[wx] Build fixes for wxWebKit.
[WebKit.git] / Source / WebCore / ChangeLog
1 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
2
3         [wx] Build fixes for wxWebKit.
4
5         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
6         (documentWrite):
7         * bindings/scripts/CodeGeneratorCPP.pm:
8         * page/wx/DragControllerWx.cpp:
9         (WebCore::DragController::dragOperation):
10         * platform/graphics/wx/FontCustomPlatformData.h:
11         * platform/graphics/wx/FontPlatformData.h:
12         (WebCore::FontPlatformData::widthVariant):
13         * platform/graphics/wx/FontPlatformDataWx.cpp:
14         (WebCore::FontPlatformData::computeHash):
15         * platform/graphics/wx/FontWx.cpp:
16         * platform/graphics/wx/GraphicsContextWx.cpp:
17         (WebCore::GraphicsContext::fillPath):
18         (WebCore::GraphicsContext::strokePath):
19         * platform/wx/RenderThemeWx.cpp:
20
21 2011-02-02  David Hyatt  <hyatt@apple.com>
22
23         Reviewed by Darin Adler.
24
25         More right()/bottom() to maxX()/maxY() conversion.
26
27         * page/chromium/FrameChromium.cpp:
28         (WebCore::Frame::nodeImage):
29         (WebCore::Frame::dragImageForSelection):
30
31 2011-02-02  Sam Weinig  <sam@webkit.org>
32
33         Fix windows clean build.
34
35         * DerivedSources.make:
36
37 2011-02-02  Mikhail Naganov  <mnaganov@chromium.org>
38
39         Reviewed by Pavel Feldman.
40
41         Web Inspector: [Chromium] Landing detailed heap snapshots, part 2.
42
43         https://bugs.webkit.org/show_bug.cgi?id=53606
44
45         Display progress while taking a snapshot, and hints while loading
46         and parsing. This is needed because taking detailed heap snapshots
47         takes time.
48
49         * English.lproj/localizedStrings.js:
50         * inspector/front-end/DetailedHeapshotView.js:
51         (WebInspector.DetailedHeapshotProfileType.prototype.buttonClicked):
52         * inspector/front-end/ProfilesPanel.js:
53         (WebInspector.ProfilesPanel.prototype._reset):
54         (WebInspector.ProfilesPanel.prototype._addProfileHeader):
55         (WebInspector.ProfilesPanel.prototype.getProfiles):
56         (WebInspector.ProfilesPanel.prototype.loadHeapSnapshot):
57         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot.doParse):
58         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot):
59         (WebInspector.ProfilesPanel.prototype.takeHeapSnapshot):
60         (WebInspector.ProfilesPanel.prototype._reportHeapSnapshotProgress):
61         * inspector/front-end/SidebarTreeElement.js:
62         (WebInspector.SidebarTreeElement.prototype.refreshTitles):
63
64 2011-02-02  David Hyatt  <hyatt@apple.com>
65
66         Reviewed by Darin Adler.
67
68         More conversion from right()/bottom() to maxX()/maxY().
69
70         * platform/win/PopupMenuWin.cpp:
71         (WebCore::PopupMenuWin::calculatePositionAndSize):
72         (WebCore::PopupMenuWin::paint):
73
74 2011-02-02  David Hyatt  <hyatt@apple.com>
75
76         Reviewed by Darin Adler.
77
78         Removal of right()/bottom().  Replace with maxX() and maxY().  Still converting.  Haven't removed yet.
79
80         * platform/chromium/PopupMenuChromium.cpp:
81         (WebCore::PopupContainer::layoutAndCalculateWidgetRect):
82         (WebCore::PopupListBox::scrollToRevealRow):
83         (WebCore::PopupListBox::layout):
84         * platform/graphics/FloatRect.h:
85         * platform/graphics/IntRect.h:
86         * platform/graphics/cairo/ImageBufferCairo.cpp:
87         (WebCore::getImageData):
88         (WebCore::putImageData):
89         * platform/graphics/chromium/GLES2Canvas.cpp:
90         (WebCore::GLES2Canvas::drawTexturedRect):
91         * platform/graphics/chromium/LayerRendererChromium.cpp:
92         (WebCore::LayerRendererChromium::verticalScrollbarRect):
93         (WebCore::LayerRendererChromium::horizontalScrollbarRect):
94         (WebCore::LayerRendererChromium::setScissorToRect):
95         (WebCore::LayerRendererChromium::setDrawViewportRect):
96         * platform/graphics/chromium/LayerTilerChromium.cpp:
97         (WebCore::LayerTilerChromium::contentRectToTileIndices):
98         (WebCore::LayerTilerChromium::growLayerToContain):
99         * platform/graphics/gpu/TilingData.cpp:
100         (WebCore::TilingData::tileBoundsWithBorder):
101         (WebCore::TilingData::overlappedTileIndices):
102         * platform/graphics/qt/ImageBufferQt.cpp:
103         (WebCore::getImageData):
104         (WebCore::putImageData):
105         * platform/graphics/skia/FloatRectSkia.cpp:
106         (WebCore::FloatRect::operator SkRect):
107         * platform/graphics/skia/ImageBufferSkia.cpp:
108         (WebCore::getImageData):
109         (WebCore::putImageData):
110         * platform/graphics/skia/IntRectSkia.cpp:
111         (WebCore::IntRect::operator SkIRect):
112         (WebCore::IntRect::operator SkRect):
113         * platform/graphics/skia/PlatformContextSkia.cpp:
114         (WebCore::PlatformContextSkia::beginLayerClippedToImage):
115         * platform/graphics/win/GraphicsContextWin.cpp:
116         (WebCore::GraphicsContextPlatformPrivate::clip):
117         * platform/graphics/win/IntRectWin.cpp:
118         (WebCore::IntRect::operator RECT):
119         * platform/graphics/win/UniscribeController.cpp:
120         (WebCore::UniscribeController::shapeAndPlaceItem):
121         * platform/graphics/wince/GraphicsContextWinCE.cpp:
122         (WebCore::roundRect):
123         (WebCore::mapRect):
124         (WebCore::TransparentLayerDC::TransparentLayerDC):
125         (WebCore::GraphicsContext::drawRect):
126         (WebCore::GraphicsContext::drawEllipse):
127         (WebCore::GraphicsContext::strokeArc):
128         (WebCore::GraphicsContext::clip):
129         (WebCore::GraphicsContext::clipOut):
130         (WebCore::GraphicsContext::strokeRect):
131         * platform/image-decoders/gif/GIFImageDecoder.cpp:
132         (WebCore::GIFImageDecoder::initFrameBuffer):
133         * platform/win/PopupMenuWin.cpp:
134         (WebCore::PopupMenuWin::calculatePositionAndSize):
135         (WebCore::PopupMenuWin::paint):
136         * plugins/win/PluginViewWin.cpp:
137         (WebCore::PluginView::updatePluginWidget):
138         (WebCore::PluginView::invalidateRect):
139         * rendering/RenderThemeSafari.cpp:
140         (WebCore::RenderThemeSafari::paintMenuListButtonGradients):
141         (WebCore::RenderThemeSafari::paintMenuListButton):
142         (WebCore::RenderThemeSafari::paintSliderTrack):
143         * rendering/RenderThemeWin.cpp:
144         (WebCore::RenderThemeWin::paintInnerSpinButton):
145         (WebCore::RenderThemeWin::paintMenuListButton):
146
147 2011-02-02  Antti Koivisto  <antti@apple.com>
148
149         Reviewed by Maciej Stachowiak.
150
151         Use Vector instead of a linked list for rules in CSSStyleSelector
152         https://bugs.webkit.org/show_bug.cgi?id=53581
153         
154         - eliminate CSSRuleDataList, replace with Vector<RuleData>
155         - rename CSSRuleData -> RuleData and CSSRuleSet -> RuleSet 
156           (these are selector internal classes, CSS prefix is better reserved for public ones).
157         - constify a bit
158         - shrink the vectors to fit after collecting the rules
159
160         * css/CSSStyleSelector.cpp:
161         (WebCore::RuleData::RuleData):
162         (WebCore::RuleData::position):
163         (WebCore::RuleData::rule):
164         (WebCore::RuleData::selector):
165         (WebCore::RuleSet::disableAutoShrinkToFit):
166         (WebCore::RuleSet::getIDRules):
167         (WebCore::RuleSet::getClassRules):
168         (WebCore::RuleSet::getTagRules):
169         (WebCore::RuleSet::getPseudoRules):
170         (WebCore::RuleSet::getUniversalRules):
171         (WebCore::RuleSet::getPageRules):
172         (WebCore::collectSiblingRulesInDefaultStyle):
173         (WebCore::CSSStyleSelector::CSSStyleSelector):
174         (WebCore::loadFullDefaultStyle):
175         (WebCore::loadSimpleDefaultStyle):
176         (WebCore::loadViewSourceStyle):
177         (WebCore::CSSStyleSelector::matchRules):
178         (WebCore::CSSStyleSelector::matchRulesForList):
179         (WebCore::operator >):
180         (WebCore::operator <=):
181         (WebCore::CSSStyleSelector::sortMatchedRules):
182         (WebCore::CSSStyleSelector::matchUARules):
183         (WebCore::RuleSet::RuleSet):
184         (WebCore::RuleSet::~RuleSet):
185         (WebCore::RuleSet::addToRuleSet):
186         (WebCore::RuleSet::addRule):
187         (WebCore::RuleSet::addPageRule):
188         (WebCore::RuleSet::addRulesFromSheet):
189         (WebCore::RuleSet::addStyleRule):
190         (WebCore::collectIdsAndSiblingRulesFromList):
191         (WebCore::RuleSet::collectIdsAndSiblingRules):
192         (WebCore::shrinkMapVectorsToFit):
193         (WebCore::RuleSet::shrinkToFit):
194         (WebCore::CSSStyleSelector::matchPageRules):
195         (WebCore::CSSStyleSelector::matchPageRulesForList):
196         * css/CSSStyleSelector.h:
197         (WebCore::CSSStyleSelector::addMatchedRule):
198
199 2011-02-02  Andrey Adaikin  <aandrey@google.com>
200
201         Reviewed by Pavel Feldman.
202
203         Web Inspector: Use DIVs instead of TABLE in TextViewer
204         https://bugs.webkit.org/show_bug.cgi?id=53299
205
206         * inspector/front-end/SourceFrame.js:
207         (WebInspector.SourceFrame.prototype._createTextViewer):
208         (WebInspector.SourceFrame.prototype._mouseDown):
209         * inspector/front-end/TextViewer.js:
210         (WebInspector.TextViewer):
211         (WebInspector.TextViewer.prototype.set mimeType):
212         (WebInspector.TextViewer.prototype.revealLine):
213         (WebInspector.TextViewer.prototype.addDecoration):
214         (WebInspector.TextViewer.prototype.removeDecoration):
215         (WebInspector.TextViewer.prototype.markAndRevealRange):
216         (WebInspector.TextViewer.prototype.highlightLine):
217         (WebInspector.TextViewer.prototype.clearLineHighlight):
218         (WebInspector.TextViewer.prototype.freeCachedElements):
219         (WebInspector.TextViewer.prototype._handleKeyDown):
220         (WebInspector.TextViewer.prototype.editLine.finishEditing):
221         (WebInspector.TextViewer.prototype.editLine):
222         (WebInspector.TextViewer.prototype.beginUpdates):
223         (WebInspector.TextViewer.prototype.endUpdates):
224         (WebInspector.TextViewer.prototype.resize):
225         (WebInspector.TextViewer.prototype._textChanged):
226         (WebInspector.TextViewer.prototype._updatePanelOffsets):
227         (WebInspector.TextViewer.prototype._syncScroll):
228         (WebInspector.TextViewer.prototype._syncDecorationsForLine):
229         (WebInspector.TextEditorChunkedPanel):
230         (WebInspector.TextEditorChunkedPanel.prototype.set syncScrollListener):
231         (WebInspector.TextEditorChunkedPanel.prototype.get textModel):
232         (WebInspector.TextEditorChunkedPanel.prototype.addDecoration):
233         (WebInspector.TextEditorChunkedPanel.prototype.removeDecoration):
234         (WebInspector.TextEditorChunkedPanel.prototype.revealLine):
235         (WebInspector.TextEditorChunkedPanel.prototype.makeLineAChunk):
236         (WebInspector.TextEditorChunkedPanel.prototype.textChanged):
237         (WebInspector.TextEditorChunkedPanel.prototype.beginUpdates):
238         (WebInspector.TextEditorChunkedPanel.prototype.endUpdates):
239         (WebInspector.TextEditorChunkedPanel.prototype.resize):
240         (WebInspector.TextEditorChunkedPanel.prototype._scroll):
241         (WebInspector.TextEditorChunkedPanel.prototype._scheduleRepaintAll):
242         (WebInspector.TextEditorChunkedPanel.prototype._buildChunks):
243         (WebInspector.TextEditorChunkedPanel.prototype._repaintAll):
244         (WebInspector.TextEditorChunkedPanel.prototype._chunkNumberForLine):
245         (WebInspector.TextEditorChunkedPanel.prototype._chunkForLine):
246         (WebInspector.TextEditorGutterPanel):
247         (WebInspector.TextEditorGutterPanel.prototype.freeCachedElements):
248         (WebInspector.TextEditorGutterPanel.prototype._createNewChunk):
249         (WebInspector.TextEditorGutterPanel.prototype._expandChunks):
250         (WebInspector.TextEditorGutterChunk):
251         (WebInspector.TextEditorGutterChunk.prototype.get expanded):
252         (WebInspector.TextEditorGutterChunk.prototype.set expanded):
253         (WebInspector.TextEditorGutterChunk.prototype.get height):
254         (WebInspector.TextEditorGutterChunk.prototype._createRow):
255         (WebInspector.TextEditorMainPanel):
256         (WebInspector.TextEditorMainPanel.prototype.set syncDecorationsForLine):
257         (WebInspector.TextEditorMainPanel.prototype.set mimeType):
258         (WebInspector.TextEditorMainPanel.prototype.markAndRevealRange):
259         (WebInspector.TextEditorMainPanel.prototype.highlightLine):
260         (WebInspector.TextEditorMainPanel.prototype.clearLineHighlight):
261         (WebInspector.TextEditorMainPanel.prototype.freeCachedElements):
262         (WebInspector.TextEditorMainPanel.prototype._buildChunks):
263         (WebInspector.TextEditorMainPanel.prototype._createNewChunk):
264         (WebInspector.TextEditorMainPanel.prototype._expandChunks):
265         (WebInspector.TextEditorMainPanel.prototype._highlightDataReady):
266         (WebInspector.TextEditorMainPanel.prototype._paintLines):
267         (WebInspector.TextEditorMainPanel.prototype._paintLine):
268         (WebInspector.TextEditorMainPanel.prototype._releaseLinesHighlight):
269         (WebInspector.TextEditorMainPanel.prototype._getSelection):
270         (WebInspector.TextEditorMainPanel.prototype._restoreSelection):
271         (WebInspector.TextEditorMainPanel.prototype._selectionToPosition):
272         (WebInspector.TextEditorMainPanel.prototype._positionToSelection):
273         (WebInspector.TextEditorMainPanel.prototype._appendTextNode):
274         (WebInspector.TextEditorMainPanel.prototype._handleDomUpdates):
275         (WebInspector.TextEditorMainChunk):
276         (WebInspector.TextEditorMainChunk.prototype.addDecoration):
277         (WebInspector.TextEditorMainChunk.prototype.set expanded):
278         (WebInspector.TextEditorMainChunk.prototype.get height):
279         (WebInspector.TextEditorMainChunk.prototype.getExpandedLineRow):
280         (WebInspector.TextEditorMainChunk.prototype._createRow):
281         (WebInspector):
282         * inspector/front-end/textViewer.css:
283         (.text-editor-lines):
284         (.text-editor-contents):
285         (.text-editor-editable):
286         (.webkit-line-decorations):
287         (.webkit-line-number):
288         (.webkit-execution-line.webkit-line-content):
289         (.diff-container .webkit-added-line.webkit-line-content):
290         (.diff-container .webkit-removed-line.webkit-line-content):
291         (.diff-container .webkit-changed-line.webkit-line-content):
292         (.webkit-highlighted-line.webkit-line-content):
293
294 2011-02-02  Hans Wennborg  <hans@chromium.org>
295
296         Reviewed by Jeremy Orlow.
297
298         IndexedDB: Implement support for cursor updates
299         https://bugs.webkit.org/show_bug.cgi?id=53421
300
301         Implement support for cursor updates using the same pattern as cursor
302         deletes: forward the calls to the IDBObjectStoreBackend::put().
303         The put() function's signature needs to be changed to allow for a
304         "cursor update mode". This makes the signature more clear anyway,
305         since it replaces the boolean parameter.
306
307         Test: storage/indexeddb/cursor-update.html
308
309         * storage/IDBCursor.idl:
310         * storage/IDBCursorBackendImpl.cpp:
311         (WebCore::IDBCursorBackendImpl::key):
312         (WebCore::IDBCursorBackendImpl::update):
313         * storage/IDBCursorBackendImpl.h:
314         * storage/IDBObjectStore.cpp:
315         (WebCore::IDBObjectStore::add):
316         (WebCore::IDBObjectStore::put):
317         * storage/IDBObjectStoreBackendImpl.cpp:
318         (WebCore::IDBObjectStoreBackendImpl::put):
319         (WebCore::IDBObjectStoreBackendImpl::putInternal):
320         * storage/IDBObjectStoreBackendImpl.h:
321         * storage/IDBObjectStoreBackendInterface.h:
322
323 2011-02-02  Naoki Takano  <takano.naoki@gmail.com>
324
325         Reviewed by Kent Tamura.
326
327         Fix popup menu RTL bug introduced by Changeset 75982.
328         https://bugs.webkit.org/show_bug.cgi?id=53567
329
330         PopupMenuChromium::layout() calculates X position according to RTL or not. So Change the X position calculation in layoutAndCalculateWidgetRect().
331
332         No new tests. However we can check manually with select_dropdown_box_alignment.html, autofill_alignment.html, select_alignment.html, select_dropdown_box_alignment.html, autofill-popup-width-and-item-direction.html
333
334         * platform/chromium/PopupMenuChromium.cpp:
335         (WebCore::PopupContainer::layoutAndCalculateWidgetRect): Fix calculation of x position, because layout() considers RTL. And change the parameter from both X and Y positions to only Y position.
336         (WebCore::PopupContainer::showPopup): Change the passing parameter.
337         (WebCore::PopupContainer::refresh): Change the passing parameter.
338         * platform/chromium/PopupMenuChromium.h: Change the parameter declaration.
339
340 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
341
342         Reviewed by Martin Robinson.
343
344         [GTK] Fix dist compilation
345         https://bugs.webkit.org/show_bug.cgi?id=53579
346
347         * GNUmakefile.am: Added FontWidthVariant.h to the sources, it was
348         added in r77153.
349
350 2011-02-02  Dai Mikurube  <dmikurube@google.com>
351
352         Reviewed by David Levin.
353
354         Make mime type lookup in File::create(path) thread-safe
355         https://bugs.webkit.org/show_bug.cgi?id=47700
356
357         This patch introduces a new function MIMETypeRegistry::getMIMETypeForExtensionThreadSafe().
358         The function is to be called as a thread-safe version of getMIMETypeForExtension() when
359         both FILE_SYSTEM and WORKERS are enabled.
