REGRESSION (r96620): Float-avoiding block positioned incorrectly in right-to-left...
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-10-16  Dan Bernstein  <mitz@apple.com>
2
3         REGRESSION (r96620): Float-avoiding block positioned incorrectly in right-to-left block
4         https://bugs.webkit.org/show_bug.cgi?id=70197
5
6         Reviewed by Dave Kilzer.
7
8         Test: fast/block/float/avoidance-rtl.html
9
10         * rendering/RenderBlock.cpp:
11         (WebCore::RenderBlock::computeStartPositionDeltaForChildAvoidingFloats): Changed
12         logicalLeftOffsetForContent() to startOffsetForContent() to get the right value in the
13         right-to-left case.
14
15 2011-10-16  Adam Barth  <abarth@webkit.org>
16
17         Always enable ENABLE(DOM_STORAGE)
18         https://bugs.webkit.org/show_bug.cgi?id=70189
19
20         Reviewed by Eric Seidel.
21
22         As discussed on webkit-dev, we are reducing the complexity of WebKit by
23         removing unnecessary configuration options.  DOMStorage is not a core
24         part of the web platform.  It should always be enabled.
25
26         * CMakeLists.txt:
27         * Configurations/FeatureDefines.xcconfig:
28         * GNUmakefile.am:
29         * GNUmakefile.list.am:
30         * UseJSC.cmake:
31         * WebCore.exp.in:
32         * WebCore.pro:
33         * bindings/js/JSEventCustom.cpp:
34         * bindings/js/JSInjectedScriptHostCustom.cpp:
35         * bindings/js/JSStorageCustom.cpp:
36         * bindings/v8/custom/V8EventCustom.cpp:
37         (WebCore::toV8):
38         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
39         (WebCore::V8InjectedScriptHost::storageIdCallback):
40         * bindings/v8/custom/V8StorageCustom.cpp:
41         * dom/Document.cpp:
42         (WebCore::Document::createEvent):
43         * dom/Event.cpp:
44         (WebCore::Event::isStorageEvent):
45         * dom/Event.h:
46         * dom/Node.cpp:
47         * features.pri:
48         * inspector/InjectedScriptHost.cpp:
49         (WebCore::InjectedScriptHost::InjectedScriptHost):
50         (WebCore::InjectedScriptHost::disconnect):
51         (WebCore::InjectedScriptHost::storageIdImpl):
52         * inspector/InjectedScriptHost.h:
53         (WebCore::InjectedScriptHost::init):
54         * inspector/InspectorController.cpp:
55         (WebCore::InspectorController::InspectorController):
56         (WebCore::InspectorController::connectFrontend):
57         (WebCore::InspectorController::disconnectFrontend):
58         (WebCore::InspectorController::restoreInspectorStateFromCookie):
59         * inspector/InspectorController.h:
60         * inspector/InspectorDOMStorageAgent.cpp:
61         * inspector/InspectorDOMStorageResource.cpp:
62         * inspector/InspectorDOMStorageResource.h:
63         * inspector/InspectorInstrumentation.cpp:
64         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
65         (WebCore::InspectorInstrumentation::didUseDOMStorageImpl):
66         * inspector/InspectorInstrumentation.h:
67         (WebCore::InspectorInstrumentation::didUseDOMStorage):
68         * inspector/InstrumentingAgents.h:
69         (WebCore::InstrumentingAgents::InstrumentingAgents):
70         * inspector/WorkerInspectorController.cpp:
71         (WebCore::WorkerInspectorController::WorkerInspectorController):
72         (WebCore::WorkerInspectorController::connectFrontend):
73         * inspector/generate-inspector-idl:
74         * page/Chrome.cpp:
75         * page/DOMWindow.cpp:
76         (WebCore::DOMWindow::~DOMWindow):
77         (WebCore::DOMWindow::clear):
78         (WebCore::DOMWindow::localStorage):
79         * page/DOMWindow.h:
80         * page/DOMWindow.idl:
81         * page/Navigator.cpp:
82         (WebCore::Navigator::getStorageUpdates):
83         * page/Navigator.h:
84         * page/Navigator.idl:
85         * page/Page.cpp:
86         * page/Page.h:
87         * page/PageGroup.cpp:
88         (WebCore::PageGroup::closeLocalStorage):
89         * page/PageGroup.h:
90         * page/Settings.cpp:
91         (WebCore::Settings::Settings):
92         (WebCore::Settings::setSessionStorageQuota):
93         * page/Settings.h:
94         (WebCore::Settings::sessionStorageQuota):
95         * storage/LocalStorageTask.cpp:
96         * storage/LocalStorageTask.h:
97         * storage/LocalStorageThread.cpp:
98         * storage/LocalStorageThread.h:
99         * storage/Storage.cpp:
100         * storage/Storage.h:
101         * storage/Storage.idl:
102         * storage/StorageArea.h:
103         * storage/StorageAreaImpl.cpp:
104         * storage/StorageAreaImpl.h:
105         * storage/StorageAreaSync.cpp:
106         (WebCore::StorageAreaSync::scheduleSync):
107         * storage/StorageAreaSync.h:
108         * storage/StorageEvent.cpp:
109         * storage/StorageEvent.h:
110         * storage/StorageEvent.idl:
111         * storage/StorageEventDispatcher.cpp:
112         * storage/StorageEventDispatcher.h:
113         * storage/StorageMap.cpp:
114         * storage/StorageMap.h:
115         * storage/StorageNamespace.cpp:
116         * storage/StorageNamespace.h:
117         * storage/StorageNamespaceImpl.cpp:
118         * storage/StorageNamespaceImpl.h:
119         * storage/StorageSyncManager.cpp:
120         (WebCore::StorageSyncManager::scheduleDeleteEmptyDatabase):
121         * storage/StorageSyncManager.h:
122         * storage/StorageTracker.cpp:
123         * storage/StorageTracker.h:
124
125 2011-10-15  Adam Barth  <abarth@webkit.org>
126
127         Rename ENABLE(SKIA_TEXT) to USE(SKIA_TEXT)
128         https://bugs.webkit.org/show_bug.cgi?id=70191
129
130         Reviewed by Daniel Bates.
131
132         SKIA_TEXT is not a WebKit feature.  It's a macro that determines
133         whether we use a feature of the underly library (Skia).
134
135         * platform/graphics/chromium/FontChromiumWin.cpp:
136         (WebCore::Font::drawComplexText):
137         * platform/graphics/chromium/UniscribeHelper.cpp:
138         (WebCore::UniscribeHelper::draw):
139         * platform/graphics/skia/PlatformContextSkia.cpp:
140         (WebCore::PlatformContextSkia::isNativeFontRenderingAllowed):
141         * platform/graphics/skia/PlatformContextSkia.h:
142         * platform/graphics/skia/SkiaFontWin.cpp:
143         * platform/graphics/skia/SkiaFontWin.h:
144
145 2011-10-15  Eric Carlson  <eric.carlson@apple.com>
146
147         Make VIDEO_TRACK compile with warnings as errors enabled
148         https://bugs.webkit.org/show_bug.cgi?id=70188
149
150         Reviewed by Filip Pizlo.
151
152         No new tests, no functionality changed.
153
154         * html/TextTrackCueList.h: Fix an include.
155         * html/track/CueParser.cpp:
156         (WebCore::CueParser::supportsType): Remove unused param.
157         * html/track/CueParser.h:
158         (WebCore::CueParserClient::~CueParserClient): Add virtual destructor.
159         * html/track/CueParserPrivate.h:
160         (WebCore::CueParserPrivateClient::~CueParserPrivateClient): Ditto.
161         * loader/CueLoader.h:
162         (WebCore::CueLoaderClient::~CueLoaderClient): Ditto.
163         (WebCore::CueLoader::~CueLoader): Ditto.
164
165 2011-10-15  Adam Barth  <abarth@webkit.org>
166
167         Rename ENABLE(TILED_BACKING_STORE) to USE(TILED_BACKING_STORE)
168         https://bugs.webkit.org/show_bug.cgi?id=70194
169
170         Reviewed by Daniel Bates.
171
172         TILED_BACKING_STORE isn't a web platform feature.  It's an
173         implementation strategy for WebKit that's used by some ports
174         and not by others.
175
176         * features.pri:
177         * loader/EmptyClients.h:
178         * page/Chrome.cpp:
179         * page/Chrome.h:
180         * page/ChromeClient.h:
181         * page/Frame.cpp:
182         (WebCore::Frame::Frame):
183         (WebCore::Frame::setView):
184         * page/Frame.h:
185         * page/FrameView.cpp:
186         (WebCore::FrameView::repaintContentRectangle):
187         (WebCore::FrameView::doDeferredRepaints):
188         * page/Settings.cpp:
189         (WebCore::Settings::setTiledBackingStoreEnabled):
190         * platform/HostWindow.h:
191         * platform/ScrollView.cpp:
192         (WebCore::ScrollView::setScrollPosition):
193         * platform/graphics/Tile.h:
194         * platform/graphics/TiledBackingStore.cpp:
195         * platform/graphics/TiledBackingStore.h:
196         * platform/graphics/TiledBackingStoreBackend.h:
197         * platform/graphics/TiledBackingStoreClient.h:
198         * platform/graphics/qt/GraphicsLayerQt.cpp:
199         (WebCore::GraphicsLayerQtImpl::GraphicsLayerQtImpl):
200         (WebCore::GraphicsLayerQtImpl::~GraphicsLayerQtImpl):
201         (WebCore::GraphicsLayerQtImpl::recache):
202         (WebCore::GraphicsLayerQtImpl::paint):
203         * platform/graphics/qt/TileQt.cpp:
204         * platform/graphics/qt/TileQt.h:
205         * platform/graphics/texmap/TextureMapperNode.cpp:
206         (WebCore::TextureMapperNode::computeTiles):
207         (WebCore::TextureMapperNode::renderContent):
208         (WebCore::TextureMapperNode::paintSelf):
209         (WebCore::TextureMapperNode::syncCompositingStateSelf):
210         * platform/graphics/texmap/TextureMapperNode.h:
211         (WebCore::TextureMapperNode::State::State):
212
213 2011-10-15  Adam Barth  <abarth@webkit.org>
214
215         Remove the last remnant of WBXML
216         https://bugs.webkit.org/show_bug.cgi?id=70187
217
218         Reviewed by Daniel Bates.
219
220         The bulk of the WBXML code was removed in 2009, but we missed one block.
221
222         * platform/wince/MIMETypeRegistryWinCE.cpp:
223         (WebCore::initMIMETypeEntensionMap):
224
225 2011-10-15  Darin Adler  <darin@apple.com>
226
227         REGRESSION(r97533): fast/forms/select-script-onchange.html failed after
228         https://bugs.webkit.org/show_bug.cgi?id=70173
229
230         Reviewed by Ryosuke Niwa.
231
232         * html/HTMLSelectElement.cpp:
233         (WebCore::HTMLSelectElement::setValue): Removed unneeded boolean argument
234         [true for deselect].
235         (WebCore::HTMLSelectElement::menuListDefaultEventHandler): Added explicit
236         boolean arguments for all calls to setSelectedIndex to restore pre-r97533
237         behavior.
238         (WebCore::HTMLSelectElement::typeAheadFind): Ditto.
239         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex): Ditto.
240
241         * html/HTMLSelectElement.h:
242         Removed default of true for userDrivenChange. Each caller should pass it
243         explicitly. Longer term we should use an enum instead of a boolean or find
244         some other way of avoiding the argument.
245         (WebCore::HTMLSelectElement::setSelectedIndex):
246         Pass false for userDrivenChange as the old code did pre-r97533.
247
248 2011-10-15  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
249
250         [Qt] [Symbian] Remove support for the Symbian platform for the QtWebKit port
251         https://bugs.webkit.org/show_bug.cgi?id=69920
252
253         Reviewed by Kenneth Rohde Christiansen.
254
255         No new tests as there is no new functionality.
256
257         * WebCore.gypi:
258         * WebCore.pri:
259         * WebCore.pro:
260         * bindings/v8/V8GCController.cpp:
261         (WebCore::V8GCController::checkMemoryUsage):
262         * config.h:
263         * css/CSSPrimitiveValueMappings.h:
264         (WebCore::CSSPrimitiveValue::operator int):
265         * features.pri:
266         * page/NavigatorBase.cpp:
267         * platform/graphics/qt/GraphicsContextQt.cpp:
268         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
269         * platform/network/qt/ResourceRequestQt.cpp:
270         (WebCore::initializeMaximumHTTPConnectionCountPerHost):
271         * platform/text/qt/TextCodecQt.cpp:
272         (WebCore::TextCodecQt::decode):
273         * plugins/PluginDatabase.cpp:
274         * plugins/PluginPackage.cpp:
275         (WebCore::PluginPackage::unload):
276         * plugins/PluginPackage.h:
277         (WebCore::PluginPackage::version):
278         * plugins/PluginView.cpp:
279         (WebCore::PluginView::setFrameRect):
280         * plugins/PluginView.h:
281         * plugins/npapi.h:
282         * plugins/symbian: Removed.
283         * plugins/symbian/PluginContainerSymbian.cpp: Removed.
284         * plugins/symbian/PluginContainerSymbian.h: Removed.
285         * plugins/symbian/PluginDatabaseSymbian.cpp: Removed.
286         * plugins/symbian/PluginPackageSymbian.cpp: Removed.
287         * plugins/symbian/PluginViewSymbian.cpp: Removed.
288         * plugins/symbian/npinterface.h: Removed.
289
290 2011-10-08  Robert Hogan  <robert@webkit.org>
291
292         CSS 2.1 failure: height-width-table-001.htm
293         https://bugs.webkit.org/show_bug.cgi?id=69709
294
295         Reviewed by Simon Fraser.
296
297         CSS 2.1 expects CSS table elements to treat fixed height/width as
298         excluding table borders, but HTML table elements to treat fixed height/width as
299         including them.
300         
301         See http://lists.w3.org/Archives/Public/www-style/2011Jan/0178.html
302             http://lists.w3.org/Archives/Public/public-css-testsuite/2011Oct/0005.html
303             
304         It looks like some clarification is pending in the specs, but the new behaviour
305         lets WebKit pass the following tests in the suite CSS and also match FF:
306           height-width-table-001.htm
307           height-width-inline-table-001.htm
308           abspos-containing-block-initial-004d.htm
309
310         * rendering/RenderTable.cpp:
311         (WebCore::RenderTable::computeLogicalWidth):
312         (WebCore::RenderTable::layout):
313
314 2011-10-15  Darin Adler  <darin@apple.com>
315
316         Make toHTMLElement fail to compile if you try to use it on an HTMLElement*
317         https://bugs.webkit.org/show_bug.cgi?id=70164
318
319         Reviewed by Adam Barth.
320
321         Refactoring covered by existing tests.
322
323         * bindings/js/JSHTMLFrameSetElementCustom.cpp:
324         (WebCore::JSHTMLFrameSetElement::nameGetter): Removed unneeded casts and
325         some unneeded local variables as well. Changed the name of the local variable
326         for the HTMLFrameElement to frameElement to avoid confusion with the Frame.
327         * dom/Document.cpp:
328         (WebCore::Document::openSearchDescriptionURL): Removed unneeded HTMLElement
329         check; we can call hasTagName directly on a Node and that takes care of
330         checking both that it's an HTMLElement and checking the tag name.
331         * dom/MicroDataItemList.cpp:
332         (WebCore::MicroDataItemList::nodeMatches): Use toHTMLElement instead of
333         a cast. Also changed hasAttribute calls to fastHasAttribute and getAttribute
334         calls to fastGetAttribute since these are neither style attributes nor SVG
335         animatables.
336         * editing/ApplyStyleCommand.cpp:
337         (WebCore::ApplyStyleCommand::applyInlineStyleToPushDown): Use toHTMLElement.
338         (WebCore::ApplyStyleCommand::addInlineStyleIfNeeded): Ditto.
339         * editing/DeleteButtonController.cpp:
340         (WebCore::DeleteButtonController::show): Removed unneeded toHTMLElement call.
341         * html/HTMLElement.cpp:
342         (WebCore::HTMLElement::setOuterHTML): Use toHTMLElement.
343         * html/HTMLElement.h: Added toHTMLElement overload to catch calls when the
344         pointer is already HTMLElement* or a pointer to a class derived from it.
345         * html/HTMLSelectElement.cpp:
346         (WebCore::HTMLSelectElement::recalcListItems): Use toHTMLElement.
347         * html/HTMLTextAreaElement.cpp:
348         (WebCore::HTMLTextAreaElement::innerTextElement): Use toHTMLElement.
349
350 2011-10-15  Antoine Labour  <piman@chromium.org>
351
352         Add WebAcceleratedContentLayer backed by a texture to support accelerated content hosting
353         https://bugs.webkit.org/show_bug.cgi?id=70084
354
355         Reviewed by James Robinson.
356
357         Covered by existing compositing/ tests
358
359         * platform/graphics/chromium/LayerChromium.h:
360         * platform/graphics/chromium/LayerRendererChromium.cpp:
361         (WebCore::LayerRendererChromium::pluginLayerProgramFlip):
362         (WebCore::LayerRendererChromium::cleanupSharedObjects):
363         * platform/graphics/chromium/LayerRendererChromium.h:
364         * platform/graphics/chromium/PluginLayerChromium.cpp:
365         (WebCore::PluginLayerChromium::PluginLayerChromium):
366         (WebCore::PluginLayerChromium::setTextureId):
367         (WebCore::PluginLayerChromium::setFlipped):
368         (WebCore::PluginLayerChromium::pushPropertiesTo):
369         * platform/graphics/chromium/PluginLayerChromium.h:
370         (WebCore::PluginLayerChromium::flipped):
371         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
372         (WebCore::CCPluginLayerImpl::CCPluginLayerImpl):
373         (WebCore::CCPluginLayerImpl::draw):
374         * platform/graphics/chromium/cc/CCPluginLayerImpl.h:
375         (WebCore::CCPluginLayerImpl::setFlipped):
376
377 2011-10-15  Michael Nordman  <michaeln@google.com>
378
379         [Chromium] Some WebSQLDatabase in worker bug fixes.
380         https://bugs.webkit.org/show_bug.cgi?id=70071
381
382         - Test for a NULL webView WebWorkerClientImpl.
383         - Avoid altering Database instance lifetimes during WorkerThread::stop().
384
385         Existing tests coverage applies.
386
387         Reviewed by David Levin.
388
389         * storage/chromium/DatabaseTrackerChromium.cpp:
390         (WebCore::DatabaseTracker::interruptAllDatabasesForContext):
391
392 2011-10-14  Adam Barth  <abarth@webkit.org>
393
394         Update expected results.
395
396         * bindings/scripts/test/V8/V8TestObj.cpp:
397         (WebCore::TestObjInternal::serializedValueCallback):
398
399 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
400
401         GTK build fix after r97533.
402
403         * accessibility/gtk/AXObjectCacheAtk.cpp:
404         (WebCore::notifyChildrenSelectionChange):
405         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
406         (optionFromSelection):
407         (webkit_accessible_selection_get_selection_count):
408
409 2011-10-14  David Kilzer  <ddkilzer@apple.com>
410
411         <http://webkit.org/b/70158> Fix clang compiler warnings
412
413         Reviewed by Darin Adler.
414
415         * dom/ViewportArguments.cpp:
416         (WebCore::computeViewportAttributes): Use std::max<float>()
417         instead of std::max().
418
419 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
420
421         Rename getOwnPropertySlot to getOwnPropertySlotVirtual
422         https://bugs.webkit.org/show_bug.cgi?id=69810
423
424         Reviewed by Geoffrey Garen.
425
426         No new tests.
427
428         Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
429         in preparation for when we add the static getOwnPropertySlot to the MethodTable 
430         in ClassInfo.
431
432         Also added a few static getOwnPropertySlot functions where they had been overlooked 
433         before (especially in CodeGeneratorJS.pm).
