2009-07-13 John Gregg <johnnyg@google.com>
[WebKit-https.git] / WebCore / ChangeLog
1 2009-07-13  John Gregg  <johnnyg@google.com>
2
3         Reviewed by David Levin.
4
5         Correct the logic to determine if a V8 callback returns a value.
6         https://bugs.webkit.org/show_bug.cgi?id=27155
7
8         * bindings/v8/custom/V8CustomVoidCallback.cpp:
9         (WebCore::invokeCallback):
10         - Don't crash if result.IsEmpty().
11
12 2009-07-13  Drew Wilson  <atwilson@google.com>
13
14         Reviewed by David Levin.
15
16         Add ENABLE(SHARED_WORKERS) flag and define SharedWorker APIs
17         https://bugs.webkit.org/show_bug.cgi?id=26932
18
19         Initial IDL definition and bindings for SharedWorkers.
20
21         * Configurations/FeatureDefines.xcconfig:
22         Added new files for SharedWorker support.
23         * DerivedSources.make:
24         Added new files for SharedWorker support.
25         * GNUmakefile.am:
26         Added new files for SharedWorker support.
27         * WebCore.gypi:
28         Added new files for SharedWorker support.
29         * WebCore.pro:
30         Added new files for SharedWorker support.
31         * WebCore.xcodeproj/project.pbxproj:
32         Added new files for SharedWorker support.
33         * bindings/js/JSAbstractWorkerCustom.cpp: Added.
34         (WebCore::JSAbstractWorker::mark):
35         Custom mark handler that marks the event listeners.
36         (WebCore::JSAbstractWorker::addEventListener):
37         (WebCore::JSAbstractWorker::removeEventListener):
38         (WebCore::JSAbstractWorker::toJS):
39         Custom toJS handler which differentiates between various subclasses.
40         * bindings/js/JSDOMWindowCustom.cpp:
41         (WebCore::JSDOMWindow::sharedWorker):
42         SharedWorker constructor (only enabled when SHARED_WORKERS is
43         enabled).
44         * bindings/js/JSEventTarget.cpp:
45         (WebCore::toJS):
46         (WebCore::toEventTarget):
47         Added support for converting to/from SharedWorkers.
48         * bindings/js/JSSharedWorkerConstructor.cpp: Added.
49         (WebCore::JSSharedWorkerConstructor::JSSharedWorkerConstructor):
50         (WebCore::constructSharedWorker):
51         (WebCore::JSSharedWorkerConstructor::getConstructData):
52         * bindings/js/JSSharedWorkerConstructor.h: Added.
53         (WebCore::JSSharedWorkerConstructor::classInfo):
54         * bindings/js/JSSharedWorkerCustom.cpp: Added.
55         (WebCore::JSSharedWorker::mark):
56         Custom mark function that marks the internal MessagePort.
57         * bindings/v8/DOMObjectsInclude.h:
58         Updated to include new header files.
59         * bindings/v8/V8Index.cpp:
60         * bindings/v8/V8Index.h:
61         * bindings/v8/custom/V8AbstractWorkerCustom.cpp: Added.
62         (WebCore::getEventListener):
63         (WebCore::ACCESSOR_GETTER):
64         (WebCore::ACCESSOR_SETTER):
65         (WebCore::CALLBACK_FUNC_DECL):
66         V8 handlers for add/removeEventListener().
67         * bindings/v8/custom/V8CustomBinding.h:
68         * bindings/v8/custom/V8SharedWorkerCustom.cpp: Added.
69         (WebCore::CALLBACK_FUNC_DECL):
70         Custom constructor for SharedWorker.
71         * dom/EventTarget.cpp:
72         (WebCore::EventTarget::toSharedWorker):
73         * dom/EventTarget.h:
74         * page/DOMWindow.idl:
75         * workers/AbstractWorker.cpp: Added.
76         (WebCore::AbstractWorker::AbstractWorker):
77         Common base class for SharedWorker and (soon) Worker. The functions below were copied from Worker.cpp.
78         This is the first step in refactoring Worker to derive from AbstractWorker to enable code sharing.
79         (WebCore::AbstractWorker::~AbstractWorker):
80         (WebCore::AbstractWorker::addEventListener):
81         (WebCore::AbstractWorker::removeEventListener):
82         (WebCore::AbstractWorker::dispatchEvent):
83         (WebCore::AbstractWorker::dispatchLoadErrorEvent):
84         (WebCore::AbstractWorker::dispatchScriptErrorEvent):
85         * workers/AbstractWorker.h: Added.
86         Definitions of functionality shared by Worker.h and SharedWorker.h. In a future patch, Worker will derive from AbstractWorker.
87         (WebCore::AbstractWorker::scriptExecutionContext):
88         (WebCore::AbstractWorker::setOnerror):
89         (WebCore::AbstractWorker::onerror):
90         (WebCore::AbstractWorker::eventListeners):
91         (WebCore::AbstractWorker::refEventTarget):
92         (WebCore::AbstractWorker::derefEventTarget):
93         * workers/AbstractWorker.idl: Added.
94         * workers/SharedWorker.cpp: Added.
95         (WebCore::SharedWorker::SharedWorker):
96         (WebCore::SharedWorker::~SharedWorker):
97         * workers/SharedWorker.h: Added.
98         (WebCore::SharedWorker::create):
99         (WebCore::SharedWorker::port):
100         (WebCore::SharedWorker::toSharedWorker):
101         * workers/SharedWorker.idl: Added.
102
103 2009-07-13  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
104
105         Reviewed by Simon Hausmann.
106
107         [Qt] Cleanup - Remove prf install target
108         https://bugs.webkit.org/show_bug.cgi?id=27191
109
110         qtwebkit.prf has been removed; this cleans up the related
111         install target as well.
112
113         * WebCore.pro: Remove prf install target
114
115 2009-07-12  Adam Barth  <abarth@webkit.org>
116
117         Reviewed by Oliver Hunt.
118
119         Facebook Chat is broken due to XSS auditor
120         https://bugs.webkit.org/show_bug.cgi?id=27179
121
122         Instead of just using the script's URL as to detect an XSS attack, we
123         now use a bit of context before the URL.  In particular, we use the
124         bytes from the beginning of the attribute name to the end of the
125         attribute value.  In virtually all injection attacks, the attacker
126         would need to supply the attribute name as well as the attribute value.
127         However, in the Facebook false positive, the attribute name is not
128         present in the URL.
129
130         Tests: http/tests/security/xssAuditor/script-tag-src-redirect-safe.html
131                http/tests/security/xssAuditor/script-tag-with-source-double-quote.html
132                http/tests/security/xssAuditor/script-tag-with-source-no-quote.html
133
134         * html/HTMLTokenizer.cpp:
135         (WebCore::HTMLTokenizer::parseTag):
136         * html/HTMLTokenizer.h:
137         * page/XSSAuditor.cpp:
138         (WebCore::XSSAuditor::canLoadExternalScriptFromSrc):
139         * page/XSSAuditor.h:
140
141 2009-07-12  Keishi Hattori  <casey.hattori@gmail.com>
142
143         Reviewed by Timothy Hatcher.
144
145         Refactor ConsoleMessage to add MessageType attribute.
146         https://bugs.webkit.org/show_bug.cgi?id=20625
147
148         * bindings/js/JSCustomXPathNSResolver.cpp:
149         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
150         * bindings/js/JSDOMWindowBase.cpp:
151         (WebCore::JSDOMWindowBase::printErrorMessage):
152         * dom/Document.cpp:
153         (WebCore::Document::reportException):
154         (WebCore::Document::addMessage):
155         * dom/Document.h:
156         * dom/ScriptExecutionContext.h:
157         * html/HTMLParser.cpp:
158         (WebCore::HTMLParser::reportErrorToConsole):
159         * inspector/ConsoleMessage.cpp:
160         (WebCore::ConsoleMessage::ConsoleMessage):
161         (WebCore::ConsoleMessage::addToConsole):
162         (WebCore::ConsoleMessage::isEqual):
163         * inspector/ConsoleMessage.h:
164         * inspector/InspectorController.cpp:
165         (WebCore::InspectorController::addMessageToConsole):
166         (WebCore::InspectorController::startGroup):
167         (WebCore::InspectorController::endGroup):
168         (WebCore::InspectorController::addProfileFinishedMessageToConsole):
169         (WebCore::InspectorController::addStartProfilingMessageToConsole):
170         (WebCore::InspectorController::count):
171         * inspector/InspectorController.h:
172         * inspector/front-end/Console.js:
173         (WebInspector.Console.prototype.addMessage):
174         (WebInspector.ConsoleMessage): Added type property.
175         (WebInspector.ConsoleMessage.prototype.toMessageElement):
176         (WebInspector.ConsoleMessage.prototype.toString):
177         (WebInspector.ConsoleMessage.prototype.isEqual):
178         (WebInspector.ConsoleCommandResult):
179         (WebInspector.ConsoleGroup.prototype.addMessage):
180         (WebInspector.ConsoleGroup.prototype._titleClicked):
181         * inspector/front-end/Resource.js:
182         (WebInspector.Resource.prototype._addTip):
183         (WebInspector.Resource.prototype._checkWarning):
184         * inspector/front-end/inspector.css: Changed ".console-group-title-level" to ".console-group-title"
185         * inspector/front-end/inspector.js:
186         (WebInspector.addMessageToConsole):
187         * loader/DocLoader.cpp:
188         (WebCore::DocLoader::printAccessDeniedMessage):
189         * loader/EmptyClients.h:
190         (WebCore::EmptyChromeClient::addMessageToConsole):
191         * loader/FrameLoader.cpp:
192         (WebCore::FrameLoader::reportLocalLoadFailed):
193         (WebCore::FrameLoader::shouldAllowNavigation):
194         * page/ChromeClient.h:
195         * page/Console.cpp:
196         (WebCore::printMessageSourceAndLevelPrefix):
197         (WebCore::Console::addMessage):
198         (WebCore::Console::error):
199         (WebCore::Console::log):
200         (WebCore::Console::dir):
201         (WebCore::Console::trace):
202         (WebCore::Console::assertCondition):
203         (WebCore::Console::timeEnd):
204         (WebCore::Console::warn):
205         * page/Console.h: Added MessageType enum.
206         (WebCore::):
207         * page/DOMWindow.cpp:
208         (WebCore::DOMWindow::postMessageTimerFired):
209         * page/XSSAuditor.cpp:
210         (WebCore::XSSAuditor::canEvaluate):
211         (WebCore::XSSAuditor::canLoadExternalScriptFromSrc):
212         (WebCore::XSSAuditor::canLoadObject):
213         * svg/SVGDocumentExtensions.cpp:
214         (WebCore::SVGDocumentExtensions::reportWarning):
215         (WebCore::SVGDocumentExtensions::reportError):
216         * wml/WMLErrorHandling.cpp:
217         (WebCore::reportWMLError):
218         * workers/GenericWorkerTask.h: Added GenericWorkerTask8 for the extra argument.
219         (WebCore::GenericWorkerTask8::create):
220         (WebCore::GenericWorkerTask8::GenericWorkerTask8):
221         (WebCore::GenericWorkerTask8::performTask):
222         (WebCore::createCallbackTask):
223         * workers/WorkerContext.cpp:
224         (WebCore::WorkerContext::addMessage):
225         (WebCore::WorkerContext::importScripts):
226         * workers/WorkerContext.h:
227         * workers/WorkerMessagingProxy.cpp:
228         (WebCore::postConsoleMessageTask):
229         (WebCore::WorkerMessagingProxy::postConsoleMessageToWorkerObject):
230         * workers/WorkerMessagingProxy.h:
231         * workers/WorkerObjectProxy.h:
232         * xml/XMLHttpRequest.cpp:
233         (WebCore::reportUnsafeUsage):
234         (WebCore::XMLHttpRequest::didFinishLoading):
235         * xml/XSLTProcessor.cpp:
236         (WebCore::XSLTProcessor::parseErrorFunc):
237
238 2009-07-12  Nate Chapin  <japhet@chromium.org>
239
240         Reviewed by Dimitri Glazkov.
241
242         Upstream UndetectableHTMLCollection.idl as HTMLAllCollection.idl.
243
244         https://bugs.webkit.org/show_bug.cgi?id=27132
245
246         * bindings/scripts/CodeGeneratorV8.pm:
247         * bindings/v8/DOMObjectsInclude.h:
248         * bindings/v8/DerivedSourcesAllInOne.cpp:
249         * bindings/v8/V8DOMWrapper.cpp:
250         (WebCore::V8DOMWrapper::getTemplate):
251         (WebCore::V8DOMWrapper::instantiateV8Object):
252         * bindings/v8/V8Index.cpp:
253         * bindings/v8/V8Index.h:
254         * dom/HTMLAllCollection.idl: Added.
255
256 2009-07-12  Joseph Pecoraro  <joepeck02@gmail.com>
257
258         Reviewed by Maciej Stachowiak.
259
260         Inspector: Duplicate Computation in Autocompletion
261         https://bugs.webkit.org/show_bug.cgi?id=26778
262
263         * inspector/front-end/TextPrompt.js:
264         (WebInspector.TextPrompt.prototype._completionsReady):
265
266 2009-07-12  Dan Bernstein  <mitz@apple.com>
267
268         Reviewed by Maciej Stachowiak.
269
270         https://bugs.webkit.org/show_bug.cgi?id=27196
271         Rename bidi.cpp to RenderBlockLineLayout.cpp and remove bidi.h
272
273         * GNUmakefile.am: Updated.
274         * WebCore.gypi: Updated.
275         * WebCore.pro: Updated.
276         * WebCore.vcproj/WebCore.vcproj: Updated.
277         * WebCore.xcodeproj/project.pbxproj: Updated.
278         * WebCoreSources.bkl: Updated.
279         * rendering/RenderBlock.h: Removed unnecessary forward declaration and
280             updated comments.
281         * rendering/RenderBlockLineLayout.cpp: Copied from WebCore/rendering/bidi.cpp.
282             Removed unnecessary #include statements.
283         (WebCore::BidiRun::BidiRun): Moved here from bidi.h.
284         (WebCore::RenderBlock::layoutInlineChildren): Removed outdated comment.
285         * rendering/bidi.cpp: Removed.
286         * rendering/bidi.h: Removed.
287
288 2009-07-12  Dan Bernstein  <mitz@apple.com>
289
290         - Windows build fix
291
292         * platform/graphics/cg/PDFDocumentImage.cpp:
293         (WebCore::PDFDocumentImage::dataChanged):
294
295 2009-07-12  Dan Bernstein  <mitz@apple.com>
296
297         Reviewed by Sam Weinig.
298
299         - Image cleanup
300
301         * platform/graphics/BitmapImage.cpp:
302         (WebCore::BitmapImage::destroyDecodedData): Use the data() accessor
303         instead of the m_data member.
304         (WebCore::BitmapImage::dataChanged): Ditto.
305         * platform/graphics/Image.h: Re-ordered #includes and class
306         declarations. Removed the drawPatternCallback() declaration. Made member
307         variables private.
308         * platform/graphics/cg/ImageCG.cpp:
309         (WebCore::drawPatternCallback): Changed this from a member function to a
310         static function.
311         * platform/graphics/cg/PDFDocumentImage.cpp:
312         (WebCore::PDFDocumentImage::dataChanged): Use the data() accessor
313         instead of the m_data member.
314         * svg/graphics/SVGImage.cpp:
315         (WebCore::SVGImage::dataChanged): Ditto.
316
317 2009-07-12  Daniel Bates  <dbates@intudata.com>
318
319         Reviewed by Darin Adler.
320
321         https://bugs.webkit.org/show_bug.cgi?id=27189
322         
323         Fixes insufficient check in XSSAuditor::canSetBaseElementURL that caused 
324         XSSAuditor to incorrectly block HTML Base elements whose base path coincided 
325         with the URL of the page.
326
327         Test: http/tests/security/xssAuditor/base-href-safe3.html
328
329         * page/XSSAuditor.cpp:
330         (WebCore::XSSAuditor::canSetBaseElementURL): Changed conditional to only call 
331         XSSAuditor::findInRequest() if the host in the page URL disagrees with the host 
332         in the base element URL.
333
334 2009-07-12  Darin Adler  <darin@apple.com>
335
336         Reviewed by Dan Bernstein.
337
338         Text searching with ICU should take the user's default locale into account
339         https://bugs.webkit.org/show_bug.cgi?id=27184
340         rdar://problem/6812121
341
342         No simple way to test this since it's dependent on user locale.
343         After this, the user's default locale is used only on Mac.
344
345         * editing/TextIterator.cpp:
346         (WebCore::createSearcher): Pass result of the currentSearchLocaleID
347         function as the locale.
348
349         * platform/text/TextBreakIteratorInternalICU.h: Added declaration of
350         currentSearchLocaleID function.
351
352         * platform/text/android/TextBreakIteratorInternalICU.cpp:
353         (WebCore::currentSearchLocaleID): Added. Returns the empty string.
354         * platform/text/chromium/TextBreakIteratorInternalICUChromium.cpp:
355         (WebCore::currentSearchLocaleID): Ditto.
356         * platform/text/gtk/TextBreakIteratorInternalICUGtk.cpp:
357         (WebCore::currentSearchLocaleID): Ditto.
358
359         * platform/text/mac/TextBreakIteratorInternalICUMac.mm:
360         (WebCore::textBreakLocalePreference): Added. Returns the value of
361         the AppleTextBreakLocale preference.
362         (WebCore::topLanguagePreference): Added. Returns the value of the
363         first item in the AppleLanguages preference.
364         (WebCore::canonicalLanguageIdentifier): Added. Cover for the
365         CFLocaleCreateCanonicalLanguageIdentifierFromString function.
366         (WebCore::getLocale): Added. Transfers the locale from a CFStringRef
367         into a buffer.
368         (WebCore::getSearchLocale): Added. Calls topLanguagePreference,
369         canonicalLanguageIdentifier, and getLocale.
370         (WebCore::currentSearchLocaleID): Added. Calls getSearchLocale once.
371         (WebCore::getTextBreakLocale): Changed to call
372         textBreakLocalePreference, topLanguagePreference,
373         canonicalLanguageIdentifier, and getLocale.
374
375         * platform/text/win/TextBreakIteratorInternalICUWin.cpp:
376         (WebCore::currentSearchLocaleID): Added. Returns the empty string.
377         * platform/wx/TemporaryLinkStubs.cpp:
378         (WebCore::currentSearchLocaleID): Ditto.
379
380 2009-07-12  Xan Lopez  <xlopez@igalia.com>
381
382         Reviewed by Gustavo Noronha.
383
384         https://bugs.webkit.org/show_bug.cgi?id=25415
385         [GTK][ATK] Please implement support for get_text_at_offset
386
387         Create a PangoLayout that properly represents the visual
388         appearance of the text in the web page so that the line boundary
389         modes of getText{At,Before,After}Offset work correctly.
390
391         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
392         (UTF16ToUTF8):
393         (g_substr):
394         (convertUniCharToUTF8):
395         (getPangoLayoutForAtk):
396
397 2009-07-11  Oliver Hunt  <oliver@apple.com>
398
399         Reviewed by Simon Fraser.
400
401         Bug 27187 - Match Gecko behaviour for canvas path mutation APIs on an empty path
402         <https://bugs.webkit.org/show_bug.cgi?id=27187>
403
404         Simple API change, check for the empty path and add appropriate point if necessary.
405
406         Test: fast/canvas/canvas-modify-emptyPath.html
407
408         * Info.plist:
409         * WebCore.xcodeproj/project.pbxproj:
410         * html/CanvasRenderingContext2D.cpp:
411         (WebCore::CanvasRenderingContext2D::lineTo):
412         (WebCore::CanvasRenderingContext2D::quadraticCurveTo):
413         (WebCore::CanvasRenderingContext2D::bezierCurveTo):
414
415 2009-07-11  Eric Carlson  <eric.carlson@apple.com>
416
417         Reviewed by Antti Koivisto.
418
419         HTMLMediaElement.canPlayType "maybe" and "probably" reversed
420         https://bugs.webkit.org/show_bug.cgi?id=27186
421
422         * platform/graphics/gtk/MediaPlayerPrivateGStreamer.cpp:
423         (WebCore::MediaPlayerPrivate::supportsType):
424             Return "probably" if type has codecs parameter.
425
426         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
427         (WebCore::MediaPlayerPrivate::supportsType):
428             Ditto.
429
430         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
431         (WebCore::MediaPlayerPrivate::supportsType):
432             Ditto.
433
434 2009-07-11  Brady Eidson  <beidson@apple.com>
435
436         Reviewed by Mark Rowe.
437
438         A worker-thread inspired follow-up for:
439         https://bugs.webkit.org/show_bug.cgi?id=26496 and <rdar://problem/7046520>
440         REGRESSION: XHR stream connection blocks iFrame loading and resource downloading
441
442         * xml/XMLHttpRequest.cpp:
443         (WebCore::XMLHttpRequest::loadRequestAsynchronously): Don't perform the XHR compensation when the XHR
444           is running on a worker thread. Accessing the global Cache data structures from a non-main thread is
445           not currently supported.
446
447 2009-07-11  Simon Fraser  <simon.fraser@apple.com>
448
449         Enable support for accelerated compositing and 3d transforms on Leopard.
450         <https://bugs.webkit.org/show_bug.cgi?id=20166>
451         <rdar://problem/6120614>
452
453         Reviewed by Oliver Hunt.
454
455         * Configurations/FeatureDefines.xcconfig:
456
457 2009-07-11  Simon Hausmann  <hausmann@webkit.org>
458
459         Fix the Qt build after r45724.
460
461         * bridge/qt/qt_instance.cpp:
462         (JSC::Bindings::QtRuntimeObjectImp::QtRuntimeObjectImp):
463         * bridge/qt/qt_runtime.cpp:
464         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
465
466 2009-07-10  Daniel Bates  <dbates@intudata.com>
467
468         Reviewed by Adam Barth.
469
470         https://bugs.webkit.org/show_bug.cgi?id=26921
471
472         Implements support for HTML entities, so XSSAuditor can protect against attacks
473         encoded with HTML entities.
