.h:
884         (WebCore::CSSSelector::isCustomPseudoElement):
885         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
886         * css/SelectorChecker.cpp:
887         (WebCore::SelectorChecker::matchRecursively):
888         * css/SelectorPseudoElementTypeMap.in:
889         * css/html.css:
890         (::placeholder):
891         (input::placeholder, isindex::placeholder):
892         (textarea::placeholder):
893         (::-webkit-input-placeholder): Deleted.
894         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
895         (textarea::-webkit-input-placeholder): Deleted.
896         * features.json:
897         * html/shadow/TextControlInnerElements.cpp:
898         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
899
900 2016-06-14  Doug Russell  <d_russell@apple.com>
901
902         AX: Form label text should be exposed as static text if it contains only static text
903         https://bugs.webkit.org/show_bug.cgi?id=158634
904
905         Reviewed by Chris Fleizach.
906
907         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
908         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
909         if all children are static text.
910         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
911         textUnderElement() if true.
912         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
913         StaticTextRole for LabelRole if true.
914         Cache containsOnlyStaticText() in the common case when updating children.
915
916         Tests: accessibility/mac/label-element-all-text-string-value.html
917                accessibility/mac/label-element-with-link-string-value.html
918
919         * CMakeLists.txt:
920         * WebCore.xcodeproj/project.pbxproj:
921         * accessibility/AXObjectCache.cpp:
922         (WebCore::createFromRenderer):
923         * accessibility/AccessibilityAllInOne.cpp:
924         * accessibility/AccessibilityLabel.cpp: Added.
925         (WebCore::AccessibilityLabel::AccessibilityLabel):
926         (WebCore::AccessibilityLabel::~AccessibilityLabel):
927         (WebCore::AccessibilityLabel::create):
928         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
929         (WebCore::AccessibilityLabel::stringValue):
930         (WebCore::childrenContainOnlyStaticText):
931         (WebCore::AccessibilityLabel::containsOnlyStaticText):
932         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
933         (WebCore::AccessibilityLabel::clearChildren):
934         (WebCore::AccessibilityLabel::insertChild):
935         * accessibility/AccessibilityLabel.h: Added.
936         * accessibility/AccessibilityObject.h:
937         (WebCore::AccessibilityObject::isLabel):
938         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
939         (-[WebAccessibilityObjectWrapper role]):
940
941 2016-06-14  Commit Queue  <commit-queue@webkit.org>
942
943         Unreviewed, rolling out r202057.
944         https://bugs.webkit.org/show_bug.cgi?id=158749
945
946         This change broke the Windows build. (Requested by ryanhaddad
947         on #webkit).
948
949         Reverted changeset:
950
951         "Honor bidi unicode codepoints"
952         https://bugs.webkit.org/show_bug.cgi?id=149170
953         http://trac.webkit.org/changeset/202057
954
955 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
956
957         Honor bidi unicode codepoints
958         https://bugs.webkit.org/show_bug.cgi?id=149170
959         <rdar://problem/26527378>
960
961         Reviewed by Simon Fraser.
962
963         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
964         unexpected output when they are present. Fix by considering such code points as
965         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
966         the codepoints fully in our Bidi algorithm.
967
968         Test: fast/text/isolate-ignore.html
969
970         * platform/graphics/Font.cpp:
971         (WebCore::createAndFillGlyphPage):
972         * platform/text/BidiResolver.h:
973         (WebCore::Subclass>::createBidiRunsForLine):
974
975 2016-06-14  Commit Queue  <commit-queue@webkit.org>
976
977         Unreviewed, rolling out r200455.
978         https://bugs.webkit.org/show_bug.cgi?id=158740
979
980         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
981
982         Reverted changeset:
983
984         "[GStreamer] Adaptive streaming issues"
985         https://bugs.webkit.org/show_bug.cgi?id=144040
986         http://trac.webkit.org/changeset/200455
987
988 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
989
990         WebRTC: RTCPeerConnection::addTrack() should throw InvalidAccessError instead of InvalidModificationError.
991         https://bugs.webkit.org/show_bug.cgi?id=158735
992
993         Reviewed by Eric Carlson.
994
995         Throw InvalidAccessError instead of InvalidModificationError when track already exists in connection's
996         set of senders as per specification (https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtrack).
997
998         Updated existing test results: fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt
999
1000         * Modules/mediastream/RTCPeerConnection.cpp:
1001         (WebCore::RTCPeerConnection::addTrack):
1002
1003 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1004
1005         WebRTC: Imlement MediaEndpointPeerConnection::addIceCandidate()
1006         https://bugs.webkit.org/show_bug.cgi?id=158690
1007
1008         Reviewed by Eric Carlson.
1009
1010         Implement MediaEndpointPeerConnection::addIceCandidate() that is the MediaEndpoint
1011         implementation of RTCPeerConnection.addIceCandidate() [1].
1012
1013         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-peerconnection-addicecandidate
1014
1015         Test: fast/mediastream/RTCPeerConnection-addIceCandidate.html
1016
1017         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1018         (WebCore::MediaEndpointPeerConnection::addIceCandidate):
1019         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
1020         Implemented.
1021         * Modules/mediastream/MediaEndpointPeerConnection.h:
1022         * platform/mediastream/MediaEndpoint.h:
1023         Use mid instead of mdescIndex to identify the target media description in the backend.
1024         * platform/mock/MockMediaEndpoint.cpp:
1025         Update mock method signature accordingly.
1026         (WebCore::MockMediaEndpoint::addRemoteCandidate):
1027         * platform/mock/MockMediaEndpoint.h:
1028
1029 2016-06-14  Zalan Bujtas  <zalan@apple.com>
1030
1031         Make RenderBlock::insertInto/RemoveFromTrackedRendererMaps functions static.
1032         https://bugs.webkit.org/show_bug.cgi?id=158722
1033
1034         Reviewed by Simon Fraser.
1035
1036         These functions manipulate static tracker hashmaps. They don't need to be on RenderBlock.
1037         This is also in preparation for decoupling positioned descendant tracking from descendent percentage height handling.
1038         (gPositionedDescendantsMap and gPercentHeightDescendantsMap) 
1039
1040         No change in functionality.
1041
1042         * rendering/RenderBlock.cpp:
1043         (WebCore::insertIntoTrackedRendererMaps):
1044         (WebCore::removeFromTrackedRendererMaps):
1045         (WebCore::removeBlockFromDescendantAndContainerMaps):
1046         (WebCore::RenderBlock::insertPositionedObject):
1047         (WebCore::RenderBlock::addPercentHeightDescendant):
1048         (WebCore::RenderBlock::insertIntoTrackedRendererMaps): Deleted.
1049         (WebCore::RenderBlock::removeFromTrackedRendererMaps): Deleted.
1050         * rendering/RenderBlock.h:
1051
1052 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1053
1054         WebRTC: Add media setup test where media is set up in one direction at a time
1055         https://bugs.webkit.org/show_bug.cgi?id=158691
1056
1057         Reviewed by Eric Carlson.
1058
1059         Add test for setting up media in one direction at a time. This requires a change in sdp.js
1060         to allow an SDP that doesn't contain a stream id or track id (representing
1061         a track being sent). In this test, the first answer doesn't contain any sending media.
1062
1063         Test: fast/mediastream/RTCPeerConnection-media-setup-two-dialogs.html
1064
1065         * Modules/mediastream/sdp.js:
1066
1067 2016-06-14  Chris Dumez  <cdumez@apple.com>
1068
1069         [Cocoa] Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit()
1070         https://bugs.webkit.org/show_bug.cgi?id=158717
1071
1072         Reviewed by Alex Christensen.
1073
1074         Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit() by
1075         calling CFHTTPMessageCopyAllHeaderFields() instead of [NSURLResponse allHeaderFields].
1076
1077         CFHTTPMessageCopyAllHeaderFields() creates only 1 copy while
1078         [NSURLResponse allHeaderFields] creates 2 (see <rdar://problem/26778863>).
1079
1080         * platform/network/cocoa/ResourceResponseCocoa.mm:
1081         (WebCore::addToHTTPHeaderMap):
1082         (WebCore::ResourceResponse::platformLazyInit):
1083
1084 2016-06-14  David Kilzer  <ddkilzer@apple.com>
1085
1086         REGRESSION (r151608): Leak of QTMovieLayer or AVPlayerLayer in -[WebVideoFullscreenController setVideoElement:]
1087         <https://webkit.org/b/158729>
1088
1089         Reviewed by Eric Carlson.
1090
1091         * platform/mac/WebVideoFullscreenController.mm:
1092         (-[WebVideoFullscreenController setVideoElement:]): Use
1093         RetainPtr<> to prevent leaks.
1094         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1095         Drive-by fix to remove unused <wtf/RetainPtr.h> import.
1096
1097 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1098
1099         The vector of mediastreams should be passed via a reference to RTCPeerConnection::addTrack()
1100         https://bugs.webkit.org/show_bug.cgi?id=158701
1101
1102         Pass vector of mediastreams by reference.
1103
1104         Reviewed by Youenn Fablet.
1105
1106         * Modules/mediastream/RTCPeerConnection.cpp:
1107         (WebCore::RTCPeerConnection::addTrack):
1108         * Modules/mediastream/RTCPeerConnection.h:
1109
1110 2016-06-14  Ryosuke Niwa  <rniwa@webkit.org>
1111
1112         Crash inside firstPositionInNode in checkLoadCompleteForThisFrame
1113         https://bugs.webkit.org/show_bug.cgi?id=158724
1114
1115         Reviewed by Alex Christensen.
1116
1117         Added null checks for document and document element since they could be nullptr here.
1118
1119         * loader/FrameLoader.cpp:
1120         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
1121
1122 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1123
1124         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1125         https://bugs.webkit.org/show_bug.cgi?id=158431
1126
1127         Unreviewed build fix.
1128
1129         * bindings/js/JSLocationCustom.cpp:
1130         (WebCore::JSLocation::putDelegate):
1131
1132 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1133
1134         Remove hasStaticPropertyTable (part 4: JSHTMLDocument & JSStorage)
1135         https://bugs.webkit.org/show_bug.cgi?id=158431
1136
1137         Reviewed by Chris Dumez.
1138
1139         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1140
1141         JSHTMLDocument & JSStorage contain a number of static_asserts claiming that
1142         various methods do not support static properties. These asserts were likely
1143         correct at the time they were added, as JSObject::getOwnPropertySlot and
1144         JSObject::deleteProperty did not support getting / deleting static value.
1145         This is no longer the case, and these asserts are now incorrect.
1146
1147         * bindings/js/JSHTMLDocumentCustom.cpp:
1148         (WebCore::JSHTMLDocument::getOwnPropertySlot):
1149         * bindings/js/JSStorageCustom.cpp:
1150         (WebCore::JSStorage::deleteProperty):
1151         (WebCore::JSStorage::deletePropertyByIndex):
1152         (WebCore::JSStorage::putDelegate):
1153             - remove incorrect static_asserts.
1154
1155 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1156
1157         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1158         https://bugs.webkit.org/show_bug.cgi?id=158431
1159
1160         Reviewed by Geoff Garen.
1161
1162         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1163
1164         JSLocation::putDelegate checks the static property table redundantly.
1165
1166         In the case of same origin access, if the property is not in the static
1167         table the method will call JSObject::put and return true (indicating the
1168         delegate handled the put). If the property is in the static table, the
1169         method will return false (indicating the the delegate did not handle the
1170         access) - in which case the calling function will call JSObject::put.
1171         Checking for the property in the static table is redundant - same origin
1172         access does not require any special handling, and should just always
1173         return false & let the caller handle the put.
1174
1175         In the case of cross origin access, if the property is not in the static
1176         table we return true (indicating the access was handled, and silently
1177         blocking it). If it is a static property, we check the name, and if the
1178         name is not 'href' we also return true, silently blocking. In the case
1179         that the name is 'href' we'll return false, indicating to the caller
1180         that the access was not handled by the delegate, resulting in it taking
1181         place. The additional check of the static table is redundant, since we
1182         only have special behaviour in the case of 'href'. (Moreover it is
1183         unnecesszarily fragile, since if we made a change such that 'href' was no
1184         longer implemented as a static property with would fail.)
1185
1186         - for same origin, always return false.
1187         - for cross origin, return false for 'href', otherwise return true.
1188
1189         * bindings/js/JSLocationCustom.cpp:
1190         (WebCore::JSLocation::putDelegate):
1191             - restructure & remove static table check.
1192
1193 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1194
1195         Remove hasStaticPropertyTable (part 2: JSPluginElement)
1196         https://bugs.webkit.org/show_bug.cgi?id=158431
1197
1198         Reviewed by Chris Dumez.
1199
1200         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1201
1202         The check in pluginElementCustomGetOwnPropertySlot was somewhat dubious in the
1203         first place (for types with static properties it would give precedence to both
1204         static and also property storage properties; for types without static properties
1205         it would check neither - an odd asymetry in the case of values in the storage
1206         array, and was depending on an implementation detail that could change).
1207
1208         This is all now redundant anyway. None of these types have static properties.
1209         All properties are now corretcly on the prototype (which is handled appropriately
1210         below). This is just dead code.
1211
1212         * bindings/js/JSPluginElementFunctions.h:
1213         (WebCore::pluginElementCustomGetOwnPropertySlot):
1214             - remove dead code.
1215
1216 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1217
1218         Remove hasStaticPropertyTable (part 1: DOM bindings)
1219         https://bugs.webkit.org/show_bug.cgi?id=158431
1220
1221         Reviewed by Chris Dumez.
1222
1223         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1224
1225         * bindings/js/JSDOMBinding.h:
1226         (WebCore::getStaticValueSlotEntryWithoutCaching): Deleted.
1227         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>): Deleted.
1228             - this method is not used anywhere.
1229
1230 2016-06-13  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1231
1232         WebRTC: Imlement MediaEndpointPeerConnection::replaceTrack()
1233         https://bugs.webkit.org/show_bug.cgi?id=158688
1234
1235         Reviewed by Eric Carlson.
1236
1237         Implement MediaEndpointPeerConnection::replaceTrack() that is the MediaEndpoint implementation
1238         of RTCRtpSender.replaceTrack() [1].
1239
1240         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcrtpsender-replacetrack
1241
1242         Updated fast/mediastream/RTCRtpSender-replaceTrack.html
1243
1244         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1245         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1246         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1247         Implemented.
1248         * Modules/mediastream/MediaEndpointPeerConnection.h:
1249         * Modules/mediastream/PeerConnectionBackend.h:
1250         * Modules/mediastream/RTCPeerConnection.cpp:
1251         (WebCore::RTCPeerConnection::replaceTrack):
1252         * Modules/mediastream/RTCPeerConnection.h:
1253         Move the MediaStreamTrack instance of sending a reference to it. This change is the main
1254         reason many files are touched by this change.