434
435         * WebCore.exp.in:
436         * bindings/js/JSDOMWindowCustom.cpp:
437         (WebCore::JSDOMWindow::getOwnPropertySlotVirtual):
438         (WebCore::JSDOMWindow::getOwnPropertySlot):
439         (WebCore::DialogHandler::returnValue):
440         * bindings/js/JSDOMWindowShell.cpp:
441         (WebCore::JSDOMWindowShell::getOwnPropertySlotVirtual):
442         (WebCore::JSDOMWindowShell::getOwnPropertySlot):
443         * bindings/js/JSDOMWindowShell.h:
444         * bindings/js/JSWorkerContextCustom.cpp:
445         (WebCore::JSWorkerContext::getOwnPropertySlotDelegate):
446         * bindings/js/SerializedScriptValue.cpp:
447         (WebCore::CloneSerializer::getSparseIndex):
448         (WebCore::CloneSerializer::getProperty):
449         * bindings/scripts/CodeGeneratorJS.pm:
450         (GenerateGetOwnPropertySlotBody):
451         (GenerateHeader):
452         (GenerateImplementation):
453         (GenerateConstructorDeclaration):
454         (GenerateConstructorDefinition):
455         * bindings/scripts/test/JS/JSTestInterface.cpp:
456         (WebCore::JSTestInterfaceConstructor::getOwnPropertySlotVirtual):
457         (WebCore::JSTestInterfaceConstructor::getOwnPropertySlot):
458         (WebCore::JSTestInterface::getOwnPropertySlotVirtual):
459         (WebCore::JSTestInterface::getOwnPropertySlot):
460         * bindings/scripts/test/JS/JSTestInterface.h:
461         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
462         (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlotVirtual):
463         (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlot):
464         (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlotVirtual):
465         (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlot):
466         (WebCore::JSTestMediaQueryListListener::getOwnPropertySlotVirtual):
467         (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot):
468         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
469         * bindings/scripts/test/JS/JSTestObj.cpp:
470         (WebCore::JSTestObjConstructor::getOwnPropertySlotVirtual):
471         (WebCore::JSTestObjConstructor::getOwnPropertySlot):
472         (WebCore::JSTestObjPrototype::getOwnPropertySlotVirtual):
473         (WebCore::JSTestObjPrototype::getOwnPropertySlot):
474         (WebCore::JSTestObj::getOwnPropertySlotVirtual):
475         (WebCore::JSTestObj::getOwnPropertySlot):
476         * bindings/scripts/test/JS/JSTestObj.h:
477         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
478         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlotVirtual):
479         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlot):
480         (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlotVirtual):
481         (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot):
482         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
483         * bridge/objc/objc_runtime.h:
484         * bridge/objc/objc_runtime.mm:
485         (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlotVirtual):
486         * bridge/qt/qt_instance.cpp:
487         (JSC::Bindings::QtInstance::getOwnPropertySlot):
488         * bridge/qt/qt_runtime.cpp:
489         (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertySlotVirtual):
490         (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertySlotVirtual):
491         * bridge/qt/qt_runtime.h:
492         * bridge/runtime_array.cpp:
493         (JSC::RuntimeArray::getOwnPropertySlotVirtual):
494         * bridge/runtime_array.h:
495         * bridge/runtime_method.cpp:
496         (JSC::RuntimeMethod::getOwnPropertySlotVirtual):
497         * bridge/runtime_method.h:
498         * bridge/runtime_object.cpp:
499         (JSC::Bindings::RuntimeObject::getOwnPropertySlotVirtual):
500         * bridge/runtime_object.h:
501
502 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
503
504         Windows build fix attempt after r97533.
505
506         * html/HTMLSelectElementWin.cpp:
507         (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
508
509 2011-10-14  Darin Adler  <darin@apple.com>
510
511         Follow up the recent HTMLSelectElement improvements with a little bit more
512         https://bugs.webkit.org/show_bug.cgi?id=70139
513
514         Reviewed by Ryosuke Niwa.
515
516         Refactoring, covered by existing tests.
517
518         Mostly, this adds a toHTMLSelectElement and uses it wherever possible.
519
520         * accessibility/AccessibilityListBox.cpp:
521         (WebCore::AccessibilityListBox::canSetSelectedChildrenAttribute): Use toHTMLSelectElement.
522         (WebCore::AccessibilityListBox::addChildren): Ditto. Also removed unneeded toHTMLElement.
523         * accessibility/AccessibilityMenuListPopup.cpp:
524         (WebCore::AccessibilityMenuListPopup::addChildren): Ditto.
525         * accessibility/AccessibilityRenderObject.cpp:
526         (WebCore::AccessibilityRenderObject::isMultiSelectable): Ditto.
527         (WebCore::AccessibilityRenderObject::stringValue): Removed checks on the type of the
528         underlying node, since other code already assumes that a menu list renderer is only
529         created for a select element. Streamlined the code a bit and removed some unneeded
530         local variables.
531         * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
532         (WebCore::JSHTMLOptionsCollection::indexSetter): Use toHTMLSelectElement.
533         * bindings/js/JSHTMLSelectElementCustom.cpp:
534         (WebCore::JSHTMLSelectElement::remove): Ditto.
535         (WebCore::JSHTMLSelectElement::indexSetter): Ditto.
536         * editing/FrameSelection.cpp:
537         (WebCore::FrameSelection::selectAll): Ditto.
538         * html/HTMLKeygenElement.cpp:
539         (WebCore::HTMLKeygenElement::shadowSelect): Ditto.
540         * html/HTMLOptGroupElement.cpp:
541         (WebCore::HTMLOptGroupElement::recalcSelectOptions): Ditto.
542         (WebCore::HTMLOptGroupElement::ownerSelectElement): Ditto.
543         * html/HTMLOptionElement.cpp:
544         (WebCore::HTMLOptionElement::selected): Changed code to call renamed
545         updateListItemSelectedStates rather than the confusing old name
546         recalcListItemsIfNeeded.
547         (WebCore::HTMLOptionElement::childrenChanged): Changed to call
548         optionElementChildrenChanged rather than calling childrenChanged,
549         because the children of the select element did not change!
550         (WebCore::HTMLOptionElement::ownerSelectElement): Use toHTMLSelectElement.
551         * html/HTMLOptionsCollection.cpp:
552         (WebCore::HTMLOptionsCollection::add): Use toHTMLSelectElement.
553         (WebCore::HTMLOptionsCollection::remove): Use toHTMLSelectElement.
554         (WebCore::HTMLOptionsCollection::selectedIndex): Use toHTMLSelectElement.
555         (WebCore::HTMLOptionsCollection::setSelectedIndex): Use toHTMLSelectElement.
556         (WebCore::HTMLOptionsCollection::setLength): Use toHTMLSelectElement.
557         * html/HTMLSelectElement.cpp:
558         (WebCore::HTMLSelectElement::setSelectedIndexByUser): Call setSelectedIndex
559         without the now-unneeded internal suffix.
560         (WebCore::HTMLSelectElement::parseMappedAttribute): When the code says that
561         we should "determine selectedness of the items", call updateListItemSelectedStates
562         rather than the confusingly named recalcListItemsIfNeeded.
563         (WebCore::HTMLSelectElement::updateListItemSelectedStates): Renamed
564         recalcListItemsIfNeeded to this, since that's what this function is for.
565         (WebCore::HTMLSelectElement::optionElementChildrenChanged): Added. Does
566         the same work as childrenChanged, although it does not call up to the
567         base class childrenChanged function. Later we might find we can remove
568         some of the work here, for example it's not clear we should call the
569         accessibility childrenChanged function.
570         (WebCore::HTMLSelectElement::nextValidIndex): Changed this to a member function
571         and made it get the list items itself rather than requiring they be passed in.
572         (WebCore::HTMLSelectElement::nextSelectableListIndex): Updated for change to
573         nextValidIndex.
574         (WebCore::HTMLSelectElement::previousSelectableListIndex): Ditto.
575         (WebCore::HTMLSelectElement::firstSelectableListIndex): Ditto.
576         (WebCore::HTMLSelectElement::lastSelectableListIndex): Ditto.
577         (WebCore::HTMLSelectElement::nextSelectableListIndexPageAway): Ditto.
578         (WebCore::HTMLSelectElement::listItems): Removed unneeded const_cast, since
579         recalcListItems is now a const member function. Call recalcListItems by that
580         name instead of recalcListItemsInternal.
581         (WebCore::HTMLSelectElement::recalcListItems): Renamed from recalcListItemsInternal
582         and made this a const member function. The data members that this needs to modify
583         are now mutable.
584         (WebCore::HTMLSelectElement::setSelectedIndex): Renamed from setSelectedIndexInternal.
585         Changed call to updateValidity to instead call setNeedsValidityCheck, since both
586         do the same thing.
587         (WebCore::HTMLSelectElement::parseMultipleAttribute): Ditto.
588         (WebCore::HTMLSelectElement::menuListDefaultEventHandler): Updated for change to
589         nextValidIndex, removed unneeded comparison with zero that's already handled by
590         casting to an unsigned type, and use setSelectedIndex instead of using
591         setSelectedIndexInternal since they are both the same thing.
592         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler): Removed another unneeded
593         comparision with zero that's handled by casting to an unsigned type.
594         (WebCore::HTMLSelectElement::lastSelectedListIndex): Use size_t instead of unsigned
595         for a vector index.
596         (WebCore::HTMLSelectElement::typeAheadFind): Use setSelectedIndex instead of
597         setSelectedIndexInternal.
598         (WebCore::HTMLSelectElement::insertedIntoTree): Removed unneeded explicit boolean
599         when calling a function that already has a default value of true.
600         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex): Use setSelectedIndex
601         instead of setSelectedIndexInternal.
602
603         * html/HTMLSelectElement.h: Made childrenChanged private. Added
604         optionElementChildrenChanged. Renamed recalcListItemsIfNeeded to the clearer
605         updateListItemSelectedStates. Removed unused listBoxSelectItem. Removed
606         updateValidity after changing all callers to instead call setNeedsValidityCheck.
607         Made canSelectAll and selectAll non-virtual. Removed recalcListItemsInternal
608         since it's the same thing as recalcListItems now. Renamed setSelectedIndexInternal
609         to setSelectedIndex since it's the same function, just with a few arguments we
610         don't want to allow outside callers to pass. Changed nextValidIndex into a
611         non-static member function. Made m_listItems and m_shouldRecalcListItems mutable.
612         Added a toHTMLSelectElement function, modeled on the toElement function.
613
614         * html/ValidityState.cpp:
615         (WebCore::ValidityState::valueMissing): Use toHTMLSelectElement.
616         * rendering/RenderListBox.cpp:
617         (WebCore::RenderListBox::updateFromElement): Ditto.
618         (WebCore::RenderListBox::scrollToRevealSelection): Ditto.
619         (WebCore::RenderListBox::size): Ditto.
620         (WebCore::RenderListBox::numItems): Ditto.
621         (WebCore::RenderListBox::addFocusRingRects): Ditto.
622         (WebCore::RenderListBox::paintItemForeground): Ditto.
623         (WebCore::RenderListBox::paintItemBackground): Ditto.
624         (WebCore::RenderListBox::panScroll): Ditto.
625         (WebCore::RenderListBox::autoscroll): Ditto.
626         (WebCore::RenderListBox::stopAutoscroll): Ditto.
627         (WebCore::RenderListBox::valueChanged): Ditto.
628         (WebCore::RenderListBox::nodeAtPoint): Ditto.
629         * rendering/RenderMenuList.cpp:
630         (WebCore::RenderMenuList::updateOptionsWidth): Ditto.
631         (WebCore::RenderMenuList::updateFromElement): Ditto.
632         (WebCore::RenderMenuList::setTextFromOption): Ditto.
633         (WebCore::RenderMenuList::showPopup): Ditto.
634         (WebCore::RenderMenuList::valueChanged): Ditto.
635         (WebCore::RenderMenuList::listBoxSelectItem): Ditto.
636         (WebCore::RenderMenuList::multiple): Ditto.
637         (WebCore::RenderMenuList::didSetSelectedIndex): Ditto.
638         (WebCore::RenderMenuList::didUpdateActiveOption): Ditto.
639         (WebCore::RenderMenuList::itemText): Ditto.
640         (WebCore::RenderMenuList::itemAccessibilityText): Ditto.
641         (WebCore::RenderMenuList::itemToolTip): Ditto.
642         (WebCore::RenderMenuList::itemIsEnabled): Ditto. Also use the
643         disabled function instead of the virtual isEnabledFormControl
644         function to check if the optgroup is enabled.
645         (WebCore::RenderMenuList::itemStyle): Ditto.
646         (WebCore::RenderMenuList::itemBackgroundColor): Ditto.
647         (WebCore::RenderMenuList::listSize): Ditto.
648         (WebCore::RenderMenuList::selectedIndex): Ditto.
649         (WebCore::RenderMenuList::itemIsSeparator): Ditto.
650         (WebCore::RenderMenuList::itemIsLabel): Ditto.
651         (WebCore::RenderMenuList::itemIsSelected): Ditto.
652         (WebCore::RenderMenuList::setTextFromItem): Ditto.
653
654 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
655
656         Rename virtual put to putVirtual
657         https://bugs.webkit.org/show_bug.cgi?id=69851
658
659         Reviewed by Darin Adler.
660
661         No new tests.
662
663         Renamed virtual versions of put to putVirtual in prepration for 
664         adding the static put to the MethodTable in ClassInfo since the 
665         compiler gets mad if the virtual and static versions have the same 
666         name.
667
668         * WebCore.exp.in:
669         * bindings/js/JSDOMWindowCustom.cpp:
670         (WebCore::JSDOMWindow::putVirtual):
671         * bindings/js/JSDOMWindowShell.cpp:
672         (WebCore::JSDOMWindowShell::putVirtual):
673         * bindings/js/JSDOMWindowShell.h:
674         * bindings/js/JSLocationCustom.cpp:
675         (WebCore::JSLocation::putDelegate):
676         * bindings/js/JSPluginElementFunctions.cpp:
677         (WebCore::runtimeObjectCustomPut):
678         * bindings/js/SerializedScriptValue.cpp:
679         (WebCore::CloneDeserializer::putProperty):
680         * bindings/objc/WebScriptObject.mm:
681         (-[WebScriptObject setValue:forKey:]):
682         (-[WebScriptObject setWebScriptValueAtIndex:value:]):
683         * bindings/scripts/CodeGeneratorJS.pm:
684         (GenerateHeader):
685         (GenerateImplementation):
686         * bindings/scripts/test/JS/JSTestObj.cpp:
687         (WebCore::JSTestObj::putVirtual):
688         * bindings/scripts/test/JS/JSTestObj.h:
689         * bridge/NP_jsobject.cpp:
690         (_NPN_SetProperty):
691         * bridge/jni/jni_jsobject.mm:
692         (JavaJSObject::setMember):
693         (JavaJSObject::setSlot):
694         * bridge/objc/objc_runtime.h:
695         * bridge/objc/objc_runtime.mm:
696         (JSC::Bindings::ObjcFallbackObjectImp::putVirtual):
697         * bridge/qt/qt_instance.cpp:
698         (JSC::Bindings::QtInstance::put):
699         * bridge/qt/qt_runtime.cpp:
700         (JSC::Bindings::convertQVariantToValue):
701         * bridge/runtime_array.cpp:
702         (JSC::RuntimeArray::putVirtual):
703         * bridge/runtime_array.h:
704         * bridge/runtime_object.cpp:
705         (JSC::Bindings::RuntimeObject::putVirtual):
706         * bridge/runtime_object.h:
707         * bridge/testqtbindings.cpp:
708         (main):
709
710 2011-10-14  Sheriff Bot  <webkit.review.bot@gmail.com>
711
712         Unreviewed, rolling out r97519.
713         http://trac.webkit.org/changeset/97519
714         https://bugs.webkit.org/show_bug.cgi?id=70156
715
716         Broke 79+ tests on bots (Requested by dglazkov on #webkit).
717
718         * platform/graphics/skia/GraphicsContextSkia.cpp:
719         (WebCore::getFocusRingOutset):
720         (WebCore::GraphicsContext::drawFocusRing):
721
722 2011-09-28  Robert Hogan  <robert@webkit.org>
723
724         Replaced elements squeezed when width is specified as percentage inside a table with Auto layout
725         https://bugs.webkit.org/show_bug.cgi?id=29447
726
727         If inserting a 'replaced' element (e.g. image, plugin) in a table cell that is not descendant from
728         a block with fixed layout then do not squeeze the element, let it use its intrinsic width and height.
729
730         Reviewed by David Hyatt.
731
732         Test: fast/replaced/table-percent-width.html
733
734         * rendering/RenderBox.cpp:
735         (WebCore::shouldExpandToIntrinsicDimension):
736         (WebCore::RenderBox::containingBlockReplacedLogicalWidthForContent):
737         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
738         (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
739         * rendering/RenderBox.h:
740
741 2011-10-14  Cary Clark  <caryclark@google.com>
742
743         [Chromium Skia on Mac] Improve focus ring
744         https://bugs.webkit.org/show_bug.cgi?id=70124
745
746         Reviewed by Eric Seidel.
747         
748         The focus ring code formerly outset the bounds of
749         the component rectangles by fractional amounts. Because
750         the rectangles are SkIRect (integer based), the fractional
751         outset had no effect.
752
753         The equivalent code in GraphicsContextMac.mm computes
754         the curve radius and rectangle outset with integers, so
755         the use of floats in Skia's case, besides not working,
756         is unnecessary.
757
758         The Skia code also failed to take the offset into account.
759         In LayoutTests, the focus rings either have an offset of
760         0 or 2. The CoreGraphics code increases the ring's rectangles
761         by the offset, then passes the result to wkDrawFocusRing.
762
763         I did not find any documentation about how wkDrawFocusRing
764         further inflates the focus ring, but empirically I determined
765         that adding 2 to the offset generated rings with identical
766         outer diameters.
767  
768         With these adjustments, the layout tests generate focus rings
769         in the Skia on Mac case that match the coverage of the
770         Chromium CG-based platform, in particular, matching:
771         
772         editing/inserting/editable-inline-element.html
773         editing/selection/3690703-2.html
774
775         * platform/graphics/skia/GraphicsContextSkia.cpp:
776         (WebCore::getFocusRingOutset):
777         (WebCore::GraphicsContext::drawFocusRing):
778
779 2011-10-14  Chang Shu  <cshu@webkit.org>
780
781         [Qt] Enable fullscreen api on Qt
782         https://bugs.webkit.org/show_bug.cgi?id=70131
783
784         As a result, we have 3 passed tests.
785
786         Reviewed by Noam Rosenthal.
787
788         * features.pri:
789
790 2011-10-14  Beth Dakin  <bdakin@apple.com>
791
792         https://bugs.webkit.org/show_bug.cgi?id=70148
793         Should switch to CoreUI version of CorrectionDot, GrammarDot, and SpellingDot
794         -and corresponding-
795         <rdar://problem/10208281>
796
797         Reviewed by Anders Carlsson.
798
799         Use NS*Dot whenever it's available, and fallback to *Dot only when it is not.
800         * platform/graphics/mac/GraphicsContextMac.mm:
801         (WebCore::createPatternColor):
802         (WebCore::GraphicsContext::drawLineForTextChecking):
803
804 2011-10-14  Dmitry Lomov  <dslomov@google.com>
805
806         https://bugs.webkit.org/show_bug.cgi?id=70120
807         [Chromium] Pass MessagePortArray to SerializedScriptValue::serialize/deserialize.
808         This patch augments SerializedScriptValue with MessagePortArray* parameter to implement MessagePort 
809         transfer within the message in the future.
810
811         Reviewed by David Levin.
812
813         * bindings/scripts/CodeGeneratorV8.pm:
814         (GenerateParametersCheck):
815         * bindings/v8/SerializedScriptValue.cpp:
816         (WebCore::SerializedScriptValue::create):
817         (WebCore::SerializedScriptValue::SerializedScriptValue):
818         (WebCore::SerializedScriptValue::deserialize):
819         * bindings/v8/SerializedScriptValue.h:
820         * bindings/v8/custom/V8DOMWindowCustom.cpp:
821         (WebCore::handlePostMessageCallback):
822         (WebCore::V8DOMWindow::postMessageCallback):
823         (WebCore::V8DOMWindow::webkitPostMessageCallback):
824         * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
825         (WebCore::handlePostMessageCallback):
826         (WebCore::V8DedicatedWorkerContext::postMessageCallback):
827         (WebCore::V8DedicatedWorkerContext::webkitPostMessageCallback):
828         * bindings/v8/custom/V8HistoryCustom.cpp:
829         (WebCore::V8History::pushStateCallback):
830         (WebCore::V8History::replaceStateCallback):
831         * bindings/v8/custom/V8MessageEventCustom.cpp:
832         (WebCore::V8MessageEvent::dataAccessorGetter):
833         * bindings/v8/custom/V8MessagePortCustom.cpp:
834         (WebCore::handlePostMessageCallback):
835         (WebCore::V8MessagePort::postMessageCallback):
836         (WebCore::V8MessagePort::webkitPostMessageCallback):
837         * bindings/v8/custom/V8WorkerCustom.cpp:
838         (WebCore::handlePostMessageCallback):
839         (WebCore::V8Worker::postMessageCallback):
840         (WebCore::V8Worker::webkitPostMessageCallback):
841         * workers/Worker.idl:
842
843 2011-10-14  Jeff Miller  <jeffm@apple.com>
844
845         InjectedBundleHitTestResult::imageRect() should return rect in WKView coordinates
846         https://bugs.webkit.org/show_bug.cgi?id=69963
847         
848         Add infrastructure to convert from any frame view's coordinate system to the
849         root view's coordinate system.
850
851         Reviewed by Simon Fraser.
852
853         No new tests (yet), this is covered by <https://bugs.webkit.org/show_bug.cgi?id=70136>.
854
855         * WebCore.exp.in: Exported WebCore::ScrollView::contentsToRootView(), used by InjectedBundleHitTestResult.cpp.
856         
857         * platform/ScrollView.cpp:
858         (WebCore::ScrollView::rootViewToContents): Added (both point and rect versions).
859         (WebCore::ScrollView::contentsToRootView): Ditto.
860         
861         * platform/ScrollView.h: Added member functions to convert to/from root view coordinates.
862         
863         * platform/Widget.cpp:
864         (WebCore::Widget::convertFromRootView): Added (both point and rect versions).
865         (WebCore::Widget::convertToRootView): Ditto.
866         
867         * platform/Widget.h: Added member functions to convert to/from root view coordinates.
868
869 2011-10-14  Andreas Kling  <kling@webkit.org>
870
871         CSSParser: Remove StyleBase usage.
872         https://bugs.webkit.org/show_bug.cgi?id=70150
873
874         Reviewed by Darin Adler.
875
876         Split CSSParser::m_parsedStyleObjects into two vectors of
877         CSSRules and MediaLists.
878
879         * css/CSSParser.cpp:
880         (WebCore::CSSParser::createMediaList):
881         (WebCore::CSSParser::createCharsetRule):
882         (WebCore::CSSParser::createImportRule):
883         (WebCore::CSSParser::createMediaRule):
884         (WebCore::CSSParser::createKeyframesRule):
885         (WebCore::CSSParser::createStyleRule):
886         (WebCore::CSSParser::createFontFaceRule):
887         (WebCore::CSSParser::createPageRule):
888         (WebCore::CSSParser::createKeyframeRule):
889         * css/CSSParser.h:
890
891 2011-10-14  Adam Barth  <abarth@webkit.org>
892
893         canvas getImageData should explain why it throws SECURITY_ERR
894         https://bugs.webkit.org/show_bug.cgi?id=70088
895
896         Reviewed by Darin Adler.
897
898         Log as message to the console when getImageData fails because the
899         canvas is tainted.