474
475         Tests: http/tests/security/xssAuditor/inline-event-HTML-entities.html
476                http/tests/security/xssAuditor/javascript-link-HTML-entities-control-char.html
477                http/tests/security/xssAuditor/javascript-link-HTML-entities-named.html
478                http/tests/security/xssAuditor/javascript-link-HTML-entities-null-char.html
479                http/tests/security/xssAuditor/javascript-link-HTML-entities.html
480                http/tests/security/xssAuditor/link-onclick-entities.html
481                http/tests/security/xssAuditor/script-tag-entities.html
482                http/tests/security/xssAuditor/script-tag-with-source-entities.html
483
484         * page/XSSAuditor.cpp:
485         (WebCore::XSSAuditor::canEvaluate):
486         (WebCore::XSSAuditor::canEvaluateJavaScriptURL):
487         (WebCore::XSSAuditor::decodeURL): Modified to call WebCore::XSSAuditor::decodeHTMLEntities
488         to decode HTML entities.
489         (WebCore::XSSAuditor::decodeHTMLEntities): Added method to decode HTML entities.
490         (WebCore::XSSAuditor::findInRequest):
491         * page/XSSAuditor.h:
492
493 2009-07-10  David Kilzer  <ddkilzer@apple.com>
494
495         Bug 27007: Build fixes when ICONDATABASE is disabled
496
497         <https://bugs.webkit.org/show_bug.cgi?id=27007>
498
499         Reviewed by Sam Weinig.
500
501         * WebCore.xcodeproj/project.pbxproj: Added IconDatabaseNone.cpp
502         to the project.
503         * loader/icon/IconDatabase.cpp: Added
504         #if ENABLE(ICONDATABASE)/#endif macro guard.
505         * loader/icon/IconDatabase.h: Removed three public methods from
506         #if ENABLE(ICONDATABASE)/#endif macro so that they may be
507         stubbed out in IconDatabaseNone.cpp.
508         * loader/icon/IconDatabaseNone.cpp: Added
509         #if !ENABLE(ICONDATABASE)/#endif macro guard.
510         (WebCore::IconDatabase::importIconURLForPageURL): Added.
511         (WebCore::IconDatabase::importIconDataForIconURL): Added.
512         (WebCore::IconDatabase::shouldStopThreadActivity): Added.
513
514 2009-07-10  Daniel Bates  <dbates@intudata.com>
515
516         Reviewed by Adam Barth.
517
518         https://bugs.webkit.org/show_bug.cgi?id=27151
519
520         Fixes issue where JavaScript URLs that contain null- and non-null control characters can
521         bypass XSSAuditor.
522
523         Tests: http/tests/security/xssAuditor/javascript-link-control-char.html
524                http/tests/security/xssAuditor/javascript-link-null-char.html
525                http/tests/security/xssAuditor/javascript-link.html
526
527         * bindings/js/ScriptController.cpp:
528         (WebCore::ScriptController::evaluate): Separated out logic for JavaScript URLs from 
529         inline scripts. For JavaScript URLs, calls XSSAuditor::canEvaluateJavaScriptURL.
530         * bindings/v8/ScriptController.cpp:
531         (WebCore::ScriptController::evaluate): Made similar changes to evaluate() as in
532         bindings/js/ScriptController.cpp.
533         * page/XSSAuditor.cpp:
534         (WebCore::XSSAuditor::canEvaluateJavaScriptURL): Separated out logic for JavaScript URLs
535         into its own method.
536         * page/XSSAuditor.h:
537
538 2009-07-10  Shinichiro Hamaji  <hamaji@chromium.org>
539
540         Reviewed by David Kilzer.
541
542         WebKit needs a style linting tool
543         https://bugs.webkit.org/show_bug.cgi?id=25884
544
545         Fix bunch of style issues by autofix of cpplint.
546         This patch is created to demonstrate the autofix of cpplint.py.
547
548         No new testcases because it's a style fix
549
550         * css/CSSParser.cpp:
551         (WebCore::CSSParser::parseMediaQuery):
552         (WebCore::CSSParser::validUnit):
553         (WebCore::CSSParser::parseValue):
554         (WebCore::skipCommaInDashboardRegion):
555         (WebCore::CSSParser::parseDashboardRegions):
556         (WebCore::ShadowParseContext::commitValue):
557         (WebCore::ShadowParseContext::commitLength):
558         (WebCore::ShadowParseContext::commitColor):
559         (WebCore::BorderImageParseContext::commitNumber):
560         (WebCore::BorderImageParseContext::commitWidth):
561         (WebCore::BorderImageParseContext::commitRule):
562         (WebCore::BorderImageParseContext::commitBorderImage):
563         (WebCore::CSSParser::lex):
564         (WebCore::CSSParser::text):
565         * css/CSSStyleSelector.cpp:
566         (WebCore::CSSStyleSelector::applyProperty):
567         * css/MediaList.cpp:
568         (WebCore::MediaList::deleteMedium):
569         * css/MediaQuery.h:
570         * css/MediaQueryEvaluator.cpp:
571         (WebCore::parseAspectRatio):
572         * css/MediaQueryEvaluator.h:
573         * css/MediaQueryExp.h:
574         (WebCore::MediaQueryExp::operator==):
575         * css/WebKitCSSMatrix.h:
576         * dom/Comment.h:
577         * dom/Document.cpp:
578         (WebCore::Document::setFocusedNode):
579         * dom/Document.h:
580         (WebCore::Document::setHasDashboardRegions):
581         * dom/DocumentFragment.cpp:
582         (WebCore::DocumentFragment::nodeName):
583         * dom/DocumentFragment.h:
584         * dom/DynamicNodeList.h:
585         * dom/EditingText.h:
586         * dom/Element.cpp:
587         (WebCore::Element::dispatchAttrAdditionEvent):
588         * dom/NamedAttrMap.cpp:
589         (WebCore::NamedNodeMap::item):
590         * dom/Node.cpp:
591         (WebCore::Node::nodeValue):
592         (WebCore::Node::nodeIndex):
593         * dom/NodeRareData.h:
594         (WebCore::NodeListsNodeData::create):
595         * dom/Notation.h:
596         * dom/ProcessingInstruction.h:
597         * dom/Range.cpp:
598         (WebCore::Range::processContents):
599         * dom/StyledElement.cpp:
600         (WebCore::toHex):
601         * dom/XMLTokenizerLibxml2.cpp:
602         (WebCore::PendingCallbacks::PendingStartElementNSCallback::~PendingStartElementNSCallback):
603         (WebCore::PendingCallbacks::PendingStartElementNSCallback::call):
604         (WebCore::PendingCallbacks::):
605         (WebCore::OffsetBuffer::readOutBytes):
606         (WebCore::handleElementNamespaces):
607         (WebCore::handleElementAttributes):
608         (WebCore::attributesStartElementNsHandler):
609         * dom/XMLTokenizerQt.cpp:
610         (WebCore::attributesStartElementNsHandler):
611         (WebCore::XMLTokenizer::parseStartElement):
612         * editing/ApplyStyleCommand.cpp:
613         (WebCore::ApplyStyleCommand::applyInlineStyle):
614         * editing/DeleteSelectionCommand.cpp:
615         (WebCore::DeleteSelectionCommand::removeNode):
616         * editing/Editor.cpp:
617         (WebCore::Editor::pasteAsPlainText):
618         * editing/SelectionController.cpp:
619         (WebCore::SelectionController::directionOfEnclosingBlock):
620         * editing/SmartReplaceICU.cpp:
621         (WebCore::addAllCodePoints):
622         * history/HistoryItem.cpp:
623         (WebCore::HistoryItem::icon):
624         (WebCore::HistoryItem::adoptVisitCounts):
625         * html/CanvasStyle.cpp:
626         (WebCore::CanvasStyle::applyFillColor):
627         * html/HTMLAnchorElement.cpp:
628         (WebCore::HTMLAnchorElement::setActive):
629         (WebCore::HTMLAnchorElement::isLiveLink):
630         * html/HTMLAppletElement.h:
631         * html/HTMLAudioElement.h:
632         * html/HTMLBRElement.h:
633         * html/HTMLBaseElement.h:
634         * html/HTMLBaseFontElement.h:
635         * html/HTMLDListElement.h:
636         * html/HTMLDirectoryElement.h:
637         * html/HTMLFieldSetElement.cpp:
638         (WebCore::HTMLFieldSetElement::HTMLFieldSetElement):
639         * html/HTMLFormElement.cpp:
640         (WebCore::HTMLFormElement::reset):
641         * html/HTMLHRElement.cpp:
642         (WebCore::HTMLHRElement::parseMappedAttribute):
643         * html/HTMLHeadElement.h:
644         * html/HTMLHtmlElement.h:
645         * html/HTMLImageElement.h:
646         (WebCore::HTMLImageElement::setLoadManually):
647         * html/HTMLInputElement.cpp:
648         (WebCore::HTMLInputElement::selection):
649         * html/HTMLIsIndexElement.h:
650         * html/HTMLMarqueeElement.cpp:
651         * html/HTMLMediaElement.h:
652         (WebCore::HTMLMediaElement::):
653         * html/HTMLMenuElement.h:
654         * html/HTMLMetaElement.h:
655         * html/HTMLModElement.h:
656         * html/HTMLOListElement.h:
657         * html/HTMLOptionElement.cpp:
658         (WebCore::HTMLOptionElement::childrenChanged):
659         * html/HTMLParamElement.h:
660         * html/HTMLQuoteElement.h:
661         * html/HTMLStyleElement.h:
662         * html/HTMLTableCaptionElement.h:
663         * html/HTMLTableCellElement.h:
664         * html/HTMLTableColElement.h:
665         * html/HTMLTableSectionElement.cpp:
666         (WebCore::HTMLTableSectionElement::deleteRow):
667         * html/HTMLTitleElement.h:
668         * html/HTMLTokenizer.cpp:
669         (WebCore::HTMLTokenizer::parseNonHTMLText):
670         (WebCore::HTMLTokenizer::parseEntity):
671         (WebCore::HTMLTokenizer::parseTag):
672         (WebCore::HTMLTokenizer::write):
673         * html/HTMLUListElement.h:
674         * html/HTMLVideoElement.h:
675         * html/TimeRanges.h:
676         (WebCore::TimeRanges::Range::Range):
677         * inspector/InspectorController.cpp:
678         (WebCore::InspectorController::enableResourceTracking):
679         (WebCore::InspectorController::disableResourceTracking):
680         * inspector/InspectorFrontend.cpp:
681         (WebCore::InspectorFrontend::newInspectorJSONObject):
682         * page/Console.cpp:
683         (WebCore::Console::addMessage):
684         * page/EventHandler.cpp:
685         (WebCore::EventHandler::handleMousePressEvent):
686         (WebCore::EventHandler::selectCursor):
687         (WebCore::EventHandler::defaultKeyboardEventHandler):
688         * page/Frame.cpp:
689         (WebCore::Frame::jsDefaultStatusBarText):
690         * page/android/DragControllerAndroid.cpp:
691         (WebCore::DragController::dragOperation):
692         * page/android/EventHandlerAndroid.cpp:
693         (WebCore::EventHandler::tabsToAllControls):
694         (WebCore::EventHandler::eventActivatedView):
695         * page/animation/AnimationController.cpp:
696         (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
697         * page/gtk/DragControllerGtk.cpp:
698         (WebCore::DragController::dragOperation):
699         * page/qt/DragControllerQt.cpp:
700         * page/win/DragControllerWin.cpp:
701         (WebCore::DragController::isCopyKeyDown):
702         * page/win/FrameWin.h:
703         * rendering/RenderSlider.cpp:
704         (WebCore::RenderSlider::mouseEventOffsetToThumb):
705         * rendering/style/RenderStyle.h:
706         (WebCore::InheritedFlags::setVerticalAlignLength):
707         (WebCore::InheritedFlags::setUnicodeBidi):
708         (WebCore::InheritedFlags::setCursor):
709         * rendering/style/RenderStyleConstants.h:
710         (WebCore::):
711         * rendering/style/SVGRenderStyleDefs.h:
712         * rendering/style/StyleInheritedData.h:
713         (WebCore::StyleInheritedData::operator!=):
714         * storage/DatabaseTask.h:
715         * svg/GradientAttributes.h:
716         * svg/LinearGradientAttributes.h:
717         * svg/PatternAttributes.h:
718         * svg/RadialGradientAttributes.h:
719         * svg/SVGAnimatedPathData.h:
720         * svg/SVGAnimatedPoints.h:
721         * svg/SVGAnimationElement.h:
722         * svg/SVGClipPathElement.h:
723         * svg/SVGElementInstance.h:
724         * svg/SVGFEBlendElement.cpp:
725         (WebCore::SVGFEBlendElement::build):
726         * svg/SVGFEBlendElement.h:
727         * svg/SVGFEColorMatrixElement.cpp:
728         (WebCore::SVGFEColorMatrixElement::build):
729         * svg/SVGFEComponentTransferElement.cpp:
730         (WebCore::SVGFEComponentTransferElement::build):
731         * svg/SVGFECompositeElement.cpp:
732         (WebCore::SVGFECompositeElement::build):
733         * svg/SVGFEDiffuseLightingElement.cpp:
734         (WebCore::SVGFEDiffuseLightingElement::build):
735         * svg/SVGFEDisplacementMapElement.cpp:
736         (WebCore::SVGFEDisplacementMapElement::build):
737         * svg/SVGFEDistantLightElement.h:
738         * svg/SVGFEFloodElement.cpp:
739         (WebCore::SVGFEFloodElement::build):
740         * svg/SVGFEFloodElement.h:
741         * svg/SVGFEFuncAElement.h:
742         * svg/SVGFEFuncBElement.h:
743         * svg/SVGFEFuncGElement.h:
744         * svg/SVGFEFuncRElement.h:
745         * svg/SVGFEGaussianBlurElement.cpp:
746         (WebCore::SVGFEGaussianBlurElement::build):
747         * svg/SVGFEImageElement.cpp:
748         (WebCore::SVGFEImageElement::build):
749         * svg/SVGFEMergeElement.cpp:
750         (WebCore::SVGFEMergeElement::build):
751         * svg/SVGFEOffsetElement.cpp:
752         (WebCore::SVGFEOffsetElement::build):
753         * svg/SVGFEPointLightElement.h:
754         * svg/SVGFESpecularLightingElement.cpp:
755         (WebCore::SVGFESpecularLightingElement::build):
756         * svg/SVGFESpotLightElement.h:
757         * svg/SVGFETileElement.cpp:
758         (WebCore::SVGFETileElement::build):
759         * svg/SVGLineElement.cpp:
760         (WebCore::SVGLineElement::parseMappedAttribute):
761         * svg/SVGList.h:
762         * svg/SVGListTraits.h:
763         (WebCore::):
764         * svg/SVGMPathElement.h:
765         * svg/SVGMetadataElement.h:
766         * svg/SVGParserUtilities.cpp:
767         (WebCore::SVGPathParser::parseSVG):
768         (WebCore::SVGPathParser::calculateArc):
769         * svg/SVGPathElement.h:
770         * svg/SVGPathSegClosePath.h:
771         * svg/SVGSVGElement.h:
772         * svg/SVGSetElement.h:
773         * svg/SVGSwitchElement.h:
774         * svg/SVGTextPathElement.cpp:
775         (WebCore::SVGTextPathElement::parseMappedAttribute):
776         * svg/SVGTextPathElement.h:
777         * svg/SVGTitleElement.h:
778         * svg/SVGTransformable.cpp:
779         (WebCore::):
780         * svg/SVGViewSpec.cpp:
781         (WebCore::):
782         * svg/animation/SMILTime.cpp:
783         (WebCore::operator+):
784         (WebCore::operator-):
785         (WebCore::operator*):
786         * svg/animation/SVGSMILElement.h:
787         * svg/graphics/SVGResource.cpp:
788         (WebCore::clientMap):
789         * wml/WMLPostfieldElement.cpp:
790         (WebCore::WMLPostfieldElement::value):
791         * wml/WMLSetvarElement.cpp:
792         (WebCore::WMLSetvarElement::value):
793         * workers/WorkerRunLoop.cpp:
794         * xml/XMLHttpRequest.cpp:
795         (WebCore::XMLHttpRequest::dropProtection):
796         * xml/XPathPath.h:
797
798 2009-07-10  Eric Carlson  <eric.carlson@apple.com>
799
800         Reviewed by Simon Fraser.
801
802         <rdar://problem/7049066>.
803         Update SnowLeopard media controller layout.
804
805         * css/mediaControlsQT.css:
806             Update for new layout.
807         * html/HTMLMediaElement.cpp:
808         (WebCore::HTMLMediaElement::movieLoadType):
809             Added to replace isStreaming.
810         * html/HTMLMediaElement.h:
811             Declare movieLoadType, remove isStreaming.
812
813         * rendering/MediaControlElements.cpp:
814         (WebCore::MediaControlStatusDisplayElement::update):
815             Use movieLoadType instead of isStreaming.
816         (WebCore::MediaControlTimelineContainerElement::rendererIsNeeded):
817             MediaControlElement is the base class, not HTMLInputElement.
818         (WebCore::MediaControlStatusDisplayElement::rendererIsNeeded):
819             Ditto.
820         (WebCore::MediaControlRewindButtonElement::rendererIsNeeded):
821             Don't display rewind button for live streams.
822         (WebCore::MediaControlReturnToRealtimeButtonElement::rendererIsNeeded):
823             MediaControlInputElement is the base class, not HTMLInputElement.
824         * rendering/MediaControlElements.h:
825
826         * rendering/RenderThemeMac.h:
827         * rendering/RenderThemeMac.mm:
828         (WebCore::getMediaUIPartStateFlags):
829             New, return wkDrawMediaUIPart flags.
830         (WebCore::RenderThemeMac::paintMediaFullscreenButton):
831         (WebCore::RenderThemeMac::paintMediaMuteButton):
832         (WebCore::RenderThemeMac::paintMediaPlayButton):
833         (WebCore::RenderThemeMac::paintMediaSeekBackButton):
834         (WebCore::RenderThemeMac::paintMediaSeekForwardButton):
835         (WebCore::RenderThemeMac::paintMediaSliderTrack):
836         (WebCore::RenderThemeMac::paintMediaSliderThumb):
837         (WebCore::RenderThemeMac::paintMediaRewindButton):
838         (WebCore::RenderThemeMac::paintMediaReturnToRealtimeButton):
839         (WebCore::RenderThemeMac::paintMediaControlsBackground):
840         (WebCore::RenderThemeMac::paintMediaCurrentTime):
841         (WebCore::RenderThemeMac::paintMediaTimeRemaining):
842             Use getMediaUIPartStateFlags.
843
844 2009-07-10  Michelangelo De Simone  <micdesim@gmail.com>
845
846         Reviewed by Adele Peterson.
847
848         https://bugs.webkit.org/show_bug.cgi?id=19562
849         Added build stuff and stub for the ValidityState class, part of HTML5
850         section Forms:
851         http://www.whatwg.org/specs/web-apps/current-work/multipage/forms.html#validitystate
852
853         Test: fast/forms/ValidityState-001.html
854
855         * DerivedSources.cpp: Fix aimed to include ValidityState files
856         * DerivedSources.make: ditto
857         * GNUmakefile.am: ditto
858         * WebCore.gypi: ditto
859         * WebCore.pro: ditto
860         * WebCore.vcproj/WebCore.vcproj: ditto
861         * WebCore.xcodeproj/project.pbxproj: ditto
862         * WebCoreSources.bkl: ditto
863         * html/HTMLButtonElement.idl: "validity" attribute
864         * html/HTMLFieldSetElement.idl: ditto
865         * html/HTMLFormControlElement.cpp: object getter
866         (WebCore::HTMLFormControlElement::validity):
867         * html/HTMLFormControlElement.h: ditto
868         * html/HTMLInputElement.idl: "validity" attribute
869         * html/HTMLSelectElement.idl: ditto
870         * html/HTMLTextAreaElement.idl: ditto
871         * html/ValidityState.cpp: Added.
872         (WebCore::ValidityState::ValidityState):
873         (WebCore::ValidityState::valid): validation flag
874         * html/ValidityState.h: Added.
875         (WebCore::ValidityState::create): creation routine
876         (WebCore::ValidityState::control): ValidityState's parent getter
877         (WebCore::ValidityState::valueMissing): validation flag
878         (WebCore::ValidityState::typeMismatch): ditto
879         (WebCore::ValidityState::patternMismatch): ditto
880         (WebCore::ValidityState::tooLong): ditto
881         (WebCore::ValidityState::rangeUnderflow): ditto
882         (WebCore::ValidityState::rangeOverflow): ditto
883         (WebCore::ValidityState::stepMismatch): ditto
884         (WebCore::ValidityState::customError): ditto
885         * html/ValidityState.idl: Added.
886
887 2009-07-10  Brady Eidson  <beidson@apple.com>
888
889         Style cleanup over my last patch.
890
891         * xml/XMLHttpRequest.cpp:
892         (WebCore::XMLHttpRequest::~XMLHttpRequest):
893
894 2009-07-10  Kevin McCullough  <kmccullough@apple.com>
895
896         Reviewed by Geoffrey Garen.
897
898         * inspector/JavaScriptCallFrame.cpp:
899         (WebCore::JavaScriptCallFrame::dynamicGlobalObject):
900         * inspector/JavaScriptCallFrame.h: New helper method, used below.
