dde79d69bdebb45bb33c3eeadd2b46bd493a2fe9
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-28  Carlos Garcia Campos  <cgarcia@igalia.com>
2
3         [GStreamer] Adaptive streaming issues
4         https://bugs.webkit.org/show_bug.cgi?id=144040
5
6         Reviewed by Philippe Normand.
7
8         There are multiple deadlocks in the web process when HLS content is loaded by GStreamer. It happens because gst
9         is using several threads to download manifest, fragments, monitor the downloads, etc. To download the fragments
10         and manifest it always creates the source element in a separate thread, something that is not actually expected
11         to happen in WebKit source element. Our source element is always scheduling tasks (start, stop, need-data,
12         enough-data and seek) to the main thread, and those downloads that use the ResourceHandleStreamingClient
13         (there's no player associated) also happen in the main thread, because libsoup calls all its async callbacks in
14         the main thread. So, the result is that it can happen that we end up blocking the main thread in a lock until
15         the download finishes, but the download never finishes because tasks are scheduled in the main thread that is
16         blocked in a lock. This can be prevented by always using a secondary thread for downloads made by
17         ResourceHandleStreamingClient, using its own run loop with a different GMainContext so that libsoup sends
18         callbacks to the right thread. We also had to refactor the tasks a bit, leaving the thread safe parts to be run
19         in the calling thread always, and only scheduling to the main thread in case of not using
20         ResourceHandleStreamingClient and only for the non thread safe parts.
21         This patch also includes r200455 that was rolled out, but it was a perfectly valid workaround for GST bug.
22
23         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
24         (WTF::ensureGRef): Consume the floating ref if needed.
25         * platform/graphics/gstreamer/GRefPtrGStreamer.h:
26         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
27         (webkit_web_src_init): Check if object is being created in the main thread.
28         (webKitWebSrcStop): Stop the media resource loader in the main thread and the resource handle streaming in the
29         current thread.
30         (webKitWebSrcStart): Start the media resource loader in the main thread and the resource handle streaming in
31         the current thread.
32         (webKitWebSrcChangeState): Call webKitWebSrcStart and webKitWebSrcStop in the current thread.
33         (webKitWebSrcNeedData): Update status in the current thread and notify the media resource loader in the main thread.
34         (webKitWebSrcEnoughData): Ditto.
35         (webKitWebSrcSeek): Ditto.
36         (webKitWebSrcSetMediaPlayer): Add an assert to ensure that source elements used by WebKit are always created in
37         the main thread.
38         (ResourceHandleStreamingClient::ResourceHandleStreamingClient): Use a secondary thread to do the download.
39         (ResourceHandleStreamingClient::~ResourceHandleStreamingClient): Stop the secondary thread.
40         (ResourceHandleStreamingClient::setDefersLoading): Notify the secondary thread.
41
42 2016-06-28  Youenn Fablet  <youennf@gmail.com>
43
44         Remove ThreadableLoaderOptions origin
45         https://bugs.webkit.org/show_bug.cgi?id=159221
46
47         Reviewed by Sam Weinig.
48
49         No change of behavior.
50
51         * loader/DocumentThreadableLoader.cpp:
52         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Adding origing parameter.
53         (WebCore::DocumentThreadableLoader::create): Ditto.
54         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
55         (WebCore::DocumentThreadableLoader::redirectReceived): Setting m_origin.
56         (WebCore::DocumentThreadableLoader::securityOrigin): Checking m_origin.
57         * loader/DocumentThreadableLoader.h: Adding m_origin member.
58         * loader/ThreadableLoader.cpp:
59         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing origin.
60         (WebCore::ThreadableLoaderOption::isolatedCopy): Deleted.
61         * loader/ThreadableLoader.h: Removing origin parameter and isolatedCopy function.
62         * loader/WorkerThreadableLoader.cpp:
63         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Structure to pass loader task options from one thread to another.
64         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
65         * page/EventSource.cpp:
66         (WebCore::EventSource::connect): Removing setting of the origin.
67         * workers/WorkerScriptLoader.cpp:
68         (WebCore::WorkerScriptLoader::loadSynchronously): Ditto.
69         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
70         * xml/XMLHttpRequest.cpp:
71         (WebCore::XMLHttpRequest::createRequest): Ditto.
72
73 2016-06-28  Commit Queue  <commit-queue@webkit.org>
74
75         Unreviewed, rolling out r202580.
76         https://bugs.webkit.org/show_bug.cgi?id=159245
77
78         Caused all WKTR tests to fail on GuardMalloc and Production
79         only for unknown reasons, investigating offline. (Requested by
80         brrian on #webkit).
81
82         Reverted changeset:
83
84         "RunLoop::Timer should use constructor templates instead of
85         class templates"
86         https://bugs.webkit.org/show_bug.cgi?id=159153
87         http://trac.webkit.org/changeset/202580
88
89 2016-06-28  Benjamin Poulain  <benjamin@webkit.org>
90
91         Rename ChildrenAffectedByActive to StyleAffectedByActive
92         https://bugs.webkit.org/show_bug.cgi?id=159187
93
94         Reviewed by Antti Koivisto.
95
96         Flags named "ChildrenAffectedBy" are used when the invalidation
97         of children is so crazy that we invalidate the whole parent subtree instead.
98
99         That's not the case for :active. It is a straightforward element invalidation.
100         Consequently, the property is renamed to StyleAffectedByActive.
101
102         * dom/Element.cpp:
103         (WebCore::Element::setActive):
104         (WebCore::Element::setStyleAffectedByActive):
105         (WebCore::Element::hasFlagsSetDuringStylingOfChildren):
106         (WebCore::Element::rareDataStyleAffectedByActive):
107         (WebCore::Element::setChildrenAffectedByActive): Deleted.
108         (WebCore::Element::rareDataChildrenAffectedByActive): Deleted.
109         * dom/Element.h:
110         (WebCore::Element::styleAffectedByActive):
111         (WebCore::Element::childrenAffectedByActive): Deleted.
112         * dom/ElementRareData.h:
113         (WebCore::ElementRareData::styleAffectedByActive):
114         (WebCore::ElementRareData::setStyleAffectedByActive):
115         (WebCore::ElementRareData::ElementRareData):
116         (WebCore::ElementRareData::resetDynamicRestyleObservations):
117         (WebCore::ElementRareData::childrenAffectedByActive): Deleted.
118         (WebCore::ElementRareData::setChildrenAffectedByActive): Deleted.
119         * style/StyleRelations.cpp:
120         (WebCore::Style::commitRelations):
121
122 2016-06-28  Jiewen Tan  <jiewen_tan@apple.com>
123
124         Implement "replacement" codec
125         https://bugs.webkit.org/show_bug.cgi?id=159180
126         <rdar://problem/26015178>
127
128         Reviewed by Brent Fulgham.
129
130         Test: fast/encoding/charset-replacement.html
131
132         Add support for "replacement" codec according to the spec:
133         https://encoding.spec.whatwg.org/#replacement
134         According to the spec, encoding labels {"csiso2022kr", "hz-gb-2312", "iso-2022-cn",
135         "iso-2022-cn-ext", "iso-2022-kr"} are used to conduct certain attacks that abuse
136         a mismatch between encodings supported on the server and the client. Therefore,
137         they are grouped under the "replacement" codec, which does the following things
138         to prevent those attacks.
139         1) Decode: terminates with a single U+FFFD.
140         2) Encode: treated as UTF-8.
141
142         Furthermore, the "replacement" codec is a specification convenience to group those
143         vulnerable encoding labels. Therefore, it should not be able to use directly.
144
145         This change is based on the following Blink changes:
146         https://codereview.chromium.org/265973003, and
147         https://codereview.chromium.org/261013007.
148
149         * CMakeLists.txt:
150         * WebCore.xcodeproj/project.pbxproj:
151         * platform/text/TextAllInOne.cpp:
152         * platform/text/TextCodecReplacement.cpp: Added.
153         (WebCore::TextCodecReplacement::create):
154         (WebCore::TextCodecReplacement::TextCodecReplacement):
155         (WebCore::TextCodecReplacement::registerEncodingNames):
156         (WebCore::TextCodecReplacement::registerCodecs):
157         (WebCore::TextCodecReplacement::decode):
158         * platform/text/TextCodecReplacement.h: Added.
159         * platform/text/TextEncoding.cpp:
160         (WebCore::TextEncoding::TextEncoding):
161         * platform/text/TextEncodingRegistry.cpp:
162         (WebCore::isReplacementEncoding):
163         (WebCore::extendTextCodecMaps):
164         * platform/text/TextEncodingRegistry.h:
165
166 2016-06-28  Dean Jackson  <dino@apple.com>
167
168         Remove incorrect comments in HTMLCanvasElement
169         https://bugs.webkit.org/show_bug.cgi?id=159229
170
171         Reviewed by Sam Weinig.
172
173         These comments are wrong.
174
175         * html/HTMLCanvasElement.cpp:
176         (WebCore::HTMLCanvasElement::probablySupportsContext):
177         (WebCore::HTMLCanvasElement::getContext): Deleted.
178
179 2016-06-28  Geoffrey Garen  <ggaren@apple.com>
180
181         CrashTracer beneath JSC::MarkedBlock::specializedSweep
182         https://bugs.webkit.org/show_bug.cgi?id=159223
183
184         Reviewed by Saam Barati.
185
186         This crash is caused by a media element re-entering JS during the GC
187         sweep phase.
188
189         In theory, other CachedResourceClients in the DOM might also trigger
190         similar bugs, but our data only implicates the media elements, so this
191         fix targets them.
192
193         * html/HTMLDocument.h: Document has no reason to inherit from
194         CachedResourceClient. I found this becuase I had to search for all
195         CachedResourceClients in researching this patch.
196
197         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
198         (WebCore::WebCoreAVCFResourceLoader::invalidate): Delay our call to
199         stopLoading because it might re-enter JS, and we might have been called
200         by the GC sweep phase destroying a media element.
201
202         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
203         (WebCore::WebCoreAVFResourceLoader::invalidate): Ditto.
204
205 2016-06-28  Saam Barati  <sbarati@apple.com>
206
207         some Watchpoints' ::fireInternal method will call operations that might GC where the GC will cause the watchpoint itself to destruct
208         https://bugs.webkit.org/show_bug.cgi?id=159198
209         <rdar://problem/26302360>
210
211         Reviewed by Filip Pizlo.
212
213         * bindings/js/JSDOMWindowBase.cpp:
214         (WebCore::JSDOMWindowBase::fireFrameClearedWatchpointsForWindow):
215         * bindings/scripts/CodeGeneratorJS.pm:
216         (GenerateHeader):
217         * bindings/scripts/test/JS/JSTestEventTarget.h:
218         (WebCore::JSTestEventTarget::create):
219
220 2016-06-28  Anders Carlsson  <andersca@apple.com>
221
222         Move the user gesture requirement to the ApplePaySession constructor
223         https://bugs.webkit.org/show_bug.cgi?id=159225
224         rdar://problem/26507267
225
226         Reviewed by Tim Horton.
227
228         By doing this, clients can do pre-validation before showing the sheet, while we still maintain the user gesture requirement.
229
230         * Modules/applepay/ApplePaySession.cpp:
231         (WebCore::ApplePaySession::create):
232         (WebCore::ApplePaySession::begin): Deleted.
233
234 2016-06-28  Youenn Fablet  <youenn@apple.com>
235
236         Iterable interfaces should have their related prototype @@iterator property writable
237         https://bugs.webkit.org/show_bug.cgi?id=159211
238         <rdar://problem/26950766>
239
240         Reviewed by Chris Dumez.
241
242         Updating @@iterator property according  http://heycam.github.io/webidl/#es-iterator.
243
244         Covered by updated test.
245
246         * bindings/scripts/CodeGeneratorJS.pm:
247         (GenerateImplementation): Removing ReadOnly flag from @@iterator property of iterable interfaces.
248         * bindings/scripts/test/JS/JSTestNode.cpp:
249         (WebCore::JSTestNodePrototype::finishCreation): Rebasing expectation.
250         * bindings/scripts/test/JS/JSTestObj.cpp:
251         (WebCore::JSTestObjPrototype::finishCreation): Ditto.
252
253 2016-06-28  Anders Carlsson  <andersca@apple.com>
254
255         "Total amount is too big" error message is displaying on clicking Pay button
256         https://bugs.webkit.org/show_bug.cgi?id=159219
257         rdar://problem/26722110
258
259         Reviewed by Tim Horton.
260
261         Match the PassKit max amount.
262
263         * Modules/applepay/PaymentRequestValidator.cpp:
264         (WebCore::PaymentRequestValidator::validateTotal):
265
266 2016-06-28  Anders Carlsson  <andersca@apple.com>
267
268         PaymentMerchantSession should wrap a PKPaymentMerchantSession
269         https://bugs.webkit.org/show_bug.cgi?id=159218
270         rdar://problem/26872118
271
272         Reviewed by Tim Horton.
273
274         * Modules/applepay/ApplePaySession.cpp:
275         (WebCore::ApplePaySession::completeMerchantValidation):
276         Use PaymentMerchantSession::fromJS.
277
278         (WebCore::createMerchantSession): Deleted.
279
280         * Modules/applepay/PaymentCoordinator.h:
281         PaymentMerchantSession is now a class.
282
283         * Modules/applepay/PaymentCoordinatorClient.h:
284         PaymentMerchantSession is now a class.
285
286         * Modules/applepay/PaymentMerchantSession.h:
287         (WebCore::PaymentMerchantSession::PaymentMerchantSession):
288         (WebCore::PaymentMerchantSession::~PaymentMerchantSession):
289         (WebCore::PaymentMerchantSession::pkPaymentMerchantSession):
290         Store a PKPaymentMerchantSession in a RetainPtr inside the PaymentMerchantSession object.
291
292         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
293         (WebCore::PaymentMerchantSession::fromJS):
294         Convert the JS object to a PKPaymentMerchantSession and return a PaymentMerchantSession that wraps it.
295
296         * WebCore.xcodeproj/project.pbxproj:
297         Add new files.
298
299         * bindings/js/Dictionary.h:
300         (WebCore::Dictionary::initializerObject):
301         Add new getter.
302
303 2016-06-28  Brian Burg  <bburg@apple.com>
304
305         RunLoop::Timer should use constructor templates instead of class templates
306         https://bugs.webkit.org/show_bug.cgi?id=159153
307
308         Reviewed by Alex Christensen.
309
310         Remove the RunLoop::Timer class template argument, and pass its constructor
311         a reference to `this` instead of a pointer to `this`.
312
313         * Modules/mediasession/WebMediaSessionManager.cpp:
314         (WebCore::WebMediaSessionManager::WebMediaSessionManager):
315         * Modules/mediasession/WebMediaSessionManager.h:
316         * page/WheelEventTestTrigger.cpp:
317         (WebCore::WheelEventTestTrigger::WheelEventTestTrigger):
318         * page/WheelEventTestTrigger.h:
319         * page/mac/TextIndicatorWindow.h:
320         * page/mac/TextIndicatorWindow.mm:
321         (WebCore::TextIndicatorWindow::TextIndicatorWindow):
322         * platform/MainThreadSharedTimer.h:
323         * platform/cocoa/ScrollController.h:
324         * platform/cocoa/ScrollController.mm:
325         (WebCore::ScrollController::ScrollController):
326         * platform/glib/MainThreadSharedTimerGLib.cpp:
327         (WebCore::MainThreadSharedTimer::MainThreadSharedTimer):
328         * platform/graphics/MediaPlaybackTargetPicker.cpp:
329         (WebCore::MediaPlaybackTargetPicker::MediaPlaybackTargetPicker):
330         * platform/graphics/MediaPlaybackTargetPicker.h:
331         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
332         (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
333         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
334         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
335         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
336         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
337         * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
338         (VideoRenderRequestScheduler::VideoRenderRequestScheduler):
339         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
340         (WebCore::TextureMapperPlatformLayerProxy::TextureMapperPlatformLayerProxy):
341         (WebCore::TextureMapperPlatformLayerProxy::activateOnCompositingThread):
342         * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
343         * platform/mock/MediaPlaybackTargetPickerMock.cpp:
344         (WebCore::MediaPlaybackTargetPickerMock::MediaPlaybackTargetPickerMock):
345         * platform/mock/MediaPlaybackTargetPickerMock.h:
346         * platform/mock/MockRealtimeVideoSource.cpp:
347         (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource):
348         * platform/mock/MockRealtimeVideoSource.h:
349         * platform/network/ResourceHandleInternal.h:
350         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
351
352 2016-06-27  Jer Noble  <jer.noble@apple.com>
353
354         Cross-domain video loads do not prompt for authorization.
355         https://bugs.webkit.org/show_bug.cgi?id=159195
356         <rdar://problem/26234612>
357
358         Reviewed by Brent Fulgham.
359
360         Test: http/tests/media/video-auth.html (modified)
361
362         We should prompt for authorization when a cross-origin <video> is embedded
363         in a web page.
364
365         * loader/MediaResourceLoader.cpp:
366         (WebCore::MediaResourceLoader::requestResource):
367
368 2016-06-28  Ryosuke Niwa  <rniwa@webkit.org>
369
370         REGRESSION(r201471): FormClient.textFieldDidEndEditing is no longer called when a text field is removed
371         https://bugs.webkit.org/show_bug.cgi?id=159199
372         <rdar://problem/26748189>
373
374         Reviewed by Alexey Proskuryakov.
375
376         The bug was caused by HTMLInputElement's endEditing no longer getting called due to the behavior change.
377         Preserve the WebKit2 API semantics by manually calling HTMLInputElement::endEditing in setFocusedElement.
378
379         Tests: WebKit2TextFieldDidBeginAndEndEditing
380
381         * dom/Document.cpp:
382         (WebCore::Document::setFocusedElement):
383
384 2016-06-28  Frederic Wang  <fwang@igalia.com>
385
386         Phrasing content should be accepted in <mo> elements
387         https://bugs.webkit.org/show_bug.cgi?id=130245
388
389         Reviewed by Brent Fulgham.
390
391         After r202420, the RenderMathMLOperator element no longer messes with anonymous block and
392         text nodes. Hence it is now safe to allow foreign content inside <mo>.
393
394         We extend foreign-element-in-token.html to cover the mo case.
395
396         * mathml/MathMLTextElement.cpp:
397         (WebCore::MathMLTextElement::childShouldCreateRenderer): Remove the early return for <mo> so
398         that it accepts phrasing content children.
399
400 2016-06-27  Anders Carlsson  <andersca@apple.com>
401
402         WebKit::WebPaymentCoordinator leak
403         https://bugs.webkit.org/show_bug.cgi?id=159168
404         rdar://problem/26929772
405
406         Reviewed by Beth Dakin.
407
408         * Modules/applepay/PaymentCoordinator.cpp:
409         (WebCore::PaymentCoordinator::~PaymentCoordinator):
410         Call paymentCoordinatorDestroyed().
411
412         * Modules/applepay/PaymentCoordinatorClient.h:
413         Rename mainFrameDestroyed to paymentCoordinatorDestroyed().
414
415         * loader/EmptyClients.cpp:
416
417 2016-06-28  Frederic Wang  <fwang@igalia.com>
418
419         Remove anonymous in renderName for all MathML renderers but RenderMathMLOperator
420         https://bugs.webkit.org/show_bug.cgi?id=159114
421
422         Reviewed by Martin Robinson.
423
424         After r202420, the only anonymous MathML renderers are the RenderMathMLOperators created by
425         the mfenced element. Hence we remove the special case for anonymous in the renderName
426         implementation of most MathML renderers.
427
428         No new tests, behavior unchanged.
429
430         * rendering/mathml/RenderMathMLRow.h:
431         * rendering/mathml/RenderMathMLSpace.h:
432         * rendering/mathml/RenderMathMLToken.h:
433
434 2016-06-28  Adam Bergkvist  <adam.bergkvist@ericsson.com>
435
436         WebRTC: Robustify 'this' type check in RTCPeerConnection JS built-ins
437         https://bugs.webkit.org/show_bug.cgi?id=158831
438
439         Reviewed by Youenn Fablet.
440
441         Use @operations slot in RTCPeerConnection type check.
442
443         Updated results of existing test.
444
445         * Modules/mediastream/RTCPeerConnection.js:
446         (initializeRTCPeerConnection):
447         Initialize @operations slot in constructor.
448         * Modules/mediastream/RTCPeerConnectionInternals.js:
449         (isRTCPeerConnection):
450         Use @operations slot in type check.
451
452 2016-06-28  Frederic Wang  <fwang@igalia.com>
453
454         AX: Remove dead code in AccessibilityRenderObject::textUnderElement
455         https://bugs.webkit.org/show_bug.cgi?id=159205
456
457         Reviewed by Joanmarie Diggs.
458
459         RenderMathMLOperator used to destroy its descendants and to replace them with an anonymous
460         text node wrapped inside anonymous blocks. After r202420, it just behaves as any other token
461         elements. Hence we remove the code in AccessibilityRenderObject::textUnderElement that was
462         used to handle this specific render tree structure.
463
464         No new tests, already covered by accessibility/math-text.html.
465
466         * accessibility/AccessibilityRenderObject.cpp:
467         (WebCore::AccessibilityRenderObject::textUnderElement): Remove dead code for RenderText and RenderMathMLOperator.
468
469 2016-06-28  Per Arne Vollan  <pvollan@apple.com>
470
471         [Win] Custom elements tests are failing.
472         https://bugs.webkit.org/show_bug.cgi?id=159139
473
474         Reviewed by Alex Christensen.
475
476         Fix compile errors after enabling custom element API.
477
478         * bindings/js/JSHTMLElementCustom.cpp:
479         (WebCore::constructJSHTMLElement):
480         * dom/CustomElementDefinitions.cpp:
481         (WebCore::CustomElementDefinitions::addElementDefinition):
482         * dom/Document.cpp:
483         (WebCore::createHTMLElementWithNameValidation):
484         (WebCore::createFallbackHTMLElement):
485         * dom/Element.cpp:
486         (WebCore::Element::attributeChanged):
487         * dom/LifecycleCallbackQueue.cpp:
488         (WebCore::LifecycleQueueItem::LifecycleQueueItem):
489         (WebCore::LifecycleCallbackQueue::enqueueElementUpgrade):
490         (WebCore::LifecycleCallbackQueue::enqueueAttributeChangedCallback):
491         * html/parser/HTMLConstructionSite.cpp:
492         (WebCore::HTMLConstructionSite::insertHTMLElementOrFindCustomElementInterface):
493         (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
494         * html/parser/HTMLDocumentParser.cpp:
495         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
496         * html/parser/HTMLTreeBuilder.cpp:
497         (WebCore::CustomElementConstructionData::CustomElementConstructionData):
498         (WebCore::HTMLTreeBuilder::insertGenericHTMLElement):
499         * html/parser/HTMLTreeBuilder.h:
500
501 2016-06-28  Philippe Normand  <pnormand@igalia.com>
502
503         [GStreamer] usec rounding is wrong during accurate seeking
504         https://bugs.webkit.org/show_bug.cgi?id=90734
505
506         Reviewed by Carlos Garcia Campos.
507
508         Use floor() to round the microseconds value, this is more robust
509         than roundf.