900
901         * html/canvas/CanvasRenderingContext2D.cpp:
902         (WebCore::CanvasRenderingContext2D::getImageData):
903
904 2011-10-14  Andreas Kling  <kling@webkit.org>
905
906         Inspector: Remove StyleBase usage.
907         https://bugs.webkit.org/show_bug.cgi?id=70138
908
909         Reviewed by Antti Koivisto.
910
911         Be fully specific about whether we're operating on a CSSRule or
912         a CSSStyleSheet.
913
914         No behavior change expected, this merely is a cleanup.
915
916         * inspector/InspectorCSSAgent.cpp:
917         (WebCore::InspectorCSSAgent::parentStyleSheet):
918         (WebCore::InspectorCSSAgent::asCSSStyleRule):
919         * inspector/InspectorCSSAgent.h:
920         * inspector/InspectorStyleSheet.cpp:
921         (WebCore::asCSSRuleList):
922
923 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
924
925         Rename virtual deleteProperty to deletePropertyVirtual
926         https://bugs.webkit.org/show_bug.cgi?id=69884
927
928         Reviewed by Darin Adler.
929
930         No new tests.
931
932         Renamed virtual versions of deleteProperty to deletePropertyVirtual in prepration for 
933         adding the static deleteProperty to the MethodTable in ClassInfo since the 
934         compiler gets mad if the virtual and static versions have the same name.
935
936         * WebCore.exp.in:
937         * bindings/js/JSDOMStringMapCustom.cpp:
938         (WebCore::JSDOMStringMap::deletePropertyVirtual):
939         * bindings/js/JSDOMWindowCustom.cpp:
940         (WebCore::JSDOMWindow::deletePropertyVirtual):
941         * bindings/js/JSDOMWindowShell.cpp:
942         (WebCore::JSDOMWindowShell::deletePropertyVirtual):
943         * bindings/js/JSDOMWindowShell.h:
944         * bindings/js/JSHistoryCustom.cpp:
945         (WebCore::JSHistory::deletePropertyVirtual):
946         * bindings/js/JSLocationCustom.cpp:
947         (WebCore::JSLocation::deletePropertyVirtual):
948         * bindings/js/JSStorageCustom.cpp:
949         (WebCore::JSStorage::deletePropertyVirtual):
950         * bindings/js/ScriptObject.cpp:
951         (WebCore::ScriptGlobalObject::remove):
952         * bindings/objc/WebScriptObject.mm:
953         (-[WebScriptObject removeWebScriptKey:]):
954         * bindings/scripts/CodeGeneratorJS.pm:
955         (GenerateHeader):
956         * bridge/NP_jsobject.cpp:
957         (_NPN_RemoveProperty):
958         * bridge/jni/jni_jsobject.mm:
959         (JavaJSObject::removeMember):
960         * bridge/objc/objc_runtime.h:
961         * bridge/objc/objc_runtime.mm:
962         (JSC::Bindings::ObjcFallbackObjectImp::deletePropertyVirtual):
963         * bridge/runtime_array.cpp:
964         (JSC::RuntimeArray::deletePropertyVirtual):
965         * bridge/runtime_array.h:
966         * bridge/runtime_object.cpp:
967         (JSC::Bindings::RuntimeObject::deletePropertyVirtual):
968         * bridge/runtime_object.h:
969
970 2011-10-14  Simon Fraser  <simon.fraser@apple.com>
971
972         Web Inspector: WebProcess crashes hard when inspecting elements with border-images applied
973         https://bugs.webkit.org/show_bug.cgi?id=70105
974
975         Reviewed by Dave Hyatt.
976         
977         Fix three different crashes related to getting computed style for border-image.
978         In both valueForNinePieceImageSlice() and valueForNinePieceImageQuad(),
979         assign 'right' to 'left' because we've computed a value for 'right' already.
980         Otherwise this would leave 'right' as null, causing later crashes in cssText().
981         
982         In mapNinePieceImage(), borderImage->imageValue() can be null for a border-image
983         shorthand that is missing the image value.
984
985         Test: fast/css/getComputedStyle/computed-style-border-image.html
986
987         * css/CSSComputedStyleDeclaration.cpp:
988         (WebCore::valueForNinePieceImageSlice):
989         (WebCore::valueForNinePieceImageQuad):
990         * css/CSSStyleSelector.cpp:
991         (WebCore::CSSStyleSelector::mapNinePieceImage):
992
993 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
994
995         Mac build fix after r97497.
996
997         * editing/markup.cpp:
998         (WebCore::isNonTableCellHTMLBlockElement):
999
1000 2011-10-14  Daniel Cheng  <dcheng@chromium.org>
1001
1002         Context-aware HTML paste for Chromium
1003         https://bugs.webkit.org/show_bug.cgi?id=62112
1004
1005         Reviewed by Ryosuke Niwa.
1006
1007         Add createFragmentFromMarkupWithContext which understands enough about DOM structure to
1008         retain necessary elements to preserve structure and appearance when extracting a subset of
1009         a DOM tree.
1010
1011         Covered by existing layout tests.
1012
1013         * editing/MarkupAccumulator.h:
1014         * editing/markup.cpp:
1015         (WebCore::isNonTableCellHTMLBlockElement):
1016         (WebCore::isHTMLBlockElement):
1017         (WebCore::ancestorToRetainStructureAndAppearanceForBlock):
1018         (WebCore::ancestorToRetainStructureAndAppearance):
1019         (WebCore::ancestorToRetainStructureAndAppearanceWithNoRenderer):
1020         (WebCore::findNodesSurroundingContext):
1021         (WebCore::trimFragment):
1022         (WebCore::createFragmentFromMarkupWithContext):
1023         * editing/markup.h:
1024         * platform/chromium/ChromiumDataObject.cpp:
1025         (WebCore::ChromiumDataObject::getData):
1026         * platform/chromium/DataTransferItemChromium.cpp:
1027         (WebCore::DataTransferItemChromium::getAsString):
1028         * platform/chromium/PasteboardChromium.cpp:
1029         (WebCore::Pasteboard::documentFragment):
1030         * platform/chromium/PlatformSupport.h:
1031
1032 2011-10-14  Peter Beverloo  <peter@chromium.org>
1033
1034         [Chromium] Inherit settings from Chromium's envsetup.sh, address a NDK todo
1035         https://bugs.webkit.org/show_bug.cgi?id=70028
1036
1037         Reviewed by Adam Barth.
1038
1039         * WebCore.gyp/WebCore.gyp:
1040
1041 2011-10-14  Nate Chapin  <japhet@chromium.org>
1042
1043         Check CachedResourceClient types with ASSERTs rather
1044         than if statements.
1045         https://bugs.webkit.org/show_bug.cgi?id=70113
1046
1047         Reviewed by Adam Barth.
1048
1049         No new tests, no functionality change.
1050
1051         * loader/cache/CachedCSSStyleSheet.cpp:
1052         * loader/cache/CachedFont.cpp:
1053         * loader/cache/CachedImage.cpp:
1054         * loader/cache/CachedResourceClientWalker.h:
1055         * loader/cache/CachedXSLStyleSheet.cpp:
1056
1057 2011-10-14  Andreas Kling  <kling@webkit.org>
1058
1059         Don't assert that CSSRules are CSSRules.
1060
1061         Rubber-stamped by Antti Koivisto.
1062
1063         * css/CSSRule.h:
1064         (WebCore::CSSRule::isRule):
1065         * css/CSSStyleSheet.cpp:
1066         (WebCore::CSSStyleSheet::append):
1067         (WebCore::CSSStyleSheet::insert):
1068
1069 2011-10-14  Beth Dakin  <bdakin@apple.com>
1070
1071         Attempted Leopard build fix.
1072
1073         * platform/graphics/GraphicsContext.cpp:
1074         (WebCore::GraphicsContext::createCompatibleBuffer):
1075
1076 2011-10-14  Andreas Kling  <kling@webkit.org>
1077
1078         CSSStyleSheet should only ever contain CSSRules.
1079         https://bugs.webkit.org/show_bug.cgi?id=70116
1080
1081         Reviewed by Antti Koivisto.
1082
1083         Move child management from the StyleSheet class down into
1084         CSSStyleSheet and XSLStyleSheet. XSLStyleSheet continues to
1085         manage StyleBase objects, while CSSStyleSheet now only contains
1086         CSSRule.
1087
1088         This is enforced at both compile time and runtime with explicit
1089         types and assertions.
1090
1091         * css/CSSRule.h:
1092         (WebCore::CSSRule::isRule):
1093
1094             Promoted to a public method so we can use it in assertions.
1095
1096         * css/CSSRuleList.h:
1097         (WebCore::CSSRuleList::create):
1098         (WebCore::CSSRuleList::styleSheet):
1099         * css/CSSRuleList.cpp:
1100         (WebCore::CSSRuleList::CSSRuleList):
1101         * bindings/js/JSCSSRuleListCustom.cpp:
1102         (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots):
1103
1104             Change backing to a CSSStyleSheet instead of a StyleSheet.
1105
1106         * css/CSSRuleList.cpp:
1107         (WebCore::CSSRuleList::item):
1108
1109             Remove redundant assertions.
1110
1111         * css/CSSStyleSheet.cpp:
1112         (WebCore::CSSStyleSheet::isLoading):
1113         (WebCore::CSSStyleSheet::addSubresourceStyleURLs):
1114         * css/CSSStyleSelector.cpp:
1115         (WebCore::RuleSet::addRulesFromSheet):
1116         * inspector/InspectorCSSAgent.cpp:
1117         (WebCore::InspectorCSSAgent::collectStyleSheets):
1118         * page/PageSerializer.cpp:
1119         (WebCore::PageSerializer::serializeCSSStyleSheet):
1120
1121             Use more specific CSSRule* since that's what we get from
1122             CSSStyleSheet::item() now.
1123
1124         * css/StyleSheet.cpp:
1125         (WebCore::StyleSheet::~StyleSheet):
1126         * css/CSSStyleSheet.cpp:
1127         (WebCore::CSSStyleSheet::~CSSStyleSheet):
1128         * xml/XSLStyleSheetLibxslt.cpp:
1129         (WebCore::XSLStyleSheet::~XSLStyleSheet):
1130         * xml/XSLStyleSheetQt.cpp:
1131         (WebCore::XSLStyleSheet::~XSLStyleSheet):
1132
1133             Orphaning logic from ~StyleSheet() moved to subclass dtors.
1134
1135         * css/StyleSheet.h:
1136         * css/CSSStyleSheet.h:
1137         (WebCore::CSSStyleSheet::length):
1138         (WebCore::CSSStyleSheet::item):
1139         * css/CSSStyleSheet.cpp:
1140         (WebCore::CSSStyleSheet::append):
1141         (WebCore::CSSStyleSheet::insert):
1142         (WebCore::CSSStyleSheet::remove):
1143
1144             Moved from StyleSheet and changed to only accept CSSRules.
1145
1146         * css/StyleSheet.h:
1147         * xml/XSLStyleSheet.h:
1148         (WebCore::XSLStyleSheet::length):
1149         (WebCore::XSLStyleSheet::item):
1150         (WebCore::XSLStyleSheet::append):
1151         (WebCore::XSLStyleSheet::insert):
1152         (WebCore::XSLStyleSheet::remove):
1153
1154             Moved from StyleSheet though still uses StyleBase.
1155
1156 2011-10-14 Yuji Sanachan <sanachan.y@gmail.com>
1157
1158         Include dom/ExceptionCode.h instead of Filesystem APIs headers
1159         to fix compile error when ENABLE_WORKERS=1 and ENABLE_FILE_SYSTEM=0
1160         https://bugs.webkit.org/show_bug.cgi?id=70036
1161
1162         Reviewed by Darin Adler.
1163
1164         * workers/WorkerContext.cpp:
1165         (WebCore::WorkerContext::importScript):
1166
1167 2011-10-14  Darin Adler  <darin@apple.com>
1168
1169         Text drawn via -webkit-background-clip:text should be non-blurry with all scaling 
1170         techniques
1171         https://bugs.webkit.org/show_bug.cgi?id=68641
1172
1173         Reviewed by Simon Fraser. Committed by Beth Dakin.
1174
1175         * platform/graphics/GraphicsContext.cpp:
1176         (WebCore::GraphicsContext::createCompatibleBuffer): Allocate a buffer based on the 
1177         scale
1178         factor of the context.
1179         * platform/graphics/GraphicsContext.h: Added createCompatibleBuffer.
1180
1181         * rendering/RenderBoxModelObject.cpp:
1182         (WebCore::RenderBoxModelObject::paintFillLayerExtended): Use 
1183         createCompatibleBuffer.
1184
1185 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
1186
1187         Move selectionStartStyle and selectionHasStyle to EditingStyle
1188         https://bugs.webkit.org/show_bug.cgi?id=69882
1189
1190         Reviewed by Enrica Casucci.
1191
1192         Moved selectionHasStyle and selectionStartStyle from Editor to EditingStyle.
1193         Also moved much of code in Editor::selectionStartCSSPropertyValue to method of EditingStyle.
1194
1195         In addition, moved Range::editingStartPosition to htmlediting where it belongs
1196         and renamed it to adjustedSelectionStartForStyleComputation.
1197
1198         * dom/Range.cpp:
1199         * dom/Range.h:
1200         * editing/EditingStyle.cpp:
1201         (WebCore::EditingStyle::triStateOfStyle): Extracted from selectionHasStyle.
1202         (WebCore::EditingStyle::legacyFontSize): Extracted from selectionStartCSSPropertyValue.
1203         (WebCore::EditingStyle::styleAtSelectionStart): Moved from Editor::selectionStartStyle.
1204         * editing/EditingStyle.h:
1205         * editing/Editor.cpp:
1206         (WebCore::Editor::fontForSelection):
1207         (WebCore::Editor::selectionStartHasStyle):
1208         (WebCore::Editor::selectionHasStyle):
1209         (WebCore::Editor::selectionStartCSSPropertyValue):
1210         * editing/Editor.h:
1211         * editing/EditorCommand.cpp:
1212         (WebCore::executeToggleStyleInList):
1213         * editing/htmlediting.cpp:
1214         (WebCore::adjustedSelectionStartForStyleComputation): Moved from Range::editingStartPosition.
1215         * editing/htmlediting.h:
1216
1217 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
1218
1219         Redundant comparison in AccessibilityObject.cpp updateAXLineStartForVisiblePosition
1220         https://bugs.webkit.org/show_bug.cgi?id=70074
1221
1222         Reviewed by Chris Fleizach.
1223
1224         Removed redundant code.
1225
1226         * accessibility/AccessibilityObject.cpp:
1227         (WebCore::updateAXLineStartForVisiblePosition):
1228
1229 2011-10-12  Ryosuke Niwa  <rniwa@webkit.org>
1230
1231         Make the interface of locationAndLengthFromRange and rangeFromLocationAndLength consistent
1232         https://bugs.webkit.org/show_bug.cgi?id=69964
1233
1234         Reviewed by Enrica Casucci.
1235
1236         Extracted the logic to determine the scope element as FrameSelection::rootEditableElementOrDocumentElement
1237         and deployed it in WebKit layer. Made locationAndLengthFromRange take a scope element and renamed it to
1238         getLocationAndLengthFromRange.
1239
1240         * WebCore.exp.in:
1241         * editing/FrameSelection.cpp:
1242         (WebCore::FrameSelection::rootEditableElementOrDocumentElement):
1243         * editing/FrameSelection.h:
1244         * editing/TextIterator.cpp:
1245         (WebCore::TextIterator::getLocationAndLengthFromRange):
1246         * editing/TextIterator.h:
1247
1248 2011-10-13  Arko Saha  <arko@motorola.com>
1249
1250         Microdata: Basic implementation of document.getItems() method.
1251         https://bugs.webkit.org/show_bug.cgi?id=68610
1252
1253         Reviewed by Ryosuke Niwa.
1254
1255         Added ENABLE(MICRODATA) feature flag. Implement document.getItems() DOM API.
1256         Spec: http://www.whatwg.org/specs/web-apps/current-work/complete/microdata.html
1257
1258         Tests: fast/dom/MicroData/001.html
1259                fast/dom/MicroData/002.html
1260                fast/dom/MicroData/003.html
1261                fast/dom/MicroData/004.html
1262                fast/dom/MicroData/005.html
1263                fast/dom/MicroData/006.html
1264                fast/dom/MicroData/007.html
1265                fast/dom/MicroData/008.html
1266                fast/dom/MicroData/009.html
1267
1268         * CMakeLists.txt:
1269         * DerivedSources.make:
1270         * GNUmakefile.am:
1271         * GNUmakefile.list.am:
1272         * WebCore.gypi:
1273         * WebCore.pro:
1274         * WebCore.vcproj/WebCore.vcproj:
1275         * dom/Document.cpp:
1276         (WebCore::Document::getItems): Returns NodeList of the element in the Document that
1277         create items, that are not part of other items, and that are of one of the types
1278         given in the argument. If no tokens specified/undefined in the argument, then
1279         return a NodeList containing all top level microdata items.
1280         (WebCore::Document::removeCachedMicroDataItemList): Remove Microdata item node list
1281         from cache.
1282         * dom/Document.h:
1283         * dom/Document.idl: Added getItems() microdata DOM API.
1284         * dom/MicroDataItemList.cpp: Added.
1285         (WebCore::MicroDataItemList::MicroDataItemList):
1286         (WebCore::MicroDataItemList::~MicroDataItemList):
1287         (WebCore::MicroDataItemList::nodeMatches):
1288         * dom/MicroDataItemList.h: Added.
1289         (WebCore::MicroDataItemList::create):
1290         * dom/Node.cpp:
1291         (WebCore::Node::itemTypeAttributeChanged): It is responsible to invalidate the Microdata
1292         item node cache when itemType attribute changes.
1293         (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
1294         (WebCore::NodeListsNodeData::invalidateMicrodataItemListCaches): Invalidate Microdata item
1295         list cache.
1296         (WebCore::NodeListsNodeData::isEmpty):
1297         * dom/Node.h:
1298         * dom/NodeRareData.h:
1299         * features.pri:
1300         * html/HTMLAttributeNames.in: Added itemid, itemprop, itemscope, itemtype attributes.
1301         * html/HTMLElement.cpp:
1302         (WebCore::HTMLElement::parseMappedAttribute): Handle itemtype attribute change.
1303         * html/HTMLElement.idl: Added itemid, itemprop, itemscope, itemtypes microdata attributes.
1304
1305 2011-10-14  Andreas Kling  <kling@webkit.org>
1306
1307         Stricter management of WebKitCSSKeyframeRules.
1308         https://bugs.webkit.org/show_bug.cgi?id=70109
1309
1310         Reviewed by Antti Koivisto.
1311
1312         Covered by existing tests.
1313
1314         * css/CSSParser.h:
1315         * css/CSSParser.cpp:
1316         (WebCore::CSSParser::parseKeyframeRule):
1317
1318             Return a WebKitCSSKeyframeRule instead of a CSSRule.
1319
1320         * css/CSSRuleList.cpp:
1321         (WebCore::CSSRuleList::deleteRule):
1322         * css/WebKitCSSKeyframesRule.cpp:
1323         (WebCore::WebKitCSSKeyframesRule::deleteRule):
1324
1325             Moved style sheet orphaning logic for @-webkit-keyframe
1326             from CSSRuleList into WebKitCSSKeyframesRule::deleteRule()
1327             since that's the only caller operating on those rules.
1328
1329         * css/WebKitCSSKeyframesRule.cpp:
1330         (WebCore::WebKitCSSKeyframesRule::~WebKitCSSKeyframesRule):
1331         (WebCore::WebKitCSSKeyframesRule::length):
1332         (WebCore::WebKitCSSKeyframesRule::item):
1333         (WebCore::WebKitCSSKeyframesRule::insertRule):
1334
1335             Change isKeyframeRule() checks to assertions since we know
1336             our rules are always WebKitCSSKeyframeRules. Also tidied up.
1337
1338 2011-10-14  Andreas Kling  <kling@webkit.org>
1339
1340         Unreviewed, actually remove StyleList.* after r97640.
1341
1342         * css/StyleList.cpp: Removed.
1343         * css/StyleList.h: Removed.
1344
1345 2011-10-14  Andreas Kling  <kling@webkit.org>
1346
1347         Merge StyleList into StyleSheet.
1348         https://bugs.webkit.org/show_bug.cgi?id=70100
1349
1350         Reviewed by Antti "printf" Koivisto.
1351
1352         Merge all functionality from StyleList into StyleSheet,
1353         since StyleSheet was the only subclass of StyleList anyway.
1354
1355         Also removed FIXME's about throwing exceptions in CSSRuleList
1356         since they were incorrect. The call sites already handle the
1357         relevant cases.