901
902         * inspector/JavaScriptDebugServer.cpp:
903         (WebCore::JavaScriptDebugServer::detach): In the special case
904         where we detach from a window currently executing JavaScript,
905         manually tear down our representation of the JavaScript
906         call stack, since we won't get any more callbacks from JavaScriptCore
907         to automatically tear it down. It's too bad that WebCore is
908         responsible for this kind of tracking -- in the future, it would
909         be nice if more of the breakpoint handling was inside of JavaScriptCore.
910
911 2009-07-10  Brady Eidson  <beidson@apple.com>
912
913         Reviewed by Antti Koivisto.
914
915         https://bugs.webkit.org/show_bug.cgi?id=26496 and <rdar://problem/7046520>
916         REGRESSION: XHR stream connection blocks iFrame loading and resource downloading
917
918         With this test we ended up going over the maximum-connections-per-host limit that CFNetwork expected.
919         When that happened, the first request that was over the limit ended up in a bizarre state where it 
920         wasn't fully serviced until after the long running XHR was complete.
921
922         Loader and Loader::Host work together to try to not exceed the max-connection limit but non-cache
923         resources - such as XHR - could still end up causing this limit to be exceeded.
924
925         This fix adds a workaround specifically for XHR while we hash out a more thorough solution that will
926         handle this at the resource handle level.
927
928         * loader/loader.cpp:
929         (WebCore::Loader::nonCacheRequestInFlight):
930         (WebCore::Loader::nonCacheRequestComplete):
931         (WebCore::Loader::Host::Host):
932         (WebCore::Loader::Host::nonCacheRequestInFlight):
933         (WebCore::Loader::Host::nonCacheRequestComplete):
934         (WebCore::Loader::Host::servePendingRequests): Take nonCacheRequestsInFlight into account.
935         * loader/loader.h:
936         (WebCore::Loader::Host::processingResource): Take nonCacheRequestsInFlight into account.
937
938         * xml/XMLHttpRequest.cpp:
939         (WebCore::XMLHttpRequest::XMLHttpRequest):
940         (WebCore::XMLHttpRequest::~XMLHttpRequest): 
941         (WebCore::XMLHttpRequest::loadRequestAsynchronously): Bump the nonCacheRequestInFlight count.
942         (WebCore::XMLHttpRequest::didFail): Decrement that count if the Loader was notified.
943         (WebCore::XMLHttpRequest::didFinishLoading): Ditto.
944
945 2009-07-10  Antti Koivisto  <antti@apple.com>
946
947         Try to unbreak non-Mac build.
948
949         * page/ChromeClient.h:
950         (WebCore::ChromeClient::formDidFocus):
951         (WebCore::ChromeClient::formDidBlur):
952
953 2009-07-10  Beth Dakin  <bdakin@apple.com>
954
955         Reviewed by Anders Carlsson.
956
957         The rest of the fix for <rdar://problem/7038831> REGRESSION (TOT): 
958         In Mail, a crash occurs at WebCore::Widget::afterMouseDown() after 
959         clicking To Do's close box
960
961         Make the Widget* in passMouseDownEventToWidget() a RefPtr.
962
963         * page/mac/EventHandlerMac.mm:
964         (WebCore::EventHandler::passMouseDownEventToWidget):
965
966 2009-07-10  Eric Seidel  <eric@webkit.org>
967
968         Reviewed by Adam Barth.
969
970         rename getDOMStructure calls w/o JSGlobalObject* to deprecatedGetDOMStructure
971         https://bugs.webkit.org/show_bug.cgi?id=27157
972
973         This is the first step to fixing
974         https://bugs.webkit.org/show_bug.cgi?id=27088
975
976         * WebCore.xcodeproj/project.pbxproj:
977         * bindings/js/JSDOMBinding.h:
978         (WebCore::deprecatedGetDOMStructure):
979         (WebCore::createDOMObjectWrapper):
980         (WebCore::createDOMNodeWrapper):
981         * bindings/js/JSNamedNodesCollection.cpp:
982         (WebCore::JSNamedNodesCollection::JSNamedNodesCollection):
983         * bindings/js/JSRGBColor.cpp:
984         (WebCore::JSRGBColor::JSRGBColor):
985         * bridge/objc/objc_runtime.mm:
986         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
987         * bridge/runtime_array.cpp:
988         (JSC::RuntimeArray::RuntimeArray):
989         * bridge/runtime_method.cpp:
990         (JSC::RuntimeMethod::RuntimeMethod):
991         * bridge/runtime_object.cpp:
992         (JSC::RuntimeObjectImp::RuntimeObjectImp):
993
994 2009-07-10  Greg Bolsinga  <bolsinga@apple.com>
995
996         Reviewed by Antti Koivisto.
997
998         Add delegate methods about focus and blur and state change
999         https://bugs.webkit.org/show_bug.cgi?id=27153
1000
1001         Call the appropriate new ChromeClient methods for focus and blur.
1002
1003         * html/HTMLFormControlElement.cpp:
1004         (WebCore::HTMLFormControlElement::dispatchFocusEvent):
1005         (WebCore::HTMLFormControlElement::dispatchBlurEvent):
1006         * html/HTMLFormControlElement.h:
1007         * loader/EmptyClients.h:
1008         (WebCore::EmptyChromeClient::formDidFocus):
1009         (WebCore::EmptyChromeClient::formDidBlur):
1010         * page/ChromeClient.h:
1011
1012 2009-07-10  Steve Falkenburg  <sfalken@apple.com>
1013
1014         <rdar://problem/7048741> REGRESSION: Error about missing SwMenuX.dll opening pages with Shockwave
1015         
1016         Use altered search path while loading plug-ins. This modifies the DLL search order
1017         to look in the directory containing the plug-in even if a call to SetDllDirectory
1018         was previously made. Use of SetDllDirectory removes the current directory from the search path,
1019         breaking the previous strategy for locating any dependent DLLs of the plug-in.
1020         
1021         Reviewed by Jon Honeycutt.
1022
1023         * plugins/win/PluginPackageWin.cpp:
1024         (WebCore::PluginPackage::load): Use LoadLibraryEx with LOAD_WITH_ALTERED_SEARCH_PATH
1025
1026 2009-07-10  Adam Roben  <aroben@apple.com>
1027
1028         Sort all our Xcode projects
1029
1030         Accomplished using sort-Xcode-project-file.
1031
1032         Requested by Dave Kilzer.
1033
1034         * WebCore.xcodeproj/project.pbxproj:
1035
1036 2009-07-10  Adam Langley  <agl@google.com>
1037
1038         Reviewed by Darin Fisher.
1039
1040         Chromium Linux: use disabled images for disabled widgets.
1041
1042         https://bugs.webkit.org/show_bug.cgi?id=27106
1043
1044         Previously, checkboxes and radio controls rendered the same even if disabled.
1045         The Chromium side of this change is r20224.
1046
1047         * rendering/RenderThemeChromiumSkia.cpp:
1048         (WebCore::RenderThemeChromiumSkia::paintCheckbox):
1049         (WebCore::RenderThemeChromiumSkia::paintRadio):
1050
1051 2009-07-10  Simon Fraser  <simon.fraser@apple.com>
1052
1053         Reviewed by John Sullivan.
1054
1055         Fix crash when changing the zoom level in http://iphone.akamai.com/
1056         <rdar://problem/7029077>
1057
1058         RenderLayerBacking's paintIntoLayer() method called updateLayerListsIfNeeded(),
1059         which could potentially destroy that compositing layer, causing a crash.
1060         Prevent this from happening by not doing a compositing update from paintIntoLayer().
1061
1062         The existing updateLayerListsIfNeeded() was renamed to updateCompositingAndLayerListsIfNeeded(),
1063         and still does the compositing update. The new updateLayerListsIfNeeded() does not touch
1064         compositing layers, and is still called from paintIntoLayer().
1065         
1066         * rendering/RenderLayer.cpp:
1067         (WebCore::RenderLayer::paintLayer):
1068         (WebCore::RenderLayer::hitTestLayer):
1069         (WebCore::RenderLayer::updateLayerListsIfNeeded):
1070         (WebCore::RenderLayer::updateCompositingAndLayerListsIfNeeded):
1071         * rendering/RenderLayer.h:
1072
1073 2009-07-10  Drew Wilson  <atwilson@google.com>
1074
1075         Reviewed by Darin Adler.
1076
1077         Need to remove UsesManualToJSImplementation() in favor of CustomToJS.
1078         https://bugs.webkit.org/show_bug.cgi?id=27010
1079
1080         Added support for CustomToJS IDL attribute to replace the hard-coded class list in UsesManualToJSImplementation().
1081
1082         This is just a cleanup of existing functionality, so existing LayoutTests adequately cover this patch.
1083
1084         * bindings/scripts/CodeGeneratorJS.pm:
1085         Removed UsesManualToJSImplementation(), added support for CustomToJS attribute.
1086         * css/CSSRule.idl:
1087         * css/CSSValue.idl:
1088         * css/StyleSheet.idl:
1089         * dom/Document.idl:
1090         * dom/Event.idl:
1091         * dom/Node.idl:
1092         * html/ImageData.idl:
1093         * svg/SVGElementInstance.idl:
1094         * svg/SVGPathSeg.idl:
1095         Added CustomToJS attribute to all the above IDL files.
1096
1097 2009-07-10  Dan Bernstein  <mitz@apple.com>
1098
1099         - fix the build by reverting the ill-advised r45711
1100
1101         * page/FrameView.cpp:
1102         (WebCore::FrameView::scrollToAnchor):
1103
1104 2009-07-09  Brian Weinstein  <bweinstein@apple.com>
1105
1106         Reviewed by Tim Hatcher.
1107
1108         Updated WebCore.base.exp to add some needed functions.
1109
1110         * WebCore.base.exp:
1111
1112 2009-07-10  Dan Bernstein  <mitz@apple.com>
1113
1114         - address a review comment from Simon Fraser which I forgot to include
1115           in the last check-in
1116
1117         * page/FrameView.cpp:
1118         (WebCore::FrameView::scrollToAnchor): Pass true to getRect() for
1119         maximum transform friendliness!
1120
1121 2009-07-10  Dan Bernstein  <mitz@apple.com>
1122
1123         Reviewed by Simon Fraser.
1124
1125         - fix https://bugs.webkit.org/show_bug.cgi?id=27137
1126           <rdar://problem/7043124> REGRESSION (r44311): Reproducible crash due
1127           to infinite recursion into FrameLoader::gotoAnchor() ->
1128           FrameView::layout()
1129
1130         Test: fast/loader/goto-anchor-infinite-layout.html
1131
1132         * loader/FrameLoader.cpp:
1133         (WebCore::FrameLoader::gotoAnchor): Moved the code to update layout,
1134         find the renderer to scroll to, and scroll from here to methods on
1135         FrameView, and replaced it with a call to
1136         FrameView::maintainScrollPositionAtAnchor().
1137         (WebCore::FrameLoader::completed): Call maintainScrollPositionAtAnchor()
1138         instead of setLockedToAnchor().
1139
1140         * page/FrameView.cpp:
1141         (WebCore::FrameView::FrameView): Removed initialization of
1142         m_lockedToAnchor.
1143         (WebCore::FrameView::reset): Reset m_maintainScrollPositionAnchor instead
1144         of m_lockedToAnchor.
1145         (WebCore::FrameView::layout): Removed the code related to scrolling to
1146         the anchor from here, because scrolling can trigger events which
1147         invalidate the layout, and as such, belongs with the post-layout tasks.
1148         (WebCore::FrameView::maintainScrollPositionAtAnchor): Added. When called
1149         with a node scrolls the view to the top of that node and maintains it
1150         scrolled to the top of the node during subsequent layouts, until
1151         this function is called with 0 or other things trigger scrolling.
1152         (WebCore::FrameView::scrollRectIntoViewRecursively): Reset
1153         m_maintainScrollPositionAnchor.
1154         (WebCore::FrameView::setScrollPosition): Ditto.
1155         (WebCore::FrameView::scrollToAnchor): Added. Scrolls to the top of
1156         m_maintainScrollPositionAnchor, if it is set.
1157         (WebCore::FrameView::performPostLayoutTasks): Call scrollToAnchor().
1158         (WebCore::FrameView::setWasScrolledByUser): Reset
1159         m_maintainScrollPositionAnchor.
1160
1161         * page/FrameView.h: Removed lockedToAnchor(), setLockedToAnchor(),
1162         and m_lockedToAnchor. Added maintainScrollPositionAtAnchor() and
1163         m_maintainScrollPositionAnchor.
1164
1165 2009-07-04  Sriram Yadavalli  <sriram.yadavalli@nokia.com>
1166
1167         Reviewed by Simon Hausmann.
1168
1169         https://bugs.webkit.org/show_bug.cgi?id=26439
1170
1171         QtWebKit fails in loading www.nytimes.com in Windows/Linux
1172
1173         QNetworkReplyHandler is ignoring content associated with 401 error.
1174         This causes the XHR response handling to fail.
1175
1176         Simon: Added also ProxyAuthenticationRequiredError, to handle the same
1177         case when going through proxies, as suggested by Prasanth.
1178
1179         * platform/network/qt/QNetworkReplyHandler.cpp:
1180         (WebCore::QNetworkReplyHandler::finish):
1181
1182 2009-07-10  Simon Hausmann  <simon.hausmann@nokia.com>
1183
1184         Reviewed by Holger Freyther.
1185
1186         Enable HTML 5 Messaging to fix message channel Qt DRT failures in
1187         fast/events.
1188
1189         * WebCore.pro:
1190
1191 2009-07-09  Roland Steiner  <rolandsteiner@google.com>
1192
1193         Reviewed by Maciej Stachowiak.
1194
1195         added InlineBox::isLeaf()
1196         firstLeafChild()/lastLeafChild() not virtual and not callable on InlineBox anymore.
1197         firstLeafChild()/lastLeafChild() will no longer return a node outside of the given subtree.   
1198         Removed firstLeafChildAfterBox()/lastLeafChildBeforeBox()
1199         Removed potentially quadratic behavior if all nodes before/after a given box are empty InlineFlowBoxes
1200
1201         Currently, these methods are called on RootInlineBox objects only, so above changes should not have
1202         any observable effect (only the removal of the square performance behavior could apply, 
1203         but the conditions for that are probably of a rather theoretical nature).
1204
1205         * rendering/InlineBox.cpp:
1206         (WebCore::InlineBox::nextLeafChild):
1207         (WebCore::InlineBox::prevLeafChild):
1208         * rendering/InlineBox.h:
1209         (WebCore::InlineBox::isLeaf):
1210         * rendering/InlineFlowBox.cpp:
1211         (WebCore::InlineFlowBox::firstLeafChild):
1212         (WebCore::InlineFlowBox::lastLeafChild):
1213         * rendering/InlineFlowBox.h:
1214         (WebCore::InlineFlowBox::firstChild):
1215         (WebCore::InlineFlowBox::lastChild):
1216         (WebCore::InlineFlowBox::isLeaf):
1217         * rendering/RootInlineBox.cpp:
1218         (WebCore::RootInlineBox::closestLeafChildForXPos):
1219
1220 2009-07-09  Roland Steiner  <rolandsteiner@google.com>
1221
1222         Reviewed by Maciej Stachowiak.
1223
1224         Added InlineBox::baselinePosition() and lineHeight() methods
1225         (adapted remaining code accordingly to use those methods)
1226
1227         No change in functionality.
1228
1229         * rendering/InlineBox.h:
1230         (WebCore::InlineBox::baselinePosition):
1231         (WebCore::InlineBox::lineHeight):
1232         * rendering/InlineFlowBox.cpp:
1233         (WebCore::InlineFlowBox::adjustMaxAscentAndDescent):
1234         (WebCore::InlineFlowBox::computeLogicalBoxHeights):
1235         (WebCore::InlineFlowBox::placeBoxesVertically):
1236
1237 2009-07-09  Oliver Hunt  <oliver@apple.com>
1238
1239         Reviewed by Maciej Stachowiak.
1240
1241         Bug 27142 - canPlayType() should return empty string for unsupported content
1242         <https://bugs.webkit.org/show_bug.cgi?id=27142>
1243
1244         Return "" instead of "no" for unsupport media types. 
1245
1246         * html/HTMLMediaElement.cpp:
1247         (WebCore::HTMLMediaElement::canPlayType):
1248
1249 2009-07-09  Roland Steiner  <rolandsteiner@google.com>
1250
1251         Reviewed by Maciej Stachowiak.
1252
1253         Implement the part of HTML5 spec that deals with parsing of <rp> and <rt> tags
1254         in that their end tags are optional if followed by <rp>/<rt>.
1255
1256         Also specify a new accessibility role "annotation" for <rp> and <rt>.
1257
1258         Affected code parts are not enclosed in #IF ENABLE(RUBY), since the parsing
1259         is not affected by whether ruby is rendered properly or not (in fact, it may 
1260         be more profound without ruby layouting, since the contents of <rp> are not hidden).
1261
1262         Test: fast/ruby/parse-rp.html
1263
1264         * accessibility/AccessibilityObject.h:
1265         (WebCore::):
1266         * accessibility/AccessibilityRenderObject.cpp:
1267         (WebCore::AccessibilityRenderObject::roleValue):
1268         * html/HTMLElement.cpp:
1269         (WebCore::HTMLElement::endTagRequirement):
1270         (WebCore::HTMLElement::tagPriority):
1271         (WebCore::inlineTagList):
1272         * html/HTMLParser.cpp:
1273         (WebCore::HTMLParser::rpCreateErrorCheck):
1274         (WebCore::HTMLParser::rtCreateErrorCheck):
1275         (WebCore::HTMLParser::getNode):
1276         * html/HTMLParser.h:
1277         * html/HTMLTagNames.in:
1278
1279 2009-07-09  Dmitry Titov  <dimich@chromium.org>
1280
1281         Not reviewed, fix for previous commit.
1282
1283         The change http://trac.webkit.org/changeset/45695 did not correctly
1284         enabled GTL and QT build flags. This caused layout tests failure.
1285         This is speculative fix for those failures.
1286
1287         * GNUmakefile.am: added ENABLE_CHANNEL_MESSAGING flag.
1288         * WebCore.pro: ditto.
1289         * page/DOMWindow.idl: touched to cause recompile.
1290         * workers/WorkerContext.idl: ditto.
1291
1292 2009-07-09  Drew Wilson  <atwilson@google.com>
1293
1294         Reviewed by Alexey Proskuryakov.
1295
1296         https://bugs.webkit.org/show_bug.cgi?id=26903
1297
1298         Turned on CHANNEL_MESSAGING by default because the MessageChannel API
1299         is now implemented for Web Workers and is reasonably stable.
1300
1301         Tests: fast/events/message-channel-gc-2.html
1302                fast/events/message-channel-gc-3.html
1303                fast/events/message-channel-gc-4.html
1304                fast/events/message-channel-gc.html
1305                fast/events/message-channel-listener-circular-ownership.html
1306                fast/events/message-port-clone.html
1307                fast/events/message-port-constructor-for-deleted-document.html
1308                fast/events/message-port-deleted-document.html
1309                fast/events/message-port-deleted-frame.html
1310                fast/events/message-port-inactive-document.html
1311                fast/events/message-port-no-wrapper.html
1312                fast/events/message-port.html
1313                fast/workers/worker-cloneport.html
1314                fast/workers/worker-messageport-gc.html
1315                fast/workers/worker-messageport.html
1316
1317         * Configurations/FeatureDefines.xcconfig: Turned on ENABLE_CHANNEL_MESSAGING.
1318         * WebCore/WebCore.vcproj/WebCoreCommon.vsprops: ditto.
1319         * WebCore/WebCore.vcproj/build-generated-files.sh: ditto.
1320         * WebCore/page/DOMWindow.idl: touch the file to cause re-generation of headers.
1321         * WebCore/workers/WorkerContext.idl: ditto.
1322
1323
1324 2009-07-09  Pierre d'Herbemont  <pdherbemont@apple.com>
1325
1326         Reviewed by Simon Fraser.
1327
1328         Full page zoom breaks remaining and elapsed time display in the <video> controller.
1329         https://bugs.webkit.org/show_bug.cgi?id=27123
1330
1331         We are changing the size of the time remaining and time elapsed field, to
1332         automatically hide them, when the controller is too short.
1333
1334         Because we toggle the size between 0 and the previous value of the
1335         controller, we miss any width change that may occur during full page zoom,
1336         and we fail to restore a correct width.
1337
1338         This change fixes that problem by using a cloned style on which we
1339         set the width to 0, and restoring the previous style when going back to
1340         the normal width.
1341
1342         We take care about properly using the cloned style or the pseudo style,
1343         by overriding styleForElement().
1344
1345         * rendering/MediaControlElements.cpp:
1346         (WebCore::MediaControlElement::styleForElement):
1347         (WebCore::MediaControlElement::attach):
1348         (WebCore::MediaControlElement::updateStyle):
1349         (WebCore::MediaControlInputElement::styleForElement):
1350         (WebCore::MediaControlInputElement::attach):
1351         (WebCore::MediaControlInputElement::updateStyle):
1352         (WebCore::MediaControlTimeDisplayElement::MediaControlTimeDisplayElement):
1353         (WebCore::MediaControlTimeDisplayElement::styleForElement):
1354         (WebCore::MediaControlTimeDisplayElement::setVisible):
1355         * rendering/MediaControlElements.h:
1356         * rendering/RenderMedia.cpp:
1357         (WebCore::RenderMedia::shouldShowTimeDisplayControls): Make sure
1358         we take in account the zoom level when deciding if we should hide the 
1359         ellapsed and remaining time.
