fbb3f05cb5290ed0ea62c21923f7c074ca6427cd
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2015-06-19  Matt Baker  <mattbaker@apple.com>
2
3         Web Inspector: TimelineAgent needs to handle nested runloops
4         https://bugs.webkit.org/show_bug.cgi?id=145090
5
6         Reviewed by Joseph Pecoraro.
7
8         Previously nested run loops caused InspectorTimelineAgent to prematurely pop the current run loop record. This
9         patch adds a counter to track the run loop nesting level, and rendering frame records are only pushed/popped
10         when the nesting level is zero. Run loop entry/exit notifications received while the debugger is paused do not
11         affect the nesting level.
12
13         * inspector/InspectorTimelineAgent.cpp:
14         (WebCore::InspectorTimelineAgent::internalStart):
15         (WebCore::InspectorTimelineAgent::internalStop):
16         (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
17         * inspector/InspectorTimelineAgent.h:
18
19 2015-06-19  Brent Fulgham  <bfulgham@apple.com>
20
21         Follow-up fix to r185766.
22         https://bugs.webkit.org/show_bug.cgi?id=22132
23
24         Reviewed by Zalan Bujtas.
25
26         Suggested by Darin Adler in the bug.
27
28         * platform/graphics/filters/FETile.cpp:
29         (WebCore::FETile::platformApplySoftware): Use WTF::move when passing
30         the new tileImageCopy RefPtr.
31
32 2015-06-19  Michael Catanzaro  <mcatanzaro@igalia.com>
33
34         [SOUP] Fix return-type-c-linkage warning after r185553
35         https://bugs.webkit.org/show_bug.cgi?id=146014
36
37         Reviewed by Martin Robinson.
38
39         * platform/network/soup/WebKitSoupRequestGeneric.cpp:
40         (webkitSoupRequestGenericGetRequest): Return a pointer rather than a reference.
41         * platform/network/soup/WebKitSoupRequestGeneric.h: webkitSoupRequestGenericGetRequest now
42         returns a pointer rather than a reference.
43
44 2015-06-19  Dean Jackson  <dino@apple.com>
45
46         Played <audio> looks invisible against the gray background
47         https://bugs.webkit.org/show_bug.cgi?id=146164
48         <rdar://problem/21014284>
49
50         Reviewed by Brent Fulgham.
51
52         The plus-darker blend mode was not allowing any white to
53         show through in the rendering. We don't need this for
54         audio controls, where we draw on an opaque grey background.
55
56         * Modules/mediacontrols/mediaControlsiOS.css:
57         (audio::-webkit-media-controls-panel): Darken the color of the controls a
58         little to make white stand out more.
59         (audio::-webkit-media-controls-timeline): Remove the plus-darker blending.
60         (video::-webkit-media-controls-timeline): Apply blending only to video.
61
62 2015-06-19  Andy Estes  <aestes@apple.com>
63
64         Various assertion failures occur when executing script in the midst of DOM insertion
65         https://bugs.webkit.org/show_bug.cgi?id=132482
66
67         Reviewed by Darin Adler.
68
69         Prior to this change, when an element containing a <script> child was inserted into a document, the script was
70         executed in ScriptElement::insertedInto(). That script can access nodes that follow it in the newly-inserted
71         hierarchy but are not yet fully inserted, leading to at least the following problems:
72
73             - The script could remove a node that is not yet marked as in the document.
74             - The script could remove a named <map> that has yet to be added to TreeScope::m_imageMapsByName.
75             - The script could remove a form control that has yet to be added to FormController::m_formElementsWithState.
76
77         These scenarios all result in assertion failures. This change ensures that each node in the newly-inserted
78         hierarchy is fully inserted before executing any scripts.
79
80         Tests: fast/dom/element-removed-while-inserting-parent-crash.html
81                fast/dom/named-map-removed-while-inserting-parent-crash.html
82                fast/forms/form-control-removed-while-inserting-parent-crash.html
83                svg/dom/element-removed-while-inserting-parent-crash.html
84
85         * dom/ScriptElement.cpp:
86         (WebCore::ScriptElement::shouldNotifySubtreeInsertions): Renamed from insertedInto().
87         Returned true in the case where insertedInto() would've called prepareScript().
88         (WebCore::ScriptElement::didNotifySubtreeInsertions): Called prepareScript().
89         (WebCore::ScriptElement::insertedInto): Renamed to shouldNotifySubtreeInsertions().
90         * dom/ScriptElement.h:
91         * html/HTMLScriptElement.cpp:
92         (WebCore::HTMLScriptElement::insertedInto): If shouldNotifySubtreeInsertions() is true, returned InsertionShouldCallDidNotifySubtreeInsertions.
93         Otherwise, returned InsertionDone.
94         (WebCore::HTMLScriptElement::didNotifySubtreeInsertions): Called ScriptElement::didNotifySubtreeInsertions().
95         * html/HTMLScriptElement.h:
96         * svg/SVGScriptElement.cpp:
97         (WebCore::SVGScriptElement::insertedInto): Did the same as HTMLScriptElement::insertedInto().
98         (WebCore::SVGScriptElement::didNotifySubtreeInsertions): Called ScriptElement::didNotifySubtreeInsertions().
99         * svg/SVGScriptElement.h:
100
101 2015-06-19  Brent Fulgham  <bfulgham@apple.com>
102
103         All calls of ImageBuffer::create should null check the return value
104         https://bugs.webkit.org/show_bug.cgi?id=22132
105
106         Reviewed by Zalan Bujtas.
107
108         ImageBuffer::create returns nullptr for a number of reasons, and should be
109         expected to do so. We missed this check in a few places, resulting in
110         crashes on some systems. Likewise, ImageBuffer::copyImage may return nullptr
111         in normal use and should be checked.
112
113         * platform/graphics/BitmapImage.cpp:
114         (WebCore::BitmapImage::drawPattern): Add nullptr check for create and copyImage. Remove
115         extra call to 'setImageObserver'.
116         * platform/graphics/cairo/ImageBufferCairo.cpp:
117         (WebCore::ImageBuffer::drawPattern): Add nullptr check for copyImage.
118         * platform/graphics/cg/ImageBufferCG.cpp:
119         (WebCore::ImageBuffer::drawPattern): Add nullptr checks for copyImage.
120         * platform/graphics/filters/FETile.cpp:
121         (WebCore::FETile::platformApplySoftware): Add nullptr check for copyImage.
122         * platform/graphics/filters/FilterEffect.cpp:
123         (WebCore::FilterEffect::asImageBuffer): Add nullptr check for create.
124         (WebCore::FilterEffect::openCLImageToImageBuffer): Ditto.
125         * platform/graphics/texmap/BitmapTexture.cpp:
126         (WebCore::BitmapTexture::updateContents): Add nullptr checks for create and copyImage.
127         * svg/graphics/SVGImage.cpp:
128         (WebCore::SVGImage::drawPatternForContainer): Add nullptr check for copyImage.
129
130 2015-06-19  Jeremy Jones  <jeremyj@apple.com>
131
132         Get CAContext directly for CALayer instead of walking the layer tree.
133         https://bugs.webkit.org/show_bug.cgi?id=146138
134         <rdar://problem/21455974>
135
136         Reviewed by Darin Adler.
137
138         This will get the context directly from the CALayer instead of getting all CAContexts, walking the layer tree 
139         to the root and comparing that against each CAContext's root layer.
140
141         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
142         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
143
144 2015-06-18  Brent Fulgham  <bfulgham@apple.com>
145
146         [iOS] scrollIntoViewIfNeeded is not working with scroll-snap points
147         https://bugs.webkit.org/show_bug.cgi?id=145318
148         <rdar://problem/21081501>
149
150         Reviewed by Simon Fraser.
151
152         Use the ScrollController in iOS to track the scroll snap point state.
153         We do not need the animation implementation or timers since the actual
154         animation is handled by UIKit.
155
156         This change lets us communicate the current offset into the scroll snap
157         offset vector between the WebProcess and RemoteScrollingTree so that
158         both sides stay in sync regardless of whether user gestures or style
159         updates have caused us to shift to a different snap point.
160
161         * page/scrolling/AsyncScrollingCoordinator.cpp:
162         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated): Set the
163         current horizontal and vertical scroll snap offset indices.
164         (WebCore::AsyncScrollingCoordinator::updateOverflowScrollingNode): Ditto.
165         * page/scrolling/AsyncScrollingCoordinator.h: Mark the setActiveScrollSnapIndices
166         for export so that it can be reached by the UIProcess.
167         * page/scrolling/ScrollingCoordinator.h: Keep track of horizontal and
168         vertical scroll snap offset indices.
169         * page/scrolling/ScrollingStateScrollingNode.cpp:
170         (WebCore::ScrollingStateScrollingNode::setCurrentHorizontalSnapPointIndex): Added.
171         (WebCore::ScrollingStateScrollingNode::setCurrentVerticalSnapPointIndex): Added.
172         * page/scrolling/ScrollingStateScrollingNode.h:
173         (WebCore::ScrollingStateScrollingNode::currentHorizontalSnapPointIndex): Added.
174         (WebCore::ScrollingStateScrollingNode::currentVerticalSnapPointIndex): Added.
175         * page/scrolling/ScrollingTree.h:
176         * page/scrolling/ScrollingTreeScrollingNode.cpp:
177         (WebCore::ScrollingTreeScrollingNode::updateBeforeChildren): Update the scroll snap
178         point offset indices if either has changed.
179         * page/scrolling/ScrollingTreeScrollingNode.h:
180         (WebCore::ScrollingTreeScrollingNode::currentHorizontalSnapPointIndex): Added.
181         (WebCore::ScrollingTreeScrollingNode::currentVerticalSnapPointIndex): Added.
182         (WebCore::ScrollingTreeScrollingNode::setCurrentHorizontalSnapPointIndex): Added.
183         (WebCore::ScrollingTreeScrollingNode::setCurrentVerticalSnapPointIndex): Added.
184         * page/scrolling/ThreadedScrollingTree.cpp:
185         (WebCore::ThreadedScrollingTree::currentSnapPointIndicesDidChange): New method
186         to handle notifications about scroll snap index changes from the UIProcess.
187         * page/scrolling/ThreadedScrollingTree.h:
188         * page/scrolling/ios/ScrollingTreeIOS.cpp:
189         (WebCore::ScrollingTreeIOS::currentSnapPointIndicesDidChange): New method
190         to handle notifications about scroll snap index changes from the UIProcess.
191         * page/scrolling/ios/ScrollingTreeIOS.h:
192         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
193         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): Update scroll
194         snap point current offset indices if they have changed.
195         (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Remove unneeded
196         PLATFORM(MAC) macro.
197         * platform/ScrollAnimator.cpp:
198         (WebCore::ScrollAnimator::ScrollAnimator): We have a ScrollController if we are
199         supporting scroll snap points or rubber banding.
200         (WebCore::ScrollAnimator::processWheelEventForScrollSnap): This method is not needed
201         for iOS builds.
202         (WebCore::ScrollAnimator::updateActiveScrollSnapIndexForOffset): Enable this on iOS.
203         (WebCore::ScrollAnimator::updateScrollSnapState): Renamed from 'updateScrollAnimatorsAndTimers'
204         and enabled on iOS.
205         (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers): Deleted.
206         * platform/ScrollAnimator.h: Enable some scroll snap methods on iOS.
207         * platform/ScrollableArea.cpp:
208         (WebCore::ScrollableArea::handleWheelEvent): Enable scroll snap index bookkeeping on iOS, too.
209         (WebCore::ScrollableArea::updateScrollSnapState): Revise to call 'updateScrollSnapState' instead
210         of 'updateScrollAnimatorsAndTimers'.
211         * platform/cocoa/ScrollController.h: Enable some methods on iOS. Reorder methods to
212         reduce the number of macros needed to do so.
213         * platform/cocoa/ScrollController.mm:
214         (systemUptime): Only build for Mac.
215         (WebCore::ScrollController::ScrollController): Disable rubber band-specific members on iOS.
216         (WebCore::ScrollController::handleWheelEvent): Only build this on Mac.
217         (WebCore::ScrollController::isRubberBandInProgress): Always return 'false' on iOS.
218         (WebCore::ScrollController::startSnapRubberbandTimer): Only build this on Mac.
219         (WebCore::ScrollController::shouldRubberBandInHorizontalDirection): Ditto.
220         (WebCore::ScrollController::scrollSnapPointState): Enable on iOS.
221         (WebCore::ScrollController::hasActiveScrollSnapTimerForAxis): Only build on Mac.
222         (WebCore::ScrollController::updateScrollSnapState): renamed from 'updateScrollAnimatorsAndTimers'
223         (WebCore::ScrollController::startScrollSnapTimer): Only build on Mac.
224         (WebCore::ScrollController::initializeGlideParameters): Ditto.
225         (WebCore::ScrollController::activeScrollSnapIndexForAxis): Enable on iOS.
226         (WebCore::ScrollController::setActiveScrollSnapIndicesForOffset): Ditto.
227         (WebCore::ScrollController::beginScrollSnapAnimation): Only build on Mac.
228         (WebCore::ScrollController::computeGlideDelta): Ditto.
229         (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Deleted.
230         * rendering/RenderLayerCompositor.cpp:
231         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer): Capture any changes in scroll
232         snap offset indices.
233
234 2015-06-19  Jeremy Jones  <jeremyj@apple.com>
235
236         Fullscreen view should not update bounds of video when in PiP.
237         https://bugs.webkit.org/show_bug.cgi?id=146134
238
239         Reviewed by Darin Adler.
240
241         Don't update bounds on video layer when it is not a child.
242
243         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
244         (-[WebAVVideoLayer setBounds:]):
245
246 2015-06-19  Zalan Bujtas  <zalan@apple.com>
247
248         RenderRubyText requires RenderRubyRun parent.
249         https://bugs.webkit.org/show_bug.cgi?id=146148
250         rdar://problem/21423319
251
252         Reviewed by Simon Fraser.
253
254         RenderRubyText expects its parent to be RenderRubyRun and since a
255         a non-block <rt> requires anonymous wrapper, we should check whether
256         the display type is actually block.
257
258         Test: fast/ruby/crash-when-ruby-rt-is-non-block.html
259
260         * html/RubyTextElement.cpp:
261         (WebCore::RubyTextElement::createElementRenderer):
262
263 2015-06-19  Jeremy Jones  <jeremyj@apple.com>
264
265         cancelPreviousPerformRequestsWithTarget for -resolveBounds in wrong class.
266         https://bugs.webkit.org/show_bug.cgi?id=146140
267
268         Reviewed by Eric Carlson.
269
270         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
271         (-[WebCALayerHostWrapper dealloc]): Added.
272         (-[WebAVVideoLayer dealloc]): Deleted.
273
274 2015-06-19  Per Arne Vollan  <peavo@outlook.com>
275
276         [WinCairo] Null pointer crash in BitmapTexture::updateContents.
277         https://bugs.webkit.org/show_bug.cgi?id=146147
278
279         Reviewed by Brent Fulgham.
280
281         Added null pointer check.
282
283         * platform/graphics/texmap/BitmapTexture.cpp:
284         (WebCore::BitmapTexture::updateContents):
285
286 2015-06-19  Anders Carlsson  <andersca@apple.com>
287
288         Spintracer treats the web process as hung when it's showing JavaScript dialogs in the UI process
289         https://bugs.webkit.org/show_bug.cgi?id=146124
290         rdar://problem/21449395
291
292         Reviewed by Geoffrey Garen.
293
294         * platform/spi/cg/CoreGraphicsSPI.h:
295
296 2015-06-19  Csaba Osztrogonác  <ossy@webkit.org>
297
298         Remove unnecessary svn:executable flags
299         https://bugs.webkit.org/show_bug.cgi?id=146107
300
301         Reviewed by Alexey Proskuryakov.
302
303         * html/canvas/CanvasRenderingContext2D.cpp: Removed property svn:executable.
304         * mathml/MathMLMencloseElement.cpp: Removed property svn:executable.
305         * mathml/MathMLMencloseElement.h: Removed property svn:executable.
306         * platform/efl/RenderThemeEfl.cpp: Removed property svn:executable.
307         * rendering/mathml/RenderMathMLMenclose.cpp: Removed property svn:executable.
308         * rendering/mathml/RenderMathMLMenclose.h: Removed property svn:executable.
309
310 2015-06-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>
311
312         Bindings generator should generate code to catch exception and reject promises for Promise-based APIs
313         https://bugs.webkit.org/show_bug.cgi?id=146060
314
315         Reviewed by Darin Adler.
316
317         The binding generator splits the function that binds JS to the DOM class implementation in two for functions returning promise.
318         The first function, called from JS, is responsible of casting this to the expected JSXXX class.
319         If casting fails, an exception is raised. Otherwise, it calls the second function.
320         After calling the second function, it checks whether an exception is raised, in which case it returns a rejected promise.
321         The second function is responsible of argument conversion and calling the DOM class function.
322
323         Covered by expectations and AudioContext promise still working.
324         A test case is added for a promise returning function taking a typed argument as input (if argument value cannot be typed, the promise is rejected).
325         A second test case is a promise-returning function that can raise an exception. In that case the DOMException is used as rejection value.
326
327         As can be seen from generated code, this generalized code adds a mandatory check (is there an exception?) at the end of the function.
328         This check is done even in cases we know there will be no exception.
329         This may be covered by another patch if this optimization is thought useful enough.
330
331         * bindings/js/JSDOMPromise.cpp:
332         (WebCore::rejectPromiseWithExceptionIfAny): Utility method for the binding code.
333         (WebCore::callPromiseFunction): Ditto.
334         * bindings/js/JSDOMPromise.h:
335         * bindings/scripts/CodeGeneratorJS.pm:
336         (GenerateImplementation):
337         (GenerateFunctionCastedThis): Extracted from GenerateImplementationFunctionCall to reuse it in case of promise-returning functions.
338         (GenerateImplementationFunctionCall):
339         (GenerateCallbackImplementation): Deleted.
340         * bindings/scripts/test/JS/JSTestObj.cpp:
341         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
342         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionPromise):
343         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgument):
344         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentPromise):
345         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithException):
346         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithExceptionPromise):
347         * bindings/scripts/test/TestObj.idl:
348
349 2015-06-18  Jeremy Jones  <jeremyj@apple.com>
350
351         Disable UIWindow for fullscreen video for selected clients.
352         https://bugs.webkit.org/show_bug.cgi?id=145852
353
354         Reviewed by Simon Fraser.
355
356         Disable UIWindow for fullscreen video doesn't work everywhere (rdar://problem/21315993), so just disable it when creating a UIWindow won't work.
357         Fix some interface hiding and layout problems that showed up in the non UIWindow code path.
358
359         * platform/RuntimeApplicationChecksIOS.h:
360         * platform/RuntimeApplicationChecksIOS.mm: Remove iAD bundle identifier.
361         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
362         (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Opt out of UIWindow when hosted in another process. And fix view parenting for non-window case.
363         (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Fix for AVKit exit fullscreen complaining about -needsLayout.
364
365         (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen):
366         (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
367         (WebVideoFullscreenInterfaceAVKit::willStartOptimizedFullscreen):
368         (WebVideoFullscreenInterfaceAVKit::didStartOptimizedFullscreen):
369         (WebVideoFullscreenInterfaceAVKit::willStopOptimizedFullscreen):
370         (WebVideoFullscreenInterfaceAVKit::didStopOptimizedFullscreen):
371         These hide and show the view controller where we hide and show the window.
372
373 2015-06-18  Dean Jackson  <dino@apple.com>
374
375         Provide a way for web developers to draw a Theme-specific Wireless Playback icon
376         https://bugs.webkit.org/show_bug.cgi?id=146123
377         <rdar://problem/21119287>
378
379         Reviewed by Simon Fraser.
380
381         Implement a -webkit-named-image() CSS <image> generator that allows a site to
382         request artwork by name and get the platform variant. At the moment
383         we only support "wireless-playback" which returns a generic image everywhere
384         but Cocoa platforms, where we render the AirPlay icon.
385
386         In order to do this I added a ThemeCocoa to share any Theme code between
387         Mac and iOS.
388
389         Test: fast/css/named-icons.html
390
391         * WebCore.xcodeproj/project.pbxproj: Add new files CSSNamedImageValue, NamedImageGeneratedImage and ThemeCocoa.
392
393         * css/CSSImageGeneratorValue.cpp: Handle the new NamedImageClass in the switch statements for downcasting.
394         (WebCore::CSSImageGeneratorValue::image):
395         (WebCore::CSSImageGeneratorValue::isFixedSize):
396         (WebCore::CSSImageGeneratorValue::isPending):
397         (WebCore::CSSImageGeneratorValue::knownToBeOpaque):
398
399         * css/CSSNamedImageValue.cpp: New class. Just holds a name String.
400         (WebCore::CSSNamedImageValue::customCSSText):
401         (WebCore::CSSNamedImageValue::image):
402         (WebCore::CSSNamedImageValue::equals):
403         * css/CSSNamedImageValue.h:
404         (WebCore::CSSNamedImageValue::create):
405         (WebCore::CSSNamedImageValue::isFixedSize):
406         (WebCore::CSSNamedImageValue::isPending):
407         (WebCore::CSSNamedImageValue::CSSNamedImageValue):
408
409         * css/CSSParser.cpp:
410         (WebCore::CSSParser::isGeneratedImageValue): Allow "-webkit-named-image(".
411         (WebCore::CSSParser::parseGeneratedImage): Call parseNamedImage if we hit named-icon.
412         (WebCore::CSSParser::parseNamedImage): Parse the function looking for a CSS ident.
413         * css/CSSParser.h:
414
415         * css/CSSValue.cpp: Handle NamedImageClass in the various switch statements.
416         (WebCore::CSSValue::equals):
417         (WebCore::CSSValue::cssText):
418         (WebCore::CSSValue::destroy):
419         * css/CSSValue.h:
420         (WebCore::CSSValue::isNamedImageValue): Helper to detect the correct CSSValue subclass.
421
422         * platform/Theme.cpp:
423         (WebCore::Theme::drawNamedImage): Draw a generic wireless playback icon.
424         * platform/Theme.h: Add drawNamedImage.
425
426         * platform/cocoa/ThemeCocoa.cpp: New shared base class for ThemeMac and ThemeIOS.
427         (WebCore::fitContextToBox):
428         (WebCore::ThemeCocoa::drawNamedImage): Draw an AirPlay icon for wireless playback.
429         * platform/cocoa/ThemeCocoa.h:
430
431         * platform/graphics/CrossfadeGeneratedImage.h: Drive-by removal of unnecessary forward class definition.
432
433         * platform/graphics/ImageBuffer.h: Add NamedImageGeneratedImage as a friend class.
434
435         * platform/graphics/NamedImageGeneratedImage.cpp: New class. Calls into the Theme to render the artwork.
436         (WebCore::NamedImageGeneratedImage::NamedImageGeneratedImage):
437         (WebCore::NamedImageGeneratedImage::draw):
438         (WebCore::NamedImageGeneratedImage::drawPattern):
439         * platform/graphics/NamedImageGeneratedImage.h:
440
441         * platform/ios/ThemeIOS.h: Inherit from ThemeCocoa.
442         * platform/mac/ThemeMac.h: Ditto.
443
444 2015-06-18  KyungTae Kim  <ktf.kim@samsung.com> and Myles C. Maxfield  <mmaxfield@apple.com>
445
446         [CSS3] Add support for the word-break:keep-all CSS property
447         https://bugs.webkit.org/show_bug.cgi?id=123782
448
449         Reviewed by Darin Adler.
450
451         Add support for word-break:keep-all CSS property by CSS3 spec:
452         http://www.w3.org/TR/2013/WD-css-text-3-20131010/#word-break-property
453
454         Test: fast/text/word-break-keep-all.html
455
456         * css/CSSParser.cpp:
457         (WebCore::isValidKeywordPropertyAndValue):
458         * css/CSSPrimitiveValueMappings.h:
459         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
460         (WebCore::CSSPrimitiveValue::operator EWordBreak):
461         * css/CSSValueKeywords.in:
462         * rendering/RenderText.cpp:
463         (WebCore::RenderText::computePreferredLogicalWidths):
464         * rendering/break_lines.h:
465         (WebCore::nextBreakablePositionKeepingAllWords):
466         (WebCore::nextBreakablePositionKeepingAllWordsIgnoringNBSP):
467         (WebCore::isBreakable):
468         * rendering/line/BreakingContext.h:
469         (WebCore::BreakingContext::handleText):
470         (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord):
471         * rendering/style/RenderStyleConstants.h:
472
473 2015-06-18  Jon Lee  <jonlee@apple.com>
474
475         Update AVKit usage of pip
476         https://bugs.webkit.org/show_bug.cgi?id=146095
477         <rdar://problem/21386853>
478
479         Reviewed by Eric Carlson.
480
481         - Rename enum VideoFullscreenModeOptimized to VideoFullscreenModePictureInPicture
482         - Rename MediaElementSession::allowsAlternateFullscreen to allowsPictureInPicture
483         - Rename Settings::allowsAlternateFullscreen to allowsPictureInPictureMediaPlayback
484         - Update AVKit calls and AVKitSPI.h
485         - Rename WebVideoFullscreenInterfaceAVKit delegate functions and member variables
486
487         * html/HTMLMediaElement.cpp:
488         * html/HTMLVideoElement.cpp:
489         * html/MediaElementSession.cpp:
490         (WebCore::MediaElementSession::allowsPictureInPicture): Renamed.