510
511         * platform/graphics/gstreamer/GStreamerUtilities.cpp:
512         (WebCore::toGstClockTime):
513         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
514         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
515
516 2016-06-28  Philippe Normand  <pnormand@igalia.com>
517
518         [GStreamer] improved duration query support in the HTTP source element
519         https://bugs.webkit.org/show_bug.cgi?id=159204
520
521         Reviewed by Carlos Garcia Campos.
522
523         When we have the Content-Length value it is possible to infer the TIME
524         duration in most cases by performing a convert query in the downstream
525         elements. This is especially useful when the duration query wasn't
526         managed by the sinks and thus reached the source element.
527
528         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
529         (webKitWebSrcQueryWithParent):
530
531 2016-06-28  Youenn Fablet  <youenn@apple.com>
532
533         Binding generator should generate accessors for constructors safely accessed from JS builtin
534         https://bugs.webkit.org/show_bug.cgi?id=159087
535
536         Reviewed by Alex Christensen.
537
538         Removed constructor private slots direct additions in JSDOMGlobalObject.
539         Added support for generating the code that will do that.
540         Advantage of the implementation:
541         - Private slots will expose constructors that are also publically visible (previously workers had some private slots filled with WebRTC constructors).
542         - Private slots no longer require the creation of the constructors at window creation time.
543
544         Although PublicIdentifier and PrivateIdentifier are both added where needed, the binding generator does not
545         support the case of a constructor accessible only privately.
546
547         Covered by existing test set and adding binding test.
548
549         * Modules/mediastream/MediaStream.idl: Marked as PublicIdentifier/PrivateIdentifier.
550         * Modules/mediastream/MediaStreamTrack.idl: Ditto.
551         * Modules/mediastream/RTCIceCandidate.idl: Ditto.
552         * Modules/mediastream/RTCSessionDescription.idl: Ditto.
553         * Modules/streams/ReadableStream.idl: Ditto.
554         * bindings/js/JSDOMGlobalObject.cpp:
555         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Removed unneeded additions.
556         * bindings/scripts/CodeGeneratorJS.pm:
557         (GenerateImplementation): Added support for private slots for interface constructors marked as
558         PrivateIdentifier.
559         * bindings/scripts/preprocess-idls.pl:
560         (GenerateConstructorAttribute): Make PublicIdentifier/PrivateIdentifier copied interface attributes.
561         * bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.cpp:
562         (webkit_dom_test_global_object_set_property):
563         (webkit_dom_test_global_object_get_property):
564         (webkit_dom_test_global_object_class_init):
565         (webkit_dom_test_global_object_get_public_and_private_attribute):
566         (webkit_dom_test_global_object_set_public_and_private_attribute):
567         * bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.h:
568         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
569         (WebCore::JSTestGlobalObject::finishCreation):
570         (WebCore::jsTestGlobalObjectPublicAndPrivateAttribute):
571         (WebCore::setJSTestGlobalObjectPublicAndPrivateAttribute):
572         * bindings/scripts/test/ObjC/DOMTestGlobalObject.h:
573         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
574         (-[DOMTestGlobalObject publicAndPrivateAttribute]):
575         (-[DOMTestGlobalObject setPublicAndPrivateAttribute:]):
576         * bindings/scripts/test/TestGlobalObject.idl:
577
578
579 2016-06-27  Jer Noble  <jer.noble@apple.com>
580
581         REGRESSION?(r202466): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
582         https://bugs.webkit.org/show_bug.cgi?id=159172
583         <rdar://problem/27030025>
584
585         Reviewed by Brent Fulgham.
586
587         Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
588         sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
589
590         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
591         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
592         * platform/network/cocoa/WebCoreNSURLSession.h:
593         * platform/network/cocoa/WebCoreNSURLSession.mm:
594         (-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
595         (-[WebCoreNSURLSession dataTaskWithRequest:]):
596         (-[WebCoreNSURLSession dataTaskWithURL:]):
597         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
598         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
599
600 2016-06-27  Alex Christensen  <achristensen@webkit.org>
601
602         CMake build fix.
603
604         * PlatformMac.cmake:
605
606 2016-06-27  Youenn Fablet  <youenn@apple.com>
607
608         Remove didFailAccessControlCheck ThreadableLoaderClient callback
609         https://bugs.webkit.org/show_bug.cgi?id=159149
610
611         Reviewed by Daniel Bates.
612
613         Adding an AccessControl ResourceError type.
614         Replacing didFailAccessControlCheck callback by a direct call to didFail with an error of type AccessControl.
615
616         Making CrossOriginPreflightChecker always return an AccessControl error. Previously some errors created below
617         were passed directly to threadable loader clients.
618
619         When doing preflight on unauthorized web sites, WTR/DRT will trigger a cancellation error which was translating into an abort event in XMLHttpRequest.
620         This patch is changing the error type to AccessControl, which translates into an error event in XMLHttpReauest.
621
622         This change of behavior is seen in imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred.htm.
623         No other observable change of behavior should be expected.
624
625         * inspector/InspectorNetworkAgent.cpp: Computing error message in didFail according the error type.
626         * loader/CrossOriginPreflightChecker.cpp:
627         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Setting preflightFailure error type to AccessControl.
628         (WebCore::CrossOriginPreflightChecker::notifyFinished): Ditto.
629         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
630         * loader/DocumentThreadableLoader.cpp:
631         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest): Replacing didFailAccessControlCheck
632         callback by a direct call to didFail with an error of type AccessControl.
633         (WebCore::reportContentSecurityPolicyError): Ditto.
634         (WebCore::reportCrossOriginResourceSharingError): Ditto.
635         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
636         (WebCore::DocumentThreadableLoader::preflightFailure): Calling didFail directly.
637         * loader/ThreadableLoaderClient.h: Removing didFailAccessControlCheck.
638         * loader/ThreadableLoaderClientWrapper.h: Ditto.
639         * loader/WorkerThreadableLoader.cpp: Ditto.
640         * loader/WorkerThreadableLoader.h: Ditto.
641         * page/EventSource.cpp:
642         (WebCore::EventSource::didFail): Removing didFailAccessControlCheck and putting handling code in didFail.
643         * page/EventSource.h:
644         * platform/network/ResourceErrorBase.cpp:
645         (WebCore::ResourceErrorBase::setType): Softening the assertion to cover the case of migration to AccessControl.
646         * platform/network/ResourceErrorBase.h: Adding AccessControl error type.
647         (WebCore::ResourceErrorBase::isAccessControl):
648
649 2016-06-27  Chris Dumez  <cdumez@apple.com>
650
651         HTMLElement / SVGElement should implement GlobalEventHandlers, not Element
652         https://bugs.webkit.org/show_bug.cgi?id=159191
653         <rdar://problem/27019299>
654
655         Reviewed by Ryosuke Niwa.
656
657         HTMLElement / SVGElement should implement GlobalEventHandlers, not Element:
658         - https://html.spec.whatwg.org/multipage/dom.html#htmlelement
659         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
660
661         Firefox and Chrome behave as per the specification.
662
663         Fixing this also fixes rendering on http://survey123.arcgis.com/.
664
665         No new tests, covered by existing tests that were rebaselined.
666
667         * dom/Element.idl:
668         * html/HTMLElement.idl:
669         * svg/SVGElement.idl:
670
671 2016-06-27  Myles C. Maxfield  <mmaxfield@apple.com>
672
673         [macOS] Test gardening: Generic font families should not map to fonts which aren't installed
674         https://bugs.webkit.org/show_bug.cgi?id=159111
675         <rdar://problem/25807529>
676
677         Unreviewed.
678
679         Osaka-Mono does not come preinstalled on macOS Sierra. However, many Japanese users
680         will have the font installed. Before setting the generic font family, we should check
681         to see if the font is present.
682
683         * page/cocoa/SettingsCocoa.mm:
684         (WebCore::osakaMonoIsInstalled):
685         (WebCore::Settings::initializeDefaultFontFamilies):
686
687 2016-06-24  Ryosuke Niwa  <rniwa@webkit.org>
688
689         Don't keep all newly created potential custom elements alive when the feature is disabled
690         https://bugs.webkit.org/show_bug.cgi?id=159113
691
692         Reviewed by Daniel Bates.
693
694         Don't keep all HTML unknown elements which has a valid custom element alive when the feature is turned off.
695
696         Ideally we want to conform to the behavior in the Custom Elements specification and only upgrade an element
697         that is inserted into the document. We'll implement that later.
698
699         * dom/Document.cpp:
700         (WebCore::createHTMLElementWithNameValidation):
701
702 2016-06-27  Simon Fraser  <simon.fraser@apple.com>
703
704         [iOS] -webkit-overflow-scrolling: touch prevents repaint with RTL
705         https://bugs.webkit.org/show_bug.cgi?id=159186
706         rdar://problem/26659341
707
708         Reviewed by Zalan Bujtas.
709         
710         There were two issues with repaints in -webkit-overflow-scrolling:touch scrolling
711         layers.
712
713         First, if the scrolled contents were inline (e.g. a <span>), then repaints were
714         broken because RenderInline didn't call shouldApplyClipAndScrollPositionForRepaint().
715         Fix by making shouldApplyClipAndScrollPositionForRepaint() a member function of RenderBox
716         and calling it from RenderBox::computeRectForRepaint() and RenderInline::clippedOverflowRectForRepaint().
717
718         Second, repaints were broken in RTL because RenderLayerBacking::setContentsNeedDisplayInRect()
719         confused scroll offset and scroll position; it needs to subtract scrollPosition.
720         
721         Finally renamed to applyCachedClipAndScrollOffsetForRepaint() to applyCachedClipAndScrollPositionForRepaint()
722         to make it clear that it uses scrollPosition, not scrollOffset.
723
724         Tests: compositing/scrolling/touch-scrolling-repaint-spans.html
725                compositing/scrolling/touch-scrolling-repaint.html
726
727         * rendering/RenderBox.cpp:
728         (WebCore::RenderBox::applyCachedClipAndScrollPositionForRepaint):
729         (WebCore::RenderBox::shouldApplyClipAndScrollPositionForRepaint):
730         (WebCore::RenderBox::computeRectForRepaint):
731         (WebCore::RenderBox::applyCachedClipAndScrollOffsetForRepaint): Deleted.
732         (WebCore::shouldApplyContainersClipAndOffset): Deleted.
733         * rendering/RenderBox.h:
734         * rendering/RenderInline.cpp:
735         (WebCore::RenderInline::clippedOverflowRectForRepaint):
736         (WebCore::RenderInline::computeRectForRepaint):
737         * rendering/RenderLayerBacking.cpp:
738         (WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):
739         * rendering/RenderObject.cpp:
740         (WebCore::RenderObject::computeRectForRepaint):
741
742 2016-06-27  Commit Queue  <commit-queue@webkit.org>
743
744         Unreviewed, rolling out r202436.
745         https://bugs.webkit.org/show_bug.cgi?id=159190
746
747         We don't need to make this change. (Requested by thorton on
748         #webkit).
749
750         Reverted changeset:
751
752         "Do not use iOS specific telephone detection on macOS."
753         https://bugs.webkit.org/show_bug.cgi?id=159096
754         http://trac.webkit.org/changeset/202436
755
756 2016-06-27  Benjamin Poulain  <benjamin@webkit.org>
757
758         Adopt the iOS TouchEventHandler API for cases that must have synchronous dispatch
759         https://bugs.webkit.org/show_bug.cgi?id=159179
760         rdar://problem/27006387
761
762         Reviewed by Simon Fraser.
763
764         Tests: fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-block-scrolling-state.html
765                fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-document-scrolling-state.html
766                fast/events/touch/ios/block-without-overflow-scroll-scrolling-state.html
767                fast/events/touch/ios/drag-block-without-overflow-scroll-and-passive-observer-on-block.html
768                fast/events/touch/ios/drag-block-without-overflow-scroll-and-passive-observer-on-document.html
769                fast/events/touch/ios/drag-block-without-overflow-scroll.html
770
771         * dom/Document.cpp:
772         (WebCore::Document::prepareForDestruction):
773         (WebCore::Document::removeAllEventListeners):
774         * dom/Node.cpp:
775         (WebCore::Node::willBeDeletedFrom):
776         (WebCore::tryAddEventListener):
777         (WebCore::tryRemoveEventListener):
778         * html/shadow/SliderThumbElement.cpp:
779         (WebCore::SliderThumbElement::registerForTouchEvents):
780         (WebCore::SliderThumbElement::unregisterForTouchEvents):
781         * rendering/RenderLayer.cpp:
782         (WebCore::RenderLayer::registerAsTouchEventListenerForScrolling):
783         (WebCore::RenderLayer::unregisterAsTouchEventListenerForScrolling):
784
785 2016-06-27  Alex Christensen  <achristensen@webkit.org>
786
787         Fix Windows build.
788
789         * bindings/js/SerializedScriptValue.h:
790         WTF
791
792 2016-06-27  Commit Queue  <commit-queue@webkit.org>
793
794         Unreviewed, rolling out r202520.
795         https://bugs.webkit.org/show_bug.cgi?id=159185
796
797         This change broke the 32-bit El Capitan build (Requested by
798         ryanhaddad on #webkit).
799
800         Reverted changeset:
801
802         "REGRESSION?(r202466): http/tests/security/canvas-remote-read-
803         remote-video-redirect.html failing on Sierra"
804         https://bugs.webkit.org/show_bug.cgi?id=159172
805         http://trac.webkit.org/changeset/202520
806
807 2016-06-27  Jer Noble  <jer.noble@apple.com>
808
809         REGRESSION?(r202466): http/tests/security/canvas-remote-read-remote-video-redirect.html failing on Sierra
810         https://bugs.webkit.org/show_bug.cgi?id=159172
811         <rdar://problem/27030025>
812
813         Reviewed by Brent Fulgham.
814
815         Add a hasSingleSecurityOrigin property to WebCoreNSURLSession that gets updated each time one of that
816         sessions' tasks receieves a response or a redirect request. Check that property from the MediaPlayerPrivate.
817
818         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
819         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
820         * platform/network/cocoa/WebCoreNSURLSession.h:
821         * platform/network/cocoa/WebCoreNSURLSession.mm:
822         (-[WebCoreNSURLSession updateHasSingleSecurityOrigin:]):
823         (-[WebCoreNSURLSession dataTaskWithRequest:]):
824         (-[WebCoreNSURLSession dataTaskWithURL:]):
825         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
826         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
827
828 2016-06-27  Benjamin Poulain  <benjamin@webkit.org>
829
830         Fix style invalidation for :active when the activated node has no renderer
831         https://bugs.webkit.org/show_bug.cgi?id=159125
832
833         Reviewed by Antti Koivisto.
834
835         Same old bug: a style invalidation path was depending
836         on the style.
837
838         Here we really need both flags. An element can have
839         childrenAffectedByActive() false and renderStyle->affectedByActive() true
840         if it was subject to style sharing.
841
842         The element state "childrenAffectedByActive" should be renamed
843         "styleAffectedByActive" since it is not a parent invalidation flag.
844         That will be done separately.
845
846         Tests: fast/css/pseudo-active-on-labeled-control-without-renderer.html
847                fast/css/pseudo-active-style-sharing-1.html
848                fast/css/pseudo-active-style-sharing-2.html
849                fast/css/pseudo-active-style-sharing-3.html
850                fast/css/pseudo-active-style-sharing-4.html
851                fast/css/pseudo-active-style-sharing-5.html
852                fast/css/pseudo-active-style-sharing-6.html
853
854         * dom/Element.cpp:
855         (WebCore::Element::setActive):
856         * style/StyleRelations.cpp:
857         (WebCore::Style::commitRelationsToRenderStyle):
858
859 2016-06-27  Joanmarie Diggs  <jdiggs@igalia.com>
860
861         AX: REGRESSION (r202063): ARIA role attribute is being ignored for label element
862         https://bugs.webkit.org/show_bug.cgi?id=159162
863
864         Reviewed by Chris Fleizach.
865
866         createFromRenderer() was creating an AccessibilityLabel for any HTMLLabelElement which
867         lacked an explicitly-handled ARIA role. We should instead create an AccessibilityLabel
868         when there is no ARIA role.
869
870         Test: accessibility/aria-role-on-label.html
871
872         * accessibility/AXObjectCache.cpp:
873         (WebCore::createFromRenderer):
874
875 2016-06-27  Commit Queue  <commit-queue@webkit.org>
876
877         Unreviewed, rolling out r202505.
878         https://bugs.webkit.org/show_bug.cgi?id=159169
879
880         The test added with this change is flaky and it caused an
881         existing test to time out on El Capitan. (Requested by
882         ryanhaddad on #webkit).
883
884         Reverted changeset:
885
886         "[iOS] Media controls are too cramped with small video"
887         https://bugs.webkit.org/show_bug.cgi?id=158815
888         http://trac.webkit.org/changeset/202505
889
890 2016-06-27  Benjamin Poulain  <bpoulain@apple.com>
891
892         Add :focus-within to the status page
893
894         * features.json:
895         I forgot to update the json file when landing the feature.
896
897 2016-06-27  Eric Carlson  <eric.carlson@apple.com>
898
899         [Mac] PiP placeholder should remain visible when 'controls' attribute is removed
900         https://bugs.webkit.org/show_bug.cgi?id=159158
901         <rdar://problem/26727435>
902
903         Reviewed by Jer Noble.
904
905         No new tests, existing test updated.
906
907         * Modules/mediacontrols/mediaControlsApple.js:
908         (Controller.prototype.shouldHaveControls): Always return true when in PiP or AirPlay mode.
909
910 2016-06-27  Oliver Hunt  <oliver@apple.com>
911
912         Update ATS WebContent exception for more robust framework information
913         https://bugs.webkit.org/show_bug.cgi?id=159151
914
915         Reviewed by Alex Christensen.
916
917         We found some unexpected poor interaction with AVFoundation in the existing
918         CFNetwork SPI. This new SPI is more solid and let's us provide more useful
919         information while also being more future proof against new frameworks and
920         ATS modes.
921
922         * platform/network/mac/ResourceHandleMac.mm:
923         (WebCore::ResourceHandle::createNSURLConnection):
924
925 2016-06-27  Antoine Quint  <graouts@apple.com>
926
927         [iOS] Media controls are too cramped with small video
928         https://bugs.webkit.org/show_bug.cgi?id=158815
929         <rdar://problem/26824238>
930
931         Reviewed by Dean Jackson.
932
933         In updateLayoutForDisplayedWidth(), we try to ensure a minimum width is guaranteed
934         for the progress indicator. However, we were not accounting for the width used by
935         the current and remaining time labels on either side of it, so we would incorrectly
936         conclude that we were guaranteeing the minimum time and yield incorrect layouts since
937         we were trying to fit more buttons than we had room for.
938
939         In order to correctly compute the available width for the progress indicator, we now
940         have clones of the current and remaining time labels, hidden from video and VoiceOver,
941         that we update along with the originals. The same styles apply to both clones and
942         originals, so we may measure the clones to determine the space used by the time labels.
943         The reason we need to use clones is that if the time labels had previously been hidden
944         from view, precisely because there was not enough space to display them along with the
945         progress indicator, then trying to obtain metrics from them would yield 0 since they had
946         "display: none" styles applied. In order to avoid extra layouts and possible flashing, we
947         use the clones so that we never have to toggle the "display" property of the originals
948         just to obtain their measurements.
949
950         As a result of this change, we adjust the constant used to set the minimum required
951         width available to display the progress indicator after all other essential controls
952         and labels have been measured. That constant used to account for the width of the
953         time labels, and this is no longer correct.
954
955         Test: media/video-controls-drop-and-restore-timeline.html
956
957         * Modules/mediacontrols/mediaControlsApple.css:
958         (::-webkit-media-controls-time-remaining-display.clone):
959         * Modules/mediacontrols/mediaControlsApple.js:
960         (Controller):
961         (Controller.prototype.createTimeClones):
962         (Controller.prototype.removeTimeClass):
963         (Controller.prototype.addTimeClass):
964         (Controller.prototype.updateDuration):
965         (Controller.prototype.updateLayoutForDisplayedWidth):
966         (Controller.prototype.updateTime):
967         (Controller.prototype.updateControlsWhileScrubbing):
968         * Modules/mediacontrols/mediaControlsiOS.css:
969         (::-webkit-media-controls-time-remaining-display.clone):
970         * Modules/mediacontrols/mediaControlsiOS.js:
971
972 2016-06-27  Anders Carlsson  <andersca@apple.com>
973
974         No error message when passing an invalid API version to ApplePaySession constructor
975         https://bugs.webkit.org/show_bug.cgi?id=159154
976
977         Reviewed by Tim Horton.
978
979         Log an error message if the version is not supported. Also, check for version 0 since that is also not supported.
980
981         * Modules/applepay/ApplePaySession.cpp:
982         (WebCore::ApplePaySession::create):
983
984 2016-06-27  Joanmarie Diggs  <jdiggs@igalia.com>
985
986         AX: Anonymous RenderMathMLOperators are not exposed to the accessibility tree
987         https://bugs.webkit.org/show_bug.cgi?id=139582
988         <rdar://problem/26938849>
989
990         Reviewed by Chris Fleizach.
991
992         This is based on a patch by Frederic Wang <fwang@igalia.com>.
993
994         WebCore assigns the generic MathElementRole AccessibilityRole to elements
995         which are expected to be included in the accessibility tree. This assignment
996         is based on the AccessibilityRenderObject's node being a MathMLElement. The
997         anonymous RenderMathMLOperators fail that test.
998
999         From the perspective of accessibility support, these operators function
1000         like MathMLElements. Furthermore, both WebCore and the platforms rely
1001         upon MathElementRole to identify accessible MathML objects. The simplest
1002         fix is to have AccessibilityRenderObject::isMathElement() treat anonymous
1003         MathML operators as if they were MathMLElements.
1004
1005         Now that these operators are being exposed, we need to handle them in
1006         AccessibilityRenderObject::textUnderElement() which assumes that anonymous
1007         objects either have nodes or have children with nodes. And crashes when
1008         that fails to be the case. Making RenderMathMLOperator::textContent()
1009         public and then using it to get the text under anonymous operators solves
1010         this problem. We also assign StaticTextRole to these operators on the Mac
1011         because the default platform mapping of MathElementRole is GroupRole, which
1012         made sense when we had a child RenderText object holding the operator.