1360
1361 2009-07-09  Michael Nordman  <michaeln@google.com>
1362
1363         Reviewed by Darin Adler.
1364
1365         Fix chromium build bustage due to Widget being a RefCounted class.
1366         https://bugs.webkit.org/show_bug.cgi?id=27139
1367
1368         * platform/chromium/PopupMenuChromium.cpp:
1369         * platform/chromium/PopupMenuChromium.h:
1370
1371 2009-07-09  Chris Fleizach  <cfleizach@apple.com>
1372
1373         Reviewed by Darin Adler.
1374
1375         Bug 27130 - Need to implement ARIA role="toolbar"
1376         https://bugs.webkit.org/show_bug.cgi?id=27130
1377
1378         Test: platform/mac/accessibility/aria-toolbar.html
1379
1380         * accessibility/AccessibilityRenderObject.cpp:
1381         (WebCore::RoleEntry::):
1382         * accessibility/mac/AccessibilityObjectWrapper.mm:
1383         (-[AccessibilityObjectWrapper roleDescription]):
1384
1385 2009-07-09  Dimitri Glazkov  <dglazkov@chromium.org>
1386
1387         Reviewed by Darin Fisher.
1388
1389         [Chromium] Upstream WebCore.gypi, the project file for Chromium build.
1390         https://bugs.webkit.org/show_bug.cgi?id=27135
1391
1392         * WebCore.gypi: Added.
1393
1394 2009-07-09  Jon Honeycutt  <jhoneycutt@apple.com>
1395
1396         A more robust fix for <rdar://problem/6930280> Reproducible crash at
1397         USA Today photo gallery
1398
1399         Reviewed by Steve Falkenburg.
1400
1401         * plugins/win/PluginMessageThrottlerWin.cpp:
1402         (WebCore::PluginMessageThrottlerWin::messageThrottleTimerFired):
1403         Protect the PluginView from destruction before calling its window proc.
1404
1405 2009-07-09  Jon Honeycutt  <jhoneycutt@apple.com>
1406
1407         <rdar://problem/6978804> WER #16: Repro Access Violation in
1408         WebCore::PluginView::bindingInstance (1310178023)
1409
1410         Reviewed by Darin Adler.
1411
1412         * plugins/PluginView.cpp:
1413         (WebCore::PluginView::bindingInstance):
1414         Protect the PluginView from destruction before calling NPN_GetValue. If
1415         the renderer for the PluginView was destroyed during the call, and the
1416         PluginView's ref count is now 1, return null.
1417
1418 2009-07-09  Jon Honeycutt  <jhoneycutt@apple.com>
1419
1420         Speculative fix for <rdar://problem/6991251> WER #13: Crash in
1421         WebKit!WebCore::PluginView::performRequest+203 (1311461169)
1422
1423         Reviewed by Darin Adler.
1424
1425         * plugins/PluginView.cpp:
1426         (WebCore::PluginView::performRequest):
1427         Protect the PluginView from destruction before performing a load.
1428         Removed some trailing whitespace.
1429
1430 2009-07-09  Jon Honeycutt  <jhoneycutt@apple.com>
1431
1432         Build fix.
1433
1434         * inspector/JavaScriptDebugServer.cpp:
1435         (WebCore::JavaScriptDebugServer::setJavaScriptPaused):
1436
1437 2009-07-09  Beth Dakin and Jon Honeycutt <bdakin@apple.com>
1438
1439         Reviewed by Dave Hyatt.
1440
1441         Make Widget RefCounted to fix or make fixable:
1442
1443         <rdar://problem/7038831> REGRESSION (TOT): In Mail, a crash occurs 
1444         at WebCore::Widget::afterMouseDown() after clicking To Do's close 
1445         box
1446         <rdar://problem/6978804> WER #16: Repro Access Violation in 
1447         WebCore::PluginView::bindingInstance (1310178023)
1448         -and-
1449         <rdar://problem/6991251> WER #13: Crash in WebKit!
1450         WebCore::PluginView::performRequest+203 (1311461169) 
1451
1452         * loader/EmptyClients.h:
1453         (WebCore::EmptyFrameLoaderClient::createPlugin):
1454         Changed to return PassRefPtr
1455         (WebCore::EmptyFrameLoaderClient::createJavaAppletWidget):
1456         Ditto.
1457
1458         * loader/FrameLoader.cpp:
1459         (WebCore::FrameLoader::loadSubframe):
1460         (WebCore::FrameLoader::loadPlugin):
1461         Make the widget variable a RefPtr. Use .get() when passing it to
1462         RenderPart::setWidget().
1463         (WebCore::FrameLoader::createJavaAppletWidget):
1464         Make the widget variable a RefPtr.
1465
1466         * loader/FrameLoader.h:
1467         Changed the return type of createJavaAppletWidget().
1468
1469         * loader/FrameLoaderClient.h:
1470         Change the return types of createPlugin() and 
1471         createJavaAppletWidget().
1472
1473         * page/Frame.cpp:
1474         (WebCore::Frame::createView):
1475         No need to call .get() since setWidget() takes a RefPtr.
1476
1477         * page/FrameView.cpp:
1478         (WebCore::FrameView::layoutIfNeededRecursive):
1479         children() now returns a HashSet of RefPtrs.
1480
1481         * page/FrameView.h:
1482         Remove inheritance from RefCounted; we pick this up from ScrollView
1483         through Widget.
1484
1485         * platform/ScrollView.cpp:
1486         (WebCore::ScrollView::addChild):
1487         addChild() now takes a PassRefPtr and m_children now keeps a 
1488         HashSet of RefPtrs.
1489
1490         * platform/ScrollView.h:
1491         ScrollView constructor is now protected.
1492         (WebCore::ScrollView::children):
1493         m_children is now a HashSet of RefPtrs.
1494
1495         * platform/Scrollbar.h:
1496         Remove inheritance from RefCounted; we pick this up from ScrollView
1497         through Widget.
1498
1499         * platform/Widget.h:
1500         Inherit from RefCounted. Cleaned up some whitespace. Make m_widget 
1501         a RefPtr.
1502
1503         * plugins/PluginView.cpp:
1504         (WebCore::PluginView::create):
1505         Adopt the PluginView when returning it.
1506
1507         * plugins/PluginView.h:
1508         Changed create() to return a PassRefPtr.
1509
1510         * rendering/RenderApplet.cpp:
1511         Receive result in a RefPtr when calling createJavaAppletWidget().
1512
1513         * rendering/RenderPart.cpp:
1514         (WebCore::RenderPart::setWidget): 
1515         setWidget() now takes a PassRefPtr. Also removed the manual ref of 
1516         FrameViews. This is handled by having m_widget be a RefPtr. Removed 
1517         deleteWidget().
1518
1519         * rendering/RenderPart.h:
1520         Removed override of deleteWidget().
1521
1522         * rendering/RenderWidget.cpp:
1523         (WebCore::RenderWidget::destroy):
1524         (WebCore::RenderWidget::setWidget):
1525         (WebCore::RenderWidget::paint):
1526         (WebCore::RenderWidget::setOverlapTestResult):
1527         (WebCore::RenderWidget::updateWidgetPosition):
1528         Use .get().
1529         (WebCore::RenderWidget::clearWidget):
1530         Don't call deleteWidget(). It was removed. 
1531
1532         * rendering/RenderWidget.h:
1533         Removed deleteWidget(). Made m_widget a RefPtr.
1534         (WebCore::RenderWidget::widget):
1535         Use .get().
1536
1537 2009-07-09  Chris Fleizach  <cfleizach@apple.com>
1538
1539         Reviewed by Darin Adler.
1540
1541         Bug 27129 - AX: possible assertion for a non-native image in accessibility
1542         https://bugs.webkit.org/show_bug.cgi?id=27129 
1543
1544         It's possible for an image that is not really an image to assert, because its renderer
1545         is turned into a RenderImage.
1546
1547         Test: accessibility/non-native-image-crash.html
1548
1549         * accessibility/AccessibilityRenderObject.cpp:
1550         (WebCore::AccessibilityRenderObject::accessibilityIsIgnored):
1551         (WebCore::RoleEntry::):
1552         * accessibility/mac/AccessibilityObjectWrapper.mm:
1553         (-[AccessibilityObjectWrapper roleDescription]):
1554
1555 2009-07-09  Simon Fraser  <simon.fraser@apple.com>
1556
1557         Build fix for SnowLeopard.
1558         
1559         Avoid using the contentsTransform methods if not on Leopard, because
1560         we don't need to call them.
1561
1562         * platform/graphics/mac/GraphicsLayerCA.mm:
1563         (WebCore::GraphicsLayerCA::updateContentsTransform):
1564         * platform/graphics/mac/WebLayer.mm:
1565         (-[WebLayer setNeedsDisplayInRect:]):
1566         * platform/graphics/mac/WebTiledLayer.mm:
1567         (-[WebTiledLayer setNeedsDisplayInRect:]):
1568
1569 2009-07-09  Simon Fraser  <simon.fraser@apple.com>
1570
1571         Reviewed by Dave Hyatt
1572
1573         Improve the appearance of text in compositing layers when -[CALayer geometryFlipped]
1574         is not available.
1575         <rdar://problem/6120614>
1576
1577         * platform/graphics/GraphicsLayer.h:
1578         (WebCore::GraphicsLayer::setContentsOrientation):
1579         (WebCore::GraphicsLayer::contentsOrientation):
1580         * platform/graphics/GraphicsLayer.cpp:
1581         (WebCore::GraphicsLayer::GraphicsLayer):
1582         Add a m_contentsOrientation member and getter/setter to control whether
1583         the contents of this layer have a transform applied to them before display.
1584
1585         * platform/graphics/mac/GraphicsLayerCA.h:
1586         New method to return the default contents orientation.
1587
1588         * platform/graphics/mac/GraphicsLayerCA.mm:
1589         (WebCore::flipTransform):
1590         Convenience method to return a transform with a Y flip.
1591
1592         (WebCore::GraphicsLayerCA::GraphicsLayerCA):
1593         (WebCore::GraphicsLayerCA::setSize):
1594         After the size changes we have to update the contentsTransform.
1595
1596         (WebCore::GraphicsLayerCA::setGeometryOrientation):
1597         (WebCore::GraphicsLayerCA::geometryOrientation):
1598         If -setGeometryFlipped: is not available, use a children transform.
1599         
1600         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
1601         Tiled layers have issues with flipped contentsTransform, so just use
1602         top-down drawing for them. Call updateContentsTransform() to set the
1603         new contents transform after swapping layers.
1604         
1605         (WebCore::GraphicsLayerCA::defaultContentsOrientation):
1606         Use bottom-up when -geometryFlipped is not available, otherwise top-down.
1607         
1608         (WebCore::GraphicsLayerCA::updateContentsTransform):
1609         Set the layer contents transform based on contentsOrientation().
1610
1611         (WebCore::GraphicsLayerCA::setContentsLayer):
1612         We have to manually flip contents layers if we're not using -geometryFlipped.
1613         
1614         * platform/graphics/mac/WebLayer.h:
1615         * platform/graphics/mac/WebLayer.mm:
1616         Do early return if layerContents is nil. Flip the CTM if the layer has
1617         bottom-up coordinates, so that CG sees a CTM with no flip.
1618         Do the CGContextRestoreGState() after drawing the debug indicator.
1619         
1620         (-[WebLayer setNeedsDisplayInRect:]):
1621         * platform/graphics/mac/WebTiledLayer.mm:
1622         (-[WebTiledLayer setNeedsDisplayInRect:]):
1623         Need to map the dirty rect through the contentsTransform.
1624
1625 2009-07-09  Alexey Proskuryakov  <ap@webkit.org>
1626
1627         Reviewed by Geoff Garen.
1628
1629         <rdar://problem/6921671> Visit counter shouldn't be incremented by redirects.
1630
1631         Can't test this functionality with layout tests.
1632
1633         * WebCore.base.exp:
1634         * history/HistoryItem.cpp:
1635         (WebCore::HistoryItem::recordVisitAtTime):
1636         (WebCore::HistoryItem::visited):
1637         * history/HistoryItem.h:
1638         Only increase visit count if explicitly told to. Now, some visits change last access time,
1639         but do not increase visit count.
1640
1641 2009-07-09  Eric Carlson  <eric.carlson@apple.com>
1642
1643         Reviewed by Simon Fraser.
1644
1645         <rdar://problem/7046098> MediaControllerThemeQT requires QuickTime 7.6.3
1646
1647         Require QuickTime 7.6.3 or higher to enable the new media controller UI.
1648
1649         * rendering/RenderThemeMac.mm:
1650         (WebCore::mediaControllerTheme):
1651
1652 2009-07-09  Sam Weinig  <sam@webkit.org>
1653
1654         Reviewed by Beth Dakin.
1655
1656         Remove incorrect comment.
1657
1658         * page/MouseEventWithHitTestResults.h:
1659
1660 2009-07-09  Mads Ager  <ager@chromium.org>
1661
1662         Reviewed by Dimitri Glazkov.
1663
1664         Update the V8 bindings codegenerator to use the RGBColor::create
1665         method to handle refcounts for RGBColor objects correctly.
1666         
1667        * bindings/scripts/CodeGeneratorV8.pm: Use RGBColor::create to create RGBColor objects.
1668
1669 2009-07-09  Eric Carlson  <eric.carlson@apple.com>
1670
1671         Reviewed by Adele Peterson.
1672
1673         Crash in RenderMedia::styleDidChange.
1674         <rdar://problem/7044313> CrashTracer: quicklook crashed generating thumbnail for page with 
1675         media element (RenderMedia::styleDidChange + 115)
1676
1677         Speculative fix for crash in styleDidChange. Null check controller elements before tell
1678         them to update style.
1679
1680         * rendering/RenderMedia.cpp:
1681         (WebCore::RenderMedia::styleDidChange):
1682
1683 2009-07-09  Adam Barth  <abarth@webkit.org>
1684
1685         Reviewed by Dimitri Glazkov.
1686
1687         [V8] Move V8DOMWrapper to its own file
1688         https://bugs.webkit.org/show_bug.cgi?id=27121
1689
1690         * bindings/v8/V8DOMWrapper.cpp: Added.
1691         (WebCore::GetToStringName):
1692         (WebCore::ConstructorToString):
1693         (WebCore::V8DOMWrapper::convertSVGElementInstanceToV8Object):
1694         (WebCore::V8DOMWrapper::convertSVGObjectWithContextToV8Object):
1695         (WebCore::V8DOMWrapper::domObjectHasJSWrapper):
1696         (WebCore::V8DOMWrapper::setJSWrapperForDOMObject):
1697         (WebCore::V8DOMWrapper::setJSWrapperForActiveDOMObject):
1698         (WebCore::V8DOMWrapper::setJSWrapperForDOMNode):
1699         (WebCore::V8DOMWrapper::getTemplate):
1700         (WebCore::V8DOMWrapper::convertToV8Object):
1701         (WebCore::V8DOMWrapper::setHiddenWindowReference):
1702         (WebCore::V8DOMWrapper::domWrapperType):
1703         (WebCore::V8DOMWrapper::convertToNativeObjectImpl):
1704         (WebCore::V8DOMWrapper::convertToSVGPODTypeImpl):
1705         (WebCore::V8DOMWrapper::lookupDOMWrapper):
1706         (WebCore::V8DOMWrapper::convertDOMWrapperToNodeHelper):
1707         (WebCore::V8DOMWrapper::wrapNativeNodeFilter):
1708         (WebCore::V8DOMWrapper::instantiateV8Object):
1709         (WebCore::V8DOMWrapper::setDOMWrapper):
1710         (WebCore::V8DOMWrapper::maybeDOMWrapper):
1711         (WebCore::V8DOMWrapper::isDOMEventWrapper):
1712         (WebCore::V8DOMWrapper::isWrapperOfType):
1713         (WebCore::V8DOMWrapper::htmlElementType):
1714         (WebCore::V8DOMWrapper::svgElementType):
1715         (WebCore::V8DOMWrapper::convertEventToV8Object):
1716         (WebCore::):
1717         (WebCore::V8DOMWrapper::convertNodeToV8Object):
1718         (WebCore::V8DOMWrapper::convertEventTargetToV8Object):
1719         (WebCore::V8DOMWrapper::convertEventListenerToV8Object):
1720         (WebCore::V8DOMWrapper::convertDOMImplementationToV8Object):
1721         (WebCore::V8DOMWrapper::convertStyleSheetToV8Object):
1722         (WebCore::V8DOMWrapper::convertCSSValueToV8Object):
1723         (WebCore::V8DOMWrapper::convertCSSRuleToV8Object):
1724         (WebCore::V8DOMWrapper::convertWindowToV8Object):
1725         * bindings/v8/V8DOMWrapper.h: Added.
1726         (WebCore::V8DOMWrapper::convertDOMWrapperToNative):
1727         (WebCore::V8DOMWrapper::wrapCPointer):
1728         (WebCore::V8DOMWrapper::extractCPointer):
1729         (WebCore::V8DOMWrapper::convertDOMWrapperToNode):
1730         (WebCore::V8DOMWrapper::convertToV8Object):
1731         (WebCore::V8DOMWrapper::convertToNativeObject):
1732         (WebCore::V8DOMWrapper::convertToNativeEvent):
1733         (WebCore::V8DOMWrapper::extractCPointerImpl):
1734         (WebCore::V8DOMWrapper::instantiateV8Object):
1735         * bindings/v8/V8Proxy.cpp:
1736         * bindings/v8/V8Proxy.h:
1737
1738 2009-07-09  David Hyatt  <hyatt@apple.com>
1739
1740         Reviewed by Adele Peterson.
1741
1742         Crash in setFocusedFrame.
1743         <rdar://7032869> Crashing in setFocusedFrame on blogger.com.
1744
1745         Speculative fix for crasher in setFocusedFrame.  Make sure to ref both frames and fire
1746         the events only after the local member has been updated.
1747
1748         * page/FocusController.cpp:
1749         (WebCore::FocusController::setFocusedFrame):
1750
1751 2009-07-09  Eric Carlson  <eric.carlson@apple.com>
1752
1753         Reviewed by Adele Peterson.
1754
1755         Possible crashes when mouse clicks not dispatched because range input destroyed while 
1756         thumb is being dragged (e.g. scrub to end of movie)
1757         <rdar://problem/7037494> 
1758         https://bugs.webkit.org/show_bug.cgi?id=27101
1759
1760         Some shadow nodes "capture" all mouse events from mouseDown to mouseUp so they continue to 
1761         get mouse events even when the mouse is moved outside of the node. This is done by putting
1762         EventHandler into a mode where it sends all mouse events to the node regardless of the
1763         actual mouse position. The mode is set on mouseDown and cleared on mouseUp but if the
1764         node is deleted while in this mode, the mouseUp is never sent and EventHandler continues
1765         to try to send events to the deleted node. This sometimes results in a crash, and sometimes
1766         in a page that doesn't respond to click events.
1767
1768         Tests: fast/forms/search-delete-while-cancel-button-clicked.html
1769                fast/forms/slider-delete-while-dragging-thumb.html
1770                media/audio-delete-while-slider-thumb-clicked.html
1771                media/audio-delete-while-step-button-clicked.html
1772
1773         * rendering/MediaControlElements.cpp:
1774         (WebCore::MediaControlSeekButtonElement::detach):
1775             New, call setCapturingMouseEventsNode if capturing mouse events.
1776         * rendering/MediaControlElements.h:
1777             Declare detach().
1778
1779         * rendering/RenderSlider.cpp:
1780         (WebCore::SliderThumbElement::detach):
1781             New, call setCapturingMouseEventsNode if capturing mouse events.
1782
1783         * rendering/TextControlInnerElements.cpp:
1784         (WebCore::SearchFieldCancelButtonElement::detach):
1785             New, call setCapturingMouseEventsNode if capturing mouse events.
1786         * rendering/TextControlInnerElements.h:
1787             Declare detach().
1788
1789 2009-07-09  Yury Semikhatsky  <yurys@chromium.org>
1790
1791         Reviewed by Dimitri Glazkov.
1792
1793         Enter the Frame's context before creating new objects in setContextDebugId.
1794
1795         https://bugs.webkit.org/show_bug.cgi?id=27112
1796
1797         * bindings/v8/V8Proxy.cpp:
1798         (WebCore::V8Proxy::setContextDebugId):
1799
1800 2009-07-09  Simon Hausmann  <hausmann@webkit.org>
1801
1802         Fix the Qt build.
1803
1804         * WebCore.pro: Add new storage impl files to the build.