491         (WebCore::MediaElementSession::allowsAlternateFullscreen): Deleted.
492         * html/MediaElementSession.h:
493         * page/Settings.cpp:
494         * page/Settings.in:
495         * platform/graphics/MediaPlayerEnums.h:
496         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
497         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
498         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Remove unused setIsOptimized.
499         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
500         * platform/spi/cocoa/AVKitSPI.h: Remove unused typedef.
501         * platform/spi/mac/AVFoundationSPI.h:
502
503 2015-06-18  Jeremy Jones  <jeremyj@apple.com>
504
505         Fix crash when entering fullscreen during exit fullscreen animation.
506         https://bugs.webkit.org/show_bug.cgi?id=146117
507
508         Reviewed by Simon Fraser.
509
510         Because enterFullscreen can be called during exitFullscreen animation, the exit fullscreen teardown
511         should not imply a fullscreen state change on video element.
512
513         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
514         (WebVideoFullscreenControllerContext::exitFullscreen): May be called from mainThread
515         (-[WebVideoFullscreenController exitFullscreen]): May be called from mainThread
516         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
517         (WebVideoFullscreenModelVideoElement::setVideoElement): 
518         Changing associated video element does not imply fullscreen mode change.
519
520 2015-06-18  Brian J. Burg  <burg@cs.washington.edu>
521
522         Web Inspector: improve generated types for objects passed to backend commands
523         https://bugs.webkit.org/show_bug.cgi?id=146091
524
525         Reviewed by Joseph Pecoraro.
526
527         Update type signatures for backend command implementations. In a few cases, clean
528         up relevant helper function signatures and copy data out of parameter objects where
529         the code previously held onto a reference.
530
531         No new tests, no behavior changed.
532
533         * inspector/InspectorCSSAgent.cpp:
534         (WebCore::computePseudoClassMask):
535         (WebCore::InspectorCSSAgent::setStyleText):
536         (WebCore::InspectorCSSAgent::setRuleSelector):
537         (WebCore::InspectorCSSAgent::forcePseudoState):
538         * inspector/InspectorCSSAgent.h:
539         * inspector/InspectorDOMAgent.cpp:
540         (WebCore::parseColor):
541         (WebCore::parseConfigColor):
542         (WebCore::parseQuad):
543         (WebCore::InspectorDOMAgent::performSearch):
544         (WebCore::InspectorDOMAgent::setSearchingForNode):
545         (WebCore::InspectorDOMAgent::highlightConfigFromInspectorObject):
546         (WebCore::InspectorDOMAgent::setInspectModeEnabled):
547         (WebCore::InspectorDOMAgent::highlightRect):
548         (WebCore::InspectorDOMAgent::highlightQuad):
549         (WebCore::InspectorDOMAgent::innerHighlightQuad):
550         (WebCore::InspectorDOMAgent::highlightNode):
551         (WebCore::InspectorDOMAgent::highlightFrame):
552         * inspector/InspectorDOMAgent.h:
553         * inspector/InspectorDOMStorageAgent.cpp:
554         (WebCore::InspectorDOMStorageAgent::getDOMStorageItems):
555         (WebCore::InspectorDOMStorageAgent::setDOMStorageItem):
556         (WebCore::InspectorDOMStorageAgent::removeDOMStorageItem):
557         (WebCore::InspectorDOMStorageAgent::findStorageArea):
558         * inspector/InspectorDOMStorageAgent.h:
559         * inspector/InspectorIndexedDBAgent.cpp:
560         (WebCore::InspectorIndexedDBAgent::requestData):
561         * inspector/InspectorIndexedDBAgent.h:
562         * inspector/InspectorReplayAgent.cpp:
563         (WebCore::InspectorReplayAgent::replayToPosition):
564         * inspector/InspectorReplayAgent.h:
565         * inspector/InspectorResourceAgent.cpp:
566         (WebCore::InspectorResourceAgent::willSendRequest):
567         (WebCore::InspectorResourceAgent::setExtraHTTPHeaders):
568         Clean up extraHTTPHeaders to copy header key/values out of the InspectorObject, rather
569         than retaining the protocol object indefinitely. This matches the ownership scheme used
570         everywhere else.
571
572         * inspector/InspectorResourceAgent.h:
573         * inspector/InspectorStyleSheet.h:
574         (WebCore::InspectorCSSId::InspectorCSSId):
575         * inspector/InspectorWorkerAgent.cpp:
576         (WebCore::InspectorWorkerAgent::sendMessageToWorker):
577         * inspector/InspectorWorkerAgent.h:
578
579 2015-06-18  Anders Carlsson  <andersca@apple.com>
580
581         Remove shouldInterruptJavaScript
582         https://bugs.webkit.org/show_bug.cgi?id=146118
583
584         Reviewed by Antti Koivisto.
585
586         The WebKit SPI methods for deciding whether JavaScript execution should be interrupted hasn't been used
587         for many releases. Furthermore, they don't make sense in the multi-process architecture since it's still possible
588         to interrupt execution (by closing the browser tab or window) from the UI process.
589
590         * bindings/js/JSDOMWindowBase.cpp:
591         (WebCore::JSDOMWindowBase::shouldInterruptScript):
592         * loader/EmptyClients.h:
593         * page/Chrome.cpp:
594         (WebCore::Chrome::shouldInterruptJavaScript): Deleted.
595         * page/Chrome.h:
596         * page/ChromeClient.h:
597
598 2015-06-18  Benjamin Poulain  <bpoulain@apple.com>
599
600         [CSS JIT][ARMv7] The pseudo element early exit trashes r6
601         https://bugs.webkit.org/show_bug.cgi?id=146078
602
603         Reviewed by Alex Christensen.
604
605         The pseudo element early failure runs before we generate the prologue.
606         The reason is that we can often exit immediately on function entry, before
607         we even touch any memory.
608
609         On ARMv7, we don't have many spare registers so the MacroAssembler
610         uses r6 as a scratch register and the client code is expected to save
611         it.
612
613         In the early failure case, we were not pushing r6 before using the MacroAssembler
614         and its value could be trashed.
615
616         This patch push the macro assembler registers separately from the prologue.
617
618         For restoring the registers, a new function generateFunctionEnding() encapsulate
619         the pop() and ret().
620
621         * cssjit/SelectorCompiler.cpp:
622         (WebCore::SelectorCompiler::SelectorCodeGenerator::pushMacroAssemblerRegisters):
623         (WebCore::SelectorCompiler::SelectorCodeGenerator::popMacroAssemblerRegisters):
624         (WebCore::SelectorCompiler::SelectorCodeGenerator::generatePrologue):
625         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateEpilogue):
626         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
627
628         * cssjit/StackAllocator.h:
629         (WebCore::StackAllocator::operator=):
630         We have a new case for the stack allocator: some stack changes are conditional
631         at compile time instead of runtime. This is easy to deal with by overriding
632         the stack if a path is not taken at compile time.
633
634 2015-06-17  Conrad Shultz  <conrad_shultz@apple.com>
635
636         REGRESSION: js/dom/navigator-plugins-crash.html asserts a lot
637         https://bugs.webkit.org/show_bug.cgi?id=144399
638
639         Reviewed by Darin Adler.
640
641         Earlier work made the array of web-visible plug-ins dynamic, but allowed DOMPlugin (and, indirectly by extension,
642         DOMMimeType) to continue keeping a reference to a plug-in in terms of an index into that array. This superficially
643         appeared correct since DOMPlugin immutably holds onto a PluginData instance, which in turn immutably holds onto a
644         Page instance. PluginStrategy::getWebVisiblePluginInfo() is passed this Page, which is used to determine the contents
645         of the plugin array. The expectation was that keeping an index would still be safe since the Page is not changing,
646         but this is not strictly correct since relevant attributes of the Page and/or the available plugins may still change.
647
648         It's not entirely clear why the test failures are intermittent and occur only on certain configurations, but address
649         them by eliminating the incorrect storage of indexes in favor of keeping copies of the relevant plugin info itself.
650
651         * plugins/DOMMimeType.cpp:
652         (WebCore::DOMMimeType::DOMMimeType):
653         Instead of storing the MIME type index, retrieve and store the MIME class info and plugin info.
654         (WebCore::DOMMimeType::type):
655         Directly access the m_mimeClassInfo member.
656         (WebCore::DOMMimeType::suffixes):
657         Ditto.
658         (WebCore::DOMMimeType::description):
659         Ditto.
660         (WebCore::DOMMimeType::enabledPlugin):
661         Directly access the m_pluginInfo member.
662         (WebCore::DOMMimeType::mimeClassInfo): Deleted.
663
664         * plugins/DOMMimeType.h:
665         Update member variables.
666
667         * plugins/DOMPlugin.cpp:
668         (WebCore::DOMPlugin::DOMPlugin):
669         Instead of storing the plugin index, store the plugin info directly.
670         (WebCore::DOMPlugin::name):
671         Directly access m_pluginInfo.
672         (WebCore::DOMPlugin::filename):
673         Ditto.
674         (WebCore::DOMPlugin::description):
675         Ditto.
676         (WebCore::DOMPlugin::length):
677         Ditto.
678         (WebCore::DOMPlugin::item):
679         Access m_pluginInfo directly; find the matching plug-in based on matching PluginInfo (for which an overloaded
680         comparator is supplied below).
681         (WebCore::DOMPlugin::pluginInfo): Deleted.
682
683         * plugins/DOMPlugin.h:
684         Update member variables.
685         (WebCore::DOMPlugin::create):
686         Accept a PluginInfo instead of a plugin index.
687
688         * plugins/DOMPluginArray.cpp:
689         (WebCore::DOMPluginArray::item):
690         (WebCore::DOMPluginArray::namedItem):
691
692         * plugins/PluginData.h:
693         (WebCore::operator==):
694         Added; compare PluginInfo structs on the basis of member equality.
695
696 2015-06-17  Alex Christensen  <achristensen@webkit.org>
697
698         [Content Extensions] Log blocked loads to the WebInspector console
699         https://bugs.webkit.org/show_bug.cgi?id=146089
700
701         Reviewed by Joseph Pecoraro.
702
703         * contentextensions/ContentExtensionsBackend.cpp:
704         (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
705         (WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
706         Log which URLs are blocked and the URL of the page they are blocked from.
707
708 2015-06-18  Joseph Pecoraro  <pecoraro@apple.com>
709
710         Crash under WebCore::DOMWindow::dispatchMessageEventWithOriginCheck attempting to log console message
711         https://bugs.webkit.org/show_bug.cgi?id=146093
712
713         Reviewed by Timothy Hatcher.
714
715         * page/DOMWindow.cpp:
716         (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
717         The console could be null so null check its use.
718
719 2015-06-18  Csaba Osztrogonác  <ossy@webkit.org>
720
721         Suppress null-conversion warnings in ANGLE
722         https://bugs.webkit.org/show_bug.cgi?id=145125
723
724         Reviewed by Alex Christensen.
725
726         * CMakeLists.txt:
727
728 2015-06-18  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>
729
730         [Streams API] Implement ReadableStreamReader.releaseLock
731         https://bugs.webkit.org/show_bug.cgi?id=145299
732
733         Reviewed by Darin Adler.
734
735         Covered by rebased tests.
736
737         * Modules/streams/ReadableStream.cpp:
738         (WebCore::ReadableStream::close): Moving some close code to newly added releaseReader.
739         (WebCore::ReadableStream::releaseReader): Implements reader release and callbacks finalization.
740         (WebCore::ReadableStream::changeStateToErrored): Calls releaseReader.
741         * Modules/streams/ReadableStream.h:
742         (WebCore::ReadableStream::hasReadPendingRequests): Added to enable reader.releaseLock throwing if read requests are pending.
743         * Modules/streams/ReadableStreamReader.cpp:
744         (WebCore::ReadableStreamReader::releaseLock): Implementation of releaseLock
745         * Modules/streams/ReadableStreamReader.h:
746         * Modules/streams/ReadableStreamReader.idl:
747         (WebCore::releaseLock): Deleted.
748
749 2015-06-18  Youenn Fablet  <youenn.fablet@crf.canon.fr>
750
751         GObject and ObjC bindings generator should not generate code for promise-based APIs
752         https://bugs.webkit.org/show_bug.cgi?id=146059
753
754         Reviewed by Darin Adler.
755
756         Covered by rebased expectations.
757
758         * bindings/scripts/CodeGeneratorGObject.pm:
759         (SkipFunction): Disabling GObject DOM binding for functions returning promises.
760         * bindings/scripts/CodeGeneratorObjC.pm:
761         (SkipFunction): Disabling ObjC DOM binding for functions returning promises.
762         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp: Rebasing expectation.
763         (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
764         (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
765         * bindings/scripts/test/GObject/WebKitDOMTestObj.h: Rebasing expectation.
766         * bindings/scripts/test/ObjC/DOMTestObj.h: Ditto.
767         * bindings/scripts/test/ObjC/DOMTestObj.mm: Ditto.
768         (core): Deleted.
769
770 2015-06-17  Ryuan Choi  <ryuan.choi@navercorp.com>
771
772         [EFL] test_ewk2_context_url_scheme_register has been crashed since r185553
773         https://bugs.webkit.org/show_bug.cgi?id=146075
774
775         Reviewed by Carlos Garcia Campos.
776
777         Since r185553, CustomProtocolManager sends StartLoading message to UIProcess
778         with request of SoupGenericRequest instead of request itself.
779         But, request of SoupGenericRequest is nullptr in EFL port because EFL port
780         does not use m_initiatingPageID.
781
782         This patch updates request of SoupGenericRequest although m_initiatingPageID is null.
783
784         * platform/network/soup/ResourceRequestSoup.cpp: 
785         (WebCore::ResourceRequest::updateSoupRequest):
786
787 2015-06-17  Daniel Bates  <dabates@apple.com>
788
789         Client may receive began editing callback for already focused text field
790         https://bugs.webkit.org/show_bug.cgi?id=146074
791         <rdar://problem/21293562>
792
793         Reviewed by Darin Adler.
794
795         Fixes an issue where the client would be notified that began editing in a text field
796         for each programmatic DOM focus event dispatched at the text field regardless of
797         whether the field was focused. The client should only be notified that began editing
798         exactly once when a text field becomes focused (either programmatically or by user interaction).
799
800         * html/TextFieldInputType.cpp:
801         (WebCore::TextFieldInputType::forwardEvent): Move logic to dispatch editing began callback from here...
802         (WebCore::TextFieldInputType::handleFocusEvent): to here. This function is called when the
803         text field becomes newly focused.
804         * html/TextFieldInputType.h:
805
806 2015-06-17  Alex Christensen  <achristensen@webkit.org>
807
808         [Content Extensions] Fail to parse invalid arrays
809         https://bugs.webkit.org/show_bug.cgi?id=146079
810         rdar://problem/21422649
811
812         Reviewed by Benjamin Poulain.
813
814         Covered by new and corrected API tests.
815
816         * contentextensions/ContentExtensionParser.cpp:
817         (WebCore::ContentExtensions::loadTrigger):
818         Fail to parse invalid arrays for if-domain, unless-domain, resource-type, and load-type arrays.
819
820 2015-06-16  Jon Honeycutt  <jhoneycutt@apple.com>
821
822         Position::findParent() should take a reference
823         https://bugs.webkit.org/show_bug.cgi?id=146038
824
825         Reviewed by Darin Adler.
826
827         * dom/Position.cpp:
828         (WebCore::Position::containerNode):
829         (WebCore::Position::parentAnchoredEquivalent):
830         Pass a reference; there is already a null check.
831         (WebCore::Position::previous):
832         Add a missing null check. Code below this expects that node is non-null.
833         (WebCore::Position::next):
834         Ditto.
835         (WebCore::Position::atStartOfTree):
836         (WebCore::Position::atEndOfTree):
837         Pass a reference.
838         (WebCore::Position::findParent):
839         Changed to take a reference.
840
841         * dom/Position.h:
842         Ditto.
843
844 2015-06-17  Brent Fulgham  <bfulgham@apple.com>
845
846         Overflow regions with scroll snap points are not reliably rubber banding
847         https://bugs.webkit.org/show_bug.cgi?id=142522
848         <rdar://problem/20100726>
849
850         Reviewed by Darin Adler.
851
852         When computing the target scroll destination, update the nearest snap point index
853         and other bookkeeping, but keep the original gesture target if it would have taken
854         us beyond either limit of the scroll container.
855
856         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
857         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
858         (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollExtents): Add new method
859         to support client API.
860         * platform/ScrollAnimator.cpp:
861         (WebCore::ScrollAnimator::scrollExtents): Add new method to support client API.
862         * platform/ScrollAnimator.h:
863         * platform/cocoa/ScrollController.h:
864         (WebCore::ScrollControllerClient::scrollExtents): Added new pure virtual method to API.
865         * platform/cocoa/ScrollController.mm:
866         (WebCore::ScrollController::beginScrollSnapAnimation): Hold onto original user gesture
867         target, and use that instead of our nearest snap point if the gesture takes us past
868         either extreme of the scroll container.
869
870 2015-06-17  Tim Horton  <timothy_horton@apple.com>
871
872         Swipe gesture can get stuck, preventing scrolling and other gestures
873         https://bugs.webkit.org/show_bug.cgi?id=146088
874         <rdar://problem/16056087>
875
876         Reviewed by Darin Adler.
877
878         * WebCore.xcodeproj/project.pbxproj:
879         * platform/spi/mac/NSEventSPI.h: Added.
880         Add an SPI header.
881
882 2015-06-16  Matt Rajca  <mrajca@apple.com>
883
884         MediaSession: handle MediaEventTrackNext and MediaEventTrackPrevious events
885         https://bugs.webkit.org/show_bug.cgi?id=146028
886
887         Reviewed by Darin Adler.
888
889         * Modules/mediasession/MediaRemoteControls.idl: Added nexttrack/previoustrack event handlers.
890         * Modules/mediasession/MediaSession.cpp: Dispatch the nexttrack/previoustrack events.
891         (WebCore::MediaSession::skipToNextTrack):
892         (WebCore::MediaSession::skipToPreviousTrack):
893         * Modules/mediasession/MediaSession.h:
894         * Modules/mediasession/MediaSessionManager.cpp: Skip to the next/previous track as described in the media session spec.
895         (WebCore::MediaSessionManager::skipToNextTrack):
896         (WebCore::MediaSessionManager::skipToPreviousTrack):
897         * Modules/mediasession/MediaSessionManager.h:
898         * dom/EventNames.h: Added the nexttrack/previoustrack event names.
899         * page/Page.cpp: Tell MediaSessionManager to handle the new track-skipping events.
900         (WebCore::Page::handleMediaEvent):
901
902 2015-06-17  Chris Fleizach  <cfleizach@apple.com>
903
904         AX: VoiceOver in iOS not announcing generic WAI-ARIA region, even if labelled properly
905         https://bugs.webkit.org/show_bug.cgi?id=146066
906
907         Reviewed by Darin Adler.
908
909         Allow the region role to identify as a landmark type.
910
911         Updated test: platform/ios-simulator/accessibility/landmark-types.html
912
913         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
914         (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):
915
916 2015-06-17  Simon Fraser  <simon.fraser@apple.com>
917
918         REGRESSION (r173283-r173296): Amazon.com front page has no caret in the search field
919         https://bugs.webkit.org/show_bug.cgi?id=146073
920         rdar://problem/21022203
921
922         Reviewed by Tim Horton.
923
924         Text controls (text inputs and textareas) need backing store even when empty, because
925         they need to be able to paint a caret.
926
927         Test: compositing/backing/form-controls-backing.html
928
929         * rendering/RenderLayerBacking.cpp:
930         (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer):
931
932 2015-06-17  Zalan Bujtas  <zalan@apple.com>
933
934         Selection cache produces invalid result when ancestor has float element.
935         https://bugs.webkit.org/show_bug.cgi?id=146042
936         rdar://problem/20604592
937
938         Reviewed by Ryosuke Niwa.
939
940         Selection cache already takes floats into account, however it's not enough to check current
941         block against floats. Any of the ancestor's float starting from the selection root block
942         can impact the selection offsets.
943
944         Test: fast/block/selection-cache-is-incorrect-when-non-direct-parent-has-float.html
945
946         * rendering/LogicalSelectionOffsetCaches.h:
947         (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::ContainingBlockInfo):
948         (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::setBlock):
949         (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::block):
950         (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::cache):
951         (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::hasFloatsOrFlowThreads):
952         (WebCore::LogicalSelectionOffsetCaches::LogicalSelectionOffsetCaches):
953
954 2015-06-17  Joanmarie Diggs  <jdiggs@igalia.com>
955
956         AX: [ATK] Expose element tag name as an object attribute
957         https://bugs.webkit.org/show_bug.cgi?id=146062
958
959         Reviewed by Mario Sanchez Prada.
960
961         Expose the element tag name as an object attribute with name "tag" and
962         value being the lowercase tag name, both being what Gecko does for ATK.
963
964         No new tests. We already have sufficient coverage for AtkObject attributes.
965         These tests have been updated to reflect the addition of the new attribute.
966
967         * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
968         (webkitAccessibleGetAttributes):
969
970 2015-06-17  Antti Koivisto  <antti@apple.com>
971
972         iOS WebKit1: [LegacyTileLayer drawInContext:] should ensure it has web lock
973         https://bugs.webkit.org/show_bug.cgi?id=146072
974         rdar://problem/21149759
975
976         Reviewed by Simon Fraser
977
978         There are some scenarios where we end up drawing without web lock due to client or system issues.
979         This can cause crashes.
980
981         * platform/ios/LegacyTileLayer.mm:
982         (-[LegacyTileLayer setNeedsDisplayInRect:]):
983         (-[LegacyTileLayer drawInContext:]):
984
985             Ensure we have the web lock when called in main thread (even though we should have it already).
986
987 2015-06-17  Brent Fulgham  <bfulgham@apple.com>
988
989         CSS scroll snap: defining snap points on axis that does not scroll does not work properly
990         https://bugs.webkit.org/show_bug.cgi?id=146043
991         <rdar://problem/20125511>
992
993         Reviewed by Simon Fraser.
994
995         Tested by css3/scroll-snap/scroll-snap-mismatch.html
996
997         We always seed the set of scroll snap points with the start and end of the scroll container. This is not
998         the right behavior if there are no scroll points defined, because we end up creating a snap for the start
999         and end of the container, and any scroll gesture just takes us across the entire element.
1000         
1001         Instead, when we do not find any scroll snap points, we should clear the snap point state for the container.
1002
1003         * page/scrolling/AxisScrollSnapOffsets.cpp:
1004         (WebCore::updateFromStyle): If we did not find any snap points (i.e., the snapOffsets container
1005         only holds '0', return an empty Vector. 
1006         (WebCore::updateSnapOffsetsForScrollableArea): If the set of snap points produced by 'updateFromStyle' is empty,
1007         clear the horizontal (or vertical) snap offsets for the scroll area.
1008         
1009
1010 2015-06-17  Chris Fleizach  <cfleizach@apple.com>
1011
1012         AX: input role="spinbutton" gets skipped in voiceover
1013         https://bugs.webkit.org/show_bug.cgi?id=145514
1014
1015         Reviewed by Mario Sanchez Prada.
1016
1017         SpinButton role was added, but left out of iOS.
1018         To prevent this from happening again, explicitly list every role in the switch statement that
1019         determines accessible visibility.
