2011-02-03 Anton Muhin <antonm@chromium.org>
[WebKit.git] / Source / WebCore / ChangeLog
1 2011-02-03  Anton Muhin  <antonm@chromium.org>
2
3         Reviewed by Adam Barth.
4
5         [v8] frame several more JS code invocations into v8::TryCatch
6         https://bugs.webkit.org/show_bug.cgi?id=53594
7
8         This patch is preemptive and adjusts v8 bindings code to forthcoming small change
9         in v8::ThrowException---currently sometimes exceptions thrown by this method
10         do not reach surrounding v8::TryCatch handler (see
11         http://code.google.com/p/v8/issues/detail?id=1072 and
12         http://codereview.chromium.org/6397011/).  Therefore the goal of this patch
13         is to make forthcoming v8 roll as smooth as possible (alas, we'll still need
14         one rebaseline as of now.)
15
16         * bindings/v8/V8Proxy.cpp:
17         (WebCore::V8Proxy::runScript): Do not rely on empty handle as a signal of exception, wrap into v8::TryCatch instead
18         * bindings/v8/V8WindowErrorHandler.cpp:
19         (WebCore::V8WindowErrorHandler::callListenerFunction): Ditto
20
21 2011-02-03  Maciej Stachowiak  <mjs@apple.com>
22
23         Reviewed by Dan Bernstein.
24
25         WebKit2: Need WebKit2 equivalent of WebResourceLoadDelegate::willSendRequest in the Bundle
26         https://bugs.webkit.org/show_bug.cgi?id=52897
27         <rdar://problem/8898294>
28
29         * WebCore.exp.in: Add export now needed by WebKit2
30
31 2011-02-03  Victoria Kirst  <vrk@google.com>
32
33         Reviewed by James Robinson.
34
35         Replaces float literals with uniform values in shader code
36         so that buggy drivers unable to parse float values in different
37         locales will not produce a pink video.
38
39         [chromium] Fix pink video bug with gpu-acceleration enabled
40         https://bugs.webkit.org/show_bug.cgi?id=53568
41
42         * platform/graphics/chromium/VideoLayerChromium.cpp:
43         (WebCore::VideoLayerChromium::SharedValues::SharedValues):
44         (WebCore::VideoLayerChromium::drawYUV):
45         * platform/graphics/chromium/VideoLayerChromium.h:
46         (WebCore::VideoLayerChromium::SharedValues::signAdjLocation):
47
48 2011-02-03  James Kozianski  <koz@chromium.org>
49
50         Reviewed by Dimitri Glazkov.
51
52         Add navigator.registerProtocolHandler behind a flag.
53         https://bugs.webkit.org/show_bug.cgi?id=52609
54
55         This method is described in the HTML5 specification here,
56         http://dev.w3.org/html5/spec/Overview.html#dom-navigator-registerprotocolhandler
57
58         This change is largely cribbed from B. Green's 29651 patches. It is
59         behind a flag so as not to break JS feature detection.
60
61         New layout test fast/dom/registerProtocolHandler.html.
62
63         * Configurations/FeatureDefines.xcconfig:
64         * loader/EmptyClients.h:
65         (WebCore::EmptyChromeClient::registerProtocolHandler):
66         * page/Chrome.cpp:
67         (WebCore::Chrome::registerProtocolHandler):
68         * page/Chrome.h:
69         * page/ChromeClient.h:
70         * page/Navigator.cpp:
71         (WebCore::verifyCustomHandlerURL):
72         (WebCore::verifyProtocolHandlerScheme):
73         (WebCore::Navigator::registerProtocolHandler):
74         * page/Navigator.h:
75         * page/Navigator.idl:
76
77 2011-02-03  Brian Ryner  <bryner@chromium.org>
78
79         Reviewed by Darin Fisher.
80
81         Add a field to the ResourceResponse for tracking the socket address
82         of the host that the resource was fetched from.  Patch was originally
83         by Paul Marks.
84         https://bugs.webkit.org/show_bug.cgi?id=53699
85
86         * platform/network/chromium/ResourceResponse.cpp:
87         (WebCore::ResourceResponse::doPlatformCopyData):
88         (WebCore::ResourceResponse::doPlatformAdopt):
89         * platform/network/chromium/ResourceResponse.h:
90         (WebCore::ResourceResponse::socketAddress):
91         (WebCore::ResourceResponse::setSocketAddress):
92
93 2011-02-03  Adam Langley  <agl@chromium.org>
94
95         Reviewed by Adam Barth.
96
97         Plumb mixed script URL to FrameLoaderClient
98         https://bugs.webkit.org/show_bug.cgi?id=52384
99
100         Regressions covered by http/tests/security/mixedContent/*
101
102         * loader/EmptyClients.h:
103         (WebCore::EmptyFrameLoaderClient::didRunInsecureContent):
104         * loader/FrameLoader.cpp:
105         (WebCore::FrameLoader::checkIfRunInsecureContent):
106         * loader/FrameLoaderClient.h:
107
108 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
109
110         Reviewed by Dan Bernstein.
111
112         REGRESSION: Artifacts on box-shadow corners in some cases
113         https://bugs.webkit.org/show_bug.cgi?id=53731
114
115         Fix overdrawing artifacts in ShadowBlur's tiling code path,
116         which show up in shadows using a color with alpha.
117         
118         Test: fast/box-shadow/shadow-tiling-artifact.html
119
120         * platform/graphics/ShadowBlur.cpp:
121         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ensure
122         that the inner rect that gets filled does not overlap with any
123         of the eight tiled areas by having the corner and side dimensions
124         be the same for contiguous areas.
125
126 2011-02-03  Adam Barth  <abarth@webkit.org>
127
128         Reviewed by Alexey Proskuryakov.
129
130         XSS Auditor is spinning inside decodeURLEscapeSequences() if there are
131         percent signs in large posted data
132         https://bugs.webkit.org/show_bug.cgi?id=53405
133
134         If the input string contains many non-% characters followed by a %
135         character that is not a valid URL escape sequence, then the old
136         algorithm would only advance the initial search by one character
137         (instead of jumping to just after the % character).  That would cause
138         the algorithm to take N^2 time (in the number of characters before the
139         first % character).  This patch just advances the search past the first
140         % character so we can start looking for next % character sooner.
141
142         * platform/KURL.cpp:
143         (WebCore::decodeURLEscapeSequences):
144
145 2011-02-03  Pavel Podivilov  <podivilov@chromium.org>
146
147         Reviewed by Pavel Feldman.
148
149         Web Inspector: click on a breakpoint highlights wrong line in source frame.
150         https://bugs.webkit.org/show_bug.cgi?id=53692
151
152         * inspector/front-end/BreakpointsSidebarPane.js:
153         (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._setupBreakpointElement):
154
155 2011-02-03  Anton Muhin  <antonm@chromium.org>
156
157         Reviewed by Adam Barth.
158
159         [v8] Bail out if to string conversion returned empty handle
160         https://bugs.webkit.org/show_bug.cgi?id=53687
161
162         This a temporary measure: actually one probably should never get empty handle
163         if there was no exception.  The root cause is under investigation.
164         The bailout though allows Chromium not to crash---attempt to convert an empty
165         v8 hande into WebCore string crashes with invalid memory access.
166
167         See http://code.google.com/p/chromium/issues/detail?id=71544
168
169         There is no known reduction expressible as a layout test so far.  The crash found with automated testing tools.
170
171         * bindings/v8/V8Binding.cpp:
172         (WebCore::v8NonStringValueToWebCoreString): Bail out on empty handle
173         * bindings/v8/V8Binding.h:
174         (WebCore::V8ParameterBase::prepareBase): Ditto
175
176 2011-02-03  Adam Barth  <abarth@webkit.org>
177
178         Attempt to fix Chromium build.
179
180         * html/parser/XSSFilter.cpp:
181
182 2011-02-03  Dirk Pranke  <dpranke@chromium.org>
183
184         Unreviewed, rolling out r77562.
185         http://trac.webkit.org/changeset/77562
186         https://bugs.webkit.org/show_bug.cgi?id=53630
187
188         broke chromium mac build
189
190         * WebCore.gyp/WebCore.gyp:
191         * WebCore.gyp/mac/check_objc_rename.sh: Removed.
192
193 2011-02-03  Adam Barth  <abarth@webkit.org>
194
195         Reviewed by Daniel Bates.
196
197         XSS Auditor severely affects loading performance after submitting a large form
198         https://bugs.webkit.org/show_bug.cgi?id=49845
199
200         Switch over from the XSSAuditor to the XSSFilter, improving performance
201         on this example.
202
203         * html/parser/XSSFilter.cpp:
204         (WebCore::XSSFilter::filterToken):
205         * page/XSSAuditor.cpp:
206         (WebCore::XSSAuditor::isEnabled):
207
208 2011-02-03  Dirk Pranke  <dpranke@chromium.org>
209
210         Unreviewed, rolling out r77567.
211         http://trac.webkit.org/changeset/77567
212         https://bugs.webkit.org/show_bug.cgi?id=53468
213
214         broke chromium linux svg, canvas tests, possibly win also?
215
216         * platform/graphics/skia/ImageBufferSkia.cpp:
217         (WebCore::getImageData):
218         (WebCore::ImageBuffer::getUnmultipliedImageData):
219         (WebCore::ImageBuffer::getPremultipliedImageData):
220         (WebCore::putImageData):
221         (WebCore::ImageBuffer::putUnmultipliedImageData):
222         (WebCore::ImageBuffer::putPremultipliedImageData):
223
224 2011-02-02  MORITA Hajime  <morrita@google.com>
225
226         Reviewed by Dimitri Glazkov.
227
228         Refactoring: <progress> should not use ShadowElement
229         https://bugs.webkit.org/show_bug.cgi?id=53583
230
231         - Introduced RenderIndicatorPart and RenderProgressBarValuePart
232           to be responsible for bar-part layout,
233           which adopted layout logic from ShadowBlockElement.
234         - ProgressBarValueElement is no longer a subclass of ShadowBlockElement.
235         - Remove dependency from RenderProgress to HTMLProgressElement and
236           ShadowBlockElement.
237         - The shadow tree is no longer removed on detach(). It becomes persistent.
238           This is now possible because the ShadowBlockElement dependency is gone.
239         - ::-webkit-appearance for -webkit-progress-bar-value is no longer referred.
240           That didn't make sense.
241
242         * html/HTMLProgressElement.cpp:
243         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
244         * html/HTMLProgressElement.h:
245         * html/shadow/ProgressBarValueElement.h: Added.
246         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
247         (WebCore::ProgressBarValueElement::shadowPseudoId):
248         (WebCore::ProgressBarValueElement::createRenderer):
249         (WebCore::ProgressBarValueElement::create):
250         * rendering/RenderIndicator.cpp:
251         (WebCore::RenderIndicatorPart::RenderIndicatorPart):
252         (WebCore::RenderIndicatorPart::~RenderIndicatorPart):
253         (WebCore::RenderIndicatorPart::layout):
254         (WebCore::RenderIndicatorPart::styleDidChange):
255         * rendering/RenderIndicator.h: Added RenderIndicatorPart class
256         (WebCore::RenderIndicatorPart::originalVisibility):
257         (WebCore::RenderIndicatorPart::requiresForcedStyleRecalcPropagation):
258         (WebCore::RenderIndicatorPart::canHaveChildren):
259         * rendering/RenderProgress.cpp:
260         (WebCore::RenderProgressBarValuePart::preferredFrameRect):
261         (WebCore::RenderProgressBarValuePart::shouldBeHidden):
262         (WebCore::RenderProgress::updateFromElement):
263         (WebCore::RenderProgress::layoutParts):
264         (WebCore::RenderProgress::shouldHaveParts):
265         * rendering/RenderProgress.h:
266         (WebCore::RenderProgressBarValuePart::RenderProgressBarValuePart):
267
268 2011-02-03  Jia Pu  <jpu@apple.com>
269
270         Reversion should not be marked as misspelled.
271         https://bugs.webkit.org/show_bug.cgi?id=53255
272
273         This patch includes fix for reported bug, and also some housekeeping changes.
274
275         To implement desired behavior, we need:
276         1. Add a new marker type, SpellCheckingExemption, since now we distingusish between text
277            that shouldn't be spellchecked and text shouldn't be autocorrected.
278         2. Make sure that there is no pending correction panel when we enter markAllMisspellingsAndBadGrammarInRanges().
279            Otherwise the spell checking code in that function may interfere with autocorrection. This
280            is achieved by explicitly applying pending correction when user types space, line break or
281            paragraph break.
282
283         Housekeeping code changes include:
284         1. Change manual-tests that were broken by relocated WebCore directory.
285         2. Use TextIterator in various DocumentMarkerController functions instead of using
286            Node::traverseNextNode() directly.
287         3. Allow passing multiple marker types into DocumentMarkerController::removeMarkers() and
288            DocumentMarkerController::hasMarkers() to improve clarity and efficiency.
289         4. Fixes of minor bugs that were exposed previously.
290
291         * WebCore.exp.in: Change signature of DocumentMarkerController::removeMarkers().
292
293         * dom/DocumentMarker.h: Added new marker type SpellCheckingExemption.
294
295         * dom/DocumentMarkerController.cpp:
296         (WebCore::DocumentMarkerController::removeMarkers): Use TextIterator to scan the range to be
297            consistent with addMarker() function. Allow passing in multiple marker types in one call.
298            Added a boolean argument to specify the behavior when removing markers that partially
299            overlap the specified range.
300         (WebCore::DocumentMarkerController::removeMarkersFromMarkerMapVectorPair): Allow passing in
301            multiple marker types in one call.
302         (WebCore::DocumentMarkerController::hasMarkers): Use TextIterator to scan the range to be
303            consistent with addMarker() function. Allow passing in multiple marker types in one call.
304
305         * dom/DocumentMarkerController.h: Allow passing in multiple marker types to removeMarkers()
306            and hasMarkers(). Added a boolean argument to removeMarkers() to specify the behavior when
307            removing markers that partially overlap the specified range.
308
309         * editing/Editor.cpp:
310         (WebCore::markerTypesForAutocorrection): Add SpellCheckingExemption marker when apply correction.
311         (WebCore::markerTypesForReplacement): Ditto.
312         (WebCore::Editor::respondToChangedSelection): Reordered call to dismissCorrectionPanel() and
313            setSelection() to make sure there is no pending correction when entering
314            markAllMisspellingsAndBadGrammarInRanges().
315         (WebCore::Editor::appliedEditing): Only remove CorrectionIndicator markers when the command
316            is a top level command to improve efficiency.
317         (WebCore::Editor::insertTextWithoutSendingTextEvent): Added code to applying pending correction.
318         (WebCore::Editor::insertLineBreak): Ditto.
319         (WebCore::Editor::insertParagraphSeparator): Ditto.
320         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges): Don't mark mispelling if the
321            text carries SpellCheckingExemption marker.
322         (WebCore::Editor::correctionPanelTimerFired): Reset correction panel if the returned suggestion
323            from spellchecker is an empty string.
324         (WebCore::Editor::removeSpellAndCorrectionMarkersFromWordsToBeEdited):
325            Use new DocumentMarkerController::removeMarkers() to replace custom implemenation to improve
326            efficiency and readability.
327         (WebCore::Editor::applyCorrectionPanelInfo): Remove the code that set caret position after
328            applying correction, since it's unnecessary. Also, store pre-correction string together with
329            the marker for reversion panel to use.
330         (WebCore::Editor::applyAutocorrectionBeforeTypingIfAppropriate): Apply pending correction.
331         (WebCore::Editor::changeSelectionAfterCommand): Moved marker removal code to Editor::appliedEditing()
332            where we have access to EditCommand object.
333
334         * editing/Editor.h: Added new function applyAutocorrectionAfterTypingIfAppropriate().
335
336         * manual-tests/autocorrection/autocorrection-cancelled-by-ESC.html: Change manual-tests that
337            were broken by relocated WebCore directory.
338
339         * manual-tests/autocorrection/autocorrection-cancelled-by-typing-1.html: Ditto.
340
341         * manual-tests/autocorrection/autocorrection-contraction.html: Ditto.
342
343         * manual-tests/autocorrection/continue-typing-to-dismiss-reversion.html: Ditto.
344
345         * manual-tests/autocorrection/delete-to-dismiss-reversion.html: Ditto.
346
347         * manual-tests/autocorrection/delete-to-end-of-word-to-show-reversion.html: Ditto.
348
349         * manual-tests/autocorrection/dismiss-multiple-guesses.html: Ditto.
350
351         * manual-tests/autocorrection/move-to-end-of-word-to-show-reversion.html: Ditto.
352
353         * manual-tests/autocorrection/select-from-multiple-guesses.html: Ditto.
354
355         * manual-tests/autocorrection/spell-checking-after-reversion.html: Added.
356
357         * manual-tests/autocorrection/type-whitespace-to-dismiss-reversion.html: Change manual-tests that
358            were broken by relocated WebCore directory.
359
360         * rendering/InlineTextBox.cpp:
361         (WebCore::InlineTextBox::paintDocumentMarkers): Code clean-up to be more concise.
362
363 2011-02-03  Abhishek Arya  <inferno@chromium.org>
364
365         Unreviewed, qt build fix.
366
367         * rendering/RenderBlock.cpp:
368         (WebCore::RenderBlock::removeFloatingObject):
369
370 2011-02-03  Brian Salomon  <bsalomon@google.com>
371
372         Reviewed by James Robinson.
373
374         Handle non-raster backed images in getUnmultipliedImageData()
375         https://bugs.webkit.org/show_bug.cgi?id=53468
376
377         No new tests. Existing canvas tests sufficient
378         LayoutTests/canvas/philip/...
379
380         * platform/graphics/skia/ImageBufferSkia.cpp:
381         (WebCore::getImageData):
382         (WebCore::ImageBuffer::getUnmultipliedImageData):
383         (WebCore::ImageBuffer::getPremultipliedImageData):
384         (WebCore::putImageData):
385         (WebCore::ImageBuffer::putUnmultipliedImageData):
386         (WebCore::ImageBuffer::putPremultipliedImageData):
387
388 2011-02-03  Abhishek Arya  <inferno@chromium.org>
389
390         Reviewed by James Robinson.
391
392         Enforce more limits on root inline boxes height calculations.
393         https://bugs.webkit.org/show_bug.cgi?id=53729
394
395         Test: fast/overflow/overflow-height-float-not-removed-crash.html
396
397         * rendering/RenderBlock.cpp:
398         (WebCore::RenderBlock::removeFloatingObject): prevent logicalBottom to
399         become negative when logicalTop is INT_MAX.
400         (WebCore::RenderBlock::markLinesDirtyInBlockRange): when logicalBottom
401         is INT_MAX, we should dirty everything. So, we bail out to make
402         afterLowest equal to the lastRootBox() or lowestDirstLine.
403
404 2011-02-03  David Levin  <levin@chromium.org>
405
406         Reviewed by Adam Barth and Oliver Hunt.
407
408         Worker.importScript() should clean errors for cross origin imports.
409         https://bugs.webkit.org/show_bug.cgi?id=52871
410
411         Test: http/tests/workers/worker-importScriptsOnError.html
412
413         * bindings/js/WorkerScriptController.cpp:
414         (WebCore::WorkerScriptController::evaluate): Use sanitizeScriptError
415         to determine when to create a clean exception.
416         * bindings/v8/WorkerContextExecutionProxy.cpp:
417         (WebCore::WorkerContextExecutionProxy::evaluate): Ditto.
418         * dom/ScriptExecutionContext.cpp:
419         (WebCore::ScriptExecutionContext::sanitizeScriptError): Figure out
420         if the error needs to be cleaned up.
421         (WebCore::ScriptExecutionContext::dispatchErrorEvent): Extracted
422         sanitizeScriptError for use by other places.
423         * dom/ScriptExecutionContext.h:
424         * workers/WorkerContext.cpp:
425         (WebCore::WorkerContext::importScripts): Use the reponse url when
426         telling the evaluate where the script came fro.
427         * workers/WorkerScriptLoader.cpp:
428         (WebCore::WorkerScriptLoader::responseURL): Expose the url that
429         the script was loaded from (which may be different from url() due
430         to redirects).
431         (WebCore::WorkerScriptLoader::didReceiveResponse): Capture the reponse url.