1805
1806 2009-07-08  Adam Barth  <abarth@webkit.org>
1807
1808         Rubber stamped by Eric Seidel.
1809
1810         [V8] Move DOM wrapper functions in V8Proxy to V8DOMWrapper
1811         https://bugs.webkit.org/show_bug.cgi?id=27107
1812
1813         This patch is just renaming.  Code motion will occur next.
1814
1815         * bindings/scripts/CodeGeneratorV8.pm:
1816         * bindings/v8/ScriptController.cpp:
1817         (WebCore::ScriptController::processingUserGesture):
1818         (WebCore::createScriptObject):
1819         (WebCore::ScriptController::createScriptObjectForPluginElement):
1820         * bindings/v8/ScriptObject.cpp:
1821         (WebCore::ScriptGlobalObject::set):
1822         * bindings/v8/ScriptObjectQuarantine.cpp:
1823         (WebCore::getQuarantinedScriptObject):
1824         * bindings/v8/V8AbstractEventListener.cpp:
1825         (WebCore::V8AbstractEventListener::handleEvent):
1826         (WebCore::V8AbstractEventListener::getReceiverObject):
1827         * bindings/v8/V8Collection.cpp:
1828         (WebCore::toOptionsCollectionSetter):
1829         * bindings/v8/V8Collection.h:
1830         (WebCore::getV8Object):
1831         (WebCore::getNamedPropertyOfCollection):
1832         (WebCore::nodeCollectionNamedPropertyGetter):
1833         (WebCore::getIndexedPropertyOfCollection):
1834         (WebCore::nodeCollectionIndexedPropertyGetter):
1835         (WebCore::nodeCollectionIndexedPropertyEnumerator):
1836         (WebCore::collectionIndexedPropertyEnumerator):
1837         (WebCore::collectionStringOrNullIndexedPropertyGetter):
1838         * bindings/v8/V8DOMMap.cpp:
1839         (WebCore::DOMData::handleWeakObject):
1840         (WebCore::DOMData::removeObjectsFromWrapperMap):
1841         * bindings/v8/V8GCController.cpp:
1842         (WebCore::enumerateDOMObjectMap):
1843         (WebCore::DOMObjectVisitor::visitDOMWrapper):
1844         (WebCore::GCPrologueVisitor::visitDOMWrapper):
1845         (WebCore::GCEpilogueVisitor::visitDOMWrapper):
1846         * bindings/v8/V8Helpers.cpp:
1847         (WebCore::wrapNPObject):
1848         * bindings/v8/V8NodeFilterCondition.cpp:
1849         (WebCore::V8NodeFilterCondition::acceptNode):
1850         * bindings/v8/V8Proxy.cpp:
1851         (WebCore::V8DOMWrapper::convertSVGElementInstanceToV8Object):
1852         (WebCore::V8DOMWrapper::convertSVGObjectWithContextToV8Object):
1853         (WebCore::V8DOMWrapper::domObjectHasJSWrapper):
1854         (WebCore::V8DOMWrapper::setJSWrapperForDOMObject):
1855         (WebCore::V8DOMWrapper::setJSWrapperForActiveDOMObject):
1856         (WebCore::V8DOMWrapper::setJSWrapperForDOMNode):
1857         (WebCore::V8Proxy::evaluateInNewContext):
1858         (WebCore::V8Proxy::getConstructor):
1859         (WebCore::V8DOMWrapper::getTemplate):
1860         (WebCore::V8Proxy::retrieveWindow):
1861         (WebCore::V8Proxy::updateDocumentWrapperCache):
1862         (WebCore::V8Proxy::clearForNavigation):
1863         (WebCore::V8Proxy::installDOMWindow):
1864         (WebCore::setDOMExceptionHelper):
1865         (WebCore::V8DOMWrapper::convertToV8Object):
1866         (WebCore::V8DOMWrapper::setHiddenWindowReference):
1867         (WebCore::V8DOMWrapper::domWrapperType):
1868         (WebCore::V8DOMWrapper::convertToNativeObjectImpl):
1869         (WebCore::V8DOMWrapper::convertToSVGPODTypeImpl):
1870         (WebCore::V8DOMWrapper::lookupDOMWrapper):
1871         (WebCore::V8DOMWrapper::convertDOMWrapperToNodeHelper):
1872         (WebCore::V8DOMWrapper::wrapNativeNodeFilter):
1873         (WebCore::V8DOMWrapper::instantiateV8Object):
1874         (WebCore::V8DOMWrapper::setDOMWrapper):
1875         (WebCore::V8DOMWrapper::maybeDOMWrapper):
1876         (WebCore::V8DOMWrapper::isDOMEventWrapper):
1877         (WebCore::V8DOMWrapper::isWrapperOfType):
1878         (WebCore::V8DOMWrapper::htmlElementType):
1879         (WebCore::V8DOMWrapper::svgElementType):
1880         (WebCore::V8DOMWrapper::convertEventToV8Object):
1881         (WebCore::V8DOMWrapper::convertNodeToV8Object):
1882         (WebCore::V8DOMWrapper::convertEventTargetToV8Object):
1883         (WebCore::V8DOMWrapper::convertEventListenerToV8Object):
1884         (WebCore::V8DOMWrapper::convertDOMImplementationToV8Object):
1885         (WebCore::V8DOMWrapper::convertStyleSheetToV8Object):
1886         (WebCore::V8DOMWrapper::convertCSSValueToV8Object):
1887         (WebCore::V8DOMWrapper::convertCSSRuleToV8Object):
1888         (WebCore::V8DOMWrapper::convertWindowToV8Object):
1889         (WebCore::V8Proxy::bindJsObjectToWindow):
1890         * bindings/v8/V8Proxy.h:
1891         (WebCore::V8DOMWrapper::convertDOMWrapperToNative):
1892         (WebCore::V8DOMWrapper::wrapCPointer):
1893         (WebCore::V8DOMWrapper::extractCPointer):
1894         (WebCore::V8DOMWrapper::convertDOMWrapperToNode):
1895         (WebCore::V8DOMWrapper::convertToV8Object):
1896         (WebCore::V8DOMWrapper::convertToNativeObject):
1897         (WebCore::V8DOMWrapper::convertToNativeEvent):
1898         (WebCore::V8DOMWrapper::extractCPointerImpl):
1899         (WebCore::V8DOMWrapper::instantiateV8Object):
1900         (WebCore::V8Proxy::constructDOMObject):
1901         (WebCore::toV8):
1902         * bindings/v8/V8SVGPODTypeWrapper.h:
1903         (WebCore::V8SVGPODTypeUtil::toSVGPODType):
1904         * bindings/v8/WorkerContextExecutionProxy.cpp:
1905         (WebCore::WorkerContextExecutionProxy::retrieve):
1906         (WebCore::WorkerContextExecutionProxy::initContextIfNeeded):
1907         (WebCore::WorkerContextExecutionProxy::GetConstructor):
1908         (WebCore::WorkerContextExecutionProxy::ToV8Object):
1909         (WebCore::WorkerContextExecutionProxy::EventToV8Object):
1910         (WebCore::WorkerContextExecutionProxy::toV8):
1911         * bindings/v8/custom/V8AttrCustom.cpp:
1912         (WebCore::ACCESSOR_SETTER):
1913         * bindings/v8/custom/V8CSSStyleDeclarationCustom.cpp:
1914         (WebCore::NAMED_PROPERTY_GETTER):
1915         (WebCore::NAMED_PROPERTY_SETTER):
1916         * bindings/v8/custom/V8CanvasPixelArrayCustom.cpp:
1917         (WebCore::INDEXED_PROPERTY_GETTER):
1918         (WebCore::INDEXED_PROPERTY_SETTER):
1919         * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp:
1920         (WebCore::toV8):
1921         (WebCore::toCanvasStyle):
1922         (WebCore::ACCESSOR_GETTER):
1923         (WebCore::ACCESSOR_SETTER):
1924         (WebCore::CALLBACK_FUNC_DECL):
1925         * bindings/v8/custom/V8ClientRectListCustom.cpp:
1926         (WebCore::INDEXED_PROPERTY_GETTER):
1927         * bindings/v8/custom/V8ClipboardCustom.cpp:
1928         (WebCore::ACCESSOR_GETTER):
1929         (WebCore::CALLBACK_FUNC_DECL):
1930         * bindings/v8/custom/V8CustomBinding.cpp:
1931         (WebCore::ACCESSOR_GETTER):
1932         (WebCore::INDEXED_ACCESS_CHECK):
1933         (WebCore::NAMED_ACCESS_CHECK):
1934         (WebCore::V8Custom::GetTargetFrame):
1935         * bindings/v8/custom/V8CustomSQLStatementCallback.cpp:
1936         (WebCore::V8CustomSQLStatementCallback::handleEvent):
1937         * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
1938         (WebCore::V8CustomSQLStatementErrorCallback::handleEvent):
1939         * bindings/v8/custom/V8CustomSQLTransactionCallback.cpp:
1940         (WebCore::V8CustomSQLTransactionCallback::handleEvent):
1941         * bindings/v8/custom/V8CustomSQLTransactionErrorCallback.cpp:
1942         (WebCore::V8CustomSQLTransactionErrorCallback::handleEvent):
1943         * bindings/v8/custom/V8DOMWindowCustom.cpp:
1944         (WebCore::V8Custom::WindowSetTimeoutImpl):
1945         (WebCore::ACCESSOR_SETTER):
1946         (WebCore::CALLBACK_FUNC_DECL):
1947         (WebCore::ACCESSOR_GETTER):
1948         (WebCore::INDEXED_PROPERTY_GETTER):
1949         (WebCore::NAMED_PROPERTY_GETTER):
1950         (WebCore::V8Custom::ClearTimeoutImpl):
1951         (WebCore::NAMED_ACCESS_CHECK):
1952         (WebCore::INDEXED_ACCESS_CHECK):
1953         * bindings/v8/custom/V8DatabaseCustom.cpp:
1954         (WebCore::CALLBACK_FUNC_DECL):
1955         * bindings/v8/custom/V8DocumentCustom.cpp:
1956         (WebCore::CALLBACK_FUNC_DECL):
1957         * bindings/v8/custom/V8DocumentLocationCustom.cpp:
1958         (WebCore::ACCESSOR_GETTER):
1959         (WebCore::ACCESSOR_SETTER):
1960         * bindings/v8/custom/V8ElementCustom.cpp:
1961         (WebCore::CALLBACK_FUNC_DECL):
1962         (WebCore::ACCESSOR_SETTER):
1963         (WebCore::ACCESSOR_GETTER):
1964         * bindings/v8/custom/V8EventCustom.cpp:
1965         (WebCore::ACCESSOR_SETTER):
1966         (WebCore::ACCESSOR_GETTER):
1967         * bindings/v8/custom/V8HTMLAudioElementConstructor.cpp:
1968         (WebCore::CALLBACK_FUNC_DECL):
1969         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
1970         (WebCore::CALLBACK_FUNC_DECL):
1971         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
1972         (WebCore::getNamedItems):
1973         (WebCore::getItem):
1974         (WebCore::NAMED_PROPERTY_GETTER):
1975         (WebCore::CALLBACK_FUNC_DECL):
1976         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
1977         (WebCore::NAMED_PROPERTY_GETTER):
1978         (WebCore::CALLBACK_FUNC_DECL):
1979         (WebCore::ACCESSOR_GETTER):
1980         * bindings/v8/custom/V8HTMLFormElementCustom.cpp:
1981         (WebCore::INDEXED_PROPERTY_GETTER):
1982         (WebCore::NAMED_PROPERTY_GETTER):
1983         (WebCore::CALLBACK_FUNC_DECL):
1984         * bindings/v8/custom/V8HTMLFrameElementCustom.cpp:
1985         (WebCore::ACCESSOR_SETTER):
1986         * bindings/v8/custom/V8HTMLFrameSetElementCustom.cpp:
1987         (WebCore::NAMED_PROPERTY_GETTER):
1988         * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp:
1989         (WebCore::ACCESSOR_SETTER):
1990         * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
1991         (WebCore::CALLBACK_FUNC_DECL):
1992         * bindings/v8/custom/V8HTMLInputElementCustom.cpp:
1993         (WebCore::ACCESSOR_GETTER):
1994         (WebCore::ACCESSOR_SETTER):
1995         (WebCore::CALLBACK_FUNC_DECL):
1996         * bindings/v8/custom/V8HTMLOptionElementConstructor.cpp:
1997         (WebCore::CALLBACK_FUNC_DECL):
1998         * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
1999         (WebCore::CALLBACK_FUNC_DECL):
2000         (WebCore::ACCESSOR_GETTER):
2001         (WebCore::ACCESSOR_SETTER):
2002         (WebCore::INDEXED_PROPERTY_GETTER):
2003         (WebCore::INDEXED_PROPERTY_SETTER):
2004         * bindings/v8/custom/V8HTMLPlugInElementCustom.cpp:
2005         (WebCore::NAMED_PROPERTY_GETTER):
2006         (WebCore::NAMED_PROPERTY_SETTER):
2007         (WebCore::INDEXED_PROPERTY_GETTER):
2008         (WebCore::INDEXED_PROPERTY_SETTER):
2009         * bindings/v8/custom/V8HTMLSelectElementCollectionCustom.cpp:
2010         (WebCore::NAMED_PROPERTY_GETTER):
2011         (WebCore::INDEXED_PROPERTY_SETTER):
2012         * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
2013         (WebCore::CALLBACK_FUNC_DECL):
2014         (WebCore::removeElement):
2015         * bindings/v8/custom/V8InspectorControllerCustom.cpp:
2016         (WebCore::CALLBACK_FUNC_DECL):
2017         * bindings/v8/custom/V8LocationCustom.cpp:
2018         (WebCore::ACCESSOR_SETTER):
2019         (WebCore::ACCESSOR_GETTER):
2020         (WebCore::CALLBACK_FUNC_DECL):
2021         (WebCore::INDEXED_ACCESS_CHECK):
2022         (WebCore::NAMED_ACCESS_CHECK):
2023         * bindings/v8/custom/V8MessageChannelConstructor.cpp:
2024         (WebCore::CALLBACK_FUNC_DECL):
2025         * bindings/v8/custom/V8MessagePortCustom.cpp:
2026         (WebCore::ACCESSOR_GETTER):
2027         (WebCore::ACCESSOR_SETTER):
2028         (WebCore::CALLBACK_FUNC_DECL):
2029         * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
2030         (WebCore::INDEXED_PROPERTY_GETTER):
2031         (WebCore::NAMED_PROPERTY_GETTER):
2032         * bindings/v8/custom/V8NavigatorCustom.cpp:
2033         (WebCore::ACCESSOR_GETTER):
2034         * bindings/v8/custom/V8NodeCustom.cpp:
2035         (WebCore::CALLBACK_FUNC_DECL):
2036         * bindings/v8/custom/V8NodeIteratorCustom.cpp:
2037         (WebCore::toV8):
2038         (WebCore::CALLBACK_FUNC_DECL):
2039         * bindings/v8/custom/V8NodeListCustom.cpp:
2040         (WebCore::NAMED_PROPERTY_GETTER):
2041         * bindings/v8/custom/V8SQLResultSetRowListCustom.cpp:
2042         (WebCore::CALLBACK_FUNC_DECL):
2043         * bindings/v8/custom/V8SQLTransactionCustom.cpp:
2044         (WebCore::CALLBACK_FUNC_DECL):
2045         * bindings/v8/custom/V8SVGElementInstanceCustom.cpp:
2046         (WebCore::CALLBACK_FUNC_DECL):
2047         * bindings/v8/custom/V8SVGLengthCustom.cpp:
2048         (WebCore::ACCESSOR_GETTER):
2049         (WebCore::CALLBACK_FUNC_DECL):
2050         * bindings/v8/custom/V8SVGMatrixCustom.cpp:
2051         (WebCore::CALLBACK_FUNC_DECL):
2052         * bindings/v8/custom/V8StorageCustom.cpp:
2053         (WebCore::V8Custom::v8StorageNamedPropertyEnumerator):
2054         (WebCore::storageGetter):
2055         (WebCore::storageSetter):
2056         (WebCore::storageDeleter):
2057         * bindings/v8/custom/V8StyleSheetListCustom.cpp:
2058         (WebCore::NAMED_PROPERTY_GETTER):
2059         * bindings/v8/custom/V8TreeWalkerCustom.cpp:
2060         (WebCore::toV8):
2061         (WebCore::CALLBACK_FUNC_DECL):
2062         * bindings/v8/custom/V8WebKitCSSMatrixConstructor.cpp:
2063         (WebCore::CALLBACK_FUNC_DECL):
2064         * bindings/v8/custom/V8WorkerContextCustom.cpp:
2065         (WebCore::ACCESSOR_GETTER):
2066         (WebCore::ACCESSOR_SETTER):
2067         (WebCore::SetTimeoutOrInterval):
2068         (WebCore::CALLBACK_FUNC_DECL):
2069         * bindings/v8/custom/V8WorkerCustom.cpp:
2070         (WebCore::CALLBACK_FUNC_DECL):
2071         (WebCore::ACCESSOR_GETTER):
2072         (WebCore::ACCESSOR_SETTER):
2073         * bindings/v8/custom/V8XMLHttpRequestConstructor.cpp:
2074         (WebCore::CALLBACK_FUNC_DECL):
2075         * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
2076         (WebCore::ACCESSOR_GETTER):
2077         (WebCore::ACCESSOR_SETTER):
2078         (WebCore::CALLBACK_FUNC_DECL):
2079         * bindings/v8/custom/V8XMLHttpRequestUploadCustom.cpp:
2080         (WebCore::ACCESSOR_GETTER):
2081         (WebCore::ACCESSOR_SETTER):
2082         (WebCore::CALLBACK_FUNC_DECL):
2083         * bindings/v8/custom/V8XSLTProcessorCustom.cpp:
2084         (WebCore::CALLBACK_FUNC_DECL):
2085
2086 2009-07-08  Pierre d'Herbemont  <pdherbemont@apple.com>
2087
2088         Reviewed by Simon Fraser.
2089
2090         Make sure we can click outside the slider thumb and start dragging.
2091         https://bugs.webkit.org/show_bug.cgi?id=26229
2092
2093         Previously we were assuming that if the thumb hasn't been clicked, we
2094         wouldn't issue any value change upon dragging.
2095
2096         We need to handle the two different cases:
2097         - Clicked in the thumb, we need to make sure the cursor is always pointing
2098         the same slider thumb point.
2099         - Clicked outside, the cursor should always be pointing to the center of
2100         the thumb.
2101
2102         For simplicity, we don't remember the original point of the mouse down,
2103         but a vector between that point and the thumb.
2104
2105         * rendering/RenderSlider.cpp:
2106         (WebCore::SliderThumbElement::SliderThumbElement):
2107         (WebCore::SliderThumbElement::defaultEventHandler):
2108         (WebCore::RenderSlider::mouseEventVectorToThumb): Utility function.
2109         * rendering/RenderSlider.h:
2110
2111 2009-07-08  Pierre d'Herbemont  <pdherbemont@apple.com>
2112
2113         Reviewed by Simon Fraser.
2114
2115         https://bugs.webkit.org/show_bug.cgi?id=27100
2116         <rdar://problem/7042621>
2117
2118         Don't display "loading" in the <video> controller when
2119         there is no src specified.
2120
2121         * rendering/MediaControlElements.cpp:
2122         (WebCore::MediaControlStatusDisplayElement::update): The only
2123         way to find out if we have an element is currentSrc(). networkState()
2124         will always report LOADING according to the spec.
2125
2126 2009-07-08  Adam Barth  <abarth@webkit.org>
2127
2128         Reviewed by Eric Seidel.
2129
2130         [V8] Move V8GCController functions to their own file
2131         https://bugs.webkit.org/show_bug.cgi?id=27102
2132
2133         * bindings/v8/V8GCController.cpp: Added.
2134         * bindings/v8/V8GCController.h: Added.
2135         * bindings/v8/V8Proxy.cpp:
2136         * bindings/v8/V8Proxy.h:
2137
2138 2009-07-08  Jeremy Orlow  <jorlow@chromium.org>
2139
2140         Reviewed by Darin Fisher.
2141
2142         Split StorageArea and StorageNamespace into an interface and implementation.
2143         https://bugs.webkit.org/show_bug.cgi?id=27072
2144
2145         I need to split StorageNamespace and StorageArea into an interface and
2146         implementation.  In a later patch, I'll implement a proxy interface
2147         that'll run inside the Chromium renderer process.
2148
2149         Additionally, fix the alphabetical ordering of files I recently added
2150         in the project files.
2151
2152         This is a continuation of other refactoring work:
2153         https://bugs.webkit.org/show_bug.cgi?id=25376
2154
2155         * GNUmakefile.am:
2156         * WebCore.vcproj/WebCore.vcproj:
2157         * WebCore.xcodeproj/project.pbxproj:
2158         * WebCoreSources.bkl:
2159         * storage/StorageArea.cpp:
2160         (WebCore::StorageArea::create):
2161         * storage/StorageArea.h:
2162         (WebCore::StorageArea::~StorageArea):
2163         * storage/StorageAreaImpl.cpp: Copied from WebCore/storage/StorageArea.cpp.
2164         (WebCore::StorageAreaImpl::create):
2165         (WebCore::StorageAreaImpl::~StorageAreaImpl):
2166         (WebCore::StorageAreaImpl::StorageAreaImpl):
2167         (WebCore::StorageAreaImpl::copy):
2168         (WebCore::StorageAreaImpl::length):
2169         (WebCore::StorageAreaImpl::key):
2170         (WebCore::StorageAreaImpl::getItem):
2171         (WebCore::StorageAreaImpl::setItem):
2172         (WebCore::StorageAreaImpl::removeItem):
2173         (WebCore::StorageAreaImpl::clear):
2174         (WebCore::StorageAreaImpl::contains):
2175         (WebCore::StorageAreaImpl::importItem):
2176         (WebCore::StorageAreaImpl::securityOrigin):
2177         (WebCore::StorageAreaImpl::close):
2178         (WebCore::StorageAreaImpl::blockUntilImportComplete):
2179         (WebCore::StorageAreaImpl::dispatchStorageEvent):
2180         * storage/StorageAreaImpl.h: Copied from WebCore/storage/StorageArea.h.
2181         * storage/StorageAreaSync.h:
2182         * storage/StorageNamespace.cpp:
2183         (WebCore::StorageNamespace::localStorageNamespace):
2184         (WebCore::StorageNamespace::sessionStorageNamespace):
2185         * storage/StorageNamespace.h:
2186         (WebCore::StorageNamespace::~StorageNamespace):
2187         * storage/StorageNamespaceImpl.cpp: Copied from WebCore/storage/StorageNamespace.cpp.
2188         (WebCore::StorageNamespaceImpl::localStorageNamespace):
2189         (WebCore::StorageNamespaceImpl::sessionStorageNamespace):
2190         (WebCore::StorageNamespaceImpl::StorageNamespaceImpl):
2191         (WebCore::StorageNamespaceImpl::~StorageNamespaceImpl):
2192         (WebCore::StorageNamespaceImpl::copy):
2193         (WebCore::StorageNamespaceImpl::storageArea):
2194         (WebCore::StorageNamespaceImpl::close):
2195         * storage/StorageNamespaceImpl.h: Copied from WebCore/storage/StorageNamespace.h.