1358
1359         * CMakeLists.txt:
1360         * GNUmakefile.list.am:
1361         * WebCore.gypi:
1362         * WebCore.pro:
1363         * WebCore.vcproj/WebCore.vcproj:
1364         * WebCore.xcodeproj/project.pbxproj:
1365         * bindings/js/JSCSSRuleListCustom.cpp:
1366         (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots):
1367         * css/CSSRuleList.cpp:
1368         (WebCore::CSSRuleList::CSSRuleList):
1369         (WebCore::CSSRuleList::length):
1370         (WebCore::CSSRuleList::item):
1371         (WebCore::CSSRuleList::deleteRule):
1372         (WebCore::CSSRuleList::append):
1373         (WebCore::CSSRuleList::insertRule):
1374         * css/CSSRuleList.h:
1375         (WebCore::CSSRuleList::create):
1376         (WebCore::CSSRuleList::styleSheet):
1377         * css/StyleList.cpp: Removed.
1378         * css/StyleList.h: Removed.
1379         * css/StyleSheet.cpp:
1380         (WebCore::StyleSheet::StyleSheet):
1381         (WebCore::StyleSheet::append):
1382         (WebCore::StyleSheet::insert):
1383         (WebCore::StyleSheet::remove):
1384         * css/StyleSheet.h:
1385         (WebCore::StyleSheet::length):
1386         (WebCore::StyleSheet::item):
1387
1388 2011-10-14  Mihnea Ovidenie  <mihnea@adobe.com>
1389
1390         [CSS Regions] Change -webkit-flow to -webkit-flow-into
1391         https://bugs.webkit.org/show_bug.cgi?id=70014
1392
1393         Reviewed by David Hyatt.
1394
1395         1. -webkit-flow is renamed to -webkit-flow-into
1396         2. -webkit-flow-into takes <ident> instead of strings
1397
1398         * css/CSSComputedStyleDeclaration.cpp:
1399         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1400         * css/CSSParser.cpp:
1401         (WebCore::CSSParser::parseValue):
1402         (WebCore::validFlowName):
1403         (WebCore::CSSParser::parseFlowThread):
1404         * css/CSSPropertyNames.in:
1405         * css/CSSStyleSelector.cpp:
1406         (WebCore::CSSStyleSelector::applyProperty):
1407
1408 2011-10-12  Hans Wennborg  <hans@chromium.org>
1409
1410         IndexedDB: Remove SQLite backing store
1411         https://bugs.webkit.org/show_bug.cgi?id=69620
1412
1413         Reviewed by Darin Fisher.
1414
1415         Remove the SQLite backing store implementation; it is not used anymore.
1416         Also remove the maximumSize parameter, it is not used either.
1417
1418         No new functionality, so no new tests.
1419
1420         * GNUmakefile.list.am:
1421         * WebCore.gypi:
1422         * storage/IDBBackingStore.h:
1423         * storage/IDBFactory.cpp:
1424         (WebCore::IDBFactory::getDatabaseNames):
1425         (WebCore::IDBFactory::open):
1426         * storage/IDBFactoryBackendImpl.cpp:
1427         (WebCore::computeFileIdentifier):
1428         (WebCore::computeUniqueIdentifier):
1429         (WebCore::IDBFactoryBackendImpl::getDatabaseNames):
1430         (WebCore::IDBFactoryBackendImpl::open):
1431         (WebCore::IDBFactoryBackendImpl::openBackingStore):
1432         * storage/IDBFactoryBackendImpl.h:
1433         * storage/IDBFactoryBackendInterface.h:
1434         * storage/IDBLevelDBBackingStore.cpp:
1435         (WebCore::IDBLevelDBBackingStore::open):
1436         * storage/IDBLevelDBBackingStore.h:
1437         * storage/IDBSQLiteBackingStore.cpp: Removed.
1438         * storage/IDBSQLiteBackingStore.h: Removed.
1439
1440 2011-10-14  Nikolas Zimmermann  <nzimmermann@rim.com>
1441
1442         Not reviewed. Fix mac builds. r97448 broke them.
1443
1444         * WebCore.xcodeproj/project.pbxproj: Set ImageBySizeCache.h role to private.
1445
1446 2011-10-14  Justin Schuh  <jschuh@chromium.org>
1447
1448         Clear WebMediaPlayerClientImpl back pointer on destruction
1449         https://bugs.webkit.org/show_bug.cgi?id=69973
1450
1451         Reviewed by James Robinson.
1452
1453         Clear the backpointer and remove the unused m_currentFrame
1454
1455         * platform/graphics/chromium/VideoLayerChromium.cpp:
1456         (WebCore::VideoLayerChromium::VideoLayerChromium):
1457         (WebCore::VideoLayerChromium::cleanupResources):
1458         (WebCore::VideoLayerChromium::updateCompositorResources):
1459         (WebCore::VideoLayerChromium::releaseProvider):
1460         * platform/graphics/chromium/VideoLayerChromium.h:
1461
1462 2011-10-13  Hans Wennborg  <hans@chromium.org>
1463
1464         IndexedDB: Make IDBCursor.value() return an IDBAny object
1465         https://bugs.webkit.org/show_bug.cgi?id=70024
1466
1467         Reviewed by Tony Chang.
1468
1469         This is to work around the fact that the V8 bindings mechanism does
1470         eager deserialization of SerializedScriptValue attributes. This means
1471         that the value is fetched from the back-end only once, when the
1472         IDBCursor is first wrapped. When the cursor's value changes, this is
1473         not reflected.
1474
1475         We work around this by making IDBCursor.value() return the
1476         SerializedScriptValue wrapped in an IDBAny object.
1477
1478         * storage/IDBCursor.cpp:
1479         (WebCore::IDBCursor::value):
1480         * storage/IDBCursor.h:
1481         * storage/IDBCursorWithValue.idl:
1482
1483 2011-10-14  Rémi Duraffort  <remi.duraffort@st.com>
1484
1485         Fix compilation when the JS Debugger is disabled.
1486         https://bugs.webkit.org/show_bug.cgi?id=70007
1487
1488         Reviewed by Antti Koivisto.
1489
1490         * inspector/InspectorInstrumentation.cpp:
1491         (WebCore::InspectorInstrumentation::willEvaluateWorkerScript):
1492         * inspector/InspectorRuntimeAgent.cpp:
1493         * inspector/InspectorRuntimeAgent.h:
1494         * inspector/WorkerInspectorController.cpp:
1495         * inspector/WorkerInspectorController.h:
1496         * workers/WorkerMessagingProxy.cpp:
1497         (WebCore::WorkerMessagingProxy::disconnectFromInspector):
1498         (WebCore::WorkerMessagingProxy::sendMessageToInspector):
1499
1500 2011-10-13  Nikolas Zimmermann  <nzimmermann@rim.com>
1501
1502         Prepare SVGImage intrinsic size negotiation: Introduce an IntSize <-> SVGImage cache in CachedImage
1503         https://bugs.webkit.org/show_bug.cgi?id=69416
1504
1505         Reviewed by Antti Koivisto.
1506
1507         Refactor ImageBySizeCache out of CSSImageGeneratorValue as CachedImage wants to use the same type of cache for its purposes.
1508         When introducing the SVGImage intrinsic size negotiation the container size of an SVGImage is dependant on the place where
1509         it gets embedded (eg width/height attributes of host documents <img> force a certain size).
1510
1511         Currently CachedImage only contains a single RefPtr<Image>, which it constructs out of the decoded data.
1512         Multiple RenderObjects share the same CachedImages, when embedding eg. a SVG document in a <html:img> or using it in a background-image for a <div>.
1513         Consider the case where two RenderObjects use the same CachedImage, each with a different container size (200x100 vs 100x200) and the embedded
1514         document contains a viewBox and some arbitary preserveAspectRatio settings. To honour these we have to relayout the document with the desired
1515         size (percentual unit resolving etc, all depend on the RenderSVGRoots size).
1516
1517         With the current design this is hard to realize, w/o requring to relayout the embedded document for each embedder that uses an SVGImage.
1518         This patch introduces a cache right within CachedImage, which manages a map of images to certain sizes, by utilizing the new ImageBySizeCache.
1519
1520         CachedImage::imageForRenderer() takes a RenderObject* parameter, which it uses to look up the last set image container size for a renderer.
1521         Using that size it queries the cache whether it already has an SVGImage for that size, if not it gets created, by creating a whole
1522         new instance of SVGImage, filling it with the already decoded data, and passing on a fixed image container size, which overrides the
1523         size that RenderSVGRoot reports, when computeReplacedLogicalWidth/Height is called and thus laying out the document at the desired size.
1524         This image is then put in the cache for further reusability.
1525
1526         Likewise CachedImage::setContainerSizeForRenderer() now takes a RenderObject* parameter and stores that in the cache with an associated container size.
1527         It requires to touch several files which use CachedImage throughout WebCore/WebKit/WebKit2.
1528
1529         The actual cache is not yet turned on yet, so this is not a functional change so far, as it needs some other changes to SVGImage,
1530         which will come with the master patch in bug 47156.
1531
1532         No new tests yet, as the new cache isn't turned on yet.
1533
1534         * CMakeLists.txt: Add rendering/ImageBySizeCache.* to build.
1535         * GNUmakefile.list.am: Ditto.
1536         * WebCore.gypi: Ditto.
1537         * WebCore.pro: Ditto.
1538         * WebCore.vcproj/WebCore.vcproj: Ditto.
1539         * WebCore.xcodeproj/project.pbxproj: Ditto.
1540         * accessibility/AccessibilityRenderObject.cpp:
1541         (WebCore::AccessibilityRenderObject::accessibilityIsIgnored): Use new CachedImage::imageSizeForRenderer(RenderObject*) method.
1542         * bindings/objc/DOM.mm: Ditto (for CachedImage::image()).
1543         (-[DOMElement image]):
1544         (-[DOMElement _imageTIFFRepresentation]):
1545         * bridge/qt/qt_pixmapruntime.cpp:
1546         (JSC::Bindings::QtPixmapInstance::variantFromObject): Ditto (for CachedImage::image()).
1547         * css/CSSCanvasValue.cpp: s/m_clients/clients()/, which now live in the ImageBySizeCache instead of CSSImageGeneratorValue.
1548         (WebCore::CSSCanvasValue::canvasChanged):
1549         (WebCore::CSSCanvasValue::canvasResized):
1550         (WebCore::CSSCanvasValue::image):
1551         * css/CSSGradientValue.cpp: Ditto.
1552         (WebCore::CSSGradientValue::image):
1553         * css/CSSImageGeneratorValue.cpp: Move the sizes/clients/images cache into a new ImageBySizeCache class, to make it usable for CachedImage as well.
1554         (WebCore::CSSImageGeneratorValue::addClient): Adapt to move.
1555         (WebCore::CSSImageGeneratorValue::removeClient): Ditto.
1556         (WebCore::CSSImageGeneratorValue::getImage): Ditto.
1557         (WebCore::CSSImageGeneratorValue::putImage): Ditto.
1558         * css/CSSImageGeneratorValue.h:
1559         (WebCore::CSSImageGeneratorValue::clients): Forwarded to the ImageBySizeCache.
1560         * editing/DeleteButtonController.cpp: 
1561         (WebCore::isDeletableElement): CachedImage::canRender() now takes a RenderObject* parameter.
1562         * html/HTMLImageElement.cpp:
1563         (WebCore::HTMLImageElement::width): Use new CachedImage::imageSizeForRenderer(RenderObject*) method.
1564         (WebCore::HTMLImageElement::height): Ditto.
1565         (WebCore::HTMLImageElement::naturalWidth): Ditto.
1566         (WebCore::HTMLImageElement::naturalHeight): Ditto.
1567         * html/ImageDocument.cpp:
1568         (WebCore::ImageDocumentParser::finish): Ditto.
1569         (WebCore::ImageDocument::scale): Ditto.
1570         (WebCore::ImageDocument::resizeImageToFit): Ditto.
1571         (WebCore::ImageDocument::imageUpdated): Ditto.
1572         (WebCore::ImageDocument::restoreImageSize): Ditto.
1573         (WebCore::ImageDocument::imageFitsInWindow): Ditto.
1574         * html/canvas/CanvasRenderingContext.cpp:
1575         (WebCore::CanvasRenderingContext::wouldTaintOrigin): Use new CachedImage::imageForRenderer(RenderObject*) method.
1576         * html/canvas/CanvasRenderingContext2D.cpp:
1577         (WebCore::isOriginClean): Ditto.
1578         (WebCore::size): Ditto (for CachedImage::imageSizeForRenderer()).
1579         (WebCore::CanvasRenderingContext2D::drawImage): Ditto.
1580         (WebCore::CanvasRenderingContext2D::createPattern): Ditto.
1581         * html/canvas/WebGLRenderingContext.cpp:
1582         (WebCore::WebGLRenderingContext::texImage2D): Ditto.
1583         (WebCore::WebGLRenderingContext::texSubImage2D): Ditto.
1584         * loader/cache/CachedImage.cpp: Add currently _disabled_ cache for SVGImages. The intrinsic size negotiation will need to use multiple SVGImages
1585         for each requested size (equal to the size of the embedding place for the image) - make it possible to cache these SVGImages, and maintain a cache
1586         for them. The hash code is a 1:1 refactoring from the already present code in CSSImageGeneratorValue, now named 'ImageBySizeCache'.
1587         (WebCore::CachedImage::lookupImageForSize): Looks up an Image from the cache for a given IntSize. Currently turned off.
1588         (WebCore::CachedImage::lookupImageForRenderer): Looks up an Image from the cache for a given renderer. Currently turned off.
1589         (WebCore::CachedImage::lookupOrCreateImageForRenderer): Looks up an Image from the cache or creates a new SVGImage for a given size and caches it, if possible. Currently turned off.
1590         All following changes share this: Don't operate on m_image directly, instead always look up one from the cache for a given size or renderer - if that's not present fallback to m_image.
1591         When an SVGImage is first created by CachedImage::createImage() and stored in m_image, the cache remains empty.
1592
1593         If eg. <img width="30" height="70" src="foo.svg"> is used which implies a container size of 30x70 a new SVGImage is created with the additional information of a 30x70 container size
1594         which is immediately passed to the SVGImage after its creation. This SVGImage is put in the ImageBySizeCache associated with a container size of 30x70.
1595         We now have two SVGImage objects present, one living in CachedImage::m_image, created by createImage() during data decoding, and one living in the ImageBySizeCache
1596         created by lookupOrCreateImageForRenderer() associated with the 30x70 container. The first SVGImage::size() will return a value as defined in the referenced foo.svg,
1597         whereas the SVGImage::size() call of the new SVGImage living in the cache reports 30x70 and renders according to that.
1598
1599         Whenever any method of CachedImage is called with a RenderObject* or IntSize, we can't just operate on m_image anymore but instead have to lookup the right
1600         images for a certain renderer/size from the cache and operate on these. When calling eg. CachedImage::image() with a null renderer, m_image is returned.
1601         When passing with a valid renderer only cache lookups are done if the m_image is actually a SVGImage, otherwhise lookupImageForSize/Renderer will just return the m_image.
1602         There is no logical change induced for non-SVGImage derived images.
1603
1604         CachedImage::image() of course needs a RenderObject* parameter now, to identify which of the images from the cache to use, if the underlying image is a SVGImage.
1605         Luckily these information are already present in StyleCachedImage/StyleImage & friends and only need to be added for some additional methods.
1606         (WebCore::CachedImage::image): FIXME
1607         (WebCore::CachedImage::imageForRenderer): Call lookupOrCreateImageForRenderer() instead of returning m_image, if it's not null. Its a no-op for non SVGImage derived objects.
1608         (WebCore::CachedImage::setContainerSizeForRenderer): For non-SVGImages, just pass on the size to the m_image. For SVGImages, associate the passed in renderer with the IntSize in the cache.
1609                                                              This does NOT create the SVGImage yet, this is delayed until imageForRenderer() is called for a given renderer that wants this size.
1610         (WebCore::CachedImage::imageSize): Don't operate on m_image, ask lookupImageForRenderer() with the incoming renderer.
1611         (WebCore::CachedImage::imageRect): Ditto.
1612         (WebCore::CachedImage::clear): Force clearing the m_svgImageCache.
1613         (WebCore::CachedImage::data): Call m_image->size() instead of imageSize(), to avoid having to pass a null renderer to imageSize() as here no renderer is available yet.
1614         (WebCore::CachedImage::destroyDecodedData): Don't destroy decoded data for SVG images, as m_data needs to be accessable at any time to construct a cloned SVGImage.
1615                                                     In future we don't need this anymore if we make sure multiple SVGImages share the same trees, but that's for a follow-up patch.
1616         (WebCore::CachedImage::decodedSizeChanged): Don't operate on m_image, ask lookupImageForRenderer() with the incoming renderer.
1617         (WebCore::CachedImage::didDraw): Ditto.
1618         (WebCore::CachedImage::shouldPauseAnimation): Ditto.
1619         (WebCore::CachedImage::animationAdvanced): Ditto.
1620         (WebCore::CachedImage::changedInRect): Ditto. (eg. when leaving out this change animated SVG images wouldn't update anymore, as the animation didn't happen on m_image!)
1621         * loader/cache/CachedImage.h: imageForRenderer/canRender/setContainerSizeForRenderer/imageSizeForRenderer now all take a RenderObject* parameter to identifiy the current user of the image.
1622         (WebCore::CachedImage::canRender): Pass on the incoming renderer to imageSizeForRenderer().
1623         * page/DragController.cpp:
1624         (WebCore::getImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1625         * page/EventHandler.cpp:
1626         (WebCore::EventHandler::selectCursor): Ditto.
1627         * page/PageSerializer.cpp:
1628         (WebCore::PageSerializer::serializeFrame): Ditto.
1629         (WebCore::PageSerializer::addImageToResources): Ditto.
1630         (WebCore::PageSerializer::retrieveResourcesForCSSDeclaration): Ditto.
1631         * page/PageSerializer.h:
1632         * platform/chromium/ClipboardChromium.cpp:
1633         (WebCore::writeImageToDataObject): Ditto.
1634         * platform/chromium/PasteboardChromium.cpp:
1635         (WebCore::Pasteboard::writeImage): Ditto.
1636         * platform/graphics/Image.h:
1637         (WebCore::Image::isSVGImage): Add boolean helper to identify SVGImages, just like isBitmapImage().
1638         * platform/gtk/ClipboardGtk.cpp:
1639         (WebCore::ClipboardGtk::declareAndWriteDragImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1640         * platform/gtk/PasteboardGtk.cpp:
1641         (WebCore::Pasteboard::writeImage): Ditto.
1642         * platform/mac/HTMLConverter.mm:
1643         (fileWrapperForElement): Ditto.
1644         * platform/mac/PasteboardMac.mm:
1645         (WebCore::Pasteboard::writeImage): Ditto.
1646         * platform/qt/ClipboardQt.cpp:
1647         (WebCore::ClipboardQt::declareAndWriteDragImage): Ditto.
1648         * platform/qt/PasteboardQt.cpp:
1649         (WebCore::Pasteboard::writeImage): Ditto.
1650         * platform/win/ClipboardWin.cpp:
1651         (WebCore::writeImageToDataObject): Ditto.
1652         * platform/win/PasteboardWin.cpp:
1653         (WebCore::Pasteboard::writeImage): Ditto.
1654         * platform/wince/PasteboardWinCE.cpp:
1655         (WebCore::Pasteboard::writeImage): Ditto.
1656         * rendering/HitTestResult.cpp:
1657         (WebCore::HitTestResult::image): Ditto.
1658         * rendering/ImageBySizeCache.cpp: Copied from WebCore/css/CSSImageGeneratorValue.cpp, to preserve history for the original cache code.
1659         (WebCore::ImageBySizeCache::ImageBySizeCache): Straight copy from CSSImageGeneratorValue, renamed to ImageBySizeCache, removing all but the cache relevant code.
1660         (WebCore::ImageBySizeCache::addClient): Ditto.
1661         (WebCore::ImageBySizeCache::removeClient): Ditto.
1662         (WebCore::ImageBySizeCache::getImage): Ditto.
1663         (WebCore::ImageBySizeCache::putImage): Ditto.
1664         (WebCore::ImageBySizeCache::clear): New function, that clears the cache, introduced for the needs of CachedImage.
1665         (WebCore::ImageBySizeCache::imageForSize): New function to query an Image* for a given IntSize, introduced for the needs of CachedImage.
1666         (WebCore::ImageBySizeCache::sizeForClient): New function to query an IntSize for a given renderer.
1667         * rendering/ImageBySizeCache.h: Copied from WebCore/css/CSSImageGeneratorValue.h.
1668         (WebCore::ImageBySizeCache::clients):
1669         * rendering/InlineFlowBox.cpp:
1670         (WebCore::InlineFlowBox::paintFillLayer): CachedImage::canRender() now takes a RenderObject* parameter.
1671         (WebCore::InlineFlowBox::paintBoxDecorations): Ditto.
1672         (WebCore::InlineFlowBox::paintMask): Ditto.
1673         * rendering/RenderBox.cpp:
1674         (WebCore::RenderBox::paintMaskImages): Ditto.
1675         (WebCore::RenderBox::repaintLayerRectsForImage): Ditto.
1676         * rendering/RenderBoxModelObject.cpp:
1677         (WebCore::RenderBoxModelObject::paintFillLayerExtended): Ditto.
1678         (WebCore::RenderBoxModelObject::calculateFillTileSize): Ditto (for CachedImage::setContainerSizeForRenderer()).
1679         (WebCore::RenderBoxModelObject::paintNinePieceImage): Ditto.
1680         * rendering/RenderImage.cpp:
1681         (WebCore::RenderImage::imageSizeForError): Use new CachedImage::imageForRenderer(RenderObject*) method.
1682         (WebCore::RenderImage::setImageSizeForAltText): Ditto.