360
361         No tests for this patch. This patch itself doesn't change the behaviors.
362         For Chromium, it runs in the same way with getMIMETypeForExtensionThreadSafe().
363         For the other platforms, it causes compilation error in case of enabled FILE_SYSTEM and WORKERS.
364         The compilation error would be a signal to implement getMIMETypeForExtensionThreadSafe() in these
365         platforms. Currently it doesn't happen since FILE_SYSTEM is not available in the other platforms.
366
367         * platform/MIMETypeRegistry.cpp: Defined generic getMIMETypeForExtension() calling getMIMETypeForExtensionThreadSafe() for enabled FILE_SYSTEM and WORKERS.
368         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
369         * platform/MIMETypeRegistry.h: Declared getMIMETypeForExtensionThreadSafe() which should be implemented for each platform.
370         * platform/android/TemporaryLinkStubs.cpp:
371         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
372         * platform/brew/MIMETypeRegistryBrew.cpp:
373         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
374         * platform/chromium/MIMETypeRegistryChromium.cpp: Defined getMIMETypeForExtensionThreadSafe() for the case when FILE_SYSTEM and WORKERS are enabled.
375         (WebCore::MIMETypeRegistry::getMIMETypeForExtensionThreadSafe):
376         * platform/efl/MIMETypeRegistryEfl.cpp:
377         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
378         * platform/gtk/MIMETypeRegistryGtk.cpp:
379         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
380         * platform/haiku/MIMETypeRegistryHaiku.cpp:
381         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
382         * platform/mac/MIMETypeRegistryMac.mm:
383         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
384         * platform/qt/MIMETypeRegistryQt.cpp:
385         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
386         * platform/win/MIMETypeRegistryWin.cpp:
387         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
388         * platform/wince/MIMETypeRegistryWinCE.cpp:
389         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
390         * platform/wx/MimeTypeRegistryWx.cpp:
391         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
392
393 2011-02-01  Adam Barth  <abarth@webkit.org>
394
395         Reviewed by Alexey Proskuryakov.
396
397         Improve readability of updateWidget by converting bool parameter to an enum
398         https://bugs.webkit.org/show_bug.cgi?id=53576
399
400         As requested on webkit-dev.
401
402         * html/HTMLEmbedElement.cpp:
403         (WebCore::HTMLEmbedElement::updateWidget):
404         * html/HTMLEmbedElement.h:
405         * html/HTMLMediaElement.cpp:
406         (WebCore::HTMLMediaElement::updateWidget):
407         * html/HTMLMediaElement.h:
408         * html/HTMLObjectElement.cpp:
409         (WebCore::HTMLObjectElement::updateWidget):
410         * html/HTMLObjectElement.h:
411         * html/HTMLPlugInImageElement.cpp:
412         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
413         * html/HTMLPlugInImageElement.h:
414         * page/FrameView.cpp:
415         (WebCore::FrameView::updateWidget):
416
417 2011-02-01  James Robinson  <jamesr@chromium.org>
418
419         Reviewed by Adam Barth.
420
421         [v8] Increase V8 native->js recursion limit to match document.write() recursion limit
422         https://bugs.webkit.org/show_bug.cgi?id=53566
423
424         A recursion limit of 22 is necessary to pass fast/dom/Document/document-write-recursion.html.
425         Other than being large enough for this one test case, this limit is arbitrary.
426
427         * bindings/v8/V8Proxy.h:
428
429 2011-02-01  Adam Barth  <abarth@webkit.org>
430
431         Reviewed by Andreas Kling.
432
433         Remove useless comment
434         https://bugs.webkit.org/show_bug.cgi?id=53549
435
436         The reason for this parameter is captured in
437         plugins/netscape-plugin-setwindow-size.html, which is a better place to
438         capture it than in this comment (which otherwise just re-iterates the
439         name of the parameter).
440
441         * html/HTMLPlugInImageElement.cpp:
442         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
443
444 2011-02-01  James Simonsen  <simonjam@chromium.org>
445
446         Reviewed by Tony Gentilcore.
447
448         [WebTiming] Remove asserts that verify timestamp order
449         https://bugs.webkit.org/show_bug.cgi?id=53548
450
451         Covered by existing tests.
452
453         * loader/FrameLoader.cpp:
454         (WebCore::FrameLoader::stopLoading): Remove assert.
455         * page/DOMWindow.cpp:
456         (WebCore::DOMWindow::dispatchTimedEvent): Ditto.
457
458 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
459
460         Add the 'default_targets' enclosure to the flags.
461
462         * WebCore.gyp/WebCore.gyp: Did it.
463
464 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
465
466         Reviewed by James Robinson.
467
468         Async event handlers should not fire within a modal dialog
469         https://bugs.webkit.org/show_bug.cgi?id=53202
470
471         Asychronous events that use EventQueue would currently fire while a
472         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
473         SuspendableTimer (which automatically gets suspended while dialogs are
474         up and in other cases where JS execution is not allowed).
475         
476         Test: fast/events/scroll-event-during-modal-dialog.html
477
478         * dom/Document.cpp:
479         (WebCore::Document::Document):
480         * dom/EventQueue.cpp:
481         (WebCore::EventQueueTimer::EventQueueTimer):
482         (WebCore::EventQueueTimer::fired):
483         (WebCore::EventQueue::EventQueue):
484         (WebCore::EventQueue::enqueueEvent):
485         (WebCore::EventQueue::pendingEventTimerFired):
486         * dom/EventQueue.h:
487         (WebCore::EventQueue::create):
488         * page/SuspendableTimer.cpp:
489         (WebCore::SuspendableTimer::SuspendableTimer):
490         (WebCore::SuspendableTimer::suspend):
491         (WebCore::SuspendableTimer::resume):
492         * page/SuspendableTimer.h:
493
494 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
495
496         Reviewed by Andreas Kling.
497
498         Change wrong PLATFORM(WIN) to USE(WININET)
499         https://bugs.webkit.org/show_bug.cgi?id=53547
500
501         * platform/network/ResourceHandle.h:
502
503 2011-02-01  Beth Dakin  <bdakin@apple.com>
504
505         32-bit build fix.
506
507         * platform/mac/ScrollAnimatorMac.mm:
508         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
509
510 2011-01-25  Martin Robinson  <mrobinson@igalia.com>
511
512         Reviewed by Gustavo Noronha Silva.
513
514         [GTK] Two tests crash after r76555
515         https://bugs.webkit.org/show_bug.cgi?id=53057
516
517         Instead of creating synchronous ResourceHandles manually, use the ::create factory.
518         This ensures that ::start() is not called when there is a scheduled failure and also
519         reduces code duplication.
520
521         * platform/network/soup/ResourceHandleSoup.cpp:
522         (WebCore::ResourceHandle::loadResourceSynchronously): Use the ::create factory method.
523
524 2011-02-01  Martin Robinson  <mrobinson@igalia.com>
525
526         Reviewed by Eric Seidel.
527
528         [GTK] GObject DOM bindings do no support the CallWith attribute
529         https://bugs.webkit.org/show_bug.cgi?id=53331
530
531         Disable building GObject DOM bindings for IndexedDB because we do not support
532         the CallWith attribute at this time.
533
534         * bindings/gobject/GNUmakefile.am: Disable building bindings for the IndexedDB API.
535
536 2011-02-01  Darin Adler  <darin@apple.com>
537
538         Reviewed by Brady Eidson.
539
540         Fix a couple loose ends from the back/forward tree encode/decode work
541         https://bugs.webkit.org/show_bug.cgi?id=53537
542
543         * history/HistoryItem.cpp:
544         (WebCore::HistoryItem::encodeBackForwardTreeNode): Remove extra copy of
545         original URL string; no need to encode it twice.
546         (WebCore::HistoryItem::decodeBackForwardTree): Ditto.
547         * history/HistoryItem.h: Removed declaration for function that is no
548         longer defined nor used.
549
550 2011-02-01  Tony Chang  <tony@chromium.org>
551
552         Reviewed by Kent Tamura.
553
554         [chromium] disable arm uninitialized variable warnings
555         https://bugs.webkit.org/show_bug.cgi?id=53553
556
557         We just got another error:
558         third_party/WebKit/Source/WebCore/css/CSSPrimitiveValue.cpp:123:error:
559         'colorTransparent.unstatic.4879' may be used uninitialized in this
560         function
561
562         * WebCore.gyp/WebCore.gyp:
563
564 2011-02-01  chris reiss  <christopher.reiss@nokia.com>
565
566         Reviewed by Adam Barth.
567
568         Self-replicating code makes Safari hang and eventually crash
569         https://bugs.webkit.org/show_bug.cgi?id=15123
570
571        
572         Here we are replicating the Firefox safeguard against
573         recursive document.write( ) 's.
574
575         See  https://bug197052.bugzilla.mozilla.org/attachment.cgi?id=293907 in bug 
576         https://bugzilla.mozilla.org/show_bug.cgi?id=197052 .   Firefox does two things - 
577             a) imposes a recursion limit of 20 on document.write( ) and
578             b) once that limit is passed, panics all the way the call stack (rather than just returning one level.)
579         To see why this is necessary, consider the script : 
580
581         <script>
582            var t = document.body.innerHTML;
583            document.write(t);
584         </script> 
585
586         This will create a tree both broad and deep as the script keeps appending itself to the text.   If
587         we just return one level after the recursion limit is reached, we still allow millions of copies to 
588         duplicate (and execute).   
589
590         The recursion is fortunately depth-first, so as soon as we cross this limit, we panic up the callstack
591         to prevent this situation.    (IE apparently does the same thing, with a lower recursion limit.) 
592
593         Test: fast/dom/Document/document-write-recursion.html        
594         Test: fast/dom/Document/document-close-iframe-load.html
595         Test: fast/dom/Document/document-close-nested-iframe-load.html
596
597
598         * dom/Document.cpp:
599         (WebCore::Document::Document):
600         (WebCore::Document::write):
601         * dom/Document.h:
602
603 2011-02-01  Johnny Ding  <jnd@chromium.org>
604
605         Reviewed by Darin Adler.
606
607         Don't set user gesture in HTMLAnchorElement's click handler because the click handler can be triggered by untrusted event.
608         https://bugs.webkit.org/show_bug.cgi?id=53424
609
610         Test: fast/events/popup-blocked-from-untrusted-click-event-on-anchor.html
611
612         * html/HTMLAnchorElement.cpp:
613         (WebCore::handleLinkClick):
614
615 2011-02-01  Csaba Osztrogonác  <ossy@webkit.org>
616
617         Unreviewed Qt buildfix after r77286.
618
619         https://bugs.webkit.org/show_bug.cgi?id=53520 
620         Remove the physical terminology from IntRect and FloatRect.
621
622         * platform/graphics/TiledBackingStore.cpp:
623         (WebCore::TiledBackingStore::createTiles):
624
625 2011-02-01  Sam Weinig  <sam@webkit.org>
626
627         Fix Mac production builds.
628
629         * DerivedSources.make:
630         * WebCore.xcodeproj/project.pbxproj:
631         * platform/mac/ScrollAnimatorMac.h:
632         * platform/mac/ScrollbarThemeMac.h:
633
634 2011-02-01  Darin Adler  <darin@apple.com>
635
636         Reviewed by Chris Fleizach.
637
638         REGRESSION: Removing focus from area element causes unwanted scrolling
639         https://bugs.webkit.org/show_bug.cgi?id=50169
640
641         Test: fast/images/imagemap-scroll.html
642
643         * html/HTMLAreaElement.cpp:
644         (WebCore::HTMLAreaElement::setFocus): Added override. Calls the new
645         RenderImage::areaElementFocusChanged function.
646         (WebCore::HTMLAreaElement::updateFocusAppearance): Removed the code
647         here that calls setNeedsLayout on the image's renderer. This was an
648         attempt to cause repaint of the renderer, but this function does not
649         need to do that. Also changed this to use the imageElement function
650         to avoid repeating code.
651
652         * html/HTMLAreaElement.h: Updated for above changes.
653
654         * rendering/RenderImage.cpp:
655         (WebCore::RenderImage::paint): Updated for name change.
656         (WebCore::RenderImage::paintAreaElementFocusRing): Renamed this from
657         paintFocusRing, because it only paints area focus rings, and should
658         not be confused with paintFocusRing functions in other classes. Also
659         removed the unused style argument. Removed the code that used an
660         HTMLCollection to see if the focused area element is for this image
661         and instead just call imageElement on the area element.
662         (WebCore::RenderImage::areaElementFocusChanged): Added. Calls repaint.
663
664         * rendering/RenderImage.h: Added a public areaElementFocusChanged
665         function for HTMLAreaElement to call. Made the paintFocusRing function
666         private, renamed it to paintAreaElementFocusRing, and removed its
667         unused style argument.
668
669 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
670
671         Unreviewed WinCE build fix for r77286.
672
673         * platform/graphics/wince/GraphicsContextWinCE.cpp:
674         (WebCore::TransparentLayerDC::TransparentLayerDC):
675
676 2011-02-01  Chris Fleizach  <cfleizach@apple.com>
677
678         Reviewed by Darin Adler.
679
680         AX: AXPosition of AXScrollArea is wrong
681         https://bugs.webkit.org/show_bug.cgi?id=53511
682
683         AccessibilityScrollView needed to return a valid documentFrameView() object.
684         At the same time, the code from document() should be consolidated in 
685         AccessibilityObject, so all objects can use it.
686
687         Test: platform/mac/accessibility/webkit-scrollarea-position.html
688
689         * accessibility/AccessibilityObject.cpp:
690         (WebCore::AccessibilityObject::document):
691         * accessibility/AccessibilityObject.h:
692         * accessibility/AccessibilityScrollView.cpp:
693         (WebCore::AccessibilityScrollView::accessibilityHitTest):
694         (WebCore::AccessibilityScrollView::documentFrameView):
695         * accessibility/AccessibilityScrollView.h:
696
697 2011-02-01  Zhenyao Mo  <zmo@google.com>
698
699         Reviewed by Kenneth Russell.
700
701         getUniform should support SAMPLER_2D or SAMPLER_CUBE
702         https://bugs.webkit.org/show_bug.cgi?id=52190
703
704         * html/canvas/WebGLRenderingContext.cpp:
705         (WebCore::WebGLRenderingContext::getUniform):
706
707 2011-02-01  Zhenyao Mo  <zmo@google.com>
708
709         Reviewed by Darin Adler.
710
711         Fix the incorrect usage of RetainPtr cases in GraphicsContext3DCG.cpp
712         https://bugs.webkit.org/show_bug.cgi?id=53531
713
714         With this fix, running WebGL conformance tests should no longer crash randomly.
715
716         * platform/graphics/cg/GraphicsContext3DCG.cpp:
717         (WebCore::GraphicsContext3D::getImageData):
718
719 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
720
721         One more Chromium build fix after r77286.
722
723         * platform/chromium/ScrollbarThemeChromiumMac.mm:
724         (WebCore::ScrollbarThemeChromiumMac::paint): Changed to not use topLeft().
725
726 2011-02-01  Sam Weinig  <sam@webkit.org>
727
728         Fix the build for Beth.
729
730         * platform/mac/ScrollAnimatorMac.mm:
731         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
732
733 2011-02-01  Sam Weinig  <sam@webkit.org>
734
735         Reviewed by Beth Dakin.
736
737         Part 2 for <rdar://problem/8492788>
738         Adopt WKScrollbarPainterController
739
740         Use header detection to define scrollbar painting controller #define.
741
742         * WebCore.exp.in:
743         * platform/mac/ScrollAnimatorMac.h:
744         * platform/mac/ScrollbarThemeMac.h:
745         * platform/mac/WebCoreSystemInterface.h:
746         * platform/mac/WebCoreSystemInterface.mm:
747
748 2011-02-01  David Hyatt  <hyatt@apple.com>
749
750         Reviewed by Oliver Hunt.
751
752         https://bugs.webkit.org/show_bug.cgi?id=53520
753         
754         Remove the physical terminology from IntRect and FloatRect.
755         
756         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
757         we need to update our terminology to be more accurate.
758
759         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
760         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
761         even for flipped rectangles.