2196
2197 2009-07-08  Adam Barth  <abarth@webkit.org>
2198
2199         Reviewed by Eric Seidel.
2200
2201         [V8] Move garbage collector related functions from V8Proxy to V8GCController
2202         https://bugs.webkit.org/show_bug.cgi?id=26967
2203
2204         This patch just moves the functions around in V8Proxy.  We'll actually
2205         move them to a separate file in another patch.
2206
2207         * bindings/v8/NPV8Object.cpp:
2208         (freeV8NPObject):
2209         * bindings/v8/ScheduledAction.cpp:
2210         (WebCore::ScheduledAction::ScheduledAction):
2211         (WebCore::ScheduledAction::~ScheduledAction):
2212         * bindings/v8/ScriptController.cpp:
2213         (WebCore::ScriptController::gcProtectJSWrapper):
2214         (WebCore::ScriptController::gcUnprotectJSWrapper):
2215         * bindings/v8/ScriptInstance.cpp:
2216         (WebCore::V8ScriptInstance::clear):
2217         (WebCore::V8ScriptInstance::set):
2218         * bindings/v8/ScriptValue.h:
2219         (WebCore::ScriptValue::ScriptValue):
2220         (WebCore::ScriptValue::operator=):
2221         (WebCore::ScriptValue::clear):
2222         * bindings/v8/V8AbstractEventListener.cpp:
2223         (WebCore::V8AbstractEventListener::disposeListenerObject):
2224         * bindings/v8/V8LazyEventListener.cpp:
2225         (WebCore::V8LazyEventListener::~V8LazyEventListener):
2226         (WebCore::V8LazyEventListener::getListenerFunction):
2227         (WebCore::V8LazyEventListener::getWrappedListenerFunction):
2228         * bindings/v8/V8NodeFilterCondition.cpp:
2229         (WebCore::V8NodeFilterCondition::V8NodeFilterCondition):
2230         (WebCore::V8NodeFilterCondition::~V8NodeFilterCondition):
2231         * bindings/v8/V8Proxy.cpp:
2232         (WebCore::V8GCController::registerGlobalHandle):
2233         (WebCore::V8GCController::unregisterGlobalHandle):
2234         (WebCore::V8GCController::gcProtect):
2235         (WebCore::V8GCController::gcUnprotect):
2236         (WebCore::V8Proxy::destroyGlobal):
2237         (WebCore::V8Proxy::updateDocumentWrapper):
2238         (WebCore::V8Proxy::clearDocumentWrapper):
2239         (WebCore::V8Proxy::disposeContextHandles):
2240         (WebCore::V8Proxy::initContextIfNeeded):
2241         * bindings/v8/V8Proxy.h:
2242         (WebCore::):
2243         (WebCore::GlobalHandleInfo::GlobalHandleInfo):
2244         * bindings/v8/custom/V8CustomEventListener.cpp:
2245         (WebCore::V8EventListener::V8EventListener):
2246
2247 2009-07-08  Daniel Bates  <dbates@intudata.com>
2248
2249         Reviewed by Adam Barth.
2250         
2251         https://bugs.webkit.org/show_bug.cgi?id=26918
2252         
2253         Prevents injection of HTML Base tag.
2254
2255         Tests: http/tests/security/xssAuditor/base-href-control-char.html
2256                http/tests/security/xssAuditor/base-href-null-char.html
2257                http/tests/security/xssAuditor/base-href-safe.html
2258                http/tests/security/xssAuditor/base-href-safe2.html
2259                http/tests/security/xssAuditor/base-href-scheme-relative.html
2260                http/tests/security/xssAuditor/base-href.html
2261
2262         * html/HTMLBaseElement.cpp:
2263         (WebCore::HTMLBaseElement::parseMappedAttribute):
2264         (WebCore::HTMLBaseElement::process): Modified to call XSSAuditor::canSetBaseElementURL
2265         to determine if it is safe to use base element URL.
2266         * html/HTMLBaseElement.h: Added field m_hrefAttrValue to store unparsed base element URL.
2267         * page/XSSAuditor.cpp:
2268         (WebCore::XSSAuditor::canSetBaseElementURL):
2269         * page/XSSAuditor.h:
2270
2271 2009-07-08  Nate Chapin  <japhet@chromium.org>
2272
2273         Reviewed by Dimitri Glazkov.
2274
2275         Upstream V8 npruntime bindings.
2276
2277         https://bugs.webkit.org/show_bug.cgi?id=27094
2278
2279         * bindings/v8/npruntime.cpp: Upstreamed from src.chromium.org.
2280         (StringKey::operator==):
2281         (StringKey::StringKeyHash::hash):
2282         (StringKey::StringKeyHash::equal):
2283         (StringKeyHashTraits::constructDeletedValue):
2284         (StringKeyHashTraits::isDeletedValue):
2285         (getStringIdentifierMap):
2286         (getIntIdentifierMap):
2287         * bindings/v8/npruntime_impl.h: Upstreamed from src.chromium.org.
2288         * bindings/v8/npruntime_internal.h: Upstreamed from src.chromium.org.
2289         * bindings/v8/npruntime_priv.h: Upstreamed from src.chromium.org.
2290
2291 2009-07-08  Dumitru Daniliuc  <dumi@chromium.org>
2292
2293         Reviewed by Darin Fisher.
2294
2295         Extending the PlatformFileHandle definition from PLATFORM(WIN) to
2296         PLATFORM(WIN_OS)
2297
2298         https://bugs.webkit.org/show_bug.cgi?id=27013
2299
2300         * platform/FileSystem.h:
2301
2302 2009-07-08  Daniel Bates  <dbates@intudata.com>
2303
2304         Reviewed by Adam Barth.
2305         
2306         https://bugs.webkit.org/show_bug.cgi?id=27071
2307         
2308         Resolves issue when HTTP parameters contain null- and  non-null-control- characters.
2309
2310         Tests: http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-null-char.html
2311                http/tests/security/xssAuditor/embed-tag-control-char.html
2312                http/tests/security/xssAuditor/embed-tag-null-char.html
2313                http/tests/security/xssAuditor/embed-tag.html
2314                http/tests/security/xssAuditor/link-onclick-control-char.html
2315                http/tests/security/xssAuditor/link-onclick-null-char.html
2316                http/tests/security/xssAuditor/object-embed-tag-control-char.html
2317                http/tests/security/xssAuditor/object-embed-tag-null-char.html
2318                http/tests/security/xssAuditor/object-embed-tag.html
2319                http/tests/security/xssAuditor/object-tag.html
2320                http/tests/security/xssAuditor/script-tag-post-control-char.html
2321                http/tests/security/xssAuditor/script-tag-post-null-char.html
2322                http/tests/security/xssAuditor/script-tag-with-source-control-char.html
2323                http/tests/security/xssAuditor/script-tag-with-source-null-char.html
2324
2325         * page/XSSAuditor.cpp:
2326         (WebCore::isNonNullControlCharacter): Called by XSSAuditor::decodeURL.
2327         (WebCore::XSSAuditor::canEvaluate):
2328         (WebCore::XSSAuditor::canCreateInlineEventListener):
2329         (WebCore::XSSAuditor::canLoadObject):
2330         (WebCore::XSSAuditor::decodeURL): Added parameters matchNullCharacters,
2331         and matchNonNullControlCharacters.
2332         (WebCore::XSSAuditor::findInRequest): Added parameters matchNullCharacters,
2333         and matchNonNullControlCharacters.
2334         * page/XSSAuditor.h:
2335
2336 2009-07-08  Marc-Antoine Ruel  <maruel@chromium.org>
2337
2338         Reviewed by Dimitri Glazkov.
2339
2340         Add DerivesSourcesAllInOne.cpp to help with release windows compilation.
2341         https://bugs.webkit.org/show_bug.cgi?id=27093
2342
2343         This is specific for v8, no change in behavior.
2344
2345         * bindings/v8/DerivedSourcesAllInOne.cpp: Added.
2346
2347 2009-07-08  Pierre d'Herbemont  <pdherbemont@apple.com>
2348
2349         Reviewed by Simon Fraser.
2350
2351         https://bugs.webkit.org/show_bug.cgi?id=27086
2352
2353         Make sure the Media controller doesn't fade in for no reason.
2354         This is happening because a update() call to the controller
2355         panel may reset the opacity to 1.0, given that it reloads the
2356         style.
2357
2358         We also add a different fade in and fade out time to soften
2359         the fade out effect.
2360
2361         No test case because this depends on how the movie is loaded.
2362
2363         * rendering/RenderMedia.cpp:
2364         (WebCore::RenderMedia::RenderMedia):
2365         (WebCore::RenderMedia::updateControls):
2366         (WebCore::RenderMedia::updateControlVisibility): Simplify
2367         , and make sure we stop the timer if there is no animation
2368         to do.
2369         (WebCore::RenderMedia::opacityAnimationTimerFired): 
2370         * rendering/RenderMedia.h:
2371
2372 2009-07-08  David Kilzer  <ddkilzer@apple.com>
2373
2374         Bug 27081: Wrap RunLoopTimerCF.cpp in PLATFORM(MAC) && HAVE(RUNLOOP_TIMER)
2375
2376         <https://bugs.webkit.org/show_bug.cgi?id=27081>
2377
2378         Reviewed by Timothy Hatcher.
2379
2380         * platform/cf/RunLoopTimerCF.cpp: This code is only used on
2381         Mac OS X when HAVE(RUNLOOP_TIMER) is enabled, so wrap the code
2382         in that macro as well.
2383
2384 2009-07-08  Greg Bolsinga  <bolsinga@apple.com>
2385
2386         Reviewed by Darin Adler.
2387
2388         Add -[WebView _isProcessingUserGesture]
2389         https://bugs.webkit.org/show_bug.cgi?id=27084
2390
2391         Rename FrameLoader::userGestureHint() to FrameLoader::isProcessingUserGesture()
2392         for clarity.
2393
2394         * WebCore.base.exp: Add WebCore::FrameLoader::isProcessingUserGesture()
2395         * html/HTMLMediaElement.cpp:
2396         (WebCore::HTMLMediaElement::processingUserGesture):
2397         * loader/FrameLoader.cpp: 
2398         (WebCore::FrameLoader::requestFrame):
2399         (WebCore::FrameLoader::isProcessingUserGesture):
2400         * loader/FrameLoader.h:
2401
2402 2009-07-08  Alexey Proskuryakov  <ap@webkit.org>
2403
2404         Reviewed (an earlier version) by Geoff Garen.
2405
2406         https://bugs.webkit.org/show_bug.cgi?id=27090
2407         Remove lockBackForwardList argument from HTMLFormElement::submit()
2408
2409         No change in behavior, so no tests.
2410
2411         * bindings/js/JSHTMLFormElementCustom.cpp:
2412         (WebCore::JSHTMLFormElement::submit):
2413         * html/HTMLFormElement.cpp:
2414         (WebCore::HTMLFormElement::submit):
2415         * html/HTMLFormElement.h:
2416         * loader/FrameLoader.cpp:
2417         (WebCore::FrameLoader::submitForm):
2418         (WebCore::FrameLoader::scheduleFormSubmission):
2419         * loader/FrameLoader.h:
2420         Don't pass lockBackForwardList around when it's known to be false.
2421
2422 2009-07-08  Marc-Antoine Ruel  <maruel@chromium.org>
2423
2424         Reviewed by Adam Barth.
2425
2426         Fix V8 idl codegen to use unique constant names
2427         <https://bugs.webkit.org/show_bug.cgi?id=27089>
2428
2429         Embed the interface name in the global constant names so coagulating all
2430         the .cc files into one compile unit works with V8 bindings.
2431
2432         Nothing added; Still compiles and pass tests.
2433
2434         * bindings/scripts/CodeGeneratorV8.pm:
2435
2436 2009-07-08  Brent Fulgham  <bfulgham@webkit.org>
2437
2438         Build fix: Add missing #includes for Windows (cURL) build.
2439         The <winsock2.h> and <windows.h> headers were not being
2440         included in Windows cURL builds.
2441
2442         * platform/network/ResourceHandleInternal.h:
2443         * platform/network/curl/ResourceHandleManager.h:
2444
2445 2009-07-08  Shinichiro Hamaji  <hamaji@chromium.org>
2446
2447         Reviewed by David Kilzer.
2448
2449         WebKit needs a style linting tool
2450         https://bugs.webkit.org/show_bug.cgi?id=25884
2451
2452         Fix bunch of style issues in WebCore/rendering.
2453         This patch is created to demonstrate cpplint.py.
2454
2455         No testcase because it's just a style fixes.
2456
2457         * rendering/AutoTableLayout.cpp:
2458         (WebCore::AutoTableLayout::recalcColumn):
2459         (WebCore::AutoTableLayout::layout):
2460         * rendering/InlineFlowBox.cpp:
2461         (WebCore::InlineFlowBox::placeEllipsisBox):
2462         * rendering/InlineTextBox.cpp:
2463         (WebCore::InlineTextBox::paintTextMatchMarker):
2464         * rendering/MediaControlElements.cpp:
2465         (WebCore::MediaControlTimelineElement::defaultEventHandler):
2466         * rendering/MediaControlElements.h:
2467         * rendering/RenderArena.cpp:
2468         * rendering/RenderBlock.cpp:
2469         (WebCore::RenderBlock::startDelayUpdateScrollInfo):
2470         (WebCore::RenderBlock::finishDelayUpdateScrollInfo):
2471         (WebCore::RenderBlock::updateScrollInfoAfterLayout):
2472         (WebCore::RenderBlock::positionNewFloats):
2473         (WebCore::RenderBlock::newLine):
2474         (WebCore::RenderBlock::floatBottom):
2475         (WebCore::RenderBlock::leftBottom):
2476         (WebCore::RenderBlock::rightBottom):
2477         * rendering/RenderBox.cpp:
2478         (WebCore::RenderBox::calcReplacedWidthUsing):
2479         * rendering/RenderFieldset.cpp:
2480         (WebCore::RenderFieldset::layoutLegend):
2481         * rendering/RenderFlexibleBox.cpp:
2482         (WebCore::FlexBoxIterator::FlexBoxIterator):
2483         (WebCore::FlexBoxIterator::reset):
2484         (WebCore::FlexBoxIterator::first):
2485         (WebCore::FlexBoxIterator::next):
2486         (WebCore::RenderFlexibleBox::layoutVerticalBox):
2487         * rendering/RenderFrameSet.cpp:
2488         (WebCore::borderStartEdgeColor):
2489         * rendering/RenderFrameSet.h:
2490         * rendering/RenderImage.cpp:
2491         * rendering/RenderLayer.cpp:
2492         (WebCore::RenderLayer::updateVisibilityStatus):
2493         (WebCore::RenderLayer::calculateClipRects):
2494         (WebCore::RenderLayer::calculateRects):
2495         * rendering/RenderListBox.cpp:
2496         (WebCore::RenderListBox::panScroll):
2497         * rendering/RenderMarquee.cpp:
2498         (WebCore::RenderMarquee::updateMarqueeStyle):
2499         * rendering/RenderMedia.cpp:
2500         (WebCore::RenderMedia::updateControls):
2501         * rendering/RenderObject.cpp:
2502         (WebCore::RenderObject::drawLineForBoxSide):
2503         (WebCore::RenderObject::localCaretRect):
2504         * rendering/RenderSVGImage.cpp:
2505         (WebCore::RenderSVGImage::adjustRectsForAspectRatio):
2506         * rendering/RenderSlider.h:
2507         * rendering/RenderTable.cpp:
2508         (WebCore::RenderTable::outerBorderBottom):
2509         * rendering/RenderTableCol.h:
2510         * rendering/RenderTextControlSingleLine.cpp:
2511         (WebCore::RenderTextControlSingleLine::itemIsSeparator):
2512         * rendering/RenderThemeChromiumSkia.cpp:
2513         (WebCore::RenderThemeChromiumSkia::supportsHover):
2514         * rendering/RenderThemeChromiumWin.cpp:
2515         (WebCore::RenderThemeChromiumWin::supportsFocusRing):
2516         * rendering/SVGCharacterLayoutInfo.cpp:
2517         (WebCore::SVGCharacterLayoutInfo::addStackContent):
2518         * rendering/SVGCharacterLayoutInfo.h:
2519         * rendering/TextControlInnerElements.h:
2520         * rendering/bidi.cpp:
2521         (WebCore::RenderBlock::computeHorizontalPositionsForLine):
2522
2523 2009-07-07  Oliver Hunt  <oliver@apple.com>
2524
2525         Reviewed by Maciej Stachowiak.
2526
2527         Reduce complexity of lifetime management in DynamicNodeList caches
2528         <https://bugs.webkit.org/show_bug.cgi?id=27068>
2529
2530         Switch the Cache object used by DynamicNodeList into a normal
2531         refcounted object rather than having a weird flag controlled
2532         refcounting system, where positive refcount did not automatically
2533         imply the cache object would actually still be live.
2534
2535         * dom/DynamicNodeList.cpp:
2536         (WebCore::DynamicNodeList::DynamicNodeList):
2537         (WebCore::DynamicNodeList::~DynamicNodeList):
2538         (WebCore::DynamicNodeList::Caches::Caches):
2539         (WebCore::DynamicNodeList::Caches::create):
2540         * dom/DynamicNodeList.h:
2541         * dom/Node.cpp:
2542         (WebCore::Node::childNodes):
2543         (WebCore::Node::getElementsByTagNameNS):
2544         (WebCore::Node::getElementsByName):
2545         (WebCore::Node::getElementsByClassName):
2546         (WebCore::NodeListsNodeData::invalidateCaches):
2547         (WebCore::NodeListsNodeData::isEmpty):
2548         * dom/NodeRareData.h:
2549         (WebCore::NodeListsNodeData::NodeListsNodeData):
2550
2551 2009-07-07  Simon Fraser  <simon.fraser@apple.com>
2552
2553         Reviewed by Dan Bernstein.
2554         
2555         -webkit-perspective should be a Length
2556         https://bugs.webkit.org/show_bug.cgi?id=27066
2557         
2558         -webkit-perspective should not take a magic valueless number, but should
2559         be a normal Length value which responds to zooming. Treat valueless numbers
2560         as pixels for backward compatibility.
2561         
2562         Test: transforms/3d/general/perspective-units.html
2563
2564         * css/CSSParser.cpp:
2565         (WebCore::CSSParser::parseValue):
2566         * css/CSSStyleSelector.cpp:
2567         (WebCore::CSSStyleSelector::applyProperty):
2568
2569 2009-07-07  Pierre d'Herbemont  <pdherbemont@apple.com>
2570
2571         Reviewed by Simon Fraser.
2572
2573         https://bugs.webkit.org/show_bug.cgi?id=27047
2574
2575         We need to make sure that when we reattach, we also reattach
2576         the children in every MediaControlElement. Else we may end up
2577         having no remaining or elapsed time.
2578
2579         We have to handle that, because we are using a special shadow
2580         tree in the DOM, and that we are ourselves handling
2581         attaching/detaching the renderer.
2582
2583         The strategy here is to try to implement ::attach(), and try
2584         to reuse as much code as we can from the super class, including
2585         children attachement.
2586
2587         Test: media/controls-after-reload.html
2588
2589         * rendering/MediaControlElements.cpp:
2590         (WebCore::MediaControlElement::styleForElement): Code factoring.
2591         (WebCore::MediaControlElement::rendererIsNeeded): Code factoring.
2592         (WebCore::MediaControlElement::attach): Implement attach
2593         and call super class so that children are also attached.
2594         (WebCore::MediaControlElement::updateStyle): Use attach()
2595         (WebCore::MediaControlInputElement::styleForElement): Code factoring.
2596         (WebCore::MediaControlInputElement::rendererIsNeeded): Code factoring.
2597         (WebCore::MediaControlInputElement::attach): See above.
2598         (WebCore::MediaControlInputElement::updateStyle): Use attach()
2599         * rendering/MediaControlElements.h:
2600         * rendering/RenderMedia.cpp:
2601         (WebCore::RenderMedia::updateControls): Directly run attach() on
2602         the m_panel, which is a root node for our shadow tree.
2603
2604 2009-07-07  Simon Fraser  <simon.fraser@apple.com>
2605
2606         Reviewed by Dan Bernstein.
2607
2608         Repaint issue after layer drops out of composited mode.
2609         <https://bugs.webkit.org/show_bug.cgi?id=27022>
2610
2611         RenderLayers cache repaint rects in the form of m_repaintRect and m_outlineBox,
2612         and expect these to stay valid from one style change to the next. These rects
2613         are relative to the repaint container, so if a layer stops being composited,
2614         we need to recompute them.
2615         
2616         Test: compositing/repaint/layer-repaint-rects.html
2617
2618         * rendering/RenderLayer.cpp:
2619         (WebCore::RenderLayer::computeRepaintRects):
2620         * rendering/RenderLayer.h:
2621         * rendering/RenderLayerCompositor.cpp:
2622         (WebCore::RenderLayerCompositor::updateBacking):
2623
2624 2009-07-07  Dan Bernstein  <mitz@apple.com>
2625
2626         Reviewed by Dave Hyatt and Darin Adler.
2627
2628         - fix https://bugs.webkit.org/show_bug.cgi?id=26963
2629           <rdar://problem/7030998> Reproducible crash at
2630           FontCache::getFontData() when a custom font is used in a pseudo-style
2631
2632         Test: fast/css/pseudo-cache-stale.html
2633
2634         * dom/Element.cpp:
2635         (WebCore::Element::pseudoStyleCacheIsInvalid): Added. Given the old
2636         style and the new style, goes over cached pseudo-styles in the old
2637         style and re-resolves the same style types off the new style. If any of
2638         the new pseudo-styles is different from the currently cached
2639         corresponding style, returns true. Otherwise, returns false.