1255         * Modules/mediastream/RTCRtpSender.h:
1256         * Modules/mediastream/RTCRtpSender.idl:
1257         * platform/mediastream/MediaEndpoint.h:
1258         Use mid instead of mdescIndex to identify the media description in the backend.
1259         * platform/mock/MockMediaEndpoint.cpp:
1260         (WebCore::MockMediaEndpoint::replaceSendSource):
1261         * platform/mock/MockMediaEndpoint.h:
1262
1263 2016-06-13  Joseph Pecoraro  <pecoraro@apple.com>
1264
1265         window.onerror should pass the ErrorEvent's 'error' property as the 5th argument to the event handler
1266         https://bugs.webkit.org/show_bug.cgi?id=55092
1267         <rdar://problem/25731279>
1268
1269         Reviewed by Dean Jackson.
1270
1271         This includes the actual Error in window.error / ErrorEvent:
1272         https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface
1273
1274         This is useful for scripts to be able to get an error stack
1275         from uncaught exceptions, by checking the error itself.
1276
1277         Tests: fast/events/window-onerror17.html
1278                http/tests/security/cross-origin-script-error-event-redirected.html
1279                http/tests/security/cross-origin-script-error-event.html
1280                http/tests/security/script-crossorigin-error-event-information.html
1281                http/tests/security/script-no-crossorigin-error-event-should-be-sanitized.html
1282                userscripts/window-onerror-for-isolated-world-3.html
1283
1284         * CMakeLists.txt:
1285         * WebCore.xcodeproj/project.pbxproj:
1286         * bindings/js/JSBindingsAllInOne.cpp:
1287         Add new custom error event file.
1288
1289         * bindings/js/JSDOMBinding.cpp:
1290         (WebCore::reportException):
1291         Include the JSC::Exception when reporting exceptions, so the error value is available.
1292         
1293         * bindings/js/JSErrorEventCustom.cpp:
1294         (WebCore::JSErrorEvent::error):
1295         Sanitized access to the ErrorEvent's error property to prevent leaking objects
1296         across isolated world boundaries. This is like CustomEvent's data property.
1297
1298         * bindings/js/JSErrorHandler.cpp:
1299         (WebCore::JSErrorHandler::handleEvent):
1300         * bindings/js/JSErrorHandler.h:
1301         Include the error object as the 4th argument to the window.onerror event handler.
1302
1303         * dom/ScriptExecutionContext.cpp:
1304         (WebCore::ScriptExecutionContext::sanitizeScriptError):
1305         (WebCore::ScriptExecutionContext::reportException):
1306         (WebCore::ScriptExecutionContext::dispatchErrorEvent):
1307         * dom/ScriptExecutionContext.h:
1308         Include the error object in the ErrorEvent constructed when dispatching error events.
1309
1310         * dom/ErrorEvent.cpp:
1311         (WebCore::ErrorEvent::ErrorEvent):
1312         (WebCore::ErrorEvent::sanitizedErrorValue):
1313         (WebCore::ErrorEvent::trySerializeError):
1314         * dom/ErrorEvent.h:
1315         * dom/ErrorEvent.idl:
1316         Include an any "error" property on the ErrorEvent, and allow it in initialization.
1317
1318         * bindings/js/WorkerScriptController.cpp:
1319         (WebCore::WorkerScriptController::evaluate):
1320         * workers/WorkerMessagingProxy.cpp:
1321         (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
1322         Within the Worker world, the error is included in the event.
1323         When re-dispatching the error on the world object in the world that spawned the
1324         Worker the event does not include an error object. This matches other browsers
1325         right now, but could be improved to have the same cross world serialization
1326         as isolated worlds have with the error data.
1327
1328         * dom/CustomEvent.h:
1329         Remove unimplemented stale method.
1330
1331 2016-06-13  Dean Jackson  <dino@apple.com>
1332
1333         SVG elements don't blend correctly into HTML
1334         https://bugs.webkit.org/show_bug.cgi?id=158718
1335         <rdar://problem/26782004>
1336
1337         Reviewed by Antoine Quint.
1338
1339         We were not creating any transparency layers for the root SVG nodes.
1340         This is ok if the SVG is the root document, because it is the backdrop.
1341         However, if it is inline SVG, it needs to apply the operation in
1342         order to composite into the document.
1343
1344         Test: svg/css/mix-blend-mode-with-inline-svg.html
1345
1346         * rendering/RenderLayer.cpp:
1347         (WebCore::RenderLayer::beginTransparencyLayers):
1348
1349 2016-06-13  Brady Eidson  <beidson@apple.com>
1350
1351         storage/indexeddb/modern/leaks-1.html leaks the database connection handle.
1352         https://bugs.webkit.org/show_bug.cgi?id=158643
1353
1354         Reviewed by Alex Christensen.
1355
1356         Tested by changes to existing test.
1357
1358         * Modules/indexeddb/IDBDatabase.cpp:
1359         (WebCore::IDBDatabase::hasPendingActivity):
1360         
1361         * dom/EventTarget.h:
1362         (WebCore::EventTarget::eventTargetData):
1363         (WebCore::EventTarget::hasEventListeners):
1364
1365
1366 2016-06-13  Enrica Casucci  <enrica@apple.com>
1367
1368         REGRESSION(r201956): Failure to initialize new internal settings produced random test failures in release.
1369         https://bugs.webkit.org/show_bug.cgi?id=158713
1370         rdar://26769957
1371
1372         Reviewed by Simon Fraser.
1373
1374         Failed to initialize the new member variable in both Settings and InternalSettings classes.
1375
1376         * page/Settings.cpp:
1377         (WebCore::Settings::Settings):
1378         * testing/InternalSettings.cpp:
1379         (WebCore::InternalSettings::Backup::Backup):
1380
1381 2016-06-13  Chris Dumez  <cdumez@apple.com>
1382
1383         Drop HipChat hack introduced in r197548
1384         https://bugs.webkit.org/show_bug.cgi?id=158711
1385
1386         Reviewed by Geoffrey Garen.
1387
1388         Drop HipChat hack introduced in r197548. This hack is no longer needed
1389         as the bug was fixed in HipChat since then:
1390         https://support.atlassian.com/servicedesk/customer/portal/32/HCP-7532
1391
1392         I have confirmed locally that the latest version (4.0.12.665) is able
1393         to connect without the hack.
1394
1395         * bindings/js/JSLocationCustom.cpp:
1396         (WebCore::JSLocation::putDelegate): Deleted.
1397         * platform/RuntimeApplicationChecks.h:
1398         * platform/RuntimeApplicationChecks.mm:
1399         (WebCore::MacApplication::isHipChat): Deleted.
1400
1401 2016-06-13  Chris Fleizach  <cfleizach@apple.com>
1402
1403         AX: CrashTracer: com.apple.WebKit.WebContent at WebCore::AccessibilityRenderObject::remoteSVGRootElement const + 227
1404         https://bugs.webkit.org/show_bug.cgi?id=158685
1405
1406         Reviewed by David Kilzer.
1407
1408         Crash reports show a null access at a line that tries to dereference a pointer. 
1409         I still don't have a way to layout test this, as it seems tied to tear down of the main document.
1410
1411         * accessibility/AccessibilityRenderObject.cpp:
1412         (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
1413
1414 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
1415
1416         Use two video layer solution only on mac.
1417         https://bugs.webkit.org/show_bug.cgi?id=158705
1418         rdar://problem/26776360
1419
1420         Reviewed by Jer Noble.
1421
1422         Two video layer solution is only useful on the mac to prevent flicker, so don't do it elsewhere.
1423
1424         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1425         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1426
1427 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
1428
1429         Decrease PiP flicker by not removing window prematurely.
1430         https://bugs.webkit.org/show_bug.cgi?id=158436
1431         <rdar://problem/19052639>
1432
1433         Reviewed by Darin Adler.
1434
1435         UIWindow shouldn't be removed until cleanupFullscreen, so the video layer has a chance
1436         to be reparented in the DOM first.
1437
1438         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1439         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
1440
1441 2016-06-13  Alex Christensen  <achristensen@webkit.org>
1442
1443         Add WebSocketProvider stub
1444         https://bugs.webkit.org/show_bug.cgi?id=158702
1445
1446         Reviewed by Brady Eidson.
1447
1448         No new tests.  No change in behavior.
1449
1450         * WebCore.xcodeproj/project.pbxproj:
1451         * dom/DocumentMarkerController.cpp:
1452         * dom/ScriptedAnimationController.cpp:
1453         * html/HTMLMediaElement.cpp:
1454         * html/MediaDocument.cpp:
1455         * html/shadow/MediaControlElements.cpp:
1456         * html/shadow/MediaControls.cpp:
1457         * html/shadow/MediaControls.h:
1458         * html/shadow/MediaControlsApple.cpp:
1459         * inspector/InspectorInstrumentation.cpp:
1460         * inspector/InspectorInstrumentation.h:
1461         * inspector/InspectorOverlay.cpp:
1462         (WebCore::InspectorOverlay::overlayPage):
1463         * loader/EmptyClients.h:
1464         * loader/FrameLoader.cpp:
1465         * loader/FrameLoader.h:
1466         * loader/appcache/ApplicationCacheHost.cpp:
1467         * loader/cache/CachedResource.cpp:
1468         * page/FrameView.cpp:
1469         * page/Page.cpp:
1470         (WebCore::Page::Page):
1471         * page/Page.h:
1472         (WebCore::Page::applicationCacheStorage):
1473         (WebCore::Page::databaseProvider):
1474         (WebCore::Page::socketProvider):
1475         (WebCore::Page::storageNamespaceProvider):
1476         * page/PageConfiguration.cpp:
1477         (WebCore::PageConfiguration::PageConfiguration):
1478         * page/PageConfiguration.h:
1479         * page/ResourceUsageOverlay.cpp:
1480         * page/SocketProvider.h: Added.
1481         (WebCore::SocketProvider::~SocketProvider):
1482         * page/cocoa/ResourceUsageOverlayCocoa.mm:
1483         * rendering/RenderElement.cpp:
1484         * rendering/RenderLayerBacking.cpp:
1485         * style/StyleResolveForDocument.cpp:
1486         * style/StyleTreeResolver.cpp:
1487         * svg/graphics/SVGImage.cpp:
1488         (WebCore::SVGImage::dataChanged):
1489         * testing/MockPageOverlayClient.cpp:
1490
1491 2016-06-13  Brady Eidson  <beidson@apple.com>
1492
1493         Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
1494         <rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696
1495
1496         Reviewed by David Kilzer.
1497
1498         No new tests (Covered by all existing tests in Gmalloc/ASAN configs).
1499
1500         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
1501         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
1502         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
1503
1504 2016-06-13  Brady Eidson  <beidson@apple.com>
1505
1506         Modern IDB: IDBOpenDBRequest objects leak.
1507         https://bugs.webkit.org/show_bug.cgi?id=158694
1508
1509         Reviewed by Alex Christensen.
1510
1511         No new tests (Currently have no testing strategy for guaranteeing lifetime of WebCore DOM objects)
1512
1513         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
1514         (WebCore::IDBClient::IDBConnectionProxy::completeOpenDBRequest): At this point we never need the
1515             request again, so remove it from the map.
1516
1517 2016-06-13  Chris Dumez  <cdumez@apple.com>
1518
1519         Make sure HTTPHeaderMap gets a move constructor / assignment operator
1520         https://bugs.webkit.org/show_bug.cgi?id=158695
1521         <rdar://problem/26729511>
1522
1523         Reviewed by Alex Christensen.
1524
1525         Make sure HTTPHeaderMap gets a move constructor / assignment operator.
1526         It was not getting an implicit one because of its user-declared
1527         destructor. This patch drops the user-declared destructor so that
1528         HTTPHeaderMap now gets an implicit move constructor / assignment
1529         operator.
1530
1531         Not having a move constructor / assignment operator is an issue because
1532         we rely on HTTPHeaderMap::isolatedCopy() / WTFMove() since r201623 to
1533         pass HTTPHeaderMap across thread.
1534
1535         * platform/network/HTTPHeaderMap.cpp:
1536         (WebCore::HTTPHeaderMap::~HTTPHeaderMap): Deleted.
1537         * platform/network/HTTPHeaderMap.h:
1538
1539 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1540
1541         Remove useless parameter from GenerateParametersCheck signature
1542         https://bugs.webkit.org/show_bug.cgi?id=158692
1543
1544         Reviewed by Chris Dumez.
1545
1546         Remove one parameter which is passed to GenerateParametersCheck
1547         but never used in the caller code.
1548
1549         * bindings/scripts/CodeGeneratorJS.pm:
1550         (GenerateImplementation):
1551         (GenerateParametersCheck):
1552         (GenerateConstructorDefinition):
1553
1554 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1555
1556         Improve code generator for functions with variadic parameters
1557         https://bugs.webkit.org/show_bug.cgi?id=158529
1558
1559         Reviewed by Darin Adler.
1560
1561         JS bindings code of functions with variadic parameters is improved.
1562
1563         Functions with variadic parameters are skipped for ObjC and GObject code generators.
1564
1565         * bindings/scripts/CodeGeneratorGObject.pm:
1566         (SkipFunction): Skip functions with variadic parameters.
1567         * bindings/scripts/CodeGeneratorJS.pm:
1568         (GenerateParametersCheck):
1569         * bindings/scripts/CodeGeneratorObjC.pm:
1570         (SkipFunction): Skip functions with variadic parameters.
1571         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1572         (webkit_dom_test_obj_any): Deleted.
1573         (webkit_dom_test_obj_attach_shadow_root): Deleted.
1574         (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
1575         (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
1576         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
1577         * bindings/scripts/test/JS/JSTestObj.cpp:
1578         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
1579         (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
1580         (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
1581         (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
1582         * bindings/scripts/test/ObjC/DOMTestObj.h:
1583         * bindings/scripts/test/ObjC/DOMTestObj.mm:
1584
1585 2016-06-12  Zalan Bujtas  <zalan@apple.com>
1586
1587         Cleanup RenderBlock::removePositionedObjects
1588         https://bugs.webkit.org/show_bug.cgi?id=158670
1589
1590         Reviewed by Simon Fraser.
1591
1592         No change in functionality.
1593
1594         * rendering/RenderBlock.cpp:
1595         (WebCore::RenderBlock::insertPositionedObject):
1596         (WebCore::RenderBlock::removePositionedObject):
1597         (WebCore::RenderBlock::removePositionedObjects):
1598         * rendering/RenderBlock.h:
1599
1600 2016-06-12  Zalan Bujtas  <zalan@apple.com>
1601
1602         Remove positioned descendants when RenderBlock is no longer a containing block.
1603         https://bugs.webkit.org/show_bug.cgi?id=158655
1604         <rdar://problem/26510032>
1605
1606         Reviewed by Simon Fraser.
1607
1608         Normally the RenderView is the containing block for fixed positioned renderers.
1609         However when a renderer acquires some transform related properties, it becomes the containing
1610         block for all the fixed positioned renderers in its descendant tree.