1013
1014         Lastly, AccessibilityRenderObject::isIgnoredElementWithinMathTree() no
1015         longer needs to special-case anonymous operators because they now have
1016         MathElementRole.
1017
1018         Tests: accessibility/math-fenced.html
1019                accessibility/math-foreign-content.html
1020
1021         * accessibility/AccessibilityObject.h:
1022         (WebCore::AccessibilityObject::isAnonymousMathOperator):
1023         * accessibility/AccessibilityRenderObject.cpp:
1024         (WebCore::AccessibilityRenderObject::textUnderElement):
1025         (WebCore::AccessibilityRenderObject::stringValue):
1026         (WebCore::AccessibilityRenderObject::isMathElement):
1027         (WebCore::AccessibilityRenderObject::isAnonymousMathOperator):
1028         (WebCore::AccessibilityRenderObject::isIgnoredElementWithinMathTree):
1029         * accessibility/AccessibilityRenderObject.h:
1030         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1031         (-[WebAccessibilityObjectWrapper role]):
1032         * rendering/mathml/RenderMathMLMath.h:
1033         * rendering/mathml/RenderMathMLOperator.h:
1034         (WebCore::RenderMathMLOperator::textContent):
1035
1036 2016-06-27  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1037
1038         WebRTC: Remove unused RTCOfferAnswerOptionsPrivate.h
1039         https://bugs.webkit.org/show_bug.cgi?id=159130
1040
1041         Reviewed by Eric Carlson.
1042
1043         Remove unused RTCOfferAnswerOptionsPrivate.h file.
1044
1045         * platform/mediastream/RTCOfferAnswerOptionsPrivate.h: Removed.
1046
1047 2016-06-27  Jer Noble  <jer.noble@apple.com>
1048
1049         Crash in layout test /media/video-buffered-range-contains-currentTime.html
1050         https://bugs.webkit.org/show_bug.cgi?id=159109
1051         <rdar://problem/26535750>
1052
1053         Reviewed by Alex Christensen.
1054
1055         Guard against a dealloc race condition by holding a retain on the session
1056         until the task's _resource:loadFinishedWithError: completes, including
1057         main thread callbacks.
1058         
1059         * platform/network/cocoa/WebCoreNSURLSession.mm:
1060         (-[WebCoreNSURLSessionDataTask _resource:loadFinishedWithError:]):
1061
1062 2016-06-27  Frederic Wang  <fwang@igalia.com>
1063
1064         Set an upper limit for the size or number of pieces of stretchy operators
1065         https://bugs.webkit.org/show_bug.cgi?id=155434
1066
1067         Reviewed by Brent Fulgham.
1068
1069         Stretchy MathML operators can currently use an arbitrary number of extension glyphs to cover
1070         a target size. This may result in hangs if large stretch sizes are requested. This change
1071         only allow at most the 128 first extensions to be painted by the MathOperator class, which
1072         should really be enough for mathematical formulas used in practice.
1073
1074         No new tests, already tested by very-large-stretchy-operators.
1075
1076         * rendering/mathml/MathOperator.cpp: Add a new kMaximumExtensionCount constant.
1077         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Limit the number of step in this loop to kMaximumExtensionCount.
1078         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Ditto.
1079
1080 2016-06-27  Frederic Wang  <fred.wang@free.fr>
1081
1082         Small refactoring MathMLInlineContainerElement::createElementRenderer
1083         https://bugs.webkit.org/show_bug.cgi?id=159131
1084
1085         Reviewed by Brent Fulgham.
1086
1087         Many of the MathML renderer classes have been merged during the MathML refactoring. We
1088         simplify how instances are created in MathMLInlineContainerElement::createElementRenderer
1089         by removing duplicate createRenderer calls.
1090
1091         No new tests, behavior unchanged.
1092
1093         * mathml/MathMLInlineContainerElement.cpp:
1094         (WebCore::MathMLInlineContainerElement::createElementRenderer):
1095
1096 2016-06-27  Miguel Gomez  <magomez@igalia.com>
1097
1098         [GTK][EFL] Build with threaded compositor enabled is broken
1099         https://bugs.webkit.org/show_bug.cgi?id=159138
1100
1101         Reviewed by Carlos Garcia Campos.
1102
1103         No need to set the device scale. The compositor buffer is only used for the accelerated
1104         canvas scenario, and the device scale is always 1 there.
1105         This change was introduced in r202421.
1106
1107         Covered by existing tests.
1108
1109         * platform/graphics/cairo/ImageBufferCairo.cpp:
1110         (WebCore::ImageBufferData::createCompositorBuffer):
1111
1112 2016-06-27  Philippe Normand  <philn@igalia.com>
1113
1114         [GStreamer] top/bottom black bars added needlessly in fullscreen
1115         https://bugs.webkit.org/show_bug.cgi?id=158980
1116
1117         Reviewed by Carlos Garcia Campos.
1118
1119         The natural video size calculation depends on the validity of the
1120         current sample, so whenever the first sample reached the sink it's a
1121         good idea to reflect this on the player which will update its natural
1122         size accordingly.
1123
1124         Fixes an issue where black borders were added on top and bottom of
1125         fullscreen video.
1126
1127         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1128         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
1129
1130 2016-06-27  Youenn Fablet  <youenn@apple.com>
1131
1132         Remove didFailRedirectCheck ThreadableLoaderClient callback
1133         https://bugs.webkit.org/show_bug.cgi?id=159085
1134
1135         Reviewed by Daniel Bates.
1136
1137         Removing didFailRedirectCheck and using didFailAccessControlCheck instead.
1138         The change in behavior is that additional error messages are outputted in the console.
1139         These messages give additional debugging information.
1140
1141         Covered by rebased tests.
1142
1143         * Modules/fetch/FetchLoader.cpp: Removing didFailRedirectCheck.
1144         * Modules/fetch/FetchLoader.h: Ditto.
1145         * inspector/InspectorNetworkAgent.cpp: Ditto.
1146         * loader/DocumentThreadableLoader.cpp:
1147         (WebCore::DocumentThreadableLoader::redirectReceived): Calling didFailAccessControlCheck with information on failing
1148         URL.
1149         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
1150         * loader/ThreadableLoaderClient.h: Removing didFailRedirectCheck.
1151         * loader/ThreadableLoaderClientWrapper.h: Ditto.
1152         * loader/WorkerThreadableLoader.cpp: Ditto.
1153         * loader/WorkerThreadableLoader.h: Ditto.
1154         * page/EventSource.cpp: Ditto.
1155         * page/EventSource.h: Ditto.
1156         * workers/WorkerScriptLoader.cpp: Ditto.
1157         * workers/WorkerScriptLoader.h: Ditto.
1158         * xml/XMLHttpRequest.cpp: Ditto.
1159         * xml/XMLHttpRequest.h: Ditto.
1160
1161 2016-06-26  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1162
1163         [EFL] Fix build warning when using geoclue2
1164         https://bugs.webkit.org/show_bug.cgi?id=159128
1165
1166         Reviewed by Antonio Gomes.
1167
1168         EFL port has handled build warning as error. So EFL port
1169         hasn't been built when we use geoclue2 library because a generated geoclue2 file
1170         has unused-parameter build warning. To fix it this patch set to ignore the build warning
1171         in the generated geoclue2 file.
1172
1173         * PlatformEfl.cmake:
1174
1175 2016-06-26  Chris Dumez  <cdumez@apple.com>
1176
1177         Regression: HTMLOptionsCollection's named properties have precedence over indexed properties
1178         https://bugs.webkit.org/show_bug.cgi?id=159058
1179         <rdar://problem/26988542>
1180
1181         Reviewed by Ryosuke Niwa.
1182
1183         HTMLOptionsCollection's named properties had precedence over indexed properties,
1184         which is wrong as per:
1185         http://heycam.github.io/webidl/#getownproperty-guts
1186
1187         The reason is that there was a named property getter defined on HTMLOptionsCollection
1188         but no indexed property getter. As a result, HTMLOptionsCollection would fall back to
1189         using HTMLCollection's indexed property getter but HTMLOptionsCollection's named getter
1190         would take precedence. This patch defines an indexed property getter on
1191         HTMLOptionsCollection to fix the problem.
1192
1193         Ideally, HTMLOptionsCollection would have no indexed / named property getters and would
1194         entirely rely on the ones from HTMLCollection. However, our bindings generator currently
1195         has trouble with this and requires HTMLOptionsCollection to have a named getter.
1196
1197         Test: fast/dom/HTMLSelectElement/options-indexed-getter-precedence.html
1198
1199         * html/HTMLOptionsCollection.idl:
1200
1201 2016-06-26  Chris Dumez  <cdumez@apple.com>
1202
1203         Regression(r202262): Infinite loop under searchForLinkRemovingExistingDDLinks()
1204         https://bugs.webkit.org/show_bug.cgi?id=159122
1205         <rdar://problem/27014649>
1206
1207         Reviewed by Ryosuke Niwa.
1208
1209         Infinite loop under searchForLinkRemovingExistingDDLinks() because the
1210         value returned by NodeTraversal::next() was ignored and the node iterator
1211         was never updated.
1212
1213         * editing/cocoa/DataDetection.mm:
1214         (WebCore::searchForLinkRemovingExistingDDLinks):
1215
1216 2016-06-25  Benjamin Poulain  <bpoulain@apple.com>
1217
1218         The active state of elements can break when focus changes
1219         https://bugs.webkit.org/show_bug.cgi?id=159112
1220
1221         Reviewed by Antti Koivisto.
1222
1223         The pseudo class :active was behaving weirdly when used
1224         with label elements with an associated form element.
1225         The form element would get the :active state on the first click
1226         then no longer get the state until the focus changes.
1227
1228         What was happenning is setFocusedElement() was clearing active
1229         for some unknown reason. When you really do that on an active element,
1230         you end up in an inconsistent state where no invalidation works.
1231
1232         The two tests illustrates 2 ways this breaks.
1233
1234         The test "pseudo-active-on-labeled-element-not-canceled-by-focus" clicks
1235         several time on a lable element. The first time, the input element gets
1236         the focus. The second time, it already has the focus, setFocusedElement()
1237         clears :active before finding the focusable element and end up clearing
1238         the active state on a target in the active chain.
1239
1240         The test "pseudo-active-with-programmatic-focus.html" shows how to invalidate
1241         arbitrary elements using JavaScript. This can cause severely broken active
1242         chains where invalidation never cleans some ancestors.
1243
1244         Tests: fast/css/pseudo-active-on-labeled-element-not-canceled-by-focus.html
1245                fast/css/pseudo-active-with-programmatic-focus.html
1246
1247         * dom/Document.cpp:
1248         (WebCore::Document::setFocusedElement): Deleted.
1249
1250         * page/EventHandler.cpp:
1251         (WebCore::EventHandler::handleMouseDoubleClickEvent):
1252         This is WebKit1 specific. The double click event was dispatching
1253         the mouseUp and Click with after doing an Active hit test.
1254         This causes us to have :active state in and after mouseUp in WebKit1.
1255
1256 2016-06-24  Jer Noble  <jer.noble@apple.com>
1257
1258         Consider exposing or hiding knowledge of a redirect from clients of WebCoreNSURLSession
1259         https://bugs.webkit.org/show_bug.cgi?id=156722
1260         <rdar://problem/25780035>
1261
1262         Reviewed by Alex Christensen.
1263
1264         Fixes tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
1265                      http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html
1266
1267         When receieving a NSURLResponse containing a redirected URL, AVFoundadtion will use the
1268         URL in the response for subsequent requests. This violates the HTTP specification if the
1269         redirect was temporary, and it also breaks two CSP tests by bypassing the redirect step
1270         for subsequent requests.
1271
1272         Work around this behavior in AVFoundation by recreating the NSURLResponse with the original
1273         request URL in the case of a temporary redirect.
1274
1275         * platform/network/cocoa/WebCoreNSURLSession.mm:
1276         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
1277         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
1278
1279 2016-06-24  Jer Noble  <jer.noble@apple.com>
1280
1281         MSE gets confused by in-band text tracks
1282         https://bugs.webkit.org/show_bug.cgi?id=159107
1283         <rdar://problem/26871330>
1284
1285         Reviewed by Eric Carlson.
1286
1287         We can't currently handle text track samples in SourceBufferPrivateAVFObjC,
1288         so don't pass them up to SourceBuffer.
1289
1290         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1291         (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):
1292         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
1293
1294 2016-06-24  Mark Lam  <mark.lam@apple.com>
1295
1296         [JSC] Error prototypes are called on remote scripts.
1297         https://bugs.webkit.org/show_bug.cgi?id=52192
1298
1299         Reviewed by Keith Miller.
1300
1301         Test: http/tests/security/regress-52192.html
1302
1303         Parsing errors are reported to the main script's window.onerror function.  AFAIK,
1304         both Chrome and Firefox have the error reporting mechanism use an internal
1305         sanitized version of Error.prototype.toString() that will not invoke any getters
1306         or proxies instead.
1307
1308         This patch fixes this issue by matching Chrome and Firefox's behavior.
1309
1310         Note: we did not choose to make error objects and prototypes read-only because
1311         that was observed to have broken the web.
1312         See https://bugs.chromium.org/p/chromium/issues/detail?id=69187#c73
1313
1314         Credit for reporting this issue goes to Daniel Divricean (http://divricean.ro).
1315
1316         * bindings/js/JSDOMBinding.cpp:
1317         (WebCore::reportException):
1318         * ForwardingHeaders/runtime/ErrorInstance.h: Added.
1319
1320 2016-06-24  Jer Noble  <jer.noble@apple.com>
1321
1322         Media elements should not lose playback controls when muted by a user gesture
1323         https://bugs.webkit.org/show_bug.cgi?id=159078
1324         <rdar://problem/26925904>
1325
1326         Reviewed by Beth Dakin.
1327
1328         Rearrange canControlControlsManager() so that the muted check only occurs if
1329         a user gesture is required.
1330
1331         * html/MediaElementSession.cpp:
1332         (WebCore::MediaElementSession::canControlControlsManager):
1333
1334 2016-06-24  Beth Dakin  <bdakin@apple.com>
1335
1336         Include enclosingListType in EditorState
1337         https://bugs.webkit.org/show_bug.cgi?id=159102
1338         -and corresponding-
1339         rdar://problem/26932490
1340
1341         Reviewed by Enrica Casucci.
1342
1343         Make HTMLOListElement.h and HTMLUListElement.h Private instead of Project.
1344         * WebCore.xcodeproj/project.pbxproj:
1345
1346         Export enclosingList(Node*)
1347         * editing/htmlediting.h:
1348
1349 2016-06-24  Anders Carlsson  <andersca@apple.com>
1350
1351         Another Windows build fix.
1352
1353         * platform/network/BlobRegistry.h:
1354
1355 2016-06-24  Anders Carlsson  <andersca@apple.com>
1356
1357         Yet another Windows build fix.
1358
1359         * dom/ActiveDOMCallbackMicrotask.h:
1360
1361 2016-06-24  Anders Carlsson  <andersca@apple.com>
1362
1363         Another Windows build fix.
1364
1365         * page/FrameView.h:
1366
1367 2016-06-24  Anders Carlsson  <andersca@apple.com>
1368
1369         Inline more of the Apple Pay source code
1370         https://bugs.webkit.org/show_bug.cgi?id=159099
1371
1372         Reviewed by Andreas Kling.
1373
1374         * page/Settings.h:
1375         (WebCore::Settings::applePayEnabled):
1376         (WebCore::Settings::setApplePayEnabled):
1377         (WebCore::Settings::applePayCapabilityDisclosureAllowed):
1378         (WebCore::Settings::setApplePayCapabilityDisclosureAllowed):
1379
1380 2016-06-24  Anders Carlsson  <andersca@apple.com>
1381
1382         Windows build fix.
1383
1384         * platform/GenericTaskQueue.h:
1385         (WebCore::TaskDispatcher::postTask):
1386
1387 2016-06-24  Frederic Wang  <fwang@igalia.com>
1388
1389         Use auto* for MathML elements and renderers when possible
1390         https://bugs.webkit.org/show_bug.cgi?id=159090
1391
1392         Reviewed by Alex Christensen.
1393
1394         No new tests, behavior is unchanged.
1395
1396         * mathml/MathMLElement.cpp:
1397         (WebCore::MathMLElement::attributeChanged):
1398         * mathml/MathMLSelectElement.cpp:
1399         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
1400         (WebCore::MathMLSelectElement::getSelectedActionChild):
1401         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
1402         (WebCore::MathMLSelectElement::updateSelectedChild):
1403         * rendering/mathml/RenderMathMLFraction.cpp:
1404         (WebCore::RenderMathMLFraction::isValid):
1405         * rendering/mathml/RenderMathMLMenclose.cpp:
1406         (WebCore::RenderMathMLMenclose::layoutBlock):
1407         * rendering/mathml/RenderMathMLRoot.cpp:
1408         (WebCore::RenderMathMLRoot::isValid):
1409         * rendering/mathml/RenderMathMLRow.cpp:
1410         (WebCore::RenderMathMLRow::firstLineBaseline):
1411         (WebCore::RenderMathMLRow::computeLineVerticalStretch):
1412         (WebCore::RenderMathMLRow::computePreferredLogicalWidths):
1413         (WebCore::RenderMathMLRow::layoutRowItems):
1414         * rendering/mathml/RenderMathMLScripts.cpp:
1415         (WebCore::RenderMathMLScripts::unembellishedOperator):
1416         (WebCore::RenderMathMLScripts::getBaseAndScripts):
1417         (WebCore::RenderMathMLScripts::computePreferredLogicalWidths):
1418         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1419         (WebCore::RenderMathMLScripts::layoutBlock):
1420         (WebCore::RenderMathMLScripts::firstLineBaseline):
1421         * rendering/mathml/RenderMathMLUnderOver.cpp:
1422         (WebCore::RenderMathMLUnderOver::firstLineBaseline):
1423         (WebCore::RenderMathMLUnderOver::isValid):
1424         (WebCore::RenderMathMLUnderOver::over):
1425
1426 2016-06-24  Joseph Pecoraro  <pecoraro@apple.com>
1427
1428         Remove unused and static return value from InspectorStyle::populateAllProperties
1429         https://bugs.webkit.org/show_bug.cgi?id=159069
1430
1431         Reviewed by Andreas Kling.
1432
1433         * inspector/InspectorStyleSheet.cpp:
1434         (WebCore::InspectorStyle::populateAllProperties):
1435         * inspector/InspectorStyleSheet.h:
1436
1437 2016-06-21  Anders Carlsson  <andersca@apple.com>
1438
1439         Rename NoncopyableFunction to Function
1440         https://bugs.webkit.org/show_bug.cgi?id=158354
1441
1442         Reviewed by Chris Dumez.
1443
1444         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1445         (WebCore::MediaEndpointPeerConnection::runTask):
1446         * Modules/mediastream/MediaEndpointPeerConnection.h:
1447         * Modules/webaudio/AudioDestinationNode.h:
1448         (WebCore::AudioDestinationNode::resume):
1449         (WebCore::AudioDestinationNode::suspend):
1450         (WebCore::AudioDestinationNode::close):
1451         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
1452         (WebCore::DefaultAudioDestinationNode::resume):
1453         (WebCore::DefaultAudioDestinationNode::suspend):
1454         (WebCore::DefaultAudioDestinationNode::close):
1455         * Modules/webaudio/DefaultAudioDestinationNode.h:
1456         * dom/ActiveDOMCallbackMicrotask.cpp:
1457         (WebCore::ActiveDOMCallbackMicrotask::ActiveDOMCallbackMicrotask):
1458         * dom/ActiveDOMCallbackMicrotask.h:
1459         * dom/ScriptExecutionContext.h:
1460         (WebCore::ScriptExecutionContext::Task::Task):
1461         * fileapi/AsyncFileStream.cpp:
1462         (WebCore::callOnFileThread):
1463         (WebCore::AsyncFileStream::perform):
1464         * fileapi/AsyncFileStream.h:
1465         * page/FrameView.cpp:
1466         (WebCore::FrameView::queuePostLayoutCallback):
1467         (WebCore::FrameView::flushPostLayoutTasksQueue):
1468         * page/FrameView.h:
1469         * page/scrolling/ScrollingThread.cpp:
1470         (WebCore::ScrollingThread::dispatch):
1471         (WebCore::ScrollingThread::dispatchBarrier):
1472         (WebCore::ScrollingThread::dispatchFunctionsFromScrollingThread):
1473         * page/scrolling/ScrollingThread.h:
1474         * platform/GenericTaskQueue.cpp:
1475         (WebCore::TaskDispatcher<Timer>::postTask):
1476         * platform/GenericTaskQueue.h:
1477         (WebCore::TaskDispatcher::postTask):
1478         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
1479         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
1480         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::scheduleDeferredTask):
1481         * platform/mediastream/MediaStreamPrivate.cpp:
1482         (WebCore::MediaStreamPrivate::scheduleDeferredTask):
1483         * platform/mediastream/MediaStreamPrivate.h:
1484         * platform/mediastream/mac/AVMediaCaptureSource.h:
1485         * platform/mediastream/mac/AVMediaCaptureSource.mm:
1486         (WebCore::AVMediaCaptureSource::scheduleDeferredTask):
1487         * style/StyleTreeResolver.cpp:
1488         (WebCore::Style::postResolutionCallbackQueue):
1489         (WebCore::Style::queuePostResolutionCallback):
1490         * style/StyleTreeResolver.h:
1491
1492 2016-06-24  Amir Alavi  <aalavi@apple.com>
1493
1494         Use _CFHTTPCookieStorageGetDefault directly instead of NSHTTPCookieStorage to get default cookie storage
1495         https://bugs.webkit.org/show_bug.cgi?id=159095
1496         rdar://problem/26630073
1497
1498         Reviewed by Brent Fulgham.
1499
1500         No new tests, it isn't possible to test this in a LayoutTest.
1501
1502         * platform/network/mac/CookieJarMac.mm:
1503         (WebCore::httpCookiesForURL): Get a CFHTTPCookieStorageRef when no cookie storage is provided to match the case when cookie storage is provided.
1504
1505 2016-06-24  Enrica Casucci  <enrica@apple.com>
1506
1507         Do not use iOS specific telephone detection on macOS.
1508         https://bugs.webkit.org/show_bug.cgi?id=159096
1509         rdar://problem/25870571
1510
1511         Reviewed by Anders Carlsson.
1512
1513         Adding platform guard.
1514
1515         * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
1516         (WebCore::TelephoneNumberDetector::phoneNumbersScanner):
1517
1518 2016-06-24  Jer Noble  <jer.noble@apple.com>
1519
1520         Unreviewed build fix after r202429; AVStreamDataParser does not exist on iOS.
1521
1522         * platform/spi/mac/AVFoundationSPI.h:
1523
1524 2016-06-24  Jer Noble  <jer.noble@apple.com>
1525
1526         Unreviewed build fix after r202429; Fix the type of the delegate property on AVStreamDataParser.
1527
1528         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1529         * platform/spi/mac/AVFoundationSPI.h:
1530
1531 2016-06-02  Jer Noble  <jer.noble@apple.com>
1532
1533         [MSE] Adopt +[AVStreamDataParser outputMIMECodecParameterForInputMIMECodecParameter:]
1534         https://bugs.webkit.org/show_bug.cgi?id=158312
1535
1536         Reviewed by Eric Carlson.
1537
1538         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1539         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType):
1540
1541         Move the declaration of AVStreamDataParser into AVFoundationSPI.h:
1542
1543         * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
1544         (WebCore::CDMSessionAVStreamSession::update):
1545         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1546         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1547         (-[WebAVStreamDataParserListener streamDataParser:didProvideMediaData:forTrackID:mediaType:flags:]):
1548         * platform/spi/mac/AVFoundationSPI.h:
1549
1550 2016-06-24  Eric Carlson  <eric.carlson@apple.com>
1551
1552         [iOS, Mac] Assume a media file has audio during AirPlay
1553         https://bugs.webkit.org/show_bug.cgi?id=159088
1554         <rdar://problem/24616592>
1555
1556         Reviewed by Jer Noble.
1557
1558         No new tests, it isn't possible to test this in a LayoutTest.
1559
1560         * html/HTMLMediaElement.cpp:
1561         (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): Call 
1562           mediaSession->setCanProduceAudio(true) when AirPlay becomes active.