432         * workers/WorkerScriptLoader.h:
433
434 2011-02-03  Mark Mentovai  <mark@chromium.org>
435
436         Reviewed by Dimitri Glazkov.
437
438         Chromium GYP build fix.
439
440         When various settings were moved to webcore_prerequisites in r66364,
441         things that should have been direct_dependent_settings were not marked
442         as such. GYP 'defines', for example, make no sense on a 'none'-type
443         target such as webcore_prerequisites. It appears that it was intended
444         for these settings to be pushed to direct dependents, which would make
445         direct_dependent_settings correct.
446
447         Losing the ChromiumWebCoreObjC defines on the Mac, for example, caused
448         http://crbug.com/71537, which at best causes Mac console log spew, and
449         at worst may result in Chromium's copy of WebCore using system
450         definitions of certain Objective-C classes at runtime, or vice-versa.
451
452         The build now includes a postbuild step to prevent
453         http://crbug.com/71537 from regressing again. The build will fail upon
454         regression.
455
456         https://bugs.webkit.org/show_bug.cgi?id=53630
457
458         * WebCore.gyp/WebCore.gyp: Move things in webcore_prerequisites into
459           direct_dependent_settings as needed, add the check_objc_rename
460           postbuild step.
461         * WebCore.gyp/mac/check_objc_rename.sh: Added.
462
463 2011-02-03  Adam Barth  <abarth@webkit.org>
464
465         Reviewed by Eric Seidel.
466
467         Make XSSFilter go fast by adding a SuffixTree
468         https://bugs.webkit.org/show_bug.cgi?id=53665
469
470         The SuffixTree lets us quickly reject snippets if the POST data is
471         large (because we can avoid a linear scan over the POST data).
472
473         * html/parser/XSSFilter.cpp:
474         (WebCore::XSSFilter::init):
475         (WebCore::XSSFilter::isContainedInRequest):
476         * html/parser/XSSFilter.h:
477
478 2011-02-03  Mihai Parparita  <mihaip@chromium.org>
479
480         Reviewed by Alexey Proskuryakov.
481
482         REGRESSION (r77355): Page cache layout tests crash
483         https://bugs.webkit.org/show_bug.cgi?id=53648
484
485         Test: fast/events/pagehide-timeout.html
486         
487         Suspend active DOM objects after all pagehide event handlers have run,
488         otherwise it's possible for them to create more objects that weren't
489         getting suspended.
490
491         * history/CachedFrame.cpp:
492         (WebCore::CachedFrame::CachedFrame):
493
494 2011-02-03  Jeremy Orlow  <jorlow@chromium.org>
495
496         Reviewed by Nate Chapin.
497
498         SerializedScriptValue should not require v8 to create undefined and null values
499         https://bugs.webkit.org/show_bug.cgi?id=53730
500
501         Instead of creating a v8 type and passing that into the constructor, just use
502         the writer class directly. While I was at it, I cleaned up the code a bit too
503         by getting rid of the WireData/StringValue enum as I found that personally
504         confusing.
505
506         This is necessary because these methods are called by IndexedDB in the browser
507         process where v8 is not spun up.
508
509         No functionality changed and not possible to test.
510
511         * bindings/v8/SerializedScriptValue.cpp:
512         (WebCore::SerializedScriptValue::createFromWire):
513         (WebCore::SerializedScriptValue::create):
514         (WebCore::SerializedScriptValue::nullValue):
515         (WebCore::SerializedScriptValue::undefinedValue):
516         (WebCore::SerializedScriptValue::release):
517         (WebCore::SerializedScriptValue::SerializedScriptValue):
518         * bindings/v8/SerializedScriptValue.h:
519
520 2011-02-03  Beth Dakin  <bdakin@apple.com>
521
522         Reviewed by Sam Weinig.
523
524         Fix for <rdar://problem/8944544> Ability to animate track
525         for WKPainter scrollers
526
527         Two new WebKitSystemInterface functions.
528         * WebCore.exp.in:
529         * platform/mac/WebCoreSystemInterface.h:
530         * platform/mac/WebCoreSystemInterface.mm:
531
532         Use Scrollbar::convertFromContainingView() to return the right point.
533         * platform/mac/ScrollAnimatorMac.mm:
534         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
535         
536         ScrollKnobAnimation is now ScrollbarPartAnimation. It can
537         now be used to animate the knob or the track.
538         (-[ScrollbarPartAnimation initWithScrollbarPainter:part:WebCore::scrollAnimator:WebCore::animateAlphaTo:duration:]):
539         (-[ScrollbarPartAnimation setCurrentProgress:]):
540         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:part:WebCore::animateAlphaTo:duration:]):
541         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
542         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
543
544         Scrollbars need invalodating after the overlay state changes. 
545         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
546
547 2011-02-03  Sam Weinig  <sam@webkit.org>
548
549         Reviewed by Beth Dakin.
550
551         Scroll thumb jumps to top when resizing horizontally.
552
553         * platform/ScrollView.cpp:
554         (WebCore::ScrollView::updateScrollbars): Add call to update
555         the scrollbar's offset in the case where we may have created
556         a new scrollbar but have not changed the current position.
557
558 2011-02-03  Justin Schuh  <jschuh@chromium.org>
559
560         Reviewed by Dirk Schulze.
561
562         startAnimations should use a local, RefCounted Vector.
563         https://bugs.webkit.org/show_bug.cgi?id=53458
564
565         Test: svg/custom/use-animation-in-fill.html
566
567         * svg/SVGDocumentExtensions.cpp:
568         (WebCore::SVGDocumentExtensions::startAnimations):
569
570 2011-02-03  Adam Barth  <abarth@webkit.org>
571
572         Reviewed by Daniel Bates.
573
574         XSSFilter shouldn't bother to analyze pages without "injection"
575         characters in the request
576         https://bugs.webkit.org/show_bug.cgi?id=53664
577
578         If the request lacks these "injection" characters, then it's unlikely
579         that there's a reflective XSS attack happening.  This hueristic lets us
580         avoid analyzing the vast majority of responses for XSS.  Of course, the
581         hueristic isn't perfect.  Because of this huerstic, we miss out on
582         injections into unquoted attributes.  However, it's a trade-off that's
583         worked well in the XSSAuditor.
584
585         * html/parser/XSSFilter.cpp:
586         (WebCore::HTMLNames::isRequiredForInjection):
587         (WebCore::XSSFilter::XSSFilter):
588         (WebCore::XSSFilter::init):
589         (WebCore::XSSFilter::filterToken):
590         (WebCore::XSSFilter::isContainedInRequest):
591         * html/parser/XSSFilter.h:
592
593 2011-02-03  Vangelis Kokkevis  <vangelis@chromium.org>
594
595         Reviewed by Kenneth Russell.
596
597         [chromium] Fixing a compositor crash occurring on layers
598         without an associated RenderSurface.
599         https://bugs.webkit.org/show_bug.cgi?id=53679
600         Regression was introduced by in r77425 
601
602         Test: http://webkit.org/blog/386/3d-transforms/ doesn't crash
603         anymore.
604
605         * platform/graphics/chromium/LayerRendererChromium.cpp:
606         (WebCore::LayerRendererChromium::drawLayer):
607
608 2011-02-03  Dan Bernstein  <mitz@apple.com>
609
610         Reviewed by Anders Carlsson.
611
612         <rdar://problem/8948788> Text emphasis marks have wrong orientation for vertical text
613         https://bugs.webkit.org/show_bug.cgi?id=53709
614
615         Covered by rendering of fast/text/emphasis-vertical.html
616
617         * platform/graphics/mac/SimpleFontDataMac.mm:
618         (WebCore::SimpleFontData::scaledFontData): Give the scaled font the same orientation this font
619         has.
620
621 2011-02-02  Levi Weintraub  <leviw@chromium.org>
622
623         Reviewed by Ryosuke Niwa.
624
625         Moving cursor down in table cycles at the end of a row
626         https://bugs.webkit.org/show_bug.cgi?id=50012
627
628         Avoids a caret cycling issue with certain content (e.g. tables) found at the very
629         end of a document due to a bug in nextLeafWithSameEditability.
630
631         Test: editing/selection/move-by-line-cycles-in-table.html
632
633         * editing/visible_units.cpp:
634         (WebCore::nextLeafWithSameEditability): Properly avoid descending back into the
635         original leaf node.
636
637 2011-02-03  Pavel Podivilov  <podivilov@chromium.org>
638
639         Reviewed by Pavel Feldman.
640
641         Web Inspector: remove dead code related to changes panel.
642         https://bugs.webkit.org/show_bug.cgi?id=53688
643
644         * WebCore.gypi:
645         * WebCore.vcproj/WebCore.vcproj:
646         * inspector/front-end/ChangesView.js: Removed.
647         * inspector/front-end/WebKit.qrc:
648         * inspector/front-end/inspector.css:
649         (#error-warning-count):
650         (#error-warning-count:hover):
651         (#error-count + #warning-count):
652         * inspector/front-end/inspector.html:
653         * inspector/front-end/inspector.js:
654
655 2011-02-02  Sam Weinig  <sam@webkit.org>
656
657         Reviewed by Anders Carlsson.
658
659         Add notification of the end of a rubber band.
660         <rdar://problem/8940648>
661
662         * WebCore.exp.in:
663         Add additional exprots.
664
665         * page/ChromeClient.h:
666         (WebCore::ChromeClient::didCompleteRubberBandForMainFrame):
667         * page/FrameView.cpp:
668         (WebCore::FrameView::didCompleteRubberBand):
669         * page/FrameView.h:
670         * platform/ScrollView.cpp:
671         (WebCore::ScrollView::didCompleteRubberBand):
672         * platform/ScrollView.h:
673         Add hook.
674
675         * platform/ScrollableArea.h:
676         (WebCore::ScrollableArea::inLiveResize):
677         (WebCore::ScrollableArea::maximumScrollPosition):
678         (WebCore::ScrollableArea::visibleWidth):
679         (WebCore::ScrollableArea::overhangAmount):
680         (WebCore::ScrollableArea::didCompleteRubberBand):
681         Reorganize and de-virtualize live resize notifications.
682
683         * platform/mac/ScrollAnimatorMac.mm:
684         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
685         Call the new hook when the rubberband ends.
686
687 2011-02-02  Evan Martin  <evan@chromium.org>
688
689         Reviewed by Tony Chang.
690
691         [chromium] complex joining characters positioned in wrong place
692         https://bugs.webkit.org/show_bug.cgi?id=53637
693
694         Provide the correct font metrics to Harfbuzz related to the font design space.
695         There are used in some fonts for GPOS positioning.
696
697         Test: platform/chromium-linux/fast/text/international/complex-joining-using-gpos.html
698
699         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
700         (WebCore::ComplexTextController::setupFontForScriptRun):
701         (WebCore::ComplexTextController::allocHarfbuzzFont):
702         * platform/graphics/chromium/FontPlatformDataLinux.cpp:
703         (WebCore::FontPlatformData::FontPlatformData):
704         (WebCore::FontPlatformData::emSizeInFontUnits):
705         (WebCore::FontPlatformData::operator=):
706         * platform/graphics/chromium/FontPlatformDataLinux.h:
707         (WebCore::FontPlatformData::FontPlatformData):
708
709 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
710
711         Reviewed by Kent Tamura.
712
713         REGRESSION(r76147): Slider thumb position is not updated when value attribute is changed.
714         https://bugs.webkit.org/show_bug.cgi?id=53634
715
716         Test: fast/dom/HTMLInputElement/input-slider-update.html
717
718         * html/HTMLInputElement.cpp:
719         (WebCore::HTMLInputElement::setValue): Added a call to InputType::valueChanged.
720         * html/InputType.cpp:
721         (WebCore::InputType::valueChanged): Added empty implementation.
722         * html/InputType.h: Added def.
723         * html/RangeInputType.cpp:
724         (WebCore::RangeInputType::valueChanged): Added implementation that dirties layout
725             bit on the thumb.
726         * html/RangeInputType.h: Added def.
727
728 2011-02-02  Pavel Podivilov  <podivilov@chromium.org>
729
730         Reviewed by Pavel Feldman.
731
732         Web Inspector: do not share source frames between resources panel and scripts panel.
733         https://bugs.webkit.org/show_bug.cgi?id=53584
734
735         Currently, we show error messages only for resources. This change will allow showing error
736         messages in source frame even when resource is not available (eval scripts, inlined scripts).
737
738         * inspector/front-end/ConsoleView.js:
739         (WebInspector.ConsoleView.prototype.addMessage):
740         (WebInspector.ConsoleView.prototype.clearMessages):
741         * inspector/front-end/ResourceView.js:
742         (WebInspector.ResourceView.recreateResourceView):
743         * inspector/front-end/ResourcesPanel.js:
744         (WebInspector.FrameResourceTreeElement.prototype._setBubbleText):
745         * inspector/front-end/ScriptsPanel.js:
746         (WebInspector.ScriptsPanel.prototype._scriptSourceChanged):
747         (WebInspector.ScriptsPanel.prototype.addConsoleMessage):
748         (WebInspector.ScriptsPanel.prototype.clearConsoleMessages):
749         (WebInspector.ScriptsPanel.prototype.reset):
750         (WebInspector.ScriptsPanel.prototype._sourceFrameForScriptOrResource):
751         (WebInspector.ScriptsPanel.prototype._sourceFrameForResource):
752         (WebInspector.ScriptsPanel.prototype._sourceFrameForScript):
753
754 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
755
756         Fix 32-bit builds.
757
758         * platform/graphics/ShadowBlur.cpp:
759         (WebCore::ShadowBlur::blurLayerImage):
760
761 2011-02-03  Mikhail Naganov  <mnaganov@chromium.org>
762
763         Reviewed by Pavel Feldman.
764
765         Web Inspector: Add reporting of JS heap size limit to 'console.memory'.
766         https://bugs.webkit.org/show_bug.cgi?id=53592
767
768         In JSC there is no limit, thus 'undefined' value is returned.
769         For V8, the limit reported by the VM is returned.
770
771         * Android.jscbindings.mk:
772         * CMakeLists.txt:
773         * GNUmakefile.am:
774         * WebCore.gypi:
775         * WebCore.pro:
776         * WebCore.vcproj/WebCore.vcproj:
777         * WebCore.xcodeproj/project.pbxproj:
778         * bindings/js/JSBindingsAllInOne.cpp:
779         * bindings/js/JSMemoryInfoCustom.cpp: Added.
780         * bindings/js/ScriptGCEvent.cpp:
781         (WebCore::ScriptGCEvent::getHeapSize):
782         * bindings/js/ScriptGCEvent.h:
783         * bindings/v8/ScriptGCEvent.cpp:
784         (WebCore::ScriptGCEvent::getHeapSize):
785         * bindings/v8/ScriptGCEvent.h:
786         * inspector/InspectorTimelineAgent.cpp:
787         (WebCore::InspectorTimelineAgent::setHeapSizeStatistic):
788         * page/MemoryInfo.cpp:
789         (WebCore::MemoryInfo::MemoryInfo):
790         * page/MemoryInfo.h:
791         (WebCore::MemoryInfo::jsHeapSizeLimit):
792         * page/MemoryInfo.idl:
793
794 2011-01-27  Philippe Normand  <pnormand@igalia.com>
795
796         Reviewed by Martin Robinson.
797
798         [GTK] LayoutTests/media/audio-mpeg4-supported.html fails
799         https://bugs.webkit.org/show_bug.cgi?id=53125
800
801         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
802         (WebCore::mimeTypeCache): Add audio/x-m4a mimetype in the cache.
803
804 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
805
806         Reviewed by Sam Weinig.
807
808         ShadowBlur radius for CSS shadows is slightly too big
809         https://bugs.webkit.org/show_bug.cgi?id=53660
810         
811         If we follow SVG gaussian blur for CSS shadows, we can end up rendering
812         shadows that extend further than the CSS "blur radius", which results
813         in the shadows being truncated.
814         
815         Fix with a small fudge factor to reduce the kernel diameter slightly
816         for CSS shadows.
817         
818         Also more closely follow the algorithm described in the SVG spec
819         for computing the kernel size for different diameters, and clean up
820         some variable naming relating to the shadow bounds.
821
822         * platform/graphics/ShadowBlur.cpp:
823         (WebCore::ShadowBlur::blurLayerImage):
824         (WebCore::ShadowBlur::drawRectShadowWithTiling):
825
826 2011-02-01  Pavel Podivilov  <podivilov@chromium.org>
827
828         Reviewed by Pavel Feldman.
829
830         Web Inspector: introduce new api for managing JavaScript breakpoints.
831         https://bugs.webkit.org/show_bug.cgi?id=53235
832
833         Single protocol breakpoint (e.g. set by url) is mapped on zero or more VM breakpoints (set by sourceID).
834         removeJavaScriptBreakpoint(breakpointId) removes breakpoint and all linked VM breakpoints.
835         Since UI uses VM breakpoint location rather then protocol breakpoint location, all resolved breakpoints locations are passed to frontend.
836
837         SourceFrame is now aware of whether breakpoint is resolved or not and may display it accordingly.
838         JavaScriptBreakpointsSidebarPane filters out breakpoints set on nonexistent scripts to avoid UI cluttering.
839
840         * bindings/js/ScriptDebugServer.cpp:
841         (WebCore::ScriptDebugServer::setBreakpoint):
842         (WebCore::ScriptDebugServer::removeBreakpoint):
843         * bindings/js/ScriptDebugServer.h:
844         * bindings/v8/DebuggerScript.js:
845         ():
846         * bindings/v8/ScriptDebugServer.cpp:
847         (WebCore::ScriptDebugServer::setBreakpoint):
848         * bindings/v8/ScriptDebugServer.h:
849         * inspector/Inspector.idl:
850         * inspector/InspectorAgent.cpp: clear breakpoints from inspector state when new frontend is created
851         (WebCore::InspectorAgent::restoreInspectorStateFromCookie):
852         (WebCore::InspectorAgent::populateScriptObjects):
853         (WebCore::InspectorAgent::restoreDebugger):
854         (WebCore::InspectorAgent::showAndEnableDebugger):
855         (WebCore::InspectorAgent::enableDebugger):
856         * inspector/InspectorAgent.h:
857         * inspector/InspectorDebuggerAgent.cpp: manage relations between protocol breakpoints and VM breakpoints
858         (WebCore::InspectorDebuggerAgent::InspectorDebuggerAgent):
859         (WebCore::InspectorDebuggerAgent::inspectedURLChanged):
860         (WebCore::InspectorDebuggerAgent::setJavaScriptBreakpoint):
861         (WebCore::InspectorDebuggerAgent::setJavaScriptBreakpointBySourceId):
862         (WebCore::InspectorDebuggerAgent::removeJavaScriptBreakpoint):
863         (WebCore::InspectorDebuggerAgent::continueToLocation):
864         (WebCore::InspectorDebuggerAgent::resolveBreakpoint):
865         (WebCore::InspectorDebuggerAgent::getScriptSource):
866         (WebCore::InspectorDebuggerAgent::didParseSource):
867         (WebCore::InspectorDebuggerAgent::didPause):
868         * inspector/InspectorDebuggerAgent.h:
869         (WebCore::InspectorDebuggerAgent::Script::Script):
870         * inspector/InspectorValues.cpp:
871         (WebCore::InspectorValue::asNumber):
872         (WebCore::InspectorBasicValue::asNumber):
873         (WebCore::InspectorObject::remove):
874         * inspector/InspectorValues.h:
875         (WebCore::InspectorObject::getNumber):
876         (WebCore::InspectorObject::find):
877         * inspector/ScriptBreakpoint.h:
878         (WebCore::ScriptBreakpoint::ScriptBreakpoint):
879         * inspector/front-end/Breakpoint.js:
880         (WebInspector.Breakpoint):
881         (WebInspector.Breakpoint.prototype.addLocation):
882         * inspector/front-end/BreakpointManager.js: remove all stuff related to JavaScript breakpoints from here
883         (WebInspector.BreakpointManager):
884         (WebInspector.BreakpointManager.prototype._projectChanged):
885         (WebInspector.BreakpointManager.prototype._saveBreakpoints):
886         (WebInspector.BreakpointManager.prototype._validateBreakpoints):
887         * inspector/front-end/BreakpointsSidebarPane.js:
888         (WebInspector.JavaScriptBreakpointsSidebarPane): filter breakpoints set on nonexistent scripts to avoid ui cluttering
889         * inspector/front-end/DebuggerModel.js:
890         (WebInspector.DebuggerModel): pull all JavaScript from localStorage and push them to fronted when debugger is enabled, save resolved breakpoints data
891         * inspector/front-end/Script.js:
892         (WebInspector.Script.prototype.sourceLine):
893         * inspector/front-end/ScriptsPanel.js:
894         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
895         * inspector/front-end/Settings.js:
896         (WebInspector.Settings):
897         * inspector/front-end/SourceFrame.js: handle resolved and unresolved breakpoints differently
898         * inspector/front-end/inspector.js:
899
900 2011-02-03  Nikolas Zimmermann  <nzimmermann@rim.com>
901
902         Reviewed by Dirk Schulze.
903
904         small text which is scaled to be large renders pixelated
905         https://bugs.webkit.org/show_bug.cgi?id=12448
906
907         SVG <text> with font-size smaller or equal to 1 does not paint correctly
908         https://bugs.webkit.org/show_bug.cgi?id=14242
909
910         misplaced text in SVG
911         https://bugs.webkit.org/show_bug.cgi?id=17053
912
913         Don't render very small (but zoomed) text inside SVG
914         https://bugs.webkit.org/show_bug.cgi?id=19393
915
916         Tiny fonts scaled up end up too large in Safari
917         https://bugs.webkit.org/show_bug.cgi?id=20192
918
919         Stretched SVG Text has awful glyph spacing 
920         https://bugs.webkit.org/show_bug.cgi?id=21774
921
922         REGRESSION (r72141?): svg/batik/text/smallFonts.svg failing on Leopard
923         https://bugs.webkit.org/show_bug.cgi?id=49846
924
925         [Gtk] Text height in zoomed SVG is 1px too high
926         https://bugs.webkit.org/show_bug.cgi?id=50313
927
928         SVG text smaller than 0.5px not displayed properly
929         https://bugs.webkit.org/show_bug.cgi?id=50528
930
931         When rendering text, we're selecting a font with a size, as specified in the markup.
932         This can lead to problems, if the context, where the text is rendered upon, is scaled. If a parent
933         element of the <text> defines a transform=".." or the outermost <svg> containing a viewBox the
934         problem becomes apparent.