1611         When the last transform related property is removed, the renderer is no longer a containing block
1612         and we need to remove all these positioned renderers from the descendant tracker map (gPositionedDescendantsMap).
1613         They will be inserted back into the tracker map during the next layout (either under the RenderView or
1614         under the next transformed renderer in the ancestor chain).
1615
1616         Test: fast/block/fixed-position-reparent-when-transition-is-removed.html
1617
1618         * rendering/RenderBlock.cpp:
1619         (WebCore::RenderBlock::removePositionedObjectsIfNeeded):
1620
1621 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
1622
1623         Addressing post-review comments after r201978.
1624         https://bugs.webkit.org/show_bug.cgi?id=158649
1625         <rdar://problem/13258122>
1626
1627         Unreviewed.
1628
1629         * platform/graphics/FontCache.cpp:
1630         (WebCore::FontCache::alternateFamilyName):
1631         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1632         (WebCore::FontCache::platformAlternateFamilyName):
1633
1634 2016-06-11  Darin Adler  <darin@apple.com>
1635
1636         Tighten code to build set of tag names
1637         https://bugs.webkit.org/show_bug.cgi?id=158662
1638
1639         Reviewed by Alexey Proskuryakov.
1640
1641         * dom/Element.cpp:
1642         (WebCore::canAttachAuthorShadowRoot): Use an array of pointers that the loader
1643         can initialize as part of loading the library, rather than an array that needs
1644         to be initialized with code at runtime.
1645
1646 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
1647
1648         [Win] [EFL] Build fix after r201978.
1649         https://bugs.webkit.org/show_bug.cgi?id=158649
1650         <rdar://problem/13258122>
1651
1652         Unreviewed
1653
1654         * platform/graphics/freetype/FontCacheFreeType.cpp:
1655         (WebCore::FontCache::platformAlternateFamilyName):
1656         * platform/graphics/win/FontCacheWin.cpp:
1657
1658 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
1659
1660         [Cocoa] Map commonly used Chinese Windows font names to names present on Cocoa operating systems
1661         https://bugs.webkit.org/show_bug.cgi?id=158649
1662         <rdar://problem/13258122>
1663
1664         Reviewed by Darin Adler.
1665
1666         There are many Chinese websites which hardcode Windows font names.
1667         We should map these to fonts which best match them on Cocoa operating
1668         systems. We can do this by using our existing fallback font name
1669         infrastructure.
1670
1671         Tests: fast/text/chinese-font-name-aliases-2.html
1672                fast/text/chinese-font-name-aliases.html
1673
1674         * platform/graphics/FontCache.cpp:
1675         (WebCore::FontCache::alternateFamilyName):
1676         (WebCore::alternateFamilyName): Deleted.
1677         * platform/graphics/FontCache.h:
1678         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1679         (WebCore::FontCache::platformAlternateFamilyName):
1680         * platform/graphics/freetype/FontCacheFreeType.cpp:
1681         (WebCore::FontCache::platformAlternateFamilyName):
1682         * platform/graphics/win/FontCacheWin.cpp:
1683         (WebCore::FontCache::platformAlternateFamilyName):
1684
1685 2016-06-11  Commit Queue  <commit-queue@webkit.org>
1686
1687         Unreviewed, rolling out r201967, r201968, and r201972.
1688         https://bugs.webkit.org/show_bug.cgi?id=158665
1689
1690         Caused flaky failures on IndexedDB tests (Requested by ap on
1691         #webkit).
1692
1693         Reverted changesets:
1694
1695         "Vary:Cookie validation doesn't work in private browsing"
1696         https://bugs.webkit.org/show_bug.cgi?id=158616
1697         http://trac.webkit.org/changeset/201967
1698
1699         "Build fix."
1700         http://trac.webkit.org/changeset/201968
1701
1702         "WinCairo build fix attempt."
1703         http://trac.webkit.org/changeset/201972
1704
1705 2016-06-11  Konstantin Tokarev  <annulen@yandex.ru>
1706
1707         Fixed compilation of LocaleICU with ENABLE(DATE_AND_TIME_INPUT_TYPES)
1708         https://bugs.webkit.org/show_bug.cgi?id=158659
1709
1710         Reviewed by Darin Adler.
1711
1712         No new tests needed.
1713
1714         * platform/text/LocaleICU.cpp:
1715         (WebCore::getFormatForSkeleton):
1716         (WebCore::LocaleICU::monthFormat):
1717         (WebCore::LocaleICU::shortMonthFormat):
1718
1719 2016-06-11  Antti Koivisto  <antti@apple.com>
1720
1721         WinCairo build fix attempt.
1722
1723         * platform/network/NetworkStorageSession.cpp:
1724         * platform/network/NetworkStorageSession.h:
1725         * platform/network/NetworkStorageSessionStub.cpp:
1726         (WebCore::NetworkStorageSession::NetworkStorageSession):
1727         (WebCore::NetworkStorageSession::context):
1728         (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
1729         (WebCore::NetworkStorageSession::switchToNewTestingSession):
1730         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
1731         (WebCore::defaultSession): Deleted.
1732         (WebCore::NetworkStorageSession::defaultStorageSession): Deleted.
1733
1734 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
1735
1736         Deleting a CSSOM style rule invalidates any previously-added FontFaces
1737         https://bugs.webkit.org/show_bug.cgi?id=158450
1738
1739         Reviewed by Darin Adler.
1740
1741         This patch has two pieces: updating the CSSOM when the FontFace changes, and
1742         updating the FontFace when the CSSOM changes.
1743
1744         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
1745         to their StyleRuleFontFace which represents their CSS-connection. When changing a
1746         property of the CSSFontFace, we simply reach into the StyleRule and update it to
1747         match. Our existing infrastructure of invalidation due to the attribute changes
1748         makes sure that all the necessary updates occur.
1749
1750         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
1751         way (for example, a new @font-face is appended to the end of the last <style>
1752         element), we can handle it directly. However, when something more invasive occurs,
1753         we end up clearing the entire CSSFontSelector, and then adding all the style rules
1754         from scratch. This involves three steps:
1755             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
1756                building up all the @font-face rules from scratch." We take this opportunity
1757                to purge as many fonts as possible. This is valuable because, for example,
1758                this function gets run when the page gets put into the page cache, so we
1759                want to destroy as much as possible. Not everything can be purged, however -
1760                only CSS-connected fonts which have never been inspected by script are
1761                purgeable. We don't allow fonts inspected by script to be purged because
1762                purging might result in a font appearing from JavaScript to transition from
1763                a success -> failure state, which we don't allow.
1764             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
1765                is called for each @font-face rule. We actually detect that we're in the
1766                middle of a style rebuild, and defer this step.
1767             c) When we're done adding all the font face rules, we call
1768                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
1769                up list of font faces with what existed previously (as remembered in
1770                CSSFontSelector::buildStarted()) in order to detect font faces which were
1771                deleted from the document. Fonts which were newly added to the document
1772                are handled naturally.
1773                Fonts which have a property modified on them are created as if they were new.
1774                However, instead of simply adding the CSSFontFace, we search for the existing
1775                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
1776                adopt this new CSSFontFace. This means that the JavaScript object will just
1777                pick up any newly-written values in the CSSOM. It also means that the
1778                "status" attribute of the JavaScript object is reset, but this is expected
1779                and allowed by the spec. (For example, if you change the "src" attribute of
1780                an @font-face block via the CSSOM, all bets are off when you inspect the
1781                FontFace JS object representing that block.)
1782
1783         Test: fast/text/font-face-set-cssom.html
1784
1785         * css/CSSFontFace.cpp:
1786         (WebCore::CSSFontFace::CSSFontFace):
1787         (WebCore::CSSFontFace::setFamilies):
1788         (WebCore::CSSFontFace::setStyle):
1789         (WebCore::CSSFontFace::setWeight):
1790         (WebCore::CSSFontFace::setUnicodeRange):
1791         (WebCore::CSSFontFace::setVariantLigatures):
1792         (WebCore::CSSFontFace::setVariantPosition):
1793         (WebCore::CSSFontFace::setVariantCaps):
1794         (WebCore::CSSFontFace::setVariantNumeric):
1795         (WebCore::CSSFontFace::setVariantAlternates):
1796         (WebCore::CSSFontFace::setVariantEastAsian):
1797         (WebCore::CSSFontFace::setFeatureSettings):
1798         (WebCore::CSSFontFace::initializeWrapper):
1799         (WebCore::CSSFontFace::wrapper):
1800         (WebCore::CSSFontFace::setWrapper):
1801         (WebCore::CSSFontFace::purgeable):
1802         (WebCore::CSSFontFace::updateStyleIfNeeded):
1803         * css/CSSFontFace.h:
1804         * css/CSSFontFaceSet.cpp:
1805         (WebCore::CSSFontFaceSet::remove):
1806         (WebCore::CSSFontFaceSet::containsCSSConnection):
1807         (WebCore::CSSFontFaceSet::purge):
1808         * css/CSSFontFaceSet.h:
1809         * css/CSSFontSelector.cpp:
1810         (WebCore::CSSFontSelector::buildStarted):
1811         (WebCore::CSSFontSelector::buildCompleted):
1812         (WebCore::CSSFontSelector::addFontFaceRule):
1813         * css/CSSFontSelector.h:
1814         * css/FontFace.cpp:
1815         (WebCore::FontFace::family):
1816         (WebCore::FontFace::style):
1817         (WebCore::FontFace::weight):
1818         (WebCore::FontFace::unicodeRange):
1819         (WebCore::FontFace::variant):
1820         (WebCore::FontFace::featureSettings):
1821         (WebCore::FontFace::adopt):
1822         * css/FontFace.h:
1823
1824 2016-06-11  Chris Dumez  <cdumez@apple.com>
1825
1826         WorkerNavigator is missing some attributes
1827         https://bugs.webkit.org/show_bug.cgi?id=158593
1828         <rdar://problem/26731334>
1829
1830         Reviewed by Darin Adler.
1831
1832         Add attributes that are missing on WorkerNavigator:
1833         - appCodeName
1834         - hardwareConcurrency
1835         - language
1836         - product
1837         - productSub
1838         - vendor
1839         - vendorSub
1840
1841         Firefox and Chrome already expose those attributes.
1842
1843         Relevant specification:
1844         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
1845
1846         This patch also refactors the IDL to match the specification more
1847         closely and promote sharing between Navigator and WorkerNavigator.
1848
1849         No new tests, updated existing test.
1850
1851         * CMakeLists.txt:
1852         * DerivedSources.make:
1853         Add new supplemental IDL files.
1854
1855         * page/Navigator.cpp:
1856         * page/Navigator.h:
1857         Moved language() / hardwareConcurrency() from Navigator to NavigatorBase
1858         so that it can be used by NavigatorWorker as well.
1859
1860         * page/NavigatorBase.h:
1861         * page/NavigatorBase.cpp:
1862         (WebCore::NavigatorBase::language):
1863         The implementation still calls defaultLanguage() but I updated it to be
1864         thread safe on all platforms.
1865
1866         (WebCore::NavigatorBase::hardwareConcurrency):
1867         Use std::call_once() for thread safety.
1868
1869         * page/Navigator.idl:
1870         * page/NavigatorConcurrentHardware.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
1871         * page/NavigatorID.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
1872         * page/NavigatorLanguage.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
1873         * page/NavigatorOnLine.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
1874         * page/WorkerNavigator.idl:
1875         Move several attributes to their own supplemental interfaces to match
1876         the specification and promote sharing with WorkerNavigator.
1877
1878         * platform/Language.cpp:
1879         (WebCore::userPreferredLanguages):
1880         * platform/Language.h:
1881         Made thread-safe on all platforms.
1882
1883 2016-06-11  Antti Koivisto  <antti@apple.com>
1884
1885         Build fix.
1886
1887         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
1888         (WebCore::NetworkStorageSession::switchToNewTestingSession):
1889
1890 2016-06-10  Antti Koivisto  <antti@apple.com>
1891
1892         Vary:Cookie validation doesn't work in private browsing
1893         https://bugs.webkit.org/show_bug.cgi?id=158616
1894         rdar://problem/26755067
1895
1896         Reviewed by Darin Adler.
1897
1898         This wasn't implemented because there was no way to get NetworkStorageSession from
1899         a SessionID on WebCore side.
1900
1901         The patch adds a simple WebCore level weak map that allows getting NetworkStorageSessions
1902         from SessionID. This seemed like the cleanest way to do this without a big refactoring
1903         around the currently WebKit2 level SessionTracker.
1904
1905         * CMakeLists.txt:
1906         * WebCore.xcodeproj/project.pbxproj:
1907         * platform/network/CacheValidation.cpp:
1908         (WebCore::headerValueForVary):
1909
1910             Get NetworkStorageSession from SessionID for cookies
1911
1912         (WebCore::verifyVaryingRequestHeaders):
1913         * platform/network/NetworkStorageSession.cpp: Added.
1914
1915             Add platform independent .cpp for NetworkStorageSession.
1916             Implement a weak map for SessionID -> NetworkStorageSession.
1917
1918         (WebCore::sessionsMap):
1919         (WebCore::NetworkStorageSession::NetworkStorageSession):
1920         (WebCore::NetworkStorageSession::~NetworkStorageSession):
1921         (WebCore::NetworkStorageSession::forSessionID):
1922
1923             Get NetworkStorageSession for sessionID.
1924
1925         * platform/network/NetworkStorageSession.h:
1926         (WebCore::NetworkStorageSession::sessionID):
1927         (WebCore::NetworkStorageSession::credentialStorage):
1928         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
1929         (WebCore::NetworkStorageSession::NetworkStorageSession):
1930
1931             Call to common constructor.
1932
1933         (WebCore::defaultNetworkStorageSession):
1934         * platform/network/soup/NetworkStorageSessionSoup.cpp:
1935         (WebCore::NetworkStorageSession::NetworkStorageSession):
1936
1937             Call to common constructor.
1938
1939         (WebCore::defaultSession):
1940         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
1941
1942 2016-06-10  Ada Chan  <adachan@apple.com>
1943
1944         Use the video element's video box when getting the inline video rect in WebVideoFullscreenManager
1945         https://bugs.webkit.org/show_bug.cgi?id=158351
1946         <rdar://problem/26567938>
1947
1948         Reviewed by Darin Adler.
1949
1950         * WebCore.xcodeproj/project.pbxproj:
1951         Change the visibility of RenderVideo.h and RenderMedia.h since we'll be importing RenderVideo.h from WebKit2.
1952         * rendering/RenderVideo.h:
1953
1954 2016-06-10  Benjamin Poulain  <bpoulain@apple.com>
1955
1956         Add support for passive event listeners on touch events
1957         https://bugs.webkit.org/show_bug.cgi?id=158601
1958
1959         Reviewed by Simon Fraser.
1960
1961         This patch wires "passive" state of EventTarget to the delivery of touch
1962         events in WebKit2.
1963
1964         Instead of having a NonFastScrollableRegion, we have a pair of regions
1965         in EventTrackingRegions.