1563
1564 2016-06-24  Jer Noble  <jer.noble@apple.com>
1565
1566         Playback controls refer to wrong element when playing multiple items in a page.
1567         https://bugs.webkit.org/show_bug.cgi?id=159076
1568         <rdar://problem/26953532>
1569
1570         Reviewed by Beth Dakin.
1571
1572         Use a new method PlatformMediaSessionManager::currentSessionMatching() to get
1573         the most recently active media element which qualifies for playback controls.
1574
1575         * html/HTMLMediaElement.cpp:
1576         (WebCore::HTMLMediaElement::updatePlaybackControlsManager): Get the most recently active session.
1577         * html/MediaElementSession.cpp:
1578         (WebCore::MediaElementSession::canControlControlsManager): Make virtual; no longer takes an element.
1579         * html/MediaElementSession.h:
1580         (isType): Allow downcasting from PlatformMediaSession -> MediaElementSession.
1581         * page/ChromeClient.h:
1582         * platform/audio/PlatformMediaSession.h:
1583         (WebCore::PlatformMediaSession::canControlControlsManager): Defaults to false;
1584         * platform/audio/PlatformMediaSessionManager.cpp:
1585         (WebCore::PlatformMediaSessionManager::currentSessionMatching): Added.
1586         * platform/audio/PlatformMediaSessionManager.h:
1587
1588 2016-06-24  Dan Bernstein  <mitz@apple.com>
1589
1590         Fixed the macOS build.
1591
1592         * platform/spi/cocoa/DataDetectorsCoreSPI.h:
1593
1594 2016-06-24  Dan Bernstein  <mitz@apple.com>
1595
1596         [iOS] Inline DataDetectorsAdditions.h
1597         https://bugs.webkit.org/show_bug.cgi?id=159093
1598
1599         Reviewed by Anders Carlsson.
1600
1601         * editing/cocoa/DataDetection.mm:
1602         (WebCore::constructURLStringForResult): Use soft-linked constant directly.
1603
1604         * platform/cocoa/DataDetectorsCoreSoftLink.h: Declare soft-linked constant.
1605         * platform/cocoa/DataDetectorsCoreSoftLink.mm: Define soft-linked constant.
1606         * platform/spi/cocoa/DataDetectorsCoreSPI.h: Declare constant.
1607
1608 2016-06-24  Yusuke Suzuki  <utatane.tea@gmail.com>
1609
1610         [GTK][EFL] ImageBufferCairo should accept resolution factor
1611         https://bugs.webkit.org/show_bug.cgi?id=157848
1612
1613         Reviewed by Martin Robinson.
1614
1615         ImageBufferCairo ignored the resolution factor passed in its constructor.
1616         This resolution factor is originally introduced for HiDPI Canvas,
1617         and since HiDPI canvas is not enabled in the ports using Cairo,
1618         the lack of this implementation does not cause any problems.
1619         And now, HiDPI Canvas is removed from the tree.
1620
1621         However, WebKit CSS filter uses this path.
1622         The missing implementation is required under the HiDPI environment.
1623
1624         Since Cairo surface can have the device scale factor transparently,
1625         the operations onto the surface is correctly done in the logical coordinate system.
1626         So all we need to handle carefully is the direct surface modification done
1627         in filter effects.
1628
1629         In this patch, we extend the image buffer size according to the resolution factor,
1630         as the same to the CoreGraphics' implementation (ImageBufferCG). And by setting the
1631         device scale factor of the surface correctly, we ensure that the rest of the Cairo
1632         painting stack works with the existing logical coordinate system. And in ImageBufferCairo,
1633         we carefully handle the logical and backing store coordinate system.
1634
1635         The attached test applies the CSS filter onto the svg image. And we resize the image size,
1636         and perform scrolling. It incurs the paint, and filter effect recalcuation.
1637         In that path, the filter effect side assumes that the image buffer size is scaled with the
1638         resolution factor. So without this patch, it incurs buffer overflow and leads WebProcess crash.
1639
1640         * platform/graphics/IntPoint.h:
1641         (WebCore::IntPoint::scale):
1642         * platform/graphics/cairo/ImageBufferCairo.cpp:
1643         (WebCore::ImageBufferData::createCompositorBuffer):
1644         (WebCore::ImageBuffer::ImageBuffer):
1645         (WebCore::ImageBuffer::copyImage):
1646         (WebCore::ImageBuffer::platformTransformColorSpace):
1647         (WebCore::getImageData):
1648         (WebCore::logicalUnit):
1649         (WebCore::backingStoreUnit):
1650         (WebCore::ImageBuffer::getUnmultipliedImageData):
1651         (WebCore::ImageBuffer::getPremultipliedImageData):
1652         (WebCore::ImageBuffer::putByteArray):
1653         (WebCore::ImageBuffer::copyToPlatformTexture):
1654
1655 2016-06-24  Frederic Wang  <fwang@igalia.com>
1656
1657         Refactor RenderMathMLOperator and RenderMathMLToken to avoid using anonymous renderers.
1658         https://bugs.webkit.org/show_bug.cgi?id=155018
1659
1660         Reviewed by Martin Robinson.
1661
1662         No new tests, already covered by existing tests.
1663
1664         We use MathOperator for RenderMathMLOperator to avoid creating anonymous text nodes again
1665         and again. We reimplement implicit mathvariant="italic" on single-char mi in a way that does
1666         not rely on creating anonymous text nodes. Finally, we improve the determination/update of
1667         when mathvariant is italic to avoid breaking foreign-mi-dynamic test.
1668         The change in the render tree structure breaks mfenced accessibility support but that will
1669         be fixed in follow-up patches. The simplifications made here will also allow to simplify the
1670         accessibility code.
1671
1672         * css/mathml.css:
1673         (mo): Deleted. This flexbox rule is no longer needed.
1674         * rendering/mathml/RenderMathMLBlock.cpp:
1675         (WebCore::RenderMathMLBlock::createAnonymousMathMLBlock): Deleted. We no longer need to
1676         create anonymous renderer with this function.
1677         * rendering/mathml/RenderMathMLBlock.h: Delete createAnonymousMathMLBlock.
1678         * rendering/mathml/RenderMathMLOperator.cpp: Implement layout functions without relying on
1679         flexbox or anonymous.
1680         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Handle the case of !useMathOperator()
1681         for which we need to add extra operator spacing after the RenderMathMLToken layout.
1682         (WebCore::RenderMathMLOperator::layoutBlock): Ditto.
1683         (WebCore::RenderMathMLOperator::isChildAllowed): Deleted. We allow the non-anonymous text.
1684         (WebCore::RenderMathMLOperator::rebuildTokenContent): No longer destroy and rebuild
1685         anonymous wrapper. Remove updateStyle call.
1686         (WebCore::RenderMathMLOperator::updateStyle): Deleted. We no longer need anonymous style for the spacing.
1687         * rendering/mathml/RenderMathMLOperator.h: Remove updateStyle() and isChildAllowed().
1688         Make textContent() public so that it can be accessed from the accessibility code.
1689         * rendering/mathml/RenderMathMLToken.cpp: Reimplement implicit mathvariant="italic" by
1690         painting MATHEMATICAL ITALIC characters instead of styling an anonymous wrapper.
1691         (WebCore::RenderMathMLToken::RenderMathMLToken): Init m_mathVariantGlyph and m_mathVariantGlyphDirty
1692         (WebCore::RenderMathMLToken::updateTokenContent): Set mathvariant glyph dirty when the content changes.
1693         (WebCore::transformToItalic): Helper function to map latin and greek alphabets to their
1694         MATHEMATICAL ITALIC counterpart.
1695         (WebCore::RenderMathMLToken::computePreferredLogicalWidths): Implement this function to
1696         handle the case where the mathvariant glyph is used.
1697         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Helper function to update the mathvariant glyph.
1698         For now, we try and keep with the old (and limited) implementation: a mathvariant glyph may
1699         only used for single-char <mi> without mathvariant attribute attached to it.
1700         (WebCore::RenderMathMLToken::styleDidChange): Set the mathvariant glyph dirty when the style
1701         changes.
1702         (WebCore::RenderMathMLToken::updateFromElement): Remove updateStyle call and set mathvariant
1703         glyph dirty.
1704         (WebCore::RenderMathMLToken::firstLineBaseline): Implement this function to handle the case
1705          where the mathvariant glyph is used.
1706         (WebCore::RenderMathMLToken::layoutBlock): Ditto.
1707         (WebCore::RenderMathMLToken::paint): Ditto.
1708         (WebCore::RenderMathMLToken::paintChildren): Ditto.
1709         (WebCore::RenderMathMLToken::addChild): Deleted. No need to bother with anonymous renderer
1710         or style.
1711         (WebCore::RenderMathMLToken::createWrapperIfNeeded): Deleted. Ditto.
1712         (WebCore::RenderMathMLToken::updateStyle): Deleted. Ditto.
1713         * rendering/mathml/RenderMathMLToken.h: Update declarations of functions.
1714         (WebCore::RenderMathMLToken::setMathVariantGlyphDirty): Helper function to indicate that the
1715         mathvariant glyph will need to be updated.
1716
1717 2016-06-24  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1718
1719         Unreviewed EFL build fix.
1720
1721         There is forward declaration build error on EFL port.
1722
1723         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp: Include DOMWindow.h and Document.h.
1724
1725 2016-06-23  Brady Eidson  <beidson@apple.com>
1726
1727         Retrieving Blobs from IndexedDB using cursors fails in WK2 (Sandboxing)
1728         https://bugs.webkit.org/show_bug.cgi?id=158991
1729
1730         Reviewed by Alex Christensen.
1731
1732         Test: storage/indexeddb/modern/blob-cursor.html
1733
1734         * platform/network/BlobDataFileReference.cpp:
1735         (WebCore::BlobDataFileReference::startTrackingModifications): Deleted.
1736
1737 2016-06-23  Alex Christensen  <achristensen@webkit.org>
1738
1739         Remove unused didCancelAuthenticationChallenge
1740         https://bugs.webkit.org/show_bug.cgi?id=158819
1741
1742         Reviewed by David Kilzer.
1743
1744         No change in behavior.  This callback was deprecated in Yosemite.  It is never called.
1745
1746         * loader/EmptyClients.h:
1747         * loader/FrameLoaderClient.h:
1748         * loader/ResourceLoadNotifier.cpp:
1749         (WebCore::ResourceLoadNotifier::didCancelAuthenticationChallenge): Deleted.
1750         * loader/ResourceLoadNotifier.h:
1751         * loader/ResourceLoader.cpp:
1752         (WebCore::ResourceLoader::didCancelAuthenticationChallenge): Deleted.
1753         * loader/ResourceLoader.h:
1754         * platform/network/ResourceHandle.h:
1755         * platform/network/ResourceHandleClient.h:
1756         (WebCore::ResourceHandleClient::didCancelAuthenticationChallenge): Deleted.
1757         * platform/network/mac/ResourceHandleMac.mm:
1758         (WebCore::ResourceHandle::didCancelAuthenticationChallenge): Deleted.
1759         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
1760         (-[WebCoreResourceHandleAsDelegate connection:didCancelAuthenticationChallenge:]): Deleted.
1761         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
1762         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didCancelAuthenticationChallenge:]): Deleted.
1763         * platform/spi/cocoa/NSURLDownloadSPI.h:
1764
1765 2016-06-23  Anders Carlsson  <andersca@apple.com>
1766
1767         Add "shippingType" to the list of valid payment request properties
1768         https://bugs.webkit.org/show_bug.cgi?id=159079
1769         <rdar://problem/26988429>
1770
1771         Reviewed by Dean Jackson.
1772
1773         * Modules/applepay/ApplePaySession.cpp:
1774         (WebCore::isValidPaymentRequestPropertyName):
1775
1776 2016-06-23  Benjamin Poulain  <benjamin@webkit.org>
1777
1778         Specialize synchronous event tracking per event type
1779         https://bugs.webkit.org/show_bug.cgi?id=158826
1780
1781         Reviewed by Simon Fraser.
1782
1783         First, kudos to Rick Byers for all his helps on passive event dispatch.
1784         The specs are pretty damn good and his help reviewing patches is very useful.
1785
1786         This patch change synchronous event dispatch to happen per event
1787         instead of per sequence touchstart->touchend.
1788
1789         The big advantage of this is we can dispatch more events asynchronously.
1790         For example, to handle a tap programmatically, you can limit the active listener
1791         to the touchend event. The touchstart and touchmove are now dispatched asynchronously.
1792
1793         The implementation is a simple extension to EventTrackingRegions.
1794         Instead of a single synchronous region, we have one region per event type.
1795         When processing the events, we only need to send the events synchronously
1796         if that particular event type has a synchronous region.
1797
1798         Note that EventDispatcher's touch event support already supports
1799         mixing synchronous and asynchronous events. The events are always processed
1800         in order even if asynchronous events are pending when a synchronous dispatch
1801         happens.
1802
1803         Tests: fast/events/touch/ios/tap-with-active-listener-inside-document-with-passive-listener.html
1804                fast/events/touch/ios/tap-with-active-listener-inside-window-with-passive-listener.html
1805                fast/events/touch/ios/tap-with-active-touch-end-listener.html
1806                fast/events/touch/ios/tap-with-passive-listener-inside-active-listener.html
1807                fast/events/touch/ios/tap-with-passive-touch-end-listener.html
1808                fast/events/touch/ios/tap-with-passive-touch-start-active-touch-end-listeners-on-elements.html
1809                fast/events/touch/ios/tap-with-passive-touch-start-active-touch-move-listeners-on-elements.html
1810
1811         * CMakeLists.txt:
1812         * WebCore.xcodeproj/project.pbxproj:
1813         * dom/EventTarget.cpp:
1814         (WebCore::EventTarget::hasActiveTouchEventListeners): Deleted.
1815         * dom/EventTarget.h:
1816         * page/DebugPageOverlays.cpp:
1817         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
1818         * page/Page.cpp:
1819         (WebCore::Page::nonFastScrollableRects):
1820         * page/scrolling/ScrollingCoordinator.cpp:
1821         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
1822         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
1823         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
1824         * page/scrolling/ScrollingTree.cpp:
1825         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
1826         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
1827         * page/scrolling/ScrollingTree.h:
1828         * platform/EventTrackingRegions.cpp: Added.
1829         (WebCore::EventTrackingRegions::trackingTypeForPoint):
1830         (WebCore::EventTrackingRegions::isEmpty):
1831         (WebCore::EventTrackingRegions::translate):
1832         (WebCore::EventTrackingRegions::uniteSynchronousRegion):
1833         (WebCore::EventTrackingRegions::unite):
1834         (WebCore::operator==):
1835         * platform/EventTrackingRegions.h:
1836         (WebCore::EventTrackingRegions::isEmpty): Deleted.
1837         (WebCore::EventTrackingRegions::trackingTypeForPoint): Deleted.
1838         (WebCore::operator==): Deleted.
1839
1840 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
1841
1842         More attempting to fix external iOS builds.
1843
1844         * platform/spi/cocoa/QuartzCoreSPI.h:
1845
1846 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
1847
1848         Try to fix the non-internal builds by defining CARenderServerBufferRef.
1849
1850         * platform/spi/cocoa/QuartzCoreSPI.h:
1851
1852 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
1853
1854         [iOS] Make DumpRenderTree and WebKitTestRunner in the simulator use render server snapshotting
1855         https://bugs.webkit.org/show_bug.cgi?id=159077
1856
1857         Reviewed by Tim Horton.
1858
1859         Add CARenderServer SPIs.
1860
1861         Test: fast/harness/snapshot-captures-compositing.html
1862
1863         * platform/spi/cocoa/QuartzCoreSPI.h:
1864
1865 2016-06-23  Brian Burg  <bburg@apple.com>
1866
1867         Web Inspector: add assertions to catch dangling frontends that persist between tests
1868         https://bugs.webkit.org/show_bug.cgi?id=159073
1869
1870         Reviewed by Joseph Pecoraro.
1871
1872         Based on the analysis in https://webkit.org/b/159070, we suspect that some test
1873         flakiness might be caused by dangling frontends from previous test cases. Add an
1874         assertion that should catch any frontends that are attached to the inspected page's
1875         backend. There should never be any frontends connected when a test first starts.
1876
1877         * inspector/InspectorController.cpp:
1878         (WebCore::InspectorController::setIsUnderTest):
1879         * inspector/InspectorController.h:
1880
1881 2016-06-23  Said Abou-Hallawa  <sabouhallawa@apple.com>
1882
1883         requestFrameAnimation() callback timestamp should be very close to Performance.now() 
1884         https://bugs.webkit.org/show_bug.cgi?id=159038
1885
1886         Reviewed by Simon Fraser.
1887
1888         Pass the Performance.now() to requestFrameAnimation() callback. Do not add
1889         the timeUntilOutput which is the difference between outputTime and now since
1890         this addition makes us report a timestamp ahead in the future by almost 33ms.
1891
1892         A new function named "nowTimestamp()" is added to the DOMWindow class. It
1893         calls Performance.now() if WEB_TIMING is enabled, otherwise it calls
1894         monotonicallyIncreasingTime(). The returned timestamp is seconds and it is
1895         relative to the document loading time.
1896
1897         The timestamp passing will be removed all the down till the callers of
1898         ScriptedAnimationController::serviceScriptedAnimations(). The callers will
1899         getting the now timestamp by calling DOMWindow::nowTimestamp().
1900
1901         Tests: animations/animation-callback-timestamp.html
1902                animations/animation-multiple-callbacks-timestamp.html
1903
1904         * dom/Document.cpp:
1905         (WebCore::Document::monotonicTimestamp):
1906         (WebCore::Document::serviceScriptedAnimations):
1907         * dom/Document.h:
1908         * dom/ScriptedAnimationController.cpp:
1909         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
1910         (WebCore::ScriptedAnimationController::animationTimerFired):
1911         (WebCore::ScriptedAnimationController::displayRefreshFired):
1912         * dom/ScriptedAnimationController.h:
1913         * html/HTMLMediaElement.cpp:
1914         (WebCore::HTMLMediaElement::getVideoPlaybackQuality):
1915         * loader/DocumentLoadTiming.h:
1916         (WebCore::DocumentLoadTiming::referenceWallTime):
1917         * page/DOMWindow.cpp:
1918         (WebCore::DOMWindow::nowTimestamp):
1919         * page/DOMWindow.h:
1920         * page/FrameView.cpp:
1921         (WebCore::FrameView::serviceScriptedAnimations):
1922         * page/FrameView.h:
1923         * platform/graphics/DisplayRefreshMonitor.cpp:
1924         (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
1925         (WebCore::DisplayRefreshMonitor::displayDidRefresh):
1926         * platform/graphics/DisplayRefreshMonitor.h:
1927         (WebCore::DisplayRefreshMonitor::setMonotonicAnimationStartTime): Deleted.
1928         * platform/graphics/DisplayRefreshMonitorClient.cpp:
1929         (WebCore::DisplayRefreshMonitorClient::fireDisplayRefreshIfNeeded):
1930         * platform/graphics/DisplayRefreshMonitorClient.h:
1931         * platform/graphics/GraphicsLayerUpdater.cpp:
1932         (WebCore::GraphicsLayerUpdater::displayRefreshFired):
1933         * platform/graphics/GraphicsLayerUpdater.h:
1934         * platform/graphics/ios/DisplayRefreshMonitorIOS.h:
1935         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
1936         (-[WebDisplayLinkHandler handleDisplayLink:]):
1937         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
1938         (WebCore::mediaTimeToCurrentTime): Deleted.
1939         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
1940         (WebCore::displayLinkCallback):
1941         (WebCore::DisplayRefreshMonitorMac::displayLinkFired):
1942         * platform/graphics/mac/DisplayRefreshMonitorMac.h:
1943         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
1944         (WebCore::CompositingCoordinator::syncDisplayState):
1945         (WebCore::CompositingCoordinator::nextAnimationServiceTime):
1946
1947 2016-06-23  David Kilzer  <ddkilzer@apple.com>
1948
1949         Remove unused HarfBuzzFaceCoreText.cpp
1950         <https://webkit.org/b/159065>
1951
1952         Reviewed by Myles C. Maxfield.
1953
1954         * platform/graphics/harfbuzz/HarfBuzzFaceCoreText.cpp: Removed.
1955
1956 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
1957
1958         Web Inspector: Memory Timeline sometimes shows impossible value for bmalloc size (underflowed)
1959         https://bugs.webkit.org/show_bug.cgi?id=158110
1960         <rdar://problem/26498584>
1961
1962         Reviewed by Andreas Kling.
1963
1964         IOSurface memory backing Canvas element buffers should be classified as "GC Owned",
1965         but should not be considered a part of bmalloc. In fact, the actual memory cost is
1966         external to the Web Content Process. The majority of extra memory reporters tend
1967         to report extra memory that is also allocated in bmalloc. However, some report
1968         non-bmalloc memory, such as the IOSurfaces here.
1969         
1970         Continue to report the memory cost without changes to inform the Heap for garbage
1971         collection. However, also keep better accounting of GCOwned memory that is external
1972         to the process for better accounting for the Resource Usage overlay and Web Inspector
1973         Memory timeline.
1974         
1975         This is a bit of a game where we want to display the best possible number for
1976         "GCOwned memory" in the tools, but some of that memory shows up in the other
1977         regions (bmalloc, system malloc, etc). Already many sizes are estimates
1978         (ReportExtraMemory, reportExtraMemory ignores small allocations), so we just focus
1979         on getting the largest sources of allocations, such as Canvas IOSurfaces here,
1980         into the right bucket. ResourceUsageThreadCocoa continues to subtract the "extra"
1981         memory from bmalloc. So, we should address other large sources of "extra memory"
1982         not in bmalloc. A likely candidate is HTMLMediaElement which uses the deprecated
1983         reporting right now.