935
936         Consider following two snippets, which should render exactly the same:
937         <svg viewBox="0 0 100 100"><text x="25" y="50" font-size="25">test</text></svg>
938         <svg viewBox="0 0 1 1"><text x="0.25" y="0.5" font-size="0.25">test</text></svg>
939
940         When selecting a font size below 0.5, FontCacheMac would request a font with size 0,
941         which AppKit turns into 12. This lead to huge text rendering, instead of small text on Mac.
942         Other platforms have different problems (Qt simply scales the font, leading to pixelation etc.)
943
944         To fix this in a cross-platform fashion, we now always compute the final font size on screen,
945         remove any scaling from the context, draw the text using the scaled font size, then reapply
946         the context scale. This makes the example snippets above render exactly the same and fixes
947         numerous of bugs, present since years. As we're now heavily using floating-point font sizes
948         internally, depending on the scale of the document, it's very important to use the new
949         floating-point text metrics information (floatAscent/floatDescent/floatHeight) everywhere in SVG.
950
951         Fixes existing tests: css3/zoom-coords.xhtml (cross-platform inconsistencies should be gone, mac now reports floatHeight values for SVG text height)
952                               svg/hixie/text/003.html (no more pixelation)
953                               svg/batik/text/smallFonts.svg (small fonts aren't rendered huge anymore on mac)
954                               svg/hixie/viewbox/preserveAspectRatio/001.xml (bug 21774, no more awful spacing)
955                               svg/zoom/page/zoom-zoom-coords.xhtml (cross-platform inconsistencies should be gone, inspired by bug 50313)
956
957         Tests: svg/text/font-size-below-point-five-2.svg (reduction from bug 50528)
958                svg/text/font-size-below-point-five.svg (reduction from bug 50528)
959                svg/text/scaled-font.svg (reduction from bug 12448)
960                svg/text/small-fonts-2.svg (reduction from bug 14242)
961                svg/text/small-fonts-3.svg (reduction from bug 17053)
962                svg/text/small-fonts-in-html5.html (reduction from bug 19393)
963                svg/text/small-fonts.svg (reduction from bug 20192))
964
965         * rendering/svg/RenderSVGInlineText.cpp: Cache 'float scalingFactor' & 'Font scaledFont', whenever the on-screen representation changes.
966         * rendering/svg/RenderSVGInlineText.h:
967         * rendering/svg/RenderSVGText.cpp: Update scalingFactor/scaledFont, if necessary.
968         * rendering/svg/SVGInlineTextBox.cpp: Switch to new font rendering strategy. Always use scaledFont, and remove any context scale before drawing.
969         * rendering/svg/SVGInlineTextBox.h:
970         * rendering/svg/SVGTextLayoutEngineBaseline.cpp: Use floating-point metrics everywhere.
971         * rendering/svg/SVGTextMetrics.cpp: Ditto.
972         * rendering/svg/SVGTextMetrics.h: Ditto.
973         * rendering/svg/SVGTextQuery.cpp: Ditto.
974         * svg/SVGFont.cpp: Adjust stroke thickness, when drawing SVGFonts into a normalized context (no more scale).
975         * svg/SVGTextContentElement.cpp: Make <text> elements always dependant on window size changes in combination with viewBox set.
976         * svg/SVGTextPositioningElement.cpp: Remove now unnecessary code to determine wheter relative lengths are used as text attributes.
977         * svg/SVGTextPositioningElement.h: 
978
979 2011-02-03  Pavel Feldman  <pfeldman@chromium.org>
980
981         Reviewed by Yury Semikhatsky.
982
983         Web Inspector: resources panel doesn't show frames after reload.
984         https://bugs.webkit.org/show_bug.cgi?id=53430
985
986         * inspector/front-end/ResourcesPanel.js:
987         (WebInspector.ResourcesPanel.prototype.show):
988         (WebInspector.ResourcesPanel.prototype.loadEventFired):
989         (WebInspector.ResourcesPanel.prototype._initDefaultSelection):
990         (WebInspector.ResourcesPanel.prototype.reset):
991         (WebInspector.ResourcesPanel.prototype.clear):
992         * inspector/front-end/inspector.js:
993         (WebInspector.loadEventFired):
994
995 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
996
997         Reviewed by Pavel Feldman.
998
999         Web Inspector: Remove the *2 suffix from the CSS style-related protocol methods
1000         https://bugs.webkit.org/show_bug.cgi?id=53492
1001
1002         * inspector/Inspector.idl:
1003         * inspector/InspectorCSSAgent.cpp:
1004         (WebCore::InspectorCSSAgent::getStylesForNode):
1005         (WebCore::InspectorCSSAgent::getInlineStyleForNode):
1006         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
1007         (WebCore::InspectorCSSAgent::getAllStyles):
1008         (WebCore::InspectorCSSAgent::getStyleSheet):
1009         (WebCore::InspectorCSSAgent::getStyleSheetText):
1010         (WebCore::InspectorCSSAgent::setStyleSheetText):
1011         (WebCore::InspectorCSSAgent::setPropertyText):
1012         (WebCore::InspectorCSSAgent::toggleProperty):
1013         (WebCore::InspectorCSSAgent::setRuleSelector):
1014         (WebCore::InspectorCSSAgent::addRule):
1015         * inspector/InspectorCSSAgent.h:
1016         * inspector/front-end/AuditRules.js:
1017         (WebInspector.AuditRules.UnusedCssRule.prototype.doRun):
1018         * inspector/front-end/CSSStyleModel.js:
1019         (WebInspector.CSSStyleModel.prototype.getStylesAsync):
1020         (WebInspector.CSSStyleModel.prototype.getComputedStyleAsync):
1021         (WebInspector.CSSStyleModel.prototype.getInlineStyleAsync):
1022         (WebInspector.CSSStyleModel.prototype.setRuleSelector):
1023         (WebInspector.CSSStyleModel.prototype.addRule):
1024         (WebInspector.CSSStyleModel.prototype._styleSheetChanged):
1025         (WebInspector.CSSStyleModel.prototype._onRevert):
1026         (WebInspector.CSSStyleDeclaration.prototype.insertPropertyAt):
1027         (WebInspector.CSSProperty.prototype.setText):
1028         (WebInspector.CSSProperty.prototype.setDisabled):
1029         (WebInspector.CSSStyleSheet.createForId):
1030         (WebInspector.CSSStyleSheet.prototype.setText):
1031
1032 2011-02-03  Adam Barth  <abarth@webkit.org>
1033
1034         Reviewed by Daniel Bates.
1035
1036         Teach XSSFilter about data URLs
1037         https://bugs.webkit.org/show_bug.cgi?id=53662
1038
1039         The XSS filter doesn't really make sense for data URLs because
1040         everything in a "response" from a data URL was part of the request.
1041
1042         Test: http/tests/security/xssAuditor/data-urls-work.html
1043
1044         * html/parser/XSSFilter.cpp:
1045         (WebCore::XSSFilter::init):
1046         (WebCore::XSSFilter::filterToken):
1047
1048 2011-02-02  Chris Evans  <cevans@chromium.org>
1049
1050         Reviewed by Darin Fisher.
1051
1052         window.find() can fail when switching case sensitivity
1053         https://bugs.webkit.org/show_bug.cgi?id=53654
1054
1055         Reset the pattern to a safe one when done, to avoid usearch_reset()
1056         indirectly touching the old, stale text pointer.
1057
1058         Test: fast/text/find-window.html
1059
1060         * editing/TextIterator.cpp:
1061         (WebCore::SearchBuffer::~SearchBuffer): leave a safe pattern buffer when done.
1062
1063 2011-02-02  Adam Barth  <abarth@webkit.org>
1064
1065         Reviewed by Daniel Bates.
1066
1067         Teach XSSFilter that <param> elements can contain URLs
1068         https://bugs.webkit.org/show_bug.cgi?id=53652
1069
1070         When loading plugins for the <object> tag, we're "smart" enough to
1071         reach into the <param> elements and pull out the URL in some cases.
1072         This patch teaches the XSSFilter how to block injections into those
1073         sorts of param elements.
1074
1075         Fixes:
1076             http/tests/security/xssAuditor/object-*
1077
1078         * html/HTMLParamElement.cpp:
1079         (WebCore::HTMLParamElement::isURLParameter):
1080         (WebCore::HTMLParamElement::isURLAttribute):
1081         (WebCore::HTMLParamElement::addSubresourceAttributeURLs):
1082         * html/HTMLParamElement.h:
1083             - Add a helper function so that HTMLParamElement can share the
1084               ground truth for these names with the XSSFilter.
1085         * html/parser/XSSFilter.cpp:
1086         (WebCore::XSSFilter::filterTokenInitial):
1087         (WebCore::XSSFilter::filterParamToken):
1088         * html/parser/XSSFilter.h:
1089
1090 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1091
1092         Reviewed by David Levin.
1093
1094         GCC compiler on ARM issues bogus warnings and fails to compile.
1095         https://bugs.webkit.org/show_bug.cgi?id=53620
1096
1097         Despite warnings explicitly being disallowed (-Wno-uninitialized),
1098         gcc (Ubuntu 4.4.3-4ubuntu5) 4.4.3 throws up the warnings like:
1099
1100         "error: 'colorTransparent.unstatic.4909' may be used uninitialized in this function"
1101
1102         The fix is to add an extra condition, which somehow pacifies the compiler.
1103
1104         * css/CSSPrimitiveValue.cpp:
1105         (WebCore::CSSPrimitiveValue::createColor): Added workaround conditions.
1106
1107 2011-02-02  Adam Barth  <abarth@webkit.org>
1108
1109         Reviewed by Daniel Bates.
1110
1111         Teach XSSFilter about X-XSS-Protection
1112         https://bugs.webkit.org/show_bug.cgi?id=53640
1113
1114         This patch causes us to pass:
1115             http/tests/security/xssAuditor/full-block-*
1116             http/tests/security/xssAuditor/no-protection-script-tag.html
1117
1118         * html/parser/XSSFilter.cpp:
1119         (WebCore::XSSFilter::XSSFilter):
1120         (WebCore::XSSFilter::init):
1121         (WebCore::XSSFilter::filterToken):
1122         * html/parser/XSSFilter.h:
1123
1124 2011-02-02  Adam Barth  <abarth@webkit.org>
1125
1126         Reviewed by Daniel Bates.
1127
1128         When XSSFilter blocks JavaScript URLs, use a safe JavaScript URL
1129         instead of the empty string
1130         https://bugs.webkit.org/show_bug.cgi?id=53643
1131
1132         In a URL context, the empty string completes to the URL of the current
1133         page, which causes these tests to go into an infinite loop.  Instead,
1134         we should use a "safe" JavaScript URL that does nothing.
1135
1136         Fixes:
1137             http/tests/security/xssAuditor/javascript-link*
1138
1139         * html/parser/XSSFilter.cpp:
1140         (WebCore::XSSFilter::eraseDangerousAttributesIfInjected):
1141
1142 2011-02-02  Dan Bernstein  <mitz@apple.com>
1143
1144         Reviewed by Sam Weinig.
1145
1146         <rdar://problem/8380506> REGRESSION (r61921): RTL text in <b> tag doesn't display in WebKit under certain conditions
1147         https://bugs.webkit.org/show_bug.cgi?id=44942
1148
1149         Test: fast/text/bidi-embedding-pop-and-push-same-2.html
1150
1151         * platform/text/BidiResolver.h:
1152         (WebCore::::commitExplicitEmbedding): Changed to return a boolean indicating whether there was
1153         a change to embedding levels.
1154         (WebCore::::createBidiRunsForLine): If embedding levels did not change as a result of committing
1155         the explicit embedding sequence, then runs were not added, and we should continue normally.
1156
1157 2011-02-02  Sam Weinig  <sam@webkit.org>
1158
1159         Reviewed by Dan Bernstein.
1160
1161         Fix miscalculation of the overhang area used for painting. We were
1162         not correctly accounting for scrollbars resulting in an non-negative
1163         overhang even when we weren't over the edge.
1164
1165         * platform/ScrollView.cpp:
1166         (WebCore::ScrollView::calculateOverhangAreasForPainting):
1167
1168 2011-02-02  Jeremy Orlow  <jorlow@chromium.org>
1169
1170         Reviewed by Nate Chapin.
1171
1172         IDBTransaction and IDBRequest can be deleted while ScriptExecutionContext is iterating....which is bad
1173         https://bugs.webkit.org/show_bug.cgi?id=52722
1174
1175         The solution is to change ScriptExecutionContext's destructor to iterate over
1176         the list in a way that handles the mutations. This new method is destructive,
1177         but that's OK since the object is going away. I've also added a several asserts.
1178
1179         There should be no behavior change.
1180
1181         * dom/ScriptExecutionContext.cpp:
1182         (WebCore::ScriptExecutionContext::ScriptExecutionContext):
1183         (WebCore::ScriptExecutionContext::~ScriptExecutionContext):
1184         (WebCore::ScriptExecutionContext::canSuspendActiveDOMObjects):
1185         (WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
1186         (WebCore::ScriptExecutionContext::resumeActiveDOMObjects):
1187         (WebCore::ScriptExecutionContext::stopActiveDOMObjects):
1188         (WebCore::ScriptExecutionContext::createdActiveDOMObject):
1189         (WebCore::ScriptExecutionContext::destroyedActiveDOMObject):
1190         * dom/ScriptExecutionContext.h:
1191         * storage/IDBTransaction.cpp:
1192         (WebCore::IDBTransaction::contextDestroyed):
1193         * storage/IDBTransaction.h:
1194
1195 2011-02-02  Mark Rowe  <mrowe@apple.com>
1196
1197         Build fix.
1198
1199         * WebCore.exp.in: Remove some bogus symbols from the .exp.in file.
1200         * platform/mac/ScrollbarThemeMac.mm:
1201         (WebCore::ScrollbarThemeMac::unregisterScrollbar): Look the object
1202         up in the HashMap rather than relying on a local variable that doesn't
1203         exist.
1204
1205 2011-02-02  Adam Barth  <abarth@webkit.org>
1206
1207         Reviewed by Daniel Bates.
1208
1209         Teach XSSFilter about JavaScript URLs
1210         https://bugs.webkit.org/show_bug.cgi?id=53635
1211
1212         This patch teaches the XSSFilter to check for JavaScript URLs in
1213         attribute values.  If this approach has too many false positives, we
1214         can restrict which attribute names we examine.
1215
1216         Fixes these tests:
1217             http/tests/security/xssAuditor/anchor-url-dom-write-location-javascript-URL.html
1218             http/tests/security/xssAuditor/dom-write-location-javascript-URL.html
1219             http/tests/security/xssAuditor/iframe-javascript-url*
1220
1221         * html/parser/XSSFilter.cpp:
1222         (WebCore::HTMLNames::containsJavaScriptURL):
1223         (WebCore::XSSFilter::filterTokenInitial):
1224         (WebCore::XSSFilter::eraseDangerousAttributesIfInjected):
1225         * html/parser/XSSFilter.h:
1226
1227 2011-02-02  Dan Bernstein  <mitz@apple.com>
1228
1229         Reviewed by Sam Weinig, even though this is just a...
1230
1231         ...build fix.
1232
1233         * platform/mac/ScrollAnimatorMac.mm:
1234         (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
1235
1236 2011-02-02  Mark Rowe  <mrowe@apple.com>
1237
1238         Reviewed by Beth Dakin.
1239
1240         <rdar://problem/8952012> Crash on launch inside scrollbar code.
1241
1242         We need to ensure that we remove ourselves as the delegates of objects when we're going
1243         away as failing to do this can lead to crashes if the lifetime of the other objects
1244         is longer than ours.
1245
1246         * platform/mac/ScrollAnimatorMac.mm:
1247         (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
1248         * platform/mac/ScrollbarThemeMac.mm:
1249         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
1250
1251 2011-02-02  Beth Dakin  <bdakin@apple.com>
1252
1253         Build fix.
1254
1255         * WebCore.exp.in:
1256
1257 2011-02-02  Patrick Gansterer  <paroga@webkit.org>
1258
1259         Unreviewed WinCE build fix for r77397.
1260
1261         * page/wince/FrameWinCE.cpp:
1262         (WebCore::computePageRectsForFrame):
1263
1264 2011-02-02  Patrick Gansterer  <paroga@webkit.org>
1265
1266         Unreviewed WinCE build fix for r77398.
1267
1268         * platform/graphics/wince/PlatformPathWinCE.cpp:
1269         (WebCore::containsPoint):
1270         (WebCore::inflateRectToContainPoint):
1271         (WebCore::PlatformPath::addRect):
1272         * platform/graphics/wince/SharedBitmap.cpp:
1273         (WebCore::SharedBitmap::drawPattern):
1274         * rendering/RenderThemeWinCE.cpp:
1275         (WebCore::RenderThemeWinCE::paintMenuListButton):
1276         (WebCore::RenderThemeWinCE::paintSearchFieldCancelButton):
1277         (WebCore::RenderThemeWinCE::paintSliderTrack):
1278         (WebCore::RenderThemeWinCE::paintMediaMuteButton):
1279         (WebCore::RenderThemeWinCE::paintMediaPlayButton):
1280         (WebCore::RenderThemeWinCE::paintMediaSeekBackButton):
1281         (WebCore::RenderThemeWinCE::paintMediaSeekForwardButton):
1282
1283 2011-02-02  Jian Li  <jianli@chromium.org>
1284
1285         Reviewed by Kenneth Russell.
1286
1287         [V8] Accessing DataView with index of -1 returns 0, doesn't throw
1288         https://bugs.webkit.org/show_bug.cgi?id=53559
1289
1290         Added test cases to cover this in fast/canvas/webgl/data-view-test.html.
1291
1292         * html/canvas/DataView.h:
1293         (WebCore::DataView::beyondRange):
1294
1295 2011-02-02  Sam Weinig  <sam@webkit.org>
1296
1297         Reviewed by Beth Dakin.
1298
1299         Add ChromeClient function to paint custom overhang areas.
1300         https://bugs.webkit.org/show_bug.cgi?id=53639
1301
1302         * page/Chrome.cpp:
1303         (WebCore::ChromeClient::paintCustomOverhangArea):
1304         * page/ChromeClient.h:
1305         Add ChromeClient function.
1306
1307         * page/FrameView.cpp:
1308         (WebCore::FrameView::paintOverhangAreas):
1309         * page/FrameView.h:
1310         Call out the the ChromeClient, call ScrollView base implementation
1311         if the ChromeClient returns false.
1312
1313         * platform/ScrollView.cpp:
1314         (WebCore::ScrollView::paintOverhangAreas):
1315         * platform/ScrollView.h:
1316         Add dirty rect for use when painting overhang areas.
1317
1318 2011-02-02  Peter Kasting  <pkasting@google.com>
1319
1320         Not reviewed, build fix.
1321
1322         Fix compile after r77427.
1323         https://bugs.webkit.org/show_bug.cgi?id=53455
1324
1325         * platform/graphics/qt/ImageDecoderQt.cpp:
1326         (WebCore::ImageDecoderQt::internalHandleCurrentImage):
1327         * platform/image-decoders/ImageDecoder.cpp:
1328         (WebCore::ImageFrame::operator=):
1329         * platform/image-decoders/bmp/BMPImageReader.cpp:
1330         (WebCore::BMPImageReader::decodeBMP):
1331         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
1332         (WebCore::JPEGImageDecoder::outputScanlines):
1333         * platform/image-decoders/png/PNGImageDecoder.cpp:
1334         (WebCore::PNGImageDecoder::rowAvailable):
1335         * platform/image-decoders/webp/WEBPImageDecoder.cpp:
1336         (WebCore::WEBPImageDecoder::decode):
1337
1338 2011-02-02  Peter Kasting  <pkasting@google.com>
1339
1340         Reviewed by David Levin.
1341
1342         Clean up ImageDecoder's comments (remove/trim/clarify).
1343         https://bugs.webkit.org/show_bug.cgi?id=53455
1344
1345         This also renames or eliminates a couple of functions for clarity, and
1346         switches a couple erroneous strncmp() calls to memcmp().
1347
1348         * platform/image-decoders/ImageDecoder.cpp:
1349         (WebCore::ImageDecoder::create):
1350         (WebCore::ImageFrame::clearPixelData):
1351         (WebCore::ImageFrame::zeroFillPixelData):
1352         (WebCore::ImageFrame::setSize):
1353         * platform/image-decoders/ImageDecoder.h:
1354         (WebCore::ImageFrame::originalFrameRect):
1355         (WebCore::ImageFrame::setOriginalFrameRect):
1356         (WebCore::ImageDecoder::ImageDecoder):
1357         (WebCore::ImageDecoder::~ImageDecoder):
1358         (WebCore::ImageDecoder::isSizeAvailable):
1359         (WebCore::ImageDecoder::size):
1360         (WebCore::ImageDecoder::setIgnoreGammaAndColorProfile):
1361         (WebCore::ImageDecoder::clearFrameBufferCache):
1362         (WebCore::ImageDecoder::isOverSize):
1363         * platform/image-decoders/bmp/BMPImageReader.cpp:
1364         (WebCore::BMPImageReader::processNonRLEData):
1365         * platform/image-decoders/cg/ImageDecoderCG.cpp:
1366         (WebCore::ImageFrame::setSize):
1367         * platform/image-decoders/gif/GIFImageDecoder.cpp:
1368         (WebCore::GIFImageDecoder::clearFrameBufferCache):
1369         (WebCore::GIFImageDecoder::frameComplete):
1370         (WebCore::GIFImageDecoder::initFrameBuffer):
1371         * platform/image-decoders/jpeg/JPEGImageDecoder.h:
1372         * platform/image-decoders/qt/ImageFrameQt.cpp:
1373         (WebCore::ImageFrame::operator=):
1374         (WebCore::ImageFrame::clearPixelData):
1375         (WebCore::ImageFrame::zeroFillPixelData):
1376         (WebCore::ImageFrame::setSize):
1377         * platform/image-decoders/skia/ImageDecoderSkia.cpp:
1378         (WebCore::ImageFrame::operator=):
1379         (WebCore::ImageFrame::clearPixelData):
1380         (WebCore::ImageFrame::zeroFillPixelData):
1381         (WebCore::ImageFrame::setSize):
1382         * platform/image-decoders/webp/WEBPImageDecoder.h:
1383
1384 2011-02-02  Vangelis Kokkevis  <vangelis@chromium.org>
1385
1386         [chromium] Adding support for reflections to the accelerated
1387         compositing path.
1388         https://bugs.webkit.org/show_bug.cgi?id=53179
1389
1390         All layout tests in compositing/reflections generate correct
1391         results with the exception of:
1392         1. nested-reflection-anchor-point.html : There appears to be
1393            some issue with the layer transform math that I haven't been
1394            able to track down yet.
1395         2. reflection-opacity.html : The current implementation applies
1396            opacity before doing the reflection which makes this test
1397            produce incorrect results.  This will affect reflected layers
1398            with opacity that overlap their original layer.  FIXME comment
1399            added in the code.
1400
1401         Tests: Covered by existing layout tests in compositing/reflections.
1402                Please see above for exceptions.
1403
1404         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
1405         (WebCore::GraphicsLayerChromium::setReplicatedByLayer):
1406         (WebCore::GraphicsLayerChromium::updateAnchorPoint):
1407         * platform/graphics/chromium/GraphicsLayerChromium.h:
1408         * platform/graphics/chromium/LayerChromium.cpp:
1409         (WebCore::LayerChromium::LayerChromium):
1410         * platform/graphics/chromium/LayerChromium.h:
1411         (WebCore::LayerChromium::setReplicaLayer):
1412         (WebCore::LayerChromium::replicaLayer):
1413         * platform/graphics/chromium/LayerRendererChromium.cpp:
1414         (WebCore::LayerRendererChromium::updateLayersRecursive):
1415         (WebCore::LayerRendererChromium::drawLayer):
1416         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
1417         (WebCore::RenderSurfaceChromium::drawableContentRect):
1418         (WebCore::RenderSurfaceChromium::drawSurface):
1419         (WebCore::RenderSurfaceChromium::draw):
1420         * platform/graphics/chromium/RenderSurfaceChromium.h:
1421         (WebCore::RenderSurfaceChromium::drawTransform):
1422
1423 2011-02-02  Xiyuan Xia  <xiyuan@chromium.org>
1424
1425         Reviewed by Tony Chang.
1426
1427         [Chromium] Select popup with padding has white strip on right
1428         https://bugs.webkit.org/show_bug.cgi?id=53602
1429
1430         No new tests as this change restores old behavior.
1431
1432         * platform/chromium/PopupMenuChromium.cpp:
1433         (WebCore::PopupListBox::layout):
1434
1435 2011-02-02  Beth Dakin  <bdakin@apple.com>
1436
1437         Reviewed by Mark Rowe.
1438
1439         Fix for <rdar://problem/8950343> CrashTracer: [USER]
1440         1 crash in WebProcess at com.apple.WebCore: 
1441         WebCore::ScrollbarThemeMac::unregisterScrollbar + 22
1442
1443         It is possible for a Scrollbar's ScrollableArea to be null,
1444         so we must null check.
1445         * platform/mac/ScrollbarThemeMac.mm:
1446         (WebCore::ScrollbarThemeMac::registerScrollbar):
1447         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
1448
1449 2011-02-02  Zhenyao Mo  <zmo@google.com>
1450
1451         Reviewed by Kenneth Russell.
1452
1453         bufferData and bufferSubData should generate INVALID_VALUE with negative input
1454         https://bugs.webkit.org/show_bug.cgi?id=53626
1455
1456         * html/canvas/WebGLRenderingContext.cpp:
1457         (WebCore::WebGLRenderingContext::bufferData):
1458         (WebCore::WebGLRenderingContext::bufferSubData):
1459
1460 2011-02-02  Jeff Miller  <jeffm@apple.com>
1461
1462         Reviewed by Darin Adler and Steve Falkenburg.
1463
1464         Add DerivedSources.make to some Visual Studio projects
1465         https://bugs.webkit.org/show_bug.cgi?id=53607
1466
1467         * WebCore.vcproj/WebCoreGenerated.vcproj: Add DerivedSources.make.
1468
1469 2011-02-02  Cris Neckar  <cdn@chromium.org>
1470
1471         Reviewed by James Robinson.
1472
1473         Refcount domwindows when dispatching device orientation events.
1474         https://bugs.webkit.org/show_bug.cgi?id=53623
1475
1476         Test: fast/events/device-orientation-crash.html
1477
1478         * dom/DeviceMotionController.cpp:
1479         (WebCore::DeviceMotionController::timerFired):
1480         (WebCore::DeviceMotionController::didChangeDeviceMotion):
1481         * dom/DeviceMotionController.h:
1482         * dom/DeviceOrientationController.cpp:
1483         (WebCore::DeviceOrientationController::timerFired):
1484         (WebCore::DeviceOrientationController::didChangeDeviceOrientation):
1485         * dom/DeviceOrientationController.h:
1486
1487 2011-02-02  Zhenyao Mo  <zmo@google.com>
1488
1489         Reviewed by Kenneth Russell.
1490
1491         A deleted object should never been bound again
1492         https://bugs.webkit.org/show_bug.cgi?id=53604
1493
1494         * html/canvas/WebGLRenderingContext.cpp:
1495         (WebCore::WebGLRenderingContext::checkObjectToBeBound): Helper function to bind* and useProgram.
1496         (WebCore::WebGLRenderingContext::bindBuffer): Use checkObjectToBeBound.
1497         (WebCore::WebGLRenderingContext::bindFramebuffer): Ditto.
1498         (WebCore::WebGLRenderingContext::bindRenderbuffer): Ditto.
1499         (WebCore::WebGLRenderingContext::bindTexture): Ditto, also check the target matching.
1500         (WebCore::WebGLRenderingContext::deleteObject): Helper funtion to delete*.
1501         (WebCore::WebGLRenderingContext::deleteBuffer): Use deleteObject.
1502         (WebCore::WebGLRenderingContext::deleteFramebuffer): Ditto.
1503         (WebCore::WebGLRenderingContext::deleteProgram): Ditto.
1504         (WebCore::WebGLRenderingContext::deleteRenderbuffer): Ditto.
1505         (WebCore::WebGLRenderingContext::deleteShader): Ditto.
1506         (WebCore::WebGLRenderingContext::deleteTexture): Ditto.
1507         (WebCore::WebGLRenderingContext::useProgram): Use checkObjectToBeBound.
1508         * html/canvas/WebGLRenderingContext.h:
1509         * html/canvas/WebGLTexture.h:
1510         (WebCore::WebGLTexture::getTarget): Accessor to cached target.
1511
1512 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1513
1514         Unreviewed Efl buildfix after r77399.
1515
1516         * CMakeListsEfl.txt:
1517
1518 2011-02-02  Kenneth Russell  <kbr@google.com>
1519
1520         Reviewed by James Robinson.
1521
1522         Rename Typed Array subset to subarray
1523         https://bugs.webkit.org/show_bug.cgi?id=53618
1524
1525         * html/canvas/Float32Array.cpp:
1526         (WebCore::Float32Array::subarray):
1527         * html/canvas/Float32Array.h:
1528         * html/canvas/Float32Array.idl:
1529         * html/canvas/Int16Array.cpp:
1530         (WebCore::Int16Array::subarray):
1531         * html/canvas/Int16Array.h:
1532         * html/canvas/Int16Array.idl:
1533         * html/canvas/Int32Array.cpp:
1534         (WebCore::Int32Array::subarray):
1535         * html/canvas/Int32Array.h:
1536         * html/canvas/Int32Array.idl:
1537         * html/canvas/Int8Array.cpp:
1538         (WebCore::Int8Array::subarray):
1539         * html/canvas/Int8Array.h:
1540         * html/canvas/Int8Array.idl:
1541         * html/canvas/TypedArrayBase.h:
1542         (WebCore::TypedArrayBase::subarrayImpl):
1543         * html/canvas/Uint16Array.cpp:
1544         (WebCore::Uint16Array::subarray):
1545         * html/canvas/Uint16Array.h:
1546         * html/canvas/Uint16Array.idl:
1547         * html/canvas/Uint32Array.cpp:
1548         (WebCore::Uint32Array::subarray):
1549         * html/canvas/Uint32Array.h:
1550         * html/canvas/Uint32Array.idl:
1551         * html/canvas/Uint8Array.cpp:
1552         (WebCore::Uint8Array::subarray):
1553         * html/canvas/Uint8Array.h:
1554         * html/canvas/Uint8Array.idl:
1555
1556 2011-02-02  Adam Barth  <abarth@webkit.org>
1557
1558         Reviewed by Eric Seidel.
1559
1560         Add an empty file for Content Security Policy
1561         https://bugs.webkit.org/show_bug.cgi?id=53573
1562
1563         Posting this as a separate patch because editing the build files is so
1564         painful.
1565
1566         * Android.mk:
1567         * CMakeLists.txt:
1568         * GNUmakefile.am:
1569         * WebCore.gypi:
1570         * WebCore.pro:
1571         * WebCore.vcproj/WebCore.vcproj:
1572         * WebCore.xcodeproj/project.pbxproj:
1573
1574 2011-02-02  Dan Winship  <danw@gnome.org>
1575
1576         Reviewed by Martin Robinson.
1577
1578         [GTK] remove old data: URI handler, fix the SoupRequest-based one
1579         to pass tests
1580         https://bugs.webkit.org/show_bug.cgi?id=50885
1581
1582         * platform/network/soup/ResourceHandleSoup.cpp:
1583         (WebCore::sendRequestCallback): Do content-type sniffing here for
1584         non-HTTP requests.
1585         (WebCore::startHTTPRequest): Rename to match WebKit style.
1586         (WebCore::ResourceHandle::start): Pass everything except HTTP to
1587         startNonHTTPRequest, letting the SoupRequester decide whether it's
1588         supported or not.
1589         (WebCore::startNonHTTPRequest): Remove some old pre-SoupRequester
1590         code that was a no-op for file: URIs, but would break some data:
1591         URIs.
1592
1593 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1594
1595         Update even more references to right() and bottom() in Chromium. Sheesh.
1596
1597         * platform/graphics/chromium/LayerRendererChromium.cpp:
1598         (WebCore::LayerRendererChromium::getFramebufferPixels): Replaced bottom/right with maxY/maxX.
1599
1600 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1601
1602         Unreviewed Gtk3 buildfix after r77286.
1603
1604         https://bugs.webkit.org/show_bug.cgi?id=53520
1605         Remove the physical terminology from IntRect and FloatRect.
1606
1607         * platform/gtk/RenderThemeGtk3.cpp:
1608         (WebCore::RenderThemeGtk::paintMenuList):
1609
1610 2011-02-02  Anders Carlsson  <andersca@apple.com>
1611
1612         Fix build.
1613
1614         * platform/mac/ScrollAnimatorMac.mm:
1615         (WebCore::ScrollAnimatorMac::pinnedInDirection):
1616
1617 2011-02-02  David Hyatt  <hyatt@apple.com>
1618
1619         Reviewed by Dan Bernstein.
1620
1621         https://bugs.webkit.org/show_bug.cgi?id=53619
1622
1623         Floats should not use physical terminology for their rects. Replace left/top with x/y and right/bottom
1624         with maxX/maxY.  This matches IntRect.
1625
1626         * rendering/RenderBlock.cpp:
1627         (WebCore::RenderBlock::addOverflowFromFloats):
1628         (WebCore::RenderBlock::flipFloatForWritingMode):
1629         (WebCore::RenderBlock::paintFloats):
1630         (WebCore::RenderBlock::selectionGaps):
1631         (WebCore::RenderBlock::addOverhangingFloats):
1632         (WebCore::RenderBlock::addIntrudingFloats):
1633         (WebCore::RenderBlock::hitTestFloats):
1634         (WebCore::RenderBlock::adjustForBorderFit):
1635         * rendering/RenderBlock.h:
1636         (WebCore::RenderBlock::FloatingObject::x):
1637         (WebCore::RenderBlock::FloatingObject::maxX):
1638         (WebCore::RenderBlock::FloatingObject::y):
1639         (WebCore::RenderBlock::FloatingObject::maxY):
1640         (WebCore::RenderBlock::FloatingObject::setX):
1641         (WebCore::RenderBlock::FloatingObject::setY):
1642         (WebCore::RenderBlock::logicalTopForFloat):
1643         (WebCore::RenderBlock::logicalBottomForFloat):
1644         (WebCore::RenderBlock::logicalLeftForFloat):
1645         (WebCore::RenderBlock::logicalRightForFloat):
1646         (WebCore::RenderBlock::setLogicalTopForFloat):
1647         (WebCore::RenderBlock::setLogicalLeftForFloat):
1648         (WebCore::RenderBlock::xPositionForFloatIncludingMargin):
1649         (WebCore::RenderBlock::yPositionForFloatIncludingMargin):
1650
1651 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1652
1653         Update more references to right() and bottom() in Chromium Win.
1654
1655         * platform/graphics/chromium/TransparencyWin.cpp:
1656         (WebCore::TransparencyWin::compositeOpaqueComposite): Replaced bottom/right with maxY/maxX.
1657         (WebCore::TransparencyWin::compositeTextComposite): Ditto.
1658         * rendering/RenderThemeChromiumWin.cpp:
1659         (WebCore::RenderThemeChromiumWin::paintMenuList): Ditto.
1660
1661 2011-02-02  Adam Roben  <aroben@apple.com>
1662
1663         Encode/decode FormData and FormDataElement objects consistently
1664
1665         Fixes <http://webkit.org/b/53615> <rdar://problem/8943346> WebKit2: Restoring session state
1666         that contains form data fails (asserts in Debug build)
1667
1668         To prevent this from interfering with WebKit2 testing, it's useful to get this into a build
1669         now, even though we don't have an automated test for it yet. Writing a test is covered by
1670         <http://webkit.org/b/53616>.
1671
1672         Reviewed by Darin Adler.
1673
1674         * history/HistoryItem.cpp: Bump the encoding version, since this patch changes how we encode
1675         FormData objects.
1676
1677         * platform/network/FormData.cpp:
1678         (WebCore::decode): Decode the type from the Decoder, rather than getting it from the
1679         default-constructed FormDataElement. Failing to do this meant that all future uses of the
1680         Decoder would be reading from an unexpected part of the buffer (i.e., the next decode would
1681         start by reading the uint32_t that we forgot to decode here, and so on). We already had code
1682         to correctly set the FormDataElement's type based on this decoded type later in the
1683         function.
1684         (WebCore::FormData::encodeForBackForward): Encode m_identifier as an int64_t, since that
1685         matches its type and how we decode it.
1686
1687 2011-02-02  Dan Winship  <danw@gnome.org>
1688
1689         Reviewed by Martin Robinson.
1690
1691         [GTK] drop soup cache stuff, which has been moved to libsoup
1692         https://bugs.webkit.org/show_bug.cgi?id=50747
1693
1694         Use libsoup-based cache/requester API and remove the WebCore version
1695         of this functionality. This has been pushed upstream fully.
1696
1697         No new tests because this should not change functionality.
1698
1699         * GNUmakefile.am: Update for removed files.
1700         * platform/network/ResourceHandleInternal.h:
1701         (WebCore::ResourceHandleInternal::ResourceHandleInternal): Update
1702         type names, drop m_requester.
1703         * platform/network/soup/ResourceHandleSoup.cpp:
1704         (WebCore::ensureSessionIsInitialized): Add a SoupRequester to the
1705         session.
1706         (WebCore::parseDataUrl):
1707         (WebCore::startHttp): Get the requester from the session rather
1708         than using m_requester.
1709         (WebCore::sendRequestCallback):
1710         (WebCore::ResourceHandle::platformSetDefersLoading):
1711         (WebCore::readCallback):
1712         (WebCore::startGio): Update type names.
1713         * platform/network/soup/cache/soup-directory-input-stream.c: Removed.
1714         * platform/network/soup/cache/soup-directory-input-stream.h: Removed.
1715         * platform/network/soup/cache/soup-http-input-stream.c: Removed.
1716         * platform/network/soup/cache/soup-http-input-stream.h: Removed.
1717         * platform/network/soup/cache/soup-request-data.c: Removed.
1718         * platform/network/soup/cache/soup-request-data.h: Removed.
1719         * platform/network/soup/cache/soup-request-file.c: Removed.
1720         * platform/network/soup/cache/soup-request-file.h: Removed.
1721         * platform/network/soup/cache/soup-request-http.c: Removed.
1722         * platform/network/soup/cache/soup-request-http.h: Removed.
1723         * platform/network/soup/cache/soup-request.c: Removed.
1724         * platform/network/soup/cache/soup-request.h: Removed.
1725         * platform/network/soup/cache/soup-requester.c: Removed.
1726         * platform/network/soup/cache/soup-requester.h: Removed.
1727         * platform/network/soup/cache/webkit/soup-cache-private.h: Removed.
1728         * platform/network/soup/cache/webkit/soup-cache.c: Removed.
1729         * platform/network/soup/cache/webkit/soup-cache.h: Removed.
1730
1731 2011-02-02  David Hyatt  <hyatt@apple.com>
1732
1733         Reviewed by Darin Adler.
1734
1735         https://bugs.webkit.org/show_bug.cgi?id=53520
1736
1737         Remove physical accessors from IntRect and FloatRect.
1738
1739         * page/FrameView.cpp:
1740         (WebCore::FrameView::adjustPageHeightDeprecated):
1741         * platform/graphics/FloatRect.h:
1742         * platform/graphics/IntRect.h:
1743
1744 2011-02-02  David Hyatt  <hyatt@apple.com>
1745
1746         Reviewed by Dan Bernstein.
1747
1748         https://bugs.webkit.org/show_bug.cgi?id=53614
1749
1750         Remove physical terminology from overflow.  Replace with minX/maxX/minY/maxY.
1751
1752         * rendering/InlineFlowBox.cpp:
1753         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
1754         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
1755         * rendering/InlineFlowBox.h:
1756         (WebCore::InlineFlowBox::minYLayoutOverflow):
1757         (WebCore::InlineFlowBox::maxYLayoutOverflow):
1758         (WebCore::InlineFlowBox::minXLayoutOverflow):
1759         (WebCore::InlineFlowBox::maxXLayoutOverflow):
1760         (WebCore::InlineFlowBox::logicalLeftLayoutOverflow):
1761         (WebCore::InlineFlowBox::logicalRightLayoutOverflow):
1762         (WebCore::InlineFlowBox::logicalTopLayoutOverflow):
1763         (WebCore::InlineFlowBox::logicalBottomLayoutOverflow):
1764         (WebCore::InlineFlowBox::minYVisualOverflow):
1765         (WebCore::InlineFlowBox::maxYVisualOverflow):
1766         (WebCore::InlineFlowBox::minXVisualOverflow):
1767         (WebCore::InlineFlowBox::maxXVisualOverflow):
1768         (WebCore::InlineFlowBox::logicalLeftVisualOverflow):
1769         (WebCore::InlineFlowBox::logicalRightVisualOverflow):
1770         (WebCore::InlineFlowBox::logicalminYVisualOverflow):
1771         (WebCore::InlineFlowBox::logicalmaxYVisualOverflow):
1772         * rendering/RenderBlock.cpp:
1773         (WebCore::RenderBlock::adjustLinePositionForPagination):
1774         * rendering/RenderBlockLineLayout.cpp:
1775         (WebCore::RenderBlock::beforeSideVisualOverflowForLine):
1776         (WebCore::RenderBlock::afterSideVisualOverflowForLine):
1777         (WebCore::RenderBlock::beforeSideLayoutOverflowForLine):
1778         (WebCore::RenderBlock::afterSideLayoutOverflowForLine):
1779         * rendering/RenderBox.cpp:
1780         (WebCore::RenderBox::scrollWidth):
1781         (WebCore::RenderBox::scrollHeight):
1782         * rendering/RenderBox.h:
1783         (WebCore::RenderBox::minYLayoutOverflow):
1784         (WebCore::RenderBox::maxYLayoutOverflow):
1785         (WebCore::RenderBox::minXLayoutOverflow):
1786         (WebCore::RenderBox::maxXLayoutOverflow):
1787         (WebCore::RenderBox::logicalLeftLayoutOverflow):
1788         (WebCore::RenderBox::logicalRightLayoutOverflow):
1789         (WebCore::RenderBox::minYVisualOverflow):
1790         (WebCore::RenderBox::maxYVisualOverflow):
1791         (WebCore::RenderBox::minXVisualOverflow):
1792         (WebCore::RenderBox::maxXVisualOverflow):
1793         (WebCore::RenderBox::logicalLeftVisualOverflow):
1794         (WebCore::RenderBox::logicalRightVisualOverflow):
1795         * rendering/RenderInline.cpp:
1796         (WebCore::RenderInline::linesVisualOverflowBoundingBox):
1797         * rendering/RenderLayerCompositor.cpp:
1798         (WebCore::RenderLayerCompositor::ensureRootPlatformLayer):
1799         * rendering/RenderLineBoxList.cpp:
1800         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1801         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1802         (WebCore::RenderLineBoxList::paint):
1803         (WebCore::RenderLineBoxList::hitTest):
1804         * rendering/RenderMarquee.cpp:
1805         (WebCore::RenderMarquee::computePosition):
1806         * rendering/RenderOverflow.h:
1807         (WebCore::RenderOverflow::RenderOverflow):
1808         (WebCore::RenderOverflow::minYLayoutOverflow):
1809         (WebCore::RenderOverflow::maxYLayoutOverflow):
1810         (WebCore::RenderOverflow::minXLayoutOverflow):
1811         (WebCore::RenderOverflow::maxXLayoutOverflow):
1812         (WebCore::RenderOverflow::minYVisualOverflow):
1813         (WebCore::RenderOverflow::maxYVisualOverflow):
1814         (WebCore::RenderOverflow::minXVisualOverflow):
1815         (WebCore::RenderOverflow::maxXVisualOverflow):
1816         (WebCore::RenderOverflow::setminYVisualOverflow):
1817         (WebCore::RenderOverflow::visualOverflowRect):
1818         (WebCore::RenderOverflow::move):
1819         (WebCore::RenderOverflow::addVisualOverflow):
1820         (WebCore::RenderOverflow::setVisualOverflow):
1821         * rendering/RenderReplaced.cpp:
1822         (WebCore::RenderReplaced::shouldPaint):
1823         * rendering/RenderTable.cpp:
1824         (WebCore::RenderTable::layout):
1825         (WebCore::RenderTable::paint):
1826         * rendering/RenderTableCell.cpp:
1827         (WebCore::RenderTableCell::clippedOverflowRectForRepaint):
1828         * rendering/RenderTreeAsText.cpp:
1829         (WebCore::writeLayers):
1830         * rendering/RenderView.cpp:
1831         (WebCore::RenderView::docTop):
1832
1833 2011-02-02  Steve Lacey  <sjl@chromium.org>
1834
1835         Reviewed by Eric Carlson.
1836
1837         Implement basic media statistics on media elements.
1838         https://bugs.webkit.org/show_bug.cgi?id=53322
1839
1840         * Configurations/FeatureDefines.xcconfig:
1841         * GNUmakefile.am:
1842         * features.pri:
1843         * html/HTMLMediaElement.cpp:
1844         (WebCore::HTMLMediaElement::webkitAudioBytesDecoded):
1845         (WebCore::HTMLMediaElement::webkitVideoBytesDecoded):
1846         * html/HTMLMediaElement.h:
1847         * html/HTMLMediaElement.idl:
1848         * html/HTMLVideoElement.cpp:
1849         (WebCore::HTMLVideoElement::webkitDecodedFrames):
1850         (WebCore::HTMLVideoElement::webkitDroppedFrames):
1851         * html/HTMLVideoElement.h:
1852         * html/HTMLVideoElement.idl:
1853         * platform/graphics/MediaPlayer.cpp:
1854         (WebCore::MediaPlayer::decodedFrames):
1855         (WebCore::MediaPlayer::droppedFrames):
1856         (WebCore::MediaPlayer::audioBytesDecoded):
1857         (WebCore::MediaPlayer::videoBytesDecoded):
1858         * platform/graphics/MediaPlayer.h:
1859         * platform/graphics/MediaPlayerPrivate.h:
1860         (WebCore::MediaPlayerPrivateInterface::decodedFrames):
1861         (WebCore::MediaPlayerPrivateInterface::droppedFrames):
1862         (WebCore::MediaPlayerPrivateInterface::audioBytesDecoded):
1863         (WebCore::MediaPlayerPrivateInterface::videoBytesDecoded):
1864
1865 2011-02-02  Luiz Agostini  <luiz.agostini@openbossa.org>
1866
1867         Reviewed by David Hyatt.
1868
1869         More conversion from right()/bottom() to maxX()/maxY().
1870
1871         * page/qt/FrameQt.cpp:
1872         (WebCore::Frame::dragImageForSelection):
1873         * platform/graphics/qt/GraphicsContextQt.cpp:
1874         (WebCore::GraphicsContext::roundToDevicePixels):
1875
1876 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
1877
1878         [wx] Build fixes for wxWebKit.
1879
1880         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
1881         (documentWrite):
1882         * bindings/scripts/CodeGeneratorCPP.pm:
1883         * page/wx/DragControllerWx.cpp:
1884         (WebCore::DragController::dragOperation):
1885         * platform/graphics/wx/FontCustomPlatformData.h:
1886         * platform/graphics/wx/FontPlatformData.h:
1887         (WebCore::FontPlatformData::widthVariant):
1888         * platform/graphics/wx/FontPlatformDataWx.cpp:
1889         (WebCore::FontPlatformData::computeHash):
1890         * platform/graphics/wx/FontWx.cpp:
1891         * platform/graphics/wx/GraphicsContextWx.cpp:
1892         (WebCore::GraphicsContext::fillPath):
1893         (WebCore::GraphicsContext::strokePath):
1894         * platform/wx/RenderThemeWx.cpp:
1895
1896 2011-02-02  David Hyatt  <hyatt@apple.com>
1897
1898         Reviewed by Darin Adler.
1899
1900         More right()/bottom() to maxX()/maxY() conversion.
1901
1902         * page/chromium/FrameChromium.cpp:
1903         (WebCore::Frame::nodeImage):
1904         (WebCore::Frame::dragImageForSelection):
1905
1906 2011-02-02  Sam Weinig  <sam@webkit.org>
1907
1908         Fix windows clean build.
1909
1910         * DerivedSources.make:
1911
1912 2011-02-02  Mikhail Naganov  <mnaganov@chromium.org>
1913
1914         Reviewed by Pavel Feldman.
1915
1916         Web Inspector: [Chromium] Landing detailed heap snapshots, part 2.
1917
1918         https://bugs.webkit.org/show_bug.cgi?id=53606
1919
1920         Display progress while taking a snapshot, and hints while loading
1921         and parsing. This is needed because taking detailed heap snapshots
1922         takes time.
1923
1924         * English.lproj/localizedStrings.js:
1925         * inspector/front-end/DetailedHeapshotView.js:
1926         (WebInspector.DetailedHeapshotProfileType.prototype.buttonClicked):
1927         * inspector/front-end/ProfilesPanel.js:
1928         (WebInspector.ProfilesPanel.prototype._reset):
1929         (WebInspector.ProfilesPanel.prototype._addProfileHeader):
1930         (WebInspector.ProfilesPanel.prototype.getProfiles):
1931         (WebInspector.ProfilesPanel.prototype.loadHeapSnapshot):
1932         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot.doParse):
1933         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot):
1934         (WebInspector.ProfilesPanel.prototype.takeHeapSnapshot):
1935         (WebInspector.ProfilesPanel.prototype._reportHeapSnapshotProgress):
1936         * inspector/front-end/SidebarTreeElement.js:
1937         (WebInspector.SidebarTreeElement.prototype.refreshTitles):
1938
1939 2011-02-02  David Hyatt  <hyatt@apple.com>
1940
1941         Reviewed by Darin Adler.
1942
1943         More conversion from right()/bottom() to maxX()/maxY().
1944
1945         * platform/win/PopupMenuWin.cpp:
1946         (WebCore::PopupMenuWin::calculatePositionAndSize):
1947         (WebCore::PopupMenuWin::paint):
1948
1949 2011-02-02  David Hyatt  <hyatt@apple.com>
1950
1951         Reviewed by Darin Adler.
1952
1953         Removal of right()/bottom().  Replace with maxX() and maxY().  Still converting.  Haven't removed yet.
1954
1955         * platform/chromium/PopupMenuChromium.cpp:
1956         (WebCore::PopupContainer::layoutAndCalculateWidgetRect):
1957         (WebCore::PopupListBox::scrollToRevealRow):
1958         (WebCore::PopupListBox::layout):
1959         * platform/graphics/FloatRect.h:
1960         * platform/graphics/IntRect.h:
1961         * platform/graphics/cairo/ImageBufferCairo.cpp:
1962         (WebCore::getImageData):
1963         (WebCore::putImageData):
1964         * platform/graphics/chromium/GLES2Canvas.cpp:
1965         (WebCore::GLES2Canvas::drawTexturedRect):
1966         * platform/graphics/chromium/LayerRendererChromium.cpp:
1967         (WebCore::LayerRendererChromium::verticalScrollbarRect):
1968         (WebCore::LayerRendererChromium::horizontalScrollbarRect):
1969         (WebCore::LayerRendererChromium::setScissorToRect):
1970         (WebCore::LayerRendererChromium::setDrawViewportRect):
1971         * platform/graphics/chromium/LayerTilerChromium.cpp:
1972         (WebCore::LayerTilerChromium::contentRectToTileIndices):
1973         (WebCore::LayerTilerChromium::growLayerToContain):
1974         * platform/graphics/gpu/TilingData.cpp:
1975         (WebCore::TilingData::tileBoundsWithBorder):
1976         (WebCore::TilingData::overlappedTileIndices):
1977         * platform/graphics/qt/ImageBufferQt.cpp:
1978         (WebCore::getImageData):
1979         (WebCore::putImageData):
1980         * platform/graphics/skia/FloatRectSkia.cpp:
1981         (WebCore::FloatRect::operator SkRect):
1982         * platform/graphics/skia/ImageBufferSkia.cpp:
1983         (WebCore::getImageData):
1984         (WebCore::putImageData):
1985         * platform/graphics/skia/IntRectSkia.cpp:
1986         (WebCore::IntRect::operator SkIRect):
1987         (WebCore::IntRect::operator SkRect):
1988         * platform/graphics/skia/PlatformContextSkia.cpp:
1989         (WebCore::PlatformContextSkia::beginLayerClippedToImage):
1990         * platform/graphics/win/GraphicsContextWin.cpp:
1991         (WebCore::GraphicsContextPlatformPrivate::clip):
1992         * platform/graphics/win/IntRectWin.cpp:
1993         (WebCore::IntRect::operator RECT):
1994         * platform/graphics/win/UniscribeController.cpp:
1995         (WebCore::UniscribeController::shapeAndPlaceItem):
1996         * platform/graphics/wince/GraphicsContextWinCE.cpp:
1997         (WebCore::roundRect):
1998         (WebCore::mapRect):
1999         (WebCore::TransparentLayerDC::TransparentLayerDC):
2000         (WebCore::GraphicsContext::drawRect):
2001         (WebCore::GraphicsContext::drawEllipse):
2002         (WebCore::GraphicsContext::strokeArc):
2003         (WebCore::GraphicsContext::clip):
2004         (WebCore::GraphicsContext::clipOut):
2005         (WebCore::GraphicsContext::strokeRect):
2006         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2007         (WebCore::GIFImageDecoder::initFrameBuffer):
2008         * platform/win/PopupMenuWin.cpp:
2009         (WebCore::PopupMenuWin::calculatePositionAndSize):
2010         (WebCore::PopupMenuWin::paint):
2011         * plugins/win/PluginViewWin.cpp:
2012         (WebCore::PluginView::updatePluginWidget):
2013         (WebCore::PluginView::invalidateRect):
2014         * rendering/RenderThemeSafari.cpp:
2015         (WebCore::RenderThemeSafari::paintMenuListButtonGradients):
2016         (WebCore::RenderThemeSafari::paintMenuListButton):
2017         (WebCore::RenderThemeSafari::paintSliderTrack):
2018         * rendering/RenderThemeWin.cpp:
2019         (WebCore::RenderThemeWin::paintInnerSpinButton):
2020         (WebCore::RenderThemeWin::paintMenuListButton):
2021
2022 2011-02-02  Antti Koivisto  <antti@apple.com>
2023
2024         Reviewed by Maciej Stachowiak.
2025
2026         Use Vector instead of a linked list for rules in CSSStyleSelector
2027         https://bugs.webkit.org/show_bug.cgi?id=53581
2028         
2029         - eliminate CSSRuleDataList, replace with Vector<RuleData>
2030         - rename CSSRuleData -> RuleData and CSSRuleSet -> RuleSet 
2031           (these are selector internal classes, CSS prefix is better reserved for public ones).
2032         - constify a bit
2033         - shrink the vectors to fit after collecting the rules
2034
2035         * css/CSSStyleSelector.cpp:
2036         (WebCore::RuleData::RuleData):
2037         (WebCore::RuleData::position):
2038         (WebCore::RuleData::rule):
2039         (WebCore::RuleData::selector):
2040         (WebCore::RuleSet::disableAutoShrinkToFit):
2041         (WebCore::RuleSet::getIDRules):
2042         (WebCore::RuleSet::getClassRules):
2043         (WebCore::RuleSet::getTagRules):
2044         (WebCore::RuleSet::getPseudoRules):
2045         (WebCore::RuleSet::getUniversalRules):
2046         (WebCore::RuleSet::getPageRules):
2047         (WebCore::collectSiblingRulesInDefaultStyle):
2048         (WebCore::CSSStyleSelector::CSSStyleSelector):
2049         (WebCore::loadFullDefaultStyle):
2050         (WebCore::loadSimpleDefaultStyle):
2051         (WebCore::loadViewSourceStyle):
2052         (WebCore::CSSStyleSelector::matchRules):
2053         (WebCore::CSSStyleSelector::matchRulesForList):
2054         (WebCore::operator >):
2055         (WebCore::operator <=):
2056         (WebCore::CSSStyleSelector::sortMatchedRules):
2057         (WebCore::CSSStyleSelector::matchUARules):
2058         (WebCore::RuleSet::RuleSet):
2059         (WebCore::RuleSet::~RuleSet):
2060         (WebCore::RuleSet::addToRuleSet):
2061         (WebCore::RuleSet::addRule):
2062         (WebCore::RuleSet::addPageRule):
2063         (WebCore::RuleSet::addRulesFromSheet):
2064         (WebCore::RuleSet::addStyleRule):
2065         (WebCore::collectIdsAndSiblingRulesFromList):
2066         (WebCore::RuleSet::collectIdsAndSiblingRules):
2067         (WebCore::shrinkMapVectorsToFit):
2068         (WebCore::RuleSet::shrinkToFit):
2069         (WebCore::CSSStyleSelector::matchPageRules):
2070         (WebCore::CSSStyleSelector::matchPageRulesForList):
2071         * css/CSSStyleSelector.h:
2072         (WebCore::CSSStyleSelector::addMatchedRule):
2073
2074 2011-02-02  Andrey Adaikin  <aandrey@google.com>
2075
2076         Reviewed by Pavel Feldman.
2077
2078         Web Inspector: Use DIVs instead of TABLE in TextViewer
2079         https://bugs.webkit.org/show_bug.cgi?id=53299
2080
2081         * inspector/front-end/SourceFrame.js:
2082         (WebInspector.SourceFrame.prototype._createTextViewer):
2083         (WebInspector.SourceFrame.prototype._mouseDown):
2084         * inspector/front-end/TextViewer.js:
2085         (WebInspector.TextViewer):
2086         (WebInspector.TextViewer.prototype.set mimeType):
2087         (WebInspector.TextViewer.prototype.revealLine):
2088         (WebInspector.TextViewer.prototype.addDecoration):
2089         (WebInspector.TextViewer.prototype.removeDecoration):
2090         (WebInspector.TextViewer.prototype.markAndRevealRange):
2091         (WebInspector.TextViewer.prototype.highlightLine):
2092         (WebInspector.TextViewer.prototype.clearLineHighlight):
2093         (WebInspector.TextViewer.prototype.freeCachedElements):
2094         (WebInspector.TextViewer.prototype._handleKeyDown):
2095         (WebInspector.TextViewer.prototype.editLine.finishEditing):
2096         (WebInspector.TextViewer.prototype.editLine):
2097         (WebInspector.TextViewer.prototype.beginUpdates):
2098         (WebInspector.TextViewer.prototype.endUpdates):
2099         (WebInspector.TextViewer.prototype.resize):
2100         (WebInspector.TextViewer.prototype._textChanged):
2101         (WebInspector.TextViewer.prototype._updatePanelOffsets):
2102         (WebInspector.TextViewer.prototype._syncScroll):
2103         (WebInspector.TextViewer.prototype._syncDecorationsForLine):
2104         (WebInspector.TextEditorChunkedPanel):
2105         (WebInspector.TextEditorChunkedPanel.prototype.set syncScrollListener):
2106         (WebInspector.TextEditorChunkedPanel.prototype.get textModel):
2107         (WebInspector.TextEditorChunkedPanel.prototype.addDecoration):
2108         (WebInspector.TextEditorChunkedPanel.prototype.removeDecoration):
2109         (WebInspector.TextEditorChunkedPanel.prototype.revealLine):
2110         (WebInspector.TextEditorChunkedPanel.prototype.makeLineAChunk):
2111         (WebInspector.TextEditorChunkedPanel.prototype.textChanged):
2112         (WebInspector.TextEditorChunkedPanel.prototype.beginUpdates):
2113         (WebInspector.TextEditorChunkedPanel.prototype.endUpdates):
2114         (WebInspector.TextEditorChunkedPanel.prototype.resize):
2115         (WebInspector.TextEditorChunkedPanel.prototype._scroll):
2116         (WebInspector.TextEditorChunkedPanel.prototype._scheduleRepaintAll):
2117         (WebInspector.TextEditorChunkedPanel.prototype._buildChunks):
2118         (WebInspector.TextEditorChunkedPanel.prototype._repaintAll):
2119         (WebInspector.TextEditorChunkedPanel.prototype._chunkNumberForLine):
2120         (WebInspector.TextEditorChunkedPanel.prototype._chunkForLine):
2121         (WebInspector.TextEditorGutterPanel):
2122         (WebInspector.TextEditorGutterPanel.prototype.freeCachedElements):
2123         (WebInspector.TextEditorGutterPanel.prototype._createNewChunk):
2124         (WebInspector.TextEditorGutterPanel.prototype._expandChunks):
2125         (WebInspector.TextEditorGutterChunk):
2126         (WebInspector.TextEditorGutterChunk.prototype.get expanded):
2127         (WebInspector.TextEditorGutterChunk.prototype.set expanded):
2128         (WebInspector.TextEditorGutterChunk.prototype.get height):
2129         (WebInspector.TextEditorGutterChunk.prototype._createRow):
2130         (WebInspector.TextEditorMainPanel):
2131         (WebInspector.TextEditorMainPanel.prototype.set syncDecorationsForLine):
2132         (WebInspector.TextEditorMainPanel.prototype.set mimeType):
2133         (WebInspector.TextEditorMainPanel.prototype.markAndRevealRange):
2134         (WebInspector.TextEditorMainPanel.prototype.highlightLine):
2135         (WebInspector.TextEditorMainPanel.prototype.clearLineHighlight):
2136         (WebInspector.TextEditorMainPanel.prototype.freeCachedElements):
2137         (WebInspector.TextEditorMainPanel.prototype._buildChunks):
2138         (WebInspector.TextEditorMainPanel.prototype._createNewChunk):
2139         (WebInspector.TextEditorMainPanel.prototype._expandChunks):
2140         (WebInspector.TextEditorMainPanel.prototype._highlightDataReady):
2141         (WebInspector.TextEditorMainPanel.prototype._paintLines):
2142         (WebInspector.TextEditorMainPanel.prototype._paintLine):
2143         (WebInspector.TextEditorMainPanel.prototype._releaseLinesHighlight):
2144         (WebInspector.TextEditorMainPanel.prototype._getSelection):
2145         (WebInspector.TextEditorMainPanel.prototype._restoreSelection):
2146         (WebInspector.TextEditorMainPanel.prototype._selectionToPosition):
2147         (WebInspector.TextEditorMainPanel.prototype._positionToSelection):
2148         (WebInspector.TextEditorMainPanel.prototype._appendTextNode):
2149         (WebInspector.TextEditorMainPanel.prototype._handleDomUpdates):
2150         (WebInspector.TextEditorMainChunk):
2151         (WebInspector.TextEditorMainChunk.prototype.addDecoration):
2152         (WebInspector.TextEditorMainChunk.prototype.set expanded):
2153         (WebInspector.TextEditorMainChunk.prototype.get height):
2154         (WebInspector.TextEditorMainChunk.prototype.getExpandedLineRow):
2155         (WebInspector.TextEditorMainChunk.prototype._createRow):
2156         (WebInspector):
2157         * inspector/front-end/textViewer.css:
2158         (.text-editor-lines):
2159         (.text-editor-contents):
2160         (.text-editor-editable):
2161         (.webkit-line-decorations):
2162         (.webkit-line-number):
2163         (.webkit-execution-line.webkit-line-content):
2164         (.diff-container .webkit-added-line.webkit-line-content):
2165         (.diff-container .webkit-removed-line.webkit-line-content):
2166         (.diff-container .webkit-changed-line.webkit-line-content):
2167         (.webkit-highlighted-line.webkit-line-content):
2168
2169 2011-02-02  Hans Wennborg  <hans@chromium.org>
2170
2171         Reviewed by Jeremy Orlow.
2172
2173         IndexedDB: Implement support for cursor updates
2174         https://bugs.webkit.org/show_bug.cgi?id=53421
2175
2176         Implement support for cursor updates using the same pattern as cursor
2177         deletes: forward the calls to the IDBObjectStoreBackend::put().
2178         The put() function's signature needs to be changed to allow for a
2179         "cursor update mode". This makes the signature more clear anyway,
2180         since it replaces the boolean parameter.
2181
2182         Test: storage/indexeddb/cursor-update.html
2183
2184         * storage/IDBCursor.idl:
2185         * storage/IDBCursorBackendImpl.cpp:
2186         (WebCore::IDBCursorBackendImpl::key):
2187         (WebCore::IDBCursorBackendImpl::update):
2188         * storage/IDBCursorBackendImpl.h:
2189         * storage/IDBObjectStore.cpp:
2190         (WebCore::IDBObjectStore::add):
2191         (WebCore::IDBObjectStore::put):
2192         * storage/IDBObjectStoreBackendImpl.cpp:
2193         (WebCore::IDBObjectStoreBackendImpl::put):
2194         (WebCore::IDBObjectStoreBackendImpl::putInternal):
2195         * storage/IDBObjectStoreBackendImpl.h:
2196         * storage/IDBObjectStoreBackendInterface.h:
2197
2198 2011-02-02  Naoki Takano  <takano.naoki@gmail.com>
2199
2200         Reviewed by Kent Tamura.
2201
2202         Fix popup menu RTL bug introduced by Changeset 75982.
2203         https://bugs.webkit.org/show_bug.cgi?id=53567
2204
2205         PopupMenuChromium::layout() calculates X position according to RTL or not. So Change the X position calculation in layoutAndCalculateWidgetRect().
2206
2207         No new tests. However we can check manually with select_dropdown_box_alignment.html, autofill_alignment.html, select_alignment.html, select_dropdown_box_alignment.html, autofill-popup-width-and-item-direction.html
2208
2209         * platform/chromium/PopupMenuChromium.cpp:
2210         (WebCore::PopupContainer::layoutAndCalculateWidgetRect): Fix calculation of x position, because layout() considers RTL. And change the parameter from both X and Y positions to only Y position.
2211         (WebCore::PopupContainer::showPopup): Change the passing parameter.
2212         (WebCore::PopupContainer::refresh): Change the passing parameter.
2213         * platform/chromium/PopupMenuChromium.h: Change the parameter declaration.
2214
2215 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
2216
2217         Reviewed by Martin Robinson.
2218
2219         [GTK] Fix dist compilation
2220         https://bugs.webkit.org/show_bug.cgi?id=53579
2221
2222         * GNUmakefile.am: Added FontWidthVariant.h to the sources, it was
2223         added in r77153.
2224
2225 2011-02-02  Dai Mikurube  <dmikurube@google.com>
2226
2227         Reviewed by David Levin.
2228
2229         Make mime type lookup in File::create(path) thread-safe
2230         https://bugs.webkit.org/show_bug.cgi?id=47700
2231
2232         This patch introduces a new function MIMETypeRegistry::getMIMETypeForExtensionThreadSafe().
2233         The function is to be called as a thread-safe version of getMIMETypeForExtension() when
2234         both FILE_SYSTEM and WORKERS are enabled.
2235
2236         No tests for this patch. This patch itself doesn't change the behaviors.
2237         For Chromium, it runs in the same way with getMIMETypeForExtensionThreadSafe().
2238         For the other platforms, it causes compilation error in case of enabled FILE_SYSTEM and WORKERS.
2239         The compilation error would be a signal to implement getMIMETypeForExtensionThreadSafe() in these
2240         platforms. Currently it doesn't happen since FILE_SYSTEM is not available in the other platforms.
2241
2242         * platform/MIMETypeRegistry.cpp: Defined generic getMIMETypeForExtension() calling getMIMETypeForExtensionThreadSafe() for enabled FILE_SYSTEM and WORKERS.
2243         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2244         * platform/MIMETypeRegistry.h: Declared getMIMETypeForExtensionThreadSafe() which should be implemented for each platform.
2245         * platform/android/TemporaryLinkStubs.cpp:
2246         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2247         * platform/brew/MIMETypeRegistryBrew.cpp:
2248         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2249         * platform/chromium/MIMETypeRegistryChromium.cpp: Defined getMIMETypeForExtensionThreadSafe() for the case when FILE_SYSTEM and WORKERS are enabled.
2250         (WebCore::MIMETypeRegistry::getMIMETypeForExtensionThreadSafe):
2251         * platform/efl/MIMETypeRegistryEfl.cpp:
2252         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2253         * platform/gtk/MIMETypeRegistryGtk.cpp:
2254         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2255         * platform/haiku/MIMETypeRegistryHaiku.cpp:
2256         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2257         * platform/mac/MIMETypeRegistryMac.mm:
2258         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2259         * platform/qt/MIMETypeRegistryQt.cpp:
2260         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2261         * platform/win/MIMETypeRegistryWin.cpp:
2262         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2263         * platform/wince/MIMETypeRegistryWinCE.cpp:
2264         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2265         * platform/wx/MimeTypeRegistryWx.cpp:
2266         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2267
2268 2011-02-01  Adam Barth  <abarth@webkit.org>
2269
2270         Reviewed by Alexey Proskuryakov.
2271
2272         Improve readability of updateWidget by converting bool parameter to an enum
2273         https://bugs.webkit.org/show_bug.cgi?id=53576
2274
2275         As requested on webkit-dev.
2276
2277         * html/HTMLEmbedElement.cpp:
2278         (WebCore::HTMLEmbedElement::updateWidget):
2279         * html/HTMLEmbedElement.h:
2280         * html/HTMLMediaElement.cpp:
2281         (WebCore::HTMLMediaElement::updateWidget):
2282         * html/HTMLMediaElement.h:
2283         * html/HTMLObjectElement.cpp:
2284         (WebCore::HTMLObjectElement::updateWidget):
2285         * html/HTMLObjectElement.h:
2286         * html/HTMLPlugInImageElement.cpp:
2287         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
2288         * html/HTMLPlugInImageElement.h:
2289         * page/FrameView.cpp:
2290         (WebCore::FrameView::updateWidget):
2291
2292 2011-02-01  James Robinson  <jamesr@chromium.org>
2293
2294         Reviewed by Adam Barth.
2295
2296         [v8] Increase V8 native->js recursion limit to match document.write() recursion limit
2297         https://bugs.webkit.org/show_bug.cgi?id=53566
2298
2299         A recursion limit of 22 is necessary to pass fast/dom/Document/document-write-recursion.html.
2300         Other than being large enough for this one test case, this limit is arbitrary.
2301
2302         * bindings/v8/V8Proxy.h:
2303
2304 2011-02-01  Adam Barth  <abarth@webkit.org>
2305
2306         Reviewed by Andreas Kling.
2307
2308         Remove useless comment
2309         https://bugs.webkit.org/show_bug.cgi?id=53549
2310
2311         The reason for this parameter is captured in
2312         plugins/netscape-plugin-setwindow-size.html, which is a better place to
2313         capture it than in this comment (which otherwise just re-iterates the
2314         name of the parameter).
2315
2316         * html/HTMLPlugInImageElement.cpp:
2317         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
2318
2319 2011-02-01  James Simonsen  <simonjam@chromium.org>
2320
2321         Reviewed by Tony Gentilcore.
2322
2323         [WebTiming] Remove asserts that verify timestamp order
2324         https://bugs.webkit.org/show_bug.cgi?id=53548
2325
2326         Covered by existing tests.
2327
2328         * loader/FrameLoader.cpp:
2329         (WebCore::FrameLoader::stopLoading): Remove assert.
2330         * page/DOMWindow.cpp:
2331         (WebCore::DOMWindow::dispatchTimedEvent): Ditto.
2332
2333 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
2334
2335         Add the 'default_targets' enclosure to the flags.
2336
2337         * WebCore.gyp/WebCore.gyp: Did it.
2338
2339 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
2340
2341         Reviewed by James Robinson.
2342
2343         Async event handlers should not fire within a modal dialog
2344         https://bugs.webkit.org/show_bug.cgi?id=53202
2345
2346         Asychronous events that use EventQueue would currently fire while a
2347         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
2348         SuspendableTimer (which automatically gets suspended while dialogs are
2349         up and in other cases where JS execution is not allowed).
2350         
2351         Test: fast/events/scroll-event-during-modal-dialog.html
2352
2353         * dom/Document.cpp:
2354         (WebCore::Document::Document):
2355         * dom/EventQueue.cpp:
2356         (WebCore::EventQueueTimer::EventQueueTimer):
2357         (WebCore::EventQueueTimer::fired):
2358         (WebCore::EventQueue::EventQueue):
2359         (WebCore::EventQueue::enqueueEvent):
2360         (WebCore::EventQueue::pendingEventTimerFired):
2361         * dom/EventQueue.h:
2362         (WebCore::EventQueue::create):
2363         * page/SuspendableTimer.cpp:
2364         (WebCore::SuspendableTimer::SuspendableTimer):
2365         (WebCore::SuspendableTimer::suspend):
2366         (WebCore::SuspendableTimer::resume):
2367         * page/SuspendableTimer.h:
2368
2369 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
2370
2371         Reviewed by Andreas Kling.
2372
2373         Change wrong PLATFORM(WIN) to USE(WININET)
2374         https://bugs.webkit.org/show_bug.cgi?id=53547
2375
2376         * platform/network/ResourceHandle.h:
2377
2378 2011-02-01  Beth Dakin  <bdakin@apple.com>
2379
2380         32-bit build fix.
2381
2382         * platform/mac/ScrollAnimatorMac.mm:
2383         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
2384
2385 2011-01-25  Martin Robinson  <mrobinson@igalia.com>
2386
2387         Reviewed by Gustavo Noronha Silva.
2388
2389         [GTK] Two tests crash after r76555
2390         https://bugs.webkit.org/show_bug.cgi?id=53057
2391
2392         Instead of creating synchronous ResourceHandles manually, use the ::create factory.
2393         This ensures that ::start() is not called when there is a scheduled failure and also
2394         reduces code duplication.
2395
2396         * platform/network/soup/ResourceHandleSoup.cpp:
2397         (WebCore::ResourceHandle::loadResourceSynchronously): Use the ::create factory method.
2398
2399 2011-02-01  Martin Robinson  <mrobinson@igalia.com>
2400
2401         Reviewed by Eric Seidel.
2402
2403         [GTK] GObject DOM bindings do no support the CallWith attribute
2404         https://bugs.webkit.org/show_bug.cgi?id=53331
2405
2406         Disable building GObject DOM bindings for IndexedDB because we do not support
2407         the CallWith attribute at this time.
2408
2409         * bindings/gobject/GNUmakefile.am: Disable building bindings for the IndexedDB API.
2410
2411 2011-02-01  Darin Adler  <darin@apple.com>
2412
2413         Reviewed by Brady Eidson.
2414
2415         Fix a couple loose ends from the back/forward tree encode/decode work
2416         https://bugs.webkit.org/show_bug.cgi?id=53537
2417
2418         * history/HistoryItem.cpp:
2419         (WebCore::HistoryItem::encodeBackForwardTreeNode): Remove extra copy of
2420         original URL string; no need to encode it twice.
2421         (WebCore::HistoryItem::decodeBackForwardTree): Ditto.
2422         * history/HistoryItem.h: Removed declaration for function that is no
2423         longer defined nor used.
2424
2425 2011-02-01  Tony Chang  <tony@chromium.org>
2426
2427         Reviewed by Kent Tamura.
2428
2429         [chromium] disable arm uninitialized variable warnings
2430         https://bugs.webkit.org/show_bug.cgi?id=53553
2431
2432         We just got another error:
2433         third_party/WebKit/Source/WebCore/css/CSSPrimitiveValue.cpp:123:error:
2434         'colorTransparent.unstatic.4879' may be used uninitialized in this
2435         function
2436
2437         * WebCore.gyp/WebCore.gyp:
2438
2439 2011-02-01  chris reiss  <christopher.reiss@nokia.com>
2440
2441         Reviewed by Adam Barth.
2442
2443         Self-replicating code makes Safari hang and eventually crash
2444         https://bugs.webkit.org/show_bug.cgi?id=15123
2445
2446        
2447         Here we are replicating the Firefox safeguard against
2448         recursive document.write( ) 's.
2449
2450         See  https://bug197052.bugzilla.mozilla.org/attachment.cgi?id=293907 in bug 
2451         https://bugzilla.mozilla.org/show_bug.cgi?id=197052 .   Firefox does two things - 
2452             a) imposes a recursion limit of 20 on document.write( ) and
2453             b) once that limit is passed, panics all the way the call stack (rather than just returning one level.)
2454         To see why this is necessary, consider the script : 
2455
2456         <script>
2457            var t = document.body.innerHTML;
2458            document.write(t);
2459         </script> 
2460
2461         This will create a tree both broad and deep as the script keeps appending itself to the text.   If
2462         we just return one level after the recursion limit is reached, we still allow millions of copies to 
2463         duplicate (and execute).   
2464
2465         The recursion is fortunately depth-first, so as soon as we cross this limit, we panic up the callstack
2466         to prevent this situation.    (IE apparently does the same thing, with a lower recursion limit.) 
2467
2468         Test: fast/dom/Document/document-write-recursion.html        
2469         Test: fast/dom/Document/document-close-iframe-load.html
2470         Test: fast/dom/Document/document-close-nested-iframe-load.html
2471
2472
2473         * dom/Document.cpp:
2474         (WebCore::Document::Document):
2475         (WebCore::Document::write):
2476         * dom/Document.h:
2477
2478 2011-02-01  Johnny Ding  <jnd@chromium.org>
2479
2480         Reviewed by Darin Adler.
2481
2482         Don't set user gesture in HTMLAnchorElement's click handler because the click handler can be triggered by untrusted event.
2483         https://bugs.webkit.org/show_bug.cgi?id=53424
2484
2485         Test: fast/events/popup-blocked-from-untrusted-click-event-on-anchor.html
2486
2487         * html/HTMLAnchorElement.cpp:
2488         (WebCore::handleLinkClick):
2489
2490 2011-02-01  Csaba Osztrogon√°c  <ossy@webkit.org>
2491
2492         Unreviewed Qt buildfix after r77286.
2493
2494         https://bugs.webkit.org/show_bug.cgi?id=53520 
2495         Remove the physical terminology from IntRect and FloatRect.
2496
2497         * platform/graphics/TiledBackingStore.cpp:
2498         (WebCore::TiledBackingStore::createTiles):
2499
2500 2011-02-01  Sam Weinig  <sam@webkit.org>
2501
2502         Fix Mac production builds.
2503
2504         * DerivedSources.make:
2505         * WebCore.xcodeproj/project.pbxproj:
2506         * platform/mac/ScrollAnimatorMac.h:
2507         * platform/mac/ScrollbarThemeMac.h:
2508
2509 2011-02-01  Darin Adler  <darin@apple.com>
2510
2511         Reviewed by Chris Fleizach.
2512
2513         REGRESSION: Removing focus from area element causes unwanted scrolling
2514         https://bugs.webkit.org/show_bug.cgi?id=50169
2515
2516         Test: fast/images/imagemap-scroll.html
2517
2518         * html/HTMLAreaElement.cpp:
2519         (WebCore::HTMLAreaElement::setFocus): Added override. Calls the new
2520         RenderImage::areaElementFocusChanged function.
2521         (WebCore::HTMLAreaElement::updateFocusAppearance): Removed the code
2522         here that calls setNeedsLayout on the image's renderer. This was an
2523         attempt to cause repaint of the renderer, but this function does not
2524         need to do that. Also changed this to use the imageElement function
2525         to avoid repeating code.
2526
2527         * html/HTMLAreaElement.h: Updated for above changes.
2528
2529         * rendering/RenderImage.cpp:
2530         (WebCore::RenderImage::paint): Updated for name change.
2531         (WebCore::RenderImage::paintAreaElementFocusRing): Renamed this from
2532         paintFocusRing, because it only paints area focus rings, and should
2533         not be confused with paintFocusRing functions in other classes. Also
2534         removed the unused style argument. Removed the code that used an
2535         HTMLCollection to see if the focused area element is for this image
2536         and instead just call imageElement on the area element.
2537         (WebCore::RenderImage::areaElementFocusChanged): Added. Calls repaint.
2538
2539         * rendering/RenderImage.h: Added a public areaElementFocusChanged
2540         function for HTMLAreaElement to call. Made the paintFocusRing function
2541         private, renamed it to paintAreaElementFocusRing, and removed its
2542         unused style argument.
2543
2544 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
2545
2546         Unreviewed WinCE build fix for r77286.
2547
2548         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2549         (WebCore::TransparentLayerDC::TransparentLayerDC):
2550
2551 2011-02-01  Chris Fleizach  <cfleizach@apple.com>
2552
2553         Reviewed by Darin Adler.
2554
2555         AX: AXPosition of AXScrollArea is wrong
2556         https://bugs.webkit.org/show_bug.cgi?id=53511
2557
2558         AccessibilityScrollView needed to return a valid documentFrameView() object.
2559         At the same time, the code from document() should be consolidated in 
2560         AccessibilityObject, so all objects can use it.
2561
2562         Test: platform/mac/accessibility/webkit-scrollarea-position.html
2563
2564         * accessibility/AccessibilityObject.cpp:
2565         (WebCore::AccessibilityObject::document):
2566         * accessibility/AccessibilityObject.h:
2567         * accessibility/AccessibilityScrollView.cpp:
2568         (WebCore::AccessibilityScrollView::accessibilityHitTest):
2569         (WebCore::AccessibilityScrollView::documentFrameView):
2570         * accessibility/AccessibilityScrollView.h:
2571
2572 2011-02-01  Zhenyao Mo  <zmo@google.com>
2573
2574         Reviewed by Kenneth Russell.
2575
2576         getUniform should support SAMPLER_2D or SAMPLER_CUBE
2577         https://bugs.webkit.org/show_bug.cgi?id=52190
2578
2579         * html/canvas/WebGLRenderingContext.cpp:
2580         (WebCore::WebGLRenderingContext::getUniform):
2581
2582 2011-02-01  Zhenyao Mo  <zmo@google.com>
2583
2584         Reviewed by Darin Adler.
2585
2586         Fix the incorrect usage of RetainPtr cases in GraphicsContext3DCG.cpp
2587         https://bugs.webkit.org/show_bug.cgi?id=53531
2588
2589         With this fix, running WebGL conformance tests should no longer crash randomly.
2590
2591         * platform/graphics/cg/GraphicsContext3DCG.cpp:
2592         (WebCore::GraphicsContext3D::getImageData):
2593
2594 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
2595
2596         One more Chromium build fix after r77286.
2597
2598         * platform/chromium/ScrollbarThemeChromiumMac.mm:
2599         (WebCore::ScrollbarThemeChromiumMac::paint): Changed to not use topLeft().
2600
2601 2011-02-01  Sam Weinig  <sam@webkit.org>
2602
2603         Fix the build for Beth.
2604
2605         * platform/mac/ScrollAnimatorMac.mm:
2606         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
2607
2608 2011-02-01  Sam Weinig  <sam@webkit.org>
2609
2610         Reviewed by Beth Dakin.
2611
2612         Part 2 for <rdar://problem/8492788>
2613         Adopt WKScrollbarPainterController
2614
2615         Use header detection to define scrollbar painting controller #define.
2616
2617         * WebCore.exp.in:
2618         * platform/mac/ScrollAnimatorMac.h:
2619         * platform/mac/ScrollbarThemeMac.h:
2620         * platform/mac/WebCoreSystemInterface.h:
2621         * platform/mac/WebCoreSystemInterface.mm:
2622
2623 2011-02-01  David Hyatt  <hyatt@apple.com>
2624
2625         Reviewed by Oliver Hunt.
2626
2627         https://bugs.webkit.org/show_bug.cgi?id=53520
2628         
2629         Remove the physical terminology from IntRect and FloatRect.
2630         
2631         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
2632         we need to update our terminology to be more accurate.
2633
2634         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
2635         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
2636         even for flipped rectangles.
2637
2638         * accessibility/AccessibilityRenderObject.cpp:
2639         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
2640         * accessibility/mac/AccessibilityObjectWrapper.mm:
2641         (-[AccessibilityObjectWrapper position]):
2642         * dom/ClientRect.h:
2643         (WebCore::ClientRect::right):
2644         (WebCore::ClientRect::bottom):
2645         * html/HTMLCanvasElement.cpp:
2646         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
2647         * html/canvas/CanvasRenderingContext2D.cpp:
2648         (WebCore::normalizeRect):
2649         * inspector/InspectorAgent.cpp:
2650         (WebCore::InspectorAgent::drawElementTitle):
2651         * page/DOMWindow.cpp:
2652         (WebCore::DOMWindow::adjustWindowRect):
2653         * page/DragController.cpp:
2654         (WebCore::dragLocForSelectionDrag):
2655         * page/EventHandler.cpp:
2656         (WebCore::EventHandler::sendContextMenuEventForKey):
2657         * page/PrintContext.cpp:
2658         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
2659         (WebCore::PrintContext::pageNumberForElement):
2660         * page/SpatialNavigation.cpp:
2661         (WebCore::end):
2662         (WebCore::areRectsFullyAligned):
2663         (WebCore::areRectsMoreThanFullScreenApart):
2664         (WebCore::below):
2665         (WebCore::rightOf):
2666         (WebCore::isRectInDirection):
2667         (WebCore::entryAndExitPointsForDirection):
2668         (WebCore::virtualRectForDirection):
2669         * page/WindowFeatures.cpp:
2670         (WebCore::WindowFeatures::WindowFeatures):
2671         * platform/ScrollView.cpp:
2672         (WebCore::ScrollView::wheelEvent):
2673         * platform/Scrollbar.cpp:
2674         (WebCore::Scrollbar::setFrameRect):
2675         * platform/ScrollbarThemeComposite.cpp:
2676         (WebCore::ScrollbarThemeComposite::splitTrack):
2677         * platform/chromium/ScrollbarThemeChromium.cpp:
2678         (WebCore::ScrollbarThemeChromium::paintTickmarks):
2679         * platform/graphics/FloatQuad.h:
2680         (WebCore::FloatQuad::FloatQuad):
2681         * platform/graphics/FloatRect.cpp:
2682         (WebCore::FloatRect::intersects):
2683         (WebCore::FloatRect::contains):
2684         (WebCore::FloatRect::intersect):
2685         (WebCore::FloatRect::unite):
2686         (WebCore::enclosingIntRect):
2687         * platform/graphics/FloatRect.h:
2688         (WebCore::FloatRect::maxX):
2689         (WebCore::FloatRect::maxY):
2690         (WebCore::FloatRect::contains):
2691         * platform/graphics/IntRect.cpp:
2692         (WebCore::IntRect::intersects):
2693         (WebCore::IntRect::contains):
2694         (WebCore::IntRect::intersect):
2695         (WebCore::IntRect::unite):
2696         * platform/graphics/IntRect.h:
2697         (WebCore::IntRect::maxX):
2698         (WebCore::IntRect::maxY):
2699         (WebCore::IntRect::shiftXEdgeTo):
2700         (WebCore::IntRect::shiftMaxXEdgeTo):
2701         (WebCore::IntRect::shiftYEdgeTo):
2702         (WebCore::IntRect::shiftMaxYEdgeTo):
2703         (WebCore::IntRect::contains):
2704         * platform/graphics/WidthIterator.cpp:
2705         (WebCore::WidthIterator::advance):
2706         * platform/graphics/cg/GraphicsContextCG.cpp:
2707         (WebCore::GraphicsContext::drawRect):
2708         (WebCore::GraphicsContext::fillPath):
2709         (WebCore::GraphicsContext::fillRect):
2710         * platform/graphics/cg/ImageBufferCG.cpp:
2711         (WebCore::getImageData):
2712         (WebCore::putImageData):
2713         * platform/graphics/cg/ImageCG.cpp:
2714         (WebCore::BitmapImage::draw):
2715         * platform/graphics/filters/FilterEffect.cpp:
2716         (WebCore::FilterEffect::copyImageBytes):
2717         * platform/graphics/mac/ComplexTextController.cpp:
2718         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
2719         * platform/graphics/mac/SimpleFontDataMac.mm:
2720         (WebCore::SimpleFontData::platformBoundsForGlyph):
2721         * platform/graphics/transforms/AffineTransform.cpp:
2722         (WebCore::AffineTransform::mapRect):
2723         * platform/graphics/win/FontCGWin.cpp:
2724         (WebCore::drawGDIGlyphs):
2725         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
2726         (WebCore::MediaPlayerPrivate::paint):
2727         * platform/gtk/RenderThemeGtk.cpp:
2728         (WebCore::centerRectVerticallyInParentInputElement):
2729         * platform/mac/WidgetMac.mm:
2730         (WebCore::Widget::paint):
2731         * rendering/InlineFlowBox.cpp:
2732         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
2733         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
2734         * rendering/InlineTextBox.cpp:
2735         (WebCore::InlineTextBox::selectionRect):
2736         (WebCore::InlineTextBox::paint):
2737         (WebCore::InlineTextBox::positionForOffset):
2738         * rendering/RenderBlock.cpp:
2739         (WebCore::RenderBlock::addOverflowFromChildren):
2740         (WebCore::RenderBlock::paintChildren):
2741         (WebCore::RenderBlock::paintEllipsisBoxes):
2742         (WebCore::RenderBlock::inlineSelectionGaps):
2743         (WebCore::RenderBlock::adjustPointToColumnContents):
2744         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
2745         (WebCore::RenderBlock::adjustForColumns):
2746         * rendering/RenderBlock.h:
2747         (WebCore::RenderBlock::FloatingObject::right):
2748         (WebCore::RenderBlock::FloatingObject::bottom):
2749         * rendering/RenderBox.cpp:
2750         (WebCore::RenderBox::reflectedRect):
2751         (WebCore::RenderBox::localCaretRect):
2752         (WebCore::RenderBox::addShadowOverflow):
2753         (WebCore::RenderBox::addLayoutOverflow):
2754         (WebCore::RenderBox::visualOverflowRectForPropagation):
2755         (WebCore::RenderBox::layoutOverflowRectForPropagation):
2756         (WebCore::RenderBox::flipForWritingMode):
2757         * rendering/RenderFrameSet.cpp:
2758         (WebCore::RenderFrameSet::paintColumnBorder):
2759         (WebCore::RenderFrameSet::paintRowBorder):
2760         * rendering/RenderInline.cpp:
2761         (WebCore::RenderInline::paintOutlineForLine):
2762         * rendering/RenderLayer.cpp:
2763         (WebCore::RenderLayer::getRectToExpose):
2764         (WebCore::cornerRect):
2765         (WebCore::RenderLayer::positionOverflowControls):
2766         (WebCore::RenderLayer::overflowBottom):
2767         (WebCore::RenderLayer::overflowRight):
2768         (WebCore::RenderLayer::paintResizer):
2769         * rendering/RenderLineBoxList.cpp:
2770         (WebCore::RenderLineBoxList::rangeIntersectsRect):
2771         (WebCore::RenderLineBoxList::paint):
2772         * rendering/RenderListItem.cpp:
2773         (WebCore::RenderListItem::positionListMarker):
2774         * rendering/RenderListMarker.cpp:
2775         (WebCore::RenderListMarker::paint):
2776         * rendering/RenderObject.cpp:
2777         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2778         * rendering/RenderOverflow.h:
2779         (WebCore::RenderOverflow::RenderOverflow):
2780         (WebCore::RenderOverflow::addLayoutOverflow):
2781         (WebCore::RenderOverflow::addVisualOverflow):
2782         (WebCore::RenderOverflow::setLayoutOverflow):
2783         (WebCore::RenderOverflow::setVisualOverflow):
2784         (WebCore::RenderOverflow::resetLayoutOverflow):
2785         * rendering/RenderReplaced.cpp:
2786         (WebCore::RenderReplaced::shouldPaint):
2787         * rendering/RenderScrollbarTheme.cpp:
2788         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
2789         * rendering/RenderTable.cpp:
2790         (WebCore::RenderTable::paint):
2791         * rendering/RenderTableCell.cpp:
2792         (WebCore::RenderTableCell::paint):
2793         * rendering/RenderTableSection.cpp:
2794         (WebCore::RenderTableSection::paintObject):
2795         * rendering/RenderText.cpp:
2796         (WebCore::RenderText::absoluteQuads):
2797         * rendering/RenderTextControlSingleLine.cpp:
2798         (WebCore::RenderTextControlSingleLine::forwardEvent):
2799         * rendering/RenderThemeMac.mm:
2800         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
2801         (WebCore::RenderThemeMac::paintMenuListButton):
2802         (WebCore::RenderThemeMac::paintSliderTrack):
2803         * rendering/RenderView.cpp:
2804         (WebCore::RenderView::computeRectForRepaint):
2805         (WebCore::RenderView::docBottom):
2806         (WebCore::RenderView::docRight):
2807         * rendering/RootInlineBox.cpp:
2808         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
2809         * rendering/svg/RenderSVGInlineText.cpp:
2810         (WebCore::RenderSVGInlineText::localCaretRect):
2811
2812 2011-02-01  Beth Dakin  <bdakin@apple.com>
2813
2814         Reviewed by Sam Weinig.
2815
2816         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
2817
2818         Lots of new WebCoreSystemInterface functions to export.
2819         * WebCore.exp.in:
2820         * platform/mac/WebCoreSystemInterface.h:
2821         * platform/mac/WebCoreSystemInterface.mm:
2822
2823         Let the scrollAnimator know when the mouse has
2824         moved anywhere inside the page, and when the mouse 
2825         has moved in or out of the window. 
2826         * page/EventHandler.cpp:
2827         (WebCore::EventHandler::mouseMoved):
2828         (WebCore::EventHandler::updateMouseEventTargetNode):
2829
2830         Let the scrollAnimator know when the window has become
2831         active or inactive.
2832         * page/FocusController.cpp:
2833         (WebCore::FocusController::setActive):
2834         
2835         Let the scrollAnimator know when all of these things
2836         are happening.
2837         * page/FrameView.cpp:
2838         (WebCore::FrameView::setContentsSize):
2839         (WebCore::FrameView::didMoveOnscreen):
2840         (WebCore::FrameView::willMoveOffscreen):
2841         (WebCore::FrameView::currentMousePosition):
2842         (WebCore::FrameView::contentsResized):
2843         
2844         New functions called through WebKit2 that allow the
2845         scrollAnimator to know when a live resize starts and ends.
2846         (WebCore::FrameView::willStartLiveResize):
2847         (WebCore::FrameView::willEndLiveResize):
2848         * page/FrameView.h:
2849         
2850         New functions on ScrollAnimator that pass information
2851         to the WKPainterController when we're using one.
2852         * platform/ScrollAnimator.h:
2853         (WebCore::ScrollAnimator::scrollableArea):
2854         (WebCore::ScrollAnimator::contentAreaWillPaint):
2855         (WebCore::ScrollAnimator::mouseEnteredContentArea):
2856         (WebCore::ScrollAnimator::mouseExitedContentArea):
2857         (WebCore::ScrollAnimator::mouseMovedInContentArea):
2858         (WebCore::ScrollAnimator::willStartLiveResize):
2859         (WebCore::ScrollAnimator::contentsResized):
2860         (WebCore::ScrollAnimator::willEndLiveResize):
2861         (WebCore::ScrollAnimator::contentAreaDidShow):
2862         (WebCore::ScrollAnimator::contentAreaDidHide):
2863         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
2864         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
2865         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
2866         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
2867         (WebCore::ScrollAnimatorMac::notityPositionChanged):
2868         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
2869         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
2870         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
2871         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
2872         (WebCore::ScrollAnimatorMac::willStartLiveResize):
2873         (WebCore::ScrollAnimatorMac::contentsResized):
2874         (WebCore::ScrollAnimatorMac::willEndLiveResize):
2875         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
2876         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
2877         
2878         Let the scrollAnimator know when this is happening.
2879         * platform/ScrollView.cpp:
2880         (WebCore::ScrollView::paint):
2881         
2882         New function lets the scrollAnimator get the current 
2883         mouse position.
2884         * platform/ScrollView.h:
2885         (WebCore::ScrollView::currentMousePosition):
2886         
2887         New function that returns the scrollAnimator when needed.
2888         * platform/ScrollableArea.h:
2889         (WebCore::ScrollableArea::scrollAnimator):
2890         
2891         Keep track of if we're in a live resize using a new memeber
2892         variable.
2893         * platform/mac/ScrollAnimatorMac.h:
2894         (WebCore::ScrollAnimatorMac::inLiveResize):
2895         * platform/mac/ScrollAnimatorMac.mm:
2896         (WebCore::view):
2897         
2898         New delegates for the WKPainter and WKPainterController
2899         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
2900         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
2901         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
2902         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
2903         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
2904         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
2905         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
2906         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
2907         (-[ScrollKnobAnimation setCurrentProgress:]):
2908         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
2909         (-[ScrollbarPainterDelegate convertRectToBacking:]):
2910         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
2911         (-[ScrollbarPainterDelegate layer]):
2912         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
2913         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
2914         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
2915         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
2916
2917         Get the WKScrollbarPainterRefs to synch up with the 
2918         WKScrollbarPainterControllerRefs when appropriate
2919         * platform/mac/ScrollbarThemeMac.h:
2920         * platform/mac/ScrollbarThemeMac.mm:
2921         (WebCore::ScrollbarThemeMac::registerScrollbar):
2922         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
2923         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
2924         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
2925
2926         Implement ScrollableArea's virtual function contentsSize() for access
2927         through the scrollAnimator.
2928         * rendering/RenderLayer.h:
2929         (WebCore::RenderLayer::contentsSize):
2930
2931 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
2932
2933         Reviewed by David Hyatt.
2934
2935         layoutTestController.counterValueForElementById does not return the correct value
2936         https://bugs.webkit.org/show_bug.cgi?id=53037
2937
2938         Test: fast/css/counters/deep-before.html
2939
2940         * rendering/RenderTreeAsText.cpp:
2941         (WebCore::counterValueForElement):
2942         Modified to use the newly available RenderObject::beforePseudoElement()
2943         and RenderObject::afterPseudoElement() instead of the old imperfect
2944         algorithm to find the before and after pseudo elements.
2945
2946 2011-02-01  Anton Muhin  <antonm@chromium.org>
2947
2948         Reviewed by Adam Barth.
2949
2950         Allow access for security origin same as this.
2951         https://bugs.webkit.org/show_bug.cgi?id=53440
2952
2953         Hard to test as newly added path currently is never hit.
2954
2955         * page/SecurityOrigin.cpp:
2956         (WebCore::SecurityOrigin::canAccess): allow access if this == other
2957
2958 2011-01-31  Oliver Hunt  <oliver@apple.com>
2959
2960         Reviewed by Geoffrey Garen.
2961
2962         Update JSObject storage for new marking API
2963         https://bugs.webkit.org/show_bug.cgi?id=53467
2964
2965         Update WebCore to handle new anonymous slot behaviour.
2966
2967         * bindings/js/JSDOMWindowShell.cpp:
2968         (WebCore::JSDOMWindowShell::setWindow):
2969         * bindings/js/WorkerScriptController.cpp:
2970         (WebCore::WorkerScriptController::initScript):
2971         * bindings/scripts/CodeGeneratorJS.pm:
2972
2973 2011-02-01  Xiaomei Ji  <xji@chromium.org>
2974
2975         Reviewed by David Hyatt.
2976
2977         Fix a text rendering problem when enclosing block is RTL and text runs
2978         are in different directionality.
2979         https://bugs.webkit.org/show_bug.cgi?id=34176
2980
2981         The problem happens in the following example scenario (ABC represents 
2982         Hebrew characters):
2983         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
2984
2985         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
2986         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
2987         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
2988
2989         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
2990
2991         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
2992         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
2993         the run's render object's ancestor (not only its parent) has already 
2994         been constructed or has something following it on the line, in which 
2995         case, create a new box for TextRun2 instead of sharing the same box with
2996         TextRun3.
2997
2998         In other words, the following 2 div should render the same results
2999         (ABC represents Hebrew characters).
3000         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
3001         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
3002
3003         Test: fast/dom/34176.html
3004
3005         * rendering/RenderBlockLineLayout.cpp:
3006         (WebCore::parentIsConstructedOrHaveNext):
3007         (WebCore::RenderBlock::createLineBoxes):
3008
3009 2011-02-01  Abhishek Arya  <inferno@chromium.org>
3010
3011         Reviewed by Dan Bernstein.
3012
3013         Do not add a node in the document's stylesheet candidate node list if the
3014         node is already removed from document.
3015         https://bugs.webkit.org/show_bug.cgi?id=53441
3016
3017         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
3018
3019         * dom/Document.cpp:
3020         (WebCore::Document::addStyleSheetCandidateNode):
3021
3022 2011-02-01  Dave Hyatt  <hyatt@apple.com>
3023
3024         Reviewed by Darin Adler.
3025
3026         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
3027         with vertical text.
3028
3029         Change printing functions to check writing-mode and properly swap width and height
3030         as needed.
3031         
3032         Fix the setScrollOrigin function so that the origin doesn't cause
3033         scroll spasming during printing (this is only partially successful, but it's better
3034         than it was).
3035
3036         Rewrite computePageRects to handle both RTL documents properly as well as vertical
3037         text documents properly.
3038
3039         * WebCore.exp.in:
3040         * page/FrameView.cpp:
3041         (WebCore::FrameView::adjustViewSize):
3042         (WebCore::FrameView::forceLayoutForPagination):
3043         * page/PrintContext.cpp:
3044         (WebCore::PrintContext::computePageRects):
3045         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
3046         (WebCore::PrintContext::computeAutomaticScaleFactor):
3047         (WebCore::PrintContext::spoolPage):
3048         (WebCore::PrintContext::spoolRect):
3049         * page/PrintContext.h:
3050         * page/mac/WebCoreFrameView.h:
3051         * platform/ScrollView.cpp:
3052         (WebCore::ScrollView::wheelEvent):
3053         * platform/ScrollView.h:
3054         * platform/mac/ScrollViewMac.mm:
3055         (WebCore::ScrollView::platformSetScrollOrigin):
3056         * rendering/RenderView.cpp:
3057         (WebCore::RenderView::layout):
3058
3059 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
3060
3061         Reviewed by Pavel Feldman.
3062
3063         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
3064
3065         https://bugs.webkit.org/show_bug.cgi?id=53500
3066
3067         * inspector/InspectorProfilerAgent.cpp:
3068         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
3069
3070 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
3071
3072         Reviewed by Pavel Feldman.
3073
3074         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
3075
3076         https://bugs.webkit.org/show_bug.cgi?id=53173
3077
3078         Adding code for accessing heap snapshot data and
3079         performing graph calculations.
3080
3081         * English.lproj/localizedStrings.js:
3082         * inspector/front-end/HeapSnapshot.js:
3083         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
3084         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
3085         (WebInspector.HeapSnapshotEdgeIterator):
3086         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
3087         (WebInspector.HeapSnapshotNodeIterator):
3088         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
3089         (WebInspector.HeapSnapshotFilteredOrderedIterator):
3090         (WebInspector.HeapSnapshotEdgesProvider):
3091         (WebInspector.HeapSnapshotNodesProvider):
3092         (WebInspector.HeapSnapshotPathFinder):
3093         * inspector/front-end/HeapSnapshotView.js:
3094         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
3095
3096 2011-02-01  Adam Roben  <aroben@apple.com>
3097
3098         Fix linker warnings in Release_LTCG builds
3099
3100         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
3101         configurations, since they get pulled in via DOMAllInOne.cpp.
3102
3103 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
3104
3105         Reviewed by Yury Semikhatsky.
3106
3107         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
3108         https://bugs.webkit.org/show_bug.cgi?id=53482
3109
3110         * English.lproj/localizedStrings.js:
3111         * inspector/front-end/ElementsPanel.js:
3112         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
3113         * inspector/front-end/inspector.js:
3114         (WebInspector.resourceForURL):
3115         (WebInspector.openLinkExternallyLabel):
3116
3117 2011-02-01  Anton Muhin  <antonm@chromium.org>
3118
3119         Reviewed by Adam Barth.
3120
3121         Propagate parent document security origin to newly create Document XML response
3122         https://bugs.webkit.org/show_bug.cgi?id=53444
3123
3124         Covered by the existing tests.
3125
3126         * xml/XMLHttpRequest.cpp:
3127         (WebCore::XMLHttpRequest::responseXML):
3128
3129 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
3130
3131         Unreviewed. Rollout r77230 which caused many layout tests
3132         crashes on Chromium Debug bots.
3133
3134         Async event handlers should not fire within a modal dialog
3135         https://bugs.webkit.org/show_bug.cgi?id=53202
3136
3137         * dom/Document.cpp:
3138         (WebCore::Document::Document):
3139         * dom/EventQueue.cpp:
3140         (WebCore::EventQueue::EventQueue):
3141         (WebCore::EventQueue::enqueueEvent):
3142         (WebCore::EventQueue::pendingEventTimerFired):
3143         * dom/EventQueue.h:
3144
3145 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
3146
3147         Reviewed by Dirk Schulze.
3148
3149         LightElement changes does not require relayout.
3150         https://bugs.webkit.org/show_bug.cgi?id=53232
3151
3152         When an attribute of a LightElement changes, it
3153         send an update message to the lighting filters
3154         to update its corresponding LightSource objects,
3155         and repaint the filters.
3156
3157         Duplicated 'id' attributes removed from svg-filter-animation.svg.
3158
3159         Existing dynamic-update tests covers this feature.
3160
3161         5x speedup on manual-tests/svg-filter-animation.svg
3162
3163         * manual-tests/svg-filter-animation.svg:
3164         * platform/graphics/filters/DistantLightSource.h:
3165         * platform/graphics/filters/FEDiffuseLighting.cpp:
3166         (WebCore::FEDiffuseLighting::setLightingColor):
3167         (WebCore::FEDiffuseLighting::setSurfaceScale):
3168         (WebCore::FEDiffuseLighting::setDiffuseConstant):
3169         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
3170         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
3171         * platform/graphics/filters/FEDiffuseLighting.h:
3172         * platform/graphics/filters/LightSource.cpp:
3173         (WebCore::PointLightSource::setX):
3174         (WebCore::PointLightSource::setY):
3175         (WebCore::PointLightSource::setZ):
3176         (WebCore::SpotLightSource::setX):
3177         (WebCore::SpotLightSource::setY):
3178         (WebCore::SpotLightSource::setZ):
3179         (WebCore::SpotLightSource::setPointsAtX):
3180         (WebCore::SpotLightSource::setPointsAtY):
3181         (WebCore::SpotLightSource::setPointsAtZ):
3182         (WebCore::SpotLightSource::setSpecularExponent):
3183         (WebCore::SpotLightSource::setLimitingConeAngle):
3184         (WebCore::DistantLightSource::setAzimuth):
3185         (WebCore::DistantLightSource::setElevation):
3186         (WebCore::LightSource::setAzimuth):
3187         (WebCore::LightSource::setElevation):
3188         (WebCore::LightSource::setX):
3189         (WebCore::LightSource::setY):
3190         (WebCore::LightSource::setZ):
3191         (WebCore::LightSource::setPointsAtX):
3192         (WebCore::LightSource::setPointsAtY):
3193         (WebCore::LightSource::setPointsAtZ):
3194         (WebCore::LightSource::setSpecularExponent):
3195         (WebCore::LightSource::setLimitingConeAngle):
3196         * platform/graphics/filters/LightSource.h:
3197         * platform/graphics/filters/PointLightSource.h:
3198         * platform/graphics/filters/SpotLightSource.h:
3199         * rendering/svg/RenderSVGResourceFilter.cpp:
3200         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
3201         * svg/SVGFEDiffuseLightingElement.cpp:
3202         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
3203         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
3204         (WebCore::SVGFEDiffuseLightingElement::build):
3205         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
3206         (WebCore::SVGFEDiffuseLightingElement::findLight):
3207         * svg/SVGFEDiffuseLightingElement.h:
3208         * svg/SVGFELightElement.cpp:
3209         (WebCore::SVGFELightElement::svgAttributeChanged):
3210         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
3211         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
3212         * svg/SVGFilterPrimitiveStandardAttributes.h:
3213
3214 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3215
3216         Reviewed by Dimitri Glazkov.
3217
3218         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
3219         https://bugs.webkit.org/show_bug.cgi?id=53289
3220
3221         Moving the nested class DocumentOrderedMap from Document into separate files,
3222         updating code where necessary.
3223
3224         No new tests. (refactoring)
3225
3226         * Android.mk:
3227         * CMakeLists.txt:
3228         * GNUMakefile.am:
3229         * WebCore.gypi:
3230         * WebCore.pro:
3231         * WebCore.vcproj/WebCore.vcproj:
3232         * WebCore.xcodeproj/project.pbxproj:
3233         * dom/Document.cpp:
3234         (WebCore::Document::getElementById):
3235         (WebCore::Document::getImageMap):
3236         * dom/Document.h:
3237         * dom/DocumentOrderedMap.cpp: Added.
3238         (WebCore::keyMatchesId):
3239         (WebCore::keyMatchesMapName):
3240         (WebCore::keyMatchesLowercasedMapName):
3241         (WebCore::DocumentOrderedMap::clear):
3242         (WebCore::DocumentOrderedMap::add):
3243         (WebCore::DocumentOrderedMap::remove):
3244         (WebCore::DocumentOrderedMap::get):
3245         (WebCore::DocumentOrderedMap::getElementById):
3246         (WebCore::DocumentOrderedMap::getElementByMapName):
3247         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
3248         * dom/DocumentOrderedMap.h: Added.
3249         (WebCore::DocumentOrderedMap::contains):
3250         (WebCore::DocumentOrderedMap::containsMultiple):
3251         * dom/DOMAllInOne.cpp:
3252
3253 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3254
3255         Reviewed by Martin Robinson.
3256
3257         [Gtk] atk_text_set_caret_offset fails for list items
3258         https://bugs.webkit.org/show_bug.cgi?id=53388
3259
3260         Allow using text ranges across list items.
3261
3262         * accessibility/gtk/AccessibilityObjectAtk.cpp:
3263         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
3264         to the list of accessibility objects supporting text ranges.
3265
3266 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3267
3268         Reviewed by Martin Robinson.
3269
3270         [GTK] character range extents is off when the end of a wrapped line is included
3271         https://bugs.webkit.org/show_bug.cgi?id=53323
3272
3273         Fixed wrong calculation getting the range extents.
3274
3275         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3276         (webkit_accessible_text_get_range_extents): Removed '+1' since the
3277         requested interval shouldn't include the last character.
3278
3279 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3280
3281         Reviewed by Martin Robinson.
3282
3283         [GTK] Caret Offset is one off at the end of wrapped lines
3284         https://bugs.webkit.org/show_bug.cgi?id=53300
3285
3286         Consider linebreaks as special cases.
3287
3288         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3289         (objectAndOffsetUnignored): In order to avoid getting wrong values
3290         when around linebreaks, we need to workaround this by explicitly
3291         avoiding those '\n' text nodes from affecting the result of
3292         calling to TextIterator:rangeLength().
3293
3294 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3295
3296         Unreviewed, rolling out r77229.
3297         http://trac.webkit.org/changeset/77229
3298         https://bugs.webkit.org/show_bug.cgi?id=53289
3299
3300         revert mysterious build breakage
3301
3302         * Android.mk:
3303         * CMakeLists.txt:
3304         * GNUmakefile.am:
3305         * WebCore.gypi:
3306         * WebCore.pro:
3307         * WebCore.vcproj/WebCore.vcproj:
3308         * WebCore.xcodeproj/project.pbxproj:
3309         * dom/DOMAllInOne.cpp:
3310         * dom/Document.cpp:
3311         (WebCore::Document::DocumentOrderedMap::clear):
3312         (WebCore::Document::DocumentOrderedMap::add):
3313         (WebCore::Document::DocumentOrderedMap::remove):
3314         (WebCore::Document::DocumentOrderedMap::get):
3315         (WebCore::keyMatchesId):
3316         (WebCore::Document::getElementById):
3317         (WebCore::keyMatchesMapName):
3318         (WebCore::keyMatchesLowercasedMapName):
3319         (WebCore::Document::getImageMap):
3320         * dom/Document.h:
3321         (WebCore::Document::DocumentOrderedMap::contains):
3322         (WebCore::Document::DocumentOrderedMap::containsMultiple):
3323         * dom/DocumentOrderedMap.cpp: Removed.
3324         * dom/DocumentOrderedMap.h: Removed.
3325
3326 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
3327
3328         Reviewed by James Robinson.
3329
3330         Async event handlers should not fire within a modal dialog
3331         https://bugs.webkit.org/show_bug.cgi?id=53202
3332
3333         Asychronous events that use EventQueue would currently fire while a
3334         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
3335         SuspendableTimer (which automatically gets suspended while dialogs are
3336         up and in other cases where JS execution is not allowed).
3337         
3338         Test: fast/events/scroll-event-during-modal-dialog.html
3339
3340         * dom/Document.cpp:
3341         (WebCore::Document::Document):
3342         * dom/EventQueue.cpp:
3343         (WebCore::EventQueueTimer::EventQueueTimer):
3344         (WebCore::EventQueueTimer::fired):
3345         (WebCore::EventQueue::EventQueue):
3346         (WebCore::EventQueue::enqueueEvent):
3347         (WebCore::EventQueue::pendingEventTimerFired):
3348         * dom/EventQueue.h:
3349         (WebCore::EventQueue::create):
3350
3351 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3352
3353         Reviewed by Dimitri Glazkov.
3354
3355         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
3356         https://bugs.webkit.org/show_bug.cgi?id=53289
3357
3358         Moving the nested class DocumentOrderedMap from Document into separate files,
3359         updating code where necessary.
3360
3361         No new tests. (refactoring)
3362
3363         * Android.mk:
3364         * CMakeLists.txt:
3365         * GNUMakefile.am:
3366         * WebCore.gypi:
3367         * WebCore.pro:
3368         * WebCore.vcproj/WebCore.vcproj:
3369         * WebCore.xcodeproj/project.pbxproj:
3370         * dom/Document.cpp:
3371         (WebCore::Document::getElementById):
3372         (WebCore::Document::getImageMap):
3373         * dom/Document.h:
3374         * dom/DocumentOrderedMap.cpp: Added.
3375         (WebCore::keyMatchesId):
3376         (WebCore::keyMatchesMapName):
3377         (WebCore::keyMatchesLowercasedMapName):
3378         (WebCore::DocumentOrderedMap::clear):
3379         (WebCore::DocumentOrderedMap::add):
3380         (WebCore::DocumentOrderedMap::remove):
3381         (WebCore::DocumentOrderedMap::get):
3382         (WebCore::DocumentOrderedMap::getElementById):
3383         (WebCore::DocumentOrderedMap::getElementByMapName):
3384         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
3385         * dom/DocumentOrderedMap.h: Added.
3386         (WebCore::DocumentOrderedMap::contains):
3387         (WebCore::DocumentOrderedMap::containsMultiple):
3388         * dom/DOMAllInOne.cpp:
3389
3390 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
3391
3392         Reviewed by Darin Fisher.
3393
3394         [Chromium] Autofill should work with HTML5 form elements
3395         https://bugs.webkit.org/show_bug.cgi?id=51809
3396         http://crbug.com/65654
3397
3398         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
3399
3400         * html/InputType.h: Insert comment for canSetSuggestedValue().
3401         * html/TextFieldInputType.cpp:
3402         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
3403         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
3404         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
3405         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
3406
3407 2011-02-01  Kent Tamura  <tkent@chromium.org>
3408
3409         Reviewed by Dan Bernstein.
3410
3411         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
3412         https://bugs.webkit.org/show_bug.cgi?id=53272
3413
3414         * editing/TextIterator.cpp:
3415         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
3416
3417 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
3418
3419         Reviewed by Maciej Stachowiak.
3420
3421         https://bugs.webkit.org/show_bug.cgi?id=53466
3422         Move WebKit2 to printing via API methods
3423
3424         * WebCore.exp.in: Export IntRect::scale().
3425
3426 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
3427
3428         Reviewed by Adam Barth.
3429
3430         Remove obsolete comment after r41871
3431         https://bugs.webkit.org/show_bug.cgi?id=53406
3432
3433         * dom/Document.h:
3434
3435 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
3436
3437         Fix according to reviewer comments: can just use Color::black now.
3438
3439         * platform/graphics/ShadowBlur.cpp:
3440         (WebCore::ShadowBlur::drawInsetShadow):
3441         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
3442
3443 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
3444
3445         Reviewed by Sam Weinig.
3446
3447         Clean up ShadowBlur
3448         https://bugs.webkit.org/show_bug.cgi?id=53472
3449
3450         Some minor ShadowBlur cleanup.
3451
3452         * platform/graphics/ShadowBlur.h:
3453         * platform/graphics/ShadowBlur.cpp:
3454         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
3455         paramter.
3456         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
3457         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
3458         layerRect. Make frameSize a float.
3459         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
3460         layerRect rather than calling calculateLayerBoundingRect() to compute
3461         it itself, since we were calling calculateLayerBoundingRect() twice.
3462         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
3463         only once. The shadowRect variable was unused, so two return paths could be
3464         collapsed into one.
3465         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
3466         beginShadowLayer() now.
3467         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
3468         We always used alpha=1, so no need to pass that in.
3469         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
3470         pass that in. Move shadowRect down to first use.
3471         ShadowBlur::clipBounds() was unused.
3472
3473 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
3474
3475         Reviewed by Kenneth Rohde Christiansen.
3476
3477         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
3478         https://bugs.webkit.org/show_bug.cgi?id=46748
3479
3480         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
3481         Added a regression test to tst_QWebFrame.
3482
3483         * bridge/qt/qt_instance.cpp:
3484         (JSC::Bindings::QtInstance::QtInstance):
3485
3486 2011-01-27  MORITA Hajime  <morrita@google.com>
3487
3488         Reviewed by Dimitri Glazkov.
3489         
3490         Convert <progress> shadow DOM to a DOM-based shadow.
3491         https://bugs.webkit.org/show_bug.cgi?id=50660
3492
3493         * Removed RenderProgress::m_valuePart, moved the shadow node
3494           to the shadow root of HTMLProgressElement.
3495         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
3496           ProgressBarValueElement is defined only for overriding
3497           shadowPseudoId().
3498         
3499         No new tests. No behavioral change.
3500
3501         * css/CSSSelector.cpp:
3502         (WebCore::CSSSelector::pseudoId):
3503         (WebCore::nameToPseudoTypeMap):
3504         (WebCore::CSSSelector::extractPseudoType):
3505         * css/CSSSelector.h:
3506         * html/HTMLProgressElement.cpp:
3507         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
3508         (WebCore::ProgressBarValueElement::shadowPseudoId):
3509         (WebCore::ProgressBarValueElement::create):
3510         (WebCore::ProgressBarValueElement::detach):
3511         (WebCore::HTMLProgressElement::parseMappedAttribute):
3512         (WebCore::HTMLProgressElement::attach):
3513         (WebCore::HTMLProgressElement::valuePart):
3514         (WebCore::HTMLProgressElement::didElementStateChange):
3515         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
3516         * html/HTMLProgressElement.h:
3517         * rendering/RenderProgress.cpp:
3518         (WebCore::RenderProgress::~RenderProgress):
3519         (WebCore::RenderProgress::updateFromElement):
3520         (WebCore::RenderProgress::layoutParts):
3521         (WebCore::RenderProgress::shouldHaveParts):
3522         (WebCore::RenderProgress::valuePart):
3523         * rendering/RenderProgress.h:
3524         * rendering/style/RenderStyleConstants.h:
3525
3526 2011-01-31  Charlie Reis  <creis@chromium.org>
3527
3528         Reviewed by Mihai Parparita.
3529
3530         Add sanity check to help diagnose bug 52819
3531         https://bugs.webkit.org/show_bug.cgi?id=53402
3532
3533         Crash early if the children of fromItem look invalid.
3534
3535         * loader/HistoryController.cpp:
3536
3537 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
3538
3539         Reviewed by Andreas Kling.
3540
3541         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
3542         https://bugs.webkit.org/show_bug.cgi?id=53325
3543
3544         Reimplement paintCurrentFrameInContext() rather than delegate the
3545         rendering to paint() to make sure we really do get the video frame
3546         content into the GraphicsContext, regardless of accelerated
3547         compositing and the video scene state.
3548
3549         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
3550         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
3551         * platform/graphics/qt/MediaPlayerPrivateQt.h:
3552
3553 2011-01-31  Emil A Eklund  <eae@chromium.org>
3554
3555         Reviewed by Darin Adler.
3556
3557         Setting "selected" attribute to false should have no effect in single line <select>
3558         https://bugs.webkit.org/show_bug.cgi?id=52436
3559
3560         Change SelectElement::setSelectedIndex to select the first selectable
3561  &n