762
763         * accessibility/AccessibilityRenderObject.cpp:
764         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
765         * accessibility/mac/AccessibilityObjectWrapper.mm:
766         (-[AccessibilityObjectWrapper position]):
767         * dom/ClientRect.h:
768         (WebCore::ClientRect::right):
769         (WebCore::ClientRect::bottom):
770         * html/HTMLCanvasElement.cpp:
771         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
772         * html/canvas/CanvasRenderingContext2D.cpp:
773         (WebCore::normalizeRect):
774         * inspector/InspectorAgent.cpp:
775         (WebCore::InspectorAgent::drawElementTitle):
776         * page/DOMWindow.cpp:
777         (WebCore::DOMWindow::adjustWindowRect):
778         * page/DragController.cpp:
779         (WebCore::dragLocForSelectionDrag):
780         * page/EventHandler.cpp:
781         (WebCore::EventHandler::sendContextMenuEventForKey):
782         * page/PrintContext.cpp:
783         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
784         (WebCore::PrintContext::pageNumberForElement):
785         * page/SpatialNavigation.cpp:
786         (WebCore::end):
787         (WebCore::areRectsFullyAligned):
788         (WebCore::areRectsMoreThanFullScreenApart):
789         (WebCore::below):
790         (WebCore::rightOf):
791         (WebCore::isRectInDirection):
792         (WebCore::entryAndExitPointsForDirection):
793         (WebCore::virtualRectForDirection):
794         * page/WindowFeatures.cpp:
795         (WebCore::WindowFeatures::WindowFeatures):
796         * platform/ScrollView.cpp:
797         (WebCore::ScrollView::wheelEvent):
798         * platform/Scrollbar.cpp:
799         (WebCore::Scrollbar::setFrameRect):
800         * platform/ScrollbarThemeComposite.cpp:
801         (WebCore::ScrollbarThemeComposite::splitTrack):
802         * platform/chromium/ScrollbarThemeChromium.cpp:
803         (WebCore::ScrollbarThemeChromium::paintTickmarks):
804         * platform/graphics/FloatQuad.h:
805         (WebCore::FloatQuad::FloatQuad):
806         * platform/graphics/FloatRect.cpp:
807         (WebCore::FloatRect::intersects):
808         (WebCore::FloatRect::contains):
809         (WebCore::FloatRect::intersect):
810         (WebCore::FloatRect::unite):
811         (WebCore::enclosingIntRect):
812         * platform/graphics/FloatRect.h:
813         (WebCore::FloatRect::maxX):
814         (WebCore::FloatRect::maxY):
815         (WebCore::FloatRect::contains):
816         * platform/graphics/IntRect.cpp:
817         (WebCore::IntRect::intersects):
818         (WebCore::IntRect::contains):
819         (WebCore::IntRect::intersect):
820         (WebCore::IntRect::unite):
821         * platform/graphics/IntRect.h:
822         (WebCore::IntRect::maxX):
823         (WebCore::IntRect::maxY):
824         (WebCore::IntRect::shiftXEdgeTo):
825         (WebCore::IntRect::shiftMaxXEdgeTo):
826         (WebCore::IntRect::shiftYEdgeTo):
827         (WebCore::IntRect::shiftMaxYEdgeTo):
828         (WebCore::IntRect::contains):
829         * platform/graphics/WidthIterator.cpp:
830         (WebCore::WidthIterator::advance):
831         * platform/graphics/cg/GraphicsContextCG.cpp:
832         (WebCore::GraphicsContext::drawRect):
833         (WebCore::GraphicsContext::fillPath):
834         (WebCore::GraphicsContext::fillRect):
835         * platform/graphics/cg/ImageBufferCG.cpp:
836         (WebCore::getImageData):
837         (WebCore::putImageData):
838         * platform/graphics/cg/ImageCG.cpp:
839         (WebCore::BitmapImage::draw):
840         * platform/graphics/filters/FilterEffect.cpp:
841         (WebCore::FilterEffect::copyImageBytes):
842         * platform/graphics/mac/ComplexTextController.cpp:
843         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
844         * platform/graphics/mac/SimpleFontDataMac.mm:
845         (WebCore::SimpleFontData::platformBoundsForGlyph):
846         * platform/graphics/transforms/AffineTransform.cpp:
847         (WebCore::AffineTransform::mapRect):
848         * platform/graphics/win/FontCGWin.cpp:
849         (WebCore::drawGDIGlyphs):
850         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
851         (WebCore::MediaPlayerPrivate::paint):
852         * platform/gtk/RenderThemeGtk.cpp:
853         (WebCore::centerRectVerticallyInParentInputElement):
854         * platform/mac/WidgetMac.mm:
855         (WebCore::Widget::paint):
856         * rendering/InlineFlowBox.cpp:
857         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
858         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
859         * rendering/InlineTextBox.cpp:
860         (WebCore::InlineTextBox::selectionRect):
861         (WebCore::InlineTextBox::paint):
862         (WebCore::InlineTextBox::positionForOffset):
863         * rendering/RenderBlock.cpp:
864         (WebCore::RenderBlock::addOverflowFromChildren):
865         (WebCore::RenderBlock::paintChildren):
866         (WebCore::RenderBlock::paintEllipsisBoxes):
867         (WebCore::RenderBlock::inlineSelectionGaps):
868         (WebCore::RenderBlock::adjustPointToColumnContents):
869         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
870         (WebCore::RenderBlock::adjustForColumns):
871         * rendering/RenderBlock.h:
872         (WebCore::RenderBlock::FloatingObject::right):
873         (WebCore::RenderBlock::FloatingObject::bottom):
874         * rendering/RenderBox.cpp:
875         (WebCore::RenderBox::reflectedRect):
876         (WebCore::RenderBox::localCaretRect):
877         (WebCore::RenderBox::addShadowOverflow):
878         (WebCore::RenderBox::addLayoutOverflow):
879         (WebCore::RenderBox::visualOverflowRectForPropagation):
880         (WebCore::RenderBox::layoutOverflowRectForPropagation):
881         (WebCore::RenderBox::flipForWritingMode):
882         * rendering/RenderFrameSet.cpp:
883         (WebCore::RenderFrameSet::paintColumnBorder):
884         (WebCore::RenderFrameSet::paintRowBorder):
885         * rendering/RenderInline.cpp:
886         (WebCore::RenderInline::paintOutlineForLine):
887         * rendering/RenderLayer.cpp:
888         (WebCore::RenderLayer::getRectToExpose):
889         (WebCore::cornerRect):
890         (WebCore::RenderLayer::positionOverflowControls):
891         (WebCore::RenderLayer::overflowBottom):
892         (WebCore::RenderLayer::overflowRight):
893         (WebCore::RenderLayer::paintResizer):
894         * rendering/RenderLineBoxList.cpp:
895         (WebCore::RenderLineBoxList::rangeIntersectsRect):
896         (WebCore::RenderLineBoxList::paint):
897         * rendering/RenderListItem.cpp:
898         (WebCore::RenderListItem::positionListMarker):
899         * rendering/RenderListMarker.cpp:
900         (WebCore::RenderListMarker::paint):
901         * rendering/RenderObject.cpp:
902         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
903         * rendering/RenderOverflow.h:
904         (WebCore::RenderOverflow::RenderOverflow):
905         (WebCore::RenderOverflow::addLayoutOverflow):
906         (WebCore::RenderOverflow::addVisualOverflow):
907         (WebCore::RenderOverflow::setLayoutOverflow):
908         (WebCore::RenderOverflow::setVisualOverflow):
909         (WebCore::RenderOverflow::resetLayoutOverflow):
910         * rendering/RenderReplaced.cpp:
911         (WebCore::RenderReplaced::shouldPaint):
912         * rendering/RenderScrollbarTheme.cpp:
913         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
914         * rendering/RenderTable.cpp:
915         (WebCore::RenderTable::paint):
916         * rendering/RenderTableCell.cpp:
917         (WebCore::RenderTableCell::paint):
918         * rendering/RenderTableSection.cpp:
919         (WebCore::RenderTableSection::paintObject):
920         * rendering/RenderText.cpp:
921         (WebCore::RenderText::absoluteQuads):
922         * rendering/RenderTextControlSingleLine.cpp:
923         (WebCore::RenderTextControlSingleLine::forwardEvent):
924         * rendering/RenderThemeMac.mm:
925         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
926         (WebCore::RenderThemeMac::paintMenuListButton):
927         (WebCore::RenderThemeMac::paintSliderTrack):
928         * rendering/RenderView.cpp:
929         (WebCore::RenderView::computeRectForRepaint):
930         (WebCore::RenderView::docBottom):
931         (WebCore::RenderView::docRight):
932         * rendering/RootInlineBox.cpp:
933         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
934         * rendering/svg/RenderSVGInlineText.cpp:
935         (WebCore::RenderSVGInlineText::localCaretRect):
936
937 2011-02-01  Beth Dakin  <bdakin@apple.com>
938
939         Reviewed by Sam Weinig.
940
941         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
942
943         Lots of new WebCoreSystemInterface functions to export.
944         * WebCore.exp.in:
945         * platform/mac/WebCoreSystemInterface.h:
946         * platform/mac/WebCoreSystemInterface.mm:
947
948         Let the scrollAnimator know when the mouse has
949         moved anywhere inside the page, and when the mouse 
950         has moved in or out of the window. 
951         * page/EventHandler.cpp:
952         (WebCore::EventHandler::mouseMoved):
953         (WebCore::EventHandler::updateMouseEventTargetNode):
954
955         Let the scrollAnimator know when the window has become
956         active or inactive.
957         * page/FocusController.cpp:
958         (WebCore::FocusController::setActive):
959         
960         Let the scrollAnimator know when all of these things
961         are happening.
962         * page/FrameView.cpp:
963         (WebCore::FrameView::setContentsSize):
964         (WebCore::FrameView::didMoveOnscreen):
965         (WebCore::FrameView::willMoveOffscreen):
966         (WebCore::FrameView::currentMousePosition):
967         (WebCore::FrameView::contentsResized):
968         
969         New functions called through WebKit2 that allow the
970         scrollAnimator to know when a live resize starts and ends.
971         (WebCore::FrameView::willStartLiveResize):
972         (WebCore::FrameView::willEndLiveResize):
973         * page/FrameView.h:
974         
975         New functions on ScrollAnimator that pass information
976         to the WKPainterController when we're using one.
977         * platform/ScrollAnimator.h:
978         (WebCore::ScrollAnimator::scrollableArea):
979         (WebCore::ScrollAnimator::contentAreaWillPaint):
980         (WebCore::ScrollAnimator::mouseEnteredContentArea):
981         (WebCore::ScrollAnimator::mouseExitedContentArea):
982         (WebCore::ScrollAnimator::mouseMovedInContentArea):
983         (WebCore::ScrollAnimator::willStartLiveResize):
984         (WebCore::ScrollAnimator::contentsResized):
985         (WebCore::ScrollAnimator::willEndLiveResize):
986         (WebCore::ScrollAnimator::contentAreaDidShow):
987         (WebCore::ScrollAnimator::contentAreaDidHide):
988         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
989         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
990         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
991         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
992         (WebCore::ScrollAnimatorMac::notityPositionChanged):
993         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
994         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
995         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
996         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
997         (WebCore::ScrollAnimatorMac::willStartLiveResize):
998         (WebCore::ScrollAnimatorMac::contentsResized):
999         (WebCore::ScrollAnimatorMac::willEndLiveResize):
1000         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
1001         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
1002         
1003         Let the scrollAnimator know when this is happening.
1004         * platform/ScrollView.cpp:
1005         (WebCore::ScrollView::paint):
1006         
1007         New function lets the scrollAnimator get the current 
1008         mouse position.
1009         * platform/ScrollView.h:
1010         (WebCore::ScrollView::currentMousePosition):
1011         
1012         New function that returns the scrollAnimator when needed.
1013         * platform/ScrollableArea.h:
1014         (WebCore::ScrollableArea::scrollAnimator):
1015         
1016         Keep track of if we're in a live resize using a new memeber
1017         variable.
1018         * platform/mac/ScrollAnimatorMac.h:
1019         (WebCore::ScrollAnimatorMac::inLiveResize):
1020         * platform/mac/ScrollAnimatorMac.mm:
1021         (WebCore::view):
1022         
1023         New delegates for the WKPainter and WKPainterController
1024         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
1025         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
1026         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
1027         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
1028         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
1029         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
1030         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
1031         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
1032         (-[ScrollKnobAnimation setCurrentProgress:]):
1033         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
1034         (-[ScrollbarPainterDelegate convertRectToBacking:]):
1035         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
1036         (-[ScrollbarPainterDelegate layer]):
1037         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
1038         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
1039         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
1040         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
1041
1042         Get the WKScrollbarPainterRefs to synch up with the 
1043         WKScrollbarPainterControllerRefs when appropriate
1044         * platform/mac/ScrollbarThemeMac.h:
1045         * platform/mac/ScrollbarThemeMac.mm:
1046         (WebCore::ScrollbarThemeMac::registerScrollbar):
1047         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
1048         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
1049         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
1050
1051         Implement ScrollableArea's virtual function contentsSize() for access
1052         through the scrollAnimator.
1053         * rendering/RenderLayer.h:
1054         (WebCore::RenderLayer::contentsSize):
1055
1056 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
1057
1058         Reviewed by David Hyatt.
1059
1060         layoutTestController.counterValueForElementById does not return the correct value
1061         https://bugs.webkit.org/show_bug.cgi?id=53037
1062
1063         Test: fast/css/counters/deep-before.html
1064
1065         * rendering/RenderTreeAsText.cpp:
1066         (WebCore::counterValueForElement):
1067         Modified to use the newly available RenderObject::beforePseudoElement()
1068         and RenderObject::afterPseudoElement() instead of the old imperfect
1069         algorithm to find the before and after pseudo elements.
1070
1071 2011-02-01  Anton Muhin  <antonm@chromium.org>
1072
1073         Reviewed by Adam Barth.
1074
1075         Allow access for security origin same as this.
1076         https://bugs.webkit.org/show_bug.cgi?id=53440
1077
1078         Hard to test as newly added path currently is never hit.
1079
1080         * page/SecurityOrigin.cpp:
1081         (WebCore::SecurityOrigin::canAccess): allow access if this == other
1082
1083 2011-01-31  Oliver Hunt  <oliver@apple.com>
1084
1085         Reviewed by Geoffrey Garen.
1086
1087         Update JSObject storage for new marking API
1088         https://bugs.webkit.org/show_bug.cgi?id=53467
1089
1090         Update WebCore to handle new anonymous slot behaviour.
1091
1092         * bindings/js/JSDOMWindowShell.cpp:
1093         (WebCore::JSDOMWindowShell::setWindow):
1094         * bindings/js/WorkerScriptController.cpp:
1095         (WebCore::WorkerScriptController::initScript):
1096         * bindings/scripts/CodeGeneratorJS.pm:
1097
1098 2011-02-01  Xiaomei Ji  <xji@chromium.org>
1099
1100         Reviewed by David Hyatt.
1101
1102         Fix a text rendering problem when enclosing block is RTL and text runs
1103         are in different directionality.
1104         https://bugs.webkit.org/show_bug.cgi?id=34176
1105
1106         The problem happens in the following example scenario (ABC represents 
1107         Hebrew characters):
1108         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
1109
1110         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
1111         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
1112         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
1113
1114         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
1115
1116         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
1117         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
1118         the run's render object's ancestor (not only its parent) has already 
1119         been constructed or has something following it on the line, in which 
1120         case, create a new box for TextRun2 instead of sharing the same box with
1121         TextRun3.
1122
1123         In other words, the following 2 div should render the same results
1124         (ABC represents Hebrew characters).
1125         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
1126         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
1127
1128         Test: fast/dom/34176.html
1129
1130         * rendering/RenderBlockLineLayout.cpp:
1131         (WebCore::parentIsConstructedOrHaveNext):
1132         (WebCore::RenderBlock::createLineBoxes):
1133
1134 2011-02-01  Abhishek Arya  <inferno@chromium.org>
1135
1136         Reviewed by Dan Bernstein.
1137
1138         Do not add a node in the document's stylesheet candidate node list if the
1139         node is already removed from document.
1140         https://bugs.webkit.org/show_bug.cgi?id=53441
1141
1142         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
1143
1144         * dom/Document.cpp:
1145         (WebCore::Document::addStyleSheetCandidateNode):
1146
1147 2011-02-01  Dave Hyatt  <hyatt@apple.com>
1148
1149         Reviewed by Darin Adler.
1150
1151         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
1152         with vertical text.
1153
1154         Change printing functions to check writing-mode and properly swap width and height
1155         as needed.
1156         
1157         Fix the setScrollOrigin function so that the origin doesn't cause
1158         scroll spasming during printing (this is only partially successful, but it's better
1159         than it was).
1160
1161         Rewrite computePageRects to handle both RTL documents properly as well as vertical
1162         text documents properly.
1163
1164         * WebCore.exp.in:
1165         * page/FrameView.cpp:
1166         (WebCore::FrameView::adjustViewSize):
1167         (WebCore::FrameView::forceLayoutForPagination):
1168         * page/PrintContext.cpp:
1169         (WebCore::PrintContext::computePageRects):
1170         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
1171         (WebCore::PrintContext::computeAutomaticScaleFactor):
1172         (WebCore::PrintContext::spoolPage):
1173         (WebCore::PrintContext::spoolRect):
1174         * page/PrintContext.h:
1175         * page/mac/WebCoreFrameView.h:
1176         * platform/ScrollView.cpp:
1177         (WebCore::ScrollView::wheelEvent):
1178         * platform/ScrollView.h:
1179         * platform/mac/ScrollViewMac.mm:
1180         (WebCore::ScrollView::platformSetScrollOrigin):
1181         * rendering/RenderView.cpp:
1182         (WebCore::RenderView::layout):
1183
1184 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
1185
1186         Reviewed by Pavel Feldman.
1187
1188         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
1189
1190         https://bugs.webkit.org/show_bug.cgi?id=53500
1191
1192         * inspector/InspectorProfilerAgent.cpp:
1193         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
1194
1195 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
1196
1197         Reviewed by Pavel Feldman.
1198
1199         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
1200
1201         https://bugs.webkit.org/show_bug.cgi?id=53173
1202
1203         Adding code for accessing heap snapshot data and
1204         performing graph calculations.
1205
1206         * English.lproj/localizedStrings.js:
1207         * inspector/front-end/HeapSnapshot.js:
1208         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
1209         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
1210         (WebInspector.HeapSnapshotEdgeIterator):
1211         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
1212         (WebInspector.HeapSnapshotNodeIterator):
1213         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
1214         (WebInspector.HeapSnapshotFilteredOrderedIterator):
1215         (WebInspector.HeapSnapshotEdgesProvider):
1216         (WebInspector.HeapSnapshotNodesProvider):
1217         (WebInspector.HeapSnapshotPathFinder):
1218         * inspector/front-end/HeapSnapshotView.js:
1219         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
1220
1221 2011-02-01  Adam Roben  <aroben@apple.com>
1222
1223         Fix linker warnings in Release_LTCG builds
1224
1225         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
1226         configurations, since they get pulled in via DOMAllInOne.cpp.
1227
1228 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
1229
1230         Reviewed by Yury Semikhatsky.
1231
1232         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
1233         https://bugs.webkit.org/show_bug.cgi?id=53482
1234
1235         * English.lproj/localizedStrings.js:
1236         * inspector/front-end/ElementsPanel.js:
1237         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
1238         * inspector/front-end/inspector.js:
1239         (WebInspector.resourceForURL):
1240         (WebInspector.openLinkExternallyLabel):
1241
1242 2011-02-01  Anton Muhin  <antonm@chromium.org>
1243
1244         Reviewed by Adam Barth.
1245
1246         Propagate parent document security origin to newly create Document XML response
1247         https://bugs.webkit.org/show_bug.cgi?id=53444
1248
1249         Covered by the existing tests.
1250
1251         * xml/XMLHttpRequest.cpp:
1252         (WebCore::XMLHttpRequest::responseXML):
1253
1254 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
1255
1256         Unreviewed. Rollout r77230 which caused many layout tests
1257         crashes on Chromium Debug bots.
1258
1259         Async event handlers should not fire within a modal dialog
1260         https://bugs.webkit.org/show_bug.cgi?id=53202
1261
1262         * dom/Document.cpp:
1263         (WebCore::Document::Document):
1264         * dom/EventQueue.cpp:
1265         (WebCore::EventQueue::EventQueue):
1266         (WebCore::EventQueue::enqueueEvent):
1267         (WebCore::EventQueue::pendingEventTimerFired):
1268         * dom/EventQueue.h:
1269
1270 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
1271
1272         Reviewed by Dirk Schulze.
1273
1274         LightElement changes does not require relayout.
1275         https://bugs.webkit.org/show_bug.cgi?id=53232
1276
1277         When an attribute of a LightElement changes, it
1278         send an update message to the lighting filters
1279         to update its corresponding LightSource objects,
1280         and repaint the filters.