1984
1985         * bindings/scripts/CodeGeneratorJS.pm:
1986         (GenerateImplementation):
1987         * bindings/scripts/IDLAttributes.txt:
1988         Add a way to report External memory, dependent on reporting Extra memory.
1989
1990         * html/HTMLCanvasElement.cpp:
1991         (WebCore::HTMLCanvasElement::externalMemoryCost):
1992         * html/HTMLCanvasElement.h:
1993         * html/HTMLCanvasElement.idl:
1994         Report external memory cost just like extra memory.
1995
1996         * page/ResourceUsageData.cpp:
1997         (WebCore::ResourceUsageData::ResourceUsageData):
1998         * page/ResourceUsageData.h:
1999         (WebCore::MemoryCategoryInfo::totalSize):
2000         * page/cocoa/ResourceUsageOverlayCocoa.mm:
2001         (WebCore::RingBuffer::at):
2002         (WebCore::appendDataToHistory):
2003         (WebCore::ResourceUsageOverlay::platformDraw):
2004         * page/cocoa/ResourceUsageThreadCocoa.mm:
2005         (WebCore::categoryForVMTag):
2006         (WebCore::ResourceUsageThread::platformThreadBody):
2007         Do not count the GCOwned External memory as dirty memory.
2008         Include External memory output in the overlay.
2009
2010         * inspector/InspectorMemoryAgent.cpp:
2011         (WebCore::InspectorMemoryAgent::collectSample):
2012         When sizing the JavaScript portion, include both the GC Owned
2013         category's dirty and external memory. Ultimately we will
2014         want this everywhere in case things change.
2015
2016         * platform/graphics/ImageBuffer.cpp:
2017         (WebCore::memoryCost):
2018         (WebCore::externalMemoryCost):
2019         * platform/graphics/ImageBuffer.h:
2020         * platform/graphics/cg/ImageBufferCG.cpp:
2021         (WebCore::ImageBuffer::memoryCost):
2022         (WebCore::ImageBuffer::externalMemoryCost):
2023         Report IOSurface total bytes as extra memory and external memory
2024         so that it can be tracked as GC Owned memory that is separate from
2025         regular (bmalloc/other) in process memory.
2026
2027 2016-06-23  Alexey Proskuryakov  <ap@apple.com>
2028
2029         Handle (0, 0) ranges from Lookup
2030         https://bugs.webkit.org/show_bug.cgi?id=159062
2031         rdar://problem/26960385
2032
2033         Reviewed by Tim Horton.
2034
2035         * editing/mac/DictionaryLookup.mm: (WebCore::DictionaryLookup::rangeAtHitTestResult):
2036         Paper over <https://bugs.webkit.org/show_bug.cgi?id=159063>, which seems too involved
2037         to fix now.
2038
2039 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
2040
2041         Web Inspector: first heap snapshot taken when a page is reloaded happens before the reload navigation
2042         https://bugs.webkit.org/show_bug.cgi?id=158995
2043         <rdar://problem/26923778>
2044
2045         Reviewed by Brian Burg.
2046
2047         When the "Heap" instrument is included in the Timeline list
2048         of instruments, defer starting it in an auto-capture scenario
2049         until after the page does its first navigation.
2050
2051         AutoCapture on the backend happens when it is enabled at
2052         the main resource starts loading. In that case it proceeds
2053         through the following phases:
2054
2055             No Auto Capture:
2056                 None
2057
2058             Auto Capture:
2059                 BeforeLoad -> FirstNavigation -> AfterFirstNavigation
2060
2061         When toggling instruments for backend initiated capture
2062         most instruments do not care and will just start/stop.
2063
2064         * inspector/InspectorInstrumentation.cpp:
2065         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
2066         Inform the TimelineAgent that the main frame navigated.
2067         Do this after informing the HeapAgent (so any potential
2068         snapshot does not get cleared) and PageAgent (so the
2069         frontend knows the page navigated before the agent starts).
2070
2071         * inspector/InspectorTimelineAgent.h:
2072         * inspector/InspectorTimelineAgent.cpp:
2073         (WebCore::InspectorTimelineAgent::internalStop):
2074         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
2075         (WebCore::InspectorTimelineAgent::mainFrameNavigated):
2076         Update the auto capture phase transitions.
2077
2078         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
2079         Only start the heap agent during the None phase (console.profile)
2080         or with the first navigation (auto capture page navigation).
2081
2082 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
2083
2084         Web Inspector: Snapshots should be cleared at some point
2085         https://bugs.webkit.org/show_bug.cgi?id=157907
2086         <rdar://problem/26373610>
2087
2088         Reviewed by Timothy Hatcher.
2089
2090         * CMakeLists.txt:
2091         * WebCore.xcodeproj/project.pbxproj:
2092         * inspector/InspectorAllInOne.cpp:
2093         New specialized agent.
2094
2095         * inspector/InspectorController.cpp:
2096         (WebCore::InspectorController::InspectorController):
2097         Construct a specialized HeapAgent.
2098
2099         * inspector/PageHeapAgent.h:
2100         * inspector/PageHeapAgent.cpp:
2101         (WebCore::PageHeapAgent::PageHeapAgent):
2102         (WebCore::PageHeapAgent::enable):
2103         (WebCore::PageHeapAgent::disable):
2104         (WebCore::PageHeapAgent::mainFrameNavigated):
2105         Clear backend snapshots on page navigations.
2106         Set the PageHeapAgent instrumenting agent on enable/disable.
2107
2108         * inspector/InstrumentingAgents.cpp:
2109         (WebCore::InstrumentingAgents::reset):
2110         * inspector/InstrumentingAgents.h:
2111         (WebCore::InstrumentingAgents::pageHeapAgent):
2112         (WebCore::InstrumentingAgents::setPageHeapAgent):
2113         Active PageHeapAgent.
2114
2115         * inspector/InspectorInstrumentation.cpp:
2116         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
2117         Inform the PageHeapAgent when the mainframe navigates.
2118
2119 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
2120
2121         CSSComputedStyleDeclaration::length should recalculate styles if needed to provide the correct value
2122         https://bugs.webkit.org/show_bug.cgi?id=159053
2123         <rdar://problem/26638119>
2124
2125         Reviewed by Simon Fraser.
2126
2127         Test: fast/css/variables/custom-property-computed-style-length-update.html
2128
2129         * css/CSSComputedStyleDeclaration.cpp:
2130         (WebCore::CSSComputedStyleDeclaration::length):
2131
2132 2016-06-23  John Wilander  <wilander@apple.com>
2133
2134         Enable window.open() for existing versions of Secret Society
2135         https://bugs.webkit.org/show_bug.cgi?id=159049
2136         <rdar://problem/26528349>
2137
2138         Reviewed by Andy Estes.
2139
2140         The Secret Society Hidden Mystery app has a broken version check treating iOS 10
2141         as iOS 1 on iPads. Therefore it believes it can use window.open() in a tap
2142         handler. We should allow the existing versions of the app to do this to not break
2143         them.
2144
2145         No new tests. Tested manually in the app.
2146
2147         * page/DOMWindow.cpp:
2148         (WebCore::DOMWindow::allowPopUp):
2149             Now checks with Settings whether it should allow a popup even though it is
2150             not processing a user gesture.
2151         * page/Settings.in:
2152             Added setting allowWindowOpenWithoutUserGesture.
2153         * platform/RuntimeApplicationChecks.h:
2154         * platform/RuntimeApplicationChecks.mm:
2155         (WebCore::IOSApplication::isTheSecretSocietyHiddenMystery):
2156             Added.
2157
2158 2016-06-23  Chris Dumez  <cdumez@apple.com>
2159
2160         Only call sqlite3_initialize() when a SQLite database is actually being opened
2161         https://bugs.webkit.org/show_bug.cgi?id=159033
2162
2163         Reviewed by Brady Eidson.
2164
2165         Only call sqlite3_initialize() when a SQLite database is actually being opened
2166         instead of doing it unconditionally. sqlite3_initialize() was previously called
2167         in the SQLiteDatabase constructor which gets called on WebContent process
2168         initialization because a DatabaseTracker is constructed on initialization and
2169         DatabaseTracker has a SQLiteDatabase data member.
2170
2171         * platform/sql/SQLiteDatabase.cpp:
2172         (WebCore::initializeSQLiteIfNecessary):
2173         (WebCore::SQLiteDatabase::open):
2174         (WebCore::SQLiteDatabase::SQLiteDatabase): Deleted.
2175         * platform/sql/SQLiteDatabase.h:
2176
2177 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2178
2179         WebRTC: Align 'update ICE connection/gathering state' steps with the WebRTC 1.0 specification
2180         https://bugs.webkit.org/show_bug.cgi?id=159054
2181
2182         Reviewed by Eric Carlson.
2183
2184         Add checks for same state and closed RTCPeerConnection in the 'update ICE connection state'
2185         and 'update ICE gathering state' routines as described in [1].
2186
2187         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#update-ice-gathering-state
2188
2189         No change in current behavior.
2190
2191         * Modules/mediastream/RTCPeerConnection.cpp:
2192         (WebCore::RTCPeerConnection::updateIceGatheringState):
2193         (WebCore::RTCPeerConnection::updateIceConnectionState):
2194
2195 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2196
2197         WebRTC: Add support for RTCPeerConnection legacy MediaStream-based API
2198         https://bugs.webkit.org/show_bug.cgi?id=158940
2199
2200         Reviewed by Eric Carlson.
2201
2202         Implement the legacy MediaStream-based RTCPeerConnection API as JS built-ins. The
2203         getRemoteStreams() function and the 'addstream' event are partly implemented with native
2204         code.
2205
2206         Test: fast/mediastream/RTCPeerConnection-legacy-stream-based-api.html
2207
2208         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2209         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
2210         (WebCore::MediaEndpointPeerConnection::getRemoteStreams):
2211         The getRemoteStreams() function and the 'addstream' event is backed up by native code.
2212         * Modules/mediastream/MediaEndpointPeerConnection.h:
2213         * Modules/mediastream/MediaStream.idl:
2214         * Modules/mediastream/PeerConnectionBackend.h:
2215         * Modules/mediastream/RTCPeerConnection.h:
2216         * Modules/mediastream/RTCPeerConnection.idl:
2217         * Modules/mediastream/RTCPeerConnection.js:
2218         (initializeRTCPeerConnection):
2219         (getLocalStreams):
2220         (getRemoteStreams):
2221         (getStreamById):
2222         (addStream):
2223         (removeStream):
2224         Legacy API implemented as JS built-ins.
2225         * bindings/js/JSDOMGlobalObject.cpp:
2226         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2227         * bindings/js/WebCoreBuiltinNames.h:
2228
2229 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
2230
2231         Unreviewed. Fix the build with CSS Shapes disabled.
2232
2233         * css/StyleBuilderConverter.h:
2234
2235 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
2236
2237         [Soup] Clean up SocketStreamHandle soup implementation
2238         https://bugs.webkit.org/show_bug.cgi?id=159024
2239
2240         Reviewed by Žan Doberšek.
2241
2242         Stop using a global HashMap to "acivate"/"deactivate" handles, and just take a reference of the handle and
2243         pass the ownership to the callbacks, using a GCancellable to cancel all async operations.
2244
2245         * platform/network/soup/SocketStreamHandle.h:
2246         (WebCore::SocketStreamHandle::create):
2247         (WebCore::SocketStreamHandle::id): Deleted.
2248         * platform/network/soup/SocketStreamHandleSoup.cpp:
2249         (WebCore::SocketStreamHandle::SocketStreamHandle):
2250         (WebCore::SocketStreamHandle::connected):
2251         (WebCore::SocketStreamHandle::connectedCallback):
2252         (WebCore::SocketStreamHandle::readBytes):
2253         (WebCore::SocketStreamHandle::readReadyCallback):
2254         (WebCore::SocketStreamHandle::didFail):
2255         (WebCore::SocketStreamHandle::platformSend):
2256         (WebCore::SocketStreamHandle::platformClose):
2257         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
2258         (WebCore::SocketStreamHandle::writeReadyCallback):
2259         (WebCore::getHandleFromId): Deleted.
2260         (WebCore::deactivateHandle): Deleted.
2261         (WebCore::activateHandle): Deleted.
2262         (WebCore::SocketStreamHandle::~SocketStreamHandle): Deleted.
2263         (WebCore::connectedCallback): Deleted.
2264         (WebCore::readReadyCallback): Deleted.
2265         (WebCore::writeReadyCallback): Deleted.
2266
2267 2016-06-22  Brady Eidson  <beidson@apple.com>
2268
2269         DatabaseProcess doesn't handle WebProcesses going away uncleanly.
2270         https://bugs.webkit.org/show_bug.cgi?id=158894
2271
2272         Reviewed by Alex Christensen.
2273
2274         No new tests (Covered by additions to existing API test).
2275
2276         * Modules/indexeddb/server/IDBConnectionToClient.cpp:
2277         (WebCore::IDBServer::IDBConnectionToClient::registerDatabaseConnection):
2278         (WebCore::IDBServer::IDBConnectionToClient::unregisterDatabaseConnection):
2279         (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
2280         * Modules/indexeddb/server/IDBConnectionToClient.h:
2281         
2282         * Modules/indexeddb/server/IDBServer.cpp:
2283         (WebCore::IDBServer::IDBServer::unregisterConnection): Call connectionToClientClosed() on
2284           the connection, which cleans up after it in the server.
2285         
2286         * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
2287         (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
2288         (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
2289
2290 2016-06-22  Benjamin Poulain  <bpoulain@apple.com>
2291
2292         AX: Add support for CSS4 :focus-within pseudo
2293         https://bugs.webkit.org/show_bug.cgi?id=140144
2294
2295         Reviewed by Antti Koivisto.
2296
2297         Tests: fast/css/pseudo-focus-within-basics.html
2298                fast/css/pseudo-focus-within-inside-shadow-dom.html
2299                fast/css/pseudo-focus-within-style-sharing-1.html
2300                fast/css/pseudo-focus-within-style-sharing-2.html
2301                fast/selectors/focus-within-style-update.html
2302
2303         * css/CSSSelector.cpp:
2304         (WebCore::CSSSelector::selectorText):
2305         * css/CSSSelector.h:
2306         * css/SelectorChecker.cpp:
2307         (WebCore::SelectorChecker::checkOne):
2308         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
2309         * cssjit/SelectorCompiler.cpp:
2310         (WebCore::SelectorCompiler::addPseudoClassType):
2311         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
2312         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasFocusWithin):
2313         * dom/ContainerNode.cpp:
2314         (WebCore::destroyRenderTreeIfNeeded):
2315         * dom/Element.cpp:
2316         (WebCore::Element::~Element):
2317         (WebCore::Element::setFocus):
2318         (WebCore::Element::unregisterNamedFlowContentElement):
2319         (WebCore::Element::setIsNamedFlowContentElement):
2320         (WebCore::Element::clearIsNamedFlowContentElement):
2321         (WebCore::Element::setStyleAffectedByFocusWithin):
2322         (WebCore::Element::rareDataStyleAffectedByFocusWithin):
2323         (WebCore::Element::rareDataIsNamedFlowContentElement):
2324         * dom/Element.h:
2325         (WebCore::Element::hasFocusWithin):
2326         (WebCore::Element::styleAffectedByFocusWithin):
2327         (WebCore::Element::isNamedFlowContentElement):
2328         (WebCore::Element::setHasFocusWithin):
2329         * dom/ElementRareData.h:
2330         (WebCore::ElementRareData::styleAffectedByFocusWithin):
2331         (WebCore::ElementRareData::setStyleAffectedByFocusWithin):
2332         (WebCore::ElementRareData::isNamedFlowContentElement):
2333         (WebCore::ElementRareData::setIsNamedFlowContentElement):
2334         (WebCore::ElementRareData::ElementRareData):
2335         (WebCore::ElementRareData::resetComputedStyle):
2336         * dom/Node.h:
2337         (WebCore::Node::flagHasFocusWithin):
2338         (WebCore::Node::isNamedFlowContentNode): Deleted.
2339         (WebCore::Node::setIsNamedFlowContentNode): Deleted.
2340         (WebCore::Node::clearIsNamedFlowContentNode): Deleted.
2341         * rendering/RenderNamedFlowThread.cpp:
2342         (WebCore::RenderNamedFlowThread::clearContentElements):
2343         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
2344         (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentElement):
2345         (WebCore::nextNodeInsideContentElement):
2346         * style/RenderTreeUpdater.cpp:
2347         (WebCore::RenderTreeUpdater::updateElementRenderer):
2348         * style/StyleRelations.cpp:
2349         (WebCore::Style::commitRelationsToRenderStyle):
2350         (WebCore::Style::commitRelations):
2351         * style/StyleRelations.h:
2352         * style/StyleSharingResolver.cpp:
2353         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2354
2355 2016-06-22  Oliver Hunt  <oliver@apple.com>
2356
2357         Integrate WebKit's CFURLConnection with App Transport Security
2358         https://bugs.webkit.org/show_bug.cgi?id=159039
2359         <rdar://problem/26953685>
2360
2361         Reviewed by Alex Christensen.
2362
2363         Pass additional options to NSURLConnect initialiser to identify that
2364         this connection is for WebKit content loading.
2365
2366         * platform/network/mac/ResourceHandleMac.mm:
2367         (WebCore::ResourceHandle::createNSURLConnection):
2368
2369 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
2370
2371         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
2372         https://bugs.webkit.org/show_bug.cgi?id=158949
2373         rdar://problem/26867866
2374
2375         Reviewed by Simon Fraser.
2376
2377         No new tests because there is no behavior change. This reverts changes from 
2378         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
2379         to prevent flicker when moving a layer between contexts. 
2380         commitPriority allows the layer to be added to the destination context before it is 
2381         removed from the source context.
2382
2383         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
2384         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
2385         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
2386         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
2387         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
2388         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
2389         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
2390         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
2391         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
2392         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
2393         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
2394         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
2395         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
2396         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
2397         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
2398         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
2399         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
2400         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
2401
2402 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
2403
2404         REGRESSION (r201629): Weird button glitching on github.com
2405         https://bugs.webkit.org/show_bug.cgi?id=159031
2406         rdar://problem/26880332
2407
2408         Reviewed by Tim Horton.
2409
2410         r201629 changed the logic slightly when creating an image buffer for a scaled context;
2411         it set the buffer context's scale to the scale in the source context, but this failed
2412         to take into account the rounding up of the buffer size, which the old code did.
2413
2414         Fix by reverting to the old behavior.
2415
2416         Since buffer sizes can only be integral, changed compatibleBufferSize() to return
2417         an IntSize.
2418
2419         Test: fast/backgrounds/scaled-gradient-background.html
2420
2421         * platform/graphics/ImageBuffer.cpp:
2422         (WebCore::ImageBuffer::createCompatibleBuffer):
2423         (WebCore::ImageBuffer::compatibleBufferSize):
2424         * platform/graphics/ImageBuffer.h:
2425         * platform/graphics/IntRect.h:
2426         (WebCore::IntRect::area):
2427         * platform/graphics/IntSize.h:
2428         (WebCore::IntSize::area): Make this return an unsigned.
2429
2430 2016-06-22  Anders Carlsson  <andersca@apple.com>
2431
2432         Inline the last of the Apple Pay WebCore code
2433         https://bugs.webkit.org/show_bug.cgi?id=159032
2434
2435         Reviewed by Tim Horton.
2436
2437         * loader/EmptyClients.cpp:
2438         (WebCore::fillWithEmptyClients):
2439         * page/MainFrame.cpp:
2440         (WebCore::MainFrame::MainFrame):
2441         * page/MainFrame.h:
2442         * page/PageConfiguration.h:
2443         * platform/cocoa/ThemeCocoa.mm:
2444         (WebCore::passKitBundle):
2445         (WebCore::loadPassKitPDFPage):
2446         (WebCore::applePayButtonLogoBlack):
2447         (WebCore::applePayButtonLogoWhite):
2448         (WebCore::drawApplePayButton):
2449         (WebCore::ThemeCocoa::drawNamedImage):
2450
2451 2016-06-22  Anders Carlsson  <andersca@apple.com>
2452
2453         Exception is not thrown when shipping method is an invalid amount
2454         https://bugs.webkit.org/show_bug.cgi?id=159030
2455         rdar://problem/26700413
2456
2457         Reviewed by Tim Horton.
2458
2459         * Modules/applepay/ApplePaySession.cpp:
2460         (WebCore::createShippingMethods):
2461         Bail if createShippingMethod returns Nullopt.
2462
2463         (WebCore::createPaymentRequest):
2464         Bail if createShippingMethods returns Nullopt.
2465
2466 2016-06-22  Anders Carlsson  <andersca@apple.com>
2467
2468         Exception is not thrown when shipping method is an invalid amount
2469         https://bugs.webkit.org/show_bug.cgi?id=159029
2470         rdar://problem/26700413
2471
2472         Reviewed by Tim Horton.
2473
2474         * Modules/applepay/PaymentRequest.h:
2475         Change ShippingMethod::amount to be a signed 64-bit integer.
2476
2477         * Modules/applepay/PaymentRequestValidator.cpp:
2478         (WebCore::PaymentRequestValidator::validate):
2479         Call validateShippingMethods.
2480
2481         (WebCore::PaymentRequestValidator::validateShippingMethods):
2482         Validate all the shipping methods.
2483
2484         (WebCore::PaymentRequestValidator::validateShippingMethod):
2485         Check that the amount is >= 0.
2486
2487         * Modules/applepay/PaymentRequestValidator.h:
2488         Add new members.
2489
2490 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2491
2492         WebRTC: Add support for the negotiationneeded event in MediaEndpointPeerConnection
2493         https://bugs.webkit.org/show_bug.cgi?id=158985
2494
2495         Reviewed by Eric Carlson.
2496
2497         Implement MediaEndpointPeerConnection's isNegotiationNeeded, markAsNeedingNegotiation and
2498         clearNegotiationNeededState functions. The calls to these functions are already up-to-date.
2499
2500         Test: fast/mediastream/RTCPeerConnection-more-media-to-negotiate.html
2501
2502         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2503         (WebCore::MediaEndpointPeerConnection::markAsNeedingNegotiation):
2504         * Modules/mediastream/MediaEndpointPeerConnection.h:
2505         * Modules/mediastream/RTCPeerConnection.cpp:
2506         (WebCore::RTCPeerConnection::scheduleNegotiationNeededEvent):
2507
2508 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2509
2510         WebRTC: Replace RTCPeerConnection custom constructor with a JS built-in constructor
2511         https://bugs.webkit.org/show_bug.cgi?id=158832
2512
2513         Reviewed by Eric Carlson and Youenn Fablet.
2514
2515         Use a JS built-in constructor instead of a custom constructor. This makes it easier to
2516         initialize private fields for functions implemented as JS built-ins. The constructor
2517         behavior is in need of updating, but that is left to a follow-up change [1].
2518
2519         [1] http://webkit.org/b/158936
2520         No change in behavior.
2521
2522         * CMakeLists.txt:
2523         * Modules/mediastream/RTCPeerConnection.cpp:
2524         (WebCore::RTCPeerConnection::create):
2525         (WebCore::RTCPeerConnection::RTCPeerConnection):
2526         (WebCore::RTCPeerConnection::~RTCPeerConnection):
2527         (WebCore::RTCPeerConnection::initializeWith):
2528         * Modules/mediastream/RTCPeerConnection.h:
2529         * Modules/mediastream/RTCPeerConnection.idl:
2530         * Modules/mediastream/RTCPeerConnection.js:
2531         (initializeRTCPeerConnection):
2532         Add JS built-in constructor function.
2533         * WebCore.xcodeproj/project.pbxproj:
2534         * bindings/js/JSRTCPeerConnectionCustom.cpp: Removed.