1683         (WebCore::RenderImage::computeReplacedLogicalWidth): FIXME
1684         * rendering/RenderImageResource.cpp:
1685         (WebCore::RenderImageResource::setContainerSizeForRenderer): Pass on m_renderer to CachedImage::setContainerSizeForRenderer().
1686         * rendering/RenderImageResource.h: Remove constness from setContainerSizeForRenderer.
1687         (WebCore::RenderImageResource::image): Pass on m_renderer to CachedImage::image().
1688         (WebCore::RenderImageResource::imageSize): Pass on m_renderer to CachedImage::imageSizeForRenderer().
1689         * rendering/RenderImageResourceStyleImage.h:
1690         (WebCore::RenderImageResourceStyleImage::setContainerSizeForRenderer): Remove constness, pass on m_renderer to StyleImage::setContainerSizeForRenderer().
1691         * rendering/RenderLayerBacking.cpp:
1692         (WebCore::RenderLayerBacking::isDirectlyCompositedImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1693         (WebCore::RenderLayerBacking::updateImageContents): Ditto.
1694         * rendering/RenderListMarker.cpp:
1695         (WebCore::RenderListMarker::computePreferredLogicalWidths): CachedImage::setContainerSizeForRenderer() now takes a RenderObject* parameter.
1696         * rendering/RenderObject.cpp:
1697         (WebCore::mustRepaintFillLayers): CachedImage::canRender() now takes a RenderObject* parameter.
1698         (WebCore::RenderObject::borderImageIsLoadedAndCanBeRendered): Ditto.
1699         * rendering/style/StyleCachedImage.cpp:
1700         (WebCore::StyleCachedImage::canRender): Pass on incoming renderer to CachedImage::canRender().
1701         (WebCore::StyleCachedImage::imageSize): Pass on incoming renderer to CachedImage::imageSizeForRenderer().
1702         (WebCore::StyleCachedImage::setContainerSizeForRenderer): Pass on incoming renderer to CachedImage::setContainerSizeForRenderer().
1703         (WebCore::StyleCachedImage::addClient): Remove unneeded return statment in void method.
1704         (WebCore::StyleCachedImage::removeClient): Ditto.
1705         (WebCore::StyleCachedImage::image): Pass on incoming renderer to CachedImage::image().
1706         * rendering/style/StyleCachedImage.h: Add RenderObject* parameter to canRender()/setContainerSizeForRenderer(). image() already has one, that was unused so far.
1707         * rendering/style/StyleGeneratedImage.cpp: Inlined setContainerSizeForRenderer.
1708         * rendering/style/StyleGeneratedImage.h: 
1709         (WebCore::StyleGeneratedImage::setContainerSizeForRenderer): Add RenderObject* parameter.
1710         * rendering/style/StyleImage.h:
1711         (WebCore::StyleImage::canRender): Ditto.
1712         * rendering/style/StylePendingImage.h:
1713         (WebCore::StylePendingImage::setContainerSizeForRenderer): Ditto.
1714         * svg/SVGFEImageElement.cpp:
1715         (WebCore::SVGFEImageElement::build): Use new CachedImage::imageForRenderer(RenderObject*) method.
1716         * svg/graphics/SVGImage.cpp: Cleanup file, the include hack seems not needed anymore.
1717         (WebCore::SVGImage::setContainerSize): s/LayoutSize/IntSize/ to match the code in platform/.
1718         * svg/graphics/SVGImage.h: Ditto.
1719         (WebCore::SVGImage::isSVGImage): Return true.
1720
1721 2011-10-13  Kenichi Ishibashi  <bashi@chromium.org>
1722
1723         [Chromium] Uninitialized read in WebCore::*Font* / HB_GSUB_Select_Feature
1724         https://bugs.webkit.org/show_bug.cgi?id=70087
1725
1726         Reviewed by Kent Tamura.
1727
1728         Initialize local variables in ComplexTextControllerLinux::setupfontFeatures.
1729
1730         No new tests because there is no behavior change. Manually tested with valgrind.
1731
1732         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
1733         (WebCore::setupFontFeatures):
1734
1735 2011-10-13  Csaba Osztrogonác  <ossy@webkit.org>
1736
1737         [Qt][Win] Unreviewed buildfix after r97433.
1738
1739         * platform/MemoryPressureHandler.h: Add a missing include.
1740
1741 2011-10-13  Adam Barth  <abarth@webkit.org>
1742
1743         Spelling error in v8WebSocket::constructorCallback error
1744         https://bugs.webkit.org/show_bug.cgi?id=63943
1745
1746         Reviewed by Kent Tamura.
1747
1748         Fix typo.
1749
1750         * bindings/v8/custom/V8WebSocketCustom.cpp:
1751         (WebCore::V8WebSocket::constructorCallback):
1752
1753 2011-10-13  Mark Hahnenberg  <mhahnenberg@apple.com>
1754
1755         Rename virtual getConstructData to getConstructDataVirtual
1756         https://bugs.webkit.org/show_bug.cgi?id=69872
1757
1758         Reviewed by Geoffrey Garen.
1759
1760         No new tests.
1761
1762         Renamed virtual getConstructData functions to getConstructDataVirtual to 
1763         avoid conflicts when we add static getConstructData to the MethodTable.
1764
1765         * WebCore.exp.in:
1766         * bindings/js/JSAudioConstructor.cpp:
1767         (WebCore::JSAudioConstructor::getConstructDataVirtual):
1768         * bindings/js/JSAudioConstructor.h:
1769         * bindings/js/JSImageConstructor.cpp:
1770         (WebCore::JSImageConstructor::getConstructDataVirtual):
1771         * bindings/js/JSImageConstructor.h:
1772         * bindings/js/JSOptionConstructor.cpp:
1773         (WebCore::JSOptionConstructor::getConstructDataVirtual):
1774         * bindings/js/JSOptionConstructor.h:
1775         * bindings/js/ScriptFunctionCall.cpp:
1776         (WebCore::ScriptFunctionCall::construct):
1777         * bindings/scripts/CodeGeneratorJS.pm:
1778         (GenerateConstructorDeclaration):
1779         (GenerateConstructorDefinition):
1780         * bindings/scripts/test/JS/JSTestInterface.cpp:
1781         (WebCore::JSTestInterfaceConstructor::getConstructDataVirtual):
1782         * bridge/runtime_object.cpp:
1783         (JSC::Bindings::RuntimeObject::getConstructDataVirtual):
1784         * bridge/runtime_object.h:
1785
1786 2011-10-13  Simon Fraser  <simon.fraser@apple.com>
1787
1788         Remove #include of <QuartzCore/QuartzCore.h> in a widely-used header.
1789
1790         Reviewed by Sam Weinig.
1791
1792         * platform/PlatformScreen.h: Typedef PlatformDisplayID to a uint32_t.
1793         * platform/graphics/DisplayRefreshMonitor.h: Typedef CVDisplayLinkRef as
1794         an opaque type to avoid bringing in QuartzCore.h, and move displayLinkCallback
1795         to the .cpp file since it uses Core Video types.
1796         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
1797         (WebCore::displayLinkCallback): Make this a local static function, that
1798         calls a member fuction on the object.
1799         (WebCore::DisplayRefreshMonitor::requestRefreshCallback):
1800         (WebCore::DisplayRefreshMonitor::displayLinkFired):
1801
1802 2011-10-13  Michael Saboff  <msaboff@apple.com>
1803
1804         REGRESSION: High frequency memory warnings cause Safari to hog the CPU doing useless garbage collection
1805         https://bugs.webkit.org/show_bug.cgi?id=69774
1806
1807         Throttle the processing of memory pressure events to no more often than once every 5 seconds.
1808
1809         Reviewed by Geoffrey Garen.
1810
1811         No new tests.
1812
1813         * platform/MemoryPressureHandler.cpp:
1814         (WebCore::MemoryPressureHandler::MemoryPressureHandler):
1815         * platform/MemoryPressureHandler.h:
1816         * platform/mac/MemoryPressureHandlerMac.mm:
1817         (WebCore::MemoryPressureHandler::respondToMemoryPressure):
1818
1819 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1820
1821         Implement an OverflowEvent constructor for V8
1822         https://bugs.webkit.org/show_bug.cgi?id=70017
1823
1824         Reviewed by Adam Barth.
1825
1826         Test: fast/events/constructors/overflow-event-constructor.html
1827
1828         * bindings/v8/custom/V8EventConstructors.cpp: Added an OverflowEvent constructor.
1829         * dom/OverflowEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
1830
1831 2011-10-13  Anantanarayanan G Iyengar  <ananta@chromium.org>
1832
1833         https://bugs.webkit.org/show_bug.cgi?id=70064
1834         
1835         The NPObjectWrapper class used by V8 bindings in Chromium to wrap the window
1836         script object was allocating an instance of itself in the NPAllocate
1837         implementation and returning this pointer. It should be returning a pointer
1838         to the wrapped NPObject structure (NPProxyObject). The member function
1839         getUnderlyingNPObject should return 0 if we fail to find the underlying NPObject
1840         for the call. It was incorrectly returning a pointer to the same NPObject in
1841         this case which could cause recursion. 
1842
1843         Reviewed by Nate Chapin.
1844
1845         No new tests as there is no change in functionality.
1846
1847         * bindings/v8/NPObjectWrapper.cpp:
1848         (WebCore::NPObjectWrapper::getObjectForCall):
1849         (WebCore::NPObjectWrapper::NPAllocate):
1850         * bindings/v8/NPObjectWrapper.h:
1851
1852 2011-10-13  Arthur Hsu  <arthurhsu@chromium.org>
1853
1854         Ensure font loaded before calling Skia to drawPosText in Chrome sandbox
1855         https://bugs.webkit.org/show_bug.cgi?id=69370
1856
1857         Reviewed by James Robinson.
1858
1859         * platform/graphics/chromium/FontChromiumWin.cpp:
1860         (WebCore::Font::drawGlyphs):
1861
1862 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1863
1864         Regarding constructor, replace [ConstructorWith=...] IDL with [CallWith=...] IDL
1865         https://bugs.webkit.org/show_bug.cgi?id=69801
1866
1867         As for constructors, [ConstructorWith=...] has the same meaning as [CallWith=...].
1868         We should deprecate [ConstructorWith=...]. This is a clean-up bug for the bug 65839.
1869
1870         Reviewed by Adam Barth.
1871
1872         No new tests, since no change in behavior.
1873
1874         * bindings/scripts/CodeGeneratorV8.pm: Replaced [ConstructorWith=...] IDL with [CallWith=...] IDL.
1875         (GenerateConstructorCallback):
1876         * bindings/scripts/test/TestInterface.idl: Ditto.
1877         * fileapi/FileReader.idl: Ditto.
1878         * p2p/PeerConnection.idl: Ditto.
1879         * page/EventSource.idl: Ditto.
1880         * workers/Worker.idl: Ditto.
1881
1882 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1883
1884         Constructor should not be called if the object is being constructed inside WebCore
1885         https://bugs.webkit.org/show_bug.cgi?id=70015
1886
1887         Reviewed by Adam Barth.
1888
1889         Summary: A DOM object can be created from the JS context and from the WebCore context.
1890         Constructor should be called if the object is created from the JS context,
1891         but should not be called if the object is created from the WebCore context.
1892
1893         Details:
1894         - Expected behavior when the object is created from the JS context (e.g. "new Event()"):
1895         (1) V8XXXX::constructorCallback() is called.
1896         (2) V8XXXX::constructorCallback() calls XXXX::create().
1897         (3) XXXX::create() creates a C++ object.
1898         (4) V8XXXX::constructorCallback() calls toV8() for the C++ object.
1899         (5) toV8() wraps the C++ object and returns the wrapped JS object.
1900
1901         - Actual behavior when the object is created from the JS context (e.g. "new Event()"):
1902         As described above (1) - (5). That's fine!!
1903
1904         - Expected behavior when the object is created from the WebCore context.
1905         (e.g. "window.addEventListener("load", function (event) { ... });". In this case,
1906         the Event object is created inside the WebCore context):
1907         (1) WebCore calls XXXX::create().
1908         (2) XXXX::create() creates a C++ object.
1909         (3) WebCore calls toV8() for the C++ object.
1910         (4) toV8() wraps the C++ object and returns the wrapped JS object.
1911
1912         - Actual behavior when the object is created from the WebCore context.
1913         (e.g. "window.addEventListener("load", function (event) { ... });"):
1914         (1) WebCore calls XXXX::create().
1915         (2) XXXX::create() creates a C++ object.
1916         (3) WebCore calls toV8() for the C++ object.
1917         (4) toV8() can call XXXX::constructorCallback(). (Whether or not toV8() calls
1918         XXXX::constructorCallback() depends on the implementation of toV8().)
1919         (5) V8XXXX::constructorCallback() calls XXXX::create().
1920         (6) XXXX::create() creates __another__ C++ object.
1921         (7) V8XXXX::constructorCallback() calls toV8() for the C++ object.
1922         (8) toV8() wraps the C++ object and returns the wrapped JS object.
1923
1924         This actual behavior definitely causes the following problems:
1925
1926         - Problem1: The object returned to JS is not the object created in (2)
1927         but the object created in (6). However, I do not yet know a test case that causes
1928         some visible bug because of this problem.
1929
1930         - Problem2: In (4), XXXX::constructorCallback() can be called with no argument.
1931         If XXXX::constructorCallback() expects at least one argument, XXXX::constructorCallback()
1932         throws TypeError, resulting in crash. For example, Event caused this problem
1933         when I implemented constructor for Event. Based on the discussion with Dominicc,
1934         we solved this problem by adding the following two lines of code to Event::constructorCallback()
1935         (See here: http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/bindings/v8/custom/V8EventConstructors.cpp&exact_package=chromium&q=allowallocation&type=cs):
1936
1937         XXXX::constructorCallback(...) {
1938             ...;
1939             if (AllowAllocation::current())
1940                 return args.Holder();
1941             ...;
1942         }
1943
1944         This if check means "XXXX::constructorCallback() returns immediately if it is called
1945         from the WebCore context".
1946
1947         With these observations, we think that all constructorCallback() should have the above
1948         if check. This patch adds the if check to CodeGeneratorV8.pm. After this patch is landed,
1949         I would like to add the if check to all existing custom V8 constructors.
1950
1951         No new tests, since we could not find a test case that causes some visible bug without the if check.
1952
1953         * bindings/scripts/CodeGeneratorV8.pm:
1954         (GenerateConstructorCallback): Generates a constructor so that it returns immediately without doing anything if the constructor is called from the WebCore context.
1955         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated the result.
1956         (WebCore::V8TestInterface::constructorCallback):
1957         * bindings/scripts/test/V8/V8TestObj.cpp: Ditto.
1958         (WebCore::V8TestObj::constructorCallback):
1959
1960 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1961
1962         Implement a BeforeLoadEvent constructor for V8
1963         https://bugs.webkit.org/show_bug.cgi?id=69980
1964
1965         Reviewed by Adam Barth.
1966
1967         Test: fast/events/constructors/before-load-event-constructor.html
1968
1969         * bindings/v8/custom/V8EventConstructors.cpp: Added a BeforeLoadEvent constructor.
1970         * dom/BeforeLoadEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
1971
1972 2011-10-13  Joshua Bell  <jsbell@chromium.org>
1973
1974         make IDBFactory.open wait for pending setVersion transactions to complete
1975         https://bugs.webkit.org/show_bug.cgi?id=69307
1976
1977         Reviewed by Tony Chang.
1978
1979         Added a queue of pending open calls, similar to the queue of pending
1980         setVersion calls. Ensure pending calls are processed in the correct
1981         order when transactions complete.
1982
1983         Tests: storage/indexeddb/open-close-version.html
1984                storage/indexeddb/two-version-changes.html
1985                storage/indexeddb/version-change-exclusive.html
1986
1987         * storage/IDBDatabaseBackendImpl.cpp:
1988         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::create):
1989         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::callbacks):
1990         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::PendingOpenCall):
1991         (WebCore::IDBDatabaseBackendImpl::setVersion):
1992         (WebCore::IDBDatabaseBackendImpl::transactionStarted):
1993         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
1994         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
1995         (WebCore::IDBDatabaseBackendImpl::openConnection):
1996         (WebCore::IDBDatabaseBackendImpl::close):
1997         * storage/IDBDatabaseBackendImpl.h:
1998         * storage/IDBFactoryBackendImpl.cpp:
1999         (WebCore::IDBFactoryBackendImpl::open):
2000         * storage/IDBTransactionBackendImpl.cpp:
2001         (WebCore::IDBTransactionBackendImpl::abort):
2002         (WebCore::IDBTransactionBackendImpl::start):
2003         (WebCore::IDBTransactionBackendImpl::commit):
2004
2005 2011-10-13  Chris Marrin  <cmarrin@apple.com>
2006
2007         Fix Leopard build
2008
2009         Unreviewed.
2010
2011         * platform/graphics/DisplayRefreshMonitor.h: Added.
2012
2013 2011-10-12  Chris Marrin  <cmarrin@apple.com>
2014
2015         Sync requestAnimationFrame callback to CVDisplayLink on Mac
2016         https://bugs.webkit.org/show_bug.cgi?id=68911
2017
2018         Reviewed by Simon Fraser.
2019
2020         Test: fast/animation/request-animation-frame-iframe.html
2021
2022         Implement CVDisplayLink which checks to see if any scheduleAnimation requests
2023         have come in. If so, remember the timestamp and do a callOnMainThread to fire
2024         the callbacks. A DisplayRefreshMonitorManager is a singleton which has a list
2025         of DisplayRefreshMonitors, one for each display. Each monitor has one or more
2026         DisplayRefreshMonitorClients, which is a abstract virtual class implemented
2027         by ScriptAnimationController. When an animation is scheduled, the
2028         displayRefreshFired method is called on the client, which in turn calls the
2029         requestAnimationFrame callbacks. 
2030
2031         DisplayRefreshMonitor and therefore the CVDisplayLink it owns is discarded
2032         when it no longer has any clients. This minimizes the number of concurrent
2033         CVDisplayLink threads.
2034
2035         * WebCore.exp.in:
2036         * WebCore.xcodeproj/project.pbxproj:
2037         * dom/Document.cpp:
2038         (WebCore::Document::windowScreenDidChange):
2039         (WebCore::Document::webkitRequestAnimationFrame):
2040         * dom/Document.h:
2041         * dom/ScriptedAnimationController.cpp:
2042         (WebCore::ScriptedAnimationController::ScriptedAnimationController):
2043         (WebCore::ScriptedAnimationController::windowScreenDidChange):
2044         (WebCore::ScriptedAnimationController::scheduleAnimation):
2045         * dom/ScriptedAnimationController.h:
2046         (WebCore::ScriptedAnimationController::displayRefreshFired):
2047         * page/Page.cpp:
2048         (WebCore::Page::Page):
2049         (WebCore::Page::windowScreenDidChange):
2050         * page/Page.h:
2051         (WebCore::Page::displayID):
2052         * platform/PlatformScreen.h:
2053         * platform/graphics/DisplayRefreshMonitor.cpp: Added.
2054         (WebCore::DisplayRefreshMonitorClient::DisplayRefreshMonitorClient):
2055         (WebCore::DisplayRefreshMonitorClient::~DisplayRefreshMonitorClient):
2056         (WebCore::DisplayRefreshMonitorClient::fireDisplayRefreshIfNeeded):
2057         (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
2058         (WebCore::DisplayRefreshMonitor::refreshDisplayOnMainThread):
2059         (WebCore::DisplayRefreshMonitorManager::sharedManager):
2060         (WebCore::DisplayRefreshMonitorManager::findMonitor):
2061         (WebCore::DisplayRefreshMonitorManager::registerClient):
2062         (WebCore::DisplayRefreshMonitorManager::unregisterClient):
2063         (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
2064         (WebCore::DisplayRefreshMonitorManager::windowScreenDidChange):
2065         * platform/graphics/DisplayRefreshMonitor.h: Added.
2066         (WebCore::DisplayRefreshMonitorClient::scheduleAnimation):
2067         (WebCore::DisplayRefreshMonitor::hasClients):
2068         (WebCore::DisplayRefreshMonitor::addClient):
2069         (WebCore::DisplayRefreshMonitor::removeClient):
2070         (WebCore::DisplayRefreshMonitor::displayID):
2071         (WebCore::DisplayRefreshMonitorManager::DisplayRefreshMonitorManager):
2072         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp: Added.
2073         (WebCore::DisplayRefreshMonitor::displayLinkCallback):
2074         (WebCore::DisplayRefreshMonitor::~DisplayRefreshMonitor):
2075         (WebCore::DisplayRefreshMonitor::scheduleAnimation):
2076
2077 2011-10-13  Abhishek Arya  <inferno@chromium.org>
2078
2079         Unreviewed. Qt compile fix.
2080
2081         * css/CSSFontFaceSource.cpp: include Document.h.
2082
2083 2011-10-12  Abhishek Arya  <inferno@chromium.org>
2084
2085         Register custom fonts at their creation time,  
2086         rather than at retirement time.
2087         https://bugs.webkit.org/show_bug.cgi?id=68929
2088
2089         Reviewed by Dan Bernstein.
2090
2091         Test: fast/text/custom-font-data-crash2.html
2092
2093         * css/CSSFontFace.cpp:
2094         * css/CSSFontFace.h: remove function added in r94508,
2095         which is no longer needed. We now register custom fonts
2096         at creation time.
2097         * css/CSSFontFaceSource.cpp:
2098         (WebCore::CSSFontFaceSource::pruneTable): no longer need
2099         to delete/retire font data here, it will be handled in ~Document.