1966         The "asynchronousDispatchRegion" tracks the area for which all event
1967         listeners are passive. For those, events should be dispatched asynchronously.
1968         The "synchronousDispatchRegion" tracks the area for which there is at
1969         least one active event listener. Events have to be dispatched synchronously
1970         for correctness.
1971
1972         Tests: fast/events/touch/ios/tap-with-active-listener-on-elements.html
1973                fast/events/touch/ios/tap-with-active-listener-on-window.html
1974                fast/events/touch/ios/tap-with-passive-listener-on-elements.html
1975                fast/events/touch/ios/tap-with-passive-listener-on-window.html
1976
1977         * WebCore.xcodeproj/project.pbxproj:
1978         * dom/Document.cpp:
1979         (WebCore::Document::wheelEventHandlersChanged):
1980         (WebCore::Document::Document): Deleted.
1981         * dom/Document.h:
1982
1983         * dom/EventListenerMap.cpp:
1984         (WebCore::EventListenerMap::containsActive):
1985         If a Target has multiple listener for an event type, we want to know
1986         if any of them is active.
1987
1988         * dom/EventListenerMap.h:
1989         * dom/EventTarget.cpp:
1990         (WebCore::EventTarget::hasActiveEventListeners):
1991         (WebCore::EventTarget::hasActiveTouchEventListeners):
1992         * dom/EventTarget.h:
1993
1994         * page/DebugPageOverlays.cpp:
1995         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
1996         I did not change the debug overlays.
1997         The NonFastScrollable area is the region for which events needs
1998         synchronous dispatch. Everything else should scroll without delay.
1999
2000         * page/FrameView.cpp:
2001         (WebCore::FrameView::scrollableAreaSetChanged):
2002         * page/Page.cpp:
2003         (WebCore::Page::nonFastScrollableRects):
2004         * page/scrolling/AsyncScrollingCoordinator.cpp:
2005         (WebCore::AsyncScrollingCoordinator::setEventTrackingRegionsDirty):
2006         (WebCore::AsyncScrollingCoordinator::willCommitTree):
2007         (WebCore::AsyncScrollingCoordinator::updateEventTrackingRegions):
2008         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
2009         (WebCore::AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2010         (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
2011         (WebCore::AsyncScrollingCoordinator::setNonFastScrollableRegionDirty): Deleted.
2012         (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion): Deleted.
2013         (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2014         * page/scrolling/AsyncScrollingCoordinator.h:
2015         (WebCore::AsyncScrollingCoordinator::eventTrackingRegionsDirty):
2016         (WebCore::AsyncScrollingCoordinator::nonFastScrollableRegionDirty): Deleted.
2017
2018         * page/scrolling/ScrollingCoordinator.cpp:
2019         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
2020         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegions):
2021         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame): Deleted.
2022         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegion): Deleted.
2023         I intentionally left the Wheel event with synchronous dispatch.
2024         This use case will need its own set of tests.
2025
2026         * page/scrolling/ScrollingCoordinator.h:
2027         (WebCore::ScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2028         (WebCore::ScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2029         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
2030         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
2031         (WebCore::ScrollingStateFrameScrollingNode::setEventTrackingRegions):
2032         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
2033         (WebCore::ScrollingStateFrameScrollingNode::setNonFastScrollableRegion): Deleted.
2034         * page/scrolling/ScrollingStateFrameScrollingNode.h:
2035         * page/scrolling/ScrollingTree.cpp:
2036         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
2037         (WebCore::ScrollingTree::commitNewTreeState):
2038         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
2039         (WebCore::ScrollingTree::isPointInNonFastScrollableRegion): Deleted.
2040         * page/scrolling/ScrollingTree.h:
2041         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2042         (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
2043         * platform/EventTrackingRegions.h: Added.
2044         (WebCore::EventTrackingRegions::isEmpty):
2045         (WebCore::EventTrackingRegions::trackingTypeForPoint):
2046         (WebCore::operator==):
2047
2048 2016-06-10  Enrica Casucci  <enrica@apple.com>
2049
2050         REGRESSION(r198177): Cannot paste an image when the pasteboard format is mime type.
2051         https://bugs.webkit.org/show_bug.cgi?id=158590
2052         rdar://problem/25471371
2053
2054         Reviewed by Darin Adler.
2055
2056         When creating a fragment from an image resource, the resource needs to
2057         be added to the document loader before setting the src attribute to the
2058         image element, otherwise loading is triggered and the loading fails.
2059         In r198177 the order of the operations was changed causing the bug.
2060         This patch adds support to test the scenario where the image in the pasteboard
2061         is available only as mime type (not WebArchive or RTFD), a situation that occurs
2062         more frequently on iOS.
2063
2064         Test: editing/pasteboard/image-in-iframe.html
2065
2066         * editing/ios/EditorIOS.mm:
2067         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2068         * editing/mac/EditorMac.mm:
2069         (WebCore::Editor::WebContentReader::readWebArchive):
2070         (WebCore::Editor::WebContentReader::readRTFD):
2071         (WebCore::Editor::WebContentReader::readRTF):
2072         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2073         * page/Settings.cpp:
2074         (WebCore::Settings::setImagesEnabled):
2075         (WebCore::Settings::setPreferMimeTypeForImages):
2076         (WebCore::Settings::setForcePendingWebGLPolicy):
2077         * page/Settings.h:
2078         (WebCore::Settings::areImagesEnabled):
2079         (WebCore::Settings::preferMimeTypeForImages):
2080         (WebCore::Settings::arePluginsEnabled):
2081         * testing/InternalSettings.cpp:
2082         (WebCore::InternalSettings::Backup::restoreTo):
2083         (WebCore::InternalSettings::setLangAttributeAwareFormControlUIEnabled):
2084         (WebCore::InternalSettings::setPreferMimeTypeForImages):
2085         (WebCore::InternalSettings::setImagesEnabled):
2086         * testing/InternalSettings.h:
2087         * testing/InternalSettings.idl:
2088
2089 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2090
2091         Fix WinCairo build after r201943
2092
2093         * platform/network/curl/MultipartHandle.cpp:
2094         (WebCore::MultipartHandle::didReceiveResponse):
2095         * platform/network/curl/ResourceHandleManager.cpp:
2096         (WebCore::handleLocalReceiveResponse):
2097         (WebCore::headerCallback):
2098         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2099
2100 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2101
2102         handleDataURL is only used by curl
2103         https://bugs.webkit.org/show_bug.cgi?id=158636
2104
2105         Reviewed by Tim Horton.
2106
2107         * CMakeLists.txt:
2108         * platform/network/DataURL.cpp: Removed.
2109         * platform/network/DataURL.h: Removed.
2110         * platform/network/curl/ResourceHandleManager.cpp:
2111         (WebCore::ResourceHandleManager::startScheduledJobs):
2112         (WebCore::handleDataURL):
2113         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2114
2115 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2116
2117         Reduce ResourceResponse copying
2118         https://bugs.webkit.org/show_bug.cgi?id=158232
2119
2120         Reviewed by Darin Adler.
2121
2122         No new tests.  No change in behavior except removing an unnecessary copy on cocoa platforms.
2123
2124         * loader/ResourceLoader.cpp:
2125         (WebCore::ResourceLoader::didSendData):
2126         (WebCore::ResourceLoader::didReceiveResponse):
2127         * loader/ResourceLoader.h:
2128         * loader/appcache/ApplicationCacheGroup.cpp:
2129         (WebCore::ApplicationCacheGroup::createResourceHandle):
2130         (WebCore::ApplicationCacheGroup::didReceiveResponse):
2131         * loader/appcache/ApplicationCacheGroup.h:
2132         * platform/graphics/PlatformMediaResourceLoader.h:
2133         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient):
2134         (WebCore::PlatformMediaResourceClient::responseReceived):
2135         (WebCore::PlatformMediaResourceClient::redirectReceived):
2136         (WebCore::PlatformMediaResourceClient::shouldCacheResponse):
2137         (WebCore::PlatformMediaResourceClient::dataSent):
2138         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
2139         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2140         (ResourceHandleStreamingClient::willSendRequest):
2141         (ResourceHandleStreamingClient::didReceiveResponse):
2142         * platform/network/BlobResourceHandle.cpp:
2143         (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
2144         (WebCore::BlobResourceHandle::notifyResponseOnError):
2145         (WebCore::BlobResourceHandle::notifyReceiveData):
2146         * platform/network/DataURL.cpp:
2147         (WebCore::handleDataURL):
2148         * platform/network/PingHandle.h:
2149         (WebCore::PingHandle::PingHandle):
2150         * platform/network/ResourceHandleClient.cpp:
2151         (WebCore::ResourceHandleClient::willSendRequestAsync):
2152         (WebCore::ResourceHandleClient::didReceiveResponseAsync):
2153         * platform/network/ResourceHandleClient.h:
2154         (WebCore::ResourceHandleClient::didSendData):
2155         (WebCore::ResourceHandleClient::didReceiveResponse):
2156         (WebCore::ResourceHandleClient::didReceiveData):
2157         * platform/network/ResourceResponseBase.cpp:
2158         (WebCore::ResourceResponseBase::ResourceResponseBase):
2159         (WebCore::ResourceResponseBase::includeCertificateInfo):
2160         (WebCore::ResourceResponseBase::suggestedFilename):
2161         (WebCore::ResourceResponseBase::certificateInfo): Deleted.
2162         * platform/network/ResourceResponseBase.h:
2163         (WebCore::ResourceResponseBase::certificateInfo):
2164         (WebCore::ResourceResponseBase::encode):
2165         (WebCore::ResourceResponseBase::decode):
2166         (WebCore::ResourceResponseBase::containsCertificateInfo): Deleted.
2167         * platform/network/SynchronousLoaderClient.cpp:
2168         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpace):
2169         (WebCore::SynchronousLoaderClient::didReceiveResponse):
2170         (WebCore::SynchronousLoaderClient::didReceiveData):
2171         * platform/network/SynchronousLoaderClient.h:
2172         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
2173         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
2174         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
2175         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
2176         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
2177         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
2178         (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
2179         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2180         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
2181         * platform/network/soup/ResourceHandleSoup.cpp:
2182         (WebCore::nextMultipartResponsePartCallback):
2183         (WebCore::sendRequestCallback):
2184
2185 2016-06-09  Ryosuke Niwa  <rniwa@webkit.org>
2186
2187         Add SPI to disable spellchecking on auto-fillable text fields
2188         https://bugs.webkit.org/show_bug.cgi?id=158611
2189
2190         Reviewed by Anders Carlsson.
2191
2192         Added a boolean flag m_isSpellCheckingEnabled to HTMLInputElement. This flag defaults to true, and can be set
2193         to false by WebKit2 C API.
2194
2195         * editing/Editor.cpp:
2196         (WebCore::Editor::isSpellCheckingEnabledFor): Fixed a bug that we were calling isSpellCheckingEnabled on
2197         the div inside an input element's shadow tree instead of the input element itself.
2198         * html/HTMLInputElement.cpp:
2199         (WebCore::HTMLInputElement::HTMLInputElement): Initialize m_spellcheckEnabled to true (it's a bit field).
2200         (WebCore::HTMLInputElement::isSpellCheckingEnabled): Added. Return false if m_spellcheckEnabled is false.
2201         * html/HTMLInputElement.h:
2202         (WebCore::HTMLInputElement::setSpellcheckEnabled): Added.
2203
2204 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2205
2206         Introduce WTF::UniqueRef
2207         https://bugs.webkit.org/show_bug.cgi?id=158596
2208
2209         Reviewed by Brady Eidson.
2210
2211         No new tests.  No change in behavior.
2212
2213         * inspector/InspectorOverlay.cpp:
2214         (WebCore::InspectorOverlay::overlayPage):
2215         * loader/EmptyClients.cpp:
2216         (WebCore::fillWithEmptyClients):
2217         * page/Page.cpp:
2218         (WebCore::Page::Page):
2219         * page/Page.h:
2220         (WebCore::Page::canStartMedia):
2221         (WebCore::Page::editorClient):
2222         (WebCore::Page::plugInClient):
2223         (WebCore::Page::mainFrame):
2224         (WebCore::Page::groupPtr): Deleted.
2225         * page/PageConfiguration.cpp:
2226         (WebCore::PageConfiguration::PageConfiguration):
2227         * page/PageConfiguration.h:
2228         * svg/graphics/SVGImage.cpp:
2229         (WebCore::SVGImage::dataChanged):
2230
2231 2016-06-10  Joseph Pecoraro  <pecoraro@apple.com>
2232
2233         Web Inspector: Cleanup InspectorIndexedDBAgent a bit
2234         https://bugs.webkit.org/show_bug.cgi?id=158598
2235
2236         Reviewed by Darin Adler.
2237
2238         * inspector/InspectorIndexedDBAgent.cpp:
2239
2240 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2241
2242         Origin header is not included in CORS requests for preloaded cross-origin resources
2243         https://bugs.webkit.org/show_bug.cgi?id=155761
2244         <rdar://problem/25351850>
2245
2246         Reviewed by Alex Christensen.
2247
2248         Making HTML preloader fully aware of crossorigin attribute value.
2249         Introducing CachedResourceRequest::setAsPotentiallyCrossOrigin as a helper routine to activate CORS mode.
2250         Making HTMLLinkElement and HTMLResourcePreloader use that routine.
2251         Making TokenPreloadScanner store the crossorigin attribute value in preload requests.
2252         Making TokenPreloadScanner store the crossorigin attribute value for link elements.
2253
2254         Test: http/tests/security/cross-origin-css-9.html
2255
2256         * html/HTMLLinkElement.cpp:
2257         (WebCore::HTMLLinkElement::process):
2258         * html/parser/HTMLPreloadScanner.cpp:
2259         (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
2260         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2261         * html/parser/HTMLResourcePreloader.cpp:
2262         (WebCore::crossOriginModeAllowsCookies):
2263         (WebCore::PreloadRequest::resourceRequest):
2264         * html/parser/HTMLResourcePreloader.h:
2265         (WebCore::PreloadRequest::setCrossOriginMode):
2266         (WebCore::PreloadRequest::PreloadRequest): Deleted.
2267         (WebCore::PreloadRequest::resourceType): Deleted.