2535         (WebCore::constructJSRTCPeerConnection): Deleted.
2536
2537 2016-06-22  Youenn Fablet  <youenn@apple.com>
2538
2539         CrossOriginPreflightChecker should call DocumentThreadableLoader preflightFailure instead of didFailLoading
2540         https://bugs.webkit.org/show_bug.cgi?id=158984
2541
2542         Reviewed by Darin Adler.
2543
2544         No change of behavior.
2545
2546         Calling DocumentThreadableLoader preflightFailure instead of didFailLoading for any preflight error case.
2547
2548         * loader/CrossOriginPreflightChecker.cpp:
2549         (WebCore::CrossOriginPreflightChecker::notifyFinished): Directly calling preflightFailure callback.
2550         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
2551         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure): Deleted.
2552         (WebCore::CrossOriginPreflightChecker::redirectReceived): Deleted (should have been removed as part of
2553         https://bugs.webkit.org/show_bug.cgi?id=111008).
2554         * loader/CrossOriginPreflightChecker.h:
2555
2556 2016-06-22  Youenn Fablet  <youennf@gmail.com>
2557
2558         JSDOMIterator forEach should support second optional parameter
2559         https://bugs.webkit.org/show_bug.cgi?id=159020
2560
2561         Reviewed by Chris Dumez.
2562
2563         Covered by beefed up test.
2564
2565         * bindings/js/JSDOMIterator.h:
2566         (WebCore::iteratorForEach): Setting callback thisValue to the second argument passed to forEach.
2567
2568 2016-06-22  Jer Noble  <jer.noble@apple.com>
2569
2570         Media controls stop working after exiting PiP
2571         https://bugs.webkit.org/show_bug.cgi?id=159026
2572         <rdar://problem/26753579>
2573
2574         Reviewed by Eric Carlson.
2575
2576         Do not slave setting WebVideoFullscreenModelVideoElement::setVideoElement() to
2577         WebPlaybackSessionModelVideoElement::setMediaElement(). After all, someone else
2578         (i.e., the media controls) may still be using it.
2579
2580         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
2581         (WebVideoFullscreenModelVideoElement::setVideoElement): Deleted.
2582         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
2583         (WebVideoFullscreenControllerContext::didCleanupFullscreen):
2584         (WebVideoFullscreenControllerContext::setUpFullscreen):
2585
2586 2016-06-22  Jer Noble  <jer.noble@apple.com>
2587
2588         Update document's isPlayingMedia() state whenever media element's media state changes
2589         https://bugs.webkit.org/show_bug.cgi?id=159018
2590         <rdar://problem/26586630>
2591
2592         Reviewed by Beth Dakin.
2593
2594         The Document can end up with a stale m_mediaState if its own value isn't updated when
2595         its constituent HTMLMediaElement's m_mediaStates change.
2596
2597         * html/HTMLMediaElement.cpp:
2598         (WebCore::HTMLMediaElement::updateMediaState):
2599
2600 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
2601
2602         Crash under GraphicsLayerCA::recursiveCommitChanges() with deep layer trees
2603         https://bugs.webkit.org/show_bug.cgi?id=159023
2604         rdar://problem/25377842
2605
2606         Reviewed by Tim Horton.
2607
2608         Having an on-stack DisplayList::Recorder increased the stack frame size significantly,
2609         causing stack exhaustion with deep layer trees, despite the existing depth check.
2610
2611         Make the Recorder heap-allocated to fix this.
2612
2613         Tested by LayoutTests/compositing//layer-creation/deep-tree.html.
2614
2615         * platform/graphics/ca/GraphicsLayerCA.cpp:
2616         (WebCore::GraphicsLayerCA::recursiveCommitChanges):
2617
2618 2016-06-22  Carlos Garcia Campos  <cgarcia@igalia.com>
2619
2620         [GTK] Add support for variadic parameters to GObject DOM bindings
2621         https://bugs.webkit.org/show_bug.cgi?id=158942
2622
2623         Reviewed by Michael Catanzaro.
2624
2625         Generate code for functions having variadic parameters.
2626
2627         * bindings/scripts/CodeGeneratorGObject.pm:
2628         (GenerateFunction):
2629         (SkipFunction):
2630         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2631         (webkit_dom_test_obj_variadic_string_method):
2632         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2633
2634 2016-06-21  Benjamin Poulain  <bpoulain@apple.com>
2635
2636         :hover CSS pseudo-class sometimes keeps matching ever after mouse has left the element
2637         https://bugs.webkit.org/show_bug.cgi?id=158340
2638
2639         Reviewed by Simon Fraser.
2640
2641         When removing a hovered subtree from the document, we were getting
2642         into an inconsistent state where m_hoveredElement is in the detached
2643         subtree and we have no way of clearing the existing IsHovered flags.
2644
2645         What happens is:
2646         -The root "a" has an child "b" that is hovered.
2647         -"a" starts being removed from the tree, its renderer is destroyed.
2648         -RenderTreeUpdater::tearDownRenderers() pushes "a" on the teardownStack
2649          and calls hoveredElementDidDetach().
2650         -hoveredElementDidDetach() is called with "a". "a" is not the hovered
2651          element, the function does nothing.
2652         -RenderTreeUpdater::tearDownRenderers() pushes "b" on the teardownStack
2653          and calls hoveredElementDidDetach().
2654         -hoveredElementDidDetach() is called with "b". The next parent with a renderer
2655          is "a", m_hoveredElement is set to "a".
2656         -"a"'s parent is set to nullptr.
2657
2658         -> We have a m_hoveredElement on the root of a detached tree, making
2659            it impossible to clear the real dirty tree.
2660
2661         This patch changes the order in which we clear the flags.
2662         It is done in the order in which we clear the renderers to ensure
2663         the last element with a dead renderer is the last to update m_hoveredElement.
2664
2665         Tests: fast/css/ancestor-of-hovered-element-detached.html
2666                fast/css/ancestor-of-hovered-element-removed.html
2667
2668         * Source/WebCore/style/RenderTreeUpdater.cpp:
2669
2670 2016-06-21  Youenn Fablet  <youennf@gmail.com>
2671
2672         [Fetch API] Rename 'origin-only' referrer policy to 'origin'
2673         https://bugs.webkit.org/show_bug.cgi?id=158982
2674
2675         Reviewed by Alex Christensen.
2676
2677         Covered by updated tests.
2678
2679         * Modules/fetch/FetchRequest.cpp:
2680         (WebCore::setReferrerPolicy): Renaming origin-only to origin.
2681         * Modules/fetch/FetchRequest.idl: Ditto.
2682         * loader/FetchOptions.h: Ditto.
2683
2684 2016-06-21  Chris Dumez  <cdumez@apple.com>
2685
2686         Let the compiler generate the move constructor and assignment operator for ScriptExecutionContext::Task
2687         https://bugs.webkit.org/show_bug.cgi?id=159013
2688
2689         Reviewed by Brady Eidson.
2690
2691         Let the compiler generate the move constructor and assignment operator for
2692         ScriptExecutionContext::Task. We previously manually defined the move
2693         constructor but there is no need as it doesn't do anything special.
2694
2695         * dom/ScriptExecutionContext.h:
2696
2697 2016-06-21  Dean Jackson  <dino@apple.com>
2698
2699         DumpRenderTree crashed in com.apple.WebCore: WebCore::HTMLSelectElement::updateSelectedState
2700         https://bugs.webkit.org/show_bug.cgi?id=159009
2701         <rdar://problem/23454623>
2702
2703         Reviewed by Jon Lee.
2704
2705         It seems we can get bogus indices from UIKit's implementation
2706         of UIWebSelectMultiplePicker. Guard against this situation.
2707
2708         Covered by running the existing tests in WebKit1 with Guard Malloc,
2709         such as fast/spatial-navigation/snav-multiple-select-optgroup.html
2710
2711         * html/HTMLSelectElement.cpp:
2712         (WebCore::HTMLSelectElement::updateSelectedState): Early return
2713         if we get an index out of range.
2714
2715 2016-06-21  Chris Dumez  <cdumez@apple.com>
2716
2717         Pass ScriptExecutionContext::Task as rvalue reference
2718         https://bugs.webkit.org/show_bug.cgi?id=159007
2719
2720         Reviewed by Anders Carlsson.
2721
2722         Pass ScriptExecutionContext::Task as rvalue reference since its non-copyable
2723         and has to be moved in.
2724
2725         * workers/WorkerLoaderProxy.h:
2726         * workers/WorkerMessagingProxy.cpp:
2727         (WebCore::WorkerMessagingProxy::postTaskToLoader):
2728         (WebCore::WorkerMessagingProxy::postTaskForModeToWorkerGlobalScope):
2729         * workers/WorkerMessagingProxy.h:
2730         * workers/WorkerRunLoop.cpp:
2731         (WebCore::WorkerRunLoop::postTask):
2732         (WebCore::WorkerRunLoop::postTaskAndTerminate):
2733         (WebCore::WorkerRunLoop::postTaskForMode):
2734         (WebCore::WorkerRunLoop::Task::Task):
2735         * workers/WorkerRunLoop.h:
2736
2737 2016-06-21  Anders Carlsson  <andersca@apple.com>
2738
2739         Include IdentifierInlines.h.
2740
2741         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp:
2742
2743 2016-06-21  Anders Carlsson  <andersca@apple.com>
2744
2745         Add PaymentHeaders.h file.
2746
2747         * Modules/applepay/PaymentHeaders.h: Added.
2748         * WebCore.xcodeproj/project.pbxproj:
2749
2750 2016-06-21  Anders Carlsson  <andersca@apple.com>
2751
2752         Make a bunch of Apple Pay headers private instead of project.
2753
2754         * WebCore.xcodeproj/project.pbxproj:
2755
2756 2016-06-21  Anders Carlsson  <andersca@apple.com>
2757
2758         Move the last Apple Pay WebCore files to the open source repository
2759         https://bugs.webkit.org/show_bug.cgi?id=159005
2760
2761         Reviewed by Tim Horton.
2762
2763         * DerivedSources.make:
2764         * Modules/applepay/ApplePayPaymentAuthorizedEvent.cpp: Added.
2765         * Modules/applepay/ApplePayPaymentAuthorizedEvent.h: Added.
2766         * Modules/applepay/ApplePayPaymentAuthorizedEvent.idl: Added.
2767         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.cpp: Added.
2768         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.h: Added.
2769         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.idl: Added.
2770         * Modules/applepay/ApplePaySession.cpp: Added.
2771         * Modules/applepay/ApplePaySession.h: Added.
2772         * Modules/applepay/ApplePaySession.idl: Added.
2773         * Modules/applepay/ApplePayShippingContactSelectedEvent.cpp: Added.
2774         * Modules/applepay/ApplePayShippingContactSelectedEvent.h: Added.
2775         * Modules/applepay/ApplePayShippingContactSelectedEvent.idl: Added.
2776         * Modules/applepay/ApplePayShippingMethodSelectedEvent.cpp: Added.
2777         * Modules/applepay/ApplePayShippingMethodSelectedEvent.h: Added.
2778         * Modules/applepay/ApplePayShippingMethodSelectedEvent.idl: Added.
2779         * Modules/applepay/ApplePayValidateMerchantEvent.cpp: Added.
2780         * Modules/applepay/ApplePayValidateMerchantEvent.h: Added.
2781         * Modules/applepay/ApplePayValidateMerchantEvent.idl: Added.
2782         * Modules/applepay/Payment.h: Added.
2783         * Modules/applepay/PaymentAuthorizationStatus.h: Added.
2784         * Modules/applepay/PaymentContact.h: Added.
2785         * Modules/applepay/PaymentMerchantSession.h: Added.
2786         * Modules/applepay/PaymentMethod.h: Added.
2787         * Modules/applepay/PaymentRequestValidator.cpp: Added.
2788         * Modules/applepay/PaymentRequestValidator.h: Added.
2789         * Modules/applepay/cocoa/PaymentContactCocoa.mm: Added.
2790         * Modules/applepay/cocoa/PaymentMethodCocoa.mm: Added.
2791         * WebCore.xcodeproj/project.pbxproj:
2792         * bindings/js/JSApplePayPaymentAuthorizedEventCustom.cpp: Added.
2793         * bindings/js/JSApplePayPaymentMethodSelectedEventCustom.cpp: Added.
2794         * bindings/js/JSApplePaySessionCustom.cpp: Added.
2795         * bindings/js/JSApplePayShippingContactSelectedEventCustom.cpp: Added.
2796         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp: Added.
2797         * dom/EventNames.in:
2798         * dom/EventTargetFactory.in:
2799
2800 2016-06-21  Anders Carlsson  <andersca@apple.com>
2801
2802         Fix build.
2803
2804         * Configurations/FeatureDefines.xcconfig:
2805
2806 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
2807
2808         Unreviewed, rolling out r202302, r202303, r202305, and
2809         r202306.
2810
2811         Roll out the rollouts because of breaking the build.
2812
2813         Reverted changesets:
2814
2815         "Unreviewed, rolling out r200678."
2816         https://bugs.webkit.org/show_bug.cgi?id=157453
2817         http://trac.webkit.org/changeset/202302
2818
2819         "Unreviewed, rolling out r200619."
2820         https://bugs.webkit.org/show_bug.cgi?id=131443
2821         http://trac.webkit.org/changeset/202303
2822
2823         "Unreviewed, attempt to fix the build after r202303."
2824         http://trac.webkit.org/changeset/202305
2825
2826         "Unreviewed, attempt to fix the build after r202303."
2827         http://trac.webkit.org/changeset/202306
2828
2829 2016-06-21  Chris Dumez  <cdumez@apple.com>
2830
2831         Unreviewed, attempt to fix the build after r202303.
2832
2833         * bindings/js/JSDOMIterator.h:
2834         (WebCore::IteratorInspector::decltype):
2835         (WebCore::IteratorInspector::test):
2836
2837 2016-06-21  Chris Dumez  <cdumez@apple.com>
2838
2839         Unreviewed, attempt to fix the build after r202303.
2840
2841         * bindings/js/JSDOMIterator.h:
2842         (WebCore::toJS):
2843
2844 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
2845
2846         Unreviewed, rolling out r200619.
2847
2848         This incompleted feature broke http://m.yahoo.co.jp. Roll it
2849         out together with r200678.
2850
2851         Reverted changeset:
2852
2853         "NodeList should be iterable"
2854         https://bugs.webkit.org/show_bug.cgi?id=131443
2855         http://trac.webkit.org/changeset/200619
2856
2857 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
2858
2859         Unreviewed, rolling out r200678.
2860
2861         This incompleted feature broke http://m.yahoo.co.jp. Roll it
2862         out together with r200619.
2863
2864         Reverted changeset:
2865
2866         "Ensure DOM iterators remain done"
2867         https://bugs.webkit.org/show_bug.cgi?id=157453
2868         http://trac.webkit.org/changeset/200678
2869
2870 2016-06-21  Anders Carlsson  <andersca@apple.com>
2871
2872         Begin moving the Apple Pay code to the open source repository
2873         https://bugs.webkit.org/show_bug.cgi?id=158998
2874
2875         Reviewed by Tim Horton.
2876
2877         * Configurations/FeatureDefines.xcconfig:
2878         Add ENABLE_APPLE_PAY.
2879
2880         * Modules/applepay/PaymentCoordinator.cpp: Added.
2881         * Modules/applepay/PaymentCoordinator.h: Added.
2882         * Modules/applepay/PaymentCoordinatorClient.h: Added.
2883         * Modules/applepay/PaymentRequest.cpp: Added.
2884         * Modules/applepay/PaymentRequest.h: Added.
2885         * Modules/applepay/cocoa/PaymentCocoa.mm: Added.
2886         * WebCore.xcodeproj/project.pbxproj:
2887         Add new files.
2888
2889         * dom/EventNames.h:
2890         Add new event names.
2891
2892         * page/MainFrame.h:
2893         Use a forward declaration.
2894
2895 2016-06-21  Said Abou-Hallawa  <sabouhallawa@apple,com>
2896
2897         Add system tracing points for requestAnimationFrame() workflow
2898         https://bugs.webkit.org/show_bug.cgi?id=158723
2899
2900         Reviewed by Simon Fraser.
2901
2902         Add trace points for requestAnimationFrame().
2903
2904         * dom/ScriptedAnimationController.cpp:
2905         (WebCore::ScriptedAnimationController::requestAnimationFrameEnabled):
2906         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
2907         (WebCore::ScriptedAnimationController::windowScreenDidChange):
2908         (WebCore::ScriptedAnimationController::scheduleAnimation):
2909         * dom/ScriptedAnimationController.h:
2910         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
2911         (WebCore::DisplayRefreshMonitorIOS::requestRefreshCallback):
2912         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
2913
2914 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
2915
2916         [iOS] Typing text into a text field or text area causes screen to scroll down (hiding text entry)
2917         https://bugs.webkit.org/show_bug.cgi?id=158970
2918
2919         Reviewed by Ryosuke Niwa.
2920
2921         insertTextWithoutSendingTextEvent() should only reveal the selection up to the main frame on iOS,
2922         since the UI process can zoom and scroll the view to the text input.
2923
2924         Test: fast/forms/ios/typing-in-input-in-iframe.html
2925
2926         * editing/Editor.cpp:
2927         (WebCore::Editor::insertTextWithoutSendingTextEvent):
2928
2929 2016-06-21  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2930
2931         WebRTC: Remove unused MediaEndpointClient::gotRemoteSource function
2932         https://bugs.webkit.org/show_bug.cgi?id=158986
2933
2934         Reviewed by Eric Carlson.
2935
2936         Remote sources are explicitly created with MediaEndpoint::createMutedRemoteSource so the
2937         MediaEndpointClient::gotRemoteSource can be removed.
2938
2939         No change in behavior.
2940
2941         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2942         (WebCore::MediaEndpointPeerConnection::gotRemoteSource): Deleted.
2943         * Modules/mediastream/MediaEndpointPeerConnection.h:
2944         * platform/mediastream/MediaEndpoint.h:
2945
2946 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
2947
2948         Focus event dispatched in iframe causes parent document to scroll incorrectly
2949         https://bugs.webkit.org/show_bug.cgi?id=158629
2950         rdar://problem/26521616
2951
2952         Reviewed by Tim Horton.
2953
2954         When focussing elements in iframes, the page could scroll to an incorrect location.
2955         This happened because code in Element::focus() tried to disable scrolling on focus,
2956         but did so only for the current frame, so ancestor frames got programmatically scrolled.
2957         On iOS we handle the scrolling in the UI process, so never want the web process to
2958         do programmatic scrolling.
2959
2960         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
2961         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
2962         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
2963
2964         Tests: fast/forms/ios/focus-input-in-iframe.html
2965                fast/forms/ios/programmatic-focus-input-in-iframe.html
2966
2967         * dom/Document.h:
2968         * dom/Element.cpp:
2969         (WebCore::Element::scrollIntoView):
2970         (WebCore::Element::scrollIntoViewIfNeeded):
2971         (WebCore::Element::scrollIntoViewIfNotVisible):
2972         (WebCore::Element::focus):
2973         (WebCore::Element::updateFocusAppearance):
2974         * dom/Element.h:
2975         * editing/Editor.cpp:
2976         (WebCore::Editor::insertTextWithoutSendingTextEvent):
2977         (WebCore::Editor::revealSelectionAfterEditingOperation):
2978         (WebCore::Editor::findStringAndScrollToVisible):
2979         * editing/FrameSelection.cpp:
2980         (WebCore::FrameSelection::updateAndRevealSelection):
2981         (WebCore::FrameSelection::revealSelection):
2982         (WebCore::FrameSelection::FrameSelection): Deleted.
2983         * editing/FrameSelection.h:
2984         * html/HTMLInputElement.cpp:
2985         (WebCore::HTMLInputElement::updateFocusAppearance):
2986         * html/HTMLTextAreaElement.cpp:
2987         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
2988         * page/ContextMenuController.cpp:
2989         (WebCore::ContextMenuController::contextMenuItemSelected):
2990         * page/FrameView.cpp:
2991         (WebCore::FrameView::scrollToAnchor):
2992         * rendering/RenderLayer.cpp:
2993         (WebCore::RenderLayer::scrollRectToVisible):
2994         (WebCore::RenderLayer::autoscroll):
2995         * rendering/RenderLayer.h:
2996         * rendering/RenderObject.cpp:
2997         (WebCore::RenderObject::scrollRectToVisible):
2998         * rendering/RenderObject.h:
2999
3000 2016-06-21  Frederic Wang  <fwang@igalia.com>
3001
3002         Implement RenderMathMLOperator::layoutBlock
3003         https://bugs.webkit.org/show_bug.cgi?id=157521
3004
3005         Reviewed by Brent Fulgham.
3006
3007         No new tests, already covered by existing tests.
3008
3009         Add an initial implementation of RenderMathMLOperator::layoutBlock, which will perform
3010         special layout when the MathOperator is used. We also improved how the logical height is
3011         calculated and avoid updating the style when stretchTo is called.
3012
3013         * rendering/mathml/RenderMathMLOperator.cpp:
3014         (WebCore::RenderMathMLOperator::stretchTo):
3015         (WebCore::RenderMathMLOperator::layoutBlock):
3016         (WebCore::RenderMathMLOperator::computeLogicalHeight): Deleted.
3017         * rendering/mathml/RenderMathMLOperator.h:
3018
3019 2016-06-21  Chris Dumez  <cdumez@apple.com>
3020
3021         Unreviewed, roll out r202268 as it looks like it was a ~50% regression on Dromaeo DOM Core
3022
3023         * bindings/scripts/CodeGeneratorJS.pm:
3024         (GenerateImplementation):
3025         (GeneratePrototypeDeclaration):
3026         * bindings/scripts/test/JS/JSInterfaceName.cpp:
3027         (WebCore::JSInterfaceNamePrototype::finishCreation):
3028         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3029         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
3030         (WebCore::JSTestActiveDOMObject::createPrototype): Deleted.
3031         (WebCore::JSTestActiveDOMObject::prototype): Deleted.
3032         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
3033         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
3034         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
3035         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
3036         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
3037         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
3038         (WebCore::JSTestCustomNamedGetter::JSTestCustomNamedGetter): Deleted.
3039         (WebCore::JSTestCustomNamedGetter::createPrototype): Deleted.
3040         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
3041         (WebCore::JSTestEventConstructorPrototype::finishCreation):
3042         (WebCore::JSTestEventConstructor::createPrototype): Deleted.
3043         (WebCore::JSTestEventConstructor::prototype): Deleted.
3044         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3045         (WebCore::JSTestEventTargetPrototype::finishCreation):
3046         (WebCore::JSTestEventTarget::JSTestEventTarget): Deleted.