1020
1021         Test: platform/ios-simulator/accessibility/spinbutton.html
1022
1023         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1024         (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
1025         (-[WebAccessibilityObjectWrapper isAccessibilityElement]):
1026
1027 2015-06-17  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>
1028
1029         [Streams API] ReadableJSStream should handle promises returned by JS source pull callback
1030         https://bugs.webkit.org/show_bug.cgi?id=145965
1031
1032         Reviewed by Darin Adler.
1033
1034         Implemented asynchronous pulling.
1035         In particular, ensuring that doPull is not called as long as previous call to doPull is finished.
1036         Storing whether to pull automatically when the current pull is finished. 
1037
1038         Covered by rebased tests.
1039
1040         * Modules/streams/ReadableStream.cpp:
1041         (WebCore::ReadableStream::pull): stores whether to pull again.
1042         (WebCore::ReadableStream::finishPulling): called when pulling finishes.
1043         * Modules/streams/ReadableStream.h:
1044         * bindings/js/ReadableJSStream.cpp:
1045         (WebCore::createPullResultFulfilledFunction): The promise resolve callback.
1046         (WebCore::ReadableJSStream::doPull): Handling of promise.
1047         * bindings/js/ReadableJSStream.h:
1048
1049 2015-06-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1050
1051         WebProcess crashes after too many redirect error when there's an active NPAPI plugin
1052         https://bugs.webkit.org/show_bug.cgi?id=146019
1053
1054         Reviewed by Darin Adler.
1055
1056         This happens with the GTK+ port after a navigation action ends up
1057         in an infinite redirection and the ResourceHandle fails with too
1058         many redirections error. I should actually happen after any error
1059         is reported by the ResourceHnalder before the load is
1060         committed. But tt only happens if there's an active NPAPI
1061         plugin. The problem is that FrameLoader::receivedMainResourceError()
1062         is called recursively because DocumentLoader::stopLoading() ends up
1063         calling mainReceivedError() that calls FrameLoader::receivedMainResourceError()
1064         again. DocumentLoader::stopLoading() checks if the document is
1065         still loading, which can happen if the main resource is loading,
1066         if there's any subresource loading or if there's a plugin
1067         loading. So, in case of being loading, those cases are handled
1068         individually to cancel the main resource, or set an error in the
1069         document loader and cancel subresources and plugins, except for
1070         this case of plugins, that mainReceivedError is called instead of
1071         setting cancelled error on the document loader.
1072
1073         * loader/DocumentLoader.cpp:
1074         (WebCore::DocumentLoader::stopLoading): If the document is still
1075         loading because there are active plugins, set the cancelled error
1076         on the document instead of calling mainReceivedError again.
1077
1078 2015-06-16  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>
1079
1080         [Streams API] Implement ReadableStream locked property
1081         https://bugs.webkit.org/show_bug.cgi?id=146023
1082
1083         Reviewed by Darin Adler.
1084
1085         Covered by rebased tests.
1086
1087         * Modules/streams/ReadableStream.h:
1088         (WebCore::ReadableStream::locked): Renamed isLocked by locked.
1089         * Modules/streams/ReadableStream.idl: Adding locked.
1090         * bindings/js/JSReadableStreamCustom.cpp:
1091         (WebCore::JSReadableStream::getReader): Using isLocked.
1092         * bindings/js/JSReadableStreamReaderCustom.cpp:
1093         (WebCore::constructJSReadableStreamReader): Using isLocked.
1094
1095 2015-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
1096
1097         REGRESSION(r184899): [Cocoa] font-variant: small-caps is not honored with web fonts
1098         https://bugs.webkit.org/show_bug.cgi?id=145873
1099         <rdar://problem/21314282>
1100
1101         Reviewed by Dean Jackson.
1102
1103         When font-variant: small-caps is applied, we create a smaller version of the original font
1104         and draw capital characters in that smaller font. CGFontRefs do not have an intrinsic size,
1105         and web fonts historically only had a CGFontRef, which means that there was no need to
1106         convert the CGFontRef to be smaller (as opposed to regular fonts, which had a CTFontRef and
1107         therefore needed the conversion). Instead, we just changed m_size, which represents
1108         the size that the text should be drawn in.
1109
1110         However, r184899 gave CTFontRefs to web fonts. This means that now the FontPlatformData's
1111         m_size variable disagreed with the CTFontRef member. The solution here is to unify the web
1112         font and regular font codepaths, and treat them the same throughout.
1113
1114         Note that this patch removes the last use of the m_isCustomFont variable. As soon as we
1115         entirely migrate to CORETEXT_WEB_FONTS, we should delete this variable.
1116
1117         Test: fast/text/small-caps-web-font.html
1118
1119         * platform/graphics/cocoa/FontCocoa.mm:
1120         (WebCore::Font::platformCreateScaledFont): Treat web fonts the same as regular fonts.
1121         * platform/text/TextFlags.h: Add a comment regarding teh deletion of m_isCustomFont.
1122
1123 2015-06-16  Alex Christensen  <achristensen@webkit.org>
1124
1125         [Content Extensions] Implement branch compaction for DFA bytecode.
1126         https://bugs.webkit.org/show_bug.cgi?id=145619
1127
1128         Reviewed by Benjamin Poulain.
1129
1130         This patch adds another pass to the DFABytecodeCompiler which finds where the bytecode from each node
1131         would be if it were compiled with no branch compaction, then uses that as a worst-case value to determine
1132         how many bytes are needed to store the relative jump distance.  Then when linking, it will fill in the 
1133         value as it already did, but with a variable size jump.  The jumps are also now signed distances relative to
1134         where the jump is stored.
1135
1136         This patch is covered by existing tests, which have many jumps that are near the -128/127 byte boundary,
1137         and the switch from 16-bit jumps to 32-bit jumps near the -65536/65535 byte boundary is analogous.
1138
1139         * contentextensions/ContentExtensionCompiler.cpp:
1140         (WebCore::ContentExtensions::compileRuleList):
1141         * contentextensions/DFABytecode.h:
1142         (WebCore::ContentExtensions::smallestPossibleJumpSize):
1143         (WebCore::ContentExtensions::instructionSizeWithArguments):
1144         * contentextensions/DFABytecodeCompiler.cpp:
1145         (WebCore::ContentExtensions::append):
1146         (WebCore::ContentExtensions::appendZeroes):
1147         (WebCore::ContentExtensions::setBits):
1148         (WebCore::ContentExtensions::appendActionBytecodeSize):
1149         (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
1150         (WebCore::ContentExtensions::DFABytecodeCompiler::longestPossibleJump):
1151         (WebCore::ContentExtensions::DFABytecodeCompiler::emitJump):
1152         (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
1153         (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
1154         (WebCore::ContentExtensions::DFABytecodeCompiler::emitTerminate):
1155         (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
1156         (WebCore::ContentExtensions::DFABytecodeCompiler::compiledNodeMaxBytecodeSize):
1157         (WebCore::ContentExtensions::DFABytecodeCompiler::ranges):
1158         (WebCore::ContentExtensions::DFABytecodeCompiler::checkForRangeMaxBytecodeSize):
1159         (WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
1160         (WebCore::ContentExtensions::DFABytecodeCompiler::nodeTransitionsMaxBytecodeSize):
1161         (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
1162         (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
1163         (WebCore::ContentExtensions::set32Bits): Deleted.
1164         * contentextensions/DFABytecodeCompiler.h:
1165         * contentextensions/DFABytecodeInterpreter.cpp:
1166         (WebCore::ContentExtensions::getBits):
1167         (WebCore::ContentExtensions::getInstruction):
1168         (WebCore::ContentExtensions::jumpSizeInBytes):
1169         (WebCore::ContentExtensions::getJumpSize):
1170         (WebCore::ContentExtensions::getJumpDistance):
1171         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
1172         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
1173         (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
1174         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
1175         * loader/ResourceLoadInfo.h:
1176
1177 2015-06-16  Carlos Alberto Lopez Perez  <clopez@igalia.com>
1178
1179         [GTK] [Wayland] Should be possible to build with support for both X11 and Wayland.
1180         https://bugs.webkit.org/show_bug.cgi?id=145701
1181
1182         Reviewed by Darin Adler.
1183
1184         No new tests, no behavior changes.
1185
1186         When building both targets, we have to include the wayland-egl
1187         headers in order to build the Wayland target. This causes that
1188         EGLNativePixmapType and EGLNativeWindowType get defined as
1189         different types than when building only the X11 target.
1190
1191         By type casting them to the ones that are expected, we are able
1192         to build both targets at the same time.
1193
1194         I have done tests (building each target alone as also both targets
1195         at the same time), and everything seems to works as expected.
1196
1197         Once built for both targets, if you try to launch the MiniBrowser
1198         from inside a Wayland compositor (Weston on top of X for example),
1199         it will trigger the X11 target if the DISPLAY environment variable
1200         is set and the environment variable GDK_BACKEND is not set to wayland,
1201         otherwise it will trigger the Wayland target.
1202
1203         * platform/graphics/GLContext.cpp:
1204         (WebCore::GLContext::createContextForWindow): Add type casts. We have
1205         to consider here two different type casts depending on the type of
1206         GLNativeWindowType to avoid a build failure on 32-bits platforms.
1207         The static_cast one was already beeing done as an implicit cast
1208         (from uint64_t to XID), the reinterpret_cast is the new one that
1209         we need to do only when building on both platforms.
1210         * platform/graphics/egl/GLContextEGL.cpp: Add missing include when
1211         building both targets that is required for defining DefaultRootWindow().
1212         (WebCore::GLContextEGL::createPixmapContext): Add type cast.
1213
1214 2015-06-15  Jon Honeycutt  <jhoneycutt@apple.com>
1215
1216         [iOS] Crash long pressing on <input type=file>
1217         https://bugs.webkit.org/show_bug.cgi?id=146009
1218         <rdar://problem/21234453>
1219
1220         Reviewed by Ryosuke Niwa.
1221
1222         * dom/Position.cpp:
1223         (WebCore::Position::atStartOfTree):
1224         (WebCore::Position::atEndOfTree):
1225         Null check the container node before passing it to findParent().
1226
1227 2015-06-15  Chris Fleizach  <cfleizach@apple.com>
1228
1229         AX:  iOS accessibility tests are not running because we need WKTR support
1230         https://bugs.webkit.org/show_bug.cgi?id=145991
1231
1232         Reviewed by Daniel Bates.
1233
1234         Make some minor modifications to support notification handling in WKTR.
1235
1236         * accessibility/ios/AXObjectCacheIOS.mm:
1237         (WebCore::AXObjectCache::postPlatformNotification):
1238         (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
1239         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1240         (-[WebAccessibilityObjectWrapper accessibilityClickPoint]):
1241         (-[WebAccessibilityObjectWrapper description]):
1242         (-[WebAccessibilityObjectWrapper accessibilitySetPostedNotificationCallback:withContext:]): Deleted.
1243         (-[WebAccessibilityObjectWrapper accessibilityPostedNotification:]): Deleted.
1244
1245 2015-06-16  Mark Lam  <mark.lam@apple.com>
1246
1247         Use NakedPtr<Exception>& to return exception results.
1248         https://bugs.webkit.org/show_bug.cgi?id=145870
1249
1250         Reviewed by Anders Carlsson and Filip Pizlo.
1251
1252         No new WebCore tests because this functionality is already covered by existing tests.
1253         API tests added for WTF::NakedPtr.
1254
1255         * bindings/js/JSCallbackData.cpp:
1256         (WebCore::JSCallbackData::invokeCallback):
1257         * bindings/js/JSCustomXPathNSResolver.cpp:
1258         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
1259         * bindings/js/JSErrorHandler.cpp:
1260         (WebCore::JSErrorHandler::handleEvent):
1261         * bindings/js/JSEventListener.cpp:
1262         (WebCore::JSEventListener::handleEvent):
1263         * bindings/js/JSMainThreadExecState.cpp:
1264         (WebCore::JSMainThreadExecState::didLeaveScriptContext):
1265         (WebCore::functionCallHandlerFromAnyThread):
1266         (WebCore::evaluateHandlerFromAnyThread):
1267         * bindings/js/JSMainThreadExecState.h:
1268         (WebCore::JSMainThreadExecState::currentState):
1269         (WebCore::JSMainThreadExecState::call):
1270         (WebCore::JSMainThreadExecState::evaluate):
1271         * bindings/js/JSMutationCallback.cpp:
1272         (WebCore::JSMutationCallback::call):
1273         * bindings/js/ScheduledAction.cpp:
1274         (WebCore::ScheduledAction::executeFunctionInContext):
1275         * bindings/js/ScriptController.cpp:
1276         (WebCore::ScriptController::evaluateInWorld):
1277         * bindings/js/WorkerScriptController.cpp:
1278         (WebCore::WorkerScriptController::evaluate):
1279         (WebCore::WorkerScriptController::setException):
1280         * bindings/js/WorkerScriptController.h:
1281         (WebCore::WorkerScriptController::workerGlobalScopeWrapper):
1282         * bindings/objc/WebScriptObject.mm:
1283         (-[WebScriptObject callWebScriptMethod:withArguments:]):
1284         * workers/WorkerGlobalScope.cpp:
1285         (WebCore::WorkerGlobalScope::importScripts):
1286
1287 2015-06-16  Brent Fulgham  <bfulgham@apple.com>
1288
1289         CSS Scroll Snap - support snapping to nested elements
1290         https://bugs.webkit.org/show_bug.cgi?id=145843
1291         <rdar://problem/21339581>
1292
1293         Reviewed by Darin Adler.
1294
1295         Tested by css3/scroll-snap/nested-elements.html
1296
1297         The Scroll Snap Point implementation was not properly handling nested elements.
1298         This could be resolved by recursively calling 'appendChildSnapOffsets', but this
1299         seemed like an inefficient approach, especially considering how often this method
1300         is called during various scaling and other operations.
1301         
1302         Instead, do the following:
1303         (1) Add a new HashSet to RenderView that holds a collection of RenderElements that
1304             have scroll-snap-coordinates.
1305         (2) During RenderElement::styleWillChange, register all elements that have the
1306             scroll-snap-coordinates style with the RenderView.
1307         (3) When performing 'appendChildSnapOffsets', refer to the HashSet of elements, select the
1308             subset of these entries relevant to the current scrolling container, and build up the
1309             set of scroll-snap-coordinates needed for the current scrolling container.
1310
1311         * page/scrolling/AxisScrollSnapOffsets.cpp:
1312         (WebCore::appendChildSnapOffsets): Check the scroll-snap-coordinate RenderElement HashSet
1313         for the RenderView to find all elements that are children of the current scrolling container.
1314         Add the scroll-snap-coordinates for these RenderElements to the current set of snap points.
1315         * rendering/RenderElement.cpp:
1316         (WebCore::findEnclosingScrollableContainer): New helper function.
1317         (WebCore::RenderElement::styleWillChange): If the current element has scroll-snap-coordinate
1318         defined, remember it for later so we can use it with the relevant scrolling container
1319         after layout completes.
1320         (WebCore::RenderElement::willBeRemovedFromTree): Unregister the current element from the
1321         RenderView.
1322         (WebCore::RenderElement::findEnclosingScrollableContainer): Added. Locate the relevant
1323         scrolling container for the current object.
1324         * rendering/RenderElement.h:
1325         * rendering/RenderView.cpp:
1326         (WebCore::Document::registerRenderElementWithScrollSnapCoordinates): Added.
1327         (WebCore::Document::unregisterRenderElementWithScrollSnapCoordinates): Added.
1328         * rendering/RenderView.h:
1329
1330 2015-06-16  Brady Eidson  <beidson@apple.com>
1331
1332         [IndexedDB] array index keys are concatenated across cursor lifetime
1333         <rdar://problem/19684902> and https://bugs.webkit.org/show_bug.cgi?id=138504
1334
1335         Reviewed by Brady Eidson, patch by Mark Dixon <mark@lowla.io>
1336
1337         Tested by:
1338         storage/indexeddb/keypath-arrays.html
1339
1340         IDBKeyData and IDBKeyPath need to clear any existing array values before calling
1341         decodeObjects to update the value of an existing object.
1342         
1343         * Modules/indexeddb/IDBKeyData.cpp:
1344         (WebCore::IDBKeyData::decode):
1345         * Modules/indexeddb/IDBKeyPath.cpp:
1346         (WebCore::IDBKeyPath::decode):
1347
1348 2015-06-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1349
1350         Canvas dimensions should be limited to 4096x4096 pixels on iOS devices.
1351         https://bugs.webkit.org/show_bug.cgi?id=145998
1352
1353         Reviewed by Darin Adler.
1354
1355         The value of MaxCanvasArea should depend on the platform. If the platform
1356         is iOS, the limit should be 64M. Otherwise the limit should be 1G.
1357
1358         Test: fast/canvas/pattern-too-large-to-create-2.html
1359
1360         * html/HTMLCanvasElement.cpp: Change MaxCanvasArea value based on the platform. 
1361         
1362         * rendering/svg/RenderSVGShape.h:
1363         (WebCore::RenderSVGShape::graphicsElement): Remove un-implemented constructor.
1364
1365 2015-06-16  Chris Dumez  <cdumez@apple.com>
1366
1367         REGRESSION(r185012): chat frame in Gmail now says "Something's not right"
1368         https://bugs.webkit.org/show_bug.cgi?id=146025
1369         <rdar://problem/21391412>
1370
1371         Reviewed by Darin Adler.
1372
1373         Only throttle timers in non-visible iframes once they've reached the
1374         max nesting level to avoid throttling critical one-shot timers. This is
1375         consistent with the default DOMTimer throttling behavior that is
1376         defined in the specification.
1377
1378         Power-wise, we are mostly interested in DOMTimers that fire frequently
1379         and cause high CPU usage over an extended period of time anyway.
1380
1381         * dom/Document.cpp:
1382         (WebCore::Document::setTimerThrottlingEnabled):
1383         (WebCore::Document::timerAlignmentInterval):
1384         * dom/Document.h:
1385         * dom/ScriptExecutionContext.cpp:
1386         (WebCore::ScriptExecutionContext::timerAlignmentInterval):
1387         * dom/ScriptExecutionContext.h:
1388         * page/DOMTimer.cpp:
1389         (WebCore::DOMTimer::alignedFireTime):
1390
1391 2015-06-16  sylvain-galineau  <galineau@adobe.com>
1392
1393         Incorrect order of arguments in initial-letter property
1394         https://bugs.webkit.org/show_bug.cgi?id=139667
1395
1396         Reviewed by Sam Weinig.
1397
1398         The CSS specification swapped the order of the initial-letters numeric values.
1399         The drop cap's height now comes first, followed by its optional vertical position.
1400         See http://www.w3.org/TR/css-inline/#sizing-drop-initials.
1401          
1402         No new tests. Existing tests updated.
1403
1404         * css/CSSParser.cpp:
1405         (WebCore::CSSParser::parseValue): swap arguments to reflect new spec order.
1406
1407 2015-06-16  Alex Christensen  <achristensen@webkit.org>
1408
1409         Remove some unused values.
1410         https://bugs.webkit.org/show_bug.cgi?id=145997
1411
1412         Reviewed by Gyuyoung Kim.
1413
1414         This patch should have no change in behavior.
1415
1416         * accessibility/AccessibilityObject.cpp:
1417         (WebCore::computeBestScrollOffset):
1418         (WebCore::AccessibilityObject::scrollToMakeVisibleWithSubFocus):
1419         (WebCore::AccessibilityObject::scrollToGlobalPoint):
1420         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1421         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
1422         * html/canvas/WebGL2RenderingContext.cpp:
1423         (WebCore::WebGL2RenderingContext::validateTexFuncData):
1424         * html/canvas/WebGLRenderingContext.cpp:
1425         (WebCore::WebGLRenderingContext::validateTexFuncData):
1426         * platform/graphics/StringTruncator.cpp:
1427         (WebCore::leftTruncateToBuffer):
1428         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1429         (WebCore::MediaPlayerPrivateQTKit::paintCurrentFrameInContext):
1430         * rendering/InlineTextBox.cpp:
1431         (WebCore::InlineTextBox::localSelectionRect):
1432         * rendering/RenderElement.cpp:
1433         (WebCore::RenderElement::anchorRect):
1434         * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
1435         (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
1436         * rendering/svg/SVGTextQuery.cpp:
1437         (WebCore::SVGTextQuery::modifyStartEndPositionsRespectingLigatures):
1438         Remove unused values.
1439
1440 2015-06-16  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>
1441
1442         [Streams API] Calling controller.error() should trigger storing an undefined error
1443         https://bugs.webkit.org/show_bug.cgi?id=145976
1444
1445         Reviewed by Darin Adler.
1446
1447         Covered by rebased test.
1448
1449         * bindings/js/JSReadableStreamControllerCustom.cpp:
1450         (WebCore::JSReadableStreamController::error): Storing undefined if no error value passed.
1451         * bindings/js/ReadableJSStream.cpp: Removed storeError(ExecState*).
1452         (WebCore::ReadableJSStream::ReadableJSStream):
1453
1454 2015-06-16  Chris Dumez  <cdumez@apple.com>
1455
1456         Purge StyledElement's presentation attribute cache on memory pressure
1457         https://bugs.webkit.org/show_bug.cgi?id=145999
1458         <rdar://problem/21359252>
1459
1460         Reviewed by Andreas Kling.
1461
1462         Purge StyledElement's presentation attribute cache on memory pressure.
1463
1464         * dom/StyledElement.cpp:
1465         (WebCore::presentationAttributeCache):
1466         (WebCore::presentationAttributeCacheCleaner):
1467         (WebCore::StyledElement::clearPresentationAttributeCache):
1468         * dom/StyledElement.h:
1469         * platform/MemoryPressureHandler.cpp:
1470         (WebCore::MemoryPressureHandler::releaseNoncriticalMemory):
1471
1472 2015-06-15  Brent Fulgham  <bfulgham@apple.com>
1473
1474         REGRESSION(r175251, Mavericks Only): Playback may stall
1475         https://bugs.webkit.org/show_bug.cgi?id=145989
1476         <rdar://problem/21271919>
1477
1478         Unreviewed post-review correction.
1479
1480         Dave Kilzer pointed out that the macro around the waitForVideoOutputMediaDataWillChange
1481         call was incorrect. This patch corrects this error.
1482
1483         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1484         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput): Correct the
1485         macro definition.
1486
1487 2015-06-15  Chris Fleizach  <cfleizach@apple.com>
1488
1489         AX: Changing state of radio buttons causes VoiceOver to go busy for a short time.
1490         https://bugs.webkit.org/show_bug.cgi?id=145933
1491
1492         Reviewed by Dean Jackson.
1493
1494         When radio buttons animate the new focus selection state, the thread activity looks a lot like short burst of
1495         activity to draw, then wait on CoreAnimation to apply those changes.
1496
1497         Since those periods of activity during animation are so short, VoiceOver is not able to query for all the
1498         attributes it needs, and gets stuck in the queue behind rendering.
1499
1500         The fix here is to turn off button state animations while VoiceOver is running.
1501
1502         * platform/mac/ThemeMac.mm:
1503         (WebCore::updateStates):
1504
1505 2015-06-15  Zalan Bujtas  <zalan@apple.com>
1506
1507         RootInlineBox::m_lineBreakObj becomes invalid when a child renderer is removed and the line does not get marked dirty.
1508         https://bugs.webkit.org/show_bug.cgi?id=145988
1509         rdar://problem/20959137
1510
1511         Reviewed by David Hyatt.
1512
1513         This patch ensures that we find the right first inline box so that we can dirty the
1514         the appropriate line boxes.
1515         With marking the right line boxes dirty, now we can update RootInlineBox::m_lineBreakObj at the next layout.
1516
1517         Test: fast/inline/crash-when-child-renderer-is-removed-and-line-stays-clean.html
1518
1519         * rendering/RenderInline.cpp:
1520         (WebCore::RenderInline::culledInlineFirstLineBox):
1521         (WebCore::RenderInline::culledInlineLastLineBox):
1522         * rendering/RootInlineBox.cpp:
1523         (WebCore::RootInlineBox::setLineBreakInfo): Deleted. Remove misleading assert and comment.
1524
1525 2015-06-15  Matt Rajca  <mrajca@apple.com>
1526
1527         Media Session: Improve the safety of playback toggling
1528         https://bugs.webkit.org/show_bug.cgi?id=145986
1529
1530         Reviewed by Darin Adler.
1531
1532         * Modules/mediasession/MediaSession.cpp:
1533         (WebCore::MediaSession::togglePlayback): Improved the safety of the loop so that we don't re-visit elements that
1534           may have been deleted underneath us.