2268         * loader/cache/CachedResourceRequest.cpp:
2269         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
2270         * loader/cache/CachedResourceRequest.h:
2271
2272 2016-06-10  Chris Dumez  <cdumez@apple.com>
2273
2274         ErrorEvent / ProgressEvent should be exposed to workers
2275         https://bugs.webkit.org/show_bug.cgi?id=158606
2276
2277         Reviewed by Brady Eidson.
2278
2279         ErrorEvent / ProgressEvent should be exposed to workers:
2280         - https://html.spec.whatwg.org/multipage/webappapis.html#errorevent
2281         - https://xhr.spec.whatwg.org/#interface-progressevent
2282
2283         Firefox and Chrome both already expose those.
2284
2285         No new tests, rebaselined existing test.
2286
2287         * dom/ErrorEvent.idl:
2288         * dom/ProgressEvent.idl:
2289
2290 2016-06-10  Chris Dumez  <cdumez@apple.com>
2291
2292         MessagePort should be exposed to workers
2293         https://bugs.webkit.org/show_bug.cgi?id=158607
2294
2295         Reviewed by Brady Eidson.
2296
2297         MessagePort should be exposed to workers:
2298         https://html.spec.whatwg.org/multipage/comms.html#messageport
2299
2300         Firefox and Chrome both already expose it.
2301
2302         No new tests, rebaselined existing test.
2303
2304         * dom/MessagePort.idl:
2305
2306 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2307
2308         Move preflight check code outside of DocumentThreadableLoader
2309         https://bugs.webkit.org/show_bug.cgi?id=158425
2310
2311         Reviewed by Darin Adler.
2312
2313         Moving preflight check code in its own class.
2314         This allows code to be easier to read, use/reuse and update.
2315
2316         Behavior should be the same as before except in the case of a preflight response
2317         being a 3XX redirect response.
2318         Before this patch, the 3XX response was directly passed to the code processing regular responses.
2319         To keep compatibility with existing tests, a didFailRedirectCheck callback is called.
2320         This should be change to a preflight failure.
2321
2322         Covered by existing tests.
2323
2324         * CMakeLists.txt:
2325         * WebCore.xcodeproj/project.pbxproj:
2326         * loader/CrossOriginPreflightChecker.cpp: Added.
2327         (WebCore::CrossOriginPreflightChecker::CrossOriginPreflightChecker):
2328         (WebCore::CrossOriginPreflightChecker::~CrossOriginPreflightChecker):
2329         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure):
2330         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
2331         (WebCore::CrossOriginPreflightChecker::notifyFinished):
2332         (WebCore::CrossOriginPreflightChecker::startPreflight):
2333         (WebCore::CrossOriginPreflightChecker::doPreflight):
2334         (WebCore::CrossOriginPreflightChecker::redirectReceived):
2335         (WebCore::CrossOriginPreflightChecker::setDefersLoading):
2336         (WebCore::CrossOriginPreflightChecker::isXMLHttpRequest):
2337         * loader/CrossOriginPreflightChecker.h: Added.
2338         * loader/DocumentThreadableLoader.cpp:
2339         (WebCore::DocumentThreadableLoader::create):
2340         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
2341         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
2342         (WebCore::DocumentThreadableLoader::setDefersLoading):
2343         (WebCore::DocumentThreadableLoader::clearResource):
2344         (WebCore::DocumentThreadableLoader::didReceiveResponse):
2345         (WebCore::DocumentThreadableLoader::didReceiveData):
2346         (WebCore::DocumentThreadableLoader::notifyFinished):
2347         (WebCore::DocumentThreadableLoader::didFinishLoading):
2348         (WebCore::DocumentThreadableLoader::didFail):
2349         (WebCore::DocumentThreadableLoader::preflightSuccess):
2350         (WebCore::DocumentThreadableLoader::preflightFailure):
2351         (WebCore::DocumentThreadableLoader::loadRequest):
2352         (WebCore::DocumentThreadableLoader::responseReceived): Deleted.
2353         (WebCore::DocumentThreadableLoader::dataReceived): Deleted.
2354         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Deleted.
2355         * loader/DocumentThreadableLoader.h:
2356         (WebCore::DocumentThreadableLoader::options):
2357         (WebCore::DocumentThreadableLoader::isLoading):
2358         (WebCore::DocumentThreadableLoader::document):
2359
2360 2016-06-10  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2361
2362         WebRTC: Imlement MediaEndpointPeerConnection::createAnswer()
2363         https://bugs.webkit.org/show_bug.cgi?id=158566
2364
2365         Reviewed by Eric Carlson.
2366
2367         Add the MediaEndpointPeerConnection implementation of RTCPeerConnection.createAnswer [1].
2368         createAnswer() creates a 'reply' to an remote offer set with setRemoteDescription(),
2369         completes the offer/answer dialog and brings the RTCPeerConnection back to the 'stable'
2370         signaling state.
2371
2372         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-createanswer
2373
2374         Test: fast/mediastream/RTCPeerConnection-inspect-answer.html
2375
2376         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2377         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2378         Align creation of RTCSessionDescription with createAnswerTask.
2379         (WebCore::MediaEndpointPeerConnection::createAnswer):
2380         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2381         Add Implementation.
2382         * Modules/mediastream/MediaEndpointPeerConnection.h:
2383
2384 2016-06-08  Sergio Villar Senin  <svillar@igalia.com>
2385
2386         [css-grid] CRASH when getting the computed style of a grid with only absolutely positioned children
2387         https://bugs.webkit.org/show_bug.cgi?id=158537
2388
2389         Reviewed by Darin Adler.
2390
2391         Absolute positioning occurs after layout of the grid and its in-flow contents, and does not
2392         contribute to the sizing of any grid tracks or affect the size/configuration of the grid in
2393         any way. This means that we should treat as empty any grid whose only children are
2394         absolutely positioned items.
2395
2396         Since r201510 empty grids are no longer internally represented by a 1x1 matrix. As we were
2397         not considering grids-with-only-absolutely-positioned-children as empty, we were trying to
2398         access some invalid position in the internal representation of the grid triggering an ASSERT
2399         in debug builds and a crash in release.
2400
2401         Test: fast/css-grid-layout/grid-only-abspos-item-computed-style-crash.html
2402
2403         * css/CSSComputedStyleDeclaration.cpp:
2404         (WebCore::valueForGridTrackList):
2405
2406 2016-06-10  Chris Dumez  <cdumez@apple.com>
2407
2408         DOMException should be exposed to workers
2409         https://bugs.webkit.org/show_bug.cgi?id=158608
2410
2411         Reviewed by Alex Christensen.
2412
2413         DOMException should be exposed to workers:
2414         https://heycam.github.io/webidl/#es-DOMException-call
2415
2416         Both Firefox and Chrome expose DOMException to workers already.
2417
2418         No new tests, rebaselined existing test.
2419
2420         * dom/DOMCoreException.idl:
2421
2422 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2423
2424         Fix CMake build.
2425
2426         * PlatformMac.cmake:
2427
2428 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2429
2430         Fix AppleWin build after r201901.
2431         https://bugs.webkit.org/show_bug.cgi?id=119839
2432
2433         * platform/graphics/ca/win/PlatformCALayerWin.cpp:
2434         (PlatformCALayerWin::backingStoreAttached):
2435         (PlatformCALayerWin::userInteractionEnabled):
2436         (PlatformCALayerWin::setUserInteractionEnabled):
2437         (PlatformCALayerWin::geometryFlipped):
2438         * platform/graphics/ca/win/PlatformCALayerWin.h:
2439
2440 2016-06-09  Chris Fleizach  <cfleizach@apple.com>
2441
2442         AX: VoiceOver Unable to View Download Progress or Completion Status for Mail Attachments
2443         https://bugs.webkit.org/show_bug.cgi?id=158581
2444
2445         Reviewed by Darin Adler.
2446
2447         Update attachment element accessibility so that:
2448            1) the action name comes first to match UI
2449            2) on iOS, it has the updates frequently trait
2450
2451         Make sure this test now runs on iOS as well.
2452
2453         Modified tests: accessibility/attachment-element.html
2454
2455         * accessibility/AccessibilityAttachment.cpp:
2456         (WebCore::AccessibilityAttachment::accessibilityText):
2457         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2458         (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
2459         (-[WebAccessibilityObjectWrapper accessibilityTraits]):
2460         (-[WebAccessibilityObjectWrapper accessibilityValue]):
2461         (-[WebAccessibilityObjectWrapper accessibilityIsAttachmentElement]):
2462         (-[WebAccessibilityObjectWrapper accessibilityIsComboBox]):
2463
2464 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2465
2466         Clean up WebCore.vcxproj after switching to CMake.
2467
2468         * WebCore.vcxproj/QTMovieWin: Removed.
2469         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoDebug.props: Removed.
2470         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoRelease.props: Removed.
2471         * WebCore.vcxproj/QTMovieWin/QTMovieWinCommon.props: Removed.
2472         * WebCore.vcxproj/QTMovieWin/QTMovieWinDebug.props: Removed.
2473         * WebCore.vcxproj/QTMovieWin/QTMovieWinPostBuild.cmd: Removed.
2474         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreBuild.cmd: Removed.
2475         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreLink.cmd: Removed.
2476         * WebCore.vcxproj/QTMovieWin/QTMovieWinProduction.props: Removed.
2477         * WebCore.vcxproj/QTMovieWin/QTMovieWinRelease.props: Removed.
2478         * WebCore.vcxproj/xcopy.excludes: Removed.
2479
2480 2016-06-09  Zalan Bujtas  <zalan@apple.com>
2481
2482         Hairline borders do not show up on 3x displays.
2483         https://bugs.webkit.org/show_bug.cgi?id=158604
2484         <rdar://problem/26511679>
2485
2486         Reviewed by Simon Fraser.
2487
2488         On a 3x display, when we convert a 1/3px hairline border from float
2489         to LayoutUnit and pixel floor the result, we end up with a 0px width border.
2490         It's because float to LayoutUnit is lossy and since the current kFixedPointDenominator % 3 != 0,
2491         flooring LayoutUnit(1/3px) ends up being 0px. (float: 1/3 -> LayoutUnit: (1/3 - 1/kFixedPointDenominator) -> floor: 0)
2492         This patch eliminates the (unnecessary) float -> LayoutUnit - float conversion on border width.   
2493
2494         Test: fast/borders/hidpi-3x-input-hairline-border.html
2495
2496         * rendering/BorderEdge.cpp:
2497         (WebCore::BorderEdge::BorderEdge):
2498         * rendering/BorderEdge.h:
2499
2500 2016-06-09  Commit Queue  <commit-queue@webkit.org>
2501
2502         Unreviewed, rolling out r201887.
2503         https://bugs.webkit.org/show_bug.cgi?id=158610
2504
2505         This change caused LayoutTest crashes under GuardMalloc and
2506         ASan (Requested by ryanhaddad on #webkit).
2507
2508         Reverted changeset:
2509
2510         "Deleting a CSSOM style rule invalidates any previously-added
2511         FontFaces"
2512         https://bugs.webkit.org/show_bug.cgi?id=158450
2513         http://trac.webkit.org/changeset/201887
2514
2515 2016-06-09  Chris Dumez  <cdumez@apple.com>
2516
2517         Address Darin's review comment on r201898.
2518         https://bugs.webkit.org/show_bug.cgi?id=158576
2519
2520         Reviewed by Darin Adler.
2521
2522         * page/Base64Utilities.h:
2523
2524 2016-06-09  Antoine Quint  <graouts@apple.com>
2525
2526         [iOS] -webkit-overflow-scrolling: touch; ignores pointer-events: none;
2527         https://bugs.webkit.org/show_bug.cgi?id=119839
2528         <rdar://problem/9671514>
2529
2530         Reviewed by Simon Fraser.
2531
2532         Propagate a "userInteractionEnabled" flag from the Web process which is used to turn off
2533         user interaction on a UIScrollView created for -webkit-overflow-scrolling: touch.
2534
2535         Test: fast/scrolling/ios/touch-scroll-pointer-events-none.html
2536
2537         * platform/graphics/GraphicsLayer.cpp:
2538         (WebCore::GraphicsLayer::GraphicsLayer):
2539         * platform/graphics/GraphicsLayer.h:
2540         (WebCore::GraphicsLayer::userInteractionEnabled):
2541         (WebCore::GraphicsLayer::setUserInteractionEnabled):
2542         * platform/graphics/ca/GraphicsLayerCA.cpp:
2543         (WebCore::GraphicsLayerCA::setUserInteractionEnabled):
2544         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
2545         (WebCore::GraphicsLayerCA::updateUserInteractionEnabled):
2546         * platform/graphics/ca/GraphicsLayerCA.h:
2547         * platform/graphics/ca/PlatformCALayer.h:
2548         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
2549         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
2550         (PlatformCALayerCocoa::userInteractionEnabled):
2551         (PlatformCALayerCocoa::setUserInteractionEnabled):
2552         * rendering/RenderLayerBacking.cpp:
2553         (WebCore::RenderLayerBacking::updateAfterDescendants):
2554
2555 2016-06-09  Chris Dumez  <cdumez@apple.com>
2556
2557         WorkerNavigator property should exist on WorkerGlobalScope
2558         https://bugs.webkit.org/show_bug.cgi?id=158574
2559         <rdar://problem/26725108>
2560
2561         Reviewed by Darin Adler.
2562
2563         WorkerNavigator property should exist on WorkerGlobalScope:
2564         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
2565
2566         Fixing this gets the number of failures on http://w3c-test.org/workers/interfaces.worker
2567         from 34 to 23.
2568
2569         No new tests, rebaselined existing test.
2570
2571         * page/WorkerNavigator.idl:
2572
2573 2016-06-09  Chris Dumez  <cdumez@apple.com>
2574
2575         atob() / btoa() API should be exposed to workers
2576         https://bugs.webkit.org/show_bug.cgi?id=158576
2577         <rdar://problem/26729340>
2578
2579         Reviewed by Sam Weinig.
2580
2581         Expose atob() / btoa() API to workers as per:
2582         https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope
2583
2584         This aligns our behavior with Firefox and Chrome as well.
2585
2586         Test: fast/workers/atob-btoa.html
2587
2588         * CMakeLists.txt:
2589         * DerivedSources.cpp:
2590         * DerivedSources.make:
2591         * PlatformMac.cmake:
2592         * WebCore.xcodeproj/project.pbxproj:
2593         * page/Base64Utilities.cpp: Added.
2594         (WebCore::Base64Utilities::btoa):
2595         (WebCore::Base64Utilities::atob):
2596         * page/Base64Utilities.h: Added.
2597         * page/DOMWindow.cpp:
2598         (WebCore::DOMWindow::find): Deleted.
2599         (WebCore::DOMWindow::offscreenBuffering): Deleted.
2600         (WebCore::DOMWindow::outerHeight): Deleted.
2601         (WebCore::DOMWindow::outerWidth): Deleted.
2602         * page/DOMWindow.h:
2603         * page/DOMWindow.idl:
2604         * page/WindowBase64.idl: Removed.
2605         * page/WindowOrWorkerGlobalScope.idl: Renamed from Source/WebCore/page/WindowTimers.idl.