3047         (WebCore::JSTestEventTarget::createPrototype): Deleted.
3048         * bindings/scripts/test/JS/JSTestException.cpp:
3049         (WebCore::JSTestExceptionPrototype::finishCreation):
3050         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
3051         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
3052         * bindings/scripts/test/JS/JSTestInterface.cpp:
3053         (WebCore::JSTestInterfacePrototype::finishCreation):
3054         (WebCore::jsTestInterfaceImplementsStr2): Deleted.
3055         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
3056         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
3057         (WebCore::JSTestJSBuiltinConstructor::JSTestJSBuiltinConstructor): Deleted.
3058         (WebCore::JSTestJSBuiltinConstructor::createPrototype): Deleted.
3059         (WebCore::JSTestJSBuiltinConstructor::destroy): Deleted.
3060         (WebCore::jsTestJSBuiltinConstructorTestAttributeCustom): Deleted.
3061         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3062         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
3063         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener): Deleted.
3064         (WebCore::JSTestMediaQueryListListener::createPrototype): Deleted.
3065         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
3066         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
3067         * bindings/scripts/test/JS/JSTestNode.cpp:
3068         (WebCore::JSTestNodePrototype::finishCreation):
3069         (WebCore::JSTestNode::JSTestNode): Deleted.
3070         (WebCore::JSTestNode::prototype): Deleted.
3071         (WebCore::jsTestNodeName): Deleted.
3072         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
3073         (WebCore::JSTestNondeterministicPrototype::finishCreation):
3074         (WebCore::JSTestNondeterministic::JSTestNondeterministic): Deleted.
3075         (WebCore::JSTestNondeterministic::prototype): Deleted.
3076         (WebCore::JSTestNondeterministic::destroy): Deleted.
3077         * bindings/scripts/test/JS/JSTestObj.cpp:
3078         (WebCore::JSTestObjPrototype::finishCreation):
3079         (WebCore::JSTestObj::JSTestObj): Deleted.
3080         (WebCore::JSTestObj::createPrototype): Deleted.
3081         (WebCore::JSTestObj::prototype): Deleted.
3082         (WebCore::JSTestObj::destroy): Deleted.
3083         (WebCore::JSTestObj::getOwnPropertySlot): Deleted.
3084         (WebCore::JSTestObj::getOwnPropertySlotByIndex): Deleted.
3085         (WebCore::jsTestObjReadOnlyLongAttr): Deleted.
3086         (WebCore::jsTestObjReadOnlyStringAttr): Deleted.
3087         (WebCore::jsTestObjReadOnlyTestObjAttr): Deleted.
3088         (WebCore::jsTestObjConstructorStaticReadOnlyLongAttr): Deleted.
3089         (WebCore::jsTestObjConstructorStaticStringAttr): Deleted.
3090         (WebCore::jsTestObjConstructorTestSubObj): Deleted.
3091         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor): Deleted.
3092         (WebCore::jsTestObjEnumAttr): Deleted.
3093         (WebCore::jsTestObjByteAttr): Deleted.
3094         (WebCore::jsTestObjOctetAttr): Deleted.
3095         (WebCore::jsTestObjShortAttr): Deleted.
3096         (WebCore::jsTestObjClampedShortAttr): Deleted.
3097         (WebCore::jsTestObjEnforceRangeShortAttr): Deleted.
3098         (WebCore::jsTestObjUnsignedShortAttr): Deleted.
3099         (WebCore::jsTestObjLongAttr): Deleted.
3100         (WebCore::jsTestObjLongLongAttr): Deleted.
3101         (WebCore::jsTestObjReflectedCustomBooleanAttr): Deleted.
3102         (WebCore::jsTestObjReflectedCustomURLAttr): Deleted.
3103         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
3104         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
3105         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3106         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
3107         (WebCore::JSTestOverrideBuiltins::JSTestOverrideBuiltins): Deleted.
3108         (WebCore::JSTestOverrideBuiltins::createPrototype): Deleted.
3109         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3110         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
3111         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface): Deleted.
3112         (WebCore::JSTestSerializedScriptValueInterface::prototype): Deleted.
3113         (WebCore::JSTestSerializedScriptValueInterface::destroy): Deleted.
3114         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3115         (WebCore::JSTestTypedefsPrototype::finishCreation):
3116         (WebCore::JSTestTypedefs::JSTestTypedefs): Deleted.
3117         (WebCore::JSTestTypedefs::createPrototype): Deleted.
3118         (WebCore::JSTestTypedefs::prototype): Deleted.
3119         (WebCore::JSTestTypedefs::destroy): Deleted.
3120         (WebCore::jsTestTypedefsUnsignedLongLongAttr): Deleted.
3121         (WebCore::jsTestTypedefsImmutableSerializedScriptValue): Deleted.
3122         (WebCore::jsTestTypedefsAttrWithGetterException): Deleted.
3123         * bindings/scripts/test/JS/JSattribute.cpp:
3124         (WebCore::JSattributePrototype::finishCreation):
3125         * bindings/scripts/test/JS/JSreadonly.cpp:
3126         (WebCore::JSreadonlyPrototype::finishCreation):
3127
3128 2016-06-21  Keith Miller  <keith_miller@apple.com>
3129
3130         It should be easy to add a private global helper function for builtins
3131         https://bugs.webkit.org/show_bug.cgi?id=158893
3132
3133         Reviewed by Mark Lam.
3134
3135         Add JSCJSValueInlines.h to fix build issues.
3136
3137         * platform/mock/mediasource/MockBox.cpp:
3138
3139 2016-06-21  Amir Alavi  <aalavi@apple.com>
3140
3141         Upstream WKHTTPCookiesForURL from WebKitSystemInterface to OpenSource
3142         https://bugs.webkit.org/show_bug.cgi?id=158967
3143
3144         Reviewed by Brent Fulgham.
3145
3146         * platform/ios/WebCoreSystemInterfaceIOS.mm:
3147         * platform/mac/WebCoreSystemInterface.h:
3148         * platform/mac/WebCoreSystemInterface.mm:
3149         * platform/network/mac/CookieJarMac.mm:
3150         (WebCore::httpCookiesForURL): Upstreamed from WebKitSystemInterface.
3151         (WebCore::cookiesForURL): Changed to call httpCookiesForURL.
3152         (WebCore::deleteCookie): Ditto.
3153         * platform/spi/cf/CFNetworkSPI.h:
3154
3155 2016-06-21  Chris Dumez  <cdumez@apple.com>
3156
3157         Unreviewed, rolling out r202231.
3158
3159         Seems to have regressed PLT on both iOS and Mac (very obvious
3160         on iOS Warm PLT)
3161
3162         Reverted changeset:
3163
3164         "When navigating, discard decoded image data that is only live
3165         due to page cache."
3166         https://bugs.webkit.org/show_bug.cgi?id=158941
3167         http://trac.webkit.org/changeset/202231
3168
3169 2016-06-21  Youenn Fablet  <youennf@gmail.com>
3170
3171         Add bindings generator support to add a native JS function to both a 'name' and a private '@name' slot
3172         https://bugs.webkit.org/show_bug.cgi?id=158777
3173
3174         Reviewed by Eric Carlson.
3175
3176         Adding a new PublicIdentifier keyword to cover the case of the same function exposed publicly and privately.
3177         Renaming Private keyword to PrivateIdentifier.
3178         Functions exposed both publicly and privately should set both keywords.
3179         By default, functions are publically exposed.
3180
3181         Updated binding generator to generate public exposure except if PrivateIdentifer is set and PublicIdentifier is
3182         not set.
3183
3184         Keeping skipping of ObjC/GObject binding for PrivateIdentifier-only functions.
3185
3186         Covered by rebased binding tests.
3187
3188         * Modules/fetch/FetchHeaders.idl:
3189         * Modules/fetch/FetchResponse.idl:
3190         * Modules/mediastream/MediaDevices.idl:
3191         * Modules/mediastream/RTCPeerConnection.idl:
3192         * bindings/scripts/CodeGeneratorGObject.pm:
3193         (SkipFunction):
3194         * bindings/scripts/CodeGeneratorJS.pm:
3195         (GeneratePropertiesHashTable):
3196         (GenerateImplementation):
3197         * bindings/scripts/CodeGeneratorObjC.pm:
3198         (SkipFunction):
3199         * bindings/scripts/IDLAttributes.txt:
3200         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
3201         (webkit_dom_test_obj_private_also_method):
3202         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
3203         * bindings/scripts/test/JS/JSTestObj.cpp:
3204         (WebCore::JSTestObjPrototype::finishCreation):
3205         (WebCore::jsTestObjPrototypeFunctionPrivateMethod):
3206         (WebCore::jsTestObjPrototypeFunctionPrivateAlsoMethod):
3207         * bindings/scripts/test/ObjC/DOMTestObj.h:
3208         * bindings/scripts/test/ObjC/DOMTestObj.mm:
3209         (-[DOMTestObj privateAlsoMethod:]):
3210         * bindings/scripts/test/TestObj.idl:
3211
3212 2016-06-21  Dan Bernstein  <mitz@apple.com>
3213
3214         Inlined some picture-in-picture code.
3215         https://bugs.webkit.org/show_bug.cgi?id=158977
3216
3217         Reviewed by Eric Carlsson.
3218
3219         This code was written primarily by Ada Chan, and originally reviewed by Alex Christensen,
3220         Anders Carlsson, Conrad Shultz, Dan Bernstein, Eric Carlson, Jer Noble, Jeremy Jones,
3221         Jon Lee, Remy Demarest, and Zach Li.
3222
3223         * English.lproj/Localizable.strings:
3224           Updated using update-webkit-localizable-strings.
3225
3226         * Modules/mediacontrols/mediaControlsApple.css:
3227         (video:-webkit-full-screen::-webkit-media-controls-panel .picture-in-picture-button):
3228
3229         * Modules/mediacontrols/mediaControlsApple.js:
3230         (Controller.prototype.configureFullScreenControls):
3231
3232         * WebCore.xcodeproj/project.pbxproj: Added PIPSPI.h.
3233
3234         * html/HTMLMediaElement.cpp: Inlined code from HTMLMediaElementAdditions.cpp.
3235
3236         * html/HTMLVideoElement.cpp: Inlined code from HTMLVideoElementSupportsFullscreenAdditions.cpp.
3237
3238         * platform/LocalizedStrings.cpp:
3239         (WebCore::contextMenuItemTagEnterVideoEnhancedFullscreen): Brought in from ContextMenuLocalizedStringsAdditions.cpp.
3240         (WebCore::contextMenuItemTagExitVideoEnhancedFullscreen): Ditto.
3241         (WebCore::AXARIAContentGroupText): Made updates that should have been part of r198543.
3242
3243         * platform/mac/WebVideoFullscreenInterfaceMac.h: Removed USE(APPLE_INTERNAL_SDK) guards.
3244         * platform/mac/WebVideoFullscreenInterfaceMac.mm: Inlined WebVideoFullscreenInterfaceMacAdditions.mm.
3245
3246         * platform/spi/mac/PIPSPI.h: Added.
3247
3248         * rendering/HitTestResult.cpp: Inlined HitTestResultAdditions.cpp.
3249
3250         * rendering/RenderThemeMac.mm:
3251         (WebCore::RenderThemeMac::mediaControlsStyleSheet): Removed include of
3252           RenderThemeMacMediaControlsStyleSheetAdditions.mm now that the content is in
3253           mediaControlsApple.css.
3254         (WebCore::RenderThemeMac::mediaControlsScript): Removed include of
3255           RenderThemeMacMediaControlsScriptAdditions.mm now that the content is in mediaControlsApple.js.
3256
3257 2016-06-21  Miguel Gomez  <magomez@igalia.com>
3258
3259         [GStreamer] video orientation support
3260         https://bugs.webkit.org/show_bug.cgi?id=148524
3261
3262         Reviewed by Philippe Normand.
3263
3264         Rotate video frames to follow the orientation metadata in the video file.
3265         When accelerated compositing is disabled, the rotation is performed by a videoflip element added
3266         to the playbin.
3267         When accelerated compositing is enabled, the rotation is peformed by the TextureMapper in response
3268         to a rotation flag set on the frame buffers.
3269
3270         Test: media/video-orientation.html
3271
3272         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3273         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
3274         Handle the GST_MESSAGE_TAG message from the bin.
3275         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
3276         Add the videflip element to the bin when accelerated compositing is disabled.
3277         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3278         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
3279         Receive and use extra flags for the TextureMapper.
3280         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
3281         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
3282         When using accelerated compositing, transpose the video size if the rotation is 90 or 270 degrees.
3283         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
3284         Add rotation flag to frame holder and layer buffer.
3285         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
3286         Use rotation flag when requesting the TextureMapper to draw.
3287         (WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceRotation):
3288         Function to store the video rotation.
3289         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
3290         Add bits to store the video rotation.
3291         * platform/graphics/texmap/TextureMapperGL.cpp:
3292         (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
3293         Modify the patternTransform according to the rotation flag passed.
3294         * platform/graphics/texmap/TextureMapperGL.h:
3295         Add new flags to handle the video souce rotation.
3296         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
3297         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
3298         Change the drawTexture method used so custom flags can be passed.
3299         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
3300         (WebCore::TextureMapperPlatformLayerBuffer::setExtraFlags):
3301         New method to set TextureMapper flags.
3302
3303 2016-06-20  Frederic Wang  <fwang@igalia.com>
3304
3305         Use the MathOperator to handle some non-stretchy operators
3306         https://bugs.webkit.org/show_bug.cgi?id=157519
3307
3308         Reviewed by Brent Fulgham.
3309
3310         To prepare for the removal of anonymous text node from the render classes of token elements
3311         we use MathOperator to handle two cases where the actual text to display may not be
3312         available in the DOM: mfenced and minus operators. This change removes support for the
3313         case of mfenced operators with multiple characters since that it is not supported by
3314         MathOperator. It is a edge case that is not used in practice since fences and separators are
3315         only made of a single character. However, it would still be possible to duplicate some
3316         code/logic to add it back if that turns out to be necessary.
3317
3318         No new tests, already covered by existing tests.
3319
3320         * rendering/mathml/MathOperator.cpp:
3321         (WebCore::MathOperator::MathOperator): Rename UndefinedOperator.
3322         (WebCore::RenderMathMLOperator::firstLineBaseline): Improve rounding of ascent so that mfenced operators are correctly aligned.
3323         * rendering/mathml/MathOperator.h: Rename UndefinedOperator, since it can now be used to draw non-stretchy operators.
3324         (WebCore::MathOperator::isStretched): Deleted. This function is no longer used by RenderMathMLOperator.
3325         (WebCore::MathOperator::unstretch): Deleted. This function is no longer used by RenderMathMLOperator.
3326         * rendering/mathml/RenderMathMLOperator.cpp:
3327         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Use useMathOperator.
3328         (WebCore::RenderMathMLOperator::rebuildTokenContent): Set the MathOperator when useMathOperator() is true.
3329         When the operator is not likely to stretch we just leave its type as NormalOperator.
3330         (WebCore::RenderMathMLOperator::useMathOperator): Helper function to determine when MathOperator should be used.
3331         (WebCore::RenderMathMLOperator::firstLineBaseline): Use useMathOperator.
3332         (WebCore::RenderMathMLOperator::computeLogicalHeight): Ditto.
3333         (WebCore::RenderMathMLOperator::paint): Ditto.
3334         (WebCore::RenderMathMLOperator::paintChildren): Ditto.
3335         * rendering/mathml/RenderMathMLOperator.h: Declare useMathOperator.
3336
3337 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
3338
3339         Don't eagerly reify DOM Prototype properties
3340         https://bugs.webkit.org/show_bug.cgi?id=158557
3341
3342         Reviewed by Andreas Kling.
3343
3344         We were eagerly reifying these properties to avoid virtualizing getOwnPropertySlot,
3345         but since bug #158059 this does not require a method table call in any case.
3346         Eagerly reifying these values likely has some CPU and memory cost on page load.
3347
3348         * bindings/scripts/CodeGeneratorJS.pm:
3349         (GenerateImplementation):
3350             - should generate compressed index for hashtable,
3351               prototype object ClassInfo should contain static table,
3352               don't reifyStaticProperties for prototype objects.
3353         (GeneratePrototypeDeclaration):
3354             - Set HasStaticPropertyTable for DOM prototype objects.
3355         * bindings/scripts/test/JS/JSInterfaceName.cpp:
3356         (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype):
3357         (WebCore::JSInterfaceNamePrototype::finishCreation):
3358         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3359         (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
3360         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
3361         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
3362         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype):
3363         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
3364         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
3365         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
3366         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
3367         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
3368         (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
3369         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
3370         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
3371         (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
3372         (WebCore::JSTestEventConstructorPrototype::finishCreation):
3373         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3374         (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
3375         (WebCore::JSTestEventTargetPrototype::finishCreation):
3376         * bindings/scripts/test/JS/JSTestException.cpp:
3377         (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
3378         (WebCore::JSTestExceptionPrototype::finishCreation):
3379         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
3380         (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype):
3381         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
3382         * bindings/scripts/test/JS/JSTestInterface.cpp:
3383         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
3384         (WebCore::JSTestInterfacePrototype::finishCreation):
3385         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
3386         (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype):
3387         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
3388         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3389         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
3390         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
3391         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
3392         (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
3393         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
3394         * bindings/scripts/test/JS/JSTestNode.cpp:
3395         (WebCore::JSTestNodePrototype::JSTestNodePrototype):
3396         (WebCore::JSTestNodePrototype::finishCreation):
3397         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
3398         (WebCore::JSTestNondeterministicPrototype::JSTestNondeterministicPrototype):
3399         (WebCore::JSTestNondeterministicPrototype::finishCreation):
3400         * bindings/scripts/test/JS/JSTestObj.cpp:
3401         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
3402         (WebCore::JSTestObjPrototype::finishCreation):
3403         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
3404         (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
3405         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
3406         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3407         (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype):
3408         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
3409         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3410         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
3411         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
3412         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3413         (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
3414         (WebCore::JSTestTypedefsPrototype::finishCreation):
3415         * bindings/scripts/test/JS/JSattribute.cpp:
3416         (WebCore::JSattributePrototype::JSattributePrototype):
3417         (WebCore::JSattributePrototype::finishCreation):
3418         * bindings/scripts/test/JS/JSreadonly.cpp:
3419         (WebCore::JSreadonlyPrototype::JSreadonlyPrototype):
3420         (WebCore::JSreadonlyPrototype::finishCreation):
3421
3422 2016-06-20  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3423
3424         WebRTC: RTCIceCandidate init dictionary don't handle explicit null or undefined values correctly
3425         https://bugs.webkit.org/show_bug.cgi?id=158873
3426
3427         Reviewed by Alejandro G. Castro.
3428
3429         Prevent explicit null and undefined values from being converted to "null" and "undefined"
3430         strings.
3431
3432         Test: Extended fast/mediastream/RTCIceCandidate.html
3433
3434         * Modules/mediastream/RTCIceCandidate.cpp:
3435         (WebCore::RTCIceCandidate::create):
3436
3437 2016-06-20  Commit Queue  <commit-queue@webkit.org>
3438
3439         Unreviewed, rolling out r202252.
3440         https://bugs.webkit.org/show_bug.cgi?id=158974
3441
3442         See rdar://problem/26867866 for details (Requested by ap on
3443         #webkit).
3444
3445         Reverted changeset:
3446
3447         "Adopt commitPriority to get rid of the 2 AVPL solution for
3448         PiP"
3449         https://bugs.webkit.org/show_bug.cgi?id=158949
3450         http://trac.webkit.org/changeset/202252
3451
3452 2016-06-20  Commit Queue  <commit-queue@webkit.org>
3453
3454         Unreviewed, rolling out r202243.
3455         https://bugs.webkit.org/show_bug.cgi?id=158972
3456
3457         Broke Windows build and iOS tests (Requested by ap on
3458         #webkit).
3459
3460         Reverted changeset:
3461
3462         "Focus event dispatched in iframe causes parent document to
3463         scroll incorrectly"
3464         https://bugs.webkit.org/show_bug.cgi?id=158629
3465         http://trac.webkit.org/changeset/202243
3466
3467 2016-06-20  Chris Dumez  <cdumez@apple.com>
3468
3469         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks()
3470         https://bugs.webkit.org/show_bug.cgi?id=158968
3471
3472         Reviewed by Ryosuke Niwa.
3473
3474         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks():
3475         - Use modern ancestorsOfType<HTMLAnchorElement>() to traverse anchor ancestors
3476           instead of traversing by hand.
3477         - Use NodeTraversal::next() to traverse the tree until we find endNode and
3478           use a for loop instead of a while loop. Previously, the logic the determine
3479           the next node was at the end of the loop and was identical behavior-wise
3480           to NodeTraversal::next(). However, the previous code for a lot less efficient
3481           because it was calling Node::childNodes() to get a NodeList of the children,
3482           then calling length() on it to check if we had children and finally use
3483           the first item in the list as next node. This was very inefficient because
3484           NodeList::length() would need to traverse all children to figure out the
3485           length and would cache all the children in a Vector in CollectionIndexCache.
3486
3487         * dom/ElementAncestorIterator.h:
3488         (WebCore::ancestorsOfType):
3489         * dom/ElementIterator.h:
3490         (WebCore::findElementAncestorOfType):
3491         (WebCore::findElementAncestorOfType<Element>):
3492         Update ancestorsOfType() to take a Node instead of an Element. There are no
3493         performance benefits to taking an Element here and it is a valid use case to
3494         want an Element ancestor of a non-Element node.
3495
3496         * editing/cocoa/DataDetection.mm:
3497         (WebCore::searchForLinkRemovingExistingDDLinks):
3498         (WebCore::dataDetectorTypeForCategory): Deleted.
3499
3500 2016-06-20  Commit Queue  <commit-queue@webkit.org>
3501
3502         Unreviewed, rolling out r202248.
3503         https://bugs.webkit.org/show_bug.cgi?id=158960
3504
3505         breaks builds on the simulator (Requested by keith_mi_ on
3506         #webkit).
3507
3508         Reverted changeset:
3509
3510         "It should be easy to add a private global helper function for
3511         builtins"
3512         https://bugs.webkit.org/show_bug.cgi?id=158893
3513         http://trac.webkit.org/changeset/202248
3514
3515 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
3516
3517         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
3518         https://bugs.webkit.org/show_bug.cgi?id=158949
3519         rdar://problem/26867866
3520
3521         Reviewed by Simon Fraser.
3522
3523         No new tests because there is no behavior change. This reverts changes from 
3524         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
3525         to prevent flicker when moving a layer between contexts. 
3526         commitPriority allows the layer to be added to the destination context before it is 
3527         removed from the source context.