2100         (WebCore::CSSFontFaceSource::getFontData): register custom
2101         font to document's m_customFonts.
2102         * css/CSSFontSelector.cpp:
2103         * css/CSSFontSelector.h: remove function added in r94508,
2104         which is no longer needed. We now register custom fonts
2105         at creation time.
2106         * css/CSSSegmentedFontFace.cpp:
2107         (WebCore::CSSSegmentedFontFace::pruneTable): no longer need
2108         to delete/retire font data here, it will be handled in ~Document.
2109         (WebCore::CSSSegmentedFontFace::getFontData): register custom
2110         font to document's m_customFonts.
2111         * dom/Document.cpp: Change function names to registerCustomFont
2112         , deleteCustomFonts and local to m_customFont.
2113         (WebCore::Document::~Document):
2114         (WebCore::Document::recalcStyle): yanking out the comment. We
2115         no longer keep retired custom fonts. We clear all custom fonts
2116         on Document destruction.
2117         (WebCore::Document::registerCustomFont): 
2118         (WebCore::Document::deleteCustomFonts):
2119         * dom/Document.h:
2120
2121 2011-10-13  Ryosuke Niwa  <rniwa@webkit.org>
2122
2123         Crash in DeleteSelectionCommand::handleGeneralDelete
2124         https://bugs.webkit.org/show_bug.cgi?id=70045
2125
2126         Reviewed by Darin Adler.
2127
2128         Exit early when m_upstreamStart is null.
2129
2130         No new tests because we don't have a reduction.
2131
2132         * editing/DeleteSelectionCommand.cpp:
2133         (WebCore::DeleteSelectionCommand::handleGeneralDelete):
2134
2135 2011-10-13  David Hyatt  <hyatt@apple.com>
2136
2137         https://bugs.webkit.org/show_bug.cgi?id=70049
2138         
2139         [CSS Regions] Add a test of a float being pushed down because it can't fit
2140         next to another float and make sure it re-evaluates its position when it changes
2141         regions as a result of the push.
2142
2143         Reviewed by Sam Weinig.
2144
2145         Added new test in fast/regions.
2146
2147         * rendering/RenderBlock.cpp:
2148         (WebCore::RenderBlock::computeLogicalLocationForFloat):
2149
2150 2011-10-13  Adam Barth  <abarth@webkit.org>
2151
2152         Move XSTL to script-src in Content-Security-Policy
2153         https://bugs.webkit.org/show_bug.cgi?id=63637
2154
2155         Reviewed by Eric Seidel.
2156
2157         The spec was unclear about how to treat XSLT.  My reading was that they
2158         should fall under style-src, but further discussion on the mailing list
2159         settled on using script-src because an XSLT can inject arbitrary DOM
2160         and script into a page, which is more risky than including style.
2161
2162         Tests: http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-1.php
2163                http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-2.php
2164
2165         * loader/cache/CachedResourceLoader.cpp:
2166         (WebCore::CachedResourceLoader::canRequest):
2167
2168 2011-10-13  Zeno Albisser  <zeno.albisser@nokia.com>
2169
2170         [Qt] QtWebKit build error for Mac 32bit
2171         https://bugs.webkit.org/show_bug.cgi?id=69914
2172
2173         In WebCore.pro and QtWebKit.pro we define NSGEOMETRY_TYPES_SAME_AS_CGGEOMETRY_TYPES
2174         when compiling with ENABLE_VIDEO and with WTF_USE_QTKIT.
2175         But this is meant to be defined in NSGeometry.h under certain preconditions.
2176         Without setting NS_BUILD_32_LIKE_64 none of these preconditions is
2177         met and therefore NSGeometry.h will create several conflicting type definitions.
2178
2179         With this patch we create consistent definitions again.
2180         Due to the order of include files we cannot remove
2181         NSGEOMETRY_TYPES_SAME_AS_CGGEOMETRY_TYPES from WebCore.pro.
2182
2183         Reviewed by Andreas Kling.
2184
2185         * WebCore.pro:
2186
2187 2011-10-13  Tom Hudson  <tomhudson@google.com>
2188
2189         Revert border radius clips (r95239) for Chromium due to performance issues. Update test expectations to skip border radius clip layout tests.
2190         https://bugs.webkit.org/show_bug.cgi?id=69844
2191
2192         Reviewed by Simon Fraser.
2193
2194         * rendering/RenderLayer.cpp:
2195         (WebCore::RenderLayer::clipToRect): Only process border radius clips #if !PLATFORM(CHROMIUM)
2196
2197 2011-10-13  Julien Chaffraix  <jchaffraix@webkit.org>
2198
2199         Deprecate event.layerX and event.layerY in WebKit
2200         https://bugs.webkit.org/show_bug.cgi?id=69951
2201
2202         Reviewed by Darin Adler.
2203
2204         layerX and layerY were concepts of the old Netscape code that stayed
2205         in WebKit for a long time without changes. Now the code is completely
2206         wrong and Mozilla has expressed some interest in removing it from their
2207         API too.
2208
2209         This is a first step in the removal as layerX and layerY are exposed
2210         in some APIs. Chromium and Win are fine with removing the property
2211         directly, but ObjC needs to deprecate them first.
2212
2213         * bindings/objc/PublicDOMInterfaces.h: Mark the API as deprecated.
2214
2215         * dom/MouseRelatedEvent.cpp:
2216         (WebCore::MouseRelatedEvent::layerX):
2217         (WebCore::MouseRelatedEvent::layerY):
2218         * dom/UIEvent.cpp:
2219         (WebCore::UIEvent::layerX):
2220         (WebCore::UIEvent::layerY):
2221         Added a call to warnDeprecatedLayerXYUsage in the previous functions.
2222
2223         (WebCore::UIEvent::warnDeprecatedLayerXYUsage): Print a warning in the
2224         console about the removal of event.layerX and event.layerY in the near future.
2225
2226         * dom/UIEvent.h: Added warnDeprecatedLayerXYUsage.
2227
2228 2011-10-03  Robert Hogan  <robert@webkit.org>
2229
2230         CSS 2.1 failure: inline-replaced-height-008.htm
2231         https://bugs.webkit.org/show_bug.cgi?id=69273
2232
2233         Reviewed by Simon Fraser.
2234
2235         Test: css2.1/20110323/inline-block-replaced-height-008.html
2236
2237         Per http://www.w3.org/TR/CSS21/visudet.html#inline-replaced-height,  if 'height' has computed value of 
2238         'auto', the replaced element has an intrinsic ratio and its used width is known or resolved, then 
2239         the used value of 'height' is determined by the equation (used width) / (intrinsic ratio).
2240
2241         * rendering/RenderImage.cpp:
2242         (WebCore::RenderImage::computeReplacedLogicalHeight):
2243         * rendering/RenderReplaced.h:
2244
2245 2011-10-13  Sheriff Bot  <webkit.review.bot@gmail.com>
2246
2247         Unreviewed, rolling out r97362.
2248         http://trac.webkit.org/changeset/97362
2249         https://bugs.webkit.org/show_bug.cgi?id=70039
2250
2251         Relies on V8 APIs that have been reverted upstream. (Requested
2252         by dglazkov on #webkit).
2253
2254         * English.lproj/localizedStrings.js:
2255         * bindings/js/ScriptProfiler.cpp:
2256         * bindings/js/ScriptProfiler.h:
2257         * bindings/v8/ScriptProfiler.cpp:
2258         * bindings/v8/ScriptProfiler.h:
2259         * inspector/Inspector.json:
2260         * inspector/InspectorController.cpp:
2261         (WebCore::InspectorController::InspectorController):
2262         * inspector/InspectorProfilerAgent.cpp:
2263         (WebCore::InspectorProfilerAgent::create):
2264         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2265         * inspector/InspectorProfilerAgent.h:
2266         * inspector/front-end/DetailedHeapshotGridNodes.js:
2267         (WebInspector.HeapSnapshotGridNode.prototype.hasHoverMessage.false.hoverMessage):
2268         (WebInspector.HeapSnapshotGenericObjectNode):
2269         (WebInspector.HeapSnapshotGenericObjectNode.prototype.get data):
2270         (WebInspector.HeapSnapshotGenericObjectNode.prototype.hoverMessage):
2271         (WebInspector.HeapSnapshotGenericObjectNode.prototype.shortenWindowURL):
2272         * inspector/front-end/DetailedHeapshotView.js:
2273         (WebInspector.DetailedHeapshotView.prototype._showStringContentPopover):
2274         * inspector/front-end/HeapSnapshot.js:
2275         (WebInspector.HeapSnapshot.prototype._init):
2276         (WebInspector.HeapSnapshot.prototype.dispose):
2277         (WebInspector.HeapSnapshot.prototype.updateStaticData):
2278         (WebInspector.HeapSnapshotNodesProvider.prototype._serialize):
2279         * inspector/front-end/HeapSnapshotProxy.js:
2280         * inspector/front-end/RemoteObject.js:
2281         * inspector/front-end/heapProfiler.css:
2282
2283 2011-10-13  David Hyatt  <hyatt@apple.com>
2284
2285         https://bugs.webkit.org/show_bug.cgi?id=69932
2286         
2287         Layout repainting messed up for objects in regions. There were two bugs here.
2288         The first is that the regionOverflowRect needs to at least be the size of the 
2289         region's rect. When you're in the middle of layout, you haven't computed the
2290         overflow rect for the flow thread yet (the flow thread's height could even be 0),
2291         and so you just need to enforce a minimum size. Also removed the region-overflow:break
2292         clipping behavior, since it was established that was wrong.
2293         
2294         The second bug is that when you tell a region to repaint, you need to disable layout state,
2295         since applying layout deltas from the flow thread makes no sense. The region is in a totally
2296         different place in the render tree, so the current flow thread layout state can't be used
2297         to determine your coordinate offset.
2298
2299         Reviewed by Dan Bernstein.
2300
2301         Added fast/repaint test.
2302
2303         * rendering/RenderFlowThread.cpp:
2304         (WebCore::RenderFlowThread::repaintRectangleInRegions):
2305         * rendering/RenderRegion.cpp:
2306         (WebCore::RenderRegion::regionOverflowRect):
2307
2308 2011-10-13  Renata Hodovan  <reni@webkit.org>
2309
2310         FEComponentTransfer element doesn't support dynamic invalidation
2311         https://bugs.webkit.org/show_bug.cgi?id=69747
2312
2313         The dynamic changes are captured by the svgAttributeChange() function, and
2314         invalidate the filter primitive if necessary.
2315         invalidateFilterPrimitiveParent() is a new free function in
2316         SVGFilterPrimitiveStanardAttributes what makes the invalidation possible
2317         by objects not inherited from SVGFilterPrimitiveStanardAttributes too.
2318         This solution was used in SVGFEMergeNodeElement::svgAttributeChanged()
2319         previously and now it can use this new function too.
2320
2321         Reviewed by Nikolas Zimmermann.
2322
2323         Tests: svg/dynamic-updates/SVGFEComponentTransferElement-dom-amplitude-attr.html
2324                svg/dynamic-updates/SVGFEComponentTransferElement-dom-exponent-attr.html
2325                svg/dynamic-updates/SVGFEComponentTransferElement-dom-intercept-attr.html
2326                svg/dynamic-updates/SVGFEComponentTransferElement-dom-offset-attr.html
2327                svg/dynamic-updates/SVGFEComponentTransferElement-dom-slope-attr.html
2328                svg/dynamic-updates/SVGFEComponentTransferElement-dom-tableValues-attr.html
2329                svg/dynamic-updates/SVGFEComponentTransferElement-dom-type-attr.html
2330                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-amplitude-prop.html
2331                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-exponent-prop.html
2332                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-intercept-prop.html
2333                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-offset-prop.html
2334                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-slope-prop.html
2335                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-tableValues-prop.html
2336                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-type-prop.html
2337
2338         * svg/SVGComponentTransferFunctionElement.cpp:
2339         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged):
2340         * svg/SVGComponentTransferFunctionElement.h:
2341         * svg/SVGFEComponentTransferElement.cpp:
2342         (WebCore::SVGFEComponentTransferElement::build):
2343         * svg/SVGFEMergeNodeElement.cpp:
2344         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged):
2345         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
2346         (WebCore::invalidateFilterPrimitiveParent):
2347         * svg/SVGFilterPrimitiveStandardAttributes.h:
2348
2349 2011-10-13  Deepak Sherveghar  <bpwv64@motorola.com>
2350
2351         REGRESSION (r95381): Standalone video can be focused and draws a focus ring.
2352         https://bugs.webkit.org/show_bug.cgi?id=69097
2353
2354         Reviewed by Eric Carlson.
2355
2356         We don't want to focus a media element in a standalone document.
2357
2358         Test: fast/events/media-focus-in-standalone-media-document.html
2359
2360         * html/HTMLMediaElement.cpp:
2361         (WebCore::HTMLMediaElement::supportsFocus): return false if media element is in a standalone media document.
2362
2363 2011-10-13  Mikhail Naganov  <mnaganov@chromium.org>
2364
2365         Web Inspector: [Chromium] Add an ability to look up and explore an object from a heap profile.
2366         https://bugs.webkit.org/show_bug.cgi?id=61179
2367
2368         This is exteremely helpful when dealing with DOM wrappers, as
2369         their properties are mostly implemented with getters and thus not
2370         stored in heap snapshots.
2371
2372         Reviewed by Pavel Feldman.
2373
2374         * English.lproj/localizedStrings.js:
2375         * bindings/js/ScriptProfiler.cpp:
2376         (WebCore::ScriptProfiler::objectByHeapObjectId):
2377         * bindings/js/ScriptProfiler.h:
2378         * bindings/v8/ScriptProfiler.cpp:
2379         (WebCore::ScriptProfiler::objectByHeapObjectId):
2380         * bindings/v8/ScriptProfiler.h:
2381         * inspector/Inspector.json:
2382         * inspector/InspectorController.cpp:
2383         (WebCore::InspectorController::InspectorController):
2384         * inspector/InspectorProfilerAgent.cpp:
2385         (WebCore::InspectorProfilerAgent::create):
2386         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2387         (WebCore::InspectorProfilerAgent::getObjectByHeapObjectId):
2388         * inspector/InspectorProfilerAgent.h:
2389         * inspector/front-end/DetailedHeapshotGridNodes.js:
2390         (WebInspector.HeapSnapshotGridNode.prototype.hasHoverMessage.false.queryObjectContent):
2391         (WebInspector.HeapSnapshotGenericObjectNode):
2392         (WebInspector.HeapSnapshotGenericObjectNode.prototype.get data):
2393         (WebInspector.HeapSnapshotGenericObjectNode.prototype.queryObjectContent.else.formatResult):
2394         (WebInspector.HeapSnapshotGenericObjectNode.prototype.queryObjectContent):
2395         (WebInspector.HeapSnapshotGenericObjectNode.prototype.shortenWindowURL):
2396         * inspector/front-end/DetailedHeapshotView.js:
2397         (WebInspector.DetailedHeapshotView.prototype._showObjectPopover):
2398         * inspector/front-end/HeapSnapshot.js:
2399         (WebInspector.HeapSnapshotNode.prototype.get canBeQueried):
2400         (WebInspector.HeapSnapshotNode.prototype.get flags):
2401         (WebInspector.HeapSnapshotNode.prototype.get isDOMWindow):
2402         (WebInspector.HeapSnapshot.prototype._init):
2403         (WebInspector.HeapSnapshot.prototype.dispose):
2404         (WebInspector.HeapSnapshot.prototype._flagsOfNode):
2405         (WebInspector.HeapSnapshot.prototype._calculateFlags):
2406         (WebInspector.HeapSnapshot.prototype.updateStaticData):
2407         (WebInspector.HeapSnapshotNodesProvider.prototype._serialize):
2408         * inspector/front-end/HeapSnapshotProxy.js:
2409         (WebInspector.HeapSnapshotProxy.prototype.get nodeFlags):
2410         * inspector/front-end/RemoteObject.js:
2411         (WebInspector.RemoteObject.fromError):
2412         * inspector/front-end/heapProfiler.css:
2413         (.detailed-heapshot-view tr:not(.selected) td.object-column span.highlight):
2414
2415 2011-10-13  Adam Barth  <abarth@webkit.org>
2416
2417         script-src * should allow all URLs
2418         https://bugs.webkit.org/show_bug.cgi?id=70011
2419
2420         Reviewed by Eric Seidel.
2421
2422         This patch gets us slightly ahead of the spec.  Technically, script-src
2423         means "any host" and inherits the current scheme.  However, that's not
2424         what developers expect and it's even contradicted by examples in the
2425         spec itself.  After this patch, * matches all URLs.
2426
2427         Test: http/tests/security/contentSecurityPolicy/script-src-star-cross-scheme.html
2428
2429         * page/ContentSecurityPolicy.cpp:
2430         (WebCore::CSPSourceList::CSPSourceList):
2431         (WebCore::CSPSourceList::matches):
2432         (WebCore::CSPSourceList::parseSource):
2433         (WebCore::CSPSourceList::addSourceStar):
2434
2435 2011-10-13  Kentaro Hara  <haraken@chromium.org>
2436
2437         Implement an OverflowEvent constructor for JSC
2438         https://bugs.webkit.org/show_bug.cgi?id=69907
2439
2440         Reviewed by Adam Barth.
2441
2442         There is no spec for the OverflowEvent constructor
2443         since it is WebKit-specific. However, judging from the current
2444         IDL of initOverflowEvent(), the constructor IDL should be as follows.
2445
2446         [Constructor(DOMString type, optional OverflowEventInit eventInitDict)]
2447         interface OverflowEvent : Event {
2448             ...;
2449         }
2450
2451         dictionary OverflowEventInit : EventInit {
2452             unsigned short orient;
2453             boolean horizontalOverflow;
2454             boolean verticalOverflow;
2455         }
2456
2457         Note: In initOverflowEvent(), we cannot specify |bubbles| and |cancelable|.
2458         I do not know why, but we can find a comment in fast/events/script-tests/init-events.js
2459         that says "initOverflowEvent has an interface that has a design that's
2460         inconsistent with the init functions from other events".
2461         On the other hand, the above constructor enables to specify |bubbles| and |cancelable|,
2462         which is consistent with other constructors.
2463
2464         Test: fast/events/constructors/overflow-event-constructor.html
2465
2466         * bindings/generic/EventConstructors.h: Added a definition for the OverflowEvent constructor.
2467         * bindings/js/JSEventConstructors.cpp: Added #includes for OverflowEvent.
2468         * dom/OverflowEvent.cpp:
2469         (WebCore::OverflowEventInit::OverflowEventInit):
2470         (WebCore::OverflowEvent::OverflowEvent):
2471         (WebCore::OverflowEvent::initOverflowEvent):
2472         * dom/OverflowEvent.h: Added a definition for OverflowEventInit.
2473         (WebCore::OverflowEvent::create):
2474         (WebCore::OverflowEvent::orient):
2475         (WebCore::OverflowEvent::horizontalOverflow):
2476         (WebCore::OverflowEvent::verticalOverflow):
2477         * dom/OverflowEvent.idl: Makes OverflowEvent constructible.
2478
2479 2011-10-13  Kent Tamura  <tkent@chromium.org>
2480
2481         Cleanup of HTMLSelectElement
2482         https://bugs.webkit.org/show_bug.cgi?id=69908
2483
2484         Reviewed by Darin Adler.
2485
2486         - Change the m_listItems type: Vector<Element*> -> Vector<HTMLElement*>
2487         - Rename a member: m_recalcListItems -> m_shouldRecalcListItems
2488         - Fold checkListItems() into listItems()
2489         - Style fixes
2490
2491         No new tests, just a cleanup.
2492
2493         * accessibility/AccessibilityListBox.cpp:
2494         (WebCore::AccessibilityListBox::addChildren):
2495         * accessibility/AccessibilityListBoxOption.cpp:
2496         (WebCore::AccessibilityListBoxOption::listBoxOptionIndex):
2497         * accessibility/AccessibilityMenuListPopup.cpp:
2498         (WebCore::AccessibilityMenuListPopup::addChildren):
2499         * accessibility/AccessibilityRenderObject.cpp:
2500         (WebCore::AccessibilityRenderObject::stringValue):
2501         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
2502         (optionFromSelection):
2503         (webkit_accessible_selection_get_selection_count):
2504         * dom/OptionElement.cpp:
2505         (WebCore::OptionElement::optionIndex):
2506         * html/HTMLSelectElement.cpp:
2507         (WebCore::HTMLSelectElement::HTMLSelectElement):
2508         (WebCore::HTMLSelectElement::add):
2509         (WebCore::HTMLSelectElement::value):
2510         (WebCore::HTMLSelectElement::setValue):
2511         (WebCore::HTMLSelectElement::parseMappedAttribute):
2512         (WebCore::HTMLSelectElement::recalcListItemsIfNeeded):
2513         (WebCore::HTMLSelectElement::setOption):
2514         (WebCore::HTMLSelectElement::setLength):
2515         (WebCore::HTMLSelectElement::nextValidIndex):
2516         (WebCore::HTMLSelectElement::firstSelectableListIndex):
2517         (WebCore::HTMLSelectElement::nextSelectableListIndexPageAway):
2518         (WebCore::HTMLSelectElement::selectAll):
2519         (WebCore::HTMLSelectElement::saveLastSelection):
2520         (WebCore::HTMLSelectElement::setActiveSelectionAnchorIndex):
2521         (WebCore::HTMLSelectElement::updateListBoxSelection):
2522         (WebCore::HTMLSelectElement::listBoxOnChange):
2523         (WebCore::HTMLSelectElement::listItems):
2524         (WebCore::HTMLSelectElement::setRecalcListItems):
2525         (WebCore::HTMLSelectElement::recalcListItemsInternal):
2526         (WebCore::HTMLSelectElement::selectedIndex):
2527         (WebCore::HTMLSelectElement::setSelectedIndexInternal):
2528         (WebCore::HTMLSelectElement::optionToListIndex):
2529         (WebCore::HTMLSelectElement::listToOptionIndex):
2530         (WebCore::HTMLSelectElement::dispatchFocusEvent):
2531         (WebCore::HTMLSelectElement::deselectItemsWithoutValidation):
2532         (WebCore::HTMLSelectElement::saveFormControlState): Use StringBuilder.