2606         * workers/WorkerGlobalScope.h:
2607         * workers/WorkerGlobalScope.idl:
2608
2609 2016-06-09  John Wilander  <wilander@apple.com>
2610
2611         Restrict HTTP/0.9 responses to default ports and cancel HTTP/0.9 resource loads if the document was loaded with another HTTP protocol
2612         https://bugs.webkit.org/show_bug.cgi?id=158589
2613         <rdar://problem/25757454>
2614
2615         Reviewed by Brent Fulgham.
2616
2617         No new tests. Our layout test environment does not allow for headerless responses
2618         nor does it allow you to set an explicit HTTP/0.9 status header in PHP. I have
2619         manually tested this change with a Python socket setup doing both headerless and
2620         HTTP/0.9 header tests for positive and negative cases.
2621
2622         * loader/DocumentLoader.cpp:
2623         (WebCore::DocumentLoader::responseReceived):
2624             Cancel loads if the request was made to a non-default port.
2625         * loader/ResourceLoader.cpp:
2626         (WebCore::ResourceLoader::didReceiveResponse):
2627             Cancel loads if the request was made to a non-default port or if the document
2628             was loaded with another protocol. Cancelation is handled as a fail so as to
2629             fire the onerror event and allow sites to handle it gracefully.
2630
2631 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2632
2633         Clean up EditorClient lifetime
2634         https://bugs.webkit.org/show_bug.cgi?id=158588
2635
2636         Reviewed by Anders Carlsson.
2637
2638         No new tests.  This patch does two things, all of which do not change behavior:
2639         1. Use a std::unique_ptr<EditorClient> owned by the Page instead of allocating
2640         with new in WebKit/WebKit2 and deleting in WebEditorClient::pageDestroyed.
2641         2. Give the Page a PageConfiguration&& instead of a PageConfiguration& in its constructor.
2642
2643         * inspector/InspectorOverlay.cpp:
2644         (WebCore::InspectorOverlay::overlayPage):
2645         * loader/EmptyClients.cpp:
2646         (WebCore::fillWithEmptyClients):
2647         * loader/EmptyClients.h:
2648         (WebCore::EmptyEditorClient::EmptyEditorClient):
2649         (WebCore::EmptyEditorClient::~EmptyEditorClient):
2650         * page/EditorClient.h:
2651         (WebCore::EditorClient::~EditorClient):
2652         * page/Page.cpp:
2653         (WebCore::Page::Page):
2654         (WebCore::Page::~Page):
2655         (WebCore::Page::setViewMode):
2656         (WebCore::Page::clearUndoRedoOperations):
2657         (WebCore::Page::inLowQualityImageInterpolationMode):
2658         (WebCore::Page::invalidateStylesForAllLinks):
2659         (WebCore::Page::invalidateStylesForLink):
2660         (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
2661         (WebCore::Page::setDebugger):
2662         (WebCore::Page::setIsVisibleInternal):
2663         (WebCore::Page::setAllowsMediaDocumentInlinePlayback):
2664         * page/Page.h:
2665         (WebCore::Page::canStartMedia):
2666         (WebCore::Page::editorClient):
2667         (WebCore::Page::plugInClient):
2668         (WebCore::Page::mainFrame):
2669         (WebCore::Page::group):
2670         * page/PageConfiguration.cpp:
2671         * page/PageConfiguration.h:
2672         * page/mac/PageMac.mm:
2673         (WebCore::Page::addSchedulePair):
2674         (WebCore::Page::removeSchedulePair):
2675         * svg/graphics/SVGImage.cpp:
2676         (WebCore::SVGImage::dataChanged):
2677
2678 2016-06-09  Joseph Pecoraro  <pecoraro@apple.com>
2679
2680         REGRESSION: Web Inspector: IndexedDB does not show ObjectStore data
2681         https://bugs.webkit.org/show_bug.cgi?id=158592
2682         <rdar://problem/26730696>
2683
2684         Reviewed by Timothy Hatcher.
2685
2686         * inspector/InspectorIndexedDBAgent.cpp:
2687         (WebCore::DataLoader::execute):
2688         Ensure the IDBTransaction is active when attempting to open a cursor.
2689
2690         (WebCore::OpenCursorCallback::handleEvent):
2691         End, when the cursor result is empty, like we do for script results.
2692
2693 2016-06-09  Antoine Quint  <graouts@apple.com>
2694
2695         Changing canvas height immediately after page load does not relayout canvas
2696         https://bugs.webkit.org/show_bug.cgi?id=156097
2697
2698         Reviewed by Zalan Bujtas.
2699
2700         Promote the logic use to identify whether we should perform a layout after a change of
2701         intrinsic size from RenderImage to RenderReplaced such that RenderCanvas may use it
2702         in canvasSizeChanged() and correctly update its layout in the case where the width
2703         or height attribute is updated and there are no explicit sizing performed with CSS.
2704         Additionally, this will also account for the object-fix property to only perform
2705         a layout if necessary.
2706
2707         Test: fast/canvas/canvas-css-size-after-height-change-with-display-flex.html
2708
2709         * rendering/RenderHTMLCanvas.cpp:
2710         (WebCore::RenderHTMLCanvas::canvasSizeChanged):
2711         * rendering/RenderImage.cpp:
2712         (WebCore::RenderImage::repaintOrMarkForLayout):
2713         * rendering/RenderReplaced.cpp:
2714         (WebCore::RenderReplaced::setNeedsLayoutIfNeededAfterIntrinsicSizeChange):
2715         * rendering/RenderReplaced.h:
2716
2717 2016-06-09  Myles C. Maxfield  <mmaxfield@apple.com>
2718
2719         Deleting a CSSOM style rule invalidates any previously-added FontFaces
2720         https://bugs.webkit.org/show_bug.cgi?id=158450
2721
2722         Reviewed by Darin Adler.
2723
2724         This patch has two pieces: updating the CSSOM when the FontFace changes, and
2725         updating the FontFace when the CSSOM changes.
2726
2727         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
2728         to their StyleRuleFontFace which represents their CSS-connection. When changing a
2729         property of the CSSFontFace, we simply reach into the StyleRule and update it to
2730         match. Our existing infrastructure of invalidation due to the attribute changes
2731         makes sure that all the necessary updates occur.
2732
2733         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
2734         way (for example, a new @font-face is appended to the end of the last <style>
2735         element), we can handle it directly. However, when something more invasive occurs,
2736         we end up clearing the entire CSSFontSelector, and then adding all the style rules
2737         from scratch. This involves three steps:
2738             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
2739                building up all the @font-face rules from scratch." We take this opportunity
2740                to purge as many fonts as possible. This is valuable because, for example,
2741                this function gets run when the page gets put into the page cache, so we
2742                want to destroy as much as possible. Not everything can be purged, however -
2743                only CSS-connected fonts which have never been inspected by script are
2744                purgeable. We don't allow fonts inspected by script to be purged because
2745                purging might result in a font appearing from JavaScript to transition from
2746                a success -> failure state, which we don't allow.
2747             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
2748                is called for each @font-face rule. We actually detect that we're in the
2749                middle of a style rebuild, and defer this step.
2750             c) When we're done adding all the font face rules, we call
2751                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
2752                up list of font faces with what existed previously (as remembered in
2753                CSSFontSelector::buildStarted()) in order to detect font faces which were
2754                deleted from the document. Fonts which were newly added to the document
2755                are handled naturally.
2756                Fonts which have a property modified on them are created as if they were new.
2757                However, instead of simply adding the CSSFontFace, we search for the existing
2758                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
2759                adopt this new CSSFontFace. This means that the JavaScript object will just
2760                pick up any newly-written values in the CSSOM. It also means that the
2761                "status" attribute of the JavaScript object is reset, but this is expected
2762                and allowed by the spec. (For example, if you change the "src" attribute of
2763                an @font-face block via the CSSOM, all bets are off when you inspect the
2764                FontFace JS object representing that block.)
2765
2766         Test: fast/text/font-face-set-cssom.html
2767
2768         * css/CSSFontFace.cpp:
2769         (WebCore::CSSFontFace::CSSFontFace):
2770         (WebCore::CSSFontFace::setFamilies):
2771         (WebCore::CSSFontFace::setStyle):
2772         (WebCore::CSSFontFace::setWeight):
2773         (WebCore::CSSFontFace::setUnicodeRange):
2774         (WebCore::CSSFontFace::setVariantLigatures):
2775         (WebCore::CSSFontFace::setVariantPosition):
2776         (WebCore::CSSFontFace::setVariantCaps):
2777         (WebCore::CSSFontFace::setVariantNumeric):
2778         (WebCore::CSSFontFace::setVariantAlternates):
2779         (WebCore::CSSFontFace::setVariantEastAsian):
2780         (WebCore::CSSFontFace::setFeatureSettings):
2781         (WebCore::CSSFontFace::initializeWrapper):
2782         (WebCore::CSSFontFace::wrapper):
2783         (WebCore::CSSFontFace::setWrapper):
2784         (WebCore::CSSFontFace::purgeable):
2785         (WebCore::CSSFontFace::updateStyleIfNeeded):
2786         * css/CSSFontFace.h:
2787         * css/CSSFontFaceSet.cpp:
2788         (WebCore::CSSFontFaceSet::remove):
2789         (WebCore::CSSFontFaceSet::containsCSSConnection):
2790         (WebCore::CSSFontFaceSet::purge):
2791         * css/CSSFontFaceSet.h:
2792         * css/CSSFontSelector.cpp:
2793         (WebCore::CSSFontSelector::buildStarted):
2794         (WebCore::CSSFontSelector::buildCompleted):
2795         (WebCore::CSSFontSelector::addFontFaceRule):
2796         * css/CSSFontSelector.h:
2797         * css/FontFace.cpp:
2798         (WebCore::FontFace::family):
2799         (WebCore::FontFace::style):
2800         (WebCore::FontFace::weight):
2801         (WebCore::FontFace::unicodeRange):
2802         (WebCore::FontFace::variant):
2803         (WebCore::FontFace::featureSettings):
2804         (WebCore::FontFace::adopt):
2805         * css/FontFace.h:
2806
2807 2016-06-09  Andy Estes  <aestes@apple.com>
2808
2809         Define printing{Minimum,Maximum}ShrinkFactor in only one place
2810         https://bugs.webkit.org/show_bug.cgi?id=158580
2811
2812         Reviewed by Tim Horton.
2813
2814         * page/PrintContext.cpp: Removed printingMinimumShrinkFactor and printingMaximumShrinkFactor.
2815         (WebCore::PrintContext::begin): Used minimumShrinkFactor() and maximumShrinkFactor() instead
2816         of printingMinimumShrinkFactor and printingMaximumShrinkFactor.
2817         (WebCore::PrintContext::computeAutomaticScaleFactor): Ditto.
2818         * page/PrintContext.h:
2819         (WebCore::PrintContext::minimumShrinkFactor): Added to return the same value as
2820         printingMinimumShrinkFactor.
2821         (WebCore::PrintContext::maximumShrinkFactor): Added to return the same value as
2822         printingMaximumShrinkFactor.
2823
2824 2016-06-09  Eric Carlson  <eric.carlson@apple.com>
2825
2826         Don't show the caption menu if a video has only forced tracks
2827         https://bugs.webkit.org/show_bug.cgi?id=158573
2828         <rdar://problem/24632384>
2829
2830         Reviewed by Jer Noble.
2831
2832         Test: media/controls/forced-tracks-only.html
2833
2834         * Modules/mediacontrols/mediaControlsApple.js:
2835         (Controller.prototype.updateCaptionButton): Don't show the button of there are no user-selectable
2836           text or audio tracks.
2837
2838         * page/CaptionUserPreferencesMediaAF.cpp:
2839         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Return an empty Vector if
2840           there are no user-selectable tracks.
2841
2842 2016-06-09  Jer Noble  <jer.noble@apple.com>
2843
2844         Pass through play state and toggle state to the WebPlaybackControlsManager
2845         https://bugs.webkit.org/show_bug.cgi?id=158578
2846         <rdar://problem/25045616>
2847
2848         Reviewed by Beth Dakin.
2849
2850         Pass through the isPlaying portion of setRate() and allow toggling when a model is present.
2851
2852         * platform/mac/WebPlaybackControlsManager.h:
2853         * platform/mac/WebPlaybackControlsManager.mm:
2854         * platform/mac/WebPlaybackSessionInterfaceMac.mm:
2855         (WebCore::WebPlaybackSessionInterfaceMac::setRate):
2856         (WebCore::WebPlaybackSessionInterfaceMac::setPlayBackControlsManager):
2857
2858 2016-06-09  Frederic Wang  <fred.wang@free.fr>
2859
2860         RenderMathOperator: Move calculation of preferred width into MathOperator
2861         https://bugs.webkit.org/show_bug.cgi?id=157071
2862
2863         Reviewed by Brent Fulgham.
2864
2865         No new tests, behavior is not change.
2866
2867         * rendering/mathml/MathOperator.cpp:
2868         (WebCore::MathOperator::setOperator): Introduce a style parameter and call reset.
2869         (WebCore::MathOperator::reset): New helper function to reset the operator.
2870         For now we only set the width of the base glyph and the preferred max width.
2871         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Calculate the m_maxPreferredWidth.
2872         (WebCore::MathOperator::calculateStretchyData): Change the signature of the function and directly set m_maxPreferredWidth.
2873         * rendering/mathml/MathOperator.h: Add m_maxPreferredWidth member and update some declarations.
2874         (WebCore::MathOperator::width): New helper function.
2875         (WebCore::MathOperator::maxPreferredWidth): New helper function.
2876         * rendering/mathml/RenderMathMLOperator.cpp:
2877         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): This function performs wrong
2878         operations that will be fixed in bug 152244 when we update the tests.
2879         For now, let's just use maxPreferredWidth() for non-horizontal operators.
2880         (WebCore::RenderMathMLOperator::updateStyle): Use the new signature of the functions.
2881
2882 2016-06-09  Alex Christensen  <achristensen@webkit.org>
2883
2884         Clean up WebSocket code
2885         https://bugs.webkit.org/show_bug.cgi?id=158551
2886
2887         Reviewed by Darin Adler.
2888
2889         No new tests.  There is no change in behavior.
2890         There seems to be no reason why SocketStreamHandle should be an AuthenticationClient.
2891
2892         * Modules/websockets/ThreadableWebSocketChannel.h:
2893         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
2894         (WebCore::ThreadableWebSocketChannelClientWrapper::setSendRequestResult):
2895         (WebCore::ThreadableWebSocketChannelClientWrapper::bufferedAmount):
2896         (WebCore::ThreadableWebSocketChannelClientWrapper::setBufferedAmount):
2897         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
2898         (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
2899         (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
2900         (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
2901         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
2902         * Modules/websockets/WebSocket.cpp:
2903         (WebCore::joinStrings):
2904         (WebCore::saturateAdd):
2905         (WebCore::WebSocket::send):
2906         (WebCore::WebSocket::readyState):
2907         (WebCore::WebSocket::bufferedAmount):
2908         (WebCore::WebSocket::didReceiveBinaryData):
2909         (WebCore::WebSocket::didReceiveMessageError):
2910         (WebCore::WebSocket::didUpdateBufferedAmount):
2911         (WebCore::WebSocket::didStartClosingHandshake):
2912         (WebCore::WebSocket::didClose):
2913         * Modules/websockets/WebSocket.h:
2914         * Modules/websockets/WebSocketChannel.cpp:
2915         (WebCore::WebSocketChannel::WebSocketChannel):
2916         (WebCore::WebSocketChannel::~WebSocketChannel):
2917         (WebCore::WebSocketChannel::send):
2918         (WebCore::WebSocketChannel::bufferedAmount):
2919         (WebCore::WebSocketChannel::resume):
2920         (WebCore::WebSocketChannel::willOpenSocketStream):
2921         (WebCore::WebSocketChannel::didOpenSocketStream):
2922         (WebCore::WebSocketChannel::didCloseSocketStream):
2923         (WebCore::WebSocketChannel::didReceiveSocketStreamData):
2924         (WebCore::WebSocketChannel::didUpdateBufferedAmount):
2925         (WebCore::WebSocketChannel::didFailSocketStream):
2926         (WebCore::WebSocketChannel::didStartLoading):
2927         (WebCore::WebSocketChannel::appendToBuffer):
2928         (WebCore::WebSocketChannel::processBuffer):
2929         (WebCore::WebSocketChannel::resumeTimerFired):
2930         (WebCore::WebSocketChannel::startClosingHandshake):
2931         (WebCore::WebSocketChannel::didReceiveAuthenticationChallenge): Deleted.