3528
3529         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
3530         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
3531         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
3532         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
3533         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
3534         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
3535         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
3536         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
3537         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
3538         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
3539         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
3540         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
3541         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
3542         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
3543         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
3544         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
3545         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
3546         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
3547
3548 2016-06-20  Zalan Bujtas  <zalan@apple.com>
3549
3550         Set the end position on the placeholder BidiRun properly.
3551         https://bugs.webkit.org/show_bug.cgi?id=158958
3552
3553         Reviewed by Myles C. Maxfield.
3554         rdar://problem/26609266
3555
3556         The second paramenter for BidiRun indicates the end position and not the length of the run.
3557         This was regressed at r102875 where only the start position was changed from 0 to pos.
3558
3559         Test: fast/text/international/bidi-style-in-isolate-crash.html
3560
3561         * rendering/InlineIterator.h:
3562         (WebCore::addPlaceholderRunForIsolatedInline):
3563
3564 2016-06-20  Fujii Hironori  <Hironori.Fujii@sony.com>
3565
3566         A composition underline is placed to wrong position in RTL
3567         https://bugs.webkit.org/show_bug.cgi?id=158602
3568
3569         Reviewed by Myles C. Maxfield.
3570
3571         InlineTextBox::paintCompositionUnderline does not take RTL into
3572         account.  The position of composition underline should be
3573         mirrored in RTL.
3574
3575         Test: editing/input/composition-underline-rtl.html
3576
3577         * rendering/InlineTextBox.cpp:
3578         (WebCore::mirrorRTLSegment): New helper function to convert RTL start position to LTR.
3579         (WebCore::InlineTextBox::paintDecoration): Use mirrorRTLSegment.
3580         (WebCore::InlineTextBox::paintCompositionUnderline): Ditto.
3581
3582 2016-06-20  Keith Miller  <keith_miller@apple.com>
3583
3584         It should be easy to add a private global helper function for builtins
3585         https://bugs.webkit.org/show_bug.cgi?id=158893
3586
3587         Reviewed by Mark Lam.
3588
3589         Add JSCJSValueInlines.h to fix build issues.
3590
3591         * platform/mock/mediasource/MockBox.cpp:
3592
3593 2016-06-20  Benjamin Poulain  <benjamin@webkit.org>
3594
3595         :default CSS pseudo-class should match checkboxes+radios with a `checked` attribute
3596         https://bugs.webkit.org/show_bug.cgi?id=156230
3597
3598         Reviewed by Alex Christensen.
3599
3600         This patch update the :default pseudo class matching to be closer to the spec:
3601         https://html.spec.whatwg.org/multipage/scripting.html#selector-default
3602
3603         The main remaining difference with the spec is the definition of "default button".
3604         This is an unrelated problem that should be addressed separately.
3605
3606         The implementation was missing support for:
3607         -input elements of type "checkbox" or "radio" with the "checked" attribute defined.
3608         -option elements with the "selected" attribute defined.
3609
3610         The existing support for default button was pretty bad, I fixed that too.
3611         The owner form now has a resetDefaultButton() API. When a Form Associated Element
3612         becomes a submit button or loses that property, the element calls its form
3613         to update the style as needed.
3614
3615         Whenever the submit button changes, 2 elements needs to have their style invalidated:
3616         -The former default button.
3617         -The new default button.
3618         To invalidate the former button, FormElement now caches the computed
3619         default button. When the default button changes, the cached value is invalidated
3620         in addition to the new value.
3621
3622         Computing the new default button takes linear time in the number of form associated element.
3623         To mitigate that, resetDefaultButton() is only called when changes are related
3624         to submit buttons. Since those changes are rare, I don't expect the invalidation
3625         to be a problem.
3626
3627         Tests: fast/css/pseudo-default-basics.html
3628                fast/selectors/default-style-update.html
3629
3630         * css/SelectorChecker.cpp:
3631         (WebCore::SelectorChecker::checkOne):
3632         * css/SelectorCheckerTestFunctions.h:
3633         (WebCore::matchesDefaultPseudoClass):
3634         (WebCore::isDefaultButtonForForm): Deleted.
3635         * cssjit/SelectorCompiler.cpp:
3636         (WebCore::SelectorCompiler::addPseudoClassType):
3637         * dom/Element.cpp:
3638         (WebCore::Element::matchesValidPseudoClass):
3639         (WebCore::Element::matchesInvalidPseudoClass):
3640         (WebCore::Element::matchesDefaultPseudoClass):
3641         * dom/Element.h:
3642         (WebCore::Element::matchesValidPseudoClass): Deleted.
3643         (WebCore::Element::matchesInvalidPseudoClass): Deleted.
3644         (WebCore::Element::isDefaultButtonForForm): Deleted.
3645         * html/HTMLButtonElement.cpp:
3646         (WebCore::HTMLButtonElement::parseAttribute):
3647         (WebCore::HTMLButtonElement::matchesDefaultPseudoClass):
3648         * html/HTMLButtonElement.h:
3649         * html/HTMLFormControlElement.cpp:
3650         (WebCore::HTMLFormControlElement::isDefaultButtonForForm): Deleted.
3651         * html/HTMLFormControlElement.h:
3652         * html/HTMLFormElement.cpp:
3653         (WebCore::HTMLFormElement::~HTMLFormElement):
3654         (WebCore::HTMLFormElement::registerFormElement):
3655         (WebCore::HTMLFormElement::removeFormElement):
3656         (WebCore::HTMLFormElement::defaultButton):
3657         (WebCore::HTMLFormElement::resetDefaultButton):
3658         * html/HTMLFormElement.h:
3659         * html/HTMLInputElement.cpp:
3660         (WebCore::HTMLInputElement::updateType):
3661         (WebCore::HTMLInputElement::parseAttribute):
3662         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
3663         * html/HTMLInputElement.h:
3664         * html/HTMLOptionElement.cpp:
3665         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
3666         (WebCore::HTMLOptionElement::parseAttribute):
3667         * html/HTMLOptionElement.h:
3668         * style/StyleSharingResolver.cpp:
3669         (WebCore::Style::SharingResolver::canShareStyleWithElement):
3670         (WebCore::Style::canShareStyleWithControl): Deleted.
3671
3672 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
3673
3674         Focus event dispatched in iframe causes parent document to scroll incorrectly
3675         https://bugs.webkit.org/show_bug.cgi?id=158629
3676         rdar://problem/26521616
3677
3678         Reviewed by Tim Horton.
3679
3680         When focussing elements in iframes, the page could scroll to an incorrect location.
3681         This happened because code in Element::focus() tried to disable scrolling on focus,
3682         but did so only for the current frame, so ancestor frames got programmatically scrolled.
3683         On iOS we handle the scrolling in the UI process, so never want the web process to
3684         do programmatic scrolling.
3685
3686         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
3687         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
3688         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
3689
3690         Tests: fast/forms/ios/focus-input-in-iframe.html
3691                fast/forms/ios/programmatic-focus-input-in-iframe.html
3692
3693         * dom/Document.h:
3694         * dom/Element.cpp:
3695         (WebCore::Element::scrollIntoView):
3696         (WebCore::Element::scrollIntoViewIfNeeded):
3697         (WebCore::Element::scrollIntoViewIfNotVisible):
3698         (WebCore::Element::focus):
3699         (WebCore::Element::updateFocusAppearance):
3700         * dom/Element.h:
3701         * editing/Editor.cpp:
3702         (WebCore::Editor::insertTextWithoutSendingTextEvent):
3703         (WebCore::Editor::revealSelectionAfterEditingOperation):
3704         (WebCore::Editor::findStringAndScrollToVisible):
3705         * editing/FrameSelection.cpp:
3706         (WebCore::FrameSelection::updateAndRevealSelection):
3707         (WebCore::FrameSelection::revealSelection):
3708         (WebCore::FrameSelection::FrameSelection): Deleted.
3709         * editing/FrameSelection.h:
3710         * html/HTMLInputElement.cpp:
3711         (WebCore::HTMLInputElement::updateFocusAppearance):
3712         * html/HTMLTextAreaElement.cpp:
3713         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
3714         * page/ContextMenuController.cpp:
3715         (WebCore::ContextMenuController::contextMenuItemSelected):
3716         * page/FrameView.cpp:
3717         (WebCore::FrameView::scrollToAnchor):
3718         * rendering/RenderLayer.cpp:
3719         (WebCore::RenderLayer::scrollRectToVisible):
3720         (WebCore::RenderLayer::autoscroll):
3721         * rendering/RenderLayer.h:
3722         * rendering/RenderObject.cpp:
3723         (WebCore::RenderObject::scrollRectToVisible):
3724         * rendering/RenderObject.h:
3725
3726 2016-06-20  Keith Rollin  <krollin@apple.com>
3727
3728         Remove RefPtr::release() and change calls sites to use WTFMove()
3729         https://bugs.webkit.org/show_bug.cgi?id=158369
3730
3731         Reviewed by Chris Dumez.
3732
3733         RefPtr::release() releases its managed pointer awkwardly. It's more
3734         direct and clearer to use WTFMove to transfer ownership of the managed
3735         pointer.
3736
3737         As part of this cleanup, also change a lot of explicit data types to
3738         'auto'.
3739
3740         No new tests: there's no new functionality, just a refactoring of
3741         existing code.
3742
3743         * Modules/mediasource/SourceBuffer.cpp:
3744         (WebCore::removeSamplesFromTrackBuffer):
3745         (WebCore::SourceBuffer::provideMediaData):
3746         * Modules/mediastream/UserMediaRequest.cpp:
3747         (WebCore::UserMediaRequest::start):
3748         * Modules/webdatabase/SQLCallbackWrapper.h:
3749         (WebCore::SQLCallbackWrapper::clear):
3750         * bindings/js/JSDOMWindowCustom.cpp:
3751         (WebCore::handlePostMessage):
3752         * bindings/js/JSHistoryCustom.cpp:
3753         (WebCore::JSHistory::pushState):
3754         (WebCore::JSHistory::replaceState):
3755         * bindings/js/JSMessagePortCustom.h:
3756         (WebCore::handlePostMessage):
3757         * bindings/js/ScriptControllerMac.mm:
3758         (WebCore::ScriptController::createScriptInstanceForWidget):
3759         * bindings/js/SerializedScriptValue.cpp:
3760         (WebCore::CloneDeserializer::readTerminal):
3761         * css/CSSComputedStyleDeclaration.cpp:
3762         (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
3763         * css/SVGCSSParser.cpp:
3764         (WebCore::CSSParser::parseSVGValue):
3765         * css/StyleBuilderConverter.h:
3766         (WebCore::StyleBuilderConverter::convertShapeValue):
3767         * css/StyleProperties.cpp:
3768         (WebCore::StyleProperties::copyPropertiesInSet):
3769         * css/StyleResolver.cpp:
3770         (WebCore::StyleResolver::loadPendingImages):
3771         * dom/InlineStyleSheetOwner.cpp:
3772         (WebCore::InlineStyleSheetOwner::clearSheet):
3773         * editing/ApplyStyleCommand.cpp:
3774         (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
3775         * editing/CompositeEditCommand.cpp:
3776         (WebCore::CompositeEditCommand::removeChildrenInRange):
3777         (WebCore::CompositeEditCommand::removeNodeAndPruneAncestors):
3778         (WebCore::CompositeEditCommand::prune):
3779         (WebCore::CompositeEditCommand::replaceSelectedTextInNode):
3780         (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring):
3781         * editing/CreateLinkCommand.cpp:
3782         (WebCore::CreateLinkCommand::doApply):
3783         * editing/EditingStyle.cpp:
3784         (WebCore::EditingStyle::mergeStyle):
3785         (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
3786         * editing/Editor.cpp:
3787         (WebCore::ClearTextCommand::CreateAndApply):
3788         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
3789         * editing/EditorCommand.cpp:
3790         (WebCore::executeInsertNode):
3791         * editing/InsertTextCommand.cpp:
3792         (WebCore::InsertTextCommand::performOverwrite):
3793         (WebCore::InsertTextCommand::insertTab):
3794         * editing/RemoveNodePreservingChildrenCommand.cpp:
3795         (WebCore::RemoveNodePreservingChildrenCommand::doApply):
3796         * editing/ReplaceSelectionCommand.cpp:
3797         (WebCore::ReplacementFragment::removeNodePreservingChildren):
3798         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
3799         * html/FTPDirectoryDocument.cpp:
3800         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
3801         * html/HTMLFontElement.cpp:
3802         (WebCore::HTMLFontElement::collectStyleForPresentationAttribute):
3803         * html/HTMLFormElement.cpp:
3804         (WebCore::HTMLFormElement::prepareForSubmission):
3805         * html/HTMLTableElement.cpp:
3806         (WebCore::leakBorderStyle):
3807         (WebCore::leakGroupBorderStyle):
3808         * html/parser/HTMLDocumentParser.cpp:
3809         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
3810         * html/track/InbandDataTextTrack.cpp:
3811         (WebCore::InbandDataTextTrack::addDataCue):
3812         * html/track/InbandGenericTextTrack.cpp:
3813         (WebCore::InbandGenericTextTrack::newCuesParsed):
3814         * html/track/InbandWebVTTTextTrack.cpp:
3815         (WebCore::InbandWebVTTTextTrack::newCuesParsed):
3816         * html/track/TextTrackCueList.cpp:
3817         (WebCore::TextTrackCueList::add):
3818         * inspector/InspectorCSSAgent.cpp:
3819         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
3820         * inspector/InspectorDOMAgent.cpp:
3821         (WebCore::InspectorDOMAgent::pushChildNodesToFrontend):
3822         * inspector/InspectorIndexedDBAgent.cpp:
3823         * inspector/InspectorNetworkAgent.cpp:
3824         (WebCore::InspectorNetworkAgent::loadResource):
3825         * inspector/InspectorStyleSheet.cpp:
3826         (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
3827         * loader/FormSubmission.cpp:
3828         (WebCore::FormSubmission::create):
3829         * loader/FrameLoader.cpp:
3830         (WebCore::FrameLoader::loadURLIntoChildFrame):
3831         (WebCore::FrameLoader::loadURL):
3832         (WebCore::FrameLoader::loadPostRequest):
3833         * loader/ProgressTracker.cpp:
3834         (WebCore::ProgressTracker::finalProgressComplete):
3835         * loader/appcache/ApplicationCacheGroup.cpp:
3836         (WebCore::ApplicationCacheGroup::disassociateDocumentLoader):
3837         (WebCore::ApplicationCacheGroup::didFinishLoading):
3838         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
3839         * loader/appcache/ApplicationCacheStorage.cpp:
3840         (WebCore::ApplicationCacheStorage::loadCacheGroup):
3841         (WebCore::ApplicationCacheStorage::cacheGroupForURL):
3842         (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):
3843         (WebCore::ApplicationCacheStorage::loadCache):
3844         * loader/archive/ArchiveResourceCollection.cpp:
3845         (WebCore::ArchiveResourceCollection::popSubframeArchive):
3846         * loader/archive/cf/LegacyWebArchive.cpp:
3847         (WebCore::LegacyWebArchive::extract):
3848         (WebCore::LegacyWebArchive::create):
3849         (WebCore::LegacyWebArchive::createFromSelection):
3850         * loader/cache/CachedImage.cpp:
3851         (WebCore::CachedImage::createImage):
3852         * loader/icon/IconDatabase.cpp:
3853         (WebCore::IconDatabase::setIconDataForIconURL):
3854         (WebCore::IconDatabase::getOrCreateIconRecord):
3855         (WebCore::IconDatabase::readFromDatabase):
3856         (WebCore::IconDatabase::getImageDataForIconURLFromSQLDatabase):
3857         * page/DOMWindow.cpp:
3858         (WebCore::DOMWindow::sessionStorage):
3859         (WebCore::DOMWindow::localStorage):
3860         * page/EventHandler.cpp:
3861         (WebCore::EventHandler::updateDragAndDrop):
3862         * page/animation/CompositeAnimation.cpp:
3863         (WebCore::CompositeAnimation::updateTransitions):
3864         * page/csp/ContentSecurityPolicy.cpp:
3865         (WebCore::ContentSecurityPolicy::reportViolation):
3866         * page/mac/ServicesOverlayController.mm:
3867         (WebCore::ServicesOverlayController::createOverlayIfNeeded):
3868         (WebCore::ServicesOverlayController::determineActiveHighlight):
3869         * page/scrolling/AsyncScrollingCoordinator.h:
3870         (WebCore::AsyncScrollingCoordinator::releaseScrollingTree):
3871         * page/scrolling/ScrollingStateNode.cpp:
3872         (WebCore::ScrollingStateNode::cloneAndReset):
3873         * page/scrolling/ScrollingStateTree.cpp:
3874         (WebCore::ScrollingStateTree::attachNode):
3875         * platform/audio/HRTFElevation.cpp:
3876         (WebCore::getConcatenatedImpulseResponsesForSubject):
3877         * platform/graphics/DisplayRefreshMonitorManager.cpp:
3878         (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
3879         * platform/graphics/FontCascadeFonts.cpp:
3880         (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
3881         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3882         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
3883         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
3884         (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
3885         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3886         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
3887         * platform/graphics/ca/GraphicsLayerCA.cpp:
3888         * platform/graphics/ca/PlatformCALayer.cpp:
3889         (WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
3890         * platform/graphics/cg/ImageBufferDataCG.cpp:
3891         (WebCore::ImageBufferData::getData):
3892         * platform/graphics/filters/FilterEffect.cpp:
3893         (WebCore::FilterEffect::asUnmultipliedImage):
3894         (WebCore::FilterEffect::asPremultipliedImage):
3895         * platform/graphics/mac/ImageMac.mm:
3896         (WebCore::Image::loadPlatformResource):
3897         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3898         (WebCore::GraphicsContext3D::createForCurrentGLContext):
3899         (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
3900         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
3901         (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
3902         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
3903         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
3904         (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
3905         * platform/network/BlobRegistryImpl.cpp:
3906         (WebCore::BlobRegistryImpl::registerBlobURL):
3907         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
3908         * platform/network/ResourceHandle.cpp:
3909         (WebCore::ResourceHandle::create):
3910         * platform/network/cf/FormDataStreamCFNet.cpp:
3911         (WebCore::formCreate):
3912         * platform/text/BidiContext.cpp:
3913         (WebCore::BidiContext::copyStackRemovingUnicodeEmbeddingContexts):
3914         * rendering/FilterEffectRenderer.cpp:
3915         (WebCore::FilterEffectRenderer::build):
3916         * rendering/RenderLayer.cpp:
3917         (WebCore::RenderLayer::createScrollbar):
3918         * rendering/RenderListBox.cpp:
3919         (WebCore::RenderListBox::createScrollbar):
3920         * rendering/RenderMenuList.cpp:
3921         (RenderMenuList::createScrollbar):
3922         * rendering/RenderSearchField.cpp:
3923         (WebCore::RenderSearchField::createScrollbar):
3924         * replay/ReplayController.cpp:
3925         (WebCore::ReplayController::unloadSegment):
3926         * svg/SVGFEDiffuseLightingElement.cpp:
3927         (WebCore::SVGFEDiffuseLightingElement::build):
3928         * svg/SVGFESpecularLightingElement.cpp:
3929         (WebCore::SVGFESpecularLightingElement::build):
3930         * svg/properties/SVGListProperty.h:
3931         (WebCore::SVGListProperty::getItemValuesAndWrappers):
3932         (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
3933         (WebCore::SVGListProperty::removeItemValuesAndWrappers):
3934         * workers/WorkerThread.cpp:
3935         (WebCore::WorkerThread::workerThread):
3936         * xml/XMLHttpRequest.cpp:
3937         (WebCore::XMLHttpRequest::internalAbort):
3938         * xml/XPathStep.cpp:
3939         (WebCore::XPath::Step::nodesInAxis):
3940
3941 2016-06-20  Eric Carlson  <eric.carlson@apple.com>
3942
3943         Crash in PlatformMediaSession::clientWillPausePlayback
3944         https://bugs.webkit.org/show_bug.cgi?id=158953
3945         <rdar://problem/26121125>
3946
3947         Reviewed by Jer Noble.
3948
3949         No new tests, I have not been able to reproduce this in a test.
3950
3951         * html/HTMLMediaElement.cpp:
3952         (WebCore::HTMLMediaElement::stop): Ref the element before calling stopWithoutDestroyingMediaPlayer
3953           because updatePlaybackControlsManager can release the last reference and cause the
3954           destructor to be called.
3955         (WebCore::HTMLMediaElement::suspend): Ditto.
3956
3957 2016-06-20  Alex Christensen  <achristensen@webkit.org>
3958
3959         Clean up ResourceResponseBase after r201943
3960         https://bugs.webkit.org/show_bug.cgi?id=158706
3961
3962         Reviewed by Michael Catanzaro.
3963
3964         * platform/network/ResourceResponseBase.cpp:
3965         (WebCore::ResourceResponseBase::ResourceResponseBase):
3966         (WebCore::ResourceResponseBase::asResourceResponse): Deleted.
3967         * platform/network/ResourceResponseBase.h:
3968         (WebCore::ResourceResponseBase::platformCompare):
3969
3970 2016-06-20  Joseph Pecoraro  <pecoraro@apple.com>
3971
3972         Web Inspector: console.profile should use the new Sampling Profiler
3973         https://bugs.webkit.org/show_bug.cgi?id=153499
3974         <rdar://problem/24352431>
3975
3976         Reviewed by Timothy Hatcher.
3977
3978         Test: inspector/timeline/setInstruments-programmatic-capture.html
3979
3980         * inspector/InspectorTimelineAgent.cpp:
3981         (WebCore::InspectorTimelineAgent::startFromConsole):
3982         (WebCore::InspectorTimelineAgent::stopFromConsole):
3983         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
3984         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
3985         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
3986         (WebCore::InspectorTimelineAgent::toggleInstruments):
3987         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
3988         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
3989         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
3990         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
3991         * inspector/InspectorTimelineAgent.h:
3992         Web implementation of console.profile/profileEnd.
3993         Make helpers for startings / stopping instruments.
3994
3995 2016-06-20  Andreas Kling  <akling@apple.com>
3996
3997         When navigating, discard decoded image data that is only live due to page cache.
3998         <https://webkit.org/b/158941>
3999
4000         Reviewed by Antti Koivisto.
4001
4002         A resource is "live" if it's currently in use by a web page, and "dead" if it's
4003         only kept alive by the memory cache.
4004
4005         This patch adds a mechanism that looks at CachedImage resources to see if all the
4006         clients that make them appear "live" are actually pages in the page cache.
4007
4008         If so, we let the "jettison expensive objects on top-level navigation" mechanism
4009         discard the decoded data for such half-live images. This can reduce the peak
4010         memory usage during navigations quite a bit.
4011
4012         * loader/FrameLoader.cpp:
4013         (WebCore::FrameLoader::commitProvisionalLoad): Move the call to MemoryPressureHandler
4014         before we add the outgoing page to the page cache. This allows the jettisoning code
4015         to make decisions based on which pages were cached *before* the navigation.
4016
4017         * loader/cache/CachedImageClient.h:
4018         (WebCore::CachedImageClient::inPageCache):
4019         * loader/ImageLoader.h:
4020         * loader/ImageLoader.cpp:<