1535         * Modules/mediasession/MediaSession.h: Added a pointer to the set of iterated active participating elements so
1536           we can remove any elements that are deleted from the underlying "real" set.
1537
1538 2015-06-15  Brent Fulgham  <bfulgham@apple.com>
1539
1540         REGRESSION(r175251, Mavericks Only): Playback may stall
1541         https://bugs.webkit.org/show_bug.cgi?id=145989
1542         <rdar://problem/21271919>
1543
1544         Reviewed by Dean Jackson.
1545
1546         Revert r175251 for Mavericks build targets.
1547
1548         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1549         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
1550         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
1551         (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):
1552
1553 2015-06-15  Darin Adler  <darin@apple.com>
1554
1555         REGRESSION (r182215): Reproducible crash at drawsvg.org due to reentrant layout
1556         https://bugs.webkit.org/show_bug.cgi?id=145964
1557
1558         Reviewed by Simon Fraser.
1559
1560         Test: svg/as-object/mutate-on-load.html
1561
1562         * page/FrameView.cpp:
1563         (WebCore::FrameView::forceLayoutParentViewIfNeeded): Don't do a synchronous layout here,
1564         because it can lead indirectly to unwanted layout reentrancy. Instead schedule a layout.
1565
1566 2015-06-15  Matt Rajca  <mrajca@apple.com>
1567
1568         Media Session: Active participating elements can change while being iterated 
1569         https://bugs.webkit.org/show_bug.cgi?id=145978
1570
1571         Reviewed by Alex Christensen.
1572
1573         * Modules/mediasession/MediaSession.cpp:
1574         (WebCore::MediaSession::togglePlayback): Iterate through a copy of m_activeParticipatingElements since its contents
1575           can be modified in the loop.
1576
1577 2015-06-15  Chris Fleizach  <cfleizach@apple.com>
1578
1579         AX: no accessibility support for details element
1580         https://bugs.webkit.org/show_bug.cgi?id=131111
1581
1582         Reviewed by Darin Adler.
1583
1584         Add accessibility support for Mac for details element by:
1585            1) Returning new subroles for <details> and <summary>
1586            2) Exposing isExpanded property for <details> element.
1587
1588         Test: platform/mac/accessibility/details-summary.html
1589
1590         * accessibility/AccessibilityObject.cpp:
1591         (WebCore::AccessibilityObject::supportsARIAPressed):
1592         (WebCore::AccessibilityObject::supportsExpanded):
1593         (WebCore::AccessibilityObject::isExpanded):
1594         (WebCore::AccessibilityObject::supportsARIAExpanded): Deleted.
1595         * accessibility/AccessibilityObject.h:
1596         (WebCore::AccessibilityObject::canvasHasFallbackContent):
1597         * accessibility/AccessibilityRenderObject.cpp:
1598         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
1599         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
1600         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1601         (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]):
1602         (-[WebAccessibilityObjectWrapper accessibilityIsExpanded]):
1603         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1604         (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
1605         (createAccessibilityRoleMap):
1606         (-[WebAccessibilityObjectWrapper subrole]):
1607         * html/HTMLDetailsElement.h:
1608         * inspector/InspectorDOMAgent.cpp:
1609         (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
1610
1611 2015-06-15  Alex Christensen  <achristensen@webkit.org>
1612
1613         [Content Extensions] Limit number of rules.
1614         https://bugs.webkit.org/show_bug.cgi?id=145663
1615
1616         Reviewed by Benjamin Poulain.
1617
1618         Added an API test to make sure that parsing fails when there are too many rules.
1619
1620         * contentextensions/ContentExtensionError.cpp:
1621         (WebCore::ContentExtensions::contentExtensionErrorCategory):
1622         * contentextensions/ContentExtensionError.h:
1623         * contentextensions/ContentExtensionParser.cpp:
1624         (WebCore::ContentExtensions::loadEncodedRules):
1625         Fail to parse a content extension with more than 50000 rules.
1626
1627 2015-06-12  Alexey Proskuryakov  <ap@apple.com>
1628
1629         -[WKWebView evaluateJavaScript] provides a misleading error when the return cannot be serialized
1630         https://bugs.webkit.org/show_bug.cgi?id=145900
1631
1632         Reviewed by Sam Weinig.
1633
1634         * English.lproj/Localizable.strings:
1635
1636 2015-06-15  Carlos Garcia Campos  <cgarcia@igalia.com>
1637
1638         [SOUP] Custom URI schemes don't work for requests containing a fragment identifier
1639         https://bugs.webkit.org/show_bug.cgi?id=145969
1640
1641         Reviewed by Sergio Villar Senin.
1642
1643         For URIs like foo:bar#baz, what the custom protocol manager
1644         receives in the UI process is foo:bar, so the user can't handle fragments.
1645
1646         * platform/network/soup/ResourceRequestSoup.cpp:
1647         (WebCore::ResourceRequest::updateSoupRequest): If the SoupRequest
1648         is a WebKitSoupRequestGeneric, call
1649         webkitSoupRequestGenericSetRequest with the ResourceRequest.
1650         * platform/network/soup/WebKitSoupRequestGeneric.cpp:
1651         (webkitSoupRequestGenericSetRequest):
1652         (webkitSoupRequestGenericGetRequest):
1653         * platform/network/soup/WebKitSoupRequestGeneric.h:
1654
1655 2015-06-15  Carlos Garcia Campos  <cgarcia@igalia.com>
1656
1657         [SOUP] Move WebKitSoupRequestGeneric to platform layer
1658         https://bugs.webkit.org/show_bug.cgi?id=145968
1659
1660         Reviewed by Sergio Villar Senin.
1661
1662         * PlatformEfl.cmake:
1663         * PlatformGTK.cmake:
1664         * platform/network/soup/WebKitSoupRequestGeneric.cpp: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGeneric.cpp.
1665         (webkitSoupRequestGenericFinalize):
1666         (webkit_soup_request_generic_init):
1667         (webkitSoupRequestGenericSendAsync):
1668         (webkitSoupRequestGenericSendFinish):
1669         (webkitSoupRequestGenericGetContentLength):
1670         (webkitSoupRequestGenericGetContentType):
1671         (webkit_soup_request_generic_class_init):
1672         (webkitSoupRequestGenericSetContentLength):
1673         (webkitSoupRequestGenericSetContentType):
1674         * platform/network/soup/WebKitSoupRequestGeneric.h: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGeneric.h.
1675         * platform/network/soup/WebKitSoupRequestGenericClient.h: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGenericClient.h.
1676
1677 2015-06-13  Chris Dumez  <cdumez@apple.com>
1678
1679         [WK2] API::Navigation objects are leaked on history navigation to HistoryItems in PageCache
1680         https://bugs.webkit.org/show_bug.cgi?id=145948
1681
1682         Reviewed by Darin Adler.
1683
1684         API::Navigation objects were leaked on history navigation to
1685         HistoryItems in PageCache. In such case, we would create 2 Navigation
1686         objects instead of 1 and the first one would be leaked. The reason
1687         we create the second one is because we fail to pass along the
1688         navigationID from the UIProcess to the WebProcess and then back to the
1689         UIProcess. On the IPC back to the UIProcess, the navigationID ends up
1690         being 0 so the UIProcess creates a new Navigation object, thinking that
1691         the load was triggered by the WebContent process.
1692
1693         We now pass along the navigationID, even if the HistoryItem is in the
1694         PageCache and we end up reusing the cached DocumentLoader, instead of
1695         creating a new one. A new updateCachedDocumentLoader() delegate is
1696         added to the FrameLoaderClient, similarly to the pre-existing
1697         createDocumentLoader() but for the case where the DocumentLoader gets
1698         reused.
1699
1700         * loader/EmptyClients.h:
1701         * loader/FrameLoader.cpp:
1702         (WebCore::FrameLoader::loadDifferentDocumentItem):
1703         * loader/FrameLoaderClient.h:
1704
1705 2015-06-13  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>
1706
1707         [Streams API] ReadableJSStream should handle promises returned by JS source start callback
1708         https://bugs.webkit.org/show_bug.cgi?id=145792
1709
1710         Reviewed by Darin Adler.
1711
1712         Covered by rebased tests.
1713
1714         When calling start callback, the returned value is checked.
1715         If it is not a promise, we do as if it is a resolved promise.
1716         If it is a promise, we call its then() method with two resolve/reject JS functions.
1717
1718         * Modules/streams/ReadableStream.cpp:
1719         * bindings/js/ReadableJSStream.cpp:
1720         (WebCore::ReadableJSStream::invoke): Returns a JSPromise* if any is returned by the JS source callback.
1721         (WebCore::thenPromise): Utility method to call the promise.
1722         (WebCore::createStartResultFulfilledFunction): The promise resolve callback.
1723         (WebCore::ReadableJSStream::doStart): Calls thenPromise if a JSPromise* is returned by invoke.
1724         (WebCore::ReadableJSStream::ReadableJSStream):
1725         * bindings/js/ReadableJSStream.h:
1726
1727 2015-06-13  Andres Gonzalez  <agonzalez334@nc.rr.com>
1728
1729         AX: WebKit exposes all Ruby Text as Unknown (Japanese EPUB accessibility blocker)
1730         https://bugs.webkit.org/show_bug.cgi?id=141303
1731
1732         Reviewed by Chris Fleizach.
1733
1734         Test: accessibility/ruby-hierarchy-roles.html
1735
1736         * accessibility/AccessibilityObject.h:
1737         * accessibility/AccessibilityRenderObject.cpp:
1738         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
1739         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
1740         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1741         (createAccessibilityRoleMap):
1742         (-[WebAccessibilityObjectWrapper subrole]):
1743
1744 2015-06-12  Chris Fleizach  <cfleizach@apple.com>
1745
1746         AX: iOS: after updating control, VoiceOver speaks aria-expanded states reversed (says "collapsed" when "expanded")
1747         https://bugs.webkit.org/show_bug.cgi?id=145943
1748
1749         Reviewed by Darin Adler.
1750
1751         iOS Accessibility platform needs to be notified of when aria expanded changes.
1752
1753         * accessibility/ios/AXObjectCacheIOS.mm:
1754         (WebCore::AXObjectCache::postPlatformNotification):
1755         * accessibility/ios/WebAccessibilityObjectWrapperIOS.h:
1756         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1757         (-[WebAccessibilityObjectWrapper postValueChangedNotification]):
1758         (-[WebAccessibilityObjectWrapper postExpandedChangedNotification]):
1759         (-[WebAccessibilityObjectWrapper postScrollStatusChangeNotification]):
1760
1761 2015-06-12  Chris Fleizach  <cfleizach@apple.com>
1762
1763         AX:ARIA Toggle buttons aren't properly conveyed on iOS using VoiceOver
1764         https://bugs.webkit.org/show_bug.cgi?id=145949
1765
1766         Reviewed by Darin Adler.
1767
1768         Expose pressed state information to the iOS platform AX API.
1769
1770         Test: Updated inspector-protocol/dom/getAccessibilityPropertiesForNode.html 
1771               There was a FIXME for this issue in that test: https://bugs.webkit.org/show_bug.cgi?id=129830
1772
1773         * accessibility/AccessibilityNodeObject.cpp:
1774         (WebCore::AccessibilityNodeObject::isPressed):
1775         * accessibility/AccessibilityObject.cpp:
1776         (WebCore::AccessibilityObject::classList):
1777         (WebCore::AccessibilityObject::supportsARIAPressed):
1778         (WebCore::AccessibilityObject::supportsARIAExpanded):
1779         * accessibility/AccessibilityObject.h:
1780         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1781         (-[WebAccessibilityObjectWrapper accessibilityARIALiveRegionIsAtomic]):
1782         (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAPressed]):
1783         (-[WebAccessibilityObjectWrapper accessibilityIsPressed]):
1784         (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]):
1785
1786 2015-06-12  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1787
1788         Purge PassRefPtr in JavaScriptCore - 2
1789         https://bugs.webkit.org/show_bug.cgi?id=145834
1790
1791         Reviewed by Darin Adler.
1792
1793         Fix call sites depends on changing of JSC.
1794
1795         * html/canvas/WebGL2RenderingContext.cpp:
1796         (WebCore::WebGL2RenderingContext::getParameter):
1797         * html/canvas/WebGLRenderingContext.cpp:
1798         (WebCore::WebGLRenderingContext::getParameter):
1799         * html/canvas/WebGLRenderingContextBase.cpp:
1800         (WebCore::WebGLRenderingContextBase::getUniform):
1801         (WebCore::WebGLRenderingContextBase::getVertexAttrib):
1802         (WebCore::WebGLRenderingContextBase::getWebGLFloatArrayParameter):
1803         (WebCore::WebGLRenderingContextBase::getWebGLIntArrayParameter):
1804
1805 2015-06-12  Zalan Bujtas  <zalan@apple.com>
1806
1807         Be more defensive at renderer type checking when initializing flow segments.
1808         https://bugs.webkit.org/show_bug.cgi?id=145942
1809
1810         Reviewed by Simon Fraser.
1811
1812         FlowContents::initializeSegments should ignore unsupported renderers so that when we miss
1813         a simple line layout path invalidation, we don't downcast the unsupported renderer to RenderText.
1814
1815         I have not reproduced this issue (but related to rdar://problem/21312452)
1816
1817         * rendering/SimpleLineLayoutFlowContents.cpp:
1818         (WebCore::SimpleLineLayout::initializeSegments):
1819
1820 2015-06-12  Anders Carlsson  <andersca@apple.com>
1821
1822         deleteEmptyDirectory should delete .DS_Store files on OS X
1823         https://bugs.webkit.org/show_bug.cgi?id=145944
1824
1825         Reviewed by Dan Bernstein.
1826
1827         deleteEmptyDirectory is often used when clearing website data, so we should
1828         take extra care to delete empty directories so the user won't think that clearing
1829         website data didn't do anything because it would leave directories with .DS_Store 
1830         files behind.
1831
1832         * platform/mac/FileSystemMac.mm:
1833         (WebCore::deleteEmptyDirectory):
1834         * platform/posix/FileSystemPOSIX.cpp:
1835
1836 2015-06-12  Manuel Rego Casasnovas  <rego@igalia.com>
1837
1838         [CSS Grid Layout] Fix grid-template-areas parsing to avoid spaces
1839         https://bugs.webkit.org/show_bug.cgi?id=145860
1840
1841         Reviewed by Sergio Villar Senin.
1842
1843         The spec doesn't require to have spaces between unnamed and named areas
1844         in grid-template-areas syntax. But spaces are currently required in our
1845         code.
1846
1847         This was confirmed in the CSS WG mailing list:
1848         https://lists.w3.org/Archives/Public/www-style/2015May/0239.html
1849
1850         This patch updates grid-template-areas parsing to allow the possibility
1851         of removing spaces between unnamed and named areas.
1852
1853         Added new cases to fast/css-grid-layout/grid-template-areas-get-set.html.
1854
1855         * css/CSSParser.cpp:
1856         (WebCore::parseGridTemplateAreasColumnNames): New helper method to
1857         determine the column names split by white spaces or dots.
1858         (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
1859         method to get the column names.
1860         (WebCore::containsOnlyDots): Deleted. Not needed anymore as
1861         parseGridTemplateAreasColumnNames() is using a single dot for unnamed
1862         grid areas (despite of being defined with 1 or more dots).
1863
1864 2015-06-12  Eric Carlson  <eric.carlson@apple.com>
1865
1866         [Mac] AirPlay menu button doesn't always show on page load
1867         https://bugs.webkit.org/show_bug.cgi?id=145936
1868
1869         Reviewed by Brent Fulgham.
1870
1871         * Modules/mediasession/WebMediaSessionManager.cpp:
1872         (WebCore::mediaProducerStateString): New, return a string representing MediaStateFlags.
1873         (WebCore::WebMediaSessionManager::clientStateDidChange): Log the states as strings.
1874         (WebCore::WebMediaSessionManager::toString): New, return a string representing ConfigurationTasks.
1875         (WebCore::WebMediaSessionManager::scheduleDelayedTask): Add logging.
1876         (WebCore::WebMediaSessionManager::taskTimerFired): Add logging.
1877         * Modules/mediasession/WebMediaSessionManager.h:
1878
1879         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h: Override wirelessVideoPlaybackDisabled
1880           so it is possible to activate route monitoring for a movie loaded with this engine.
1881         * platform/graphics/mac/MediaPlayerPrivateQTKit.h: Ditto.
1882
1883 2015-06-12  Zan Dobersek  <zdobersek@igalia.com>
1884
1885         Add the remaining missing override specifiers under Source/WebCore/
1886         https://bugs.webkit.org/show_bug.cgi?id=145907
1887
1888         Reviewed by Darin Adler.
1889
1890         Fix the remaining compiler warnings about missing override specifiers
1891         for overriding method declarations in classes under Source/WebCore/.
1892
1893         Where the addition had to be performed on all virtual methods of the
1894         class, the virtual specifier was removed so now only the override
1895         specifier is in use.
1896
1897         * Modules/indexeddb/IDBOpenDBRequest.h:
1898         * Modules/indexeddb/IDBRequest.h:
1899         * Modules/webdatabase/DatabaseServer.h:
1900         * bindings/js/ReadableJSStream.h:
1901         * editing/InsertTextCommand.h:
1902         * mathml/MathMLInlineContainerElement.h:
1903         * platform/audio/EqualPowerPanner.h:
1904         (WebCore::EqualPowerPanner::reset):
1905         * platform/graphics/MediaPlayer.cpp:
1906         (WebCore::NullMediaPlayerPrivate::load):
1907         (WebCore::NullMediaPlayerPrivate::cancelLoad):
1908         (WebCore::NullMediaPlayerPrivate::prepareToPlay):
1909         (WebCore::NullMediaPlayerPrivate::play):
1910         (WebCore::NullMediaPlayerPrivate::pause):
1911         (WebCore::NullMediaPlayerPrivate::platformMedia):
1912         (WebCore::NullMediaPlayerPrivate::platformLayer):
1913         (WebCore::NullMediaPlayerPrivate::naturalSize):
1914         (WebCore::NullMediaPlayerPrivate::hasVideo):
1915         (WebCore::NullMediaPlayerPrivate::hasAudio):
1916         (WebCore::NullMediaPlayerPrivate::setVisible):
1917         (WebCore::NullMediaPlayerPrivate::durationDouble):
1918         (WebCore::NullMediaPlayerPrivate::currentTimeDouble):
1919         (WebCore::NullMediaPlayerPrivate::seekDouble):
1920         (WebCore::NullMediaPlayerPrivate::seeking):
1921         (WebCore::NullMediaPlayerPrivate::setRateDouble):
1922         (WebCore::NullMediaPlayerPrivate::setPreservesPitch):
1923         (WebCore::NullMediaPlayerPrivate::paused):
1924         (WebCore::NullMediaPlayerPrivate::setVolumeDouble):
1925         (WebCore::NullMediaPlayerPrivate::supportsMuting):
1926         (WebCore::NullMediaPlayerPrivate::setMuted):
1927         (WebCore::NullMediaPlayerPrivate::hasClosedCaptions):
1928         (WebCore::NullMediaPlayerPrivate::setClosedCaptionsVisible):
1929         (WebCore::NullMediaPlayerPrivate::networkState):
1930         (WebCore::NullMediaPlayerPrivate::readyState):
1931         (WebCore::NullMediaPlayerPrivate::maxTimeSeekableDouble):
1932         (WebCore::NullMediaPlayerPrivate::minTimeSeekable):
1933         (WebCore::NullMediaPlayerPrivate::buffered):
1934         (WebCore::NullMediaPlayerPrivate::totalBytes):
1935         (WebCore::NullMediaPlayerPrivate::didLoadingProgress):
1936         (WebCore::NullMediaPlayerPrivate::setSize):
1937         (WebCore::NullMediaPlayerPrivate::canLoadPoster):
1938         (WebCore::NullMediaPlayerPrivate::setPoster):
1939         (WebCore::NullMediaPlayerPrivate::hasSingleSecurityOrigin):
1940         * platform/graphics/filters/DistantLightSource.h:
1941         * platform/graphics/filters/FEComposite.h:
1942         * platform/graphics/filters/FEDisplacementMap.h:
1943         (WebCore::FEDisplacementMap::determineAbsolutePaintRect):
1944         * platform/graphics/filters/FEFlood.h:
1945         (WebCore::FEFlood::determineAbsolutePaintRect):
1946         * platform/graphics/filters/PointLightSource.h:
1947         * platform/graphics/filters/SpotLightSource.h:
1948         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
1949         (WebCore::MediaPlayerPrivateGStreamer::hasVideo):
1950         (WebCore::MediaPlayerPrivateGStreamer::hasAudio):
1951         (WebCore::MediaPlayerPrivateGStreamer::audioSourceProvider):
1952         (WebCore::MediaPlayerPrivateGStreamer::engineDescription):
1953         (WebCore::MediaPlayerPrivateGStreamer::isLiveStream):
1954         (WebCore::MediaPlayerPrivateGStreamer::totalVideoFrames):
1955         (WebCore::MediaPlayerPrivateGStreamer::droppedVideoFrames):
1956         (WebCore::MediaPlayerPrivateGStreamer::corruptedVideoFrames):
1957         (WebCore::MediaPlayerPrivateGStreamer::totalFrameDelay):
1958         * platform/graphics/texmap/BitmapTextureGL.h:
1959         (WebCore::BitmapTextureGL::isBackedByOpenGL):
1960         * platform/graphics/transforms/Matrix3DTransformOperation.h:
1961         * platform/graphics/transforms/MatrixTransformOperation.h:
1962         * platform/graphics/transforms/PerspectiveTransformOperation.h:
1963         * platform/graphics/transforms/RotateTransformOperation.h:
1964         * platform/graphics/transforms/ScaleTransformOperation.h:
1965         * platform/graphics/transforms/SkewTransformOperation.h:
1966         * platform/image-decoders/png/PNGImageDecoder.h:
1967         (WebCore::PNGImageDecoder::filenameExtension):
1968         * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
1969         * platform/mock/MockRealtimeMediaSourceCenter.h:
1970
1971 2015-06-12  Commit Queue  <commit-queue@webkit.org>
1972
1973         Unreviewed, rolling out r185512.
1974         https://bugs.webkit.org/show_bug.cgi?id=145932
1975
1976         Many asserts on layout tests and on API tests (Requested by
1977         ap_ on #webkit).
1978
1979         Reverted changeset:
1980
1981         "Use modern for-loops in WebCore/rendering - 1"
1982         https://bugs.webkit.org/show_bug.cgi?id=145831
1983         http://trac.webkit.org/changeset/185512
1984
1985 2015-06-12  Simon Fraser  <simon.fraser@apple.com>
1986
1987         OpenGLESSPI.h doesn't need to include UIKit.h
1988         https://bugs.webkit.org/show_bug.cgi?id=145931
1989
1990         Reviewed by Darin Adler.
1991
1992         No need to suck in all of UIKit from OpenGLESSPI.h.
1993
1994         * platform/spi/ios/OpenGLESSPI.h:
1995
1996 2015-06-12  Matt Rajca  <mrajca@apple.com>
1997
1998         Add barebones implementation of media session invocation algorithm.
1999         https://bugs.webkit.org/show_bug.cgi?id=145847
2000
2001         Reviewed by Darin Adler.
2002
2003         * Modules/mediasession/MediaSession.cpp:
2004         (WebCore::MediaSession::invoke): Move the media session to an active state.