1281
1282         Duplicated 'id' attributes removed from svg-filter-animation.svg.
1283
1284         Existing dynamic-update tests covers this feature.
1285
1286         5x speedup on manual-tests/svg-filter-animation.svg
1287
1288         * manual-tests/svg-filter-animation.svg:
1289         * platform/graphics/filters/DistantLightSource.h:
1290         * platform/graphics/filters/FEDiffuseLighting.cpp:
1291         (WebCore::FEDiffuseLighting::setLightingColor):
1292         (WebCore::FEDiffuseLighting::setSurfaceScale):
1293         (WebCore::FEDiffuseLighting::setDiffuseConstant):
1294         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
1295         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
1296         * platform/graphics/filters/FEDiffuseLighting.h:
1297         * platform/graphics/filters/LightSource.cpp:
1298         (WebCore::PointLightSource::setX):
1299         (WebCore::PointLightSource::setY):
1300         (WebCore::PointLightSource::setZ):
1301         (WebCore::SpotLightSource::setX):
1302         (WebCore::SpotLightSource::setY):
1303         (WebCore::SpotLightSource::setZ):
1304         (WebCore::SpotLightSource::setPointsAtX):
1305         (WebCore::SpotLightSource::setPointsAtY):
1306         (WebCore::SpotLightSource::setPointsAtZ):
1307         (WebCore::SpotLightSource::setSpecularExponent):
1308         (WebCore::SpotLightSource::setLimitingConeAngle):
1309         (WebCore::DistantLightSource::setAzimuth):
1310         (WebCore::DistantLightSource::setElevation):
1311         (WebCore::LightSource::setAzimuth):
1312         (WebCore::LightSource::setElevation):
1313         (WebCore::LightSource::setX):
1314         (WebCore::LightSource::setY):
1315         (WebCore::LightSource::setZ):
1316         (WebCore::LightSource::setPointsAtX):
1317         (WebCore::LightSource::setPointsAtY):
1318         (WebCore::LightSource::setPointsAtZ):
1319         (WebCore::LightSource::setSpecularExponent):
1320         (WebCore::LightSource::setLimitingConeAngle):
1321         * platform/graphics/filters/LightSource.h:
1322         * platform/graphics/filters/PointLightSource.h:
1323         * platform/graphics/filters/SpotLightSource.h:
1324         * rendering/svg/RenderSVGResourceFilter.cpp:
1325         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
1326         * svg/SVGFEDiffuseLightingElement.cpp:
1327         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
1328         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
1329         (WebCore::SVGFEDiffuseLightingElement::build):
1330         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
1331         (WebCore::SVGFEDiffuseLightingElement::findLight):
1332         * svg/SVGFEDiffuseLightingElement.h:
1333         * svg/SVGFELightElement.cpp:
1334         (WebCore::SVGFELightElement::svgAttributeChanged):
1335         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
1336         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
1337         * svg/SVGFilterPrimitiveStandardAttributes.h:
1338
1339 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
1340
1341         Reviewed by Dimitri Glazkov.
1342
1343         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
1344         https://bugs.webkit.org/show_bug.cgi?id=53289
1345
1346         Moving the nested class DocumentOrderedMap from Document into separate files,
1347         updating code where necessary.
1348
1349         No new tests. (refactoring)
1350
1351         * Android.mk:
1352         * CMakeLists.txt:
1353         * GNUMakefile.am:
1354         * WebCore.gypi:
1355         * WebCore.pro:
1356         * WebCore.vcproj/WebCore.vcproj:
1357         * WebCore.xcodeproj/project.pbxproj:
1358         * dom/Document.cpp:
1359         (WebCore::Document::getElementById):
1360         (WebCore::Document::getImageMap):
1361         * dom/Document.h:
1362         * dom/DocumentOrderedMap.cpp: Added.
1363         (WebCore::keyMatchesId):
1364         (WebCore::keyMatchesMapName):
1365         (WebCore::keyMatchesLowercasedMapName):
1366         (WebCore::DocumentOrderedMap::clear):
1367         (WebCore::DocumentOrderedMap::add):
1368         (WebCore::DocumentOrderedMap::remove):
1369         (WebCore::DocumentOrderedMap::get):
1370         (WebCore::DocumentOrderedMap::getElementById):
1371         (WebCore::DocumentOrderedMap::getElementByMapName):
1372         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
1373         * dom/DocumentOrderedMap.h: Added.
1374         (WebCore::DocumentOrderedMap::contains):
1375         (WebCore::DocumentOrderedMap::containsMultiple):
1376         * dom/DOMAllInOne.cpp:
1377
1378 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
1379
1380         Reviewed by Martin Robinson.
1381
1382         [Gtk] atk_text_set_caret_offset fails for list items
1383         https://bugs.webkit.org/show_bug.cgi?id=53388
1384
1385         Allow using text ranges across list items.
1386
1387         * accessibility/gtk/AccessibilityObjectAtk.cpp:
1388         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
1389         to the list of accessibility objects supporting text ranges.
1390
1391 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
1392
1393         Reviewed by Martin Robinson.
1394
1395         [GTK] character range extents is off when the end of a wrapped line is included
1396         https://bugs.webkit.org/show_bug.cgi?id=53323
1397
1398         Fixed wrong calculation getting the range extents.
1399
1400         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
1401         (webkit_accessible_text_get_range_extents): Removed '+1' since the
1402         requested interval shouldn't include the last character.
1403
1404 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
1405
1406         Reviewed by Martin Robinson.
1407
1408         [GTK] Caret Offset is one off at the end of wrapped lines
1409         https://bugs.webkit.org/show_bug.cgi?id=53300
1410
1411         Consider linebreaks as special cases.
1412
1413         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
1414         (objectAndOffsetUnignored): In order to avoid getting wrong values
1415         when around linebreaks, we need to workaround this by explicitly
1416         avoiding those '\n' text nodes from affecting the result of
1417         calling to TextIterator:rangeLength().
1418
1419 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
1420
1421         Unreviewed, rolling out r77229.
1422         http://trac.webkit.org/changeset/77229
1423         https://bugs.webkit.org/show_bug.cgi?id=53289
1424
1425         revert mysterious build breakage
1426
1427         * Android.mk:
1428         * CMakeLists.txt:
1429         * GNUmakefile.am:
1430         * WebCore.gypi:
1431         * WebCore.pro:
1432         * WebCore.vcproj/WebCore.vcproj:
1433         * WebCore.xcodeproj/project.pbxproj:
1434         * dom/DOMAllInOne.cpp:
1435         * dom/Document.cpp:
1436         (WebCore::Document::DocumentOrderedMap::clear):
1437         (WebCore::Document::DocumentOrderedMap::add):
1438         (WebCore::Document::DocumentOrderedMap::remove):
1439         (WebCore::Document::DocumentOrderedMap::get):
1440         (WebCore::keyMatchesId):
1441         (WebCore::Document::getElementById):
1442         (WebCore::keyMatchesMapName):
1443         (WebCore::keyMatchesLowercasedMapName):
1444         (WebCore::Document::getImageMap):
1445         * dom/Document.h:
1446         (WebCore::Document::DocumentOrderedMap::contains):
1447         (WebCore::Document::DocumentOrderedMap::containsMultiple):
1448         * dom/DocumentOrderedMap.cpp: Removed.
1449         * dom/DocumentOrderedMap.h: Removed.
1450
1451 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
1452
1453         Reviewed by James Robinson.
1454
1455         Async event handlers should not fire within a modal dialog
1456         https://bugs.webkit.org/show_bug.cgi?id=53202
1457
1458         Asychronous events that use EventQueue would currently fire while a
1459         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
1460         SuspendableTimer (which automatically gets suspended while dialogs are
1461         up and in other cases where JS execution is not allowed).
1462         
1463         Test: fast/events/scroll-event-during-modal-dialog.html
1464
1465         * dom/Document.cpp:
1466         (WebCore::Document::Document):
1467         * dom/EventQueue.cpp:
1468         (WebCore::EventQueueTimer::EventQueueTimer):
1469         (WebCore::EventQueueTimer::fired):
1470         (WebCore::EventQueue::EventQueue):
1471         (WebCore::EventQueue::enqueueEvent):
1472         (WebCore::EventQueue::pendingEventTimerFired):
1473         * dom/EventQueue.h:
1474         (WebCore::EventQueue::create):
1475
1476 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
1477
1478         Reviewed by Dimitri Glazkov.
1479
1480         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
1481         https://bugs.webkit.org/show_bug.cgi?id=53289
1482
1483         Moving the nested class DocumentOrderedMap from Document into separate files,
1484         updating code where necessary.
1485
1486         No new tests. (refactoring)
1487
1488         * Android.mk:
1489         * CMakeLists.txt:
1490         * GNUMakefile.am:
1491         * WebCore.gypi:
1492         * WebCore.pro:
1493         * WebCore.vcproj/WebCore.vcproj:
1494         * WebCore.xcodeproj/project.pbxproj:
1495         * dom/Document.cpp:
1496         (WebCore::Document::getElementById):
1497         (WebCore::Document::getImageMap):
1498         * dom/Document.h:
1499         * dom/DocumentOrderedMap.cpp: Added.
1500         (WebCore::keyMatchesId):
1501         (WebCore::keyMatchesMapName):
1502         (WebCore::keyMatchesLowercasedMapName):
1503         (WebCore::DocumentOrderedMap::clear):
1504         (WebCore::DocumentOrderedMap::add):
1505         (WebCore::DocumentOrderedMap::remove):
1506         (WebCore::DocumentOrderedMap::get):
1507         (WebCore::DocumentOrderedMap::getElementById):
1508         (WebCore::DocumentOrderedMap::getElementByMapName):
1509         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
1510         * dom/DocumentOrderedMap.h: Added.
1511         (WebCore::DocumentOrderedMap::contains):
1512         (WebCore::DocumentOrderedMap::containsMultiple):
1513         * dom/DOMAllInOne.cpp:
1514
1515 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
1516
1517         Reviewed by Darin Fisher.
1518
1519         [Chromium] Autofill should work with HTML5 form elements
1520         https://bugs.webkit.org/show_bug.cgi?id=51809
1521         http://crbug.com/65654
1522
1523         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
1524
1525         * html/InputType.h: Insert comment for canSetSuggestedValue().
1526         * html/TextFieldInputType.cpp:
1527         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
1528         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
1529         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
1530         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
1531
1532 2011-02-01  Kent Tamura  <tkent@chromium.org>
1533
1534         Reviewed by Dan Bernstein.
1535
1536         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
1537         https://bugs.webkit.org/show_bug.cgi?id=53272
1538
1539         * editing/TextIterator.cpp:
1540         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
1541
1542 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
1543
1544         Reviewed by Maciej Stachowiak.
1545
1546         https://bugs.webkit.org/show_bug.cgi?id=53466
1547         Move WebKit2 to printing via API methods
1548
1549         * WebCore.exp.in: Export IntRect::scale().
1550
1551 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
1552
1553         Reviewed by Adam Barth.
1554
1555         Remove obsolete comment after r41871
1556         https://bugs.webkit.org/show_bug.cgi?id=53406
1557
1558         * dom/Document.h:
1559
1560 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
1561
1562         Fix according to reviewer comments: can just use Color::black now.
1563
1564         * platform/graphics/ShadowBlur.cpp:
1565         (WebCore::ShadowBlur::drawInsetShadow):
1566         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
1567
1568 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
1569
1570         Reviewed by Sam Weinig.
1571
1572         Clean up ShadowBlur
1573         https://bugs.webkit.org/show_bug.cgi?id=53472
1574
1575         Some minor ShadowBlur cleanup.
1576
1577         * platform/graphics/ShadowBlur.h:
1578         * platform/graphics/ShadowBlur.cpp:
1579         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
1580         paramter.
1581         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
1582         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
1583         layerRect. Make frameSize a float.
1584         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
1585         layerRect rather than calling calculateLayerBoundingRect() to compute
1586         it itself, since we were calling calculateLayerBoundingRect() twice.
1587         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
1588         only once. The shadowRect variable was unused, so two return paths could be
1589         collapsed into one.
1590         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
1591         beginShadowLayer() now.
1592         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
1593         We always used alpha=1, so no need to pass that in.
1594         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
1595         pass that in. Move shadowRect down to first use.
1596         ShadowBlur::clipBounds() was unused.
1597
1598 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
1599
1600         Reviewed by Kenneth Rohde Christiansen.
1601
1602         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
1603         https://bugs.webkit.org/show_bug.cgi?id=46748
1604
1605         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
1606         Added a regression test to tst_QWebFrame.
1607
1608         * bridge/qt/qt_instance.cpp:
1609         (JSC::Bindings::QtInstance::QtInstance):
1610
1611 2011-01-27  MORITA Hajime  <morrita@google.com>
1612
1613         Reviewed by Dimitri Glazkov.
1614         
1615         Convert <progress> shadow DOM to a DOM-based shadow.
1616         https://bugs.webkit.org/show_bug.cgi?id=50660
1617
1618         * Removed RenderProgress::m_valuePart, moved the shadow node
1619           to the shadow root of HTMLProgressElement.
1620         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
1621           ProgressBarValueElement is defined only for overriding
1622           shadowPseudoId().
1623         
1624         No new tests. No behavioral change.
1625
1626         * css/CSSSelector.cpp:
1627         (WebCore::CSSSelector::pseudoId):
1628         (WebCore::nameToPseudoTypeMap):
1629         (WebCore::CSSSelector::extractPseudoType):
1630         * css/CSSSelector.h:
1631         * html/HTMLProgressElement.cpp:
1632         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
1633         (WebCore::ProgressBarValueElement::shadowPseudoId):
1634         (WebCore::ProgressBarValueElement::create):
1635         (WebCore::ProgressBarValueElement::detach):
1636         (WebCore::HTMLProgressElement::parseMappedAttribute):
1637         (WebCore::HTMLProgressElement::attach):
1638         (WebCore::HTMLProgressElement::valuePart):
1639         (WebCore::HTMLProgressElement::didElementStateChange):
1640         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
1641         * html/HTMLProgressElement.h:
1642         * rendering/RenderProgress.cpp:
1643         (WebCore::RenderProgress::~RenderProgress):
1644         (WebCore::RenderProgress::updateFromElement):
1645         (WebCore::RenderProgress::layoutParts):
1646         (WebCore::RenderProgress::shouldHaveParts):
1647         (WebCore::RenderProgress::valuePart):
1648         * rendering/RenderProgress.h:
1649         * rendering/style/RenderStyleConstants.h:
1650
1651 2011-01-31  Charlie Reis  <creis@chromium.org>
1652
1653         Reviewed by Mihai Parparita.
1654
1655         Add sanity check to help diagnose bug 52819
1656         https://bugs.webkit.org/show_bug.cgi?id=53402
1657
1658         Crash early if the children of fromItem look invalid.
1659
1660         * loader/HistoryController.cpp:
1661
1662 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
1663
1664         Reviewed by Andreas Kling.
1665
1666         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
1667         https://bugs.webkit.org/show_bug.cgi?id=53325
1668
1669         Reimplement paintCurrentFrameInContext() rather than delegate the
1670         rendering to paint() to make sure we really do get the video frame
1671         content into the GraphicsContext, regardless of accelerated
1672         compositing and the video scene state.
1673
1674         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
1675         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
1676         * platform/graphics/qt/MediaPlayerPrivateQt.h:
1677
1678 2011-01-31  Emil A Eklund  <eae@chromium.org>
1679
1680         Reviewed by Darin Adler.
1681
1682         Setting "selected" attribute to false should have no effect in single line <select>
1683         https://bugs.webkit.org/show_bug.cgi?id=52436
1684
1685         Change SelectElement::setSelectedIndex to select the first selectable
1686         option when the select state of all options is set to false as required
1687         by the HTML5 specification.
1688
1689         Test: fast/dom/HTMLSelectElement/selected-false.html
1690
1691         * dom/SelectElement.cpp:
1692         (WebCore::SelectElement::setSelectedIndex):
1693
1694 2011-01-31  Alexander Pavlov  <apavlov@chromium.org>
1695
1696         Reviewed by Yury Semikhatsky.
1697
1698         Web Inspector: Console source references need a left-margin
1699         https://bugs.webkit.org/show_bug.cgi?id=53308
1700
1701         * inspector/front-end/inspector.css:
1702         (.console-message-url): Added a 4px margin on the left.
1703
1704 2011-01-31  Carol Szabo  <carol.szabo@nokia.com>
1705
1706         Reviewed by David Hyatt.
1707
1708         Code Changes only.
1709
1710         It is needlessly expensive to find the generating node from an anonymous renderer of a pseudoelement.
1711         https://bugs.webkit.org/show_bug.cgi?id=53024
1712
1713         No new tests. No change in functionality
1714
1715         * rendering/RenderObject.h:
1716         (WebCore::RenderObject::before):
1717         (WebCore::RenderObject::after):
1718         (WebCore::RenderObject::generatingNode):
1719         Added new accessors for the use of the CSS 2.1 counters code
1720         (mainlyly)
1721         * rendering/RenderObjectChildList.cpp:
1722         (WebCore::beforeAfterContainer):
1723         (WebCore::RenderObjectChildList::invalidateCounters):
1724         (WebCore::RenderObjectChildList::before):
1725         (WebCore::RenderObjectChildList::after):
1726         Refactored the code to take advantage of the new accessors.
1727         (WebCore::RenderObjectChildList::updateBeforeAfterContent):
1728         Changed to store the generating node in the :before and :after
1729         renderers.
1730         * rendering/RenderObjectChildList.h:
1731
1732 2011-01-31  Krithigassree Sambamurthy  <krithigassree.sambamurthy@nokia.com>
1733
1734         Reviewed by David Hyatt.
1735
1736         Add background-clip to background shorthand
1737         https://bugs.webkit.org/show_bug.cgi?id=52080
1738
1739         Added background-clip to background-shorthand. Also made changes to
1740         include webkitMaskClip to the mask shorthand to keep both in sync.
1741
1742         * css/CSSParser.cpp:
1743         (WebCore::CSSParser::parseValue):
1744         (WebCore::CSSParser::parseFillShorthand):
1745
1746 2011-01-31  Darin Adler  <darin@apple.com>
1747
1748         Reviewed by Adele Peterson.
1749
1750         WKView should support scrollPageDown:, scrollPageUp:, scrollToBeg and other similar selectors
1751         https://bugs.webkit.org/show_bug.cgi?id=53460
1752
1753         * editing/EditorCommand.cpp:
1754         (WebCore::executeScrollPageBackward): Added.
1755         (WebCore::executeScrollPageForward): Added.
1756         (WebCore::executeScrollToBeginningOfDocument): Added.
1757         (WebCore::executeScrollToEndOfDocument): Added.
1758         (WebCore::createCommandMap): Added the four commands above to the map.
1759
1760 2011-01-31  Dan Bernstein  <mitz@apple.com>
1761
1762         Reviewed by Adele Peterson.
1763
1764         Inter-ideograph justification should apply to hiragana and katakana as well
1765         https://bugs.webkit.org/show_bug.cgi?id=53464
1766
1767         Changed the test for expansion opportunities from isCJKIdeograph() to isCJKIdeographOrSymbol().
1768
1769         * platform/graphics/Font.cpp:
1770         (WebCore::Font::expansionOpportunityCount):
1771         * platform/graphics/WidthIterator.cpp:
1772         (WebCore::WidthIterator::advance):
1773         * platform/graphics/mac/ComplexTextController.cpp:
1774         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
1775
1776 2011-01-31  Dimitri Glazkov  <dglazkov@chromium.org>
1777
1778         Reviewed by James Robinson.
1779
1780         REGRESSION(r76951): Appearance of media controls changed slightly on Qt/Chromium ports
1781         https://bugs.webkit.org/show_bug.cgi?id=53314
1782
1783         Fixes media/controls-strict.html on Chromium.
1784
1785         * css/mediaControlsChromium.css:
1786         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
1787             Added proper box-sizing to avoid differences between strict/quirks mode.
1788
1789 2011-01-31  Kent Tamura  <tkent@chromium.org>
1790
1791         Reviewed by Dimitri Glazkov.
1792
1793         Validation message bubble shouldn't inherit text-security style
1794         https://bugs.webkit.org/show_bug.cgi?id=53457
1795
1796         No new tests because the validation message feature depends on timers
1797         and is enabled only in Chromium port.
1798
1799         * css/html.css:
1800         (::-webkit-validation-bubble): Reset -webkit-text-security.