2932         (WebCore::WebSocketChannel::didCancelAuthenticationChallenge): Deleted.
2933         * Modules/websockets/WebSocketChannel.h:
2934         * Modules/websockets/WebSocketChannelClient.h:
2935         (WebCore::WebSocketChannelClient::~WebSocketChannelClient):
2936         (WebCore::WebSocketChannelClient::didConnect):
2937         (WebCore::WebSocketChannelClient::didReceiveMessage):
2938         (WebCore::WebSocketChannelClient::didReceiveBinaryData):
2939         (WebCore::WebSocketChannelClient::didReceiveMessageError):
2940         (WebCore::WebSocketChannelClient::didUpdateBufferedAmount):
2941         (WebCore::WebSocketChannelClient::didStartClosingHandshake):
2942         (WebCore::WebSocketChannelClient::didClose):
2943         (WebCore::WebSocketChannelClient::WebSocketChannelClient):
2944         * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
2945         (WebCore::WorkerThreadableWebSocketChannel::send):
2946         (WebCore::WorkerThreadableWebSocketChannel::bufferedAmount):
2947         (WebCore::WorkerThreadableWebSocketChannel::Peer::bufferedAmount):
2948         (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveBinaryData):
2949         (WebCore::WorkerThreadableWebSocketChannel::Peer::didUpdateBufferedAmount):
2950         (WebCore::WorkerThreadableWebSocketChannel::Peer::didStartClosingHandshake):
2951         (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose):
2952         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
2953         (WebCore::WorkerThreadableWebSocketChannel::Bridge::bufferedAmount):
2954         * Modules/websockets/WorkerThreadableWebSocketChannel.h:
2955         * platform/network/BlobData.cpp:
2956         (WebCore::BlobData::appendData):
2957         (WebCore::BlobData::appendFile):
2958         * platform/network/BlobData.h:
2959         (WebCore::BlobDataItem::BlobDataItem):
2960         * platform/network/BlobRegistry.h:
2961         * platform/network/BlobRegistryImpl.cpp:
2962         (WebCore::BlobRegistryImpl::appendStorageItems):
2963         (WebCore::BlobRegistryImpl::registerFileBlobURL):
2964         (WebCore::BlobRegistryImpl::registerBlobURL):
2965         (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked):
2966         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
2967         * platform/network/BlobRegistryImpl.h:
2968         * platform/network/SocketStreamHandleBase.cpp:
2969         (WebCore::SocketStreamHandleBase::send):
2970         (WebCore::SocketStreamHandleBase::disconnect):
2971         (WebCore::SocketStreamHandleBase::sendPendingData):
2972         * platform/network/SocketStreamHandleBase.h:
2973         * platform/network/SocketStreamHandleClient.h:
2974         (WebCore::SocketStreamHandleClient::~SocketStreamHandleClient):
2975         (WebCore::SocketStreamHandleClient::willOpenSocketStream):
2976         (WebCore::SocketStreamHandleClient::didOpenSocketStream):
2977         (WebCore::SocketStreamHandleClient::didCloseSocketStream):
2978         (WebCore::SocketStreamHandleClient::didReceiveSocketStreamData):
2979         (WebCore::SocketStreamHandleClient::didUpdateBufferedAmount):
2980         (WebCore::SocketStreamHandleClient::didFailSocketStream):
2981         (WebCore::SocketStreamHandleClient::didReceiveAuthenticationChallenge): Deleted.
2982         (WebCore::SocketStreamHandleClient::didCancelAuthenticationChallenge): Deleted.
2983         * platform/network/cf/SocketStreamHandle.h:
2984         (WebCore::SocketStreamHandle::create):
2985         (WebCore::SocketStreamHandle::refAuthenticationClient): Deleted.
2986         (WebCore::SocketStreamHandle::derefAuthenticationClient): Deleted.
2987         * platform/network/cf/SocketStreamHandleCFNet.cpp:
2988         (WebCore::SocketStreamHandle::SocketStreamHandle):
2989         (WebCore::SocketStreamHandle::addCONNECTCredentials):
2990         (WebCore::SocketStreamHandle::copyCFStreamDescription):
2991         (WebCore::SocketStreamHandle::readStreamCallback):
2992         (WebCore::SocketStreamHandle::writeStreamCallback):
2993         (WebCore::SocketStreamHandle::reportErrorToClient):
2994         (WebCore::SocketStreamHandle::~SocketStreamHandle):
2995         (WebCore::SocketStreamHandle::platformClose):
2996         (WebCore::SocketStreamHandle::port):
2997         (WebCore::SocketStreamHandle::receivedCredential): Deleted.
2998         (WebCore::SocketStreamHandle::receivedRequestToContinueWithoutCredential): Deleted.
2999         (WebCore::SocketStreamHandle::receivedCancellation): Deleted.
3000         (WebCore::SocketStreamHandle::receivedRequestToPerformDefaultHandling): Deleted.
3001         (WebCore::SocketStreamHandle::receivedChallengeRejection): Deleted.
3002         * platform/network/curl/ResourceHandleCurl.cpp:
3003         * platform/network/curl/SocketStreamHandle.h:
3004         (WebCore::SocketStreamHandle::SocketData::SocketData):
3005         * platform/network/curl/SocketStreamHandleCurl.cpp:
3006         (WebCore::SocketStreamHandle::platformClose):
3007         (WebCore::SocketStreamHandle::readData):
3008         (WebCore::SocketStreamHandle::didReceiveData):
3009         (WebCore::SocketStreamHandle::didOpenSocket):
3010         (WebCore::SocketStreamHandle::createCopy):
3011         (WebCore::SocketStreamHandle::didReceiveAuthenticationChallenge): Deleted.
3012         (WebCore::SocketStreamHandle::receivedCredential): Deleted.
3013         (WebCore::SocketStreamHandle::receivedRequestToContinueWithoutCredential): Deleted.
3014         (WebCore::SocketStreamHandle::receivedCancellation): Deleted.
3015         (WebCore::SocketStreamHandle::receivedRequestToPerformDefaultHandling): Deleted.
3016         (WebCore::SocketStreamHandle::receivedChallengeRejection): Deleted.
3017         * platform/network/soup/SocketStreamHandle.h:
3018         (WebCore::SocketStreamHandle::create):
3019         * platform/network/soup/SocketStreamHandleSoup.cpp:
3020         (WebCore::getHandleFromId):
3021         (WebCore::deactivateHandle):
3022         (WebCore::activateHandle):
3023         (WebCore::SocketStreamHandle::SocketStreamHandle):
3024         (WebCore::SocketStreamHandle::~SocketStreamHandle):
3025         (WebCore::SocketStreamHandle::connected):
3026         (WebCore::SocketStreamHandle::readBytes):
3027         (WebCore::SocketStreamHandle::platformSend):
3028         (WebCore::SocketStreamHandle::platformClose):
3029         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
3030         (WebCore::SocketStreamHandle::didReceiveAuthenticationChallenge): Deleted.
3031         (WebCore::SocketStreamHandle::receivedCredential): Deleted.
3032         (WebCore::SocketStreamHandle::receivedRequestToContinueWithoutCredential): Deleted.
3033         (WebCore::SocketStreamHandle::receivedCancellation): Deleted.
3034         (WebCore::SocketStreamHandle::receivedRequestToPerformDefaultHandling): Deleted.
3035         (WebCore::SocketStreamHandle::receivedChallengeRejection): Deleted.
3036
3037 2016-06-09  Commit Queue  <commit-queue@webkit.org>
3038
3039         Unreviewed, rolling out r201815.
3040         https://bugs.webkit.org/show_bug.cgi?id=158570
3041
3042         This broke the cmake build. (Requested by lforschler on
3043         #webkit).
3044
3045         Reverted changeset:
3046
3047         "Teach cmake about libWebKitSystemInterfaceOSX10.12"
3048         http://trac.webkit.org/changeset/201815
3049
3050 2016-06-09  Chris Dumez  <cdumez@apple.com>
3051
3052         WorkerGlobalScope attributes / operations should be on the prototype
3053         https://bugs.webkit.org/show_bug.cgi?id=158568
3054         <rdar://problem/26720079>
3055
3056         Reviewed by Geoffrey Garen.
3057
3058         WorkerGlobalScope attributes / operations should be on the prototype
3059         because WorkerGlobalScope is not marked as [Global] / [PrimaryGlobal]:
3060         - https://html.spec.whatwg.org/multipage/workers.html#the-workerglobalscope-common-interface
3061         - http://heycam.github.io/webidl/#es-attributes
3062         - http://heycam.github.io/webidl/#es-operations
3063
3064         DedicatedWorkerGlobalScope is the interface that is marked as [Global]
3065         and whose attributes / operations should be on the instance.
3066
3067         This brings the number of failures on http://w3c-test.org/workers/interfaces.worker
3068         from 65 to 34. It also aligns our behavior with Firefox and Chrome.
3069
3070         Test: fast/workers/WorkerGlobalScope-properties-prototype.html
3071
3072         * bindings/scripts/CodeGeneratorJS.pm:
3073         (InterfaceRequiresAttributesOnInstance):
3074         (OperationShouldBeOnInstance):
3075
3076 2016-06-09  Tim Horton  <timothy_horton@apple.com>
3077
3078         Writing-mode-dependent properties don't apply if their value is a variable
3079         https://bugs.webkit.org/show_bug.cgi?id=158449
3080         <rdar://problem/26662478>
3081
3082         Reviewed by Simon Fraser.
3083
3084         Test: fast/css/variables/direction-dependent-variable-properties.html
3085
3086         * css/CSSParser.cpp:
3087         (WebCore::CSSParser::parseVariableDependentValue):
3088         * css/CSSParser.h:
3089         * css/StyleResolver.cpp:
3090         (WebCore::StyleResolver::resolvedVariableValue):
3091         CSSVariableDependentValue stores the unresolved (direction-dependent) property ID,
3092         because the property that it resolves to cannot be determined until style resolution time.
3093         Plumb the requisite direction and writing mode information into parseVariableDependentValue
3094         at style resolution time so that the property can be resolved to the correct
3095         non-direction-dependent property for each use of the value.
3096
3097 2016-06-09  Ryan Haddad  <ryanhaddad@apple.com>
3098
3099         Attempt to fix the iOS build.
3100
3101         Unreviewed build fix.
3102
3103         * platform/network/mac/ResourceErrorMac.mm:
3104         (WebCore::ResourceError::ResourceError):
3105
3106 2016-06-09  Simon Fraser  <simon.fraser@apple.com>
3107
3108         border-radius with different width and height rendered wrong
3109         https://bugs.webkit.org/show_bug.cgi?id=158300
3110         <rdar://problem/26672922>
3111
3112         Reviewed by Zalan Bujtas.
3113
3114         Borders with border-radius close to 100% 100% got oddly clipped. This happened because
3115         of the clipping we do to achieve the diagonal corner joins; RenderBoxModelObject::clipBorderSidePolygon()
3116         created trapezoids for each side, but only extended them to the center of the inner border rect.
3117         This clipped out parts of these borders.
3118
3119         Fix by computing the trapezoids by intersecting the corner diagonal line with a line that passes
3120         through the adjacent corners of the inner rect, whose intersection is always going to be inside the
3121         rounded border. Also fix the quads used to do the antialiased/non-antialiased clipping,
3122         by adding a point rather than moving a corner point to ensure we don't mistakenly clip out any
3123         parts of the border.
3124         
3125         Finally, improve the rendering of non-renderable cases by actually doing the diagonal
3126         corner joins rather than just giving up.
3127
3128         Tests: fast/borders/border-non-renderable-radius-inner-clip.html
3129                fast/borders/border-radius-inner-clip-vertical.html
3130                fast/borders/border-radius-inner-clip.html
3131
3132         * rendering/RenderBoxModelObject.cpp:
3133         (WebCore::calculateAdjustedInnerBorder): Moved up.
3134         (WebCore::RenderBoxModelObject::paintOneBorderSide):
3135         (WebCore::RenderBoxModelObject::clipBorderSidePolygon):
3136         (WebCore::findInnerVertex): Deleted.
3137         (WebCore::calculateSideRectIncludingInner): Deleted.
3138         (WebCore::RenderBoxModelObject::clipBorderSideForComplexInnerPath): Deleted.
3139         * rendering/RenderBoxModelObject.h:
3140
3141 2016-06-09  Xabier Rodriguez Calvar  <calvaris@igalia.com>
3142
3143         Unreviewed, fixing compilation issue with WebRTC
3144
3145         The code dependencies of the SDP processor were not right.
3146
3147         * PlatformGTK.cmake:
3148
3149 2016-06-09  Frederic Wang  <fwang@igalia.com>
3150
3151         Introduce MathOperator::Type
3152         https://bugs.webkit.org/show_bug.cgi?id=156950
3153
3154         Reviewed by Sergio Villar Senin.
3155
3156         No new tests, behavior is not change.
3157
3158         An enum Type is introduced in MathOperator in order to indicate
3159         which kind of stretching is requested. In follow-up work, this will
3160         allow to just call setOperator and stretchTo without having to
3161         explicitly call calculateDisplayStyleLargeOperator or calculateStretchyData.
3162
3163         * rendering/mathml/MathOperator.cpp:
3164         (WebCore::MathOperator::setOperator): Use Type instead of a boolean.
3165         (WebCore::MathOperator::setGlyphAssembly): Add an assert to ensure that the function is correctly used.
3166         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Ditto, this makes the assert more accurate.
3167         (WebCore::MathOperator::calculateStretchyData): Ditto and replace m_isVertical with a local isVertical variable.
3168         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Ditto.
3169         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Ditto.
3170         (WebCore::MathOperator::paintVerticalGlyphAssembly): Ditto.
3171         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
3172         * rendering/mathml/MathOperator.h: Add the Type enum.