2005         * Modules/mediasession/MediaSession.h:
2006         * html/HTMLMediaElement.cpp:
2007         (WebCore::HTMLMediaElement::playInternal): Call the media session invocation algorithm as described in the
2008           Media Session spec.
2009
2010 2015-06-12  Hunseop Jeong  <hs85.jeong@samsung.com>
2011
2012         Use modern for-loops in WebCore/rendering - 1
2013         https://bugs.webkit.org/show_bug.cgi?id=145831
2014
2015         Reviewed by Darin Adler.
2016
2017         No new tests because there is no behavior change.
2018
2019         * rendering/AutoTableLayout.cpp:
2020         (WebCore::AutoTableLayout::computeIntrinsicLogicalWidths):
2021         (WebCore::AutoTableLayout::calcEffectiveLogicalWidth):
2022         * rendering/FilterEffectRenderer.cpp:
2023         (WebCore::FilterEffectRenderer::build):
2024         (WebCore::FilterEffectRenderer::clearIntermediateResults):
2025         * rendering/FilterEffectRenderer.h:
2026         * rendering/FloatingObjects.cpp:
2027         (WebCore::FloatingObjects::clearLineBoxTreePointers):
2028         (WebCore::FloatingObjects::moveAllToFloatInfoMap):
2029         (WebCore::FloatingObjects::computePlacedFloatsTree):
2030         * rendering/FlowThreadController.cpp:
2031         (WebCore::FlowThreadController::collectFixedPositionedLayers):
2032         * rendering/HitTestResult.cpp:
2033         (WebCore::HitTestResult::append):
2034         * rendering/ImageQualityController.cpp:
2035         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
2036         * rendering/InlineTextBox.cpp:
2037         (WebCore::InlineTextBox::paint):
2038         * rendering/RenderBlock.cpp:
2039         (WebCore::removeBlockFromDescendantAndContainerMaps):
2040         (WebCore::RenderBlock::addOverflowFromPositionedObjects):
2041         (WebCore::RenderBlock::dirtyForLayoutFromPercentageHeightDescendants):
2042         (WebCore::RenderBlock::simplifiedNormalFlowLayout):
2043         (WebCore::RenderBlock::layoutPositionedObjects):
2044         (WebCore::RenderBlock::markPositionedObjectsForLayout):
2045         (WebCore::RenderBlock::paintContinuationOutlines):
2046         (WebCore::clipOutPositionedObjects):
2047         (WebCore::RenderBlock::removeFromTrackedRendererMaps):
2048         (WebCore::RenderBlock::removePositionedObjects):
2049         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
2050         * rendering/RenderBlockFlow.cpp:
2051         (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
2052         (WebCore::RenderBlockFlow::styleDidChange):
2053         (WebCore::RenderBlockFlow::moveFloatsTo):
2054         (WebCore::RenderBlockFlow::addOverflowFromFloats):
2055         (WebCore::RenderBlockFlow::repaintOverhangingFloats):
2056         (WebCore::RenderBlockFlow::paintFloats):
2057         (WebCore::RenderBlockFlow::clipOutFloatingObjects):
2058         (WebCore::RenderBlockFlow::lowestFloatLogicalBottom):
2059         (WebCore::RenderBlockFlow::lowestInitialLetterLogicalBottom):
2060         (WebCore::RenderBlockFlow::addOverhangingFloats):
2061         (WebCore::RenderBlockFlow::addIntrudingFloats):
2062         (WebCore::RenderBlockFlow::markSiblingsWithFloatsForLayout):
2063         (WebCore::RenderBlockFlow::adjustForBorderFit):
2064         * rendering/RenderBlockLineLayout.cpp:
2065         (WebCore::setLogicalWidthForTextRun):
2066         (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
2067         (WebCore::RenderBlockFlow::linkToEndLineIfNeeded):
2068         (WebCore::RenderBlockFlow::repaintDirtyFloats):
2069         (WebCore::RenderBlockFlow::layoutLineBoxes):
2070         (WebCore::RenderBlockFlow::checkFloatsInCleanLine):
2071         (WebCore::RenderBlockFlow::determineStartPosition):
2072         (WebCore::RenderBlockFlow::checkPaginationAndFloatsAtEndLine):
2073         * rendering/RenderCounter.cpp:
2074         (WebCore::RenderCounter::destroyCounterNodes):
2075         (WebCore::updateCounters):
2076         (WebCore::RenderCounter::rendererStyleChanged):
2077         * rendering/RenderFlexibleBox.cpp:
2078         (WebCore::RenderFlexibleBox::autoMarginOffsetInMainAxis):
2079         (WebCore::RenderFlexibleBox::freezeViolations):
2080         (WebCore::RenderFlexibleBox::resolveFlexibleLengths):
2081         (WebCore::RenderFlexibleBox::numberOfInFlowPositionedChildren):
2082         (WebCore::RenderFlexibleBox::layoutColumnReverse):
2083         (WebCore::RenderFlexibleBox::alignFlexLines):
2084         (WebCore::RenderFlexibleBox::alignChildren):
2085         (WebCore::RenderFlexibleBox::flipForWrapReverse):
2086         * rendering/RenderFlowThread.cpp:
2087         (WebCore::RenderFlowThread::updateAllLayerToRegionMappings):
2088         * rendering/RenderInline.cpp:
2089         (WebCore::RenderInline::addAnnotatedRegions):
2090         * rendering/RenderLayer.cpp:
2091         (WebCore::RenderLayer::updateDescendantsAreContiguousInStackingOrder):
2092         (WebCore::RenderLayer::updateDescendantDependentFlags):
2093         * rendering/RenderLayerBacking.cpp:
2094         (WebCore::descendantLayerPaintsIntoAncestor):
2095         (WebCore::RenderLayerBacking::startAnimation):
2096         * rendering/RenderLineBoxList.cpp:
2097         (WebCore::RenderLineBoxList::paint):
2098         * rendering/RenderListBox.cpp:
2099         (WebCore::RenderListBox::updateFromElement):
2100         * rendering/RenderMenuList.cpp:
2101         (WebCore::selectedOptionCount):
2102         (RenderMenuList::updateOptionsWidth):
2103         * rendering/RenderMultiColumnSet.cpp:
2104         (WebCore::RenderMultiColumnSet::distributeImplicitBreaks):
2105
2106 2015-06-12  Csaba Osztrogonác  <ossy@webkit.org>
2107
2108         Fix unused private field warning in ResourceHandleSoup.cpp
2109         https://bugs.webkit.org/show_bug.cgi?id=145910
2110
2111         Reviewed by Darin Adler.
2112
2113         * platform/network/soup/ResourceHandleSoup.cpp:
2114
2115 2015-06-12  Joseph Pecoraro  <pecoraro@apple.com>
2116
2117         Web Inspector: CRASH trying to inspect text that was removed/replaced
2118         https://bugs.webkit.org/show_bug.cgi?id=145898
2119
2120         Reviewed by Darin Adler.
2121
2122         * inspector/InspectorDOMAgent.cpp:
2123         (WebCore::InspectorDOMAgent::inspect):
2124         (WebCore::InspectorDOMAgent::focusNode):
2125         Ensure we only cause focusNode with a node to focus. If the original
2126         node that was provided is no longer in the document, then we won't
2127         actually find a node to inspect.
2128
2129 2015-06-12  KwangHyuk Kim  <hyuki.kim@samsung.com>
2130
2131         [EFL] canvas/philip/tests/toDataURL.jpeg.foo tests have been failed since r185417.
2132         https://bugs.webkit.org/show_bug.cgi?id=145878
2133
2134         Reviewed by Gyuyoung Kim.
2135
2136         Fix input buffer alignment issue.
2137
2138         No new tests, canvas/philip/tests/toDataURL.jpeg.foo can be used.
2139
2140         * platform/graphics/efl/ImageBufferEfl.cpp:
2141         (WebCore::encodeImagePNG):
2142         (WebCore::encodeImageJPEG):
2143         (WebCore::ImageBuffer::toDataURL):
2144
2145 2015-06-12  Zan Dobersek  <zdobersek@igalia.com>
2146
2147         Add missing override specifiers under Source/WebCore/svg/
2148         https://bugs.webkit.org/show_bug.cgi?id=145841
2149
2150         Reviewed by Darin Adler.
2151
2152         Add missing override specifiers to virtual method overrides for classes
2153         under Source/WebCore/svg/, suppressing a bunch of warnings when compiling
2154         with Clang 3.6.
2155
2156         Add the BEGIN_DECLARE_ANIMATED_PROPERTIES_BASE() macro that doesn't
2157         override the localAttributeToPropertyMap() method declaration, and
2158         have the BEGIN_DECLARE_ANIMATED_PROPERTIES() macro add the override
2159         specifier. The new macro is used in SVGElement.
2160
2161         Change the DECLARE_ANIMATED_PROPERTY() to accept the optional override
2162         specifier as the fifth parameter. Current DECLARE_ANIMATED_*() macros
2163         are modified to just pass an empty argument, not adding any specifier.
2164         DECLARE_ANIMATED_BOOLEAN_OVERRIDE() and DECLARE_ANIMATED_STRING_OVERRIDE()
2165         macros are added to override the methods for the externalResourcesRequired
2166         and href animated properties, where required.
2167
2168         * svg/SVGAElement.h:
2169         * svg/SVGAltGlyphElement.h:
2170         * svg/SVGAnimatedAngle.h:
2171         * svg/SVGAnimatedBoolean.h:
2172         * svg/SVGAnimatedEnumeration.h:
2173         * svg/SVGAnimatedInteger.h:
2174         * svg/SVGAnimatedLength.h:
2175         * svg/SVGAnimatedNumber.h:
2176         * svg/SVGAnimatedPreserveAspectRatio.h:
2177         * svg/SVGAnimatedRect.h:
2178         * svg/SVGAnimatedString.h:
2179         * svg/SVGAnimationElement.h:
2180         * svg/SVGCircleElement.h:
2181         * svg/SVGClipPathElement.h:
2182         * svg/SVGCursorElement.h:
2183         * svg/SVGDefsElement.h:
2184         * svg/SVGElement.h:
2185         * svg/SVGEllipseElement.h:
2186         * svg/SVGFEImageElement.h:
2187         * svg/SVGFilterElement.h:
2188         * svg/SVGFontElement.h:
2189         * svg/SVGForeignObjectElement.h:
2190         * svg/SVGGElement.h:
2191         * svg/SVGGlyphRefElement.h:
2192         * svg/SVGGradientElement.h:
2193         * svg/SVGImageElement.h:
2194         * svg/SVGLineElement.h:
2195         * svg/SVGMPathElement.h:
2196         * svg/SVGMarkerElement.h:
2197         * svg/SVGMaskElement.h:
2198         * svg/SVGPathElement.h:
2199         * svg/SVGPatternElement.h:
2200         * svg/SVGPolyElement.h:
2201         * svg/SVGRectElement.h:
2202         * svg/SVGSVGElement.h:
2203         * svg/SVGScriptElement.h:
2204         * svg/SVGSwitchElement.h:
2205         * svg/SVGSymbolElement.h:
2206         * svg/SVGTRefElement.h:
2207         * svg/SVGTextContentElement.h:
2208         * svg/SVGTextPathElement.h:
2209         * svg/SVGURIReference.h: Add the hrefBaseValue() pure virtual method
2210         so it can be overridden by any class that also overrides the
2211         corresponding setHrefBaseValue() method.
2212         * svg/SVGUseElement.h:
2213         * svg/SVGViewElement.h:
2214         * svg/properties/SVGAnimatedPropertyMacros.h:
2215         * svg/properties/SVGMatrixTearOff.h:
2216         (WebCore::SVGMatrixTearOff::commitChange):
2217
2218 2015-06-12  Zan Dobersek  <zdobersek@igalia.com>
2219
2220         [GLib] Move files under Source/WTF/wtf/gobject to Source/WTF/wtf/glib
2221         https://bugs.webkit.org/show_bug.cgi?id=145799
2222
2223         Reviewed by Carlos Garcia Campos.
2224
2225         Update header inclusions for headers that have been moved
2226         to Source/WTF/wtf/glib/.
2227
2228         * accessibility/atk/AXObjectCacheAtk.cpp:
2229         * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
2230         * bindings/gobject/DOMObjectCache.cpp:
2231         * bindings/gobject/GObjectEventListener.h:
2232         * bindings/gobject/GObjectNodeFilterCondition.h:
2233         * bindings/gobject/GObjectXPathNSResolver.h:
2234         * bindings/gobject/WebKitDOMEventTarget.cpp:
2235         * platform/Pasteboard.h:
2236         * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
2237         * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
2238         * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
2239         * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
2240         * platform/audio/gtk/AudioBusGtk.cpp:
2241         * platform/geoclue/GeolocationProviderGeoclue.h:
2242         * platform/geoclue/GeolocationProviderGeoclue2.cpp:
2243         * platform/glib/BatteryProviderUPower.cpp:
2244         * platform/glib/BatteryProviderUPower.h:
2245         * platform/graphics/gstreamer/GRefPtrGStreamer.h:
2246         * platform/graphics/gstreamer/GStreamerUtilities.cpp:
2247         * platform/graphics/gstreamer/GUniquePtrGStreamer.h:
2248         * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
2249         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2250         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
2251         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2252         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2253         * platform/graphics/gstreamer/MediaSourceGStreamer.cpp:
2254         * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
2255         * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
2256         * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
2257         * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
2258         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2259         * platform/graphics/gtk/ImageBufferGtk.cpp:
2260         * platform/graphics/gtk/ImageGtk.cpp:
2261         * platform/gtk/ContextMenuGtk.cpp:
2262         * platform/gtk/ContextMenuItemGtk.cpp:
2263         * platform/gtk/DataObjectGtk.cpp:
2264         * platform/gtk/DataObjectGtk.h:
2265         * platform/gtk/FileSystemGtk.cpp:
2266         * platform/gtk/GRefPtrGtk.h:
2267         * platform/gtk/GUniquePtrGtk.h:
2268         * platform/gtk/GamepadsGtk.cpp:
2269         * platform/gtk/GtkUtilities.cpp:
2270         * platform/gtk/LanguageGtk.cpp:
2271         * platform/gtk/LocalizedStringsGtk.cpp:
2272         * platform/gtk/PasteboardHelper.cpp:
2273         * platform/gtk/ScrollbarThemeGtk.cpp:
2274         * platform/gtk/SharedBufferGtk.cpp:
2275         * platform/gtk/SharedTimerGtk.cpp:
2276         * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
2277         * platform/network/ResourceHandleInternal.h:
2278         * platform/network/gtk/CredentialBackingStore.cpp:
2279         * platform/network/soup/CertificateInfo.h:
2280         * platform/network/soup/CookieJarSoup.cpp:
2281         * platform/network/soup/DNSSoup.cpp:
2282         * platform/network/soup/GRefPtrSoup.h:
2283         * platform/network/soup/GUniquePtrSoup.h:
2284         * platform/network/soup/ResourceError.h:
2285         * platform/network/soup/ResourceErrorSoup.cpp:
2286         * platform/network/soup/ResourceHandleSoup.cpp:
2287         * platform/network/soup/ResourceResponse.h:
2288         * platform/network/soup/SocketStreamHandle.h:
2289         * platform/network/soup/SocketStreamHandleSoup.cpp:
2290         * platform/network/soup/SoupNetworkSession.h:
2291         * platform/text/gtk/HyphenationLibHyphen.cpp:
2292         * rendering/RenderThemeGtk.cpp:
2293
2294 2015-06-12  Yoav Weiss  <yoav@yoav.ws>
2295
2296         Fix the build when the PICTURE_SIZES flag is off
2297         https://bugs.webkit.org/show_bug.cgi?id=145926
2298
2299         Reviewed by Csaba Osztrogonác.
2300
2301         No new tests since there's no functionality change.
2302
2303         * html/parser/HTMLPreloadScanner.cpp: Remove the guard around the definition of m_sizesAttribute.
2304
2305 2015-06-12  Commit Queue  <commit-queue@webkit.org>
2306
2307         Unreviewed, rolling out r185492.
2308         https://bugs.webkit.org/show_bug.cgi?id=145927
2309
2310         Causes crashes on debug (Requested by rego on #webkit).
2311
2312         Reverted changeset:
2313
2314         "[CSS Grid Layout] Fix grid-template-areas parsing to avoid
2315         spaces"
2316         https://bugs.webkit.org/show_bug.cgi?id=145860
2317         http://trac.webkit.org/changeset/185492
2318
2319 2015-06-12  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2320
2321         Bindings generator should generate code for Promise-based APIs
2322         https://bugs.webkit.org/show_bug.cgi?id=145833
2323
2324         Reviewed by Darin Adler.
2325
2326         Covered by existing tests.
2327
2328         * Modules/webaudio/AudioContext.idl: Removing custom binding for resume, suspend and close.
2329         * bindings/js/JSAudioContextCustom.cpp: Ditto.
2330         * bindings/scripts/CodeGeneratorJS.pm:
2331         (GenerateHeader): Refactoring to use IsReturningPromise.
2332         (GenerateImplementation): Disabling include for return type if it is a promise.
2333         (GenerateParametersCheck): Adding DeferredWrapper() as argument to the DOM method if JS method returns a promise.
2334         (GenerateImplementationFunctionCall): Added support for promise-returning API.
2335         (IsReturningPromise): Checking whether function is returning a promise.
2336         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2337         (webkit_dom_test_obj_test_promise_function):
2338         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2339         * bindings/scripts/test/JS/JSTestObj.cpp:
2340         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
2341         * bindings/scripts/test/ObjC/DOMTestObj.h:
2342         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2343         (-[DOMTestObj testPromiseFunction]):
2344         * bindings/scripts/test/TestObj.idl: Adding promise returning function.
2345
2346
2347 2015-06-12  Manuel Rego Casasnovas  <rego@igalia.com>
2348
2349         [CSS Grid Layout] Fix grid-template-areas parsing to avoid spaces
2350         https://bugs.webkit.org/show_bug.cgi?id=145860
2351
2352         Reviewed by Sergio Villar Senin.
2353
2354         The spec doesn't require to have spaces between unnamed and named areas
2355         in grid-template-areas syntax. But spaces are currently required in our
2356         code.
2357
2358         This was confirmed in the CSS WG mailing list:
2359         https://lists.w3.org/Archives/Public/www-style/2015May/0239.html
2360
2361         This patch updates grid-template-areas parsing to allow the possibility
2362         of removing spaces between unnamed and named areas.
2363
2364         Added new cases to fast/css-grid-layout/grid-template-areas-get-set.html.
2365
2366         * css/CSSParser.cpp:
2367         (WebCore::parseGridTemplateAreasColumnNames): New helper method to
2368         determine the column names split by white spaces or dots.
2369         (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
2370         method to get the column names.
2371         (WebCore::containsOnlyDots): Deleted. Not needed anymore as
2372         parseGridTemplateAreasColumnNames() is using a single dot for unnamed
2373         grid areas (despite of being defined with 1 or more dots).
2374
2375 2015-06-11  Mark Lam  <mark.lam@apple.com>
2376
2377         WebCore::reportException() needs to be able to accept a raw thrown value in addition to Exception objects.
2378         https://bugs.webkit.org/show_bug.cgi?id=145872
2379
2380         Reviewed by Michael Saboff.
2381
2382         API test added: WebKit1.ReportExceptionTest.
2383
2384         * bindings/js/JSDOMBinding.cpp:
2385         (WebCore::reportException):
2386         - Added a version of reportException() that takes a JSValue instead of an Exception
2387           object.  This version will ensure that we have an Exception object before calling
2388           into the original reportException() as follows:
2389
2390           1. If the JSValue is already an Exception object, we're good to go.
2391
2392           2. Else, if VM::lastException() is available, use that as the exception.
2393              This is how the old code use to behave (in terms of where it gets the exception
2394              stack trace).  The assumption is that reportException() will be called in
2395              a timely manner before the exception stack trace has been purged.
2396
2397           3. Else, create an Exception object with no stack trace.  This is the fall back
2398              in case the client did not call reportException() in a timely manner.
2399
2400         - Also clear the last exception after we've reported it.  This is how the old code
2401           before r185259 behave (in terms of the lifecycle of the last exception stack
2402           trace).  We're restoring that behavior here.
2403
2404         * bindings/js/JSDOMBinding.h:
2405
2406 2015-06-11  Zalan Bujtas  <zalan@apple.com>
2407
2408         Do not crash when the descendant frame tree is destroyed during layout.
2409         https://bugs.webkit.org/show_bug.cgi?id=144540
2410         rdar://problem/20793184
2411
2412         Reviewed by Andreas Kling.
2413
2414         Widget::setFrameRect(), through WebHTMLView layout, could trigger a style recalc, which in turn
2415         could initiate an onBeforeLoad callback.
2416         If javascript happens to destroy the current iframe in the onBeforeLoad callback, we lose the descendant
2417         render tree, including the child FrameView (the iframe element's view). However the RenderIFrame
2418         object stays protected until after the layout is done. (see protectRenderWidgetUntilLayoutIsDone())
2419
2420         Climbing back on the callstack, we need to make sure that
2421         1. the root widget of the descendant render tree (FrameView) stays valid as long as it is needed.
2422         2. RenderFrameBase::layoutWithFlattening() can handle the case when the associated widget (child FrameView) is set to nullptr.
2423         (see RenderWidget::willBeDestroyed() -> setWidget(nullptr))
2424
2425         (and later, when layout is finished this (RenderIFrame) object gets destroyed too.)
2426
2427         Covered by fast/frames/flattening/crash-remove-iframe-during-object-beforeload.html.
2428
2429         * page/FrameView.cpp:
2430         (WebCore::FrameView::setFrameRect):
2431         (WebCore::FrameView::updateEmbeddedObject):
2432         (WebCore::FrameView::updateWidgetPositions):
2433         * platform/ScrollView.cpp:
2434         (WebCore::ScrollView::setFrameRect):
2435         * platform/mac/WidgetMac.mm:
2436         (WebCore::Widget::setFrameRect):
2437         * rendering/RenderFrameBase.cpp:
2438         (WebCore::RenderFrameBase::layoutWithFlattening):
2439         (WebCore::RenderFrameBase::childRenderView):
2440         (WebCore::RenderFrameBase::peformLayoutWithFlattening):
2441         * rendering/RenderFrameBase.h:
2442         * rendering/RenderWidget.cpp:
2443         (WebCore::RenderWidget::updateWidgetPosition):
2444         * rendering/RenderWidget.h:
2445
2446 2015-06-11  Commit Queue  <commit-queue@webkit.org>
2447
2448         Unreviewed, rolling out r185470.
2449         https://bugs.webkit.org/show_bug.cgi?id=145902
2450
2451         Caused ASan violations (Requested by ap on #webkit).
2452
2453         Reverted changeset:
2454
2455         "Add an appearance keyword for wireless playback / airplay
2456         icon"
2457         https://bugs.webkit.org/show_bug.cgi?id=145892
2458         http://trac.webkit.org/changeset/185470
2459
2460 2015-06-11  Brady Eidson  <beidson@apple.com>
2461
2462         IndexedDB onupgradeneeded event has incorrect value for oldVersion.
2463         <rdar://problem/18309792> and https://bugs.webkit.org/show_bug.cgi?id=136888
2464
2465         Reviewed by Sam Weinig.
2466
2467         Test: storage/indexeddb/version-change-event-basic.html
2468
2469         "NoIntVersion" is an internal bookkeeping concept that we never should've been passing to Javascript.
2470         
2471         This cleans up things by:
2472         - Adjusting an old version of "NoIntVersion" to "0" before making the version change callback.
2473         - Removing the VersionNullness parameter from almost everywhere.
2474         - Removing the nullability of the newVersion parameter from the IDL.
2475
2476         * Modules/indexeddb/IDBDatabase.cpp:
2477         (WebCore::IDBDatabase::onVersionChange):
2478         * Modules/indexeddb/IDBDatabase.h:
2479         
2480         * Modules/indexeddb/IDBDatabaseBackend.cpp:
2481         (WebCore::IDBDatabaseBackend::runIntVersionChangeTransaction):
2482         (WebCore::IDBDatabaseBackend::deleteDatabase):
2483         
2484         * Modules/indexeddb/IDBDatabaseCallbacks.h:
2485         * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
2486         (WebCore::IDBDatabaseCallbacksImpl::onVersionChange):
2487         * Modules/indexeddb/IDBDatabaseCallbacksImpl.h:
2488         
2489         * Modules/indexeddb/IDBOpenDBRequest.cpp:
2490         (WebCore::IDBOpenDBRequest::onBlocked):
2491         (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
2492         
2493         * Modules/indexeddb/IDBTransactionBackendOperations.cpp:
2494         (WebCore::IDBDatabaseBackend::VersionChangeOperation::perform):
2495         
2496         * Modules/indexeddb/IDBVersionChangeEvent.cpp:
2497         (WebCore::IDBVersionChangeEvent::IDBVersionChangeEvent):
2498         * Modules/indexeddb/IDBVersionChangeEvent.h:
2499         (WebCore::IDBVersionChangeEvent::create):
2500         (WebCore::IDBVersionChangeEvent::newVersion):
2501         * Modules/indexeddb/IDBVersionChangeEvent.idl:
2502
2503 2015-06-11  Matt Rajca  <mrajca@apple.com>
2504
2505         Media Session: Add plumbing for media control event delivery.
2506         https://bugs.webkit.org/show_bug.cgi?id=145859
2507
2508         Reviewed by Anders Carlsson.
2509
2510         * Modules/mediasession/MediaEventTypes.h: Added.