2640         (WebCore::Element::recalcStyle): Validate the pseudo-style cache before
2641         deciding to keep the existing style.
2642         * dom/Element.h:
2643         * rendering/RenderObject.cpp:
2644         (WebCore::RenderObject::uncachedFirstLineStyle): Added this version that
2645         returns an uncached first-line style based off the given style.
2646         (WebCore::RenderObject::getUncachedPseudoStyle): Added the 'ownStyle'
2647         parameter.
2648         * rendering/RenderObject.h:
2649         * rendering/style/RenderStyle.cpp:
2650         (WebCore::RenderStyle::getPseudoStyleCache): Added. Returns the cached
2651         pseudo-styles in the passed-in vector.
2652         * rendering/style/RenderStyle.h:
2653
2654 2009-07-07  Dan Bernstein  <mitz@apple.com>
2655
2656         Reviewed by Simon Fraser.
2657
2658         - fix https://bugs.webkit.org/show_bug.cgi?id=27042
2659           <rdar://problem/7010981> Incomplete painting of newly created floats
2660
2661         Tests: fast/repaint/float-in-new-block-with-layout-delta.html
2662                fast/repaint/float-new-in-block.html
2663
2664         * rendering/RenderBlock.cpp:
2665         (WebCore::RenderBlock::layoutBlockChildren): If the child has never been
2666         laid out before, paint its overhanging floats in addition to itself.
2667         * rendering/RenderBlock.h:
2668         (WebCore::RenderBlock::FloatWithRect::FloatWithRect): Added and
2669         initialized a boolean everHadLayout member.
2670         * rendering/bidi.cpp:
2671         (WebCore::RenderBlock::layoutInlineChildren): Paint floats that have
2672         never been laid out before and did not move from (0, 0).
2673
2674 2009-07-07  Brady Eidson  <beidson@apple.com>
2675
2676         Contributions from both Darin Adler and Brady Eidson.
2677         Reviewed by Darin Adler.
2678
2679         <rdar://problem/7024039> REGRESSION (r42158): Back-forward navigation does not work correctly on nytimes.com
2680
2681         In r42158 we lost some exclusions to making back/forward items for subframe navigations when a main frame
2682         navigation was still in progress.
2683
2684         This patch makes things even better than it used to be by:
2685         - Locking back/forward history at the time the navigation is scheduled, not after the load has committed.
2686         - Locking back/forward history if *any* ancestor frame is still loading instead of just the main frame.
2687
2688         Test: fast/loader/subframe-navigate-during-main-frame-load.html
2689
2690         * loader/FrameLoader.cpp:
2691         (WebCore::FrameLoader::submitForm): Move out the history locking logic into a standalone function so it can be
2692           used from multiple sites.
2693         (WebCore::mustLockBackForwardList): Returns true if any ancestor frame is still loading.
2694         (WebCore::FrameLoader::scheduleLocationChange): Respect mustLockBackForwardList() in addition to the passed in
2695           lockBackForwardList flag.
2696         (WebCore::FrameLoader::scheduleFormSubmission): Ditto.
2697
2698 2009-07-07  Nate Chapin  <japhet@chromium.org>
2699
2700         Reviewed by Darin Fisher.
2701
2702         Upstream DOMObjectsInclude.h from src.chromium.org.
2703
2704         https://bugs.webkit.org/show_bug.cgi?id=27035
2705
2706         * bindings/v8/DOMObjectsInclude.h: Added.
2707
2708 2009-07-07  Nate Chapin  <japhet@chromium.org>
2709
2710         Reviewed by David Levin.
2711
2712         Relanding r45559, which was rolled back at r45574.
2713
2714         https://bugs.webkit.org/show_bug.cgi?id=26857
2715
2716         * bindings/scripts/CodeGeneratorV8.pm: Updated a function name in auto-generated bindings.
2717         * bindings/v8/V8Binding.cpp: Moved from src.chromium.org.
2718         * bindings/v8/V8Binding.h: Contents moved from src.chromium.org.
2719         * bindings/v8/V8LazyEventListener.cpp:
2720         (WebCore::V8LazyEventListener::getListenerFunction):
2721         * bindings/v8/V8Proxy.cpp:
2722         (WebCore::handleConsoleMessage):
2723         (WebCore::V8Proxy::compileScript):
2724         (WebCore::V8Proxy::sourceName):
2725         * bindings/v8/WorkerContextExecutionProxy.cpp:
2726         (WebCore::handleConsoleMessage):
2727         * bindings/v8/custom/V8CSSStyleDeclarationCustom.cpp:
2728         (WebCore::NAMED_PROPERTY_SETTER):
2729         * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp:
2730         (WebCore::CALLBACK_FUNC_DECL):
2731         * bindings/v8/custom/V8CustomXPathNSResolver.cpp:
2732         (WebCore::V8CustomXPathNSResolver::lookupNamespaceURI):
2733         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2734         (WebCore::CALLBACK_FUNC_DECL):
2735         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
2736         (WebCore::CALLBACK_FUNC_DECL):
2737         * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp:
2738         (WebCore::ACCESSOR_SETTER):
2739         * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
2740         (WebCore::CALLBACK_FUNC_DECL):
2741         * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
2742         (WebCore::removeElement):
2743         * bindings/v8/custom/V8SQLTransactionCustom.cpp:
2744         (WebCore::CALLBACK_FUNC_DECL):
2745         * bindings/v8/custom/V8WorkerContextCustom.cpp:
2746         (WebCore::SetTimeoutOrInterval):
2747         * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
2748         (WebCore::CALLBACK_FUNC_DECL):
2749
2750 2009-07-07  Gregory Hughes  <gfhughesVO+webkit@gmail.com>
2751
2752         Reviewed by Darin Adler.
2753
2754         AX: Some webpages do not send AXLoadComplete
2755         https://bugs.webkit.org/show_bug.cgi?id=26995
2756
2757         When sending the AXLayoutComplete notification it is possible
2758         that the AXObjectCache was cleared, resulting in no valid
2759         object to send the notification to. This fix ensures that an
2760         AX object is created and cached if one does not already exist.
2761
2762         Not able to add a test because notifications get sent after the layout test is completed.
2763
2764         * dom/Document.cpp:
2765         (WebCore::Document::implicitClose):
2766
2767 2009-07-06  Pierre d'Herbemont  <pdherbemont@apple.com>
2768
2769         Reviewed by Simon Fraser.
2770
2771         https://bugs.webkit.org/show_bug.cgi?id=27015
2772
2773         Make sure that the CSS properties letter-spacing, word-spacing,
2774         line-height, text-transform, text-indent, text-shadow,
2775         text-decoration and color do not affect the media element controls,
2776         that display text.
2777
2778         Controls that display text are only present in when the theme
2779         MediaControllerThemeQT is being used.
2780
2781         Test: media/controls-styling.html
2782
2783         * css/mediaControlsQT.css:
2784         * rendering/MediaControlElements.cpp:
2785         (WebCore::MediaControlElement::updateStyle): Special case for
2786         text-decoration. text-decoration can't be overriden from CSS, because
2787         text-decoration is additive for historical reasons.
2788
2789 2009-07-07  Albert Wong  <ajwong@chromium.org>
2790
2791         Not reviewed, Chromium build fix.
2792
2793         Add in missing header + fix syntax issue that crept into last patch.
2794         https://bugs.webkit.org/show_bug.cgi?id=27027
2795
2796         * rendering/RenderThemeChromiumMac.mm:
2797         (WebCore::RenderThemeChromiumMac::paintMediaFullscreenButton):
2798
2799 2009-07-07  Simon Fraser  <simon.fraser@apple.com>
2800
2801         Reviewed by Dave Hyatt.
2802
2803         Make use of geometry information to decide which layers become composited.
2804
2805         <rdar://problem/7011947>
2806         <https://bugs.webkit.org/show_bug.cgi?id=27021>
2807         
2808         In addition to looking at painting order, also, optionally, take layer
2809         overlap into account when deciding which RenderLayers need to be composited.
2810
2811         No testcase because DRT doesn't dump which layers are composited.
2812         
2813         * page/FrameView.h:
2814         * page/FrameView.cpp:
2815         (WebCore::FrameView::updateCompositingLayers):
2816         Removed the unused CompositingUpdate parameter, and just do an early return
2817         when there is no view.
2818         
2819         * rendering/RenderLayer.h:
2820         * rendering/RenderLayer.cpp:
2821         (WebCore::RenderLayer::rendererContentChanged):
2822         (WebCore::RenderLayer::dirtyZOrderLists):
2823         (WebCore::RenderLayer::dirtyNormalFlowList):
2824         (WebCore::RenderLayer::styleChanged):
2825         (WebCore::RenderLayer::mustOverlapCompositedLayers):
2826         (WebCore::RenderLayer::setMustOverlapCompositedLayers):
2827         Change "overlay" to "overlap" for consistency with the use of "overlap"
2828         elsewhere.
2829
2830         * rendering/RenderLayerBacking.cpp:
2831         (WebCore::RenderLayerBacking::updateAfterLayout):
2832         compositingLayersNeedUpdate() renamed to compositingLayersNeedRebuild().
2833         
2834         (WebCore::RenderLayerBacking::startAnimation):
2835         (WebCore::RenderLayerBacking::startTransition):
2836         Tell the compositor that we started an accelerated animation or transition.
2837         
2838         * rendering/RenderLayerCompositor.h:
2839         (WebCore::RenderLayerCompositor::compositingLayersNeedRebuild):
2840         Renamed, since it's explicitly about changes in hierarchy now.
2841         
2842         (WebCore::RenderLayerCompositor::setCompositingConsultsOverlap):
2843         (WebCore::RenderLayerCompositor::compositingConsultsOverlap):
2844         New getter and setter for whether compositing should take overlap into account.
2845
2846         * rendering/RenderLayerCompositor.cpp:
2847         (WebCore::RenderLayerCompositor::RenderLayerCompositor):
2848         Add m_compositingConsultsOverlap, re-order some member variables.
2849         
2850         (WebCore::RenderLayerCompositor::cacheAcceleratedCompositingEnabledFlag):
2851         Whitespace cleanup and method rename.
2852         
2853         (WebCore::RenderLayerCompositor::setCompositingLayersNeedRebuild):
2854         Method and variable renaming.
2855         
2856         (WebCore::RenderLayerCompositor::updateCompositingLayers):
2857         Now we have to run through the layer hierarchy every time if looking
2858         at overlap, because changes in layout can now alter compositing behavior.
2859         We minimize work by tracking whether we actually need to change the layer
2860         hierarchy via needLayerRebuild.
2861         
2862         (WebCore::RenderLayerCompositor::updateBacking):
2863         3D transforms turn off overlap mode.
2864         
2865         (WebCore::RenderLayerCompositor::layerWasAdded):
2866         (WebCore::RenderLayerCompositor::layerWillBeRemoved):
2867         Method rename.
2868         
2869         (WebCore::RenderLayerCompositor::addToOverlapMap):
2870         (WebCore::RenderLayerCompositor::overlapsCompositedLayers):
2871         Utility methods to add a layer to the overlapMap (computing the absolute
2872         bounding box only if we haven't already done so), and testing the map
2873         entries.
2874         
2875         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
2876         If a layer would composite only because it comes after other compositing
2877         layers in the painting order, then consult the overlap map to determine whether
2878         it overlaps, and thus actually needs to composite.
2879         
2880         Add layers to the map when they must be composited.
2881         
2882         (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
2883         Only do re-parenting work if the updateHierarchy flag is set.
2884         
2885         (WebCore::RenderLayerCompositor::didStartAcceleratedAnimation):
2886         When we start an accelerated transition or animation, we stop looking at
2887         overlap because we can no longer guarantee correct front-to-back ordering while the
2888         accelerated animation is running.
2889
2890         (WebCore::RenderLayerCompositor::needsToBeComposited):
2891         Method renames.
2892         
2893         * rendering/RenderView.cpp:
2894         (WebCore::RenderView::setMaximalOutlineSize):
2895         Add comment indicating that this could be optimized.
2896
2897 2009-07-07  Anton Muhin  <antonm@chromium.org>
2898
2899         Reviewed by Darin Fisher.
2900
2901         Speed up creation of V8 wrappers for DOM nodes.
2902
2903         https://bugs.webkit.org/show_bug.cgi?id=26882
2904
2905         This patch doesn't require new tests as it a set of refactorings
2906         to speed up wrapper creation.  
2907
2908         * bindings/v8/V8Proxy.cpp:
2909         * bindings/v8/V8Proxy.h:
2910
2911 2009-07-07  Jan Michael Alonzo  <jmalonzo@webkit.org>
2912
2913         Reviewed by Gustavo Noronha.
2914
2915         [GTK] textarea height property works only if other property are defined
2916         https://bugs.webkit.org/show_bug.cgi?id=18984
2917
2918         Let WebCore handle textarea's metrics instead of readjusting it RenderthemeGtk.
2919
2920         Test: fast/forms/textarea-metrics.html
2921
2922         * platform/gtk/RenderThemeGtk.cpp:
2923         * platform/gtk/RenderThemeGtk.h:
2924
2925 2009-07-07  Ben Murdoch  <benm@google.com>
2926
2927         Reviewed by Antti Koivisto.
2928
2929         HTML5 Database becomes locked if a transaction is in progress when the page is refreshed.
2930         https://bugs.webkit.org/show_bug.cgi?id=25711
2931
2932         Fix for https://bugs.webkit.org/show_bug.cgi?id=25711 where web
2933         storage databases could become locked until the browser is shut
2934         down if the page is refreshed whilst a transaction is in progress.
2935
2936         Test: storage/database-lock-after-reload.html
2937
2938         * storage/Database.cpp:
2939         (WebCore::Database::Database):
2940         (WebCore::Database::close): add code to inform the database thread we've closed the database.
2941         (WebCore::Database::performOpenAndVerify): add code to inform the database thread we've opened a database.
2942         * storage/Database.h:
2943         (WebCore::Database::opened): return true iff the underlying sqlite database has been opened but not closed.
2944         * storage/DatabaseThread.cpp:
2945         (WebCore::DatabaseThread::databaseThread): Before the database thread terminates, close any databases that ran transactions in this thread.
2946         (WebCore::DatabaseThread::recordDatabaseOpen): Records a database that executed a transaction in this thread.
2947         (WebCore::DatabaseThread::recordDatabaseClosed): Removes a database from the set of open databases.
2948         * storage/DatabaseThread.h:
2949         (WebCore::DatabaseThread::getThreadID): return the thread id for the database thread.
2950
2951 2009-07-07  Jiahua Huang  <jhuangjiahua@gmail.com>
2952
2953         Reviewed by Jan Alonzo.
2954
2955         [Gtk] Paste of rich text from firefox results garbled markup
2956         https://bugs.webkit.org/show_bug.cgi?id=26791
2957
2958         Fix problem with UTF-16 clipboard pasted.
2959
2960         * manual-tests/gtk/paste-richtext-from-firefox.html: Added.
2961         * platform/gtk/PasteboardGtk.cpp:
2962         (WebCore::Pasteboard::documentFragment):
2963
2964 2009-07-07  Yury Semikhatsky  <yurys@chromium.org>
2965
2966         Reviewed by Timothy Hatcher.
2967
2968         Change 'Continue debug' shortcut from F5 to F8 for consistency with Firebug.
2969
2970         https://bugs.webkit.org/show_bug.cgi?id=23849
2971
2972         * inspector/front-end/ScriptsPanel.js:
2973         (WebInspector.ScriptsPanel):
2974
2975 2009-07-06  Albert J. Wong  <ajwong@chromium.org>
2976
2977         Reviewed by Maciej Stachowiak.
2978
2979         Update RenderThemeChromiumMac for wkDrawMediaUIPart and wkDrawMediaSlider API
2980         change.
2981
2982         Fix compile RenderThemeChromiumMac.mm due to API changes from r45572
2983         https://bugs.webkit.org/show_bug.cgi?id=27018
2984
2985         This is mainly an API change update to fix the chromium compile.  It
2986         also has a small fix of a typo in RenderThemeMac.mm.
2987
2988         Compilation against the head of chromium trunk passed.  Since this is
2989         a compile fix, that should be sufficient.
2990
2991         * rendering/RenderThemeChromiumMac.mm:
2992         (WebCore::):
2993         (WebCore::RenderThemeChromiumMac::paintMediaFullscreenButton):
2994         (WebCore::RenderThemeChromiumMac::paintMediaMuteButton):
2995         (WebCore::RenderThemeChromiumMac::paintMediaPlayButton):
2996         (WebCore::RenderThemeChromiumMac::paintMediaSeekBackButton):
2997         (WebCore::RenderThemeChromiumMac::paintMediaSeekForwardButton):
2998         (WebCore::RenderThemeChromiumMac::paintMediaSliderTrack):
2999         (WebCore::RenderThemeChromiumMac::paintMediaSliderThumb):
3000         * rendering/RenderThemeMac.mm:
3001         (WebCore::):
3002
3003 2009-07-06  David Kilzer  <ddkilzer@apple.com>
3004
3005         Bug 27002: Build fix when DASHBOARD_SUPPORT is disabled with -Wunused-parameter
3006
3007         <https://bugs.webkit.org/show_bug.cgi?id=27002>
3008
3009         Reviewed by Geoff Garen.
3010
3011         * html/CanvasRenderingContext2D.cpp:
3012         (WebCore::CanvasRenderingContext2D::prepareGradientForDashboard):
3013         Mark gradient as an unused parameter when DASHBOARD_SUPPORT is
3014         disabled.
3015
3016 2009-07-06  David Kilzer  <ddkilzer@apple.com>
3017
3018         Bug 27001: Fix improper use of PassRefPtr<Node> to RefPtr<Node>
3019
3020         <https://bugs.webkit.org/show_bug.cgi?id=27001>
3021
3022         Reviewed by Geoff Garen.
3023
3024         PassRefPtr<> should only be used for arguments to functions that
3025         take ownership of the object, or as return values from functions
3026         that relinquish ownership of the object.
3027
3028         * editing/Editor.cpp:
3029         (WebCore::Editor::increaseSelectionListLevelOrdered): Changed
3030         stack-allocated PassRefPtr<Node> to RefPtr<Node> and call
3031         release() on returned object.
3032         (WebCore::Editor::increaseSelectionListLevelUnordered): Ditto.
3033
3034 2009-07-06  Eric Carlson  <eric.carlson@apple.com>
3035
3036         Reviewed by Simon Fraser.
3037
3038         <rdar://problem/7035474> Make new media controller UI default on SnowLeopard
3039
3040         * rendering/RenderThemeMac.mm:
3041         (WebCore::mediaControllerTheme):
3042             New media controller UI is enabled by default on SnowLeopard.
3043
3044 2009-07-06  Nate Chapin  <japhet@chromium.org>
3045
3046         Unreviewed, build fix.
3047
3048         Roll out r45559 to fix Chromium canary.
3049
3050         https://bugs.webkit.org/show_bug.cgi?id=26857
3051
3052         * bindings/scripts/CodeGeneratorV8.pm:
3053         * bindings/v8/V8Binding.cpp: Removed.
3054         * bindings/v8/V8Binding.h:
3055         (WebCore::toInt32):
3056         (WebCore::toWebCoreString):
3057         (WebCore::fromWebCoreString):
3058         (WebCore::toWebCoreStringWithNullCheck):
3059         (WebCore::isUndefinedOrNull):
3060         (WebCore::v8Boolean):
3061         * bindings/v8/V8LazyEventListener.cpp:
3062         (WebCore::V8LazyEventListener::getListenerFunction):
3063         * bindings/v8/V8Proxy.cpp:
3064         (WebCore::handleConsoleMessage):
3065         (WebCore::V8Proxy::compileScript):
3066         (WebCore::V8Proxy::sourceName):
3067         * bindings/v8/WorkerContextExecutionProxy.cpp:
3068         (WebCore::handleConsoleMessage):
3069         * bindings/v8/custom/V8CSSStyleDeclarationCustom.cpp:
3070         (WebCore::NAMED_PROPERTY_SETTER):
3071         * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp:
3072         (WebCore::CALLBACK_FUNC_DECL):
3073         * bindings/v8/custom/V8CustomXPathNSResolver.cpp:
3074         (WebCore::V8CustomXPathNSResolver::lookupNamespaceURI):
3075         * bindings/v8/custom/V8DOMWindowCustom.cpp:
3076         (WebCore::CALLBACK_FUNC_DECL):
3077         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
3078         (WebCore::CALLBACK_FUNC_DECL):
3079         * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp:
3080         (WebCore::ACCESSOR_SETTER):
3081         * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
3082         (WebCore::CALLBACK_FUNC_DECL):
3083         * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
3084         (WebCore::removeElement):
3085         * bindings/v8/custom/V8SQLTransactionCustom.cpp:
3086         (WebCore::CALLBACK_FUNC_DECL):
3087         * bindings/v8/custom/V8WorkerContextCustom.cpp:
3088         (WebCore::SetTimeoutOrInterval):
3089         * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
3090         (WebCore::CALLBACK_FUNC_DECL):
3091
3092 2009-07-06  Eric Carlson  <eric.carlson@apple.com>
3093
3094         Reviewed by Darin Adler.
3095
3096         <rdar://problem/7008093> Media controller can’t be used to scrub when movie is 
3097         narrow — track is too narrow
3098
3099         Do not show media controller time display elements when the a movie is too narrow.
3100
3101         * platform/mac/WebCoreSystemInterface.h:
3102         * platform/mac/WebCoreSystemInterface.mm:
3103             The 'state' parameter to wkDrawMediaUIPart is now an unsigned bitfield.
3104
3105         * rendering/MediaControlElements.cpp:
3106         (WebCore::MediaControlTimeDisplayElement::MediaControlTimeDisplayElement):
3107             Give current time and time remaining controls a common base class.
3108         (WebCore::MediaControlTimeDisplayElement::setVisible):
3109             New method, hide and show the element.
3110         * rendering/MediaControlElements.h:
3111
3112         * rendering/RenderMedia.cpp:
3113         (WebCore::RenderMedia::RenderMedia):
3114             Initialize m_previousVisible.
3115         (WebCore::RenderMedia::layout):
3116             Show/hide the time display elements as the movie width changes.
3117         (WebCore::RenderMedia::createCurrentTimeDisplay):
3118         (WebCore::RenderMedia::createTimeRemainingDisplay):
3119             Base class is now MediaControlTimeDisplayElement, not MediaControlElement.
3120         (WebCore::RenderMedia::shouldShowTimeDisplayControls):
3121             New, decide if time display elements should be visible or not.
3122         * rendering/RenderMedia.h:
3123
3124         * rendering/RenderThemeMac.mm:
3125         (WebCore::):
3126         (WebCore::RenderThemeMac::paintMediaFullscreenButton):
3127         (WebCore::RenderThemeMac::paintMediaMuteButton):
3128         (WebCore::RenderThemeMac::paintMediaPlayButton):
3129         (WebCore::RenderThemeMac::paintMediaSeekBackButton):
3130         (WebCore::RenderThemeMac::paintMediaSeekForwardButton):
3131         (WebCore::RenderThemeMac::paintMediaSliderTrack):
3132         (WebCore::RenderThemeMac::paintMediaSliderThumb):
3133         (WebCore::RenderThemeMac::paintMediaRewindButton):
3134         (WebCore::RenderThemeMac::paintMediaReturnToRealtimeButton):
3135         (WebCore::RenderThemeMac::paintMediaControlsBackground):
3136         (WebCore::RenderThemeMac::paintMediaCurrentTime):
3137         (WebCore::RenderThemeMac::paintMediaTimeRemaining):
3138             The 'state' parameter to wkDrawMediaUIPart is now an unsigned bitfield.
3139
3140 2009-07-06  David Kilzer  <ddkilzer@apple.com>
3141
3142         Bug 27000: Minor clean up to runtime_root.{cpp|h}
3143
3144         <https://bugs.webkit.org/show_bug.cgi?id=27000>
3145
3146         Reviewed by Geoff Garen.
3147
3148         * bridge/runtime_root.cpp: Added blank line between license and
3149         the first #include statement.