1801
1802 2011-01-31  Michael Saboff  <msaboff@apple.com>
1803
1804         Reviewed by Geoffrey Garen.
1805
1806         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1807         https://bugs.webkit.org/show_bug.cgi?id=53271
1808
1809         Reapplying this patch again. 
1810         The removal of this patch in <http://trac.webkit.org/changeset/77125>
1811         as part of https://bugs.webkit.org/show_bug.cgi?id=53418,
1812         removed the both the first (failing) patch (r76893) and this fixed 
1813         patch (r76969).  This patch includes slight changes necessitated by
1814         r77151.
1815
1816         Reapplying this patch with the change that the second ASSERT in 
1817         RootObject::removeRuntimeObject was changed to use
1818         .uncheckedGet() instead of the failing .get().  The object in question
1819         could be in the process of being GC'ed.  The get() call will not return
1820         such an object while the uncheckedGet() call will return the (unsafe) 
1821         object.  This is the behavior we want.
1822
1823         Precautionary change.
1824         Changed RootObject to use WeakGCMap instead of HashSet.
1825         Found will looking for another issue, but can't produce a test case
1826         that is problematic.  THerefore there aren't any new tests.
1827
1828         * bridge/runtime_root.cpp:
1829         (JSC::Bindings::RootObject::invalidate):
1830         (JSC::Bindings::RootObject::addRuntimeObject):
1831         (JSC::Bindings::RootObject::removeRuntimeObject):
1832         * bridge/runtime_root.h:
1833
1834 2011-01-31  Andreas Kling  <kling@webkit.org>
1835
1836         Unbreak Qt build after r77151.
1837
1838         * bridge/qt/qt_instance.cpp:
1839         (JSC::Bindings::QtInstance::removeCachedMethod):
1840         (JSC::Bindings::QtInstance::markAggregate):
1841
1842 2011-01-31  takano takumi  <takano@apple.com>
1843
1844         Reviewed by Dave Hyatt.
1845
1846         Implement text-combine rendering code
1847         https://bugs.webkit.org/show_bug.cgi?id=50621
1848
1849         Test: fast/text/international/text-combine-image-test.html
1850
1851         * Android.mk: Added RenderCombineText.cpp/h
1852         * CMakeLists.txt: Added RenderCombineText.cpp/h
1853         * GNUmakefile.am: Added RenderCombineText.cpp/h
1854         * WebCore.exp.in:
1855         * WebCore.gypi: Added RenderCombineText.cpp/h
1856         * WebCore.pro: Added RenderCombineText.cpp/h
1857         * WebCore.vcproj/WebCore.vcproj: Added RenderCombineText.cpp/h
1858         * WebCore.xcodeproj/project.pbxproj: Added RenderCombineText.cpp/h
1859         * css/CSSFontFaceSource.cpp:
1860         (WebCore::CSSFontFaceSource::getFontData):
1861         - Added fontDescription.widthVariant to SimpleFontData creation.
1862         * css/CSSStyleSelector.cpp:
1863         (WebCore::CSSStyleSelector::applyProperty):
1864         - Changed to set "Unique" flag to RenderStyle in case of TextCombine.
1865         * dom/Text.cpp:
1866         (WebCore::Text::createRenderer):
1867         - Changed to create RenderCombineText in case of TextCombine.
1868         * loader/cache/CachedFont.cpp:
1869         (WebCore::CachedFont::platformDataFromCustomData):
1870         - Added FontWidthVariant as an argument for FontPlatformData creation.
1871         * loader/cache/CachedFont.h:
1872         - Ditto.
1873         * platform/graphics/Font.h:
1874         (WebCore::Font::widthVariant):
1875         - The accessor to FontWidthVariant member variable.
1876         * platform/graphics/FontCache.cpp:
1877         - Made cache to incorporate FontWidthVariant value.
1878         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
1879         (WebCore::FontPlatformDataCacheKey::operator==):
1880         (WebCore::computeHash):
1881         (WebCore::FontCache::getCachedFontPlatformData):
1882         * platform/graphics/FontDescription.h:
1883         - Add a member variable that holds a width variant - none, half-width, third-width, and quarter-width.
1884         (WebCore::FontDescription::FontDescription):
1885         (WebCore::FontDescription::widthVariant):
1886         (WebCore::FontDescription::setWidthVariant):
1887         (WebCore::FontDescription::operator==):
1888         * platform/graphics/FontWidthVariant.h: Added.
1889         * platform/graphics/cairo/FontCustomPlatformData.h:
1890         - Changed to carry FontWidthVariant value.
1891         * platform/graphics/cocoa/FontPlatformData.h:
1892         - Changed to carry FontWidthVariant value.
1893         (WebCore::FontPlatformData::FontPlatformData):
1894         (WebCore::FontPlatformData::widthVariant):
1895         (WebCore::FontPlatformData::hash):
1896         (WebCore::FontPlatformData::operator==):
1897         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1898         (WebCore::FontPlatformData::FontPlatformData):
1899         - Changed to carry FontWidthVariant value.
1900         (WebCore::FontPlatformData::operator=):
1901         - Ditto.
1902         (WebCore::mapFontWidthVariantToCTFeatureSelector):
1903         - A function to map a FontWidthVariant value to a CoreText's text spacing feature selector.
1904         (WebCore::FontPlatformData::ctFont):
1905         - Changed to create CTFont with text spacing variant based on FontWidthVariant.
1906         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1907         (WebCore::FontCustomPlatformData::fontPlatformData):
1908         - Changed to carry FontWidthVariant value.
1909         * platform/graphics/haiku/FontCustomPlatformData.cpp:
1910         (WebCore::FontCustomPlatformData::fontPlatformData):
1911         - Changed to carry FontWidthVariant value.
1912         * platform/graphics/haiku/FontCustomPlatformData.h:
1913         * platform/graphics/mac/FontCacheMac.mm:
1914         (WebCore::FontCache::createFontPlatformData):
1915         - Changed to carry FontWidthVariant value.
1916         * platform/graphics/mac/FontCustomPlatformData.cpp:
1917         (WebCore::FontCustomPlatformData::fontPlatformData):
1918         - Changed to carry FontWidthVariant value.
1919         * platform/graphics/mac/FontCustomPlatformData.h:
1920         - Ditto.
1921         * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
1922         (WebCore::shouldUseCoreText):
1923         - Changed to skip CT path when width variant is specified.
1924         * platform/graphics/pango/FontCustomPlatformDataPango.cpp:
1925         (WebCore::FontCustomPlatformData::fontPlatformData):
1926         - Ditto.
1927         * platform/graphics/qt/FontCustomPlatformData.h:
1928         - Ditto.
1929         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
1930         (WebCore::FontCustomPlatformData::fontPlatformData):
1931         - Ditto.
1932         * platform/graphics/skia/FontCustomPlatformData.cpp:
1933         (WebCore::FontCustomPlatformData::fontPlatformData):
1934         - Ditto.
1935         * platform/graphics/skia/FontCustomPlatformData.h:
1936         - Ditto.
1937         * platform/graphics/win/FontCustomPlatformData.cpp:
1938         (WebCore::FontCustomPlatformData::fontPlatformData):
1939         - Ditto.
1940         * platform/graphics/win/FontCustomPlatformData.h:
1941         - Ditto.
1942         * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
1943         - Ditto.
1944         (WebCore::FontCustomPlatformData::fontPlatformData):
1945         - Ditto.
1946         * platform/graphics/win/FontCustomPlatformDataCairo.h:
1947         - Ditto.
1948         * platform/graphics/wince/FontCustomPlatformData.cpp:
1949         (WebCore::FontCustomPlatformData::fontPlatformData):
1950         - Ditto.
1951         * platform/graphics/wince/FontCustomPlatformData.h:
1952         - Ditto.
1953         * platform/graphics/wx/FontCustomPlatformData.cpp:
1954         (WebCore::FontCustomPlatformData::fontPlatformData):
1955         - Ditto.
1956         * platform/graphics/wx/FontCustomPlatformData.h:
1957         - Ditto.
1958         * rendering/InlineTextBox.cpp:
1959         (WebCore::InlineTextBox::paint):
1960         - In case of RenderCombineText, we don't rotate text even in vertical writing. Also, we render original text
1961         instead of text returned from text().
1962         * rendering/RenderBlock.cpp:
1963         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
1964         - Made to call RenderCombinedText's prepareTextCombine() here.
1965         * rendering/RenderBlockLineLayout.cpp:
1966         (WebCore::textWidth):
1967         - Made to always use the render object's width() in case of TextCombine.
1968         (WebCore::RenderBlock::findNextLineBreak):
1969         - Made to call RenderCombinedText's prepareTextCombine() here.
1970         * rendering/RenderCombineText.cpp: Added. A subclass of RenderText.
1971         (WebCore::RenderCombineText::RenderCombineText):
1972         (WebCore::RenderCombineText::styleDidChange):
1973         - Clear the flag that indicated the font has been prepared for combining. The font will be reinitialized in
1974         the next call of RenderBlock::findNextLineBreak().
1975         (WebCore::RenderCombineText::setTextInternal):
1976         - Ditto.
1977         (WebCore::RenderCombineText::width):
1978         - Returns 1-em width in case of font combine.
1979         (WebCore::RenderCombineText::adjustTextOrigin):
1980         - Adjust drawing origin point in case of font combine.
1981         (WebCore::RenderCombineText::charactersToRender):
1982         - Return original text instead of current text in case of font combine.
1983         (WebCore::RenderCombineText::combineText):
1984         - This function tries to pack passed text with; 1) the current font as is, 2) the font created
1985         from the descriptor with half-width variant specified, 3) the font with third-width variant, 4) the font
1986         with quarter-width variant.
1987         - If a suitable font successfully found, replace the current font with the new font. If no appropriate font found,
1988         we give up text-combine as the CSS spec describes.
1989         - If a new font found, we replace the text with 0xFFFC. This is needed for a combined text block to be able to
1990         behave like a single character against text decorations.
1991         * rendering/RenderCombineText.h: Added.
1992         (WebCore::RenderCombineText::isCombined):
1993         (WebCore::RenderCombineText::combinedTextWidth):
1994         - Returns 1-em width in case of font combine.
1995         (WebCore::RenderCombineText::renderName):
1996         (WebCore::toRenderCombineText):
1997         * rendering/RenderText.cpp:
1998         (WebCore::RenderText::widthFromCache):
1999         - Made to call RenderCombineText's combinedTextWidth when the text is combined.
2000         * rendering/RenderingAllInOne.cpp: Added RenderCombineText.cpp
2001         * rendering/style/RenderStyle.h:
2002         (WebCore::InheritedFlags::hasTextCombine):
2003         - Added for a quick test of TextCombine.
2004
2005 2011-01-31  Oliver Hunt  <oliver@apple.com>
2006
2007         Convert markstack to a slot visitor API
2008         https://bugs.webkit.org/show_bug.cgi?id=53219
2009
2010         rolling r77098, r77099, r77100, r77109, and
2011         r77111 back in, along with a few more Qt fix attempts.
2012
2013         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2014         * WebCore.exp.in:
2015         * bindings/js/DOMWrapperWorld.h:
2016         (WebCore::DOMWrapperWorld::globalData):
2017         * bindings/js/JSAudioConstructor.cpp:
2018         (WebCore::JSAudioConstructor::JSAudioConstructor):
2019         * bindings/js/JSDOMBinding.cpp:
2020         (WebCore::markDOMNodesForDocument):
2021         (WebCore::markDOMObjectWrapper):
2022         (WebCore::markDOMNodeWrapper):
2023         * bindings/js/JSDOMGlobalObject.cpp:
2024         (WebCore::JSDOMGlobalObject::markChildren):
2025         (WebCore::JSDOMGlobalObject::setInjectedScript):
2026         (WebCore::JSDOMGlobalObject::injectedScript):
2027         * bindings/js/JSDOMGlobalObject.h:
2028         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2029         (WebCore::getDOMConstructor):
2030         * bindings/js/JSDOMWindowCustom.cpp:
2031         (WebCore::JSDOMWindow::setLocation):
2032         (WebCore::DialogHandler::dialogCreated):
2033         * bindings/js/JSDOMWindowShell.cpp:
2034         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2035         (WebCore::JSDOMWindowShell::setWindow):
2036         (WebCore::JSDOMWindowShell::markChildren):
2037         (WebCore::JSDOMWindowShell::unwrappedObject):
2038         * bindings/js/JSDOMWindowShell.h:
2039         (WebCore::JSDOMWindowShell::window):
2040         (WebCore::JSDOMWindowShell::setWindow):
2041         * bindings/js/JSDeviceMotionEventCustom.cpp:
2042         (WebCore::createAccelerationObject):
2043         (WebCore::createRotationRateObject):
2044         * bindings/js/JSEventListener.cpp:
2045         (WebCore::JSEventListener::JSEventListener):
2046         (WebCore::JSEventListener::markJSFunction):
2047         * bindings/js/JSEventListener.h:
2048         (WebCore::JSEventListener::jsFunction):
2049         * bindings/js/JSHTMLDocumentCustom.cpp:
2050         (WebCore::JSHTMLDocument::setAll):
2051         * bindings/js/JSImageConstructor.cpp:
2052         (WebCore::JSImageConstructor::JSImageConstructor):
2053         * bindings/js/JSImageDataCustom.cpp:
2054         (WebCore::toJS):
2055         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2056         (WebCore::JSJavaScriptCallFrame::scopeChain):
2057         (WebCore::JSJavaScriptCallFrame::scopeType):
2058         * bindings/js/JSNodeFilterCondition.cpp:
2059         (WebCore::JSNodeFilterCondition::markAggregate):
2060         (WebCore::JSNodeFilterCondition::acceptNode):
2061         * bindings/js/JSNodeFilterCondition.h:
2062         * bindings/js/JSNodeFilterCustom.cpp:
2063         * bindings/js/JSOptionConstructor.cpp:
2064         (WebCore::JSOptionConstructor::JSOptionConstructor):
2065         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2066         (WebCore::JSSQLResultSetRowList::item):
2067         * bindings/js/ScriptCachedFrameData.cpp:
2068         (WebCore::ScriptCachedFrameData::restore):
2069         * bindings/js/ScriptObject.cpp:
2070         (WebCore::ScriptGlobalObject::set):
2071         * bindings/js/SerializedScriptValue.cpp:
2072         (WebCore::CloneDeserializer::putProperty):
2073         * bindings/scripts/CodeGeneratorJS.pm:
2074         * bridge/qt/qt_class.cpp:
2075         (JSC::Bindings::QtClass::fallbackObject):
2076         * bridge/qt/qt_instance.cpp:
2077         (JSC::Bindings::QtInstance::QtInstance):
2078         (JSC::Bindings::QtInstance::removeCachedMethod):
2079         (JSC::Bindings::QtInstance::markAggregate):
2080         * bridge/qt/qt_instance.h:
2081         * bridge/qt/qt_runtime.cpp:
2082         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2083         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2084         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2085         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2086         * bridge/qt/qt_runtime.h:
2087         * dom/Document.h:
2088
2089 2011-01-31  Dan Winship  <danw@gnome.org>
2090
2091         Reviewed by Gustavo Noronha Silva.
2092
2093         wss (websockets ssl) support for gtk via new gio TLS support
2094         https://bugs.webkit.org/show_bug.cgi?id=50344
2095
2096         Update to use GPollableOutputStream and GTlsConnection to
2097         implement wss URLs
2098
2099         * platform/network/soup/SocketStreamHandle.h:
2100         * platform/network/soup/SocketStreamHandleSoup.cpp:
2101         (WebCore::SocketStreamHandle::SocketStreamHandle):
2102         (WebCore::SocketStreamHandle::connected):
2103         (WebCore::SocketStreamHandle::platformSend):
2104         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
2105         (WebCore::writeReadyCallback):
2106
2107 2011-01-31  Abhishek Arya  <inferno@chromium.org>
2108
2109         Reviewed by Dimitri Glazkov.
2110
2111         Check the textarea node still exists in document before casting
2112         it to HTMLTextAreaElement.
2113         https://bugs.webkit.org/show_bug.cgi?id=53429
2114
2115         Test: fast/forms/textarea-node-removed-from-document-crash.html
2116
2117         * rendering/RenderTextControlMultiLine.cpp:
2118         (WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
2119
2120 2011-01-27  Abhishek Arya  <inferno@chromium.org>
2121
2122         Reviewed by Dave Hyatt.
2123
2124         If beforeChild is wrapped in an anonymous table section, we need to
2125         go the parent to find it and use it before adding childs to table.
2126         https://bugs.webkit.org/show_bug.cgi?id=53276
2127
2128         We need to make sure that beforeChild's parent is "this" before calling
2129         RenderBox::addChild. The previous condition in while is too restrictive
2130         and fails to calculate the right beforeChild value when its display
2131         style is table caption.
2132         Test: fast/table/before-child-non-table-section-add-table-crash.html
2133
2134         * rendering/RenderTable.cpp:
2135         (WebCore::RenderTable::addChild):
2136
2137 2011-01-31  Shane Stephens  <shanestephens@google.com>
2138
2139         Reviewed by Simon Fraser.
2140
2141         AffineTransform::translateRight incorrectly computes a translateLeft.
2142         https://bugs.webkit.org/show_bug.cgi?id=52551
2143
2144         Removed translateRight and converted all uses to perform standard
2145         matrix multiplication.
2146
2147         No new tests because patch doesn't modify functionality.
2148
2149         * platform/graphics/transforms/AffineTransform.cpp:
2150         * platform/graphics/transforms/AffineTransform.h:
2151         (WebCore::AffineTransform::translation):
2152         * rendering/svg/RenderSVGResourceMarker.cpp:
2153         (WebCore::RenderSVGResourceMarker::localToParentTransform):
2154         * rendering/svg/RenderSVGRoot.cpp:
2155         (WebCore::RenderSVGRoot::localToRepaintContainerTransform):
2156         (WebCore::RenderSVGRoot::localToParentTransform):
2157         * rendering/svg/RenderSVGViewportContainer.cpp:
2158         (WebCore::RenderSVGViewportContainer::localToParentTransform):
2159         * rendering/svg/SVGTextLayoutEngine.cpp:
2160         (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices):
2161
2162 2011-01-31  Mario Sanchez Prada  <msanchez@igalia.com>
2163
2164         Reviewed by Martin Robinson.
2165
2166         [Gtk] atk_text_set_caret_offset returns True even when it is unsuccessful
2167         https://bugs.webkit.org/show_bug.cgi?id=53389
2168
2169         Return FALSE when not able to set the caret at the specified offset.
2170
2171         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
2172         (webkit_accessible_text_set_caret_offset): Return FALSE when the
2173         range created is NULL and adjust offset to account for list markers.
2174
2175 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
2176
2177         Reviewed by Yury Semikhatsky.
2178
2179         Web Inspector: copy HAR to clipboard instead of saving blob on export.
2180         https://bugs.webkit.org/show_bug.cgi?id=53328
2181
2182         * inspector/front-end/NetworkPanel.js:
2183         (WebInspector.NetworkPanel.prototype._exportAll):
2184         (WebInspector.NetworkPanel.prototype._exportResource):
2185
2186 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
2187
2188         Reviewed by Timothy Hatcher.
2189
2190         Web Inspector: speed up network panel rendering.
2191         https://bugs.webkit.org/show_bug.cgi?id=53397
2192
2193         * inspector/front-end/DataGrid.js:
2194         (WebInspector.DataGrid.prototype.get scrollContainer):
2195         * inspector/front-end/NetworkPanel.js:
2196         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
2197         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
2198         (WebInspector.NetworkPanel.prototype._createTable):
2199         (WebInspector.NetworkPanel.prototype._exportResource):
2200         (WebInspector.NetworkPanel.prototype._onScroll):
2201         * inspector/front-end/networkPanel.css:
2202         (.network-sidebar .data-grid.small tr.offscreen):
2203         (.network-sidebar .data-grid tr.offscreen):
2204         (.network-sidebar .data-grid tr.offscreen td):
2205
2206 2011-01-31  Peter Varga  <pvarga@webkit.org>
2207
2208         Reviewed by Andreas Kling.
2209
2210         Remove wrec from WebCore
2211         https://bugs.webkit.org/show_bug.cgi?id=53298
2212
2213         No new tests needed.
2214
2215         * Android.jscbindings.mk:
2216         * ForwardingHeaders/wrec/WREC.h: Removed.