2511         * WebCore.xcodeproj/project.pbxproj:
2512         * page/Page.cpp:
2513         (WebCore::Page::handleMediaEvent): Toggle media playback upon receiving the PlayPause event as described in the spec.
2514         * page/Page.h:
2515
2516 2015-06-11  Jon Lee  <jonlee@apple.com>
2517
2518         Update media controls JS and CSS to use picture-in-picture
2519         https://bugs.webkit.org/show_bug.cgi?id=145827
2520         <rdar://problem/21311576>
2521
2522         Reviewed by Dean Jackson.
2523
2524         * English.lproj/mediaControlsLocalizedStrings.js: Update localized strings.
2525         Add a string for the placeholder text, and for the aria-label of the
2526         placard.
2527
2528         * Modules/mediacontrols/MediaControlsHost.idl: Remove uncalled functions.
2529         * Modules/mediacontrols/MediaControlsHost.h: Also remove optimizedFullscreenSupported(),
2530         which was never used.
2531         * Modules/mediacontrols/MediaControlsHost.cpp: Remove uncalled functions and media part IDs.
2532         (WebCore::MediaControlsHost::enterFullscreenOptimized): Deleted.
2533         (WebCore::MediaControlsHost::mediaUIImageData): Deleted.
2534
2535         * Modules/mediacontrols/mediaControlsApple.css:
2536         (audio::-webkit-media-controls-picture-in-picture-button): Update pseudo-element name.
2537         (audio::-webkit-media-controls-optimized-fullscreen-button): Deleted.
2538         * Modules/mediacontrols/mediaControlsApple.js: Update global variable name, and classes.
2539         (Controller.prototype.createControls): Update button name. Add aria-label to the placeholder.
2540         (Controller.prototype.updateFullscreenButtons):
2541         (Controller.prototype.updateLayoutForDisplayedWidth):
2542         (Controller.prototype.handlePictureInPictureButtonClicked): Update handler names.
2543         (Controller.prototype.handleOptimizedFullscreenButtonClicked): Deleted.
2544
2545         * Modules/mediacontrols/mediaControlsiOS.css: Rename pseudo-element.
2546         (audio::-webkit-media-controls-picture-in-picture-button): Add mask images.
2547         (audio::-webkit-media-controls-picture-in-picture-button:active):
2548         (video::-webkit-media-controls-picture-in-picture-button):
2549         (video::-webkit-media-controls-picture-in-picture-button.return-from-picture-in-picture):
2550         (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):
2551         (audio::-webkit-media-controls-wireless-playback-text-top.picture-in-picture):
2552         (audio::-webkit-media-controls-wireless-playback-text-bottom.picture-in-picture):
2553         (audio::-webkit-media-controls-optimized-fullscreen-button): Deleted.
2554         (audio::-webkit-media-controls-optimized-fullscreen-button:active): Deleted.
2555         (video::-webkit-media-controls-optimized-fullscreen-button): Deleted.
2556         (audio::-webkit-media-controls-wireless-playback-status.optimized): Deleted. The placard
2557         pseudo-element should be updated from wireless-playback-status to just playback-status
2558         since it serves both for pip and AirPlay.
2559         (audio::-webkit-media-controls-wireless-playback-text-top.optimized): Deleted.
2560         (audio::-webkit-media-controls-wireless-playback-text-bottom.optimized): Deleted.
2561         * Modules/mediacontrols/mediaControlsiOS.js:
2562         (ControllerIOS.prototype.createControls): Update button names.
2563         (ControllerIOS.prototype.configureInlineControls):
2564         (ControllerIOS.prototype.handlePictureInPictureButtonClicked): Update handler name.
2565         (ControllerIOS.prototype.handlePictureInPictureTouchStart):
2566         (ControllerIOS.prototype.handlePictureInPictureTouchEnd):
2567         (ControllerIOS.prototype.handlePictureInPictureTouchCancel):
2568         (ControllerIOS.prototype.handlePresentationModeChange): Remove changes to the inline bg
2569         image style, and rely on the CSS to fill those in. Use localized strings for the placard.
2570         Move the aria-label to createControls().
2571         (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked): Deleted.
2572         (ControllerIOS.prototype.handleOptimizedFullscreenTouchStart): Deleted.
2573         (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd): Deleted.
2574         (ControllerIOS.prototype.handleOptimizedFullscreenTouchCancel): Deleted.
2575
2576         * html/HTMLMediaElement.cpp: Remove enterFullscreenOptimized since it is never called.
2577         (WebCore::HTMLMediaElement::enterFullscreenOptimized): Deleted.
2578         * html/HTMLMediaElement.h:
2579         * platform/ios/WebCoreSystemInterfaceIOS.h: Remove wkGetMediaUIImageData.
2580         * platform/ios/WebCoreSystemInterfaceIOS.mm:
2581         * rendering/RenderThemeIOS.mm:
2582         (WebCore::RenderThemeIOS::mediaControlsStyleSheet): Remove calls to wkGetMediaUIImageData.
2583
2584 2015-06-11  Dean Jackson  <dino@apple.com>
2585
2586         Add an appearance keyword for wireless playback / airplay icon
2587         https://bugs.webkit.org/show_bug.cgi?id=145892
2588         <rdar://problem/21344872>
2589
2590         Reviewed by Simon Fraser.
2591
2592         Add a new "-webkit-appearance" value named "-apple-airplay"
2593         which will be used to render an icon. This change simply
2594         adds support for the value, and puts in hooks for drawing.
2595
2596         At the moment this is only going to be used by Airplay, so
2597         the public-facing name is "-apple-airplay". However, the
2598         implementation in Theme has a more generic name, in case
2599         we hook it up for other ports later.
2600
2601         Test: fast/css/appearance-airplay.html
2602
2603         * css/CSSParser.cpp:
2604         (WebCore::cssValueKeywordID): This new keyword should not get
2605         translated into having a -webkit prefix.
2606         * css/CSSPrimitiveValueMappings.h:
2607         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): New mapping from
2608         the Theme to the CSS value.
2609         * css/CSSValueKeywords.in: Add "-apple-airplay".
2610         * platform/ThemeTypes.h: New ControlPart.
2611         * rendering/RenderTheme.cpp: Stub implementation of the rendering and
2612         style update for the new appearance.
2613         (WebCore::RenderTheme::adjustStyle):
2614         (WebCore::RenderTheme::paint):
2615         (WebCore::RenderTheme::adjustWirelessPlaybackIconStyle):
2616         (WebCore::RenderTheme::paintWirelessPlaybackIcon):
2617         * rendering/RenderTheme.h:
2618         * rendering/RenderThemeMac.h:
2619         * rendering/RenderThemeMac.mm:
2620         (WebCore::RenderThemeMac::adjustWirelessPlaybackIconStyle):
2621         (WebCore::RenderThemeMac::paintWirelessPlaybackIcon):
2622
2623 2015-06-11  Commit Queue  <commit-queue@webkit.org>
2624
2625         Unreviewed, rolling out r185464.
2626         https://bugs.webkit.org/show_bug.cgi?id=145894
2627
2628         "This patch is breaking binding tests" (Requested by youenn on
2629         #webkit).
2630
2631         Reverted changeset:
2632
2633         "Bindings generator should generate code for Promise-based
2634         APIs"
2635         https://bugs.webkit.org/show_bug.cgi?id=145833
2636         http://trac.webkit.org/changeset/185464
2637
2638 2015-06-11  Commit Queue  <commit-queue@webkit.org>
2639
2640         Unreviewed, rolling out r185465.
2641         https://bugs.webkit.org/show_bug.cgi?id=145893
2642
2643         "This patch is breaking 32bit mac build" (Requested by youenn
2644         on #webkit).
2645
2646         Reverted changeset:
2647
2648         "[Streams API] ReadableJSStream should handle promises
2649         returned by JS source start callback"
2650         https://bugs.webkit.org/show_bug.cgi?id=145792
2651         http://trac.webkit.org/changeset/185465
2652
2653 2015-06-11  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>
2654
2655         [Streams API] ReadableJSStream should handle promises returned by JS source start callback
2656         https://bugs.webkit.org/show_bug.cgi?id=145792
2657
2658         Reviewed by Darin Adler.
2659
2660         Covered by rebased tests.
2661
2662         When calling start callback, the returned value is checked.
2663         If it is not a promise, we do as if it is a resolved promise.
2664         If it is a promise, we call its then() method with two resolve/reject JS functions.
2665
2666         * Modules/streams/ReadableStream.cpp:
2667         * bindings/js/ReadableJSStream.cpp:
2668         (WebCore::ReadableJSStream::invoke): Returns a JSPromise* if any is returned by the JS source callback.
2669         (WebCore::thenPromise): Utility method to call the promise.
2670         (WebCore::createStartResultFulfilledFunction): The promise resolve callback.
2671         (WebCore::ReadableJSStream::doStart): Calls thenPromise if a JSPromise* is returned by invoke.
2672         (WebCore::ReadableJSStream::ReadableJSStream):
2673         * bindings/js/ReadableJSStream.h:
2674
2675 2015-06-11  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2676
2677         Bindings generator should generate code for Promise-based APIs
2678         https://bugs.webkit.org/show_bug.cgi?id=145833
2679
2680         Reviewed by Darin Adler.
2681
2682         Covered by existing tests.
2683
2684         * Modules/webaudio/AudioContext.idl: Removing custom binding for resume, suspend and close.
2685         * bindings/js/JSAudioContextCustom.cpp: Ditto.
2686         * bindings/scripts/CodeGeneratorJS.pm:
2687         (GenerateHeader): Refactoring to use IsReturningPromise.
2688         (GenerateImplementation): Disabling include for return type if it is a promise.
2689         (GenerateParametersCheck): Adding DeferredWrapper() as argument to the DOM method if JS method returns a promise.
2690         (GenerateImplementationFunctionCall): Added support for promise-returning API.
2691         (IsReturningPromise): Checking whether function is returning a promise.
2692         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2693         (webkit_dom_test_obj_test_promise_function):
2694         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2695         * bindings/scripts/test/JS/JSTestObj.cpp:
2696         (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
2697         * bindings/scripts/test/ObjC/DOMTestObj.h:
2698         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2699         (-[DOMTestObj testPromiseFunction]):
2700         * bindings/scripts/test/TestObj.idl: Adding promise returning function.
2701
2702
2703 2015-06-08  Simon Fraser  <simon.fraser@apple.com>
2704
2705         Missing content in UIWebView snapshots sometimes
2706         https://bugs.webkit.org/show_bug.cgi?id=145779
2707         rdar://problem/20744708
2708
2709         Reviewed by Darin Adler.
2710         
2711         When expanding collapsed parts of quoted text on iOS, sometimes the "concertina"
2712         images would be blank. This happened because we'd fail to create tiles for regions
2713         outside the LegacyTileCache's visibleRect.
2714         
2715         Fix by giving LegacyTileCache an optional override visibleRect, which is set
2716         and cleared during -renderInContext: using the context clip rect.
2717
2718         * platform/ios/LegacyTileCache.h:
2719         * platform/ios/LegacyTileCache.mm:
2720         (WebCore::LegacyTileCache::visibleRectInLayer):
2721         (WebCore::LegacyTileCache::setOverrideVisibleRect):
2722         * platform/ios/LegacyTileLayer.mm:
2723         (-[LegacyTileHostLayer renderInContext:]):
2724
2725 2015-06-11  Daniel Bates  <dabates@apple.com>
2726
2727         Simplify event handling logic for search cancel button
2728         https://bugs.webkit.org/show_bug.cgi?id=145780
2729
2730         Reviewed by Darin Adler.
2731
2732         Following the patch for <https://bugs.webkit.org/show_bug.cgi?id=145774> we can take advantage
2733         of the DOM click event to simplify the event handling logic for the search cancel button.
2734         It is sufficient to listen for mousedown and click events instead of listening for mousedown
2735         and mouseup events, capturing all events during drag, and using the hover state of the button
2736         on mouse release together with a instance variable set on mouse press to determine whether
2737         the cancel button was clicked.
2738
2739         As a side effect of removing the requirement that the search cancel button be hovered (a
2740         workaround to ensure that the mouse was pressed and released on the button in absence of
2741         listening for an explicit DOM click event) we can remove the accessibility-specific class,
2742         AccessibilitySearchFieldCancelButton, that was primarily used to fake the hover state of
2743         the button so that the accessibility machinery could simulate a click on it. Instead we
2744         can add use the default accessibility machinery for clicking on an element.
2745
2746         No new tests since no functionality was changed.
2747
2748         * CMakeLists.txt: Remove reference to file AccessibilitySearchFieldButtons.cpp.
2749         * WebCore.vcxproj/WebCore.vcxproj: Remove reference to files AccessibilitySearchFieldButtons.{cpp, h}.
2750         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
2751         * WebCore.xcodeproj/project.pbxproj: Ditto.
2752         * accessibility/AXObjectCache.cpp:
2753         (WebCore::createFromRenderer): Remove special-purpose logic that instantiated
2754         AccessibilitySearchFieldCancelButton for the search cancel button. Instead we can make
2755         use of the existing accessibility machinery to handle this button.
2756         * accessibility/AccessibilityAllInOne.cpp: Remove #include of AccessibilitySearchFieldButtons.cpp
2757         since the file is no longer needed.
2758         * accessibility/AccessibilitySearchFieldButtons.cpp: Removed.
2759         * accessibility/AccessibilitySearchFieldButtons.h: Removed.
2760         * dom/Element.h:
2761         (WebCore::Element::isSearchFieldCancelButtonElement): Deleted.
2762         * html/shadow/TextControlInnerElements.cpp:
2763         (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement): Set the ARIA role
2764         and label attributes so that the accessibility system identifies the search cancel button as
2765         a button and shows a description for the button, respectively.
2766         (WebCore::SearchFieldCancelButtonElement::defaultEventHandler): Simplify the event handling logic
2767         such that we clear the field when we receive a DOM click event (i.e. the mouse was pressed
2768         and released on the button). Remove unused variable, oldValue. Substitute emptyString() for the
2769         empty string literal in the call to HTMLInputElement::setValueForUser() to avoid an implicit
2770         conversion to String. Also remove out-of-date comment that repeated what the code does.
2771         (WebCore::SearchFieldCancelButtonElement::willDetachRenderers): Deleted. We no longer need to use
2772         custom style resolve callbacks to reset the state of the EventHandler since we no longer need to
2773         have the EventHandler dispatch all mouse events to us on mouse press.
2774         * html/shadow/TextControlInnerElements.h:
2775
2776 2015-06-11  Commit Queue  <commit-queue@webkit.org>
2777
2778         Unreviewed, rolling out r185453.
2779         https://bugs.webkit.org/show_bug.cgi?id=145881
2780
2781         it broke the 32-bit build (Requested by clopez on #webkit).
2782
2783         Reverted changeset:
2784
2785         "[GTK] [Wayland] Should be possible to build with support for
2786         both X11 and Wayland."
2787         https://bugs.webkit.org/show_bug.cgi?id=145701
2788         http://trac.webkit.org/changeset/185453
2789
2790 2015-06-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>
2791
2792         [GTK] [Wayland] Should be possible to build with support for both X11 and Wayland.
2793         https://bugs.webkit.org/show_bug.cgi?id=145701
2794
2795         Reviewed by Žan Doberšek.
2796
2797         No new tests, no behavior changes.
2798
2799         When building both targets, we have to include the wayland-egl
2800         headers in order to build the Wayland target. This causes that
2801         EGLNativePixmapType and EGLNativeWindowType get defined as
2802         different types than when building only the X11 target.
2803
2804         By type casting them to the ones that are expected, we are able
2805         to build both targets at the same time.
2806
2807         I have done tests (building each target alone as also both targets
2808         at the same time), and everything seems to works as expected.
2809
2810         Once built for both targets, if you try to launch the MiniBrowser
2811         from inside a Wayland compositor (Weston on top of X for example),
2812         it will trigger the X11 target if the DISPLAY environment variable
2813         is set and the environment variable GDK_BACKEND is not set to wayland,
2814         otherwise it will trigger the Wayland target.
2815
2816         * platform/graphics/GLContext.cpp:
2817         (WebCore::GLContext::createContextForWindow): Add type cast.
2818         * platform/graphics/egl/GLContextEGL.cpp: Add missing include when
2819         building both targets that is required for defining DefaultRootWindow().
2820         (WebCore::GLContextEGL::createPixmapContext): Add type cast.
2821
2822 2015-06-11  Hunseop Jeong  <hs85.jeong@samsung.com>
2823
2824         [EFL] Fix the debug build after r185417.
2825         https://bugs.webkit.org/show_bug.cgi?id=145876 
2826
2827         Reviewed by Gyuyoung Kim.
2828
2829         * platform/graphics/efl/ImageBufferEfl.cpp: added the missing "MIMETypeRegistry.h".
2830
2831 2015-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2832
2833         [iOS] Tahoma isn't installed on iOS, so there is no need to blacklist it
2834         https://bugs.webkit.org/show_bug.cgi?id=145865
2835
2836         Reviewed by Dan Bernstein.
2837
2838         No new tests because I can't copy Tahoma into our open source repository.
2839
2840         * platform/graphics/cocoa/FontCocoa.mm:
2841         (WebCore::fontFamilyShouldNotBeUsedForArabic):
2842
2843 2015-06-10  Commit Queue  <commit-queue@webkit.org>
2844
2845         Unreviewed, rolling out r185442.
2846         https://bugs.webkit.org/show_bug.cgi?id=145871
2847
2848         seems to have broken WTF.StringOperators test (Requested by
2849         alexchristensen on #webkit).
2850
2851         Reverted changeset:
2852
2853         "[Content Extensions] Limit number of rules."
2854         https://bugs.webkit.org/show_bug.cgi?id=145663
2855         http://trac.webkit.org/changeset/185442
2856
2857 2015-06-10  Jon Lee  <jonlee@apple.com>
2858
2859         Update presentation mode JS API to using 'picture-in-picture'
2860         https://bugs.webkit.org/show_bug.cgi?id=145826
2861         rdar://problem/2131153
2862
2863         Reviewed by Anders Carlsson.
2864
2865         Update presentation modes to use 'picture-in-picture' in lieu of 'optimized'.
2866
2867         * html/HTMLVideoElement.idl: Update to "picture-in-picture".
2868         * html/HTMLVideoElement.cpp:
2869         (WebCore::presentationModePictureInPicture): Rename static function returning string.
2870         (WebCore::presentationModeOptimized): Deleted.
2871         (WebCore::HTMLVideoElement::webkitSupportsPresentationMode): Use the new static function name.
2872         (WebCore::HTMLVideoElement::webkitSetPresentationMode): Ditto.
2873         (WebCore::HTMLVideoElement::webkitPresentationMode): Ditto.
2874
2875         * Modules/mediacontrols/mediaControlsiOS.js: Update to 'picture-in-picture'.
2876         (ControllerIOS.prototype.configureInlineControls): 
2877         (ControllerIOS.prototype.isFullScreen):
2878         (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked):
2879         (ControllerIOS.prototype.handlePresentationModeChange):
2880         (ControllerIOS.prototype.controlsAlwaysVisible):
2881
2882 2015-06-10  Boris Smus  <boris@smus.com>
2883
2884         [Mobile Safari, WKWebView] increase DeviceOrientationEvent events emission frequency
2885         https://bugs.webkit.org/show_bug.cgi?id=145814
2886
2887         Reviewed by Benjamin Poulain.
2888
2889         Increased the sampling rate of DeviceOrientationEvent from 20 Hz to 60
2890         Hz to make good head tracking possible.
2891
2892         * platform/ios/WebCoreMotionManager.h:
2893
2894 2015-06-10  Alex Christensen  <achristensen@webkit.org>
2895
2896         [Content Extensions] Limit number of rules.
2897         https://bugs.webkit.org/show_bug.cgi?id=145663
2898         rdar://problem/21242407
2899
2900         Reviewed by Benjamin Poulain.
2901
2902         Added an API test to make sure that parsing fails when there are too many rules.
2903
2904         * contentextensions/ContentExtensionError.cpp:
2905         (WebCore::ContentExtensions::contentExtensionErrorCategory):
2906         * contentextensions/ContentExtensionError.h:
2907         * contentextensions/ContentExtensionParser.cpp:
2908         (WebCore::ContentExtensions::loadEncodedRules):
2909         Fail to parse a content extension with more than 50000 rules.
2910
2911 2015-06-10  Said Abou-Hallawa  <sabouhallawa@apple.com>
2912
2913         REGRESSION (r184895): Vertical border elements ([-webkit]-border-image set to 'repeat') that used to render perfectly are now rendering incorrectly.
2914         https://bugs.webkit.org/show_bug.cgi?id=145801
2915
2916         Reviewed by Simon Fraser.
2917
2918         When using the tiling to draw the sides of an image-border, the image slice
2919         is repeated only in one direction. For top and bottom sides, the slice is
2920         repeated horizontally and for left and right sides, it's repeated vertically.
2921         The tile might be scaled in the other direction of the tiling if the border
2922         extent and the slice extent are different in this direction.
2923         
2924         The bug happens because we were scaling the tile in the tiling direction.
2925
2926         Test: fast/borders/border-image-repeat-stretch.html
2927
2928         * rendering/style/NinePieceImage.cpp:
2929         (WebCore::NinePieceImage::scaleSlicesIfNeeded): Fix the type and the name
2930         of deviceScaleFactor.
2931         
2932         (WebCore::NinePieceImage::computeIntrinsicSideTileScale): Fix the scaling
2933         direction of the border image side tiling.
2934         
2935         * rendering/style/NinePieceImage.h:
2936
2937 2015-06-10  Chris Dumez  <cdumez@apple.com>
2938
2939         ASSERT_WITH_SECURITY_IMPLICATION in WebCore::DocumentOrderedMap::getElementById
2940         https://bugs.webkit.org/show_bug.cgi?id=145857
2941         <rdar://problem/16798440>
2942
2943         Reviewed by Darin Adler.
2944
2945         Make sure Node::insertedInto() gets called on the inserted node and its
2946         descendants after its insertion into the tree but *before*
2947         ContainerNode::childrenChanged() is called on the parent node. This is
2948         needed so that the descendants know they've been inserted into the tree
2949         (and their InDocumentFlag flag gets set) before the parent node does
2950         anything with them in childrenChanged().
2951
2952         In the case of <rdar://problem/16798440>, executing HTMLScriptElement's
2953         childrenChanged() after appending a child to a script element was causing
2954         the script to be executed. The script would call getElementBy() which
2955         would traverse the DOM tree and find a matching Element in the newly
2956         inserted subtree. However, the matching Element's InDocumentFlag flag was
2957         not set yet because the element's insertedInto() method has not been called
2958         yet at this point. This would cause us to hit an assertion as
2959         DocumentOrderedMap::getElementById() is only supposed to return elements
2960         that are in a Document.
2961
2962         This patch is based on Blink r178976 by <esprehn@chromium.org>:
2963         https://src.chromium.org/viewvc/blink?view=rev&revision=178976
2964
2965         Tests: fast/dom/script-getElementById-during-insertion.html
2966                fast/dom/script-remove-child-id-map.html
2967
2968         * dom/ContainerNode.cpp:
2969         (WebCore::ContainerNode::notifyChildInserted):
2970         (WebCore::ContainerNode::notifyChildRemoved):
2971         (WebCore::ContainerNode::removeChildren):
2972         (WebCore::ContainerNode::parserInsertBefore): Deleted.
2973         (WebCore::ContainerNode::removeChild): Deleted.
2974         (WebCore::ContainerNode::parserRemoveChild): Deleted.
2975         (WebCore::ContainerNode::parserAppendChild): Deleted.
2976         (WebCore::ContainerNode::childrenChanged): Deleted.
2977         (WebCore::ContainerNode::setAttributeEventListener): Deleted.
2978         (WebCore::ContainerNode::querySelector): Deleted.