2533         (WebCore::HTMLSelectElement::restoreFormControlState):
2534         (WebCore::HTMLSelectElement::appendFormData):
2535         (WebCore::HTMLSelectElement::reset):
2536         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
2537         (WebCore::HTMLSelectElement::updateSelectedState):
2538         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
2539         (WebCore::HTMLSelectElement::lastSelectedListIndex):
2540         Optimize the code by iterating in the reverse order.
2541         (WebCore::HTMLSelectElement::typeAheadFind):
2542         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex):
2543         (WebCore::HTMLSelectElement::length):
2544         (WebCore::toSelectElement):
2545         * html/HTMLSelectElement.h:
2546         * rendering/RenderListBox.cpp:
2547         (WebCore::RenderListBox::updateFromElement):
2548         (WebCore::RenderListBox::addFocusRingRects):
2549         (WebCore::RenderListBox::paintItemForeground):
2550         (WebCore::RenderListBox::paintItemBackground):
2551         (WebCore::RenderListBox::nodeAtPoint):
2552         * rendering/RenderMenuList.cpp:
2553         (WebCore::RenderMenuList::updateOptionsWidth):
2554         (WebCore::RenderMenuList::setTextFromOption):
2555         (WebCore::RenderMenuList::itemText):
2556         (WebCore::RenderMenuList::itemAccessibilityText):
2557         (WebCore::RenderMenuList::itemToolTip):
2558         (WebCore::RenderMenuList::itemIsEnabled):
2559         (WebCore::RenderMenuList::itemStyle):
2560         (WebCore::RenderMenuList::itemBackgroundColor):
2561         (WebCore::RenderMenuList::itemIsSeparator):
2562         (WebCore::RenderMenuList::itemIsLabel):
2563         (WebCore::RenderMenuList::itemIsSelected):
2564
2565 2011-10-13  Adam Barth  <abarth@webkit.org>
2566
2567         DOMWindow subobjects can be re-created after navigation
2568         https://bugs.webkit.org/show_bug.cgi?id=68849
2569
2570         Reviewed by Sam Weinig.
2571
2572         Test: http/tests/security/xss-DENIED-getSelection-from-inactive-domwindow.html
2573
2574         * page/DOMWindow.cpp:
2575         (WebCore::DOMWindow::~DOMWindow):
2576             - Add ASSERTs to show that we're not recreating these objects.
2577             - Add a call to clear() as defense in depth in case we have any of
2578               these objects hanging around.
2579         (WebCore::DOMWindow::clear):
2580             - Clear out a couple of objects that weren't getting cleared.
2581               These are actually not likely to cause problems, but clearing
2582               them out is the safe thing to do.
2583         (WebCore::DOMWindow::isActive):
2584             - Add a concept of whether the DOMWindow is "active" in its frame.
2585               We had this concept in a couple places already, but centralizing
2586               it into a helper function make it easier to use and talk about.
2587         (WebCore::DOMWindow::orientation):
2588             - Whitespace nit.
2589         (WebCore::DOMWindow::screen):
2590         (WebCore::DOMWindow::history):
2591         (WebCore::DOMWindow::crypto):
2592         (WebCore::DOMWindow::locationbar):
2593         (WebCore::DOMWindow::menubar):
2594         (WebCore::DOMWindow::personalbar):
2595         (WebCore::DOMWindow::scrollbars):
2596         (WebCore::DOMWindow::statusbar):
2597         (WebCore::DOMWindow::toolbar):
2598         (WebCore::DOMWindow::console):
2599         (WebCore::DOMWindow::applicationCache):
2600         (WebCore::DOMWindow::navigator):
2601         (WebCore::DOMWindow::performance):
2602         (WebCore::DOMWindow::location):
2603         (WebCore::DOMWindow::sessionStorage):
2604         (WebCore::DOMWindow::localStorage):
2605         (WebCore::DOMWindow::webkitNotifications):
2606         (WebCore::DOMWindow::webkitIndexedDB):
2607         (WebCore::DOMWindow::getSelection):
2608         (WebCore::DOMWindow::styleMedia):
2609         (WebCore::DOMWindow::webkitURL):
2610         (WebCore::DOMWindow::webkitStorageInfo):
2611             - Avoid creating these objects when we're not active.  That can
2612               only lead to sadness.
2613         (WebCore::DOMWindow::webkitRequestFileSystem):
2614         (WebCore::DOMWindow::webkitResolveLocalFileSystemURL):
2615         (WebCore::DOMWindow::openDatabase):
2616         (WebCore::DOMWindow::postMessage):
2617             - While not techincally creating subobjects, these functions also
2618               seem unwise when the DOMWindow is inactive.
2619         (WebCore::DOMWindow::find):
2620         (WebCore::DOMWindow::length):
2621         (WebCore::DOMWindow::getMatchedCSSRules):
2622             - These functions operate on the active Document.  When we're not
2623               active, that's not us!
2624         (WebCore::DOMWindow::document):
2625             - Update to use the new concept of being active rather than having
2626               this function roll its own implementation.
2627         (WebCore::DOMWindow::webkitConvertPointFromNodeToPage):
2628         (WebCore::DOMWindow::webkitConvertPointFromPageToNode):
2629         (WebCore::DOMWindow::scrollBy):
2630         (WebCore::DOMWindow::scrollTo):
2631             - These functions also look unwise to run when inactive because
2632               they're reading information from the active document.
2633             - I added a RefPtr for node because the call to
2634               updateLayoutIgnorePendingStylesheets() seems likely to be able to
2635               run script somehow.
2636         (WebCore::DOMWindow::addEventListener):
2637         (WebCore::DOMWindow::removeEventListener):
2638         (WebCore::DOMWindow::dispatchLoadEvent):
2639         (WebCore::DOMWindow::dispatchEvent):
2640             - I don't think these functions worked when inactive anyway, but
2641               explicitly blocking them seems wise.
2642         (WebCore::DOMWindow::setLocation):
2643         (WebCore::DOMWindow::isInsecureScriptAccess):
2644         (WebCore::DOMWindow::open):
2645         (WebCore::DOMWindow::showModalDialog):
2646             - These already have checks for being active, but it can't hurt to
2647               be explicit at the top of the function.
2648         * page/DOMWindow.h:
2649
2650 2011-10-13  Kent Tamura  <tkent@chromium.org>
2651
2652         REGRESSION(r89915): <input type=email multiple> don't show the default value
2653         https://bugs.webkit.org/show_bug.cgi?id=69895
2654
2655         Reviewed by Hajime Morita.
2656
2657         m_valueIfDirty became unexpectedly empty because
2658         EmailInputType::sanitizeValue() returned an empty string for a
2659         null input string.
2660
2661         To solve this issue, HTMLInputElement::sanitizeValue() checks
2662         nullness, and remove the null check of sanitizeValue() of
2663         InputType subclasses.
2664         Also, we make InputType::sanitizeValue() const.
2665
2666         * html/ColorInputType.cpp:
2667         (WebCore::ColorInputType::sanitizeValue):
2668         - Make this const.
2669         - Remove null check.
2670         * html/ColorInputType.h: Make sanitizeValue() const.
2671         * html/EmailInputType.cpp:
2672         (WebCore::EmailInputType::sanitizeValue): Make this const.
2673         * html/EmailInputType.h: Make sanitizeValue() const.
2674         * html/HTMLInputElement.cpp:
2675         (WebCore::HTMLInputElement::sanitizeValue):
2676         (WebCore::HTMLInputElement::updateValueIfNeeded):
2677         * html/InputType.cpp:
2678         (WebCore::InputType::sanitizeValue):
2679         Returns a null string if the input string is null, and
2680         don't call InputType::sanitizeValue() in this case.
2681         * html/InputType.h: Make sanitizeValue() const.
2682         * html/NumberInputType.cpp:
2683         (WebCore::NumberInputType::sanitizeValue): Make this const.
2684         * html/NumberInputType.h: Make sanitizeValue() const.
2685         * html/RangeInputType.cpp:
2686         (WebCore::RangeInputType::sanitizeValue):
2687         - Make this const.
2688         - Remove null check.
2689         * html/RangeInputType.h: Make sanitizeValue() const.
2690         * html/TextFieldInputType.cpp:
2691         (WebCore::TextFieldInputType::sanitizeValue): Make this const.
2692         * html/TextFieldInputType.h: Make sanitizeValue() const.
2693
2694 2011-10-12  Joseph Pecoraro  <joepeck@webkit.org>
2695
2696         Pass Parsed Accept Attribute MIME Types to WebKit Clients
2697         https://bugs.webkit.org/show_bug.cgi?id=69598
2698
2699         Reviewed by David Kilzer.
2700
2701         No new tests. No new functionality in WebCore, just
2702         exposing more information to the WebKit port.
2703
2704         * html/FileInputType.cpp:
2705         (WebCore::FileInputType::handleDOMActivateEvent):
2706         (WebCore::FileInputType::receiveDropForDirectoryUpload):
2707         Set the MIME type list on the FileChooser settings.
2708
2709         * html/HTMLInputElement.h:
2710         * html/HTMLInputElement.cpp:
2711         (WebCore::HTMLInputElement::acceptMIMETypes):
2712         Accessor for a parsed list of MIME types from the accept attribute.
2713         
2714         * platform/FileChooser.h:
2715         Add a slot for a MIME type list on the chooser settings.
2716
2717 2011-10-12  Joseph Pecoraro  <joepeck@webkit.org>
2718
2719         Pass Parsed Accept Attribute MIME Types to WebKit Clients
2720         https://bugs.webkit.org/show_bug.cgi?id=69598
2721
2722         Reviewed by Kent Tamura.
2723
2724         Deprecate the old String version of getting the "accept"
2725         mime type values. Instead we will change to include a
2726         list of MIME types.
2727
2728         * html/FileInputType.cpp:
2729         (WebCore::FileInputType::handleDOMActivateEvent):
2730         (WebCore::FileInputType::receiveDropForDirectoryUpload):
2731         * platform/FileChooser.h:
2732
2733 2011-10-12  Adam Barth  <abarth@webkit.org>
2734
2735         Remove ENABLE(XHTMLMP) and associated code
2736         https://bugs.webkit.org/show_bug.cgi?id=69729
2737
2738         Reviewed by David Levin.
2739
2740         As discussed on webkit-dev, we are removing this feature as part of our
2741         cleanup of unmaintained code in WebKit.
2742
2743         * Configurations/FeatureDefines.xcconfig:
2744         * GNUmakefile.am:
2745         * GNUmakefile.list.am:
2746         * WebCore.gypi:
2747         * WebCore.pro:
2748         * WebCore.vcproj/WebCore.vcproj:
2749         * WebCore.xcodeproj/project.pbxproj:
2750         * dom/DOMImplementation.cpp:
2751         (WebCore::DOMImplementation::createDocument):
2752         * dom/Document.cpp:
2753         (WebCore::Document::Document):
2754         * dom/Document.h:
2755         (WebCore::Document::isMediaDocument):
2756         * dom/Node.cpp:
2757         * dom/make_names.pl:
2758         (usesDefaultJSWrapper):
2759         * features.pri:
2760         * html/HTMLElement.cpp:
2761         (WebCore::HTMLElement::rendererIsNeeded):
2762         * html/HTMLElementsAllInOne.cpp:
2763         * html/HTMLNoScriptElement.cpp: Removed.
2764         * html/HTMLNoScriptElement.h: Removed.
2765         * html/HTMLTagNames.in:
2766         * html/HTMLViewSourceDocument.cpp:
2767         (WebCore::HTMLViewSourceDocument::createParser):
2768         * loader/FrameLoader.cpp:
2769         * platform/wince/MIMETypeRegistryWinCE.cpp:
2770         (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
2771         * xml/parser/XMLDocumentParser.h:
2772         (WebCore::XMLDocumentParser::isXHTMLDocument):
2773         * xml/parser/XMLDocumentParserLibxml2.cpp:
2774         (WebCore::XMLDocumentParser::XMLDocumentParser):
2775         (WebCore::XMLDocumentParser::startElementNs):
2776         (WebCore::XMLDocumentParser::endElementNs):
2777         (WebCore::XMLDocumentParser::endDocument):
2778         (WebCore::XMLDocumentParser::internalSubset):
2779         (WebCore::getEntityHandler):
2780         (WebCore::externalSubsetHandler):
2781         * xml/parser/XMLDocumentParserQt.cpp:
2782         (WebCore::XMLDocumentParser::XMLDocumentParser):
2783         (WebCore::XMLDocumentParser::parse):
2784         (WebCore::XMLDocumentParser::parseStartElement):
2785         (WebCore::XMLDocumentParser::parseEndElement):
2786         (WebCore::XMLDocumentParser::endDocument):
2787         (WebCore::XMLDocumentParser::parseDtd):
2788
2789 2011-10-12  Kentaro Hara  <haraken@chromium.org>
2790
2791         Implement a WebKitTransitionEvent constructor for V8
2792         https://bugs.webkit.org/show_bug.cgi?id=69911
2793
2794         Reviewed by Adam Barth.
2795
2796         Test: fast/events/constructors/webkit-transition-event-constructor.html
2797
2798         * bindings/v8/custom/V8EventConstructors.cpp: Added a WebKitTransitionEvent constructor.
2799         * dom/WebKitTransitionEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
2800
2801 2011-10-12  Kentaro Hara  <haraken@chromium.org>
2802
2803         Implement a BeforeLoadEvent constructor for JSC
2804         https://bugs.webkit.org/show_bug.cgi?id=69893
2805
2806         Reviewed by Adam Barth.
2807
2808         There is no spec for the BeforeLoadEvent constructor
2809         since it is WebKit-specific. However, judging from the current
2810         IDL of initBeforeLoadEvent(), the constructor IDL
2811         should be as follows.
2812
2813         [Constructor(DOMString type, optional BeforeLoadEventInit eventInitDict)]
2814         interface BeforeLoadEvent : Event {
2815             ...;
2816         }
2817
2818         dictionary BeforeLoadEventInit : EventInit {
2819             DOMString url;
2820         }
2821
2822         Test: fast/events/constructors/before-load-event-constructor.html
2823
2824         * bindings/generic/EventConstructors.h: Added a definition for the BeforeLoadEvent constructor.
2825         * bindings/js/JSEventConstructors.cpp: Added #includes for BeforeLoadEvent.
2826         * dom/BeforeLoadEvent.h: Added a definition for BeforeLoadEventInit.
2827         (WebCore::BeforeLoadEventInit::BeforeLoadEventInit):
2828         (WebCore::BeforeLoadEvent::create):
2829         (WebCore::BeforeLoadEvent::initBeforeLoadEvent):
2830         (WebCore::BeforeLoadEvent::BeforeLoadEvent):
2831         * dom/BeforeLoadEvent.idl: Makes BeforeLoadEvent constructible.
2832
2833 2011-10-12  Ben Wells  <benwells@chromium.org>
2834
2835         [skia] Implement Path.currentPoint for skia
2836         https://bugs.webkit.org/show_bug.cgi?id=69817
2837
2838         Replace FIXME with implementation.
2839
2840         Reviewed by Kenneth Russell.
2841
2842         * platform/graphics/skia/PathSkia.cpp:
2843         (WebCore::Path::currentPoint):
2844
2845 2011-10-12  Ben Wells  <benwells@chromium.org>
2846
2847         Incorrect rendering with one-sided thick border and border-radius
2848         https://bugs.webkit.org/show_bug.cgi?id=38787
2849
2850         Reviewed by Simon Fraser.
2851
2852         Incorrect rendering resulted when the inner border could not be properly represented as a rounded
2853         rectangle. When this happens, and the inner border is clipped out, the clipping code clips out the
2854         enclosing rectangle instead.
2855
2856         This change addresses this by clipping in a different way in this case only. The inside is clipped
2857         out one side at a time with a rounded rect created by adjusting the unrenderable inner border
2858         rounded rectangle. The side polygon which is clipped to is also increased in this case to include
2859         the inside of the border so that no areas are missing.
2860
2861         Test: fast/borders/border-radius-complex-inner.html
2862
2863         * rendering/RenderBoxModelObject.cpp:
2864         (WebCore::RenderBoxModelObject::paintOneBorderSide):
2865         (WebCore::RenderBoxModelObject::paintBorder):
2866         (WebCore::calculateSideRectIncludingInner):
2867         (WebCore::calculateAdjustedInnerBorder):
2868         (WebCore::RenderBoxModelObject::clipBorderSideForComplexInnerPath):
2869         * rendering/RenderBoxModelObject.h:
2870
2871 2011-10-12  Luke Macpherson   <macpherson@chromium.org>
2872
2873         Clean up CSSPropertyTextDecoration implementation and ETextDecoration usage.
2874         https://bugs.webkit.org/show_bug.cgi?id=67625
2875
2876         Reviewed by Eric Seidel.
2877
2878         No new tests - no functionality changed.
2879
2880         The implementation of CSSPropertyTextDecoration is simlified because
2881         1) CSSValueListIterator produces a valid iterator when no results available.
2882         2) CSSParser only allows CSSValueNone or a list of appropriate idents.
2883         3) CSSParser will treat a zero-length list as invalid at parse time.
2884
2885         * css/CSSPrimitiveValueMappings.h:
2886         (WebCore::CSSPrimitiveValue::operator ETextDecoration):
2887         Implement cast from CSSPrimitiveValue to ETextDecoration.
2888         * css/CSSStyleSelector.cpp:
2889         (WebCore::CSSStyleSelector::applyProperty):
2890         * rendering/style/RenderStyle.h:
2891         Use ETextDecoration enum instead of int throughout.
2892         (WebCore::InheritedFlags::textDecorationsInEffect):
2893         (WebCore::InheritedFlags::textDecoration):
2894         (WebCore::InheritedFlags::addToTextDecorationsInEffect):
2895         (WebCore::InheritedFlags::setTextDecorationsInEffect):
2896         (WebCore::InheritedFlags::setTextDecoration):
2897         * rendering/style/RenderStyleConstants.h:
2898         Introduce constant for number of bits required to represent enum.
2899         (WebCore::operator|):
2900         Implement | operator for bitfield enum.
2901         (WebCore::operator|=):
2902         Implement |= operator for bitfield enum.
2903         * rendering/style/StyleVisualData.h:
2904         Use ETextDecoration instead of int.
2905
2906 2011-10-12  Tony Chang  <tony@chromium.org>
2907
2908         Implement -webkit-flex-align for cross axis alignment in flex-flow: row
2909         https://bugs.webkit.org/show_bug.cgi?id=69808
2910
2911         Reviewed by David Hyatt.
2912
2913         Tests: css3/flexbox/flex-align-percent-height.html
2914                css3/flexbox/flex-align-vertical-writing-mode.html
2915                css3/flexbox/flex-align.html
2916
2917         * rendering/RenderFlexibleBox.cpp:
2918         (WebCore::RenderFlexibleBox::isFlowAwareLogicalHeightAuto):
2919         (WebCore::RenderFlexibleBox::flowAwareContentLogicalHeight):
2920         (WebCore::RenderFlexibleBox::flowAwareBorderAndPaddingLogicalHeight):
2921         (WebCore::RenderFlexibleBox::flowAwareMarginLogicalHeightForChild):
2922         (WebCore::RenderFlexibleBox::flowAwareLogicalLocationForChild):
2923         (WebCore::RenderFlexibleBox::layoutInlineDirection):
2924         (WebCore::RenderFlexibleBox::availableLogicalHeightForChild):
2925         (WebCore::RenderFlexibleBox::marginBoxAscent):
2926         (WebCore::RenderFlexibleBox::layoutAndPlaceChildrenInlineDirection):
2927         (WebCore::RenderFlexibleBox::adjustLocationLogicalTopForChild):
2928         (WebCore::RenderFlexibleBox::alignChildrenBlockDirection):
2929         * rendering/RenderFlexibleBox.h:
2930
2931 2011-10-12  Mihnea Ovidenie  <mihnea@adobe.com>
2932
2933         [CSS Regions]Remove -webkit-content-order property
2934         https://bugs.webkit.org/show_bug.cgi?id=69848
2935
2936         Reviewed by Tony Chang.
2937
2938         -webkit-content-order property is removed from latest CSS Regions spec.
2939
2940         * css/CSSComputedStyleDeclaration.cpp:
2941         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2942         * css/CSSParser.cpp:
2943         (WebCore::CSSParser::parseValue):
2944         * css/CSSPropertyNames.in:
2945         * css/CSSStyleSelector.cpp:
2946         (WebCore::CSSStyleSelector::applyProperty):
2947         * dom/Node.cpp:
2948         (WebCore::Node::diff):
2949         * rendering/RenderFlowThread.cpp:
2950         (WebCore::compareRenderRegions):
2951         * rendering/RenderTreeAsText.cpp:
2952         (WebCore::writeRenderFlowThreads):
2953         * rendering/style/RenderStyle.h:
2954         * rendering/style/StyleRareNonInheritedData.cpp:
2955         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
2956         (WebCore::StyleRareNonInheritedData::operator==):
2957         * rendering/style/StyleRareNonInheritedData.h:
2958
2959 2011-10-12  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2960
2961         Update PeerConnection to use WebCore platform interfaces
2962         https://bugs.webkit.org/show_bug.cgi?id=68462
2963
2964         Reviewed by Adam Barth.
2965
2966         Currently not testable.
2967
2968         * WebCore.gypi:
2969         * WebCore.pro:
2970         * bindings/js/JSPeerConnectionCustom.cpp:
2971         (WebCore::JSPeerConnectionConstructor::constructJSPeerConnection):
2972         * bindings/v8/custom/V8PeerConnectionCustom.cpp: Removed.
2973         * dom/MediaStreamList.cpp:
2974         (WebCore::MediaStreamList::item):
2975         (WebCore::MediaStreamList::append):
2976         (WebCore::MediaStreamList::remove):
2977         (WebCore::MediaStreamList::contains):
2978         * dom/MediaStreamList.h:
2979         * p2p/PeerConnection.cpp:
2980         (WebCore::PeerConnection::create):
2981         (WebCore::PeerConnection::PeerConnection):
2982         (WebCore::PeerConnection::processSignalingMessage):
2983         (WebCore::PeerConnection::readyState):
2984         (WebCore::PeerConnection::send):
2985         (WebCore::PeerConnection::addStream):
2986         (WebCore::PeerConnection::removeStream):
2987         (WebCore::PeerConnection::localStreams):
2988         (WebCore::PeerConnection::remoteStreams):
2989         (WebCore::PeerConnection::close):
2990         (WebCore::PeerConnection::iceProcessingCompleted):
2991         (WebCore::PeerConnection::sdpGenerated):
2992         (WebCore::PeerConnection::dataStreamMessageReceived):
2993         (WebCore::PeerConnection::remoteStreamAdded):
2994         (WebCore::PeerConnection::remoteStreamRemoved):
2995         (WebCore::PeerConnection::scriptExecutionContext):
2996         (WebCore::PeerConnection::stop):
2997         (WebCore::PeerConnection::scheduleInitialNegotiation):
2998         (WebCore::PeerConnection::initialNegotiationTimerFired):
2999         (WebCore::PeerConnection::ensureStreamChangeScheduled):
3000         (WebCore::PeerConnection::streamChangeTimerFired):
3001         (WebCore::PeerConnection::scheduleReadyStateChange):
3002         (WebCore::PeerConnection::readyStateChangeTimerFired):
3003         (WebCore::PeerConnection::changeReadyState):
3004         * p2p/PeerConnection.h:
3005         (WebCore::PeerConnection::refEventTarget):
3006         (WebCore::PeerConnection::derefEventTarget):
3007         * p2p/PeerConnection.idl:
3008         * page/MediaStreamClient.h:
3009         * page/MediaStreamController.cpp:
3010         (WebCore::MediaStreamController::MediaStreamController):
3011         * page/MediaStreamController.h:
3012         * page/MediaStreamFrameController.cpp:
3013         * page/MediaStreamFrameController.h:
3014
3015 2011-10-12  Chris Fleizach  <cfleizach@apple.com>
3016
3017         AX: CrashTracer: [USER] 296 crashes in WebProcess at com.apple.WebCore: WebCore::AccessibilityScrollbar::document const + 29
3018         https://bugs.webkit.org/show_bug.cgi?id=69936
3019
3020         AX Scrollbars have a weak pointer to their parent. They need to become AccessibilityMockObjects, so that they can
3021         participate in the detachFromParent() methods that happens when those parents go away.
3022         Could not reproduce the crash, but the backtrace is unequivocal.
3023
3024         Reviewed by Darin Adler.
3025
3026         * accessibility/AccessibilityScrollView.cpp:
3027         (WebCore::AccessibilityScrollView::removeChildScrollbar):
3028         * accessibility/AccessibilityScrollbar.cpp:
3029         (WebCore::AccessibilityScrollbar::AccessibilityScrollbar):
3030         * accessibility/AccessibilityScrollbar.h:
3031         (WebCore::AccessibilityScrollbar::scrollbar):
3032         (WebCore::AccessibilityScrollbar::isAccessibilityScrollbar):
3033
3034 2011-10-12  David Hyatt  <hyatt@apple.com>
3035
3036         https://bugs.webkit.org/show_bug.cgi?id=69950
3037         
3038         REGRESSION: Printing broken because of the isWritingModeRoot addition for unsplittable
3039         paginated content. Make sure not to include the RenderView when checking for writing mode
3040         roots. We only care about children that differ from their parents.
3041
3042         Reviewed by Dimitri Glazkov.
3043
3044         * rendering/LayoutState.cpp:
3045         (WebCore::LayoutState::LayoutState):
3046         * rendering/RenderBlock.cpp:
3047         (WebCore::RenderBlock::adjustForUnsplittableChild):
3048         * rendering/RenderBox.cpp:
3049         (WebCore::RenderBox::isUnsplittableForPagination):
3050         * rendering/RenderBox.h:
3051
3052 2011-10-12  Anna Cavender  <annacc@chromium.org>
3053
3054         Moving ScriptExecutionContext to the front of the argument list for
3055         IDL constructors that use ConstructorWith=ScriptExecutionContext.
3056         https://bugs.webkit.org/show_bug.cgi?id=69799
3057
3058         Reviewed by Adam Barth.
3059
3060         Tests:
3061         - http/tests/eventsource/* (for EventSource)
3062         - fast/filesystem/* (for Worker)
3063
3064         * bindings/js/JSEventSourceCustom.cpp:
3065         (WebCore::JSEventSourceConstructor::constructJSEventSource):
3066         * bindings/js/JSWorkerCustom.cpp:
3067         (WebCore::JSWorkerConstructor::constructJSWorker):
3068         * bindings/scripts/CodeGeneratorV8.pm:
3069         (GenerateConstructorCallback):
3070         * bindings/scripts/test/V8/V8TestInterface.cpp:
3071         (WebCore::V8TestInterface::constructorCallback):
3072         * page/EventSource.cpp:
3073         (WebCore::EventSource::create):
3074         * page/EventSource.h:
3075         * workers/Worker.cpp:
3076         (WebCore::Worker::create):
3077         * workers/Worker.h:
3078
3079 2011-10-11  David Hyatt  <hyatt@apple.com>
3080
3081         https://bugs.webkit.org/show_bug.cgi?id=69896
3082         
3083         [CSS Regions] Make positioned blocks work with variable width regions.
3084         
3085         Make positioned objects able to position and size independently in each region. This involves
3086         lifting the restriction in renderBoxRegionInfo for positioned objects and passing in region
3087         information to computeLogicalWidthForPositioned so that it can compute answers for a given
3088         region.
3089
3090         In order to make mixed writing modes work with positioned objects, this patch also takes some
3091         baby steps towards fixing differing writing modes in paginated environments.
3092
3093         Reviewed by Sam Weinig.
3094
3095         Added many new tests in fast/regions.
3096
3097         * rendering/LayoutState.cpp:
3098         (WebCore::LayoutState::LayoutState):
3099         Disable pagination whenever differing writing modes are encountered. The block effectively becomes
3100         unsplittable (as though it was an image).
3101
3102         * rendering/RenderBlock.cpp:
3103         (WebCore::RenderBlock::layoutBlock):
3104         Remove a FIXME that looks incorrect now.
3105
3106         (WebCore::RenderBlock::adjustPositionedBlock):
3107         Patch static inline position caching to call a new method that unshifts the position to put it back
3108         in the overall block's space rather than having it be per-region.
3109
3110         (WebCore::RenderBlock::layoutPositionedObjects):
3111         Make sure to attempt to set a logicalTop for positioned objects before they lay out so that they
3112         have a chance of paginating correctly the first time around. If for some reason the top estimate proves
3113         to be incorrect, we lay out again. Technically this bug exists for multi-column and printing as well, but
3114         for now just fixing it for regions.
3115
3116         (WebCore::RenderBlock::adjustForUnsplittableChild):
3117         Add writing mode roots to the set of objects we consider to be unsplittable.
3118
3119         (WebCore::RenderBlock::setStaticInlinePositionForChild):
3120         New helper function that handles shifting the inline static position back into the overall block's space
3121         rather than leaving it in a translated region-specific space.
3122
3123         * rendering/RenderBlock.h:
3124         (WebCore::RenderBlock::startOffsetForContent):
3125         New helper function for computing the start offset when no regions are involved.
3126
3127         * rendering/RenderBlockLineLayout.cpp:
3128         (WebCore::setStaticPositions):
3129         (WebCore::RenderBlock::LineBreaker::nextLineBreak):
3130         Patched to call the new helper function, setStaticInlinePositionForChild.
3131
3132         * rendering/RenderBox.cpp:
3133         (WebCore::RenderBox::positionLineBox):
3134         Patched to call the new helper function, setStaticInlinePositionForChild.
3135
3136         (WebCore::RenderBox::computeLogicalWidthInRegion):
3137         Pass region information into the positioning logical width computation function.
3138
3139         (WebCore::RenderBox::renderBoxRegionInfo):
3140         Remove the positioning restriction and properly compute shifting and left/right offsets for positioned
3141         objects.
3142
3143         (WebCore::RenderBox::computeLogicalHeight):
3144         Add code for perpendicular flows that just positions the object within the first region it is encountered
3145         in. Since the object is unsplittable, this will work out. Should the object be so tall that it can't fit
3146         in any region, then the resulting rendering will potentially be terrible, but the expectation is that authors should
3147         avoid having perpendicular flows break across pages.
3148
3149         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
3150         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
3151         Patched to handle regions when they are passed in. Also makes sure that the pagination direction axis computation uses
3152         the flow thread's first region when the flow thread is the positioned object's containing block.
3153
3154         (WebCore::computeInlineStaticDistance):
3155         Patched to examine regions and to modify the static distance computation accordingly so that it is per-region.
3156
3157         (WebCore::RenderBox::computePositionedLogicalWidth):
3158         Pass along the region information when computing the positioned logical width.
3159
3160         (WebCore::computeLogicalLeftPositionedOffset):
3161         Handle the adjustment of the logical left offset for differing writing modes (in this case when the writing mode
3162         is flipped relative to us).
3163
3164         (WebCore::RenderBox::computePositionedLogicalHeight):
3165         Deal with perpendicular writing modes and make sure the object is placed properly using the first region it 
3166         occurs in.
3167
3168         (WebCore::computeLogicalTopPositionedOffset):
3169         Remove code that is no longer needed.
3170
3171         (WebCore::RenderBox::computePositionedLogicalWidthReplaced):
3172         Patched to pass in 0 instead of a region since replaced elements aren't handled yet.
3173
3174         * rendering/RenderBox.h:
3175         Changing the computePositionedLogicalWidth method to take region information.
3176
3177         * rendering/RenderDeprecatedFlexibleBox.cpp:
3178         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
3179         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
3180         Didn't bother fixing deprecated flexible box, and the new flexbox still can't handle positioned objects. When it does,
3181         it will use the new method. Put in some FIXMEs to help the flexbox coders see the issue when they port the code over
3182         to the new flexbox.
3183
3184         * rendering/RenderLayer.h:
3185         (WebCore::RenderLayer::staticInlinePosition):
3186         (WebCore::RenderLayer::staticBlockPosition):
3187         (WebCore::RenderLayer::setStaticInlinePosition):
3188         (WebCore::RenderLayer::setStaticBlockPosition):
3189         Patched to take LayoutUnits instead of ints.
3190
3191 2011-10-12  Nate Chapin  <japhet@chromium.org>
3192
3193         Remove logging to determine how null v8::Contexts are happening,
3194         and check the return value of V8DOMWindowShell::initContextIfNeeded()
3195         before using the context it initialized.
3196         https://bugs.webkit.org/show_bug.cgi?id=68099
3197
3198         Reviewed by Adam Barth.
3199
3200         No new tests, the only symptom is a crash without a known repro.
3201
3202         * bindings/v8/ScriptController.cpp:
3203         * bindings/v8/V8DOMWindowShell.cpp:
3204         (WebCore::V8DOMWindowShell::initContextIfNeeded): Return true
3205             if a context already existed.
3206         (WebCore::V8DOMWindowShell::namedItemAdded): Remove logging.
3207         * bindings/v8/V8Proxy.cpp:
3208
3209 2011-10-06  Robert Hogan  <robert@webkit.org>
3210
3211         CSS 2.1 failure: border-conflict-style-079
3212         https://bugs.webkit.org/show_bug.cgi?id=69551
3213
3214         Reviewed by Antonio Gomes.
3215
3216         * css/CSSValueKeywords.in: ridge and outset were the wrong way round
3217         * rendering/style/RenderStyleConstants.h: ditto
3218
3219
3220 2011-10-12  Jian Li  <jianli@chromium.org>
3221
3222         Support passing optional filename when FormData.append() is used to
3223         append a blob
3224         https://bugs.webkit.org/show_bug.cgi?id=69885
3225
3226         Reviewed by David Levin.
3227
3228         Covered by existing test with new test case added:
3229         http/tests/local/formdata/send-form-data-with-sliced-file.html
3230
3231         * bindings/js/JSDOMFormDataCustom.cpp:
3232         (WebCore::JSDOMFormData::append):
3233         * bindings/v8/custom/V8DOMFormDataCustom.cpp:
3234         (WebCore::V8DOMFormData::appendCallback):
3235         * html/DOMFormData.cpp:
3236         (WebCore::DOMFormData::append):
3237         * html/DOMFormData.h:
3238         * html/DOMFormData.idl:
3239         * html/FormDataList.cpp:
3240         (WebCore::FormDataList::appendBlob):
3241         * html/FormDataList.h:
3242         (WebCore::FormDataList::Item::Item):
3243         (WebCore::FormDataList::Item::filename):
3244         (WebCore::FormDataList::appendBlob):
3245         * platform/network/FormData.cpp:
3246         (WebCore::FormData::appendKeyValuePairItems):
3247
3248 2011-10-12  Sergey Glazunov  <serg.glazunov@gmail.com>
3249
3250         ScriptController::executeIfJavaScriptURL gets confused by synchronous frame loads
3251         https://bugs.webkit.org/show_bug.cgi?id=69777
3252
3253         Reviewed by Adam Barth.
3254
3255         Test: http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html
3256
3257         * bindings/ScriptControllerBase.cpp:
3258         (WebCore::ScriptController::executeIfJavaScriptURL):
3259         * loader/DocumentWriter.cpp:
3260         (WebCore::DocumentWriter::replaceDocument):
3261         (WebCore::DocumentWriter::begin):
3262         * loader/DocumentWriter.h:
3263
3264 2011-10-12  Vsevolod Vlasov  <vsevik@chromium.org>
3265
3266         Web Inspector: Searching in multiple scripts in the scripts tab
3267         https://bugs.webkit.org/show_bug.cgi?id=38807
3268
3269         Reviewed by Pavel Feldman.
3270
3271         Added support for advanced search capabilities in inspector by means
3272         of showing the new SearchView in Drawer. Advanced search is activated
3273         with Ctrl+Shift+F (Cmd+Shift+F) shortcut.
3274
3275         * English.lproj/localizedStrings.js:
3276         * WebCore.gypi:
3277         * WebCore.vcproj/WebCore.vcproj:
3278         * inspector/compile-front-end.sh:
3279         * inspector/front-end/AdvancedSearchController.js: Added.
3280         * inspector/front-end/DebuggerPresentationModel.js:
3281         (WebInspector.DebuggerPresentationModel.prototype.uiSourceCodes):
3282         * inspector/front-end/ScriptsPanel.js:
3283         * inspector/front-end/ScriptsSearchScope.js: Added.
3284         * inspector/front-end/UISourceCode.js:
3285         (WebInspector.UISourceCode.prototype.searchInContent):
3286         * inspector/front-end/WebKit.qrc:
3287         * inspector/front-end/externs.js:
3288         (WebInspector.showViewInDrawer):
3289         * inspector/front-end/inspector.css:
3290         (.search-view):
3291         (.search-view .search-panel):
3292         (.search-view .search-results):
3293         (#search-results-pane-file-based .search-result):
3294         (#search-results-pane-file-based .search-result:first-child):
3295         (#search-results-pane-file-based .search-result .search-result-file-name):
3296         (#search-results-pane-file-based .search-result .search-result-matches-count):
3297         (#search-results-pane-file-based .search-match):
3298         (#search-results-pane-file-based .search-match .webkit-line-number.search-match-line-number):
3299         (#search-results-pane-file-based .search-match:not(:hover) .webkit-line-number.search-match-line-number):
3300         (#search-results-pane-file-based .search-match:hover):
3301         (#search-results-pane-file-based .search-match .highlighted-match):
3302         (#search-results-pane-file-based a):
3303         (#search-results-pane-file-based .search-match .search-match-content):
3304         * inspector/front-end/inspector.html:
3305         * inspector/front-end/inspector.js:
3306         (WebInspector.documentKeyDown):
3307         * inspector/front-end/utilities.js:
3308         ():
3309
3310 2011-10-12  Vsevolod Vlasov  <vsevik@chromium.org>
3311
3312         Web Inspector: Fix Drawer to make it possible to show views other than Console.
3313         https://bugs.webkit.org/show_bug.cgi?id=69831
3314
3315         Reviewed by Pavel Feldman.
3316
3317         Animation type extracted to distinguish between slow and normal
3318         animation and immediate show/hide.
3319         Implemented correct console toggle button behavior on showing views
3320         other than console in Drawer.
3321         View shown in Drawer is now shown in drawer-contents div with common
3322         styles moved there.
3323         Removed unused "_safelyRemoveChildren" method from Drawer.
3324
3325         * inspector/front-end/ConsolePanel.js:
3326         (WebInspector.ConsolePanel.prototype.show):
3327         (WebInspector.ConsolePanel.prototype.hide):
3328         * inspector/front-end/Drawer.js:
3329         (WebInspector.Drawer):
3330         (WebInspector.Drawer.prototype.show):
3331         (WebInspector.Drawer.prototype.hide):
3332         (WebInspector.Drawer.prototype._animationDuration):
3333         * inspector/front-end/inspector.css:
3334         (body.drawer-visible #drawer-contents):
3335         * inspector/front-end/inspector.js:
3336         (WebInspector._toggleConsoleButtonClicked):
3337         (WebInspector._escPressed):
3338         (WebInspector.showViewInDrawer):
3339         (WebInspector.documentKeyDown):
3340
3341 2011-10-12  Yury Semikhatsky  <yurys@chromium.org>
3342
3343         [v8] Use V8DOMWrapper::isWrapperOfType for determining global object type
3344         https://bugs.webkit.org/show_bug.cgi?id=69923
3345
3346         Get rid of globalObjectPrototypeIsDOMWindow, use V8DOMWrapper::isWrapperOfType instead.
3347
3348         Reviewed by Pavel Feldman.
3349
3350         * bindings/v8/V8DOMWrapper.cpp:
3351         (WebCore::V8DOMWrapper::instantiateV8Object):
3352         (WebCore::V8DOMWrapper::getEventListener):
3353
3354 2011-10-12  Yury Semikhatsky  <yurys@chromium.org>
3355
3356         [Chromium] Web Inspector: assertion failure when evaluating expression in worker inspector console
3357         https://bugs.webkit.org/show_bug.cgi?id=69922
3358
3359         Check that the global object is a DOMWindow wrapper befor casting it to V8DOMWindow.
3360
3361         Reviewed by Pavel Feldman.
3362
3363         * bindings/v8/ScriptState.cpp:
3364         (WebCore::ScriptState::domWindow):
3365
3366 2011-10-12  Yuta Kitamura  <yutak@chromium.org>
3367
3368         WebSocket: Update WebSocket protocol to hybi-17
3369         https://bugs.webkit.org/show_bug.cgi?id=69910
3370
3371         Reviewed by Kent Tamura.
3372
3373         Essential changes between hybi-10 and hybi-17 are:
3374         - Sec-WebSocket-Origin header has been renamed to "Origin".
3375         - Sec-WebSocket-Version header value has been bumped to 13.
3376
3377         No new tests are necessary. pywebsocket has already been updated to the latest version
3378         which understands the new protocol. Tests under http/tests/websocket/ should keep
3379         passing.
3380
3381         * websockets/WebSocketHandshake.cpp:
3382         (WebCore::WebSocketHandshake::clientHandshakeMessage):
3383         (WebCore::WebSocketHandshake::clientHandshakeRequest):
3384
3385 2011-10-11  Antti Koivisto  <antti@apple.com>
3386
3387         Resolve regular and visited link style in a single pass
3388         https://bugs.webkit.org/show_bug.cgi?id=69838
3389
3390         Reviewed by Darin Adler
3391         
3392         We can simplify and speed up selector matching by removing the recursive matching done
3393         to generate the style for the :visited pseudo selector. Both regular and visited link style
3394         can be generated in a single pass through the style selector.
3395         
3396         - Make SelectorChecker::checkSelector to return both :visited and :link matches for all links.
3397         - For each selector statically determine and cache the link states it may match.
3398         - When applying the matched style declarations, apply them to the right RenderStyle
3399           (regular, visited, or both).
3400
3401         Statically determining which link state will be matched works since we only support :visited matching
3402         based on the current element state (not ancestors or siblings).
3403         
3404         A later patch will eliminate the separate RenderStyle for visited style completely and include the
3405         few allowed properties to the regular RenderStyle.
3406
3407         * css/CSSStyleSelector.cpp:
3408         (WebCore::RuleData::linkMatchType):
3409         (WebCore::RuleSet::linkPseudoClassRules):
3410         (WebCore::CSSStyleSelector