3173         (WebCore::MathOperator::stretchSize): Use Type instead of a boolean and add an
3174         assert to ensure that the function is correctly used.
3175         * rendering/mathml/RenderMathMLOperator.cpp:
3176         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Call setOperator with the correct value.
3177         (WebCore::RenderMathMLOperator::updateStyle): Ditto.
3178
3179 2016-06-09  Commit Queue  <commit-queue@webkit.org>
3180
3181         Unreviewed, rolling out r201810.
3182         https://bugs.webkit.org/show_bug.cgi?id=158563
3183
3184         breaks build without ENABLE_WEB_ANIMATION (Requested by
3185         mcatanzaro on #webkit).
3186
3187         Reverted changeset:
3188
3189         "[web-animations] Add Animatable, AnimationEffect,
3190         KeyframeEffect and Animation interface"
3191         https://bugs.webkit.org/show_bug.cgi?id=156096
3192         http://trac.webkit.org/changeset/201810
3193
3194 2016-06-09  Ryosuke Niwa  <rniwa@webkit.org>
3195
3196         slotchange event should be fired at the end of microtask
3197         https://bugs.webkit.org/show_bug.cgi?id=157374
3198         <rdar://problem/26154024>
3199
3200         Reviewed by Antti Koivisto.
3201
3202         Dispatch slotchange event at the end of every microtask after delivering records to mutation observers
3203         as specified in: https://dom.spec.whatwg.org/#notify-mutation-observers
3204
3205         Test: fast/shadow-dom/slotchange-event.html
3206
3207         * dom/Document.cpp:
3208         (WebCore::Document::enqueueSlotchangeEvent): Deleted.
3209         * dom/Document.h:
3210         * dom/MutationObserver.cpp:
3211         (WebCore::signalSlotList): Added.
3212         (WebCore::MutationObserverMicrotask::run): mutationObserverCompoundMicrotaskQueuedFlag is now unset in
3213         notifyMutationObservers to better match the concept to "notify mutation observers".
3214         (WebCore::MutationObserver::enqueueSlotChangeEvent): Added.
3215         (WebCore::MutationObserver::notifyMutationObservers): Renamed from deliverAllMutations. Added the code
3216         to dispatch slotchange events as spec'ed, and also added comments for each step.
3217         * dom/MutationObserver.h:
3218         * html/HTMLSlotElement.cpp:
3219         (WebCore::HTMLSlotElement::enqueueSlotChangeEvent): Use MutationObserver::enqueueSlotChangeEvent. Don't
3220         create an event here since that is only needed when dispatching the event, and to keep track of whether
3221         we've already scheduled an event or not. Use a boolean flag instead for the latter. 
3222         (WebCore::HTMLSlotElement::dispatchSlotChangeEvent): Added. Creates and dispatches an event.
3223         (WebCore::HTMLSlotElement::dispatchEvent): Deleted.
3224         * html/HTMLSlotElement.h:
3225         (WebCore::HTMLSlotElement::didRemoveFromSignalSlotList): Added.
3226
3227 2016-06-08  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3228
3229         Introduce ResourceErrorBase::type
3230         https://bugs.webkit.org/show_bug.cgi?id=158299
3231
3232         Reviewed by Alex Christensen.
3233
3234         Introducing an enum type for ResourceErrorBase.
3235         In most cases, the type is set at construction time.
3236         By default, constructor with no parameters will set type to Null.
3237         Constructor with parameters will set type to General.
3238
3239         Removed boolean state error fields.
3240
3241         Introduced a type setter. It should only be used to  make the type
3242         more precise (when type is Null or General).
3243
3244         Updating related calling code.
3245
3246         No change of behavior.
3247
3248         * loader/DocumentLoader.cpp:
3249         (WebCore::DocumentLoader::stopLoadingForPolicyChange):
3250         * loader/DocumentThreadableLoader.cpp:
3251         (WebCore::DocumentThreadableLoader::cancel):
3252         * loader/EmptyClients.h:
3253         * loader/FrameLoader.cpp:
3254         (WebCore::FrameLoader::cancelledError):
3255         (WebCore::FrameLoader::blockedError):
3256         * loader/WorkerThreadableLoader.cpp:
3257         (WebCore::WorkerThreadableLoader::MainThreadBridge::cancel):
3258         * platform/network/ResourceErrorBase.cpp:
3259         (WebCore::ResourceErrorBase::isolatedCopy):
3260         (WebCore::ResourceErrorBase::setType):
3261         (WebCore::ResourceErrorBase::compare):
3262         * platform/network/ResourceErrorBase.h:
3263         (WebCore::ResourceErrorBase::isNull):
3264         (WebCore::ResourceErrorBase::isCancellation):
3265         (WebCore::ResourceErrorBase::isTimeout):
3266         (WebCore::ResourceErrorBase::type):
3267         (WebCore::ResourceErrorBase::ResourceErrorBase):
3268         (WebCore::ResourceErrorBase::domain):
3269         * platform/network/cf/ResourceError.h:
3270         (WebCore::ResourceError::ResourceError):
3271         * platform/network/cf/ResourceErrorCF.cpp:
3272         (WebCore::ResourceError::ResourceError):
3273         (WebCore::ResourceError::cfError):
3274         * platform/network/curl/ResourceError.h:
3275         (WebCore::ResourceError::ResourceError):
3276         * platform/network/mac/ResourceErrorMac.mm:
3277         (WebCore::m_platformError):
3278         (WebCore::ResourceError::nsError):
3279         (WebCore::ResourceError::ResourceError):
3280         (WebCore::ResourceError::platformLazyInit):
3281         * platform/network/soup/ResourceError.h:
3282         (WebCore::ResourceError::ResourceError):
3283         * platform/network/soup/ResourceErrorSoup.cpp:
3284         (WebCore::ResourceError::timeoutError):
3285
3286 2016-06-08  Frederic Wang  <fwang@igalia.com>
3287
3288         Move selection and drawing of stretchy operators into a separate MathOperator class
3289         https://bugs.webkit.org/show_bug.cgi?id=156921
3290
3291         Reviewed by Martin Robinson.
3292
3293         No new tests, behavior is not changed.
3294
3295         * CMakeLists.txt: Add the MathOperator files.
3296         * WebCore.xcodeproj/project.pbxproj: Ditto.
3297         * rendering/mathml/MathOperator.cpp: Added.
3298         (WebCore::boundsForGlyph): Moved from RenderMathMLOperator.
3299         (WebCore::heightForGlyph): Moved from RenderMathMLOperator.
3300         (WebCore::advanceWidthForGlyph): Moved from RenderMathMLOperator.
3301         (WebCore::MathOperator::MathOperator):
3302         (WebCore::MathOperator::setOperator):
3303         (WebCore::MathOperator::getBaseGlyph): Moved from RenderMathMLOperator.
3304         (WebCore::MathOperator::setSizeVariant): Moved from RenderMathMLOperator.
3305         (WebCore::MathOperator::setGlyphAssembly): Moved from RenderMathMLOperator.
3306         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Moved from RenderMathMLOperator with additional style parameter.
3307         (WebCore::MathOperator::calculateGlyphAssemblyFallBack): Ditto.
3308         (WebCore::MathOperator::calculateStretchyData): Ditto.
3309         (WebCore::MathOperator::paintGlyph): Ditto.
3310         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Ditto.
3311         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Ditto.
3312         (WebCore::MathOperator::paintVerticalGlyphAssembly): Ditto.
3313         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
3314         * rendering/mathml/MathOperator.h: Added.
3315         (WebCore::MathOperator::italicCorrection):
3316         (WebCore::MathOperator::isStretched):
3317         (WebCore::MathOperator::unstretch):
3318         (WebCore::MathOperator::GlyphAssemblyData::GlyphAssemblyData): Moved from RenderMathMLOperator.
3319         (WebCore::MathOperator::stretchSize):
3320         * rendering/mathml/RenderMathMLOperator.cpp:
3321         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Updated to use MathOperator members.
3322         For now we call setOperator to transmit information to m_mathOperator.
3323         (WebCore::RenderMathMLOperator::updateStyle): Updated to use MathOperator members.
3324         For now we set some m_mathOperator members to transmit it some information.
3325         (WebCore::RenderMathMLOperator::firstLineBaseline): Updated to use MathOperator members.
3326         (WebCore::RenderMathMLOperator::computeLogicalHeight): Ditto.
3327         (WebCore::RenderMathMLOperator::paint): Ditto.
3328         For now we set some m_mathOperator members to transmit it some information.
3329         (WebCore::RenderMathMLOperator::paintChildren): Updated to use MathOperator members.
3330         (WebCore::RenderMathMLOperator::trailingSpaceError): Ditto.
3331         (WebCore::RenderMathMLOperator::getBaseGlyph): Deleted.
3332         (WebCore::RenderMathMLOperator::setSizeVariant): Deleted.
3333         (WebCore::RenderMathMLOperator::setGlyphAssembly): Deleted.
3334         (WebCore::RenderMathMLOperator::calculateGlyphAssemblyFallBack): Deleted.
3335         (WebCore::RenderMathMLOperator::calculateDisplayStyleLargeOperator): Deleted.
3336         (WebCore::RenderMathMLOperator::calculateStretchyData): Deleted.
3337         (WebCore::RenderMathMLOperator::paintGlyph): Deleted.
3338         (WebCore::RenderMathMLOperator::fillWithVerticalExtensionGlyph): Deleted.
3339         (WebCore::RenderMathMLOperator::fillWithHorizontalExtensionGlyph): Deleted.
3340         (WebCore::RenderMathMLOperator::paintVerticalGlyphAssembly): Deleted.
3341         (WebCore::RenderMathMLOperator::paintHorizontalGlyphAssembly): Deleted.
3342         * rendering/mathml/RenderMathMLOperator.h:
3343         (WebCore::RenderMathMLOperator::italicCorrection): Updated to use MathOperator members.
3344         (WebCore::RenderMathMLOperator::GlyphAssemblyData::GlyphAssemblyData): Deleted.
3345
3346 2016-06-08  Chris Dumez  <cdumez@apple.com>
3347
3348         DedicatedWorkerGlobalScope prototype chain is incorrect
3349         https://bugs.webkit.org/show_bug.cgi?id=158544
3350
3351         Reviewed by Brady Eidson.
3352
3353         There were several issues with the prototype chain of DedicatedWorkerGlobalScope:
3354         1. Object.getPrototypeOf(DedicatedWorkerGlobalScope.prototype) was not
3355            WorkerGlobalScope.prototype.
3356         2. WorkerGlobalScope.prototype was a DedicatedWorkerGlobalScopePrototype
3357            object and was equal to DedicatedWorkerGlobalScope.prototype.
3358         3. Object.getPrototypeOf(WorkerGlobalScope.prototype) was not EventTarget.prototype.
3359
3360         Those issues were identified by the following W3C web-platform-test:
3361         http://w3c-test.org/workers/interfaces.worker
3362
3363         This patch fixes the issue so that the prototype chain is now as per the
3364         specification.
3365
3366         Test: fast/workers/DedicatedWorkerGlobalScope-prototype-chain.html
3367
3368         * bindings/js/WorkerScriptController.cpp:
3369         (WebCore::WorkerScriptController::initScript):
3370         - Stop creating the WorkerGlobalScopePrototype and let JSWorkerGlobalScope
3371           create it.
3372         - Set DedicatedWorkerGlobalScopePrototype's prototype to JSWorkerGlobalScope's
3373           prototype after creating the JSDedicatedWorkerGlobalScope object.
3374
3375         * bindings/scripts/CodeGeneratorJS.pm:
3376         (ShouldUseGlobalObjectPrototype):
3377         (GenerateHeader):
3378         (GenerateImplementation):
3379         (GenerateConstructorHelperMethods):
3380         - Do not use globalObject.getPrototypeDirect() as 'prototype' property for
3381           WorkerGlobalScope. The globalObject is a DedicatedWorkerGlobalScope, not
3382           a WorkerGlobalScope.
3383         - Generate the code to create / get a prototype object for WorkerGlobalScope.
3384
3385
3386 2016-06-08  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3387
3388         WebRTC: Imlement MediaEndpointPeerConnection::setRemoteDescription()
3389         https://bugs.webkit.org/show_bug.cgi?id=158467
3390
3391         Reviewed by Eric Carlson.
3392
3393         Implement MediaEndpointPeerConnection::setRemoteDescription() which verifies a
3394         remote offer or answer, configures the WebRTC backend and dispatches the 'track' events
3395         that represent the incoming media [1].
3396
3397         This change also updates the RTCTrackEvent [2] with a streams and a transceiver attribute.
3398
3399         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-setremotedescription
3400         [2] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#rtctrackevent
3401
3402         Tests: fast/mediastream/RTCPeerConnection-setRemoteDescription-offer.html
3403                fast/mediastream/RTCTrackEvent-constructor.html
3404
3405         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
3406         (WebCore::createSourceMap):
3407         (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
3408         (WebCore::MediaEndpointPeerConnection::setRemoteDescription):
3409         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
3410         Implemented.
3411         (WebCore::MediaEndpointPeerConnection::remoteDescription):
3412         (WebCore::MediaEndpointPeerConnection::currentRemoteDescription):
3413         (WebCore::MediaEndpointPeerConnection::pendingRemoteDescription):
3414         (WebCore::MediaEndpointPeerConnection::remoteDescriptionTypeValidForState):
3415         (WebCore::MediaEndpointPeerConnection::internalRemoteDescription):
3416         * Modules/mediastream/MediaEndpointPeerConnection.h:
3417         * Modules/mediastream/PeerConnectionBackend.h:
3418         * Modules/mediastream/RTCPeerConnection.cpp:
3419         (WebCore::RTCPeerConnection::addTransceiver):
3420         * Modules/mediastream/RTCPeerConnection.h:
3421         * Modules/mediastream/RTCRtpReceiver.h:
3422         (WebCore::RTCRtpReceiver::isDispatched):
3423         (WebCore::RTCRtpReceiver::setDispatched):
3424         * Modules/mediastream/RTCTrackEvent.cpp:
3425         (WebCore::RTCTrackEvent::create):
3426         (WebCore::RTCTrackEvent::RTCTrackEvent):
3427         * Modules/mediastream/RTCTrackEvent.h:
3428         (WebCore::RTCTrackEvent::streams):
3429         (WebCore::RTCTrackEvent::transceiver):
3430         * Modules/mediastream/RTCTrackEvent.idl:
3431         Add streams and transceiver attributes.
3432         * bindings/js/JSDictionary.cpp:
3433         (WebCore::JSDictionary::convertValue):
3434         * bindings/js/JSDictionary.h:
3435         * platform/mediastream/MediaEndpoint.h:
3436         * platform/mock/MockMediaEndpoint.cpp:
3437         (WebCore::MockMediaEndpoint::filterPayloads):
3438         (WebCore::MockMediaEndpoint::updateSendConfiguration):
3439         * platform/mock/MockMediaEndpoint.