2979         * dom/ContainerNodeAlgorithms.cpp:
2980         (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoDocument):
2981         (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoTree):
2982         * dom/ContainerNodeAlgorithms.h:
2983         (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoDocument):
2984         (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoTree):
2985         (WebCore::ChildNodeInsertionNotifier::notify):
2986         (WebCore::ChildNodeRemovalNotifier::notifyNodeRemovedFromDocument): Deleted.
2987         * dom/Element.cpp:
2988         (WebCore::Element::addShadowRoot):
2989
2990 2015-06-10  Alex Christensen  <achristensen@webkit.org>
2991
2992         [Web Timing] Fix flaky test.
2993         https://bugs.webkit.org/show_bug.cgi?id=145846
2994
2995         Reviewed by Alexey Proskuryakov.
2996
2997         The timing data is gathered in ResourceHandle::getConnectionTimingData as 
2998         millisecond deltas from the fetch start time, not the navigation start time.
2999         The difference between navigation and fetch start time is usually so small that 
3000         it only caused one flaky test, but this should fix that flakiness. This patch 
3001         corrects how the millisecond deltas are used.
3002
3003         * page/PerformanceTiming.cpp:
3004         (WebCore::PerformanceTiming::domainLookupStart):
3005         (WebCore::PerformanceTiming::domainLookupEnd):
3006         (WebCore::PerformanceTiming::connectStart):
3007         (WebCore::PerformanceTiming::connectEnd):
3008         (WebCore::PerformanceTiming::secureConnectionStart):
3009         (WebCore::PerformanceTiming::requestStart):
3010         (WebCore::PerformanceTiming::responseStart):
3011         (WebCore::PerformanceTiming::responseEnd):
3012         (WebCore::PerformanceTiming::documentLoadTiming):
3013         (WebCore::PerformanceTiming::resourceLoadTimeRelativeToFetchStart):
3014         (WebCore::PerformanceTiming::monotonicTimeToIntegerMilliseconds):
3015         (WebCore::PerformanceTiming::resourceLoadTimeRelativeToAbsolute): Deleted.
3016         * page/PerformanceTiming.h:
3017
3018 2015-06-10  Beth Dakin  <bdakin@apple.com>
3019
3020         Overriding the overlay scrollbar style on WKView doesn't take effect immediately
3021         https://bugs.webkit.org/show_bug.cgi?id=145855
3022         -and corresponding-
3023         rdar://problem/20948706
3024
3025         Reviewed by Simon Fraser.
3026
3027         Since we opt into layer-per-part scrollbars in order to move the knob on the 
3028         secondary thread, AppKit is creating its own layers for the knob and track. To 
3029         invalidate them, we need to call into the ScrollbarPainter’s setNeedsDisplay.
3030
3031         New virtual function on ScrollAnimator to call into ScrollbarPainter’s 
3032         setNeedsDispay.
3033         * platform/ScrollAnimator.h:
3034
3035         Call the new function when setting the overlay style.
3036         * platform/ScrollableArea.cpp:
3037         (WebCore::ScrollableArea::setScrollbarOverlayStyle):
3038
3039         Add setNeedsDisplay to the list of ScrollbarPainter methods.
3040         * platform/mac/NSScrollerImpDetails.h:
3041
3042         Implement invalidateScrollbarPartLayers.
3043         * platform/mac/ScrollAnimatorMac.h:
3044         * platform/mac/ScrollAnimatorMac.mm:
3045         (WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):
3046
3047 2015-06-10  Matt Rajca  <mrajca@apple.com>
3048
3049         MediaRemoteControls should be marked JSGenerateToJSObject.
3050         https://bugs.webkit.org/show_bug.cgi?id=145849
3051
3052         Reviewed by Eric Carlson.
3053
3054         Since MediaRemoteControls has a parent interface, we need to add the JSGenerateToJSObject attribute so the
3055         toJS(...) function gets generated. This is required for event handling to work.
3056
3057         * Modules/mediasession/MediaRemoteControls.idl:
3058
3059 2015-06-10  Dean Jackson  <dino@apple.com>
3060
3061         User can not scroll on page when dragging inside video
3062         https://bugs.webkit.org/show_bug.cgi?id=145848
3063         <rdar://problem/20997158>
3064
3065         Reviewed by Brent Fulgham.
3066
3067         Revert the change made in http://trac.webkit.org/changeset/183797
3068         which breaks panning on pages if the touch starts inside the video.
3069
3070         * Modules/mediacontrols/mediaControlsiOS.js:
3071         (ControllerIOS.prototype.handleWrapperTouchStart): Do not return true, which stops
3072         the handleEvent call in the superclass from preventing the default action.
3073
3074 2015-06-10  Matt Rajca  <mrajca@apple.com>
3075
3076         Explicitly keep track of active HTMLMediaElements in MediaSessions.
3077         https://bugs.webkit.org/show_bug.cgi?id=145829
3078
3079         Reviewed by Eric Carlson.
3080
3081         * Modules/mediasession/MediaSession.cpp: Add support for keeping track of active media elements.
3082         (WebCore::MediaSession::addActiveMediaElement):
3083         * Modules/mediasession/MediaSession.h:
3084         * html/HTMLMediaElement.cpp:
3085         (WebCore::HTMLMediaElement::playInternal): If the paused attribute is true and the readyState attribute has the
3086           value HAVE_FUTURE_DATA or HAVE_ENOUGH_DATA, the media element becomes an active participating element of the
3087           media session.
3088
3089 2015-06-10  Chris Dumez  <cdumez@apple.com>
3090
3091         Drop unused argument for Node::didNotifySubtreeInsertions()
3092         https://bugs.webkit.org/show_bug.cgi?id=145845
3093
3094         Reviewed by Andreas Kling.
3095
3096         * dom/ContainerNodeAlgorithms.h:
3097         (WebCore::ChildNodeInsertionNotifier::notify):
3098         * dom/Node.h:
3099         (WebCore::Node::didNotifySubtreeInsertions):
3100         * html/HTMLFrameElementBase.cpp:
3101         (WebCore::HTMLFrameElementBase::didNotifySubtreeInsertions):
3102         * html/HTMLFrameElementBase.h:
3103         * svg/SVGFEImageElement.cpp:
3104         (WebCore::SVGFEImageElement::didNotifySubtreeInsertions):
3105         * svg/SVGFEImageElement.h:
3106         * svg/SVGMPathElement.cpp:
3107         (WebCore::SVGMPathElement::didNotifySubtreeInsertions):
3108         * svg/SVGMPathElement.h:
3109         * svg/SVGTRefElement.cpp:
3110         (WebCore::SVGTRefElement::didNotifySubtreeInsertions):
3111         * svg/SVGTRefElement.h:
3112         * svg/SVGTextPathElement.cpp:
3113         (WebCore::SVGTextPathElement::didNotifySubtreeInsertions):
3114         * svg/SVGTextPathElement.h:
3115         * svg/animation/SVGSMILElement.cpp:
3116         (WebCore::SVGSMILElement::didNotifySubtreeInsertions):
3117         * svg/animation/SVGSMILElement.h:
3118
3119 2015-06-10  KwangHyuk Kim  <hyuki.kim@samsung.com>
3120
3121         [EFL] Jpeg image export implementation for Canvas.
3122         https://bugs.webkit.org/show_bug.cgi?id=145457
3123
3124         Reviewed by Gyuyoung Kim.
3125
3126         Add implementation of jpeg image export on Webkit EFL by using JPEGImageEncoder.
3127
3128         No new tests, fast/canvas/toDataURL-supportedTypes.html can be reused.
3129
3130         * PlatformEfl.cmake:
3131         * platform/MIMETypeRegistry.cpp:
3132         (WebCore::initializeSupportedImageMIMETypesForEncoding):
3133         * platform/graphics/cairo/ImageBufferCairo.cpp:
3134         * platform/graphics/efl/ImageBufferEfl.cpp: Added.
3135         (WebCore::writeFunction):
3136         (WebCore::encodeImage):
3137         (WebCore::ImageBuffer::toDataURL):
3138         * platform/image-encoders/JPEGImageEncoder.cpp:
3139         (WebCore::compressRGBABigEndianToJPEG):
3140
3141 2015-06-10  Carlos Garcia Campos  <cgarcia@igalia.com>
3142
3143         [GTK] Move KeyBindingTranslator from platform to WebKit2 layer
3144         https://bugs.webkit.org/show_bug.cgi?id=145840
3145
3146         Reviewed by Martin Robinson.
3147
3148         It's currently used only by WebKit2 in the UI process and it's
3149         another file built twice because of the GTK2 plugin process.
3150
3151         * PlatformGTK.cmake:
3152
3153 2015-06-10  Carlos Garcia Campos  <cgarcia@igalia.com>
3154
3155         [GTK] Get rid of GetEditorCommandsForKeyEvent sync message
3156         https://bugs.webkit.org/show_bug.cgi?id=145598
3157
3158         Reviewed by Žan Doberšek.
3159
3160         * platform/PlatformKeyboardEvent.h:
3161         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
3162         (WebCore::PlatformKeyboardEvent::commands):
3163         * platform/gtk/KeyBindingTranslator.cpp: Use a single list of
3164         custom key bindings. We don't need to distinguish between key down and
3165         key press commands, since the web editor client already does that
3166         when executing the commands.
3167         (WebCore::KeyBindingTranslator::commandsForKeyEvent): This is
3168         getEditorCommandsForKeyEvent() renamed as commandsForKeyEvent(),
3169         since it now returns the list of commands to simplify the
3170         code. Also simplify the custom key bindings handling, by using the
3171         global list instead of moving it to a HashMap.
3172         (WebCore::KeyBindingTranslator::getEditorCommandsForKeyEvent): Deleted.
3173         * platform/gtk/KeyBindingTranslator.h:
3174
3175 2015-06-10  Per Arne Vollan  <peavo@outlook.com>
3176
3177         [WinCairo] Crash on exit when terminating egl
3178         https://bugs.webkit.org/show_bug.cgi?id=145832
3179
3180         Reviewed by Carlos Garcia Campos.
3181
3182         Avoid terminating egl on exit for WinCairo.
3183
3184         * platform/graphics/PlatformDisplay.cpp:
3185         (WebCore::PlatformDisplay::~PlatformDisplay):
3186
3187 2015-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3188
3189         Refactor AudioContext implementation to enable automatic binding generation of promise-based methods
3190         https://bugs.webkit.org/show_bug.cgi?id=145223
3191
3192         Reviewed by Darin Adler.
3193
3194         Introducing DOMPromise as a typed wrapper above DeferredWrapper.
3195         This DOMPromise allows constraining Promise resolution/rejection to a single resolution type and rejection type. 
3196         This might be useful for typed callback usage of promise based APIs, like getUserMedia() or ReadableStreamReader.read().
3197
3198         Applying DOMPromise to AudioContext close, suspend and resume.
3199         Changed binding code to represent what could be automatically generated by binding generator.
3200         Fixing unneeded copies of std::function callbacks.
3201
3202         Disabling DOMPromise copy constructors to lower chances that resolution/rejection is done twice on the same object.
3203
3204         Covered by existing tests.
3205
3206         * Modules/webaudio/AudioContext.cpp:
3207         (WebCore::AudioContext::addReaction):
3208         (WebCore::AudioContext::setState):
3209         (WebCore::AudioContext::suspend):
3210         (WebCore::AudioContext::resume):
3211         (WebCore::AudioContext::close):
3212         * Modules/webaudio/AudioContext.h:
3213         * bindings/js/JSAudioContextCustom.cpp:
3214         (WebCore::JSAudioContext::suspend):
3215         (WebCore::JSAudioContext::resume):
3216         (WebCore::JSAudioContext::close):
3217         * bindings/js/JSDOMPromise.cpp:
3218         (WebCore::DeferredWrapper::callFunction):
3219         * bindings/js/JSDOMPromise.h:
3220         (WebCore::DeferredWrapper::resolve):
3221         (WebCore::DeferredWrapper::reject):
3222         (WebCore::DOMPromise::DOMPromise):
3223         (WebCore::DOMPromise::resolve):
3224         (WebCore::DOMPromise::reject):
3225
3226 2015-06-10  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>
3227
3228         [Streams API] Implement pulling of a source by a ReadableStream
3229         https://bugs.webkit.org/show_bug.cgi?id=145262
3230
3231         Reviewed by Darin Adler
3232
3233         Introduced abstract ReadableStream::doPull() which is overriden in ReadableJSStream.
3234         Added support to call the "pull" JS callback in ReadableJSStream::doPull().
3235         Added calls to pull as requested by the spec (when resolving a read callback, at start time...).
3236
3237         Fixed issue in ReadableStreamReader::read() (use of successCallback(JSValue()) in lieu of endCallback())
3238
3239         Covered by rebased tests.
3240
3241         * Modules/streams/ReadableStream.cpp:
3242         (WebCore::ReadableStream::start): calling pull() once start.
3243         (WebCore::ReadableStream::pull): calling doPull() if readableStream states requires to.
3244         (WebCore::ReadableStream::read): calling pull() after resolving a read callback.
3245         * Modules/streams/ReadableStream.h:
3246         * Modules/streams/ReadableStreamReader.cpp:
3247         (WebCore::ReadableStreamReader::read): fixed JSValue() bug.
3248         * bindings/js/ReadableJSStream.cpp:
3249         (WebCore::ReadableJSStream::doPull): calling of JS callback.
3250         (WebCore::ReadableJSStream::storeException): catches exception and store them.
3251         (WebCore::ReadableJSStream::storeError): refactoring for checkForException.
3252         (WebCore::ReadableJSStream::enqueue):
3253         * bindings/js/ReadableJSStream.h:
3254
3255 2015-06-09  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3256
3257         DeferredWrapper should clear its JS strong references once its promise is resolved/rejected
3258         https://bugs.webkit.org/show_bug.cgi?id=145753
3259
3260         Reviewed by Darin Adler.
3261
3262         Clear strong references at the end of DeferredWrapper::resolve and DeferredWrapper::reject.
3263         Added assertions to check that resolve or reject is called only once.
3264
3265         Removed DeferredWrapper constructor that creates internally its promise.
3266         Reason is DeferredWrapper can be resolved synchronously and promise
3267         will be lost when returning it at the end of the binding promise function.
3268         Updated all custom bindings accordingly.
3269
3270         Covered by existing tests.
3271
3272         * bindings/js/JSAudioContextCustom.cpp:
3273         (WebCore::JSAudioContext::suspend): Updated DeferredWrapper constructor to properly return the promise.
3274         (WebCore::JSAudioContext::resume): Ditto.
3275         (WebCore::JSAudioContext::close): Ditto.
3276         * bindings/js/JSDOMPromise.cpp:
3277         (WebCore::DeferredWrapper::resolve): Cleared strong references after promise resolution.
3278         (WebCore::DeferredWrapper::reject): Cleared strong references after promise rejection.
3279         * bindings/js/JSDOMPromise.h:
3280         (WebCore::DeferredWrapper::resolve): Added ASSERT to check promise is not yet rejected/resolved.
3281         (WebCore::DeferredWrapper::reject): Ditto.
3282         (WebCore::DeferredWrapper::reject<ExceptionCode>): Ditto.
3283         (WebCore::DeferredWrapper::resolve<String>): Ditto.
3284         (WebCore::DeferredWrapper::resolve<bool>): Ditto.
3285         (WebCore::DeferredWrapper::resolve<JSC::JSValue>): Ditto.
3286         (WebCore::char>>):
3287         (WebCore::DeferredWrapper::reject<String>): Ditto.
3288         * bindings/js/JSMediaDevicesCustom.cpp:
3289         (WebCore::JSMediaDevices::getUserMedia): Updated DeferredWrapper constructor to properly return the promise.
3290         * bindings/js/JSReadableStreamReaderCustom.cpp:
3291         (WebCore::JSReadableStreamReader::read): Ditto.
3292         (WebCore::JSReadableStreamReader::closed): Ditto.
3293         * bindings/js/JSSubtleCryptoCustom.cpp:
3294         (WebCore::JSSubtleCrypto::encrypt): Ditto.
3295         (WebCore::JSSubtleCrypto::decrypt): Ditto.
3296         (WebCore::JSSubtleCrypto::sign): Ditto.
3297         (WebCore::JSSubtleCrypto::verify): Ditto.
3298         (WebCore::JSSubtleCrypto::digest): Ditto.
3299         (WebCore::JSSubtleCrypto::generateKey): Ditto.
3300         (WebCore::JSSubtleCrypto::importKey): Ditto.
3301         (WebCore::JSSubtleCrypto::exportKey): Ditto.
3302         (WebCore::JSSubtleCrypto::wrapKey): Ditto.
3303         (WebCore::JSSubtleCrypto::unwrapKey): Ditto.
3304
3305 2015-06-09  Zalan Bujtas  <zalan@apple.com>
3306
3307         Protect FrameView from being destroyed in Document::recalcStyle()
3308         https://bugs.webkit.org/show_bug.cgi?id=143033
3309         rdar://problem/20326871
3310
3311         Reviewed by Andreas Kling.
3312
3313         This patch ensures that FrameView stays valid in Document::recalcStyle().
3314         It follows the defensive pattern we use to deal with the refcounted FrameView (see EventDispatcher::dispatchEvent)
3315
3316         When the iframe destroys itself in the onBeforeLoad callback (as the result of
3317         PostResolutionCallbackDisabler -> HTMLObjectElement::updateWidget -> guardedDispatchBeforeLoadEvent),
3318         we detach the frame and release the FrameView. However Document::recalcStyle() expects
3319         the FrameView to stay valid.
3320
3321         Covered by fast/frames/flattening/crash-remove-iframe-during-object-beforeload.html.
3322
3323         * dom/Document.cpp:
3324         (WebCore::Document::recalcStyle):
3325
3326 2015-06-09  Daegyu Lee  <daegyu.lee@navercorp.com>
3327
3328         3D-transformed video does not display on platforms without accelerated video rendering
3329         https://bugs.webkit.org/show_bug.cgi?id=144782
3330
3331         Reviewed by Simon Fraser.
3332
3333         Video element does not get GraphicsLayer when MediaPlayerPrivate::supportsAcceleratedRendering() returns false
3334         which means not using accelerated video decoding.
3335         Although the video element gets GraphicsLayer by changing the CSS style of video element by javascript,
3336         there is no way to set GraphicsLayer::setDrawsContent(true) for updating the video content.
3337         As a result, after changing the CSS style, the video content does not show.
3338         To avoid missing setDrawsContent(true), add conditions(!supportsAcceleratedRendering() && m_requiresOwnBackingStore).
3339
3340         Test: media/video-transformed-by-javascript.html
3341               media/video-transformed-by-javascript-expected.html
3342
3343         * rendering/RenderLayerBacking.cpp:
3344         (WebCore::RenderLayerBacking::containsPaintedContent):
3345
3346 2015-06-09  Ryosuke Niwa  <rniwa@webkit.org>
3347
3348         REGRESSION(r180867): Tabbing to login field on iCloud.com doesn't have highlight for text
3349         https://bugs.webkit.org/show_bug.cgi?id=145830
3350
3351         Reviewed by Darin Adler.
3352
3353         The bug was caused by setSelection not updating RenderView when there is a style recalc scheduled
3354         that doesn't trigger a layout. Fixed the bug by explicitly updating the selection in
3355         Document::recalcStyle in that case.
3356
3357         Test: editing/selection/update-selection-by-style-change.html
3358
3359         * dom/Document.cpp:
3360         (WebCore::Document::recalcStyle):
3361         * editing/FrameSelection.cpp:
3362         (WebCore::FrameSelection::updateAppearanceAfterLayout): Renamed from didLayout.
3363         * editing/FrameSelection.h:
3364         * page/FrameView.cpp:
3365         (WebCore::FrameView::performPostLayoutTasks):
3366
3367 2015-06-09  Dean Jackson  <dino@apple.com>
3368
3369         MediaControls: Reenable resize of controls on pinch zoom
3370         https://bugs.webkit.org/show_bug.cgi?id=145824
3371         <rdar://problem/21212778>
3372
3373         Reviewed by Darin Adler.
3374
3375         Reinstate the code that updated the scaling of the
3376         controls in response to changes in page scale.
3377         This time around we have to change both the controls
3378         panel, and its blurry background.
3379
3380         * Modules/mediacontrols/mediaControlsApple.js:
3381         (Controller.prototype.set pageScaleFactor): Deleted a comment.
3382         * Modules/mediacontrols/mediaControlsiOS.css:
3383         (video::-webkit-media-controls-panel-background): Set the background to pin
3384         to the bottom of its view.
3385         * Modules/mediacontrols/mediaControlsiOS.js:
3386         (ControllerIOS.prototype.get pageScaleFactor): Basic getter, copied from mediaControlsApple.
3387         (ControllerIOS.prototype.set pageScaleFactor): The setter that reacts to the page scale
3388         and applies an inverse scaling on the control panel using a transform, and adjusts the
3389         height on the background similarly.
3390
3391 2015-06-09  Andreas Kling  <akling@apple.com>
3392
3393         GraphicsContext state stack wasting lots of memory when empty.
3394         <https://webkit.org/b/145817>
3395
3396         Reviewed by Geoffrey Garen.
3397
3398         Give the GraphicsContextState stack an inline capacity of 1, and make sure
3399         to free any heap-allocated backing store when the stack goes empty.
3400
3401         The 1 is because HTMLCanvasElement keeps one "save" on the underlying
3402         GraphicsContext at all times, and this prevents those canvases from always
3403         sitting on an empty stack with 16 capacity.
3404
3405         This saves ~520 kB on cnet.com video pages.
3406
3407         * platform/graphics/GraphicsContext.cpp:
3408         (WebCore::GraphicsContext::restore):
3409         * platform/graphics/GraphicsContext.h:
3410
3411 2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>
3412
3413         SVG Fragment is not rendered if it is the css background image of an HTML element
3414         https://bugs.webkit.org/show_bug.cgi?id=91790
3415
3416         Reviewed by Darin Adler.
3417
3418         To show an SVG fragment, the SVGImage has to scrollToFragment() using
3419         the resource url. The changes http://trac.webkit.org/changeset/164804
3420         and http://trac.webkit.org/changeset/164983 set the url of SVGImage to
3421         to be used later in SVGImage::draw(). The problem is the SVGImage url
3422         is only set when it is the src of an <img> tag. We did not do the same
3423         thing when the SVGImage is the css background image of an HTML element.
3424         
3425         The fix is to set the url of the SVGImage always when it's created by 
3426         the CachedImage. The CachedImage must have a valid url when the SVGImage
3427         is created.
3428
3429         Test: svg/css/svg-resource-fragment-identifier-background.html
3430
3431         * loader/cache/CachedImage.cpp:
3432         (WebCore::CachedImage::load):
3433         (WebCore::CachedImage::checkShouldPaintBrokenImage):
3434         Replace the calls resourceRequest().url() and m_resourceRequest.url() by
3435         calling url() since they are all the same.
3436         
3437         (WebCore::CachedImage::createImage): Pass the resource url to SVGImage
3438         and change ImageObserver& by ImageObserver*, since null is not legal.
3439         
3440         * svg/graphics/SVGImage.cpp:
3441         (WebCore::SVGImage::SVGImage):
3442         * svg/graphics/SVGImage.h: Add a url parameter to SVGImage constructor.
3443         
3444         * svg/graphics/SVGImageCache.cpp:
3445         (WebCore::SVGImageCache::findImageForRenderer): Add a new helper function.
3446         
3447         (WebCore::SVGImageCache::imageSizeForRenderer):
3448         (WebCore::SVGImageCache::imageForRenderer): Code clean up.
3449         
3450         * svg/graphics/SVGImageCache.h: Make imageForRenderer() const.
3451
3452         * svg/graphics/SVGImageForContainer.cpp: Remove unneeded header file.
3453
3454 2015-06-09  Matt Rajca  <mrajca@apple.com>
3455
3456         Add support for toggling playback in MediaSessions and MediaSessionManagers.
3457         https://bugs.webkit.org/show_bug.cgi?id=145822
3458
3459         Reviewed by Eric Carlson.
3460
3461         * Modules/mediasession/MediaSession.cpp: Toggle playback of all active media elements.