3150         * bridge/runtime_root.h: Added comment to #endif.
3151
3152 2009-07-06  Roland Steiner  <rolandsteiner@google.com>
3153
3154         Reviewed by Maciej Stachowiak.
3155
3156         generalize the special height treatment for SVG (to be re-used for ruby):
3157             renamed InlineBox::m_isSVG to m_hasVirtualHeight
3158             renamed InlineBox::isSVG() to hasVirtualHeight()
3159             renamed InlineBox::setIsSVG() to setHasVirtualHeight()
3160
3161         * rendering/InlineBox.cpp:
3162         (WebCore::InlineBox::height):
3163         * rendering/InlineBox.h:
3164         (WebCore::InlineBox::InlineBox):
3165         (WebCore::InlineBox::isText):
3166         (WebCore::InlineBox::setIsText):
3167         (WebCore::InlineBox::isSVGRootInlineBox):
3168         (WebCore::InlineBox::hasVirtualHeight):
3169         (WebCore::InlineBox::setHasVirtualHeight):
3170         (WebCore::InlineBox::virtualHeight):
3171         * rendering/RenderSVGInline.cpp:
3172         (WebCore::RenderSVGInline::createFlowBox):
3173         * rendering/RenderSVGInlineText.cpp:
3174         (WebCore::RenderSVGInlineText::createTextBox):
3175         * rendering/RenderSVGText.cpp:
3176         (WebCore::RenderSVGText::createRootBox):
3177         * rendering/SVGInlineFlowBox.h:
3178         (WebCore::SVGInlineFlowBox::virtualHeight):
3179         * rendering/SVGInlineTextBox.h:
3180         (WebCore::SVGInlineTextBox::virtualHeight):
3181         * rendering/SVGRootInlineBox.h:
3182         (WebCore::SVGRootInlineBox::virtualHeight):
3183
3184 2009-07-06  Alice Liu  <alice.liu@apple.com>
3185
3186         Reviewed by Darin Adler.
3187
3188         REGRESSION(r45285): focus rings are black on windows safari
3189         https://bugs.webkit.org/show_bug.cgi?id=26821
3190         <rdar://problem/7018252>
3191
3192         Add a mechanism for setting a custom focus ring color, and relocate the 
3193         determination of focus ring color to base class RenderTheme.
3194
3195         No new tests.  Already-existing tests run in pixel mode would have caught this regression
3196
3197         * css/CSSStyleSelector.cpp:
3198         (WebCore::CSSStyleSelector::getColorFromPrimitiveValue): Move the responsibility
3199         of determining focus color to base class RenderTheme.
3200         * rendering/RenderTheme.cpp:
3201         (WebCore::customFocusRingColor): Added static local.
3202         (WebCore::RenderTheme::setCustomFocusRingColor): Added
3203         (WebCore::RenderTheme::focusRingColor): Use custom color over platform color.
3204         * rendering/RenderTheme.h:
3205         (WebCore::RenderTheme::platformFocusRingColor): default implementation, black color
3206         * rendering/RenderThemeSafari.cpp:
3207         (WebCore::RenderTheme::themeForPage): Circumstances that lead to returning the RenderThemeWin
3208         are the same under which we want to use the focus ring color from SafariTheme.
3209         (WebCore::RenderThemeSafari::platformFocusRingColor): Renamed from focusRingColor
3210         * rendering/RenderThemeSafari.h:
3211
3212         Renaming focusRingColor to platformFocusRingColor in these files:
3213         * rendering/RenderThemeChromiumMac.h:
3214         * rendering/RenderThemeChromiumMac.mm:
3215         (WebCore::RenderThemeChromiumMac::platformFocusRingColor):
3216         * rendering/RenderThemeChromiumSkia.cpp:
3217         (WebCore::RenderThemeChromiumSkia::platformFocusRingColor):
3218         * rendering/RenderThemeChromiumSkia.h:
3219         * rendering/RenderThemeMac.h:
3220         * rendering/RenderThemeMac.mm:
3221         (WebCore::RenderThemeMac::platformFocusRingColor):
3222
3223         Cleanup leftover from removal of WebCore::Color in r45285 in these files:
3224         * WebCore.order:
3225         * platform/graphics/Color.h:
3226
3227 2009-07-06  Shinichiro Hamaji  <hamaji@chromium.org>
3228
3229         Reviewed by David Hyatt.
3230
3231         Bug 15135: REGRESSION (r19843-r19850): Changing a flexbox's
3232         contents makes its container scroll to the top
3233         https://bugs.webkit.org/show_bug.cgi?id=15135
3234
3235         Delay updateing scroll bar of descendants of flexbox until their
3236         positions are determined.  In this way we can prevent descendants
3237         of flexible boxes from changing positions of their scrollbars
3238         using tentative positions.
3239
3240         Test: fast/flexbox/repaint-scrollbar.html
3241
3242         * rendering/RenderBlock.cpp:
3243         (WebCore::RenderBlock::startDelayUpdateScrollInfo):
3244         (WebCore::RenderBlock::finishDelayUpdateScrollInfo):
3245         (WebCore::RenderBlock::updateScrollInfoAfterLayout):
3246         (WebCore::RenderBlock::layoutBlock):
3247         (WebCore::RenderBlock::layoutOnlyPositionedObjects):
3248         * rendering/RenderBlock.h:
3249         * rendering/RenderFlexibleBox.cpp:
3250         (WebCore::RenderFlexibleBox::layoutHorizontalBox):
3251         (WebCore::RenderFlexibleBox::layoutVerticalBox):
3252
3253 2009-07-06  Hironori Bono  <hbono@chromium.org>
3254
3255         Reviewed by Maciej Stachowiak.
3256
3257         Make unconfirmed IME text affect textarea's value.
3258         This matches input and contentEditable elements as well
3259         IE and Firefox.
3260
3261         This fixes https://bugs.webkit.org/show_bug.cgi?id=25061.
3262
3263         Input elements would go down this code path because it
3264         would always get a null compositionNode from frame->editor().
3265         Special casing compositionNodes is wrong because we explicitly
3266         want unconfirmed IME input in the textarea's value (assuming we
3267         want to match IE and Firefox here).
3268
3269         This change is originally created by Ojan Vafai <ojan@chromium.org> and
3270         I just changed its manual tests with an automated test on his behalf.
3271
3272         Test: platform/mac/editing/input/text-control-ime-input.html
3273
3274         * rendering/RenderTextControl.cpp:
3275         (WebCore::RenderTextControl::text):
3276         (WebCore::RenderTextControl::textWithHardLineBreaks):
3277
3278 2009-07-06  Anders Carlsson  <andersca@apple.com>
3279
3280         Reviewed by Adele Peterson.
3281
3282         Add the ability for wheel events to latch to a node.
3283         
3284         * WebCore.base.exp:
3285         * page/EventHandler.cpp:
3286         (WebCore::EventHandler::EventHandler):
3287         (WebCore::EventHandler::clear):
3288         (WebCore::EventHandler::handleWheelEvent):
3289         * page/EventHandler.h:
3290         * page/mac/EventHandlerMac.mm:
3291         (WebCore::EventHandler::wheelEvent):
3292         * platform/mac/WebCoreSystemInterface.h:
3293         * platform/mac/WebCoreSystemInterface.mm:
3294
3295 2009-07-06  Nate Chapin  <japhet@chromium.org>
3296
3297         Reviewed by Dimitri Glazkov.
3298
3299         Fix a bunch of layout test crahses in Chromium caused by a bad usage of DEFINE_STATIC_LOCAL.
3300
3301         https://bugs.webkit.org/show_bug.cgi?id=26997
3302
3303         * bindings/v8/V8Binding.cpp:
3304         (WebCore::v8ValueToWebCoreString): Use a regular static declaration instead of DEFINE_STATIC_LOCAL.
3305
3306 2009-07-06  Pavel Feldman  <pfeldman@chromium.org>
3307
3308         Reviewed by Timothy Hatcher.
3309
3310         WebInspector: suggest global properties based on async evaluation.
3311
3312         https://bugs.webkit.org/show_bug.cgi?id=26976
3313
3314         Before this change, empty string was evaluated to the global object
3315         (or scope chain object) synchronously. This is now fixed and global
3316         object is evaluated using the same control flow.
3317
3318         * inspector/front-end/Console.js:
3319         (WebInspector.Console.prototype.completions):
3320         (WebInspector.Console.prototype._evalInInspectedWindow):
3321         * inspector/front-end/ScriptsPanel.js:
3322         (WebInspector.ScriptsPanel.prototype._variablesInScope):
3323
3324 2009-07-06  Ojan Vafai  <ojan@chromium.org>
3325
3326         Reviewed by Eric Seidel.
3327
3328         Fix crash when indenting in an empty table cell.
3329         https://bugs.webkit.org/show_bug.cgi?id=26872
3330
3331         The crash is that we would call splitTreeToNode where the node
3332         and the nodeToSplitTo were the same node.
3333
3334         Test: editing/execCommand/indent-empty-table-cell.html
3335
3336         * editing/CompositeEditCommand.cpp:
3337         (WebCore::CompositeEditCommand::splitTreeToNode):
3338         Added an assert in that node and nodeToSplitTo
3339         are different nodes to make this assumption explicit.
3340
3341         * editing/IndentOutdentCommand.cpp:
3342         (WebCore::IndentOutdentCommand::isAtUnsplittableElement):
3343         (WebCore::IndentOutdentCommand::indentRegion):
3344         * editing/IndentOutdentCommand.h:
3345
3346 2009-07-06  Nate Chapin  <japhet@chromium.org>
3347
3348         Reviewed by David Levin.
3349
3350         Upstream V8Binding and update some function names.
3351
3352         https://bugs.webkit.org/show_bug.cgi?id=26857
3353
3354         * bindings/scripts/CodeGeneratorV8.pm: Update function names in auto-generated files.
3355         * bindings/v8/V8Binding.cpp: Upstreamed from src.chromium.org.
3356         * bindings/v8/V8Binding.h: Upstreamed from src.chromium.org.
3357         * bindings/v8/V8LazyEventListener.cpp:
3358         (WebCore::V8LazyEventListener::getListenerFunction):
3359         * bindings/v8/V8Proxy.cpp:
3360         (WebCore::handleConsoleMessage):
3361         (WebCore::V8Proxy::compileScript):
3362         (WebCore::V8Proxy::sourceName):
3363         * bindings/v8/WorkerContextExecutionProxy.cpp:
3364         (WebCore::handleConsoleMessage):
3365         * bindings/v8/custom/V8CSSStyleDeclarationCustom.cpp:
3366         (WebCore::NAMED_PROPERTY_SETTER):
3367         * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp:
3368         (WebCore::CALLBACK_FUNC_DECL):
3369         * bindings/v8/custom/V8CustomXPathNSResolver.cpp:
3370         (WebCore::V8CustomXPathNSResolver::lookupNamespaceURI):
3371         * bindings/v8/custom/V8DOMWindowCustom.cpp:
3372         (WebCore::CALLBACK_FUNC_DECL):
3373         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
3374         (WebCore::CALLBACK_FUNC_DECL):
3375         * bindings/v8/custom/V8HTMLIFrameElementCustom.cpp:
3376         (WebCore::ACCESSOR_SETTER):
3377         * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
3378         (WebCore::CALLBACK_FUNC_DECL):
3379         * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
3380         (WebCore::removeElement):
3381         * bindings/v8/custom/V8SQLTransactionCustom.cpp:
3382         (WebCore::CALLBACK_FUNC_DECL):
3383         * bindings/v8/custom/V8WorkerContextCustom.cpp:
3384         (WebCore::SetTimeoutOrInterval):
3385         * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
3386         (WebCore::CALLBACK_FUNC_DECL):
3387
3388 2009-07-06  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>
3389
3390         Reviewed by Jan Alonzo.
3391
3392         Use soup's content sniffing
3393         https://bugs.webkit.org/show_bug.cgi?id=26982
3394
3395         Drop our hackish content sniffing code, and use the new libsoup
3396         feature to do that job for us.
3397
3398         Testing this is in a cross-platform way is not obvious or possible
3399         while we are using platform-specific code for sniffing.
3400
3401         * platform/network/ResourceHandleInternal.h:
3402         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
3403         * platform/network/soup/ResourceHandleSoup.cpp:
3404         (WebCore::gotHeadersCallback):
3405         (WebCore::contentSniffedCallback):
3406         (WebCore::gotChunkCallback):
3407         (WebCore::ResourceHandle::startHttp):
3408
3409 2009-07-05  Antonio Gomes  <antonio.gomes@openbossa.org>
3410
3411         Reviewed by Darin Adler.
3412
3413         REGRESSION (r40499): fast/dom/cssTarget-crash.html fails
3414         https://bugs.webkit.org/show_bug.cgi?id=20342
3415
3416         Re-added code removed by commit r40499.
3417         Without this, both Qt and Mac were crashing while running the test.
3418
3419         Note that this does not entirely fix the bug. It fixes the WebCore
3420         crash, but the test no longer seems to work due to loader changes.
3421         So this patch does not reenable the test. The test probably has to
3422         be rewritten.
3423
3424         * dom/ContainerNode.cpp:
3425         (WebCore::ContainerNode::removedFromDocument): Re-added code to
3426         set the CSS target of the document to 0.
3427
3428 2009-07-05  Chris Marrin  <cmarrin@apple.com>
3429
3430         Reviewed by Simon Fraser.
3431
3432         https://bugs.webkit.org/show_bug.cgi?id=26943
3433
3434         When one transition finishes slightly before another the longer
3435         one will fire a second time. This is because the second
3436         ImplicitAnmation object is culled too early, before its final
3437         RenderStyle is in place. This is done by cleanupFinishedAnimations()
3438         so I got rid of that method completely and now cleanup each
3439         transition or animation at the point where I am setting the final
3440         style, or when I detect that the transition or animation has been
3441         terminated early (which happens when you remove it from the style).
3442
3443         Test: transitions/extra-transition.html
3444
3445         * page/animation/AnimationController.cpp:
3446         (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
3447         * page/animation/CompositeAnimation.cpp:
3448         (WebCore::CompositeAnimation::updateTransitions):
3449         (WebCore::CompositeAnimation::updateKeyframeAnimations):
3450         (WebCore::CompositeAnimation::animate):
3451         * page/animation/CompositeAnimation.h:
3452
3453         * page/animation/AnimationBase.cpp:
3454         (WebCore::AnimationBase::getTimeToNextEvent):
3455         Avoid a divide by zero if m_animation->duration() is zero, which can happen
3456         if the duration is changed to zero while the animation is running.
3457
3458 2009-07-05  Simon Fraser  <simon.fraser@apple.com>
3459
3460         Revert the previous commit because it broke the
3461         animations/transition-and-animation-1.html
3462         testcase.
3463
3464         * page/animation/AnimationBase.cpp:
3465         (WebCore::AnimationBase::getTimeToNextEvent):
3466         * page/animation/AnimationController.cpp:
3467         (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
3468         * page/animation/CompositeAnimation.cpp:
3469         (WebCore::CompositeAnimation::updateTransitions):
3470         (WebCore::CompositeAnimation::updateKeyframeAnimations):
3471         (WebCore::CompositeAnimation::animate):
3472         (WebCore::CompositeAnimation::cleanupFinishedAnimations):
3473         * page/animation/CompositeAnimation.h:
3474
3475 2009-07-05  Chris Marrin  <cmarrin@apple.com>
3476
3477         Reviewed by Simon Fraser.
3478
3479         https://bugs.webkit.org/show_bug.cgi?id=26943
3480
3481         When one transition finishes slightly before another the longer
3482         one will fire a second time. This is because the second 
3483         ImplicitAnmation object is culled too early, before its final
3484         RenderStyle is in place. This is done by cleanupFinishedAnimations()
3485         so I got rid of that method completely and now cleanup each 
3486         transition or animation at the point where I am setting the final
3487         style, or when I detect that the transition or animation has been
3488         terminated early (which happens when you remove it from the style).
3489
3490         Test: transitions/extra-transition.html
3491
3492         * page/animation/AnimationController.cpp:
3493         (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
3494         * page/animation/CompositeAnimation.cpp:
3495         (WebCore::CompositeAnimation::updateTransitions):
3496         (WebCore::CompositeAnimation::updateKeyframeAnimations):
3497         (WebCore::CompositeAnimation::animate):
3498         * page/animation/CompositeAnimation.h:
3499
3500         * page/animation/AnimationBase.cpp:
3501         (WebCore::AnimationBase::getTimeToNextEvent):
3502         Avoid a divide by zero if m_animation->duration() is zero, which can happen
3503         if the duration is changed to zero while the animation is running.
3504
3505 2009-07-05  Lars Knoll  <lars.knoll@nokia.com>
3506
3507         Reviewed by Maciej Stachowiak.
3508
3509         https://bugs.webkit.org/show_bug.cgi?id=26843
3510
3511         Fix run-time crashes in JavaScriptCore with the Metrowerks compiler on Symbian.
3512
3513         The Metrowerks compiler on the Symbian platform moves the globally
3514         defined Hashtables into read-only memory, despite one of the members
3515         being mutable. This causes crashes at run-time due to write access to
3516         read-only memory.
3517
3518         Avoid the use of const with this compiler by introducing the
3519         JSC_CONST_HASHTABLE macro.
3520
3521         Based on idea by Norbert Leser.
3522
3523         * bindings/scripts/CodeGeneratorJS.pm: Use JSC_CONST_HASHTABLE for hash tables
3524         define in the bindings.
3525
3526 2009-07-05  Rob Buis  <rwlbuis@gmail.com>
3527
3528         Reviewed by Maciej Stachowiak.
3529
3530         Bug 26897 - Dynamic SVG images do not display correctly
3531         https://bugs.webkit.org/show_bug.cgi?id=26897
3532
3533         Use repaint() to fix a rendering problem with a SVG image embedded in xhtml.
3534
3535         Test: svg/custom/createImageElement2.xhtml
3536
3537         * rendering/RenderSVGImage.cpp:
3538         (WebCore::RenderSVGImage::imageChanged):
3539
3540 2009-07-05  Xan Lopez  <xlopez@igalia.com>
3541
3542         Reviewed by Jan Alonzo.
3543
3544         https://bugs.webkit.org/show_bug.cgi?id=26960
3545         [Gtk] caret offset not updated when selecting text
3546
3547         Report the caret offset from the end of the selection so it works
3548         correctly for multi-char selections too (ie, anything that is not
3549         the zero width caret).
3550
3551         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3552         (webkit_accessible_text_get_caret_offset):
3553
3554 2009-07-05  Holger Hans Peter Freyther  <zecke@selfish.org>
3555
3556         Unreviewed link fix for Qt.
3557
3558         Fix Qt link error by adding two new localized strings
3559
3560         In r45474 two new strings got added to LocalizedStrings.h add
3561         the definition of them to Qt.
3562
3563         * platform/qt/Localizations.cpp:
3564         (WebCore::mediaElementLoadingStateText):
3565         (WebCore::mediaElementLiveBroadcastStateText):
3566
3567 2009-07-03  Darin Adler  <darin@apple.com>
3568
3569         Reviewed by Adele Peterson.
3570
3571         REGRESSION (r44670-r44680): Typing is suprisingly slow in password field on reddit.com
3572         https://bugs.webkit.org/show_bug.cgi?id=26959
3573         rdar://problem/7029882
3574
3575         The code to handle iteration boundaries was malfunctioning when the boundary was
3576         at the edge of a shadow tree. This happens all the time with <input> elements.