2217         * WebCore.vcproj/WebCore.vcproj:
2218         * WebCore.vcproj/copyForwardingHeaders.cmd:
2219
2220 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
2221
2222         Unreviewed, rolling out r76969.
2223         http://trac.webkit.org/changeset/76969
2224         https://bugs.webkit.org/show_bug.cgi?id=53418
2225
2226         "It is causing crashes in GTK+ and Leopard bots" (Requested by
2227         alexg__ on #webkit).
2228
2229         * bridge/runtime_root.cpp:
2230         (JSC::Bindings::RootObject::invalidate):
2231         (JSC::Bindings::RootObject::addRuntimeObject):
2232         (JSC::Bindings::RootObject::removeRuntimeObject):
2233         * bridge/runtime_root.h:
2234
2235 2011-01-31  Antti Koivisto  <antti@apple.com>
2236
2237         Not reviewed.
2238
2239         Spelling.
2240
2241         * css/CSSSelectorList.h:
2242         (WebCore::CSSSelectorList::next):
2243
2244 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
2245
2246         Unreviewed. Fix Chromium compilation on Linux.
2247
2248         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
2249         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
2250
2251 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
2252
2253         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
2254
2255         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
2256
2257 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
2258
2259         Reviewed by Yury Semikhatsky.
2260
2261         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
2262
2263         https://bugs.webkit.org/show_bug.cgi?id=53309
2264
2265         * English.lproj/localizedStrings.js:
2266         * inspector/front-end/ProfilesPanel.js:
2267         (WebInspector.ProfilesPanel):
2268
2269 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
2270
2271         Unreviewed, fix the build with current GTK+ 3.x.
2272
2273         * plugins/gtk/gtk2xtbin.c:
2274         * plugins/gtk/gtk2xtbin.h:
2275
2276 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
2277
2278         Reviewed by Kent Tamura.
2279
2280         Dangling form associated elements should not be registered on the document
2281         https://bugs.webkit.org/show_bug.cgi?id=53223
2282
2283         Adds insertedIntoDocument() and remvoedFromDocument() to
2284         FormAssociatedElement class to register the element on the document
2285         if and only if it actually inserted into (removed from) the document.
2286
2287         Test: fast/forms/dangling-form-element-crash.html
2288
2289         * html/FormAssociatedElement.cpp:
2290         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
2291         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
2292         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
2293         the element to a document.
2294         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
2295         the element from a document.
2296         * html/FormAssociatedElement.h:
2297         * html/HTMLFormControlElement.cpp:
2298         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
2299         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
2300         * html/HTMLFormControlElement.h:
2301         * html/HTMLObjectElement.cpp:
2302         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
2303         FormAssociatedElement::insertedIntoDocument().
2304         (WebCore::HTMLObjectElement::removedFromDocument): Calls
2305         FormAssociatedElement::removedFromDocument().
2306
2307 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
2308
2309         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
2310         r77111.
2311         http://trac.webkit.org/changeset/77098
2312         http://trac.webkit.org/changeset/77099
2313         http://trac.webkit.org/changeset/77100
2314         http://trac.webkit.org/changeset/77109
2315         http://trac.webkit.org/changeset/77111
2316         https://bugs.webkit.org/show_bug.cgi?id=53219
2317
2318         Qt build is broken
2319
2320         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
2321         * WebCore.exp.in:
2322         * bindings/js/DOMWrapperWorld.h:
2323         * bindings/js/JSAudioConstructor.cpp:
2324         (WebCore::JSAudioConstructor::JSAudioConstructor):
2325         * bindings/js/JSDOMBinding.cpp:
2326         (WebCore::markDOMNodesForDocument):
2327         (WebCore::markDOMObjectWrapper):
2328         (WebCore::markDOMNodeWrapper):
2329         * bindings/js/JSDOMGlobalObject.cpp:
2330         (WebCore::JSDOMGlobalObject::markChildren):
2331         (WebCore::JSDOMGlobalObject::setInjectedScript):
2332         (WebCore::JSDOMGlobalObject::injectedScript):
2333         * bindings/js/JSDOMGlobalObject.h:
2334         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2335         (WebCore::getDOMConstructor):
2336         * bindings/js/JSDOMWindowCustom.cpp:
2337         (WebCore::JSDOMWindow::setLocation):
2338         (WebCore::DialogHandler::dialogCreated):
2339         * bindings/js/JSDOMWindowShell.cpp:
2340         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2341         (WebCore::JSDOMWindowShell::setWindow):
2342         (WebCore::JSDOMWindowShell::markChildren):
2343         (WebCore::JSDOMWindowShell::unwrappedObject):
2344         * bindings/js/JSDOMWindowShell.h:
2345         (WebCore::JSDOMWindowShell::window):
2346         (WebCore::JSDOMWindowShell::setWindow):
2347         * bindings/js/JSDeviceMotionEventCustom.cpp:
2348         (WebCore::createAccelerationObject):
2349         (WebCore::createRotationRateObject):
2350         * bindings/js/JSEventListener.cpp:
2351         (WebCore::JSEventListener::JSEventListener):
2352         (WebCore::JSEventListener::markJSFunction):
2353         * bindings/js/JSEventListener.h:
2354         (WebCore::JSEventListener::jsFunction):
2355         * bindings/js/JSHTMLDocumentCustom.cpp:
2356         (WebCore::JSHTMLDocument::setAll):
2357         * bindings/js/JSImageConstructor.cpp:
2358         (WebCore::JSImageConstructor::JSImageConstructor):
2359         * bindings/js/JSImageDataCustom.cpp:
2360         (WebCore::toJS):
2361         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2362         (WebCore::JSJavaScriptCallFrame::scopeChain):
2363         (WebCore::JSJavaScriptCallFrame::scopeType):
2364         * bindings/js/JSNodeFilterCondition.cpp:
2365         (WebCore::JSNodeFilterCondition::markAggregate):
2366         (WebCore::JSNodeFilterCondition::acceptNode):
2367         * bindings/js/JSNodeFilterCondition.h:
2368         * bindings/js/JSNodeFilterCustom.cpp:
2369         * bindings/js/JSOptionConstructor.cpp:
2370         (WebCore::JSOptionConstructor::JSOptionConstructor):
2371         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2372         (WebCore::JSSQLResultSetRowList::item):
2373         * bindings/js/ScriptCachedFrameData.cpp:
2374         (WebCore::ScriptCachedFrameData::restore):
2375         * bindings/js/ScriptObject.cpp:
2376         (WebCore::ScriptGlobalObject::set):
2377         * bindings/js/SerializedScriptValue.cpp:
2378         (WebCore::CloneDeserializer::putProperty):
2379         * bindings/scripts/CodeGeneratorJS.pm:
2380         * bridge/qt/qt_instance.cpp:
2381         (JSC::Bindings::QtInstance::QtInstance):
2382         (JSC::Bindings::QtInstance::removeCachedMethod):
2383         (JSC::Bindings::QtInstance::markAggregate):
2384         * bridge/qt/qt_instance.h:
2385         * bridge/qt/qt_runtime.cpp:
2386         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2387         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2388         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2389         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2390         * bridge/qt/qt_runtime.h:
2391         * bridge/runtime_root.cpp:
2392         (JSC::Bindings::RootObject::invalidate):
2393         * bridge/runtime_root.h:
2394         * dom/Document.h:
2395
2396 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
2397
2398         Unreviewed, rolling out r77107.
2399         http://trac.webkit.org/changeset/77107
2400         https://bugs.webkit.org/show_bug.cgi?id=53412
2401
2402         Caused 5 new form-related test crashes (Requested by smfr on
2403         #webkit).
2404
2405         * css/CSSSelector.cpp:
2406         (WebCore::CSSSelector::pseudoId):
2407         (WebCore::nameToPseudoTypeMap):
2408         (WebCore::CSSSelector::extractPseudoType):
2409         * css/CSSSelector.h:
2410         * html/HTMLProgressElement.cpp:
2411         (WebCore::HTMLProgressElement::parseMappedAttribute):
2412         (WebCore::HTMLProgressElement::attach):
2413         * html/HTMLProgressElement.h:
2414         * rendering/RenderProgress.cpp:
2415         (WebCore::RenderProgress::~RenderProgress):
2416         (WebCore::RenderProgress::updateFromElement):
2417         (WebCore::RenderProgress::layoutParts):
2418         (WebCore::RenderProgress::shouldHaveParts):
2419         * rendering/RenderProgress.h:
2420         * rendering/style/RenderStyleConstants.h:
2421
2422 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2423
2424         Reviewed by Sam Weinig.
2425
2426         Enhance ShadowBlur to render inset box shadows
2427         https://bugs.webkit.org/show_bug.cgi?id=51567
2428         
2429         Use ShadowBlur for inset box-shadows with CG. It 
2430         currently lacks a tiled version, but is still much
2431         faster than CG shadows.
2432
2433         Test: fast/box-shadow/inset-box-shadow-radius.html
2434
2435         * platform/graphics/ShadowBlur.cpp:
2436         * platform/graphics/ShadowBlur.h: New method for inset
2437         shadows.
2438         (WebCore::ShadowBlur::drawInsetShadow): 
2439
2440         * platform/graphics/GraphicsContext.cpp: #ifdef out
2441         fillRectWithRoundedHole() for CG.
2442
2443         * platform/graphics/cg/GraphicsContextCG.cpp:
2444         (WebCore::GraphicsContext::fillRectWithRoundedHole): If there's
2445         a shadow with a radius > 0, use ShadowBlur.
2446
2447 2011-01-28  Kenneth Russell  <kbr@google.com>
2448
2449         Reviewed by Chris Marrin.
2450
2451         WebGL shows PNG Textures with indexed colors too dark
2452         https://bugs.webkit.org/show_bug.cgi?id=47477
2453
2454         Properly handle indexed PNG images by re-rendering them as RGBA
2455         images before upload. Verified with this layout test and the test
2456         cases from bugs 47477 and 53269.
2457
2458         * platform/graphics/cg/GraphicsContext3DCG.cpp:
2459         (WebCore::GraphicsContext3D::getImageData):
2460
2461 2011-01-27  MORITA Hajime  <morrita@google.com>
2462
2463         Reviewed by Dimitri Glazkov.
2464         
2465         Convert <progress> shadow DOM to a DOM-based shadow.
2466         https://bugs.webkit.org/show_bug.cgi?id=50660
2467
2468         * Removed RenderProgress::m_valuePart, moved the shadow node
2469           to the shadow root of HTMLProgressElement.
2470         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
2471           ProgressBarValueElement is defined only for overriding
2472           shadowPseudoId().
2473         
2474         No new tests. No behavioral change.
2475
2476         * css/CSSSelector.cpp:
2477         (WebCore::CSSSelector::pseudoId):
2478         (WebCore::nameToPseudoTypeMap):
2479         (WebCore::CSSSelector::extractPseudoType):
2480         * css/CSSSelector.h:
2481         * html/HTMLProgressElement.cpp:
2482         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
2483         (WebCore::ProgressBarValueElement::shadowPseudoId):
2484         (WebCore::ProgressBarValueElement::create):
2485         (WebCore::HTMLProgressElement::parseMappedAttribute):
2486         (WebCore::HTMLProgressElement::attach):
2487         (WebCore::HTMLProgressElement::valuePart):
2488         (WebCore::HTMLProgressElement::didElementStateChange):
2489         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
2490         * html/HTMLProgressElement.h:
2491         * rendering/RenderProgress.cpp:
2492         (WebCore::RenderProgress::~RenderProgress):
2493         (WebCore::RenderProgress::updateFromElement):
2494         (WebCore::RenderProgress::layoutParts):
2495         (WebCore::RenderProgress::shouldHaveParts):
2496         (WebCore::RenderProgress::valuePart):
2497         * rendering/RenderProgress.h:
2498         * rendering/style/RenderStyleConstants.h:
2499
2500 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2501
2502         Reviewed by Ariya Hidayat.
2503
2504         Enhance ShadowBlur to render inset box shadows; Part 1.
2505         https://bugs.webkit.org/show_bug.cgi?id=51567
2506         
2507         Add a new method to GraphicsContext to render a rect with a rounded hole,
2508         for use by inset box-shadow code. Knowledge that we're rendering a rounded
2509         hole will enable ShadowBlur to be used here in future.
2510
2511         * platform/graphics/GraphicsContext.cpp:
2512         (WebCore::GraphicsContext::fillRectWithRoundedHole):
2513         * platform/graphics/GraphicsContext.h:
2514         * rendering/RenderBoxModelObject.cpp:
2515         (WebCore::RenderBoxModelObject::paintBoxShadow):
2516
2517 2011-01-23  MORITA Hajime  <morrita@google.com>
2518
2519         Reviewed by Eric Seidel.
2520
2521         REGRESSION: Inset shadow with too large border radius misses rounded corner.
2522         https://bugs.webkit.org/show_bug.cgi?id=52800
2523
2524         The refactoring on r76083 broke the invariant between border
2525         IntRect and its radii because RoundedIntRect::setRect() is called
2526         after getRoundedInnerBorderWithBorderWidths(), which enforces the
2527         invariant. Th rounded-rect clipping code verifies the invariant,
2528         and discard the invalid radii, that results broken paintings.
2529         
2530         This change moved setRect() before
2531         getRoundedInnerBorderWithBorderWidths() not to modify the valid
2532         RoundedIntRect value.
2533         
2534         Test: fast/box-shadow/inset-with-extraordinary-radii-and-border.html
2535
2536         * rendering/RenderBoxModelObject.cpp:
2537         (WebCore::RenderBoxModelObject::paintBoxShadow):
2538
2539 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2540
2541         Attempt to fix Windows build by adding ShadowBlur.cpp/h to the
2542         vcproj.
2543
2544         * WebCore.vcproj/WebCore.vcproj:
2545
2546 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2547
2548         Reviewed by Dan Bernstein.
2549
2550         -webkit-box-shadow causes awful scroll/resize/redraw performance
2551         https://bugs.webkit.org/show_bug.cgi?id=22102
2552         
2553         Use ShadowBlur for CG, whe rendering shadows on rects and
2554         rounded rects outside of canvas.
2555         
2556         CG shadows with a radius of more than 8px do not render
2557         correctly. We preserve this incorrect rendering by compensating
2558         for it when rending -webkit-box-shadow. Calls that should use
2559         this deprecated radius behavior now use setLegacyShadow().
2560
2561         Test: fast/box-shadow/box-shadow-transformed.html
2562         
2563         * html/canvas/CanvasRenderingContext2D.cpp: Use setLegacyShadow()
2564         for canvas, to indicate that it should use the deprecated radius
2565         behavior.
2566         (WebCore::CanvasRenderingContext2D::setAllAttributesToDefault): Ditto.
2567         (WebCore::CanvasRenderingContext2D::setShadow): Ditto.
2568         (WebCore::CanvasRenderingContext2D::applyShadow): Ditto.
2569         
2570         * platform/graphics/GraphicsContext.cpp:
2571         (WebCore::GraphicsContext::setLegacyShadow): Set the m_state.shadowsUseLegacyRadius bit.
2572         
2573         * platform/graphics/GraphicsContext.h:
2574         (WebCore::GraphicsContextState::GraphicsContextState): Add a 
2575         shadowsUseLegacyRadius bit to the state.
2576         
2577         * platform/graphics/cg/GraphicsContextCG.cpp:
2578         (WebCore::radiusToLegacyRadius): Map from the actual radius to one
2579         that approximates CG behavior.
2580         (WebCore::hasBlurredShadow): Helper that returns true if we have a shadow
2581         with a non-zero blur radius.
2582         (WebCore::GraphicsContext::fillRect): Use ShadowBlur if not canvas.
2583         (WebCore::GraphicsContext::fillRoundedRect): Ditto.
2584         (WebCore::GraphicsContext::setPlatformShadow): Comment.
2585
2586         * rendering/RenderBoxModelObject.cpp:
2587         (WebCore::RenderBoxModelObject::paintBoxShadow): Call setLegacyShadow()
2588         for -webkit-box-shadow.
2589
2590         * platform/graphics/ShadowBlur.cpp: 
2591         (WebCore::ShadowBlur::calculateLayerBoundingRect): Fix some pixel crack issues
2592         by rounding up the blur radius.
2593         (WebCore::ShadowBlur::drawRectShadow): Ditto
2594         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ditto.
2595
2596 2011-01-30  Oliver Hunt  <oliver@apple.com>
2597
2598         Try to fix Qt build (again).
2599
2600         * bridge/qt/qt_runtime.cpp:
2601         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2602         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2603
2604 2011-01-30  Oliver Hunt  <oliver@apple.com>
2605
2606         Try to fix Qt build.
2607
2608         * bridge/qt/qt_instance.cpp:
2609         (JSC::Bindings::QtInstance::QtInstance):
2610         (JSC::Bindings::QtInstance::removeCachedMethod):
2611         (JSC::Bindings::QtInstance::markAggregate):
2612         * bridge/qt/qt_instance.h:
2613
2614 2011-01-30  Oliver Hunt  <oliver@apple.com>
2615
2616         Convert markstack to a slot visitor API
2617         https://bugs.webkit.org/show_bug.cgi?id=53219
2618
2619         rolling r77006 and r77020 back in.
2620
2621         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2622         * WebCore.exp.in:
2623         * bindings/js/DOMWrapperWorld.h:
2624         (WebCore::DOMWrapperWorld::globalData):
2625         * bindings/js/JSAudioConstructor.cpp:
2626         (WebCore::JSAudioConstructor::JSAudioConstructor):
2627         * bindings/js/JSDOMBinding.cpp:
2628         (WebCore::markDOMNodesForDocument):
2629         (WebCore::markDOMObjectWrapper):
2630         (WebCore::markDOMNodeWrapper):
2631         * bindings/js/JSDOMGlobalObject.cpp:
2632         (WebCore::JSDOMGlobalObject::markChildren):
2633         (WebCore::JSDOMGlobalObject::setInjectedScript):
2634         (WebCore::JSDOMGlobalObject::injectedScript):
2635         * bindings/js/JSDOMGlobalObject.h:
2636         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2637         (WebCore::getDOMConstructor):
2638         * bindings/js/JSDOMWindowCustom.cpp:
2639         (WebCore::JSDOMWindow::setLocation):
2640         (WebCore::DialogHandler::dialogCreated):
2641         * bindings/js/JSDOMWindowShell.cpp:
2642         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2643         (WebCore::JSDOMWindowShell::setWindow):
2644         (WebCore::JSDOMWindowShell::markChildren):
2645         (WebCore::JSDOMWindowShell::unwrappedObject):
2646         * bindings/js/JSDOMWindowShell.h:
2647         (WebCore::JSDOMWindowShell::window):
2648         (WebCore::JSDOMWindowShell::setWindow):
2649         * bindings/js/JSDeviceMotionEventCustom.cpp:
2650         (WebCore::createAccelerationObject):
2651         (WebCore::createRotationRateObject):
2652         * bindings/js/JSEventListener.cpp:
2653         (WebCore::JSEventListener::JSEventListener):
2654         (WebCore::JSEventListener::markJSFunction):
2655         * bindings/js/JSEventListener.h:
2656         (WebCore::JSEventListener::jsFunction):
2657         * bindings/js/JSHTMLDocumentCustom.cpp:
2658         (WebCore::JSHTMLDocument::setAll):
2659         * bindings/js/JSImageConstructor.cpp:
2660         (WebCore::JSImageConstructor::JSImageConstructor):
2661         * bindings/js/JSImageDataCustom.cpp:
2662         (WebCore::toJS):
2663         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2664         (WebCore::JSJavaScriptCallFrame::scopeChain):
2665         (WebCore::JSJavaScriptCallFrame::scopeType):
2666         * bindings/js/JSNodeFilterCondition.cpp:
2667         (WebCore::JSNodeFilterCondition::markAggregate):
2668         (WebCore::JSNodeFilterCondition::acceptNode):
2669         * bindings/js/JSNodeFilterCondition.h:
2670         * bindings/js/JSNodeFilterCustom.cpp:
2671         * bindings/js/JSOptionConstructor.cpp:
2672         (WebCore::JSOptionConstructor::JSOptionConstructor):
2673         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2674         (WebCore::JSSQLResultSetRowList::item):
2675         * bindings/js/ScriptCachedFrameData.cpp:
2676         (WebCore::ScriptCachedFrameData::restore):
2677         * bindings/js/ScriptObject.cpp:
2678         (WebCore::ScriptGlobalObject::set):
2679         * bindings/js/SerializedScriptValue.cpp:
2680         (WebCore::CloneDeserializer::putProperty):
2681         * bindings/scripts/CodeGeneratorJS.pm:
2682         * bridge/qt/qt_runtime.cpp:
2683         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2684         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2685         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2686         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2687         * bridge/qt/qt_runtime.h:
2688         * bridge/runtime_root.cpp:
2689         (JSC::Bindings::RootObject::invalidate):
2690         * bridge/runtime_root.h:
2691         * dom/Document.h:
2692
2693 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2694
2695         Reviewed by Sam Weinig.
2696
2697         Make ContextShadow code cross-platform
2698         https://bugs.webkit.org/show_bug.cgi?id=51312
2699
2700         Add a new class, ShadowBlur, that contains most of the
2701         code from ContextShadow, but is fully cross-platform.
2702         It depends on one new method, GraphicsContext::clipBounds(),
2703         which platforms will have to implement.
2704         
2705         Add ShadowBlur to the Mac Xcode project, but don't use it
2706         anywhere yet.
2707
2708         * WebCore.xcodeproj/project.pbxproj:
2709         * platform/graphics/GraphicsContext.cpp:
2710         (WebCore::GraphicsContext::clipBounds):
2711         * platform/graphics/GraphicsContext.h:
2712         * platform/graphics/ShadowBlur.cpp: Added.
2713         (WebCore::roundUpToMultipleOf32):
2714         (WebCore::ScratchBuffer::ScratchBuffer):
2715         (WebCore::ScratchBuffer::getScratchBuffer):
2716         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
2717         (WebCore::ScratchBuffer::timerFired):
2718         (WebCore::ScratchBuffer::clearScratchBuffer):
2719         (WebCore::ScratchBuffer::shared):
2720         (WebCore::ShadowBlur::ShadowBlur):
2721         (WebCore::ShadowBlur::blurLayerImage):
2722         (WebCore::ShadowBlur::adjustBlurDistance):
2723         (WebCore::ShadowBlur::calculateLayerBoundingRect):
2724         (WebCore::ShadowBlur::beginShadowLayer):
2725         (WebCore::ShadowBlur::endShadowLayer):
2726         (WebCore::ShadowBlur::drawRectShadow):
2727         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
2728         (WebCore::ShadowBlur::drawRectShadowWithTiling):
2729         (WebCore::ShadowBlur::clipBounds):
2730         * platform/graphics/ShadowBlur.h: Added.
2731         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
2732         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
2733         * platform/graphics/cg/GraphicsContextCG.cpp:
2734         (WebCore::GraphicsContext::clipBounds):
2735
2736 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2737
2738         Reviewed by Dan Bernstein.
2739
2740         CSS3 gradients with em-based stops fail to repaint when font size changes
2741         https://bugs.webkit.org/show_bug.cgi?id=51845
2742         
2743         Mark as uncacheable gradidients whose color stops depend on font size,
2744         and don't attempt to put these into CSSImageGeneratorValue's image cache.
2745         This means we return a new gradient each time, which is fairly cheap, and
2746         fixes repaint issues under changing font size.
2747
2748         Test: fast/repaint/gradients-em-stops-repaint.html
2749
2750         * css/CSSGradientValue.cpp:
2751         (WebCore::CSSGradientValue::image):
2752         (WebCore::CSSGradientValue::isCacheable):
2753         * css/CSSGradientValue.h:
2754
2755 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2756
2757         Undo try to fix the Qt build.
2758         
2759         My guess didn't work.
2760
2761         * WebCore.pro:
2762
2763 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2764
2765         Try to fix the Qt build.
2766
2767         * WebCore.pro: Added platform/text/CharacterNames.h.
2768
2769 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2770
2771         Reviewed by Maciej Stachowiak.
2772
2773         Some more Heap cleanup.
2774         https://bugs.webkit.org/show_bug.cgi?id=53357
2775         
2776         Updated for JavaScriptCore changes.
2777
2778         * bindings/js/ScriptGCEvent.cpp:
2779         (WebCore::ScriptGCEvent::getHeapSize):
2780
2781 2011-01-29  Adam Barth  <abarth@webkit.org>
2782
2783         Reviewed by Daniel Bates.
2784
2785         Fix XSSFilter crash when extracting the source for a token twice
2786         https://bugs.webkit.org/show_bug.cgi?id=53368
2787
2788         Previously, it was unsafe to extract the source for the same token
2789         twice because the HTMLSourceTracker would advance its internal
2790         representation of the SegmentedString.  This patch introduces a cache
2791         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
2792
2793         * html/parser/HTMLSourceTracker.cpp:
2794         (WebCore::HTMLSourceTracker::end):
2795         (WebCore::HTMLSourceTracker::sourceForToken):
2796         * html/parser/HTMLSourceTracker.h:
2797
2798 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
2799
2800         Reviewed by Dan Bernstein.
2801
2802         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
2803         https://bugs.webkit.org/show_bug.cgi?id=53386
2804
2805         * platform/mac/ScrollAnimatorMac.mm:
2806         (WebCore::elasticDeltaForReboundDelta):
2807         (WebCore::scrollWheelMultiplier):
2808         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2809         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2810         (WebCore::roundTowardZero):
2811         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2812
2813 2011-01-29  Daniel Bates  <dbates@rim.com>
2814
2815         Reviewed by Maciej Stachowiak.
2816
2817         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
2818         https://bugs.webkit.org/show_bug.cgi?id=53382
2819
2820         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
2821         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
2822         Therefore, we should remove such references.
2823
2824         * CMakeLists.txt:
2825
2826 2011-01-29  Sam Weinig  <sam@webkit.org>
2827
2828         Reviewed by Jon Honeycutt.
2829
2830         Fix 32-bit build on the Mac.
2831
2832         * platform/mac/ScrollAnimatorMac.mm:
2833         (WebCore::roundTowardZero):
2834         (WebCore::roundToDevicePixelTowardZero):
2835         Use floats instead of doubles to avoid double-to-float conversion
2836         issues.
2837
2838 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2839
2840         Reviewed by Adam Barth.
2841
2842         Use clampToInteger() functions in a few places
2843         https://bugs.webkit.org/show_bug.cgi?id=53363
2844         
2845         * css/CSSStyleSelector.cpp:
2846         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
2847         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
2848         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
2849         (WebCore::PerspectiveTransformOperation::blend): Ditto.
2850
2851 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2852
2853         Reviewed by David Kilzer.
2854
2855         Move CharacterNames.h into WTF directory
2856         https://bugs.webkit.org/show_bug.cgi?id=49618
2857
2858         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
2859         * GNUmakefile.am:
2860         * WebCore.gypi:
2861         * WebCore.vcproj/WebCore.vcproj:
2862         * WebCore.xcodeproj/project.pbxproj:
2863         * accessibility/AccessibilityObject.cpp:
2864         * accessibility/AccessibilityRenderObject.cpp:
2865         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
2866         * bindings/js/JSHTMLDocumentCustom.cpp:
2867         * dom/Position.cpp:
2868         * dom/SelectElement.cpp:
2869         * editing/CompositeEditCommand.cpp:
2870         * editing/Editor.cpp:
2871         * editing/HTMLInterchange.cpp:
2872         * editing/InsertTextCommand.cpp:
2873         * editing/MarkupAccumulator.cpp:
2874         * editing/TextIterator.cpp:
2875         * editing/VisibleSelection.cpp:
2876         * editing/htmlediting.cpp:
2877         * editing/htmlediting.h:
2878         * editing/markup.cpp:
2879         * html/FTPDirectoryDocument.cpp:
2880         * html/HTMLFormControlElement.cpp:
2881         * html/parser/HTMLTreeBuilder.cpp:
2882         * loader/appcache/ManifestParser.cpp:
2883         * platform/chromium/PopupMenuChromium.cpp:
2884         * platform/graphics/Font.h:
2885         * platform/graphics/FontFastPath.cpp:
2886         * platform/graphics/GlyphPageTreeNode.cpp:
2887         * platform/graphics/StringTruncator.cpp:
2888         * platform/graphics/mac/ComplexTextController.cpp:
2889         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
2890         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2891         * platform/mac/PasteboardMac.mm:
2892         * platform/text/TextCodecICU.cpp:
2893         * platform/text/mac/TextCodecMac.cpp:
2894         * platform/text/transcoder/FontTranscoder.cpp:
2895         * rendering/RenderBlockLineLayout.cpp:
2896         * rendering/RenderFlexibleBox.cpp:
2897         * rendering/RenderListMarker.cpp:
2898         * rendering/RenderText.cpp:
2899         * rendering/RenderTextControl.cpp:
2900         * rendering/RenderTreeAsText.cpp:
2901         * rendering/break_lines.cpp:
2902         * rendering/mathml/RenderMathMLOperator.h:
2903         * websockets/WebSocketHandshake.cpp:
2904         * wml/WMLTableElement.cpp:
2905
2906 2011-01-29  Dan Winship  <danw@gnome.org>
2907
2908         Reviewed by Xan Lopez.
2909
2910         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
2911         libsoup 2.33.1 now.
2912         https://bugs.webkit.org/show_bug.cgi?id=50675
2913
2914         * platform/network/soup/CookieJarSoup.cpp:
2915         (WebCore::defaultCookieJar):
2916         (WebCore::setCookies):
2917         * platform/network/soup/ResourceHandleSoup.cpp:
2918         (WebCore::ResourceHandle::prepareForURL):
2919         (WebCore::restartedCallback):
2920         (WebCore::startHttp):
2921         * platform/network/soup/ResourceRequestSoup.cpp:
2922         (WebCore::ResourceRequest::updateSoupMessage):
2923         (WebCore::ResourceRequest::toSoupMessage):
2924         (WebCore::ResourceRequest::updateFromSoupMessage):
2925
2926 2011-01-29  Adam Barth  <abarth@webkit.org>
2927
2928         Reviewed by Daniel Bates.
2929
2930         XSSFilter should replace URLs with about:blank instead of the empty string
2931         https://bugs.webkit.org/show_bug.cgi?id=53370
2932
2933         Using the empty string will make the URL complete to the current
2934         document's URL, which isn't really what we want.  Instead, we want to
2935         use about:blank, which is safe.
2936
2937         * html/parser/XSSFilter.cpp:
2938         (WebCore::XSSFilter::filterObjectToken):
2939         (WebCore::XSSFilter::filterEmbedToken):
2940
2941 2011-01-29  Adam Barth  <abarth@webkit.org>
2942
2943         Reviewed by Daniel Bates.
2944
2945         XSSFilter should pass xssAuditor/script-tag-addslashes*
2946         https://bugs.webkit.org/show_bug.cgi?id=53365
2947
2948         We need to canonicalize strings to avoid being tricked by addslashes.
2949
2950         * html/parser/XSSFilter.cpp:
2951         (WebCore::HTMLNames::isNonCanonicalCharacter):
2952             - This function is copied from the XSSAuditor (with some tweaks).
2953               We'll eventually remove the XSSAuditor once we've got XSSFilter
2954               working properly.
2955         (WebCore::HTMLNames::canonicalize):
2956         (WebCore::HTMLNames::decodeURL):
2957         (WebCore::XSSFilter::isContainedInRequest):
2958
2959 2011-01-29  Adam Barth  <abarth@webkit.org>
2960
2961         Reviewed by Daniel Bates.
2962
2963         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
2964         and xssAuditor/script-tag-post-*
2965         https://bugs.webkit.org/show_bug.cgi?id=53364
2966
2967         We're supposed to allow loading same-origin resources even if they
2968         appear as part of the request.
2969
2970         Also, we're supposed to look at the POST data too.  :)
2971
2972         * html/parser/XSSFilter.cpp:
2973         (WebCore::XSSFilter::eraseAttributeIfInjected):
2974         (WebCore::XSSFilter::isSameOriginResource):
2975             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
2976               eventually remove the XSSAuditor version when XSSFilter is done.
2977         * html/parser/XSSFilter.h:
2978
2979 2011-01-29  Adam Barth  <abarth@webkit.org>
2980
2981         Reviewed by Daniel Bates.
2982
2983         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
2984         https://bugs.webkit.org/show_bug.cgi?id=53362
2985
2986         Turns out we need to replace the src attribute of script tags with
2987         about:blank to avoid loading the main document URL as a script.  Also,
2988         move misplaced return statement that was triggering the console message
2989         too often.
2990
2991         * html/parser/HTMLToken.h:
2992         (WebCore::HTMLToken::appendToAttributeValue):
2993         * html/parser/XSSFilter.cpp:
2994         (WebCore::XSSFilter::filterScriptToken):
2995         (WebCore::XSSFilter::eraseAttributeIfInjected):
2996         * html/parser/XSSFilter.h:
2997
2998 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
2999
3000         Downloads in WK2 on Windows should write resume data to bundle
3001         https://bugs.webkit.org/show_bug.cgi?id=53282
3002         <rdar://problem/8753077>
3003
3004         Reviewed by Alice Liu.
3005
3006         * WebCore.vcproj/WebCore.vcproj:
3007         Added new files to project.
3008
3009         * platform/network/cf/DownloadBundle.h: Added.
3010         * platform/network/win/DownloadBundleWin.cpp: Added.
3011         (WebCore::DownloadBundle::magicNumber):
3012         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
3013         it.
3014         (WebCore::DownloadBundle::fileExtension):
3015         Ditto.
3016         (WebCore::DownloadBundle::appendResumeData):
3017         Ditto - but modified to return bool rather than HRESULT and to clean up
3018         whitespace.
3019         (WebCore::DownloadBundle::extractResumeData):
3020         Ditto - modified to clean up whitespace.
3021
3022 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
3023
3024         Unreviewed, rolling out r77050.
3025         http://trac.webkit.org/changeset/77050
3026         https://bugs.webkit.org/show_bug.cgi?id=53371
3027
3028         Caused a crash in Chromium's test_shell_tests (Requested by
3029         rniwa on #webkit).
3030
3031         * html/parser/HTMLTreeBuilder.cpp:
3032         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
3033         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
3034         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
3035         * html/parser/HTMLTreeBuilder.h:
3036
3037 2011-01-28  Eric Seidel  <eric@webkit.org>
3038
3039         Reviewed by Darin Adler.
3040
3041         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
3042         https://bugs.webkit.org/show_bug.cgi?id=48719
3043
3044         It's unclear exactly what the Peacekeeper benchmark is testing,
3045         because I haven't found a way to run it myself.
3046
3047         However, I constructed a benchmark which shows at least one possible slow point.
3048         The HTML5 spec talks about creating a new document for every time we use
3049         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
3050         mess, and the constructor and destructor do a huge amount of work.
3051         To avoid constructing (or destructing) documents for each innerHTML call,
3052         this patch adds a shared dummy document used by all innerHTML calls.
3053
3054         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
3055         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
3056
3057         Saving a shared Document like this is error prone.  Currently
3058         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
3059         in an attempt to clear the Document's state. However it's possible
3060         that that call is not sufficient and we'll have future bugs here.
3061
3062         * html/parser/HTMLTreeBuilder.cpp:
3063         (WebCore::DummyDocumentFactory::createDummyDocument):
3064         (WebCore::DummyDocumentFactory::releaseDocument):
3065         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
3066         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
3067         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
3068         * html/parser/HTMLTreeBuilder.h:
3069
3070 2011-01-28  Johnny Ding  <jnd@chromium.org>
3071
3072         Reviewed by Adam Barth.
3073
3074         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
3075         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
3076         https://bugs.webkit.org/show_bug.cgi?id=53244
3077
3078         Test: fast/events/popup-blocked-from-iframe-src.html
3079
3080         * bindings/ScriptControllerBase.cpp:
3081         (WebCore::ScriptController::executeIfJavaScriptURL):
3082
3083 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
3084
3085         Reviewed by Gavin Barraclough.
3086
3087         Add various clampToInt() methods to MathExtras.h
3088         https://bugs.webkit.org/show_bug.cgi?id=52910
3089
3090         Use clampToInteger() from MathExtras.h
3091
3092         * css/CSSParser.cpp:
3093         (WebCore::CSSParser::parseCounter):
3094
3095 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3096
3097         Unreviewed, rolling out r77006 and r77020.
3098         http://trac.webkit.org/changeset/77006
3099         http://trac.webkit.org/changeset/77020
3100         https://bugs.webkit.org/show_bug.cgi?id=53360
3101
3102         "Broke Windows tests" (Requested by rniwa on #webkit).
3103
3104         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
3105         * WebCore.exp.in:
3106         * bindings/js/DOMWrapperWorld.h:
3107         * bindings/js/JSAudioConstructor.cpp:
3108         (WebCore::JSAudioConstructor::JSAudioConstructor):
3109         * bindings/js/JSDOMBinding.cpp:
3110         (WebCore::markDOMNodesForDocument):
3111         (WebCore::markDOMObjectWrapper):
3112         (WebCore::markDOMNodeWrapper):
3113         * bindings/js/JSDOMGlobalObject.cpp:
3114         (WebCore::JSDOMGlobalObject::markChildren):
3115         (WebCore::JSDOMGlobalObject::setInjectedScript):
3116         (WebCore::JSDOMGlobalObject::injectedScript):
3117         * bindings/js/JSDOMGlobalObject.h:
3118         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
3119         (WebCore::getDOMConstructor):
3120         * bindings/js/JSDOMWindowCustom.cpp:
3121         (WebCore::JSDOMWindow::setLocation):
3122         (WebCore::DialogHandler::dialogCreated):
3123         * bindings/js/JSDOMWindowShell.cpp:
3124         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
3125         (WebCore::JSDOMWindowShell::setWindow):
3126         (WebCore::JSDOMWindowShell::markChildren):
3127         (WebCore::JSDOMWindowShell::unwrappedObject):
3128         * bindings/js/JSDOMWindowShell.h:
3129         (WebCore::JSDOMWindowShell::window):
3130         (WebCore::JSDOMWindowShell::setWindow):
3131         * bindings/js/JSDeviceMotionEventCustom.cpp:
3132         (WebCore::createAccelerationObject):
3133         (WebCore::createRotationRateObject):
3134         * bindings/js/JSEventListener.cpp:
3135         (WebCore::JSEventListener::JSEventListener):
3136         (WebCore::JSEventListener::markJSFunction):
3137         * bindings/js/JSEventListener.h:
3138         (WebCore::JSEventListener::jsFunction):
3139         * bindings/js/JSHTMLDocumentCustom.cpp:
3140         (WebCore::JSHTMLDocument::setAll):
3141         * bindings/js/JSImageConstructor.cpp:
3142         (WebCore::JSImageConstructor::JSImageConstructor):
3143         * bindings/js/JSImageDataCustom.cpp:
3144         (WebCore::toJS):
3145         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
3146         (WebCore::JSJavaScriptCallFrame::scopeChain):
3147         (WebCore::JSJavaScriptCallFrame::scopeType):
3148         * bindings/js/JSNodeFilterCondition.cpp:
3149         (WebCore::JSNodeFilterCondition::markAggregate):
3150         (WebCore::JSNodeFilterCondition::acceptNode):
3151         * bindings/js/JSNodeFilterCondition.h:
3152         * bindings/js/JSNodeFilterCustom.cpp:
3153         * bindings/js/JSOptionConstructor.cpp:
3154         (WebCore::JSOptionConstructor::JSOptionConstructor):
3155         * bindings/js/JSSQLResultSetRowListCustom.cpp:
3156         (WebCore::JSSQLResultSetRowList::item):
3157         * bindings/js/ScriptCachedFrameData.cpp:
3158         (WebCore::ScriptCachedFrameData::restore):
3159         * bindings/js/ScriptObject.cpp:
3160         (WebCore::ScriptGlobalObject::set):
3161         * bindings/js/SerializedScriptValue.cpp:
3162         (WebCore::CloneDeserializer::putProperty):
3163         * bindings/scripts/CodeGeneratorJS.pm:
3164         * bridge/qt/qt_runtime.cpp:
3165         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
3166         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
3167         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
3168         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
3169         * bridge/qt/qt_runtime.h:
3170         * bridge/runtime_root.cpp:
3171         (JSC::Bindings::RootObject::invalidate):
3172         * bridge/runtime_root.h:
3173         * dom/Document.h:
3174
3175 2011-01-28  Adam Barth  <abarth@webkit.org>
3176
3177         Reviewed by Eric Seidel.
3178
3179         XSSFilter should log to the console when it blocks something
3180         https://bugs.webkit.org/show_bug.cgi?id=53354
3181
3182         This patch refactors a bunch of methods in XSSFilter to return a bool
3183         indicating whether they blocked anything.  Using this bool, we decide
3184         whether to log to the console.  We're using the same log message as the
3185         XSSAuditor, but it seems likely we can improve this message in the
3186         future (especially by piping in the correct line number, which is now
3187         accessible via the parser).
3188
3189         * html/parser/XSSFilter.cpp:
3190         (WebCore::HTMLNames::isNameOfInlineEventHandler):
3191         (WebCore::XSSFilter::filterToken):
3192         (WebCore::XSSFilter::filterTokenInitial):
3193         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
3194         (WebCore::XSSFilter::filterScriptToken):
3195         (WebCore::XSSFilter::filterObjectToken):
3196         (WebCore::XSSFilter::filterEmbedToken):
3197         (WebCore::XSSFilter::filterAppletToken):
3198         (WebCore::XSSFilter::filterMetaToken):
3199         (WebCore::XSSFilter::filterBaseToken):
3200         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
3201         * html/parser/XSSFilter.h:
3202
3203 2011-01-28  Adam Barth  <abarth@webkit.org>
3204
3205         Reviewed by Daniel Bates.
3206
3207         Wire up settings->xssAuditorEnabled to XSSFilter
3208         https://bugs.webkit.org/show_bug.cgi?id=53345
3209
3210         * html/parser/XSSFilter.cpp:
3211         (WebCore::XSSFilter::XSSFilter):
3212         (WebCore::XSSFilter::filterToken):
3213         * html/parser/XSSFilter.h:
3214
3215 2011-01-28  Adam Barth  <abarth@webkit.org>
3216
3217         Reviewed by Daniel Bates.
3218
3219         Teach XSSFilter about <meta> and <base> tags
3220         https://bugs.webkit.org/show_bug.cgi?id=53339
3221
3222         I'm not 100% sure we need to block <meta http-equiv>, but it seems
3223         prudent given how powerful that attribute is.  We definitely need to
3224         block injection of <base href> because that can redirect script tags
3225         that use relative URLs.
3226
3227         * html/parser/XSSFilter.cpp:
3228         (WebCore::XSSFilter::filterToken):
3229         (WebCore::XSSFilter::filterMetaToken):
3230         (WebCore::XSSFilter::filterBaseToken):
3231         * html/parser/XSSFilter.h:
3232
3233 2011-01-28  Adam Barth  <abarth@webkit.org>
3234
3235         Reviewed by Daniel Bates.
3236
3237         Teach XSSFilter about <applet>
3238         https://bugs.webkit.org/show_bug.cgi?id=53338
3239
3240         HTML5 is pretty light on information about how the <applet> tag works.
3241         According to this site:
3242
3243         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
3244
3245         The "code" and "object" attributes are the essential attributes for
3246         determining which piece of Java to run.  We might need to expand to the
3247         codebase and archive attributes at some point, but hopefully code and
3248         object will be sufficient.
3249
3250         * html/parser/XSSFilter.cpp:
3251         (WebCore::XSSFilter::filterToken):
3252         (WebCore::XSSFilter::filterAppletToken):
3253         * html/parser/XSSFilter.h:
3254
3255 2011-01-28  Adam Barth  <abarth@webkit.org>
3256
3257         Reviewed by Daniel Bates.
3258
3259         Teach the XSSFilter about object and embed tags
3260         https://bugs.webkit.org/show_bug.cgi?id=53336
3261
3262         For <object> and <embed>, we filter out attribute values that either
3263         indicate which piece of media to load or which plugin to load.  In a
3264         perfect world, we'd only need to filter out the URLs of the media, but
3265         some plug-ins (like Flash) have lots of fun places you can hide the
3266         URL (e.g., the "movie" <param>).
3267
3268         * html/parser/XSSFilter.cpp:
3269         (WebCore::XSSFilter::filterToken):
3270         (WebCore::XSSFilter::filterScriptToken):
3271         (WebCore::XSSFilter::filterObjectToken):
3272         (WebCore::XSSFilter::filterEmbedToken):
3273         (WebCore::XSSFilter::eraseAttributeIfInjected):
3274         * html/parser/XSSFilter.h:
3275
3276 2011-01-28  Oliver Hunt  <oliver@apple.com>
3277
3278         Fix Qt build.
3279
3280         * bridge/qt/qt_runtime.cpp:
3281         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
3282         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
3283         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
3284         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
3285         * bridge/qt/qt_runtime.h:
3286
3287 2011-01-28  Antti Koivisto  <antti@apple.com>
3288
3289         Reviewed by Simon Fraser.
3290
3291         CSS styles are shared based on uninitialized property values
3292         https://bugs.webkit.org/show_bug.cgi?id=53285
3293         
3294         Null test.
3295
3296         * dom/NamedNodeMap.cpp:
3297         (WebCore::NamedNodeMap::mappedMapsEquivalent):
3298
3299 2011-01-27  Oliver Hunt  <oliver@apple.com>
3300
3301         Reviewed by Geoffrey Garen.
3302
3303         Convert markstack to a slot visitor API
3304         https://bugs.webkit.org/show_bug.cgi?id=53219
3305
3306         Update WebCore to the new marking apis, correct bindings
3307         codegen. 
3308
3309         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
3310         * WebCore.exp.in:
3311         * bindings/js/DOMWrapperWorld.h:
3312         (WebCore::DOMWrapperWorld::globalData):
3313         * bindings/js/JSAudioConstructor.cpp:
3314         (WebCore::JSAudioConstructor::JSAudioConstructor):
3315         * bindings/js/JSDOMBinding.cpp:
3316         (WebCore::markDOMNodesForDocument):
3317         (WebCore::markDOMObjectWrapper):
3318         (WebCore::markDOMNodeWrapper):
3319         * bindings/js/JSDOMGlobalObject.cpp:
3320         (WebCore::JSDOMGlobalObject::markChildren):
3321         (WebCore::JSDOMGlobalObject::setInjectedScript):
3322         (WebCore::JSDOMGlobalObject::injectedScript):
3323         * bindings/js/JSDOMGlobalObject.h:
3324         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
3325         (WebCore::getDOMConstructor):
3326         * bindings/js/JSDOMWindowCustom.cpp:
3327         (WebCore::JSDOMWindow::setLocation):
3328         (WebCore::DialogHandler::dialogCreated):
3329         * bindings/js/JSDOMWindowShell.cpp:
3330         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
3331         (WebCore::JSDOMWindowShell::setWindow):
3332         (WebCore::JSDOMWindowShell::markChildren):
3333         (WebCore::JSDOMWindowShell::unwrappedObject):
3334         * bindings/js/JSDOMWindowShell.h:
3335         (WebCore::JSDOMWindowShell::window):
3336         (WebCore::JSDOMWindowShell::setWindow):
3337         * bindings/js/JSEventListener.cpp:
3338         (WebCore::JSEventListener::JSEventListener):
3339         (WebCore::JSEventListener::markJSFunction):
3340         * bindings/js/JSEventListener.h:
3341         (WebCore::JSEventListener::jsFunction):
3342         * bindings/js/JSHTMLDocumentCustom.cpp:
3343         (WebCore::JSHTMLDocument::setAll):
3344         * bindings/js/JSImageConstructor.cpp:
3345         (WebCore::JSImageConstructor::JSImageConstructor):
3346         * bindings/js/JSImageDataCustom.cpp:
3347         (WebCore::toJS):
3348         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
3349         (WebCore::JSJavaScriptCallFrame::scopeChain):
3350         (WebCore::JSJavaScriptCallFrame::scopeType):
3351         * bindings/js/JSNodeFilterCondition.cpp:
3352         (WebCore::JSNodeFilterCondition::markAggregate):
3353         (WebCore::JSNodeFilterCondition::acceptNode):
3354         * bindings/js/JSNodeFilterCondition.h:
3355         * bindings/js/JSNodeFilterCustom.cpp:
3356         * bindings/js/JSOptionConstructor.cpp:
3357         (WebCore::JSOptionConstructor::JSOptionConstructor):
3358         * bindings/js/JSSQLResultSetRowListCustom.cpp:
3359         (WebCore::JSSQLResultSetRowList::item):
3360         * bindings/js/ScriptCachedFrameData.cpp:
3361         (WebCore::ScriptCachedFrameData::restore):
3362         * bindings/js/ScriptObject.cpp:
3363         (WebCore::ScriptGlobalObject::set):
3364         * bindings/js/SerializedScriptValue.cpp:
3365         (WebCore::CloneDeserializer::putProperty):
3366         * bindings/scripts/CodeGeneratorJS.pm:
3367         * dom/Document.h:
3368
3369 2011-01-28  Sam Weinig  <sam@webkit.org>
3370
3371         Reviewed by Anders Carlsson.
3372
3373         Keyboard scrolling doesn’t work in WebKit2
3374         <rdar://problem/8909672>
3375
3376         * platform/mac/ScrollAnimatorMac.mm:
3377         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
3378         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
3379         Add additional necessary delegate methods.
3380
3381 2011-01-29  Darin Adler  <darin@apple.com>
3382
3383         Reviewed by Dan Bernstein.
3384
3385         Re-land this patch with the missing null check that caused crashes in layout tests.
3386
3387         Changing cursor style has no effect until the mouse moves
3388         https://bugs.webkit.org/show_bug.cgi?id=14344
3389         rdar://problem/7563712
3390
3391         No tests added because we don't have infrastructure for testing actual cursor
3392         changes (as opposed to cursor style computation) at this time. We might add it later.
3393
3394         * page/EventHandler.cpp:
3395         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
3396         * page/EventHandler.h: Ditto.
3397
3398         * rendering/RenderObject.cpp:
3399         (WebCore::areNonIdenticalCursorListsEqual): Added.
3400         (WebCore::areCursorsEqual): Added.
3401         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
3402         cursor styles changed.
3403
3404 2011-01-28  Justin Schuh  <jschuh@chromium.org>
3405
3406         Reviewed by Eric Seidel.
3407
3408         We should hold RefPtrs to SVG font faces
3409         https://bugs.webkit.org/show_bug.cgi?id=53270
3410
3411         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
3412
3413         * css/CSSFontFaceSource.cpp:
3414         (WebCore::CSSFontFaceSource::getFontData):
3415         * css/CSSFontFaceSource.h:
3416         * svg/SVGFontFaceElement.cpp:
3417         (WebCore::SVGFontFaceElement::associatedFontElement):
3418         * svg/SVGFontFaceElement.h:
3419
3420 2011-01-28  Zhenyao Mo  <zmo@google.com>
3421
3422         Reviewed by Kenneth Russell.
3423
3424         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
3425         https://bugs.webkit.org/show_bug.cgi?id=53306
3426
3427         * html/canvas/WebGLRenderingContext.cpp:
3428         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
3429
3430 2011-01-28  Tom Sepez  <tsepez@chromium.org>
3431
3432         Reviewed by Eric Seidel.
3433
3434         NULL pointer crash in TextIterator::handleTextBox()
3435         https://bugs.webkit.org/show_bug.cgi?id=53267
3436
3437         Test: fast/css/rtl-nth-child-first-letter-crash.html
3438
3439         * editing/TextIterator.cpp:
3440         (WebCore::TextIterator::handleTextBox):
3441
3442 2011-01-28  Adrienne Walker  <enne@google.com>
3443
3444         Reviewed by Kenneth Russell.
3445
3446         [chromium] Remove a spurious diagnostic CRASH check.
3447         https://bugs.webkit.org/show_bug.cgi?id=52379
3448
3449         * platform/graphics/chromium/LayerTilerChromium.cpp:
3450         (WebCore::LayerTilerChromium::invalidateRect):
3451
3452 2011-01-28  Dan Bernstein  <mitz@apple.com>
3453
3454         Reviewed by Sam Weinig.
3455
3456         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
3457         https://bugs.webkit.org/show_bug.cgi?id=19785
3458
3459         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
3460         direction corresponding to the writing direction of the <select> element, with the checkmarks
3461         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
3462         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
3463         which returns true for this pop-up behavior.
3464
3465         * loader/EmptyClients.h:
3466         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
3467         * manual-tests/pop-up-alignment-and-direction.html: Added.
3468         * page/Chrome.cpp:
3469         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
3470         client.
3471         * page/Chrome.h:
3472         * page/ChromeClient.h:
3473         * platform/PopupMenuStyle.h:
3474         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
3475         variable initialization.
3476         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
3477         * platform/mac/PopupMenuMac.mm:
3478         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
3479         to match the menu's writing direction. Set items' writing direction and direction override
3480         according to their styles.
3481         * rendering/RenderMenuList.cpp:
3482         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
3483         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
3484         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
3485         item's writing direction and override setting.
3486         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
3487         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
3488         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
3489         * rendering/RenderMenuList.h:
3490         * rendering/RenderTextControlSingleLine.cpp:
3491         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
3492
3493 2011-01-28  Adam Barth  <abarth@webkit.org>
3494
3495         Reviewed by Daniel Bates.
3496
3497         Teach XSSFilter how to filter <script> elements
3498         https://bugs.webkit.org/show_bug.cgi?id=53279
3499
3500         This patch adds the ability for the XSSFilter to block injected
3501         <script> elements.  Handling script elements is slightly subtle because
3502         these elements act very differently depending on whether they have a
3503         src attribute.
3504         
3505         In the "src case", which check whether the src attribute was present in
3506         the request.  In the "non-src case", we check whether the start tag and
3507         the body of the script element was included in the request.  Checking
3508         for the whole start tag means we miss out on some attribute splitting
3509         attacks inside of script tags, but that doesn't seem like that big a
3510         deal.
3511
3512         This patch also introduces some amount of state into the XSSFilter
3513         because inline script elements span multiple tokens.  There's a lot of
3514         tuning and optimization left in these cases, some of which I've noted
3515         with FIXMEs.
3516
3517         To test this patch, I played around with some of the existing
3518         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
3519         systematically in the future.
3520
3521         * html/parser/HTMLToken.h:
3522         (WebCore::HTMLToken::eraseCharacters):
3523         (WebCore::HTMLToken::eraseValueOfAttribute):
3524         * html/parser/XSSFilter.cpp:
3525         (WebCore::HTMLNames::hasName):
3526         (WebCore::HTMLNames::findAttributeWithName):
3527         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
3528         (WebCore::XSSFilter::XSSFilter):
3529         (WebCore::XSSFilter::filterToken):
3530         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
3531         (WebCore::XSSFilter::filterScriptToken):
3532         (WebCore::XSSFilter::snippetForRange):
3533         (WebCore::XSSFilter::snippetForAttribute):
3534         * html/parser/XSSFilter.h:
3535
3536 2011-01-28  Adam Barth  <abarth@webkit.org>
3537
3538         Reviewed by Daniel Bates.
3539
3540         Sketch out new XSS filter design (disabled by default)
3541         https://bugs.webkit.org/show_bug.cgi?id=53205
3542
3543         This patch adds a basic sketch of the new XSS filter design.  Rather
3544         than watching scripts as they execute, in this design, we watch tokens
3545         emitted by the tokenizer.  We then map the tokens directly back into
3546         input characters, which lets us skip all the complicated logic related
3547         to HTML entities and double-decoding of JavaScript URLs.
3548
3549         This patch contains only the bare essentially machinery.  I'll add more
3550         in future patches and eventually remove the previous code once this
3551         code is up and running correctly.
3552
3553         * Android.mk:
3554         * CMakeLists.txt:
3555         * GNUmakefile.am:
3556         * WebCore.gypi:
3557         * WebCore.pro:
3558         * WebCore.vcproj/WebCore.vcproj:
3559         * WebCore.xcodeproj/project.pbxproj:
3560         * html/parser/HTMLDocumentParser.cpp:
3561         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
3562         (WebCore::HTMLDocumentParser::pumpTokenizer):
3563         (WebCore::HTMLDocumentParser::sourceForToken):
3564         * html/parser/HTMLDocumentParser.h:
3565         * html/parser/XSSFilter.cpp: Added.
3566         * html/parser/XSSFilter.h: Added.
3567
3568 2011-01-28  Michael Saboff  <msaboff@apple.com>
3569
3570         Reviewed by Geoffrey Garen.
3571
3572         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3573         https://bugs.webkit.org/show_bug.cgi?id=53271