3462         (WebCore::MediaSession::togglePlayback):
3463         * Modules/mediasession/MediaSession.h:
3464         * Modules/mediasession/MediaSessionManager.cpp: Toggle playback of all media sessions as described in the
3465           Media Session spec.
3466         (WebCore::MediaSessionManager::togglePlayback):
3467         * Modules/mediasession/MediaSessionManager.h:
3468
3469 2015-06-09  Darin Adler  <darin@apple.com>
3470
3471         Takes two delete key presses to delete pasted emoji up-pointing index finger with skin tone
3472         https://bugs.webkit.org/show_bug.cgi?id=145823
3473
3474         Reviewed by Anders Carlsson.
3475
3476         Tests: editing/deleting/delete-emoji.html
3477
3478         * rendering/RenderText.cpp:
3479         (WebCore::isHangulLVT): Use constants instead of macros. Also changed to take a UChar since
3480         the Hangul processing can work on UTF-16 code unit at a time and doesn't have to handle
3481         surrogate pairs.
3482         (WebCore::isMark): Use U_GC_M_MASK instead of writing the algorithm out another way.
3483         (WebCore::isInArmenianToLimbuRange): Added.
3484         (WebCore::RenderText::previousOffsetForBackwardDeletion): Refactored for clarity and to use
3485         the U16_PREV macro instead of doing what it does in a sloppier way. Added code to allow a
3486         variation selector before an emoji modifier to fix the bug. Changed Hangul logic to work a
3487         code unit at a time, since it can, to use an enum class, and to use constants rather than
3488         all capital macros. Also changed the "dumb" case to use a more appropriate ICU macro.
3489
3490 2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>
3491
3492         feComposite filter does not clip the paint rect to its effect rect when the operator is 'in' or 'atop'
3493         https://bugs.webkit.org/show_bug.cgi?id=137856
3494
3495         Reviewed by Darin Adler.
3496
3497         There was bug in calculating the absolutePaintRect of the feComposite filter
3498         when the operator is equal to 'in' or 'atop'. The absolutePaintRect was set
3499         to the absolutePaintRect of the background FilterEffect which is correct.
3500         What was missing is clipping this rectangle to the maxEffectRect of the
3501         filter which we do for other operators.
3502
3503         Tests: svg/filters/feComposite-background-rect-control-operators.svg
3504
3505         * platform/graphics/IntRect.h:
3506         (WebCore::operator-=):
3507         (WebCore::operator-): Add new operators to IntRect.
3508
3509         * platform/graphics/filters/FEComposite.cpp:
3510         (WebCore::FEComposite::determineAbsolutePaintRect): Make sure the filter
3511         absolutePaintRect is clipped to maxEffectRect for all operators.
3512         
3513         (WebCore::FEComposite::platformApplySoftware): Code clean-up.
3514         
3515         * platform/graphics/filters/FilterEffect.cpp:
3516         (WebCore::FilterEffect::determineAbsolutePaintRect): Move the clipping
3517         part to a separate function.
3518         
3519         (WebCore::FilterEffect::clipAbsolutePaintRect): Clip the absolutePaintRect
3520         to the maxEffectRect of the filter.
3521         
3522         * platform/graphics/filters/FilterEffect.h:
3523
3524 2015-06-09  Matt Rajca  <mrajca@apple.com>
3525
3526         Implement MediaSessionManager to keep track of all MediaSessions.
3527         https://bugs.webkit.org/show_bug.cgi?id=145806
3528
3529         Reviewed by Eric Carlson.
3530
3531         * Modules/mediasession/MediaSession.cpp:
3532         (WebCore::MediaSession::MediaSession): Add ourselves to the MediaSessionManager upon construction.
3533         (WebCore::MediaSession::~MediaSession): Remove ourselves from the MediaSessionManager before destruction.
3534         * Modules/mediasession/MediaSessionManager.cpp: Added to keep track of all living MediaSessions.
3535         (WebCore::MediaSessionManager::singleton):
3536         (WebCore::MediaSessionManager::addMediaSession):
3537         (WebCore::MediaSessionManager::removeMediaSession):
3538         * Modules/mediasession/MediaSessionManager.h: Added.
3539         * WebCore.xcodeproj/project.pbxproj: Added new MediaSessionManager sources.
3540
3541 2015-06-09  Ryuan Choi  <ryuan.choi@navercorp.com>
3542
3543         [CoordinatedGraphics] Remove RefCounted from Tile
3544         https://bugs.webkit.org/show_bug.cgi?id=145788
3545
3546         Reviewed by Darin Adler.
3547
3548         Since r185140, Tile does not need to be RefCounted.
3549
3550         No new tests, no behavior changes.
3551
3552         * platform/graphics/texmap/coordinated/Tile.cpp:
3553         (WebCore::Tile::create): Deleted.
3554         * platform/graphics/texmap/coordinated/Tile.h:
3555         * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
3556         (WebCore::TiledBackingStore::invalidate):
3557         (WebCore::TiledBackingStore::updateTileBuffers): Simplifies not to use unnecessary Vector.
3558         (WebCore::TiledBackingStore::coverageRatio):
3559         (WebCore::TiledBackingStore::createTiles):
3560         (WebCore::TiledBackingStore::resizeEdgeTiles):
3561         (WebCore::TiledBackingStore::setKeepRect):
3562         (WebCore::TiledBackingStore::tileAt): Deleted one line wrapper.
3563         (WebCore::TiledBackingStore::setTile): Ditto.
3564         (WebCore::TiledBackingStore::removeTile): Ditto.
3565         * platform/graphics/texmap/coordinated/TiledBackingStore.h:
3566
3567 2015-06-09  Chris Dumez  <cdumez@apple.com>
3568
3569         Allow one sync GC per gcTimer interval on critical memory pressure warning
3570         https://bugs.webkit.org/show_bug.cgi?id=145773
3571
3572         Reviewed by Geoffrey Garen.
3573
3574         * bindings/js/GCController.cpp:
3575         (WebCore::GCController::garbageCollectNowIfNotDoneRecently):
3576
3577         Add new GCController::garbageCollectNowIfNotDoneRecently() API that
3578         allows one synchronous GC per full GC timer interval. If called more
3579         than once per interval, it becomes equivalent to garbageCollectSoon()
3580         and merely accelerates the next collection.
3581
3582         * bindings/js/GCController.h:
3583         * platform/MemoryPressureHandler.cpp:
3584         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
3585
3586         Call the new GCController::garbageCollectNowIfNotDoneRecently() on
3587         critical memory pressure instead of garbageCollectionSoon() to try
3588         as do a synchronous GC if one wasn't already done recently.
3589         Also drop call to fullSweep() as GCController::garbageCollectNow*()
3590         already do a sweep after the collection.
3591
3592 2015-06-09  Darin Adler  <darin@apple.com>
3593
3594         Follow-up fix for:
3595         JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
3596         https://bugs.webkit.org/show_bug.cgi?id=145811
3597
3598         There was one unusual case in the bindings generator that was depending on this.
3599
3600         * bindings/js/JSDOMBinding.h:
3601         (WebCore::argumentOrNull): Deleted.
3602         * bindings/scripts/CodeGeneratorJS.pm:
3603         (GenerateParametersCheck): Stop using argumentOrNull.
3604         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Updated.
3605         * bindings/scripts/test/JS/JSTestObj.cpp: Updated.
3606
3607 2015-06-09  Darin Adler  <darin@apple.com>
3608
3609         JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
3610         https://bugs.webkit.org/show_bug.cgi?id=145811
3611
3612         Reviewed by Antti Koivisto.
3613
3614         At some point, someone who didn't understand JSValue very well added checks for
3615         isEmpty (and the function isEmpty itself) in JavaScript bindings. But the engine
3616         never would pass an empty JSValue to a binding; that's used only inside the
3617         engine itself. I think this was done by some Google V8 experts a while back, so
3618         it's not entirely surprising they didn't understand this. But we don't want to
3619         keep all that unneeded code.
3620
3621         * bindings/js/JSAudioTrackCustom.cpp:
3622         (WebCore::JSAudioTrack::setKind): Removed the isEmpty clause here. I presume this
3623         was copied and pasted from script-generated bindings. While I was at it, I used a
3624         slightly more efficient code path that avoids doing a ref/deref on the string by
3625         using auto&. That's trickier to do correctly for functions with more than one
3626         argument, so I didn't do it in the bindings generator yet.
3627         (WebCore::JSAudioTrack::setLanguage): Ditto.
3628         * bindings/js/JSTextTrackCustom.cpp:
3629         (WebCore::JSTextTrack::setKind): Ditto.
3630         (WebCore::JSTextTrack::setLanguage): Ditto.
3631         * bindings/js/JSVideoTrackCustom.cpp:
3632         (WebCore::JSVideoTrack::setKind): Ditto.
3633         (WebCore::JSVideoTrack::setLanguage): Ditto.
3634
3635         * bindings/scripts/CodeGeneratorJS.pm:
3636         (GenerateImplementation): Use "=" syntax instead of constructor style syntax for
3637         the argument processing. I think this is more readable.
3638         (GenerateParametersCheck): For the enum code path, did the more efficient auto&
3639         idiom to avoid ref/deref on a string. For the toExistingAtomicString path,
3640         restructured so we don't have to check the flag indicating that something is atomic.
3641         Later we could also avoid the ref/deref; added a FIXME about that.
3642         (GetNativeType): Use String, not const String, for local variables. Sure, the
3643         string is const, but so is every other local variable type we use! No need to be
3644         wordy about it.
3645         (JSValueToNative): Removed the uneeded calls to isEmpty. Since the call sites no
3646         longer use construction syntax, used initializer syntax style for a couple classes
3647         that are constructed with multiple arguments.
3648
3649         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Updated.
3650         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Ditto.
3651         * bindings/scripts/test/JS/JSTestEventTarget.cpp: Ditto.
3652         * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
3653         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Ditto.
3654         * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Ditto.
3655         * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
3656         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
3657         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: Ditto.
3658         * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.
3659
3660 2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>
3661
3662         Fix unused private field warning in GraphicsLayerUpdater.h
3663         https://bugs.webkit.org/show_bug.cgi?id=145757
3664
3665         Reviewed by Darin Adler.
3666
3667         * platform/graphics/GraphicsLayerUpdater.cpp:
3668         (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
3669         * platform/graphics/GraphicsLayerUpdater.h:
3670
3671 2015-06-09  Yusuke Suzuki  <utatane.tea@gmail.com>
3672
3673         Crash when passing Symbol to NPAPI plugin objects
3674         https://bugs.webkit.org/show_bug.cgi?id=145798
3675
3676         Reviewed by Darin Adler.
3677
3678         Test: plugins/npruntime/script-object-with-symbols.html
3679
3680         For C bridge APIs, we add guards for symbols.
3681         This is the same to the existing guards in Objective-C APIs.
3682
3683         * bridge/c/c_class.cpp:
3684         (JSC::Bindings::CClass::methodNamed):
3685         (JSC::Bindings::CClass::fieldNamed):
3686         * bridge/objc/objc_class.mm:
3687         (JSC::Bindings::ObjcClass::methodNamed):
3688         (JSC::Bindings::ObjcClass::fieldNamed):
3689         (JSC::Bindings::ObjcClass::fallbackObject):
3690
3691 2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>
3692
3693         [cmake] Fix the style issues in cmake project files
3694         https://bugs.webkit.org/show_bug.cgi?id=145755
3695
3696         Reviewed by Darin Adler.
3697
3698         * CMakeLists.txt:
3699         * PlatformEfl.cmake:
3700         * PlatformGTK.cmake:
3701         * PlatformMac.cmake:
3702         * PlatformWin.cmake:
3703         * PlatformWinCairo.cmake:
3704
3705 2015-06-09  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>
3706
3707         [Streams API] ReadableJSStream should handle JS source getters that throw
3708         https://bugs.webkit.org/show_bug.cgi?id=145600
3709
3710         Reviewed by Darin Adler.
3711
3712         Checking whether there is an exception when trying to access to a source method.
3713         If so, rethrowing it in case of "start".
3714
3715         Refactoring of code to prepare pulling, cancelling and additional parameter handling in ReadableStream construtor.
3716
3717         Fixed the case of ReadableStream constructor called with an undefined parameter.
3718
3719         Covered by rebased test expectation.
3720
3721         * bindings/js/JSReadableStreamCustom.cpp:
3722         (WebCore::constructJSReadableStream): Refactoring to group all parameter check and exception handling in ReadableJSStream::create.
3723         * bindings/js/ReadableJSStream.cpp:
3724         (WebCore::getPropertyFromObject):
3725         (WebCore::callFunction):
3726         (WebCore::ReadableJSStream::invoke): Added method to be used also for pulling and cancelling.
3727         (WebCore::ReadableJSStream::doStart):
3728         (WebCore::ReadableJSStream::create):
3729         * bindings/js/ReadableJSStream.h:
3730
3731 2015-06-08  Dan Bernstein  <mitz@apple.com>
3732
3733         Made MicroTask.h a project header.
3734
3735         Rubber-stamped by Anders Carlsson.
3736
3737         * WebCore.xcodeproj/project.pbxproj: Demoted MicroTask.h from Public to Project. WebCore
3738         doesn’t have public headers, and this header isn’t used by WebKit.
3739
3740 2015-06-08  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
3741
3742         Purge PassRefPtr in JavaScriptCore
3743         https://bugs.webkit.org/show_bug.cgi?id=145750
3744
3745         Reviewed by Darin Adler.
3746
3747         As a step to purge PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr.
3748
3749         No new tests, no behavior changes.
3750
3751         * bindings/js/JSDOMWindowBase.cpp:
3752         (WebCore::JSDOMWindowBase::commonVM):
3753
3754 2015-06-08  Zalan Bujtas  <zalan@apple.com>
3755
3756         Subpixel rendering: Clip-path does not work properly on subpixel positions.
3757         https://bugs.webkit.org/show_bug.cgi?id=145749
3758         rdar://problem/20824305
3759
3760         Reviewed by Simon Fraser.
3761
3762         This patch ensures that clip-path is device pixel snapped both for composited and
3763         non-composited content.
3764
3765         Tests: compositing/masks/compositing-clip-path-on-subpixel-position.html
3766                fast/masking/clip-path-on-subpixel-position.html
3767
3768         * rendering/RenderLayer.cpp:
3769         (WebCore::RenderLayer::setupClipPath):
3770         * rendering/RenderLayerBacking.cpp:
3771         (WebCore::RenderLayerBacking::updateMaskingLayerGeometry):
3772
3773 2015-06-08  Chris Dumez  <cdumez@apple.com>
3774
3775         Access GCController instance via GCController::singleton() instead of a free function
3776         https://bugs.webkit.org/show_bug.cgi?id=145776
3777
3778         Reviewed by Darin Adler.
3779
3780         Access GCController instance via GCController::singleton() instead of a
3781         free function as per coding style and for consistency with other
3782         singleton classes in the codebase.
3783
3784         * bindings/js/GCController.cpp:
3785         (WebCore::GCController::singleton):
3786         (WebCore::gcController): Deleted.
3787         * bindings/js/GCController.h:
3788         * bindings/js/JSDOMWindowShell.cpp:
3789         (WebCore::JSDOMWindowShell::setWindow):
3790         * bindings/js/ScriptCachedFrameData.cpp:
3791         (WebCore::ScriptCachedFrameData::clear):
3792         * bindings/js/ScriptController.cpp:
3793         (WebCore::collectGarbageAfterWindowShellDestruction):
3794         * platform/MemoryPressureHandler.cpp:
3795         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
3796
3797 2015-06-08  Daniel Bates  <dabates@apple.com>
3798
3799         Mouse release on AutoFill button activates it; should only activate on click
3800         https://bugs.webkit.org/show_bug.cgi?id=145774
3801         <rdar://problem/21069245>
3802
3803         Reviewed by Ryosuke Niwa.
3804
3805         Fixes an issue where a click event was dispatched to a shadow tree node regardless of whether
3806         both the mouse press and mouse release were targeted at it. In particular, releasing the mouse
3807         on the AutoFill button activates it regardless of whether the mouse was pressed on it.
3808
3809         Currently we always dispatch a click event to a node n where the mouse was released when n is
3810         in a shadow tree regardless of whether the mouse was pressed on n. Instead we should only
3811         dispatch a click event to n if the mouse was pressed and released on n. If n is a shadow tree
3812         descendant, the mouse was released on n, and n never received a mouse press then we should
3813         dispatch the click event at the shadow host element of n to preserve the illusion to web
3814         developers that the shadow host element is a single element.
3815
3816         Test: fast/forms/auto-fill-button/mouse-down-input-mouse-release-auto-fill-button.html
3817
3818         * page/EventHandler.cpp:
3819         (WebCore::targetNodeForClickEvent): Added; returns the target node for the DOM click event.
3820         (WebCore::EventHandler::handleMouseReleaseEvent): Modified to use dispatch the DOM click event
3821         at the node returned by targetNodeForClickEvent().
3822         (WebCore::mouseIsReleasedOnPressedElement): Deleted.
3823
3824 2015-06-08  Chris Dumez  <cdumez@apple.com>
3825
3826         WebContent crash in WebCore::Page::sessionID() const + 0 (Page.cpp:1660)
3827         https://bugs.webkit.org/show_bug.cgi?id=145748
3828         <rdar://problem/21226577>
3829
3830         Reviewed by Brady Eidson.
3831
3832         We would sometimes crash when pruning the PageCache because it was
3833         possible for frames to still be loading while in the PageCache and
3834         we would try to stop the load when the CachedFrame is destroyed. This
3835         code path was not supposed to be exercised as we were not supposed to
3836         have pages still loading inside the PageCache.
3837
3838         r185017 made sure we don't insert into the PageCache pages that are
3839         still loading. However, nothing was preventing content from starting
3840         new loads in their 'pagehide' event handlers, *after* the decision
3841         to put the page in the PageCache was made.
3842
3843         This patch prevents content from starting loads from a 'pagehide'
3844         event handler so that we can no longer have content that is loading
3845         inside the PageCache. 'ping' image loads still go through though as
3846         these are specially handled and use PingLoaders.
3847
3848         Tests: http/tests/navigation/image-load-in-pagehide-handler.html
3849                http/tests/navigation/subframe-pagehide-handler-starts-load.html
3850                http/tests/navigation/subframe-pagehide-handler-starts-load2.html
3851
3852         * loader/FrameLoader.cpp:
3853         (WebCore::FrameLoader::FrameLoader):
3854         (WebCore::FrameLoader::stopLoading):
3855         (WebCore::FrameLoader::loadURL):
3856         (WebCore::FrameLoader::loadWithDocumentLoader):
3857         (WebCore::FrameLoader::stopAllLoaders):
3858         (WebCore::FrameLoader::handleBeforeUnloadEvent):
3859         * loader/FrameLoader.h:
3860         (WebCore::FrameLoader::pageDismissalEventBeingDispatched):
3861         (WebCore::FrameLoader::PageDismissalEventType::PageDismissalEventType):
3862         (WebCore::FrameLoader::PageDismissalEventType::operator Page::DismissalType):
3863
3864         Add wrapper class for m_pageDismissalEventBeingDispatched member type.
3865         The wrapper takes care of updating the m_dismissalEventBeingDispatched
3866         member on the Page every time the member on FrameLoader is updated. We
3867         now cache this information on the Page so that clients can cheaply
3868         query if a dismissal event is being dispatched in any of the Page's
3869         frame, without having to traverse the frame tree.
3870
3871         * loader/ImageLoader.cpp:
3872         (WebCore::pageIsBeingDismissed):
3873
3874         * loader/cache/CachedResource.cpp:
3875         (WebCore::CachedResource::load):
3876
3877         Abort the load early if we are currently dispatching a 'pagehide'
3878         event. We don't allow new loads at such point because we've already
3879         made the decision to add the Page to the PageCache.
3880
3881         * loader/cache/CachedResourceLoader.cpp:
3882         (WebCore::CachedResourceLoader::requestImage):
3883
3884         * page/Chrome.cpp:
3885         (WebCore::Chrome::runModal): Deleted.
3886         (WebCore::Chrome::setToolbarsVisible): Deleted.
3887         (WebCore::Chrome::toolbarsVisible): Deleted.
3888         (WebCore::Chrome::runJavaScriptConfirm): Deleted.
3889         (WebCore::Chrome::runJavaScriptPrompt): Deleted.
3890         (WebCore::Chrome::shouldInterruptJavaScript): Deleted.
3891         * page/Chrome.h:
3892         * page/ChromeClient.h:
3893         * page/DOMWindow.cpp:
3894         (WebCore::DOMWindow::canShowModalDialogNow):
3895
3896         Drop ChromeClient::shouldRunModalDialogDuringPageDismissal() and code
3897         using it as it is unused and I did not think it was worth updating
3898         this code.
3899
3900         * page/Page.h:
3901         (WebCore::Page::dismissalEventBeingDispatched):
3902         (WebCore::Page::setDismissalEventBeingDispatched):
3903
3904         Add a m_dismissalEventBeingDispatched member to the Page so that we can
3905         easily query if a dismissal event is being dispatched in any of the
3906         frames, without having to traverse the frame tree. I suspect more call
3907         sites of FrameLoader::pageDismissalEventBeingDispatched() may actually
3908         want this but I did not make such change in this patch. It is important
3909         to check all the frames and not simply the current one because a frame's
3910         pagehide event handler may trigger a load in another frame.
3911
3912 2015-06-08  Hunseop Jeong  <hs85.jeong@samsung.com>
3913
3914         Replaced 0 with nullptr in WebCore/Modules.
3915         https://bugs.webkit.org/show_bug.cgi?id=145758
3916
3917         Reviewed by Darin Adler.
3918
3919         No new tests, no behavior changes.
3920
3921         * Modules/battery/BatteryManager.cpp:
3922         (WebCore::BatteryManager::BatteryManager):
3923         * Modules/encryptedmedia/CDM.cpp:
3924         (WebCore::CDM::CDM):
3925         * Modules/encryptedmedia/MediaKeys.cpp:
3926         (WebCore::MediaKeys::MediaKeys):
3927         (WebCore::MediaKeys::~MediaKeys):
3928         * Modules/indexeddb/IDBCursor.h:
3929         (WebCore::IDBCursor::continueFunction):
3930         * Modules/indexeddb/IDBCursorBackendOperations.cpp:
3931         (WebCore::CursorAdvanceOperation::perform):
3932         (WebCore::CursorIterationOperation::perform):
3933         * Modules/indexeddb/IDBDatabase.cpp:
3934         (WebCore::IDBDatabase::transactionFinished):
3935         * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
3936         (WebCore::IDBDatabaseCallbacksImpl::IDBDatabaseCallbacksImpl):
3937         * Modules/indexeddb/IDBEventDispatcher.cpp:
3938         (WebCore::IDBEventDispatcher::dispatch):
3939         * Modules/indexeddb/IDBIndex.h:
3940         (WebCore::IDBIndex::openCursor):
3941         (WebCore::IDBIndex::count):
3942         (WebCore::IDBIndex::openKeyCursor):
3943         * Modules/indexeddb/IDBObjectStore.cpp:
3944         (WebCore::IDBObjectStore::add):
3945         (WebCore::IDBObjectStore::put):
3946         (WebCore::IDBObjectStore::index):
3947         (WebCore::IDBObjectStore::openCursor):
3948         * Modules/indexeddb/IDBObjectStore.h:
3949         (WebCore::IDBObjectStore::count):
3950         * Modules/indexeddb/IDBOpenDBRequest.cpp:
3951         (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
3952         (WebCore::IDBOpenDBRequest::onSuccess):
3953         * Modules/indexeddb/IDBRequest.cpp:
3954         (WebCore::IDBRequest::IDBRequest):
3955         * Modules/indexeddb/IDBTransaction.cpp:
3956         (WebCore::IDBTransaction::OpenCursorNotifier::cursorFinished):
3957         * Modules/indexeddb/IDBTransactionBackend.cpp:
3958         (WebCore::IDBTransactionBackend::commit):
3959         * Modules/indexeddb/IDBTransactionBackendOperations.cpp:
3960         (WebCore::OpenCursorOperation::perform):
3961         * Modules/indieui/UIRequestEvent.cpp:
3962         (WebCore::UIRequestEventInit::UIRequestEventInit):
3963         (WebCore::UIRequestEvent::UIRequestEvent):
3964         * Modules/mediasource/MediaSource.cpp:
3965         (WebCore::MediaSource::MediaSource):
3966         (WebCore::MediaSource::setReadyState):
3967         (WebCore::MediaSource::removeSourceBuffer):
3968         * Modules/mediasource/SourceBuffer.cpp:
3969         (WebCore::SourceBuffer::~SourceBuffer):
3970         (WebCore::SourceBuffer::removedFromMediaSource):
3971         * Modules/mediastream/MediaStream.cpp: