bef1534177a184c054f5222732eeb3b45059736e
[WebKit.git] / Source / WebCore / ChangeLog
1 2011-02-03  Maciej Stachowiak  <mjs@apple.com>
2
3         Reviewed by Dan Bernstein.
4
5         WebKit2: Need WebKit2 equivalent of WebResourceLoadDelegate::willSendRequest in the Bundle
6         https://bugs.webkit.org/show_bug.cgi?id=52897
7         <rdar://problem/8898294>
8
9         * WebCore.exp.in: Add export now needed by WebKit2
10
11 2011-02-03  Victoria Kirst  <vrk@google.com>
12
13         Reviewed by James Robinson.
14
15         Replaces float literals with uniform values in shader code
16         so that buggy drivers unable to parse float values in different
17         locales will not produce a pink video.
18
19         [chromium] Fix pink video bug with gpu-acceleration enabled
20         https://bugs.webkit.org/show_bug.cgi?id=53568
21
22         * platform/graphics/chromium/VideoLayerChromium.cpp:
23         (WebCore::VideoLayerChromium::SharedValues::SharedValues):
24         (WebCore::VideoLayerChromium::drawYUV):
25         * platform/graphics/chromium/VideoLayerChromium.h:
26         (WebCore::VideoLayerChromium::SharedValues::signAdjLocation):
27
28 2011-02-03  James Kozianski  <koz@chromium.org>
29
30         Reviewed by Dimitri Glazkov.
31
32         Add navigator.registerProtocolHandler behind a flag.
33         https://bugs.webkit.org/show_bug.cgi?id=52609
34
35         This method is described in the HTML5 specification here,
36         http://dev.w3.org/html5/spec/Overview.html#dom-navigator-registerprotocolhandler
37
38         This change is largely cribbed from B. Green's 29651 patches. It is
39         behind a flag so as not to break JS feature detection.
40
41         New layout test fast/dom/registerProtocolHandler.html.
42
43         * Configurations/FeatureDefines.xcconfig:
44         * loader/EmptyClients.h:
45         (WebCore::EmptyChromeClient::registerProtocolHandler):
46         * page/Chrome.cpp:
47         (WebCore::Chrome::registerProtocolHandler):
48         * page/Chrome.h:
49         * page/ChromeClient.h:
50         * page/Navigator.cpp:
51         (WebCore::verifyCustomHandlerURL):
52         (WebCore::verifyProtocolHandlerScheme):
53         (WebCore::Navigator::registerProtocolHandler):
54         * page/Navigator.h:
55         * page/Navigator.idl:
56
57 2011-02-03  Brian Ryner  <bryner@chromium.org>
58
59         Reviewed by Darin Fisher.
60
61         Add a field to the ResourceResponse for tracking the socket address
62         of the host that the resource was fetched from.  Patch was originally
63         by Paul Marks.
64         https://bugs.webkit.org/show_bug.cgi?id=53699
65
66         * platform/network/chromium/ResourceResponse.cpp:
67         (WebCore::ResourceResponse::doPlatformCopyData):
68         (WebCore::ResourceResponse::doPlatformAdopt):
69         * platform/network/chromium/ResourceResponse.h:
70         (WebCore::ResourceResponse::socketAddress):
71         (WebCore::ResourceResponse::setSocketAddress):
72
73 2011-02-03  Adam Langley  <agl@chromium.org>
74
75         Reviewed by Adam Barth.
76
77         Plumb mixed script URL to FrameLoaderClient
78         https://bugs.webkit.org/show_bug.cgi?id=52384
79
80         Regressions covered by http/tests/security/mixedContent/*
81
82         * loader/EmptyClients.h:
83         (WebCore::EmptyFrameLoaderClient::didRunInsecureContent):
84         * loader/FrameLoader.cpp:
85         (WebCore::FrameLoader::checkIfRunInsecureContent):
86         * loader/FrameLoaderClient.h:
87
88 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
89
90         Reviewed by Dan Bernstein.
91
92         REGRESSION: Artifacts on box-shadow corners in some cases
93         https://bugs.webkit.org/show_bug.cgi?id=53731
94
95         Fix overdrawing artifacts in ShadowBlur's tiling code path,
96         which show up in shadows using a color with alpha.
97         
98         Test: fast/box-shadow/shadow-tiling-artifact.html
99
100         * platform/graphics/ShadowBlur.cpp:
101         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ensure
102         that the inner rect that gets filled does not overlap with any
103         of the eight tiled areas by having the corner and side dimensions
104         be the same for contiguous areas.
105
106 2011-02-03  Adam Barth  <abarth@webkit.org>
107
108         Reviewed by Alexey Proskuryakov.
109
110         XSS Auditor is spinning inside decodeURLEscapeSequences() if there are
111         percent signs in large posted data
112         https://bugs.webkit.org/show_bug.cgi?id=53405
113
114         If the input string contains many non-% characters followed by a %
115         character that is not a valid URL escape sequence, then the old
116         algorithm would only advance the initial search by one character
117         (instead of jumping to just after the % character).  That would cause
118         the algorithm to take N^2 time (in the number of characters before the
119         first % character).  This patch just advances the search past the first
120         % character so we can start looking for next % character sooner.
121
122         * platform/KURL.cpp:
123         (WebCore::decodeURLEscapeSequences):
124
125 2011-02-03  Pavel Podivilov  <podivilov@chromium.org>
126
127         Reviewed by Pavel Feldman.
128
129         Web Inspector: click on a breakpoint highlights wrong line in source frame.
130         https://bugs.webkit.org/show_bug.cgi?id=53692
131
132         * inspector/front-end/BreakpointsSidebarPane.js:
133         (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._setupBreakpointElement):
134
135 2011-02-03  Anton Muhin  <antonm@chromium.org>
136
137         Reviewed by Adam Barth.
138
139         [v8] Bail out if to string conversion returned empty handle
140         https://bugs.webkit.org/show_bug.cgi?id=53687
141
142         This a temporary measure: actually one probably should never get empty handle
143         if there was no exception.  The root cause is under investigation.
144         The bailout though allows Chromium not to crash---attempt to convert an empty
145         v8 hande into WebCore string crashes with invalid memory access.
146
147         See http://code.google.com/p/chromium/issues/detail?id=71544
148
149         There is no known reduction expressible as a layout test so far.  The crash found with automated testing tools.
150
151         * bindings/v8/V8Binding.cpp:
152         (WebCore::v8NonStringValueToWebCoreString): Bail out on empty handle
153         * bindings/v8/V8Binding.h:
154         (WebCore::V8ParameterBase::prepareBase): Ditto
155
156 2011-02-03  Adam Barth  <abarth@webkit.org>
157
158         Attempt to fix Chromium build.
159
160         * html/parser/XSSFilter.cpp:
161
162 2011-02-03  Dirk Pranke  <dpranke@chromium.org>
163
164         Unreviewed, rolling out r77562.
165         http://trac.webkit.org/changeset/77562
166         https://bugs.webkit.org/show_bug.cgi?id=53630
167
168         broke chromium mac build
169
170         * WebCore.gyp/WebCore.gyp:
171         * WebCore.gyp/mac/check_objc_rename.sh: Removed.
172
173 2011-02-03  Adam Barth  <abarth@webkit.org>
174
175         Reviewed by Daniel Bates.
176
177         XSS Auditor severely affects loading performance after submitting a large form
178         https://bugs.webkit.org/show_bug.cgi?id=49845
179
180         Switch over from the XSSAuditor to the XSSFilter, improving performance
181         on this example.
182
183         * html/parser/XSSFilter.cpp:
184         (WebCore::XSSFilter::filterToken):
185         * page/XSSAuditor.cpp:
186         (WebCore::XSSAuditor::isEnabled):
187
188 2011-02-03  Dirk Pranke  <dpranke@chromium.org>
189
190         Unreviewed, rolling out r77567.
191         http://trac.webkit.org/changeset/77567
192         https://bugs.webkit.org/show_bug.cgi?id=53468
193
194         broke chromium linux svg, canvas tests, possibly win also?
195
196         * platform/graphics/skia/ImageBufferSkia.cpp:
197         (WebCore::getImageData):
198         (WebCore::ImageBuffer::getUnmultipliedImageData):
199         (WebCore::ImageBuffer::getPremultipliedImageData):
200         (WebCore::putImageData):
201         (WebCore::ImageBuffer::putUnmultipliedImageData):
202         (WebCore::ImageBuffer::putPremultipliedImageData):
203
204 2011-02-02  MORITA Hajime  <morrita@google.com>
205
206         Reviewed by Dimitri Glazkov.
207
208         Refactoring: <progress> should not use ShadowElement
209         https://bugs.webkit.org/show_bug.cgi?id=53583
210
211         - Introduced RenderIndicatorPart and RenderProgressBarValuePart
212           to be responsible for bar-part layout,
213           which adopted layout logic from ShadowBlockElement.
214         - ProgressBarValueElement is no longer a subclass of ShadowBlockElement.
215         - Remove dependency from RenderProgress to HTMLProgressElement and
216           ShadowBlockElement.
217         - The shadow tree is no longer removed on detach(). It becomes persistent.
218           This is now possible because the ShadowBlockElement dependency is gone.
219         - ::-webkit-appearance for -webkit-progress-bar-value is no longer referred.
220           That didn't make sense.
221
222         * html/HTMLProgressElement.cpp:
223         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
224         * html/HTMLProgressElement.h:
225         * html/shadow/ProgressBarValueElement.h: Added.
226         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
227         (WebCore::ProgressBarValueElement::shadowPseudoId):
228         (WebCore::ProgressBarValueElement::createRenderer):
229         (WebCore::ProgressBarValueElement::create):
230         * rendering/RenderIndicator.cpp:
231         (WebCore::RenderIndicatorPart::RenderIndicatorPart):
232         (WebCore::RenderIndicatorPart::~RenderIndicatorPart):
233         (WebCore::RenderIndicatorPart::layout):
234         (WebCore::RenderIndicatorPart::styleDidChange):
235         * rendering/RenderIndicator.h: Added RenderIndicatorPart class
236         (WebCore::RenderIndicatorPart::originalVisibility):
237         (WebCore::RenderIndicatorPart::requiresForcedStyleRecalcPropagation):
238         (WebCore::RenderIndicatorPart::canHaveChildren):
239         * rendering/RenderProgress.cpp:
240         (WebCore::RenderProgressBarValuePart::preferredFrameRect):
241         (WebCore::RenderProgressBarValuePart::shouldBeHidden):
242         (WebCore::RenderProgress::updateFromElement):
243         (WebCore::RenderProgress::layoutParts):
244         (WebCore::RenderProgress::shouldHaveParts):
245         * rendering/RenderProgress.h:
246         (WebCore::RenderProgressBarValuePart::RenderProgressBarValuePart):
247
248 2011-02-03  Jia Pu  <jpu@apple.com>
249
250         Reversion should not be marked as misspelled.
251         https://bugs.webkit.org/show_bug.cgi?id=53255
252
253         This patch includes fix for reported bug, and also some housekeeping changes.
254
255         To implement desired behavior, we need:
256         1. Add a new marker type, SpellCheckingExemption, since now we distingusish between text
257            that shouldn't be spellchecked and text shouldn't be autocorrected.
258         2. Make sure that there is no pending correction panel when we enter markAllMisspellingsAndBadGrammarInRanges().
259            Otherwise the spell checking code in that function may interfere with autocorrection. This
260            is achieved by explicitly applying pending correction when user types space, line break or
261            paragraph break.
262
263         Housekeeping code changes include:
264         1. Change manual-tests that were broken by relocated WebCore directory.
265         2. Use TextIterator in various DocumentMarkerController functions instead of using
266            Node::traverseNextNode() directly.
267         3. Allow passing multiple marker types into DocumentMarkerController::removeMarkers() and
268            DocumentMarkerController::hasMarkers() to improve clarity and efficiency.
269         4. Fixes of minor bugs that were exposed previously.
270
271         * WebCore.exp.in: Change signature of DocumentMarkerController::removeMarkers().
272
273         * dom/DocumentMarker.h: Added new marker type SpellCheckingExemption.
274
275         * dom/DocumentMarkerController.cpp:
276         (WebCore::DocumentMarkerController::removeMarkers): Use TextIterator to scan the range to be
277            consistent with addMarker() function. Allow passing in multiple marker types in one call.
278            Added a boolean argument to specify the behavior when removing markers that partially
279            overlap the specified range.
280         (WebCore::DocumentMarkerController::removeMarkersFromMarkerMapVectorPair): Allow passing in
281            multiple marker types in one call.
282         (WebCore::DocumentMarkerController::hasMarkers): Use TextIterator to scan the range to be
283            consistent with addMarker() function. Allow passing in multiple marker types in one call.
284
285         * dom/DocumentMarkerController.h: Allow passing in multiple marker types to removeMarkers()
286            and hasMarkers(). Added a boolean argument to removeMarkers() to specify the behavior when
287            removing markers that partially overlap the specified range.
288
289         * editing/Editor.cpp:
290         (WebCore::markerTypesForAutocorrection): Add SpellCheckingExemption marker when apply correction.
291         (WebCore::markerTypesForReplacement): Ditto.
292         (WebCore::Editor::respondToChangedSelection): Reordered call to dismissCorrectionPanel() and
293            setSelection() to make sure there is no pending correction when entering
294            markAllMisspellingsAndBadGrammarInRanges().
295         (WebCore::Editor::appliedEditing): Only remove CorrectionIndicator markers when the command
296            is a top level command to improve efficiency.
297         (WebCore::Editor::insertTextWithoutSendingTextEvent): Added code to applying pending correction.
298         (WebCore::Editor::insertLineBreak): Ditto.
299         (WebCore::Editor::insertParagraphSeparator): Ditto.
300         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges): Don't mark mispelling if the
301            text carries SpellCheckingExemption marker.
302         (WebCore::Editor::correctionPanelTimerFired): Reset correction panel if the returned suggestion
303            from spellchecker is an empty string.
304         (WebCore::Editor::removeSpellAndCorrectionMarkersFromWordsToBeEdited):
305            Use new DocumentMarkerController::removeMarkers() to replace custom implemenation to improve
306            efficiency and readability.
307         (WebCore::Editor::applyCorrectionPanelInfo): Remove the code that set caret position after
308            applying correction, since it's unnecessary. Also, store pre-correction string together with
309            the marker for reversion panel to use.
310         (WebCore::Editor::applyAutocorrectionBeforeTypingIfAppropriate): Apply pending correction.
311         (WebCore::Editor::changeSelectionAfterCommand): Moved marker removal code to Editor::appliedEditing()
312            where we have access to EditCommand object.
313
314         * editing/Editor.h: Added new function applyAutocorrectionAfterTypingIfAppropriate().
315
316         * manual-tests/autocorrection/autocorrection-cancelled-by-ESC.html: Change manual-tests that
317            were broken by relocated WebCore directory.
318
319         * manual-tests/autocorrection/autocorrection-cancelled-by-typing-1.html: Ditto.
320
321         * manual-tests/autocorrection/autocorrection-contraction.html: Ditto.
322
323         * manual-tests/autocorrection/continue-typing-to-dismiss-reversion.html: Ditto.
324
325         * manual-tests/autocorrection/delete-to-dismiss-reversion.html: Ditto.
326
327         * manual-tests/autocorrection/delete-to-end-of-word-to-show-reversion.html: Ditto.
328
329         * manual-tests/autocorrection/dismiss-multiple-guesses.html: Ditto.
330
331         * manual-tests/autocorrection/move-to-end-of-word-to-show-reversion.html: Ditto.
332
333         * manual-tests/autocorrection/select-from-multiple-guesses.html: Ditto.
334
335         * manual-tests/autocorrection/spell-checking-after-reversion.html: Added.
336
337         * manual-tests/autocorrection/type-whitespace-to-dismiss-reversion.html: Change manual-tests that
338            were broken by relocated WebCore directory.
339
340         * rendering/InlineTextBox.cpp:
341         (WebCore::InlineTextBox::paintDocumentMarkers): Code clean-up to be more concise.
342
343 2011-02-03  Abhishek Arya  <inferno@chromium.org>
344
345         Unreviewed, qt build fix.
346
347         * rendering/RenderBlock.cpp:
348         (WebCore::RenderBlock::removeFloatingObject):
349
350 2011-02-03  Brian Salomon  <bsalomon@google.com>
351
352         Reviewed by James Robinson.
353
354         Handle non-raster backed images in getUnmultipliedImageData()
355         https://bugs.webkit.org/show_bug.cgi?id=53468
356
357         No new tests. Existing canvas tests sufficient
358         LayoutTests/canvas/philip/...
359
360         * platform/graphics/skia/ImageBufferSkia.cpp:
361         (WebCore::getImageData):
362         (WebCore::ImageBuffer::getUnmultipliedImageData):
363         (WebCore::ImageBuffer::getPremultipliedImageData):
364         (WebCore::putImageData):
365         (WebCore::ImageBuffer::putUnmultipliedImageData):
366         (WebCore::ImageBuffer::putPremultipliedImageData):
367
368 2011-02-03  Abhishek Arya  <inferno@chromium.org>
369
370         Reviewed by James Robinson.
371
372         Enforce more limits on root inline boxes height calculations.
373         https://bugs.webkit.org/show_bug.cgi?id=53729
374
375         Test: fast/overflow/overflow-height-float-not-removed-crash.html
376
377         * rendering/RenderBlock.cpp:
378         (WebCore::RenderBlock::removeFloatingObject): prevent logicalBottom to
379         become negative when logicalTop is INT_MAX.
380         (WebCore::RenderBlock::markLinesDirtyInBlockRange): when logicalBottom
381         is INT_MAX, we should dirty everything. So, we bail out to make
382         afterLowest equal to the lastRootBox() or lowestDirstLine.
383
384 2011-02-03  David Levin  <levin@chromium.org>
385
386         Reviewed by Adam Barth and Oliver Hunt.
387
388         Worker.importScript() should clean errors for cross origin imports.
389         https://bugs.webkit.org/show_bug.cgi?id=52871
390
391         Test: http/tests/workers/worker-importScriptsOnError.html
392
393         * bindings/js/WorkerScriptController.cpp:
394         (WebCore::WorkerScriptController::evaluate): Use sanitizeScriptError
395         to determine when to create a clean exception.
396         * bindings/v8/WorkerContextExecutionProxy.cpp:
397         (WebCore::WorkerContextExecutionProxy::evaluate): Ditto.
398         * dom/ScriptExecutionContext.cpp:
399         (WebCore::ScriptExecutionContext::sanitizeScriptError): Figure out
400         if the error needs to be cleaned up.
401         (WebCore::ScriptExecutionContext::dispatchErrorEvent): Extracted
402         sanitizeScriptError for use by other places.
403         * dom/ScriptExecutionContext.h:
404         * workers/WorkerContext.cpp:
405         (WebCore::WorkerContext::importScripts): Use the reponse url when
406         telling the evaluate where the script came fro.
407         * workers/WorkerScriptLoader.cpp:
408         (WebCore::WorkerScriptLoader::responseURL): Expose the url that
409         the script was loaded from (which may be different from url() due
410         to redirects).
411         (WebCore::WorkerScriptLoader::didReceiveResponse): Capture the reponse url.
412         * workers/WorkerScriptLoader.h:
413
414 2011-02-03  Mark Mentovai  <mark@chromium.org>
415
416         Reviewed by Dimitri Glazkov.
417
418         Chromium GYP build fix.
419
420         When various settings were moved to webcore_prerequisites in r66364,
421         things that should have been direct_dependent_settings were not marked
422         as such. GYP 'defines', for example, make no sense on a 'none'-type
423         target such as webcore_prerequisites. It appears that it was intended
424         for these settings to be pushed to direct dependents, which would make
425         direct_dependent_settings correct.
426
427         Losing the ChromiumWebCoreObjC defines on the Mac, for example, caused
428         http://crbug.com/71537, which at best causes Mac console log spew, and
429         at worst may result in Chromium's copy of WebCore using system
430         definitions of certain Objective-C classes at runtime, or vice-versa.
431
432         The build now includes a postbuild step to prevent
433         http://crbug.com/71537 from regressing again. The build will fail upon
434         regression.
435
436         https://bugs.webkit.org/show_bug.cgi?id=53630
437
438         * WebCore.gyp/WebCore.gyp: Move things in webcore_prerequisites into
439           direct_dependent_settings as needed, add the check_objc_rename
440           postbuild step.
441         * WebCore.gyp/mac/check_objc_rename.sh: Added.
442
443 2011-02-03  Adam Barth  <abarth@webkit.org>
444
445         Reviewed by Eric Seidel.
446
447         Make XSSFilter go fast by adding a SuffixTree
448         https://bugs.webkit.org/show_bug.cgi?id=53665
449
450         The SuffixTree lets us quickly reject snippets if the POST data is
451         large (because we can avoid a linear scan over the POST data).
452
453         * html/parser/XSSFilter.cpp:
454         (WebCore::XSSFilter::init):
455         (WebCore::XSSFilter::isContainedInRequest):
456         * html/parser/XSSFilter.h:
457
458 2011-02-03  Mihai Parparita  <mihaip@chromium.org>
459
460         Reviewed by Alexey Proskuryakov.
461
462         REGRESSION (r77355): Page cache layout tests crash
463         https://bugs.webkit.org/show_bug.cgi?id=53648
464
465         Test: fast/events/pagehide-timeout.html
466         
467         Suspend active DOM objects after all pagehide event handlers have run,
468         otherwise it's possible for them to create more objects that weren't
469         getting suspended.
470
471         * history/CachedFrame.cpp:
472         (WebCore::CachedFrame::CachedFrame):
473
474 2011-02-03  Jeremy Orlow  <jorlow@chromium.org>
475
476         Reviewed by Nate Chapin.
477
478         SerializedScriptValue should not require v8 to create undefined and null values
479         https://bugs.webkit.org/show_bug.cgi?id=53730
480
481         Instead of creating a v8 type and passing that into the constructor, just use
482         the writer class directly. While I was at it, I cleaned up the code a bit too
483         by getting rid of the WireData/StringValue enum as I found that personally
484         confusing.
485
486         This is necessary because these methods are called by IndexedDB in the browser
487         process where v8 is not spun up.
488
489         No functionality changed and not possible to test.
490
491         * bindings/v8/SerializedScriptValue.cpp:
492         (WebCore::SerializedScriptValue::createFromWire):
493         (WebCore::SerializedScriptValue::create):
494         (WebCore::SerializedScriptValue::nullValue):
495         (WebCore::SerializedScriptValue::undefinedValue):
496         (WebCore::SerializedScriptValue::release):
497         (WebCore::SerializedScriptValue::SerializedScriptValue):
498         * bindings/v8/SerializedScriptValue.h:
499
500 2011-02-03  Beth Dakin  <bdakin@apple.com>
501
502         Reviewed by Sam Weinig.
503
504         Fix for <rdar://problem/8944544> Ability to animate track
505         for WKPainter scrollers
506
507         Two new WebKitSystemInterface functions.
508         * WebCore.exp.in:
509         * platform/mac/WebCoreSystemInterface.h:
510         * platform/mac/WebCoreSystemInterface.mm:
511
512         Use Scrollbar::convertFromContainingView() to return the right point.
513         * platform/mac/ScrollAnimatorMac.mm:
514         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
515         
516         ScrollKnobAnimation is now ScrollbarPartAnimation. It can
517         now be used to animate the knob or the track.
518         (-[ScrollbarPartAnimation initWithScrollbarPainter:part:WebCore::scrollAnimator:WebCore::animateAlphaTo:duration:]):
519         (-[ScrollbarPartAnimation setCurrentProgress:]):
520         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:part:WebCore::animateAlphaTo:duration:]):
521         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
522         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
523
524         Scrollbars need invalodating after the overlay state changes. 
525         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
526
527 2011-02-03  Sam Weinig  <sam@webkit.org>
528
529         Reviewed by Beth Dakin.
530
531         Scroll thumb jumps to top when resizing horizontally.
532
533         * platform/ScrollView.cpp:
534         (WebCore::ScrollView::updateScrollbars): Add call to update
535         the scrollbar's offset in the case where we may have created
536         a new scrollbar but have not changed the current position.
537
538 2011-02-03  Justin Schuh  <jschuh@chromium.org>
539
540         Reviewed by Dirk Schulze.
541
542         startAnimations should use a local, RefCounted Vector.
543         https://bugs.webkit.org/show_bug.cgi?id=53458
544
545         Test: svg/custom/use-animation-in-fill.html
546
547         * svg/SVGDocumentExtensions.cpp:
548         (WebCore::SVGDocumentExtensions::startAnimations):
549
550 2011-02-03  Adam Barth  <abarth@webkit.org>
551
552         Reviewed by Daniel Bates.
553
554         XSSFilter shouldn't bother to analyze pages without "injection"
555         characters in the request
556         https://bugs.webkit.org/show_bug.cgi?id=53664
557
558         If the request lacks these "injection" characters, then it's unlikely
559         that there's a reflective XSS attack happening.  This hueristic lets us
560         avoid analyzing the vast majority of responses for XSS.  Of course, the
561         hueristic isn't perfect.  Because of this huerstic, we miss out on
562         injections into unquoted attributes.  However, it's a trade-off that's
563         worked well in the XSSAuditor.
564
565         * html/parser/XSSFilter.cpp:
566         (WebCore::HTMLNames::isRequiredForInjection):
567         (WebCore::XSSFilter::XSSFilter):
568         (WebCore::XSSFilter::init):
569         (WebCore::XSSFilter::filterToken):
570         (WebCore::XSSFilter::isContainedInRequest):
571         * html/parser/XSSFilter.h:
572
573 2011-02-03  Vangelis Kokkevis  <vangelis@chromium.org>
574
575         Reviewed by Kenneth Russell.
576
577         [chromium] Fixing a compositor crash occurring on layers
578         without an associated RenderSurface.
579         https://bugs.webkit.org/show_bug.cgi?id=53679
580         Regression was introduced by in r77425 
581
582         Test: http://webkit.org/blog/386/3d-transforms/ doesn't crash
583         anymore.
584
585         * platform/graphics/chromium/LayerRendererChromium.cpp:
586         (WebCore::LayerRendererChromium::drawLayer):
587
588 2011-02-03  Dan Bernstein  <mitz@apple.com>
589
590         Reviewed by Anders Carlsson.
591
592         <rdar://problem/8948788> Text emphasis marks have wrong orientation for vertical text
593         https://bugs.webkit.org/show_bug.cgi?id=53709
594
595         Covered by rendering of fast/text/emphasis-vertical.html
596
597         * platform/graphics/mac/SimpleFontDataMac.mm:
598         (WebCore::SimpleFontData::scaledFontData): Give the scaled font the same orientation this font
599         has.
600
601 2011-02-02  Levi Weintraub  <leviw@chromium.org>
602
603         Reviewed by Ryosuke Niwa.
604
605         Moving cursor down in table cycles at the end of a row
606         https://bugs.webkit.org/show_bug.cgi?id=50012
607
608         Avoids a caret cycling issue with certain content (e.g. tables) found at the very
609         end of a document due to a bug in nextLeafWithSameEditability.
610
611         Test: editing/selection/move-by-line-cycles-in-table.html
612
613         * editing/visible_units.cpp:
614         (WebCore::nextLeafWithSameEditability): Properly avoid descending back into the
615         original leaf node.
616
617 2011-02-03  Pavel Podivilov  <podivilov@chromium.org>
618
619         Reviewed by Pavel Feldman.
620
621         Web Inspector: remove dead code related to changes panel.
622         https://bugs.webkit.org/show_bug.cgi?id=53688
623
624         * WebCore.gypi:
625         * WebCore.vcproj/WebCore.vcproj:
626         * inspector/front-end/ChangesView.js: Removed.
627         * inspector/front-end/WebKit.qrc:
628         * inspector/front-end/inspector.css:
629         (#error-warning-count):
630         (#error-warning-count:hover):
631         (#error-count + #warning-count):
632         * inspector/front-end/inspector.html:
633         * inspector/front-end/inspector.js:
634
635 2011-02-02  Sam Weinig  <sam@webkit.org>
636
637         Reviewed by Anders Carlsson.
638
639         Add notification of the end of a rubber band.
640         <rdar://problem/8940648>
641
642         * WebCore.exp.in:
643         Add additional exprots.
644
645         * page/ChromeClient.h:
646         (WebCore::ChromeClient::didCompleteRubberBandForMainFrame):
647         * page/FrameView.cpp:
648         (WebCore::FrameView::didCompleteRubberBand):
649         * page/FrameView.h:
650         * platform/ScrollView.cpp:
651         (WebCore::ScrollView::didCompleteRubberBand):
652         * platform/ScrollView.h:
653         Add hook.
654
655         * platform/ScrollableArea.h:
656         (WebCore::ScrollableArea::inLiveResize):
657         (WebCore::ScrollableArea::maximumScrollPosition):
658         (WebCore::ScrollableArea::visibleWidth):
659         (WebCore::ScrollableArea::overhangAmount):
660         (WebCore::ScrollableArea::didCompleteRubberBand):
661         Reorganize and de-virtualize live resize notifications.
662
663         * platform/mac/ScrollAnimatorMac.mm:
664         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
665         Call the new hook when the rubberband ends.
666
667 2011-02-02  Evan Martin  <evan@chromium.org>
668
669         Reviewed by Tony Chang.
670
671         [chromium] complex joining characters positioned in wrong place
672         https://bugs.webkit.org/show_bug.cgi?id=53637
673
674         Provide the correct font metrics to Harfbuzz related to the font design space.
675         There are used in some fonts for GPOS positioning.
676
677         Test: platform/chromium-linux/fast/text/international/complex-joining-using-gpos.html
678
679         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
680         (WebCore::ComplexTextController::setupFontForScriptRun):
681         (WebCore::ComplexTextController::allocHarfbuzzFont):
682         * platform/graphics/chromium/FontPlatformDataLinux.cpp:
683         (WebCore::FontPlatformData::FontPlatformData):
684         (WebCore::FontPlatformData::emSizeInFontUnits):
685         (WebCore::FontPlatformData::operator=):
686         * platform/graphics/chromium/FontPlatformDataLinux.h:
687         (WebCore::FontPlatformData::FontPlatformData):
688
689 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
690
691         Reviewed by Kent Tamura.
692
693         REGRESSION(r76147): Slider thumb position is not updated when value attribute is changed.
694         https://bugs.webkit.org/show_bug.cgi?id=53634
695
696         Test: fast/dom/HTMLInputElement/input-slider-update.html
697
698         * html/HTMLInputElement.cpp:
699         (WebCore::HTMLInputElement::setValue): Added a call to InputType::valueChanged.
700         * html/InputType.cpp:
701         (WebCore::InputType::valueChanged): Added empty implementation.
702         * html/InputType.h: Added def.
703         * html/RangeInputType.cpp:
704         (WebCore::RangeInputType::valueChanged): Added implementation that dirties layout
705             bit on the thumb.
706         * html/RangeInputType.h: Added def.
707
708 2011-02-02  Pavel Podivilov  <podivilov@chromium.org>
709
710         Reviewed by Pavel Feldman.
711
712         Web Inspector: do not share source frames between resources panel and scripts panel.
713         https://bugs.webkit.org/show_bug.cgi?id=53584
714
715         Currently, we show error messages only for resources. This change will allow showing error
716         messages in source frame even when resource is not available (eval scripts, inlined scripts).
717
718         * inspector/front-end/ConsoleView.js:
719         (WebInspector.ConsoleView.prototype.addMessage):
720         (WebInspector.ConsoleView.prototype.clearMessages):
721         * inspector/front-end/ResourceView.js:
722         (WebInspector.ResourceView.recreateResourceView):
723         * inspector/front-end/ResourcesPanel.js:
724         (WebInspector.FrameResourceTreeElement.prototype._setBubbleText):
725         * inspector/front-end/ScriptsPanel.js:
726         (WebInspector.ScriptsPanel.prototype._scriptSourceChanged):
727         (WebInspector.ScriptsPanel.prototype.addConsoleMessage):
728         (WebInspector.ScriptsPanel.prototype.clearConsoleMessages):
729         (WebInspector.ScriptsPanel.prototype.reset):
730         (WebInspector.ScriptsPanel.prototype._sourceFrameForScriptOrResource):
731         (WebInspector.ScriptsPanel.prototype._sourceFrameForResource):
732         (WebInspector.ScriptsPanel.prototype._sourceFrameForScript):
733
734 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
735
736         Fix 32-bit builds.
737
738         * platform/graphics/ShadowBlur.cpp:
739         (WebCore::ShadowBlur::blurLayerImage):
740
741 2011-02-03  Mikhail Naganov  <mnaganov@chromium.org>
742
743         Reviewed by Pavel Feldman.
744
745         Web Inspector: Add reporting of JS heap size limit to 'console.memory'.
746         https://bugs.webkit.org/show_bug.cgi?id=53592
747
748         In JSC there is no limit, thus 'undefined' value is returned.
749         For V8, the limit reported by the VM is returned.
750
751         * Android.jscbindings.mk:
752         * CMakeLists.txt:
753         * GNUmakefile.am:
754         * WebCore.gypi:
755         * WebCore.pro:
756         * WebCore.vcproj/WebCore.vcproj:
757         * WebCore.xcodeproj/project.pbxproj:
758         * bindings/js/JSBindingsAllInOne.cpp:
759         * bindings/js/JSMemoryInfoCustom.cpp: Added.
760         * bindings/js/ScriptGCEvent.cpp:
761         (WebCore::ScriptGCEvent::getHeapSize):
762         * bindings/js/ScriptGCEvent.h:
763         * bindings/v8/ScriptGCEvent.cpp:
764         (WebCore::ScriptGCEvent::getHeapSize):
765         * bindings/v8/ScriptGCEvent.h:
766         * inspector/InspectorTimelineAgent.cpp:
767         (WebCore::InspectorTimelineAgent::setHeapSizeStatistic):
768         * page/MemoryInfo.cpp:
769         (WebCore::MemoryInfo::MemoryInfo):
770         * page/MemoryInfo.h:
771         (WebCore::MemoryInfo::jsHeapSizeLimit):
772         * page/MemoryInfo.idl:
773
774 2011-01-27  Philippe Normand  <pnormand@igalia.com>
775
776         Reviewed by Martin Robinson.
777
778         [GTK] LayoutTests/media/audio-mpeg4-supported.html fails
779         https://bugs.webkit.org/show_bug.cgi?id=53125
780
781         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
782         (WebCore::mimeTypeCache): Add audio/x-m4a mimetype in the cache.
783
784 2011-02-03  Simon Fraser  <simon.fraser@apple.com>
785
786         Reviewed by Sam Weinig.
787
788         ShadowBlur radius for CSS shadows is slightly too big
789         https://bugs.webkit.org/show_bug.cgi?id=53660
790         
791         If we follow SVG gaussian blur for CSS shadows, we can end up rendering
792         shadows that extend further than the CSS "blur radius", which results
793         in the shadows being truncated.
794         
795         Fix with a small fudge factor to reduce the kernel diameter slightly
796         for CSS shadows.
797         
798         Also more closely follow the algorithm described in the SVG spec
799         for computing the kernel size for different diameters, and clean up
800         some variable naming relating to the shadow bounds.
801
802         * platform/graphics/ShadowBlur.cpp:
803         (WebCore::ShadowBlur::blurLayerImage):
804         (WebCore::ShadowBlur::drawRectShadowWithTiling):
805
806 2011-02-01  Pavel Podivilov  <podivilov@chromium.org>
807
808         Reviewed by Pavel Feldman.
809
810         Web Inspector: introduce new api for managing JavaScript breakpoints.
811         https://bugs.webkit.org/show_bug.cgi?id=53235
812
813         Single protocol breakpoint (e.g. set by url) is mapped on zero or more VM breakpoints (set by sourceID).
814         removeJavaScriptBreakpoint(breakpointId) removes breakpoint and all linked VM breakpoints.
815         Since UI uses VM breakpoint location rather then protocol breakpoint location, all resolved breakpoints locations are passed to frontend.
816
817         SourceFrame is now aware of whether breakpoint is resolved or not and may display it accordingly.
818         JavaScriptBreakpointsSidebarPane filters out breakpoints set on nonexistent scripts to avoid UI cluttering.
819
820         * bindings/js/ScriptDebugServer.cpp:
821         (WebCore::ScriptDebugServer::setBreakpoint):
822         (WebCore::ScriptDebugServer::removeBreakpoint):
823         * bindings/js/ScriptDebugServer.h:
824         * bindings/v8/DebuggerScript.js:
825         ():
826         * bindings/v8/ScriptDebugServer.cpp:
827         (WebCore::ScriptDebugServer::setBreakpoint):
828         * bindings/v8/ScriptDebugServer.h:
829         * inspector/Inspector.idl:
830         * inspector/InspectorAgent.cpp: clear breakpoints from inspector state when new frontend is created
831         (WebCore::InspectorAgent::restoreInspectorStateFromCookie):
832         (WebCore::InspectorAgent::populateScriptObjects):
833         (WebCore::InspectorAgent::restoreDebugger):
834         (WebCore::InspectorAgent::showAndEnableDebugger):
835         (WebCore::InspectorAgent::enableDebugger):
836         * inspector/InspectorAgent.h:
837         * inspector/InspectorDebuggerAgent.cpp: manage relations between protocol breakpoints and VM breakpoints
838         (WebCore::InspectorDebuggerAgent::InspectorDebuggerAgent):
839         (WebCore::InspectorDebuggerAgent::inspectedURLChanged):
840         (WebCore::InspectorDebuggerAgent::setJavaScriptBreakpoint):
841         (WebCore::InspectorDebuggerAgent::setJavaScriptBreakpointBySourceId):
842         (WebCore::InspectorDebuggerAgent::removeJavaScriptBreakpoint):
843         (WebCore::InspectorDebuggerAgent::continueToLocation):
844         (WebCore::InspectorDebuggerAgent::resolveBreakpoint):
845         (WebCore::InspectorDebuggerAgent::getScriptSource):
846         (WebCore::InspectorDebuggerAgent::didParseSource):
847         (WebCore::InspectorDebuggerAgent::didPause):
848         * inspector/InspectorDebuggerAgent.h:
849         (WebCore::InspectorDebuggerAgent::Script::Script):
850         * inspector/InspectorValues.cpp:
851         (WebCore::InspectorValue::asNumber):
852         (WebCore::InspectorBasicValue::asNumber):
853         (WebCore::InspectorObject::remove):
854         * inspector/InspectorValues.h:
855         (WebCore::InspectorObject::getNumber):
856         (WebCore::InspectorObject::find):
857         * inspector/ScriptBreakpoint.h:
858         (WebCore::ScriptBreakpoint::ScriptBreakpoint):
859         * inspector/front-end/Breakpoint.js:
860         (WebInspector.Breakpoint):
861         (WebInspector.Breakpoint.prototype.addLocation):
862         * inspector/front-end/BreakpointManager.js: remove all stuff related to JavaScript breakpoints from here
863         (WebInspector.BreakpointManager):
864         (WebInspector.BreakpointManager.prototype._projectChanged):
865         (WebInspector.BreakpointManager.prototype._saveBreakpoints):
866         (WebInspector.BreakpointManager.prototype._validateBreakpoints):
867         * inspector/front-end/BreakpointsSidebarPane.js:
868         (WebInspector.JavaScriptBreakpointsSidebarPane): filter breakpoints set on nonexistent scripts to avoid ui cluttering
869         * inspector/front-end/DebuggerModel.js:
870         (WebInspector.DebuggerModel): pull all JavaScript from localStorage and push them to fronted when debugger is enabled, save resolved breakpoints data
871         * inspector/front-end/Script.js:
872         (WebInspector.Script.prototype.sourceLine):
873         * inspector/front-end/ScriptsPanel.js:
874         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
875         * inspector/front-end/Settings.js:
876         (WebInspector.Settings):
877         * inspector/front-end/SourceFrame.js: handle resolved and unresolved breakpoints differently
878         * inspector/front-end/inspector.js:
879
880 2011-02-03  Nikolas Zimmermann  <nzimmermann@rim.com>
881
882         Reviewed by Dirk Schulze.
883
884         small text which is scaled to be large renders pixelated
885         https://bugs.webkit.org/show_bug.cgi?id=12448
886
887         SVG <text> with font-size smaller or equal to 1 does not paint correctly
888         https://bugs.webkit.org/show_bug.cgi?id=14242
889
890         misplaced text in SVG
891         https://bugs.webkit.org/show_bug.cgi?id=17053
892
893         Don't render very small (but zoomed) text inside SVG
894         https://bugs.webkit.org/show_bug.cgi?id=19393
895
896         Tiny fonts scaled up end up too large in Safari
897         https://bugs.webkit.org/show_bug.cgi?id=20192
898
899         Stretched SVG Text has awful glyph spacing 
900         https://bugs.webkit.org/show_bug.cgi?id=21774
901
902         REGRESSION (r72141?): svg/batik/text/smallFonts.svg failing on Leopard
903         https://bugs.webkit.org/show_bug.cgi?id=49846
904
905         [Gtk] Text height in zoomed SVG is 1px too high
906         https://bugs.webkit.org/show_bug.cgi?id=50313
907
908         SVG text smaller than 0.5px not displayed properly
909         https://bugs.webkit.org/show_bug.cgi?id=50528
910
911         When rendering text, we're selecting a font with a size, as specified in the markup.
912         This can lead to problems, if the context, where the text is rendered upon, is scaled. If a parent
913         element of the <text> defines a transform=".." or the outermost <svg> containing a viewBox the
914         problem becomes apparent.
915
916         Consider following two snippets, which should render exactly the same:
917         <svg viewBox="0 0 100 100"><text x="25" y="50" font-size="25">test</text></svg>
918         <svg viewBox="0 0 1 1"><text x="0.25" y="0.5" font-size="0.25">test</text></svg>
919
920         When selecting a font size below 0.5, FontCacheMac would request a font with size 0,
921         which AppKit turns into 12. This lead to huge text rendering, instead of small text on Mac.
922         Other platforms have different problems (Qt simply scales the font, leading to pixelation etc.)
923
924         To fix this in a cross-platform fashion, we now always compute the final font size on screen,
925         remove any scaling from the context, draw the text using the scaled font size, then reapply
926         the context scale. This makes the example snippets above render exactly the same and fixes
927         numerous of bugs, present since years. As we're now heavily using floating-point font sizes
928         internally, depending on the scale of the document, it's very important to use the new
929         floating-point text metrics information (floatAscent/floatDescent/floatHeight) everywhere in SVG.
930
931         Fixes existing tests: css3/zoom-coords.xhtml (cross-platform inconsistencies should be gone, mac now reports floatHeight values for SVG text height)
932                               svg/hixie/text/003.html (no more pixelation)
933                               svg/batik/text/smallFonts.svg (small fonts aren't rendered huge anymore on mac)
934                               svg/hixie/viewbox/preserveAspectRatio/001.xml (bug 21774, no more awful spacing)
935                               svg/zoom/page/zoom-zoom-coords.xhtml (cross-platform inconsistencies should be gone, inspired by bug 50313)
936
937         Tests: svg/text/font-size-below-point-five-2.svg (reduction from bug 50528)
938                svg/text/font-size-below-point-five.svg (reduction from bug 50528)
939                svg/text/scaled-font.svg (reduction from bug 12448)
940                svg/text/small-fonts-2.svg (reduction from bug 14242)
941                svg/text/small-fonts-3.svg (reduction from bug 17053)
942                svg/text/small-fonts-in-html5.html (reduction from bug 19393)
943                svg/text/small-fonts.svg (reduction from bug 20192))
944
945         * rendering/svg/RenderSVGInlineText.cpp: Cache 'float scalingFactor' & 'Font scaledFont', whenever the on-screen representation changes.
946         * rendering/svg/RenderSVGInlineText.h:
947         * rendering/svg/RenderSVGText.cpp: Update scalingFactor/scaledFont, if necessary.
948         * rendering/svg/SVGInlineTextBox.cpp: Switch to new font rendering strategy. Always use scaledFont, and remove any context scale before drawing.
949         * rendering/svg/SVGInlineTextBox.h:
950         * rendering/svg/SVGTextLayoutEngineBaseline.cpp: Use floating-point metrics everywhere.
951         * rendering/svg/SVGTextMetrics.cpp: Ditto.
952         * rendering/svg/SVGTextMetrics.h: Ditto.
953         * rendering/svg/SVGTextQuery.cpp: Ditto.
954         * svg/SVGFont.cpp: Adjust stroke thickness, when drawing SVGFonts into a normalized context (no more scale).
955         * svg/SVGTextContentElement.cpp: Make <text> elements always dependant on window size changes in combination with viewBox set.
956         * svg/SVGTextPositioningElement.cpp: Remove now unnecessary code to determine wheter relative lengths are used as text attributes.
957         * svg/SVGTextPositioningElement.h: 
958
959 2011-02-03  Pavel Feldman  <pfeldman@chromium.org>
960
961         Reviewed by Yury Semikhatsky.
962
963         Web Inspector: resources panel doesn't show frames after reload.
964         https://bugs.webkit.org/show_bug.cgi?id=53430
965
966         * inspector/front-end/ResourcesPanel.js:
967         (WebInspector.ResourcesPanel.prototype.show):
968         (WebInspector.ResourcesPanel.prototype.loadEventFired):
969         (WebInspector.ResourcesPanel.prototype._initDefaultSelection):
970         (WebInspector.ResourcesPanel.prototype.reset):
971         (WebInspector.ResourcesPanel.prototype.clear):
972         * inspector/front-end/inspector.js:
973         (WebInspector.loadEventFired):
974
975 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
976
977         Reviewed by Pavel Feldman.
978
979         Web Inspector: Remove the *2 suffix from the CSS style-related protocol methods
980         https://bugs.webkit.org/show_bug.cgi?id=53492
981
982         * inspector/Inspector.idl:
983         * inspector/InspectorCSSAgent.cpp:
984         (WebCore::InspectorCSSAgent::getStylesForNode):
985         (WebCore::InspectorCSSAgent::getInlineStyleForNode):
986         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
987         (WebCore::InspectorCSSAgent::getAllStyles):
988         (WebCore::InspectorCSSAgent::getStyleSheet):
989         (WebCore::InspectorCSSAgent::getStyleSheetText):
990         (WebCore::InspectorCSSAgent::setStyleSheetText):
991         (WebCore::InspectorCSSAgent::setPropertyText):
992         (WebCore::InspectorCSSAgent::toggleProperty):
993         (WebCore::InspectorCSSAgent::setRuleSelector):
994         (WebCore::InspectorCSSAgent::addRule):
995         * inspector/InspectorCSSAgent.h:
996         * inspector/front-end/AuditRules.js:
997         (WebInspector.AuditRules.UnusedCssRule.prototype.doRun):
998         * inspector/front-end/CSSStyleModel.js:
999         (WebInspector.CSSStyleModel.prototype.getStylesAsync):
1000         (WebInspector.CSSStyleModel.prototype.getComputedStyleAsync):
1001         (WebInspector.CSSStyleModel.prototype.getInlineStyleAsync):
1002         (WebInspector.CSSStyleModel.prototype.setRuleSelector):
1003         (WebInspector.CSSStyleModel.prototype.addRule):
1004         (WebInspector.CSSStyleModel.prototype._styleSheetChanged):
1005         (WebInspector.CSSStyleModel.prototype._onRevert):
1006         (WebInspector.CSSStyleDeclaration.prototype.insertPropertyAt):
1007         (WebInspector.CSSProperty.prototype.setText):
1008         (WebInspector.CSSProperty.prototype.setDisabled):
1009         (WebInspector.CSSStyleSheet.createForId):
1010         (WebInspector.CSSStyleSheet.prototype.setText):
1011
1012 2011-02-03  Adam Barth  <abarth@webkit.org>
1013
1014         Reviewed by Daniel Bates.
1015
1016         Teach XSSFilter about data URLs
1017         https://bugs.webkit.org/show_bug.cgi?id=53662
1018
1019         The XSS filter doesn't really make sense for data URLs because
1020         everything in a "response" from a data URL was part of the request.
1021
1022         Test: http/tests/security/xssAuditor/data-urls-work.html
1023
1024         * html/parser/XSSFilter.cpp:
1025         (WebCore::XSSFilter::init):
1026         (WebCore::XSSFilter::filterToken):
1027
1028 2011-02-02  Chris Evans  <cevans@chromium.org>
1029
1030         Reviewed by Darin Fisher.
1031
1032         window.find() can fail when switching case sensitivity
1033         https://bugs.webkit.org/show_bug.cgi?id=53654
1034
1035         Reset the pattern to a safe one when done, to avoid usearch_reset()
1036         indirectly touching the old, stale text pointer.
1037
1038         Test: fast/text/find-window.html
1039
1040         * editing/TextIterator.cpp:
1041         (WebCore::SearchBuffer::~SearchBuffer): leave a safe pattern buffer when done.
1042
1043 2011-02-02  Adam Barth  <abarth@webkit.org>
1044
1045         Reviewed by Daniel Bates.
1046
1047         Teach XSSFilter that <param> elements can contain URLs
1048         https://bugs.webkit.org/show_bug.cgi?id=53652
1049
1050         When loading plugins for the <object> tag, we're "smart" enough to
1051         reach into the <param> elements and pull out the URL in some cases.
1052         This patch teaches the XSSFilter how to block injections into those
1053         sorts of param elements.
1054
1055         Fixes:
1056             http/tests/security/xssAuditor/object-*
1057
1058         * html/HTMLParamElement.cpp:
1059         (WebCore::HTMLParamElement::isURLParameter):
1060         (WebCore::HTMLParamElement::isURLAttribute):
1061         (WebCore::HTMLParamElement::addSubresourceAttributeURLs):
1062         * html/HTMLParamElement.h:
1063             - Add a helper function so that HTMLParamElement can share the
1064               ground truth for these names with the XSSFilter.
1065         * html/parser/XSSFilter.cpp:
1066         (WebCore::XSSFilter::filterTokenInitial):
1067         (WebCore::XSSFilter::filterParamToken):
1068         * html/parser/XSSFilter.h:
1069
1070 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1071
1072         Reviewed by David Levin.
1073
1074         GCC compiler on ARM issues bogus warnings and fails to compile.
1075         https://bugs.webkit.org/show_bug.cgi?id=53620
1076
1077         Despite warnings explicitly being disallowed (-Wno-uninitialized),
1078         gcc (Ubuntu 4.4.3-4ubuntu5) 4.4.3 throws up the warnings like:
1079
1080         "error: 'colorTransparent.unstatic.4909' may be used uninitialized in this function"
1081
1082         The fix is to add an extra condition, which somehow pacifies the compiler.
1083
1084         * css/CSSPrimitiveValue.cpp:
1085         (WebCore::CSSPrimitiveValue::createColor): Added workaround conditions.
1086
1087 2011-02-02  Adam Barth  <abarth@webkit.org>
1088
1089         Reviewed by Daniel Bates.
1090
1091         Teach XSSFilter about X-XSS-Protection
1092         https://bugs.webkit.org/show_bug.cgi?id=53640
1093
1094         This patch causes us to pass:
1095             http/tests/security/xssAuditor/full-block-*
1096             http/tests/security/xssAuditor/no-protection-script-tag.html
1097
1098         * html/parser/XSSFilter.cpp:
1099         (WebCore::XSSFilter::XSSFilter):
1100         (WebCore::XSSFilter::init):
1101         (WebCore::XSSFilter::filterToken):
1102         * html/parser/XSSFilter.h:
1103
1104 2011-02-02  Adam Barth  <abarth@webkit.org>
1105
1106         Reviewed by Daniel Bates.
1107
1108         When XSSFilter blocks JavaScript URLs, use a safe JavaScript URL
1109         instead of the empty string
1110         https://bugs.webkit.org/show_bug.cgi?id=53643
1111
1112         In a URL context, the empty string completes to the URL of the current
1113         page, which causes these tests to go into an infinite loop.  Instead,
1114         we should use a "safe" JavaScript URL that does nothing.
1115
1116         Fixes:
1117             http/tests/security/xssAuditor/javascript-link*
1118
1119         * html/parser/XSSFilter.cpp:
1120         (WebCore::XSSFilter::eraseDangerousAttributesIfInjected):
1121
1122 2011-02-02  Dan Bernstein  <mitz@apple.com>
1123
1124         Reviewed by Sam Weinig.
1125
1126         <rdar://problem/8380506> REGRESSION (r61921): RTL text in <b> tag doesn't display in WebKit under certain conditions
1127         https://bugs.webkit.org/show_bug.cgi?id=44942
1128
1129         Test: fast/text/bidi-embedding-pop-and-push-same-2.html
1130
1131         * platform/text/BidiResolver.h:
1132         (WebCore::::commitExplicitEmbedding): Changed to return a boolean indicating whether there was
1133         a change to embedding levels.
1134         (WebCore::::createBidiRunsForLine): If embedding levels did not change as a result of committing
1135         the explicit embedding sequence, then runs were not added, and we should continue normally.
1136
1137 2011-02-02  Sam Weinig  <sam@webkit.org>
1138
1139         Reviewed by Dan Bernstein.
1140
1141         Fix miscalculation of the overhang area used for painting. We were
1142         not correctly accounting for scrollbars resulting in an non-negative
1143         overhang even when we weren't over the edge.
1144
1145         * platform/ScrollView.cpp:
1146         (WebCore::ScrollView::calculateOverhangAreasForPainting):
1147
1148 2011-02-02  Jeremy Orlow  <jorlow@chromium.org>
1149
1150         Reviewed by Nate Chapin.
1151
1152         IDBTransaction and IDBRequest can be deleted while ScriptExecutionContext is iterating....which is bad
1153         https://bugs.webkit.org/show_bug.cgi?id=52722
1154
1155         The solution is to change ScriptExecutionContext's destructor to iterate over
1156         the list in a way that handles the mutations. This new method is destructive,
1157         but that's OK since the object is going away. I've also added a several asserts.
1158
1159         There should be no behavior change.
1160
1161         * dom/ScriptExecutionContext.cpp:
1162         (WebCore::ScriptExecutionContext::ScriptExecutionContext):
1163         (WebCore::ScriptExecutionContext::~ScriptExecutionContext):
1164         (WebCore::ScriptExecutionContext::canSuspendActiveDOMObjects):
1165         (WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
1166         (WebCore::ScriptExecutionContext::resumeActiveDOMObjects):
1167         (WebCore::ScriptExecutionContext::stopActiveDOMObjects):
1168         (WebCore::ScriptExecutionContext::createdActiveDOMObject):
1169         (WebCore::ScriptExecutionContext::destroyedActiveDOMObject):
1170         * dom/ScriptExecutionContext.h:
1171         * storage/IDBTransaction.cpp:
1172         (WebCore::IDBTransaction::contextDestroyed):
1173         * storage/IDBTransaction.h:
1174
1175 2011-02-02  Mark Rowe  <mrowe@apple.com>
1176
1177         Build fix.
1178
1179         * WebCore.exp.in: Remove some bogus symbols from the .exp.in file.
1180         * platform/mac/ScrollbarThemeMac.mm:
1181         (WebCore::ScrollbarThemeMac::unregisterScrollbar): Look the object
1182         up in the HashMap rather than relying on a local variable that doesn't
1183         exist.
1184
1185 2011-02-02  Adam Barth  <abarth@webkit.org>
1186
1187         Reviewed by Daniel Bates.
1188
1189         Teach XSSFilter about JavaScript URLs
1190         https://bugs.webkit.org/show_bug.cgi?id=53635
1191
1192         This patch teaches the XSSFilter to check for JavaScript URLs in
1193         attribute values.  If this approach has too many false positives, we
1194         can restrict which attribute names we examine.
1195
1196         Fixes these tests:
1197             http/tests/security/xssAuditor/anchor-url-dom-write-location-javascript-URL.html
1198             http/tests/security/xssAuditor/dom-write-location-javascript-URL.html
1199             http/tests/security/xssAuditor/iframe-javascript-url*
1200
1201         * html/parser/XSSFilter.cpp:
1202         (WebCore::HTMLNames::containsJavaScriptURL):
1203         (WebCore::XSSFilter::filterTokenInitial):
1204         (WebCore::XSSFilter::eraseDangerousAttributesIfInjected):
1205         * html/parser/XSSFilter.h:
1206
1207 2011-02-02  Dan Bernstein  <mitz@apple.com>
1208
1209         Reviewed by Sam Weinig, even though this is just a...
1210
1211         ...build fix.
1212
1213         * platform/mac/ScrollAnimatorMac.mm:
1214         (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
1215
1216 2011-02-02  Mark Rowe  <mrowe@apple.com>
1217
1218         Reviewed by Beth Dakin.
1219
1220         <rdar://problem/8952012> Crash on launch inside scrollbar code.
1221
1222         We need to ensure that we remove ourselves as the delegates of objects when we're going
1223         away as failing to do this can lead to crashes if the lifetime of the other objects
1224         is longer than ours.
1225
1226         * platform/mac/ScrollAnimatorMac.mm:
1227         (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac):
1228         * platform/mac/ScrollbarThemeMac.mm:
1229         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
1230
1231 2011-02-02  Beth Dakin  <bdakin@apple.com>
1232
1233         Build fix.
1234
1235         * WebCore.exp.in:
1236
1237 2011-02-02  Patrick Gansterer  <paroga@webkit.org>
1238
1239         Unreviewed WinCE build fix for r77397.
1240
1241         * page/wince/FrameWinCE.cpp:
1242         (WebCore::computePageRectsForFrame):
1243
1244 2011-02-02  Patrick Gansterer  <paroga@webkit.org>
1245
1246         Unreviewed WinCE build fix for r77398.
1247
1248         * platform/graphics/wince/PlatformPathWinCE.cpp:
1249         (WebCore::containsPoint):
1250         (WebCore::inflateRectToContainPoint):
1251         (WebCore::PlatformPath::addRect):
1252         * platform/graphics/wince/SharedBitmap.cpp:
1253         (WebCore::SharedBitmap::drawPattern):
1254         * rendering/RenderThemeWinCE.cpp:
1255         (WebCore::RenderThemeWinCE::paintMenuListButton):
1256         (WebCore::RenderThemeWinCE::paintSearchFieldCancelButton):
1257         (WebCore::RenderThemeWinCE::paintSliderTrack):
1258         (WebCore::RenderThemeWinCE::paintMediaMuteButton):
1259         (WebCore::RenderThemeWinCE::paintMediaPlayButton):
1260         (WebCore::RenderThemeWinCE::paintMediaSeekBackButton):
1261         (WebCore::RenderThemeWinCE::paintMediaSeekForwardButton):
1262
1263 2011-02-02  Jian Li  <jianli@chromium.org>
1264
1265         Reviewed by Kenneth Russell.
1266
1267         [V8] Accessing DataView with index of -1 returns 0, doesn't throw
1268         https://bugs.webkit.org/show_bug.cgi?id=53559
1269
1270         Added test cases to cover this in fast/canvas/webgl/data-view-test.html.
1271
1272         * html/canvas/DataView.h:
1273         (WebCore::DataView::beyondRange):
1274
1275 2011-02-02  Sam Weinig  <sam@webkit.org>
1276
1277         Reviewed by Beth Dakin.
1278
1279         Add ChromeClient function to paint custom overhang areas.
1280         https://bugs.webkit.org/show_bug.cgi?id=53639
1281
1282         * page/Chrome.cpp:
1283         (WebCore::ChromeClient::paintCustomOverhangArea):
1284         * page/ChromeClient.h:
1285         Add ChromeClient function.
1286
1287         * page/FrameView.cpp:
1288         (WebCore::FrameView::paintOverhangAreas):
1289         * page/FrameView.h:
1290         Call out the the ChromeClient, call ScrollView base implementation
1291         if the ChromeClient returns false.
1292
1293         * platform/ScrollView.cpp:
1294         (WebCore::ScrollView::paintOverhangAreas):
1295         * platform/ScrollView.h:
1296         Add dirty rect for use when painting overhang areas.
1297
1298 2011-02-02  Peter Kasting  <pkasting@google.com>
1299
1300         Not reviewed, build fix.
1301
1302         Fix compile after r77427.
1303         https://bugs.webkit.org/show_bug.cgi?id=53455
1304
1305         * platform/graphics/qt/ImageDecoderQt.cpp:
1306         (WebCore::ImageDecoderQt::internalHandleCurrentImage):
1307         * platform/image-decoders/ImageDecoder.cpp:
1308         (WebCore::ImageFrame::operator=):
1309         * platform/image-decoders/bmp/BMPImageReader.cpp:
1310         (WebCore::BMPImageReader::decodeBMP):
1311         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
1312         (WebCore::JPEGImageDecoder::outputScanlines):
1313         * platform/image-decoders/png/PNGImageDecoder.cpp:
1314         (WebCore::PNGImageDecoder::rowAvailable):
1315         * platform/image-decoders/webp/WEBPImageDecoder.cpp:
1316         (WebCore::WEBPImageDecoder::decode):
1317
1318 2011-02-02  Peter Kasting  <pkasting@google.com>
1319
1320         Reviewed by David Levin.
1321
1322         Clean up ImageDecoder's comments (remove/trim/clarify).
1323         https://bugs.webkit.org/show_bug.cgi?id=53455
1324
1325         This also renames or eliminates a couple of functions for clarity, and
1326         switches a couple erroneous strncmp() calls to memcmp().
1327
1328         * platform/image-decoders/ImageDecoder.cpp:
1329         (WebCore::ImageDecoder::create):
1330         (WebCore::ImageFrame::clearPixelData):
1331         (WebCore::ImageFrame::zeroFillPixelData):
1332         (WebCore::ImageFrame::setSize):
1333         * platform/image-decoders/ImageDecoder.h:
1334         (WebCore::ImageFrame::originalFrameRect):
1335         (WebCore::ImageFrame::setOriginalFrameRect):
1336         (WebCore::ImageDecoder::ImageDecoder):
1337         (WebCore::ImageDecoder::~ImageDecoder):
1338         (WebCore::ImageDecoder::isSizeAvailable):
1339         (WebCore::ImageDecoder::size):
1340         (WebCore::ImageDecoder::setIgnoreGammaAndColorProfile):
1341         (WebCore::ImageDecoder::clearFrameBufferCache):
1342         (WebCore::ImageDecoder::isOverSize):
1343         * platform/image-decoders/bmp/BMPImageReader.cpp:
1344         (WebCore::BMPImageReader::processNonRLEData):
1345         * platform/image-decoders/cg/ImageDecoderCG.cpp:
1346         (WebCore::ImageFrame::setSize):
1347         * platform/image-decoders/gif/GIFImageDecoder.cpp:
1348         (WebCore::GIFImageDecoder::clearFrameBufferCache):
1349         (WebCore::GIFImageDecoder::frameComplete):
1350         (WebCore::GIFImageDecoder::initFrameBuffer):
1351         * platform/image-decoders/jpeg/JPEGImageDecoder.h:
1352         * platform/image-decoders/qt/ImageFrameQt.cpp:
1353         (WebCore::ImageFrame::operator=):
1354         (WebCore::ImageFrame::clearPixelData):
1355         (WebCore::ImageFrame::zeroFillPixelData):
1356         (WebCore::ImageFrame::setSize):
1357         * platform/image-decoders/skia/ImageDecoderSkia.cpp:
1358         (WebCore::ImageFrame::operator=):
1359         (WebCore::ImageFrame::clearPixelData):
1360         (WebCore::ImageFrame::zeroFillPixelData):
1361         (WebCore::ImageFrame::setSize):
1362         * platform/image-decoders/webp/WEBPImageDecoder.h:
1363
1364 2011-02-02  Vangelis Kokkevis  <vangelis@chromium.org>
1365
1366         [chromium] Adding support for reflections to the accelerated
1367         compositing path.
1368         https://bugs.webkit.org/show_bug.cgi?id=53179
1369
1370         All layout tests in compositing/reflections generate correct
1371         results with the exception of:
1372         1. nested-reflection-anchor-point.html : There appears to be
1373            some issue with the layer transform math that I haven't been
1374            able to track down yet.
1375         2. reflection-opacity.html : The current implementation applies
1376            opacity before doing the reflection which makes this test
1377            produce incorrect results.  This will affect reflected layers
1378            with opacity that overlap their original layer.  FIXME comment
1379            added in the code.
1380
1381         Tests: Covered by existing layout tests in compositing/reflections.
1382                Please see above for exceptions.
1383
1384         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
1385         (WebCore::GraphicsLayerChromium::setReplicatedByLayer):
1386         (WebCore::GraphicsLayerChromium::updateAnchorPoint):
1387         * platform/graphics/chromium/GraphicsLayerChromium.h:
1388         * platform/graphics/chromium/LayerChromium.cpp:
1389         (WebCore::LayerChromium::LayerChromium):
1390         * platform/graphics/chromium/LayerChromium.h:
1391         (WebCore::LayerChromium::setReplicaLayer):
1392         (WebCore::LayerChromium::replicaLayer):
1393         * platform/graphics/chromium/LayerRendererChromium.cpp:
1394         (WebCore::LayerRendererChromium::updateLayersRecursive):
1395         (WebCore::LayerRendererChromium::drawLayer):
1396         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
1397         (WebCore::RenderSurfaceChromium::drawableContentRect):
1398         (WebCore::RenderSurfaceChromium::drawSurface):
1399         (WebCore::RenderSurfaceChromium::draw):
1400         * platform/graphics/chromium/RenderSurfaceChromium.h:
1401         (WebCore::RenderSurfaceChromium::drawTransform):
1402
1403 2011-02-02  Xiyuan Xia  <xiyuan@chromium.org>
1404
1405         Reviewed by Tony Chang.
1406
1407         [Chromium] Select popup with padding has white strip on right
1408         https://bugs.webkit.org/show_bug.cgi?id=53602
1409
1410         No new tests as this change restores old behavior.
1411
1412         * platform/chromium/PopupMenuChromium.cpp:
1413         (WebCore::PopupListBox::layout):
1414
1415 2011-02-02  Beth Dakin  <bdakin@apple.com>
1416
1417         Reviewed by Mark Rowe.
1418
1419         Fix for <rdar://problem/8950343> CrashTracer: [USER]
1420         1 crash in WebProcess at com.apple.WebCore: 
1421         WebCore::ScrollbarThemeMac::unregisterScrollbar + 22
1422
1423         It is possible for a Scrollbar's ScrollableArea to be null,
1424         so we must null check.
1425         * platform/mac/ScrollbarThemeMac.mm:
1426         (WebCore::ScrollbarThemeMac::registerScrollbar):
1427         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
1428
1429 2011-02-02  Zhenyao Mo  <zmo@google.com>
1430
1431         Reviewed by Kenneth Russell.
1432
1433         bufferData and bufferSubData should generate INVALID_VALUE with negative input
1434         https://bugs.webkit.org/show_bug.cgi?id=53626
1435
1436         * html/canvas/WebGLRenderingContext.cpp:
1437         (WebCore::WebGLRenderingContext::bufferData):
1438         (WebCore::WebGLRenderingContext::bufferSubData):
1439
1440 2011-02-02  Jeff Miller  <jeffm@apple.com>
1441
1442         Reviewed by Darin Adler and Steve Falkenburg.
1443
1444         Add DerivedSources.make to some Visual Studio projects
1445         https://bugs.webkit.org/show_bug.cgi?id=53607
1446
1447         * WebCore.vcproj/WebCoreGenerated.vcproj: Add DerivedSources.make.
1448
1449 2011-02-02  Cris Neckar  <cdn@chromium.org>
1450
1451         Reviewed by James Robinson.
1452
1453         Refcount domwindows when dispatching device orientation events.
1454         https://bugs.webkit.org/show_bug.cgi?id=53623
1455
1456         Test: fast/events/device-orientation-crash.html
1457
1458         * dom/DeviceMotionController.cpp:
1459         (WebCore::DeviceMotionController::timerFired):
1460         (WebCore::DeviceMotionController::didChangeDeviceMotion):
1461         * dom/DeviceMotionController.h:
1462         * dom/DeviceOrientationController.cpp:
1463         (WebCore::DeviceOrientationController::timerFired):
1464         (WebCore::DeviceOrientationController::didChangeDeviceOrientation):
1465         * dom/DeviceOrientationController.h:
1466
1467 2011-02-02  Zhenyao Mo  <zmo@google.com>
1468
1469         Reviewed by Kenneth Russell.
1470
1471         A deleted object should never been bound again
1472         https://bugs.webkit.org/show_bug.cgi?id=53604
1473
1474         * html/canvas/WebGLRenderingContext.cpp:
1475         (WebCore::WebGLRenderingContext::checkObjectToBeBound): Helper function to bind* and useProgram.
1476         (WebCore::WebGLRenderingContext::bindBuffer): Use checkObjectToBeBound.
1477         (WebCore::WebGLRenderingContext::bindFramebuffer): Ditto.
1478         (WebCore::WebGLRenderingContext::bindRenderbuffer): Ditto.
1479         (WebCore::WebGLRenderingContext::bindTexture): Ditto, also check the target matching.
1480         (WebCore::WebGLRenderingContext::deleteObject): Helper funtion to delete*.
1481         (WebCore::WebGLRenderingContext::deleteBuffer): Use deleteObject.
1482         (WebCore::WebGLRenderingContext::deleteFramebuffer): Ditto.
1483         (WebCore::WebGLRenderingContext::deleteProgram): Ditto.
1484         (WebCore::WebGLRenderingContext::deleteRenderbuffer): Ditto.
1485         (WebCore::WebGLRenderingContext::deleteShader): Ditto.
1486         (WebCore::WebGLRenderingContext::deleteTexture): Ditto.
1487         (WebCore::WebGLRenderingContext::useProgram): Use checkObjectToBeBound.
1488         * html/canvas/WebGLRenderingContext.h:
1489         * html/canvas/WebGLTexture.h:
1490         (WebCore::WebGLTexture::getTarget): Accessor to cached target.
1491
1492 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1493
1494         Unreviewed Efl buildfix after r77399.
1495
1496         * CMakeListsEfl.txt:
1497
1498 2011-02-02  Kenneth Russell  <kbr@google.com>
1499
1500         Reviewed by James Robinson.
1501
1502         Rename Typed Array subset to subarray
1503         https://bugs.webkit.org/show_bug.cgi?id=53618
1504
1505         * html/canvas/Float32Array.cpp:
1506         (WebCore::Float32Array::subarray):
1507         * html/canvas/Float32Array.h:
1508         * html/canvas/Float32Array.idl:
1509         * html/canvas/Int16Array.cpp:
1510         (WebCore::Int16Array::subarray):
1511         * html/canvas/Int16Array.h:
1512         * html/canvas/Int16Array.idl:
1513         * html/canvas/Int32Array.cpp:
1514         (WebCore::Int32Array::subarray):
1515         * html/canvas/Int32Array.h:
1516         * html/canvas/Int32Array.idl:
1517         * html/canvas/Int8Array.cpp:
1518         (WebCore::Int8Array::subarray):
1519         * html/canvas/Int8Array.h:
1520         * html/canvas/Int8Array.idl:
1521         * html/canvas/TypedArrayBase.h:
1522         (WebCore::TypedArrayBase::subarrayImpl):
1523         * html/canvas/Uint16Array.cpp:
1524         (WebCore::Uint16Array::subarray):
1525         * html/canvas/Uint16Array.h:
1526         * html/canvas/Uint16Array.idl:
1527         * html/canvas/Uint32Array.cpp:
1528         (WebCore::Uint32Array::subarray):
1529         * html/canvas/Uint32Array.h:
1530         * html/canvas/Uint32Array.idl:
1531         * html/canvas/Uint8Array.cpp:
1532         (WebCore::Uint8Array::subarray):
1533         * html/canvas/Uint8Array.h:
1534         * html/canvas/Uint8Array.idl:
1535
1536 2011-02-02  Adam Barth  <abarth@webkit.org>
1537
1538         Reviewed by Eric Seidel.
1539
1540         Add an empty file for Content Security Policy
1541         https://bugs.webkit.org/show_bug.cgi?id=53573
1542
1543         Posting this as a separate patch because editing the build files is so
1544         painful.
1545
1546         * Android.mk:
1547         * CMakeLists.txt:
1548         * GNUmakefile.am:
1549         * WebCore.gypi:
1550         * WebCore.pro:
1551         * WebCore.vcproj/WebCore.vcproj:
1552         * WebCore.xcodeproj/project.pbxproj:
1553
1554 2011-02-02  Dan Winship  <danw@gnome.org>
1555
1556         Reviewed by Martin Robinson.
1557
1558         [GTK] remove old data: URI handler, fix the SoupRequest-based one
1559         to pass tests
1560         https://bugs.webkit.org/show_bug.cgi?id=50885
1561
1562         * platform/network/soup/ResourceHandleSoup.cpp:
1563         (WebCore::sendRequestCallback): Do content-type sniffing here for
1564         non-HTTP requests.
1565         (WebCore::startHTTPRequest): Rename to match WebKit style.
1566         (WebCore::ResourceHandle::start): Pass everything except HTTP to
1567         startNonHTTPRequest, letting the SoupRequester decide whether it's
1568         supported or not.
1569         (WebCore::startNonHTTPRequest): Remove some old pre-SoupRequester
1570         code that was a no-op for file: URIs, but would break some data:
1571         URIs.
1572
1573 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1574
1575         Update even more references to right() and bottom() in Chromium. Sheesh.
1576
1577         * platform/graphics/chromium/LayerRendererChromium.cpp:
1578         (WebCore::LayerRendererChromium::getFramebufferPixels): Replaced bottom/right with maxY/maxX.
1579
1580 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1581
1582         Unreviewed Gtk3 buildfix after r77286.
1583
1584         https://bugs.webkit.org/show_bug.cgi?id=53520
1585         Remove the physical terminology from IntRect and FloatRect.
1586
1587         * platform/gtk/RenderThemeGtk3.cpp:
1588         (WebCore::RenderThemeGtk::paintMenuList):
1589
1590 2011-02-02  Anders Carlsson  <andersca@apple.com>
1591
1592         Fix build.
1593
1594         * platform/mac/ScrollAnimatorMac.mm:
1595         (WebCore::ScrollAnimatorMac::pinnedInDirection):
1596
1597 2011-02-02  David Hyatt  <hyatt@apple.com>
1598
1599         Reviewed by Dan Bernstein.
1600
1601         https://bugs.webkit.org/show_bug.cgi?id=53619
1602
1603         Floats should not use physical terminology for their rects. Replace left/top with x/y and right/bottom
1604         with maxX/maxY.  This matches IntRect.
1605
1606         * rendering/RenderBlock.cpp:
1607         (WebCore::RenderBlock::addOverflowFromFloats):
1608         (WebCore::RenderBlock::flipFloatForWritingMode):
1609         (WebCore::RenderBlock::paintFloats):
1610         (WebCore::RenderBlock::selectionGaps):
1611         (WebCore::RenderBlock::addOverhangingFloats):
1612         (WebCore::RenderBlock::addIntrudingFloats):
1613         (WebCore::RenderBlock::hitTestFloats):
1614         (WebCore::RenderBlock::adjustForBorderFit):
1615         * rendering/RenderBlock.h:
1616         (WebCore::RenderBlock::FloatingObject::x):
1617         (WebCore::RenderBlock::FloatingObject::maxX):
1618         (WebCore::RenderBlock::FloatingObject::y):
1619         (WebCore::RenderBlock::FloatingObject::maxY):
1620         (WebCore::RenderBlock::FloatingObject::setX):
1621         (WebCore::RenderBlock::FloatingObject::setY):
1622         (WebCore::RenderBlock::logicalTopForFloat):
1623         (WebCore::RenderBlock::logicalBottomForFloat):
1624         (WebCore::RenderBlock::logicalLeftForFloat):
1625         (WebCore::RenderBlock::logicalRightForFloat):
1626         (WebCore::RenderBlock::setLogicalTopForFloat):
1627         (WebCore::RenderBlock::setLogicalLeftForFloat):
1628         (WebCore::RenderBlock::xPositionForFloatIncludingMargin):
1629         (WebCore::RenderBlock::yPositionForFloatIncludingMargin):
1630
1631 2011-02-02  Dimitri Glazkov  <dglazkov@chromium.org>
1632
1633         Update more references to right() and bottom() in Chromium Win.
1634
1635         * platform/graphics/chromium/TransparencyWin.cpp:
1636         (WebCore::TransparencyWin::compositeOpaqueComposite): Replaced bottom/right with maxY/maxX.
1637         (WebCore::TransparencyWin::compositeTextComposite): Ditto.
1638         * rendering/RenderThemeChromiumWin.cpp:
1639         (WebCore::RenderThemeChromiumWin::paintMenuList): Ditto.
1640
1641 2011-02-02  Adam Roben  <aroben@apple.com>
1642
1643         Encode/decode FormData and FormDataElement objects consistently
1644
1645         Fixes <http://webkit.org/b/53615> <rdar://problem/8943346> WebKit2: Restoring session state
1646         that contains form data fails (asserts in Debug build)
1647
1648         To prevent this from interfering with WebKit2 testing, it's useful to get this into a build
1649         now, even though we don't have an automated test for it yet. Writing a test is covered by
1650         <http://webkit.org/b/53616>.
1651
1652         Reviewed by Darin Adler.
1653
1654         * history/HistoryItem.cpp: Bump the encoding version, since this patch changes how we encode
1655         FormData objects.
1656
1657         * platform/network/FormData.cpp:
1658         (WebCore::decode): Decode the type from the Decoder, rather than getting it from the
1659         default-constructed FormDataElement. Failing to do this meant that all future uses of the
1660         Decoder would be reading from an unexpected part of the buffer (i.e., the next decode would
1661         start by reading the uint32_t that we forgot to decode here, and so on). We already had code
1662         to correctly set the FormDataElement's type based on this decoded type later in the
1663         function.
1664         (WebCore::FormData::encodeForBackForward): Encode m_identifier as an int64_t, since that
1665         matches its type and how we decode it.
1666
1667 2011-02-02  Dan Winship  <danw@gnome.org>
1668
1669         Reviewed by Martin Robinson.
1670
1671         [GTK] drop soup cache stuff, which has been moved to libsoup
1672         https://bugs.webkit.org/show_bug.cgi?id=50747
1673
1674         Use libsoup-based cache/requester API and remove the WebCore version
1675         of this functionality. This has been pushed upstream fully.
1676
1677         No new tests because this should not change functionality.
1678
1679         * GNUmakefile.am: Update for removed files.
1680         * platform/network/ResourceHandleInternal.h:
1681         (WebCore::ResourceHandleInternal::ResourceHandleInternal): Update
1682         type names, drop m_requester.
1683         * platform/network/soup/ResourceHandleSoup.cpp:
1684         (WebCore::ensureSessionIsInitialized): Add a SoupRequester to the
1685         session.
1686         (WebCore::parseDataUrl):
1687         (WebCore::startHttp): Get the requester from the session rather
1688         than using m_requester.
1689         (WebCore::sendRequestCallback):
1690         (WebCore::ResourceHandle::platformSetDefersLoading):
1691         (WebCore::readCallback):
1692         (WebCore::startGio): Update type names.
1693         * platform/network/soup/cache/soup-directory-input-stream.c: Removed.
1694         * platform/network/soup/cache/soup-directory-input-stream.h: Removed.
1695         * platform/network/soup/cache/soup-http-input-stream.c: Removed.
1696         * platform/network/soup/cache/soup-http-input-stream.h: Removed.
1697         * platform/network/soup/cache/soup-request-data.c: Removed.
1698         * platform/network/soup/cache/soup-request-data.h: Removed.
1699         * platform/network/soup/cache/soup-request-file.c: Removed.
1700         * platform/network/soup/cache/soup-request-file.h: Removed.
1701         * platform/network/soup/cache/soup-request-http.c: Removed.
1702         * platform/network/soup/cache/soup-request-http.h: Removed.
1703         * platform/network/soup/cache/soup-request.c: Removed.
1704         * platform/network/soup/cache/soup-request.h: Removed.
1705         * platform/network/soup/cache/soup-requester.c: Removed.
1706         * platform/network/soup/cache/soup-requester.h: Removed.
1707         * platform/network/soup/cache/webkit/soup-cache-private.h: Removed.
1708         * platform/network/soup/cache/webkit/soup-cache.c: Removed.
1709         * platform/network/soup/cache/webkit/soup-cache.h: Removed.
1710
1711 2011-02-02  David Hyatt  <hyatt@apple.com>
1712
1713         Reviewed by Darin Adler.
1714
1715         https://bugs.webkit.org/show_bug.cgi?id=53520
1716
1717         Remove physical accessors from IntRect and FloatRect.
1718
1719         * page/FrameView.cpp:
1720         (WebCore::FrameView::adjustPageHeightDeprecated):
1721         * platform/graphics/FloatRect.h:
1722         * platform/graphics/IntRect.h:
1723
1724 2011-02-02  David Hyatt  <hyatt@apple.com>
1725
1726         Reviewed by Dan Bernstein.
1727
1728         https://bugs.webkit.org/show_bug.cgi?id=53614
1729
1730         Remove physical terminology from overflow.  Replace with minX/maxX/minY/maxY.
1731
1732         * rendering/InlineFlowBox.cpp:
1733         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
1734         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
1735         * rendering/InlineFlowBox.h:
1736         (WebCore::InlineFlowBox::minYLayoutOverflow):
1737         (WebCore::InlineFlowBox::maxYLayoutOverflow):
1738         (WebCore::InlineFlowBox::minXLayoutOverflow):
1739         (WebCore::InlineFlowBox::maxXLayoutOverflow):
1740         (WebCore::InlineFlowBox::logicalLeftLayoutOverflow):
1741         (WebCore::InlineFlowBox::logicalRightLayoutOverflow):
1742         (WebCore::InlineFlowBox::logicalTopLayoutOverflow):
1743         (WebCore::InlineFlowBox::logicalBottomLayoutOverflow):
1744         (WebCore::InlineFlowBox::minYVisualOverflow):
1745         (WebCore::InlineFlowBox::maxYVisualOverflow):
1746         (WebCore::InlineFlowBox::minXVisualOverflow):
1747         (WebCore::InlineFlowBox::maxXVisualOverflow):
1748         (WebCore::InlineFlowBox::logicalLeftVisualOverflow):
1749         (WebCore::InlineFlowBox::logicalRightVisualOverflow):
1750         (WebCore::InlineFlowBox::logicalminYVisualOverflow):
1751         (WebCore::InlineFlowBox::logicalmaxYVisualOverflow):
1752         * rendering/RenderBlock.cpp:
1753         (WebCore::RenderBlock::adjustLinePositionForPagination):
1754         * rendering/RenderBlockLineLayout.cpp:
1755         (WebCore::RenderBlock::beforeSideVisualOverflowForLine):
1756         (WebCore::RenderBlock::afterSideVisualOverflowForLine):
1757         (WebCore::RenderBlock::beforeSideLayoutOverflowForLine):
1758         (WebCore::RenderBlock::afterSideLayoutOverflowForLine):
1759         * rendering/RenderBox.cpp:
1760         (WebCore::RenderBox::scrollWidth):
1761         (WebCore::RenderBox::scrollHeight):
1762         * rendering/RenderBox.h:
1763         (WebCore::RenderBox::minYLayoutOverflow):
1764         (WebCore::RenderBox::maxYLayoutOverflow):
1765         (WebCore::RenderBox::minXLayoutOverflow):
1766         (WebCore::RenderBox::maxXLayoutOverflow):
1767         (WebCore::RenderBox::logicalLeftLayoutOverflow):
1768         (WebCore::RenderBox::logicalRightLayoutOverflow):
1769         (WebCore::RenderBox::minYVisualOverflow):
1770         (WebCore::RenderBox::maxYVisualOverflow):
1771         (WebCore::RenderBox::minXVisualOverflow):
1772         (WebCore::RenderBox::maxXVisualOverflow):
1773         (WebCore::RenderBox::logicalLeftVisualOverflow):
1774         (WebCore::RenderBox::logicalRightVisualOverflow):
1775         * rendering/RenderInline.cpp:
1776         (WebCore::RenderInline::linesVisualOverflowBoundingBox):
1777         * rendering/RenderLayerCompositor.cpp:
1778         (WebCore::RenderLayerCompositor::ensureRootPlatformLayer):
1779         * rendering/RenderLineBoxList.cpp:
1780         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1781         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1782         (WebCore::RenderLineBoxList::paint):
1783         (WebCore::RenderLineBoxList::hitTest):
1784         * rendering/RenderMarquee.cpp:
1785         (WebCore::RenderMarquee::computePosition):
1786         * rendering/RenderOverflow.h:
1787         (WebCore::RenderOverflow::RenderOverflow):
1788         (WebCore::RenderOverflow::minYLayoutOverflow):
1789         (WebCore::RenderOverflow::maxYLayoutOverflow):
1790         (WebCore::RenderOverflow::minXLayoutOverflow):
1791         (WebCore::RenderOverflow::maxXLayoutOverflow):
1792         (WebCore::RenderOverflow::minYVisualOverflow):
1793         (WebCore::RenderOverflow::maxYVisualOverflow):
1794         (WebCore::RenderOverflow::minXVisualOverflow):
1795         (WebCore::RenderOverflow::maxXVisualOverflow):
1796         (WebCore::RenderOverflow::setminYVisualOverflow):
1797         (WebCore::RenderOverflow::visualOverflowRect):
1798         (WebCore::RenderOverflow::move):
1799         (WebCore::RenderOverflow::addVisualOverflow):
1800         (WebCore::RenderOverflow::setVisualOverflow):
1801         * rendering/RenderReplaced.cpp:
1802         (WebCore::RenderReplaced::shouldPaint):
1803         * rendering/RenderTable.cpp:
1804         (WebCore::RenderTable::layout):
1805         (WebCore::RenderTable::paint):
1806         * rendering/RenderTableCell.cpp:
1807         (WebCore::RenderTableCell::clippedOverflowRectForRepaint):
1808         * rendering/RenderTreeAsText.cpp:
1809         (WebCore::writeLayers):
1810         * rendering/RenderView.cpp:
1811         (WebCore::RenderView::docTop):
1812
1813 2011-02-02  Steve Lacey  <sjl@chromium.org>
1814
1815         Reviewed by Eric Carlson.
1816
1817         Implement basic media statistics on media elements.
1818         https://bugs.webkit.org/show_bug.cgi?id=53322
1819
1820         * Configurations/FeatureDefines.xcconfig:
1821         * GNUmakefile.am:
1822         * features.pri:
1823         * html/HTMLMediaElement.cpp:
1824         (WebCore::HTMLMediaElement::webkitAudioBytesDecoded):
1825         (WebCore::HTMLMediaElement::webkitVideoBytesDecoded):
1826         * html/HTMLMediaElement.h:
1827         * html/HTMLMediaElement.idl:
1828         * html/HTMLVideoElement.cpp:
1829         (WebCore::HTMLVideoElement::webkitDecodedFrames):
1830         (WebCore::HTMLVideoElement::webkitDroppedFrames):
1831         * html/HTMLVideoElement.h:
1832         * html/HTMLVideoElement.idl:
1833         * platform/graphics/MediaPlayer.cpp:
1834         (WebCore::MediaPlayer::decodedFrames):
1835         (WebCore::MediaPlayer::droppedFrames):
1836         (WebCore::MediaPlayer::audioBytesDecoded):
1837         (WebCore::MediaPlayer::videoBytesDecoded):
1838         * platform/graphics/MediaPlayer.h:
1839         * platform/graphics/MediaPlayerPrivate.h:
1840         (WebCore::MediaPlayerPrivateInterface::decodedFrames):
1841         (WebCore::MediaPlayerPrivateInterface::droppedFrames):
1842         (WebCore::MediaPlayerPrivateInterface::audioBytesDecoded):
1843         (WebCore::MediaPlayerPrivateInterface::videoBytesDecoded):
1844
1845 2011-02-02  Luiz Agostini  <luiz.agostini@openbossa.org>
1846
1847         Reviewed by David Hyatt.
1848
1849         More conversion from right()/bottom() to maxX()/maxY().
1850
1851         * page/qt/FrameQt.cpp:
1852         (WebCore::Frame::dragImageForSelection):
1853         * platform/graphics/qt/GraphicsContextQt.cpp:
1854         (WebCore::GraphicsContext::roundToDevicePixels):
1855
1856 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
1857
1858         [wx] Build fixes for wxWebKit.
1859
1860         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
1861         (documentWrite):
1862         * bindings/scripts/CodeGeneratorCPP.pm:
1863         * page/wx/DragControllerWx.cpp:
1864         (WebCore::DragController::dragOperation):
1865         * platform/graphics/wx/FontCustomPlatformData.h:
1866         * platform/graphics/wx/FontPlatformData.h:
1867         (WebCore::FontPlatformData::widthVariant):
1868         * platform/graphics/wx/FontPlatformDataWx.cpp:
1869         (WebCore::FontPlatformData::computeHash):
1870         * platform/graphics/wx/FontWx.cpp:
1871         * platform/graphics/wx/GraphicsContextWx.cpp:
1872         (WebCore::GraphicsContext::fillPath):
1873         (WebCore::GraphicsContext::strokePath):
1874         * platform/wx/RenderThemeWx.cpp:
1875
1876 2011-02-02  David Hyatt  <hyatt@apple.com>
1877
1878         Reviewed by Darin Adler.
1879
1880         More right()/bottom() to maxX()/maxY() conversion.
1881
1882         * page/chromium/FrameChromium.cpp:
1883         (WebCore::Frame::nodeImage):
1884         (WebCore::Frame::dragImageForSelection):
1885
1886 2011-02-02  Sam Weinig  <sam@webkit.org>
1887
1888         Fix windows clean build.
1889
1890         * DerivedSources.make:
1891
1892 2011-02-02  Mikhail Naganov  <mnaganov@chromium.org>
1893
1894         Reviewed by Pavel Feldman.
1895
1896         Web Inspector: [Chromium] Landing detailed heap snapshots, part 2.
1897
1898         https://bugs.webkit.org/show_bug.cgi?id=53606
1899
1900         Display progress while taking a snapshot, and hints while loading
1901         and parsing. This is needed because taking detailed heap snapshots
1902         takes time.
1903
1904         * English.lproj/localizedStrings.js:
1905         * inspector/front-end/DetailedHeapshotView.js:
1906         (WebInspector.DetailedHeapshotProfileType.prototype.buttonClicked):
1907         * inspector/front-end/ProfilesPanel.js:
1908         (WebInspector.ProfilesPanel.prototype._reset):
1909         (WebInspector.ProfilesPanel.prototype._addProfileHeader):
1910         (WebInspector.ProfilesPanel.prototype.getProfiles):
1911         (WebInspector.ProfilesPanel.prototype.loadHeapSnapshot):
1912         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot.doParse):
1913         (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot):
1914         (WebInspector.ProfilesPanel.prototype.takeHeapSnapshot):
1915         (WebInspector.ProfilesPanel.prototype._reportHeapSnapshotProgress):
1916         * inspector/front-end/SidebarTreeElement.js:
1917         (WebInspector.SidebarTreeElement.prototype.refreshTitles):
1918
1919 2011-02-02  David Hyatt  <hyatt@apple.com>
1920
1921         Reviewed by Darin Adler.
1922
1923         More conversion from right()/bottom() to maxX()/maxY().
1924
1925         * platform/win/PopupMenuWin.cpp:
1926         (WebCore::PopupMenuWin::calculatePositionAndSize):
1927         (WebCore::PopupMenuWin::paint):
1928
1929 2011-02-02  David Hyatt  <hyatt@apple.com>
1930
1931         Reviewed by Darin Adler.
1932
1933         Removal of right()/bottom().  Replace with maxX() and maxY().  Still converting.  Haven't removed yet.
1934
1935         * platform/chromium/PopupMenuChromium.cpp:
1936         (WebCore::PopupContainer::layoutAndCalculateWidgetRect):
1937         (WebCore::PopupListBox::scrollToRevealRow):
1938         (WebCore::PopupListBox::layout):
1939         * platform/graphics/FloatRect.h:
1940         * platform/graphics/IntRect.h:
1941         * platform/graphics/cairo/ImageBufferCairo.cpp:
1942         (WebCore::getImageData):
1943         (WebCore::putImageData):
1944         * platform/graphics/chromium/GLES2Canvas.cpp:
1945         (WebCore::GLES2Canvas::drawTexturedRect):
1946         * platform/graphics/chromium/LayerRendererChromium.cpp:
1947         (WebCore::LayerRendererChromium::verticalScrollbarRect):
1948         (WebCore::LayerRendererChromium::horizontalScrollbarRect):
1949         (WebCore::LayerRendererChromium::setScissorToRect):
1950         (WebCore::LayerRendererChromium::setDrawViewportRect):
1951         * platform/graphics/chromium/LayerTilerChromium.cpp:
1952         (WebCore::LayerTilerChromium::contentRectToTileIndices):
1953         (WebCore::LayerTilerChromium::growLayerToContain):
1954         * platform/graphics/gpu/TilingData.cpp:
1955         (WebCore::TilingData::tileBoundsWithBorder):
1956         (WebCore::TilingData::overlappedTileIndices):
1957         * platform/graphics/qt/ImageBufferQt.cpp:
1958         (WebCore::getImageData):
1959         (WebCore::putImageData):
1960         * platform/graphics/skia/FloatRectSkia.cpp:
1961         (WebCore::FloatRect::operator SkRect):
1962         * platform/graphics/skia/ImageBufferSkia.cpp:
1963         (WebCore::getImageData):
1964         (WebCore::putImageData):
1965         * platform/graphics/skia/IntRectSkia.cpp:
1966         (WebCore::IntRect::operator SkIRect):
1967         (WebCore::IntRect::operator SkRect):
1968         * platform/graphics/skia/PlatformContextSkia.cpp:
1969         (WebCore::PlatformContextSkia::beginLayerClippedToImage):
1970         * platform/graphics/win/GraphicsContextWin.cpp:
1971         (WebCore::GraphicsContextPlatformPrivate::clip):
1972         * platform/graphics/win/IntRectWin.cpp:
1973         (WebCore::IntRect::operator RECT):
1974         * platform/graphics/win/UniscribeController.cpp:
1975         (WebCore::UniscribeController::shapeAndPlaceItem):
1976         * platform/graphics/wince/GraphicsContextWinCE.cpp:
1977         (WebCore::roundRect):
1978         (WebCore::mapRect):
1979         (WebCore::TransparentLayerDC::TransparentLayerDC):
1980         (WebCore::GraphicsContext::drawRect):
1981         (WebCore::GraphicsContext::drawEllipse):
1982         (WebCore::GraphicsContext::strokeArc):
1983         (WebCore::GraphicsContext::clip):
1984         (WebCore::GraphicsContext::clipOut):
1985         (WebCore::GraphicsContext::strokeRect):
1986         * platform/image-decoders/gif/GIFImageDecoder.cpp:
1987         (WebCore::GIFImageDecoder::initFrameBuffer):
1988         * platform/win/PopupMenuWin.cpp:
1989         (WebCore::PopupMenuWin::calculatePositionAndSize):
1990         (WebCore::PopupMenuWin::paint):
1991         * plugins/win/PluginViewWin.cpp:
1992         (WebCore::PluginView::updatePluginWidget):
1993         (WebCore::PluginView::invalidateRect):
1994         * rendering/RenderThemeSafari.cpp:
1995         (WebCore::RenderThemeSafari::paintMenuListButtonGradients):
1996         (WebCore::RenderThemeSafari::paintMenuListButton):
1997         (WebCore::RenderThemeSafari::paintSliderTrack):
1998         * rendering/RenderThemeWin.cpp:
1999         (WebCore::RenderThemeWin::paintInnerSpinButton):
2000         (WebCore::RenderThemeWin::paintMenuListButton):
2001
2002 2011-02-02  Antti Koivisto  <antti@apple.com>
2003
2004         Reviewed by Maciej Stachowiak.
2005
2006         Use Vector instead of a linked list for rules in CSSStyleSelector
2007         https://bugs.webkit.org/show_bug.cgi?id=53581
2008         
2009         - eliminate CSSRuleDataList, replace with Vector<RuleData>
2010         - rename CSSRuleData -> RuleData and CSSRuleSet -> RuleSet 
2011           (these are selector internal classes, CSS prefix is better reserved for public ones).
2012         - constify a bit
2013         - shrink the vectors to fit after collecting the rules
2014
2015         * css/CSSStyleSelector.cpp:
2016         (WebCore::RuleData::RuleData):
2017         (WebCore::RuleData::position):
2018         (WebCore::RuleData::rule):
2019         (WebCore::RuleData::selector):
2020         (WebCore::RuleSet::disableAutoShrinkToFit):
2021         (WebCore::RuleSet::getIDRules):
2022         (WebCore::RuleSet::getClassRules):
2023         (WebCore::RuleSet::getTagRules):
2024         (WebCore::RuleSet::getPseudoRules):
2025         (WebCore::RuleSet::getUniversalRules):
2026         (WebCore::RuleSet::getPageRules):
2027         (WebCore::collectSiblingRulesInDefaultStyle):
2028         (WebCore::CSSStyleSelector::CSSStyleSelector):
2029         (WebCore::loadFullDefaultStyle):
2030         (WebCore::loadSimpleDefaultStyle):
2031         (WebCore::loadViewSourceStyle):
2032         (WebCore::CSSStyleSelector::matchRules):
2033         (WebCore::CSSStyleSelector::matchRulesForList):
2034         (WebCore::operator >):
2035         (WebCore::operator <=):
2036         (WebCore::CSSStyleSelector::sortMatchedRules):
2037         (WebCore::CSSStyleSelector::matchUARules):
2038         (WebCore::RuleSet::RuleSet):
2039         (WebCore::RuleSet::~RuleSet):
2040         (WebCore::RuleSet::addToRuleSet):
2041         (WebCore::RuleSet::addRule):
2042         (WebCore::RuleSet::addPageRule):
2043         (WebCore::RuleSet::addRulesFromSheet):
2044         (WebCore::RuleSet::addStyleRule):
2045         (WebCore::collectIdsAndSiblingRulesFromList):
2046         (WebCore::RuleSet::collectIdsAndSiblingRules):
2047         (WebCore::shrinkMapVectorsToFit):
2048         (WebCore::RuleSet::shrinkToFit):
2049         (WebCore::CSSStyleSelector::matchPageRules):
2050         (WebCore::CSSStyleSelector::matchPageRulesForList):
2051         * css/CSSStyleSelector.h:
2052         (WebCore::CSSStyleSelector::addMatchedRule):
2053
2054 2011-02-02  Andrey Adaikin  <aandrey@google.com>
2055
2056         Reviewed by Pavel Feldman.
2057
2058         Web Inspector: Use DIVs instead of TABLE in TextViewer
2059         https://bugs.webkit.org/show_bug.cgi?id=53299
2060
2061         * inspector/front-end/SourceFrame.js:
2062         (WebInspector.SourceFrame.prototype._createTextViewer):
2063         (WebInspector.SourceFrame.prototype._mouseDown):
2064         * inspector/front-end/TextViewer.js:
2065         (WebInspector.TextViewer):
2066         (WebInspector.TextViewer.prototype.set mimeType):
2067         (WebInspector.TextViewer.prototype.revealLine):
2068         (WebInspector.TextViewer.prototype.addDecoration):
2069         (WebInspector.TextViewer.prototype.removeDecoration):
2070         (WebInspector.TextViewer.prototype.markAndRevealRange):
2071         (WebInspector.TextViewer.prototype.highlightLine):
2072         (WebInspector.TextViewer.prototype.clearLineHighlight):
2073         (WebInspector.TextViewer.prototype.freeCachedElements):
2074         (WebInspector.TextViewer.prototype._handleKeyDown):
2075         (WebInspector.TextViewer.prototype.editLine.finishEditing):
2076         (WebInspector.TextViewer.prototype.editLine):
2077         (WebInspector.TextViewer.prototype.beginUpdates):
2078         (WebInspector.TextViewer.prototype.endUpdates):
2079         (WebInspector.TextViewer.prototype.resize):
2080         (WebInspector.TextViewer.prototype._textChanged):
2081         (WebInspector.TextViewer.prototype._updatePanelOffsets):
2082         (WebInspector.TextViewer.prototype._syncScroll):
2083         (WebInspector.TextViewer.prototype._syncDecorationsForLine):
2084         (WebInspector.TextEditorChunkedPanel):
2085         (WebInspector.TextEditorChunkedPanel.prototype.set syncScrollListener):
2086         (WebInspector.TextEditorChunkedPanel.prototype.get textModel):
2087         (WebInspector.TextEditorChunkedPanel.prototype.addDecoration):
2088         (WebInspector.TextEditorChunkedPanel.prototype.removeDecoration):
2089         (WebInspector.TextEditorChunkedPanel.prototype.revealLine):
2090         (WebInspector.TextEditorChunkedPanel.prototype.makeLineAChunk):
2091         (WebInspector.TextEditorChunkedPanel.prototype.textChanged):
2092         (WebInspector.TextEditorChunkedPanel.prototype.beginUpdates):
2093         (WebInspector.TextEditorChunkedPanel.prototype.endUpdates):
2094         (WebInspector.TextEditorChunkedPanel.prototype.resize):
2095         (WebInspector.TextEditorChunkedPanel.prototype._scroll):
2096         (WebInspector.TextEditorChunkedPanel.prototype._scheduleRepaintAll):
2097         (WebInspector.TextEditorChunkedPanel.prototype._buildChunks):
2098         (WebInspector.TextEditorChunkedPanel.prototype._repaintAll):
2099         (WebInspector.TextEditorChunkedPanel.prototype._chunkNumberForLine):
2100         (WebInspector.TextEditorChunkedPanel.prototype._chunkForLine):
2101         (WebInspector.TextEditorGutterPanel):
2102         (WebInspector.TextEditorGutterPanel.prototype.freeCachedElements):
2103         (WebInspector.TextEditorGutterPanel.prototype._createNewChunk):
2104         (WebInspector.TextEditorGutterPanel.prototype._expandChunks):
2105         (WebInspector.TextEditorGutterChunk):
2106         (WebInspector.TextEditorGutterChunk.prototype.get expanded):
2107         (WebInspector.TextEditorGutterChunk.prototype.set expanded):
2108         (WebInspector.TextEditorGutterChunk.prototype.get height):
2109         (WebInspector.TextEditorGutterChunk.prototype._createRow):
2110         (WebInspector.TextEditorMainPanel):
2111         (WebInspector.TextEditorMainPanel.prototype.set syncDecorationsForLine):
2112         (WebInspector.TextEditorMainPanel.prototype.set mimeType):
2113         (WebInspector.TextEditorMainPanel.prototype.markAndRevealRange):
2114         (WebInspector.TextEditorMainPanel.prototype.highlightLine):
2115         (WebInspector.TextEditorMainPanel.prototype.clearLineHighlight):
2116         (WebInspector.TextEditorMainPanel.prototype.freeCachedElements):
2117         (WebInspector.TextEditorMainPanel.prototype._buildChunks):
2118         (WebInspector.TextEditorMainPanel.prototype._createNewChunk):
2119         (WebInspector.TextEditorMainPanel.prototype._expandChunks):
2120         (WebInspector.TextEditorMainPanel.prototype._highlightDataReady):
2121         (WebInspector.TextEditorMainPanel.prototype._paintLines):
2122         (WebInspector.TextEditorMainPanel.prototype._paintLine):
2123         (WebInspector.TextEditorMainPanel.prototype._releaseLinesHighlight):
2124         (WebInspector.TextEditorMainPanel.prototype._getSelection):
2125         (WebInspector.TextEditorMainPanel.prototype._restoreSelection):
2126         (WebInspector.TextEditorMainPanel.prototype._selectionToPosition):
2127         (WebInspector.TextEditorMainPanel.prototype._positionToSelection):
2128         (WebInspector.TextEditorMainPanel.prototype._appendTextNode):
2129         (WebInspector.TextEditorMainPanel.prototype._handleDomUpdates):
2130         (WebInspector.TextEditorMainChunk):
2131         (WebInspector.TextEditorMainChunk.prototype.addDecoration):
2132         (WebInspector.TextEditorMainChunk.prototype.set expanded):
2133         (WebInspector.TextEditorMainChunk.prototype.get height):
2134         (WebInspector.TextEditorMainChunk.prototype.getExpandedLineRow):
2135         (WebInspector.TextEditorMainChunk.prototype._createRow):
2136         (WebInspector):
2137         * inspector/front-end/textViewer.css:
2138         (.text-editor-lines):
2139         (.text-editor-contents):
2140         (.text-editor-editable):
2141         (.webkit-line-decorations):
2142         (.webkit-line-number):
2143         (.webkit-execution-line.webkit-line-content):
2144         (.diff-container .webkit-added-line.webkit-line-content):
2145         (.diff-container .webkit-removed-line.webkit-line-content):
2146         (.diff-container .webkit-changed-line.webkit-line-content):
2147         (.webkit-highlighted-line.webkit-line-content):
2148
2149 2011-02-02  Hans Wennborg  <hans@chromium.org>
2150
2151         Reviewed by Jeremy Orlow.
2152
2153         IndexedDB: Implement support for cursor updates
2154         https://bugs.webkit.org/show_bug.cgi?id=53421
2155
2156         Implement support for cursor updates using the same pattern as cursor
2157         deletes: forward the calls to the IDBObjectStoreBackend::put().
2158         The put() function's signature needs to be changed to allow for a
2159         "cursor update mode". This makes the signature more clear anyway,
2160         since it replaces the boolean parameter.
2161
2162         Test: storage/indexeddb/cursor-update.html
2163
2164         * storage/IDBCursor.idl:
2165         * storage/IDBCursorBackendImpl.cpp:
2166         (WebCore::IDBCursorBackendImpl::key):
2167         (WebCore::IDBCursorBackendImpl::update):
2168         * storage/IDBCursorBackendImpl.h:
2169         * storage/IDBObjectStore.cpp:
2170         (WebCore::IDBObjectStore::add):
2171         (WebCore::IDBObjectStore::put):
2172         * storage/IDBObjectStoreBackendImpl.cpp:
2173         (WebCore::IDBObjectStoreBackendImpl::put):
2174         (WebCore::IDBObjectStoreBackendImpl::putInternal):
2175         * storage/IDBObjectStoreBackendImpl.h:
2176         * storage/IDBObjectStoreBackendInterface.h:
2177
2178 2011-02-02  Naoki Takano  <takano.naoki@gmail.com>
2179
2180         Reviewed by Kent Tamura.
2181
2182         Fix popup menu RTL bug introduced by Changeset 75982.
2183         https://bugs.webkit.org/show_bug.cgi?id=53567
2184
2185         PopupMenuChromium::layout() calculates X position according to RTL or not. So Change the X position calculation in layoutAndCalculateWidgetRect().
2186
2187         No new tests. However we can check manually with select_dropdown_box_alignment.html, autofill_alignment.html, select_alignment.html, select_dropdown_box_alignment.html, autofill-popup-width-and-item-direction.html
2188
2189         * platform/chromium/PopupMenuChromium.cpp:
2190         (WebCore::PopupContainer::layoutAndCalculateWidgetRect): Fix calculation of x position, because layout() considers RTL. And change the parameter from both X and Y positions to only Y position.
2191         (WebCore::PopupContainer::showPopup): Change the passing parameter.
2192         (WebCore::PopupContainer::refresh): Change the passing parameter.
2193         * platform/chromium/PopupMenuChromium.h: Change the parameter declaration.
2194
2195 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
2196
2197         Reviewed by Martin Robinson.
2198
2199         [GTK] Fix dist compilation
2200         https://bugs.webkit.org/show_bug.cgi?id=53579
2201
2202         * GNUmakefile.am: Added FontWidthVariant.h to the sources, it was
2203         added in r77153.
2204
2205 2011-02-02  Dai Mikurube  <dmikurube@google.com>
2206
2207         Reviewed by David Levin.
2208
2209         Make mime type lookup in File::create(path) thread-safe
2210         https://bugs.webkit.org/show_bug.cgi?id=47700
2211
2212         This patch introduces a new function MIMETypeRegistry::getMIMETypeForExtensionThreadSafe().
2213         The function is to be called as a thread-safe version of getMIMETypeForExtension() when
2214         both FILE_SYSTEM and WORKERS are enabled.
2215
2216         No tests for this patch. This patch itself doesn't change the behaviors.
2217         For Chromium, it runs in the same way with getMIMETypeForExtensionThreadSafe().
2218         For the other platforms, it causes compilation error in case of enabled FILE_SYSTEM and WORKERS.
2219         The compilation error would be a signal to implement getMIMETypeForExtensionThreadSafe() in these
2220         platforms. Currently it doesn't happen since FILE_SYSTEM is not available in the other platforms.
2221
2222         * platform/MIMETypeRegistry.cpp: Defined generic getMIMETypeForExtension() calling getMIMETypeForExtensionThreadSafe() for enabled FILE_SYSTEM and WORKERS.
2223         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2224         * platform/MIMETypeRegistry.h: Declared getMIMETypeForExtensionThreadSafe() which should be implemented for each platform.
2225         * platform/android/TemporaryLinkStubs.cpp:
2226         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2227         * platform/brew/MIMETypeRegistryBrew.cpp:
2228         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2229         * platform/chromium/MIMETypeRegistryChromium.cpp: Defined getMIMETypeForExtensionThreadSafe() for the case when FILE_SYSTEM and WORKERS are enabled.
2230         (WebCore::MIMETypeRegistry::getMIMETypeForExtensionThreadSafe):
2231         * platform/efl/MIMETypeRegistryEfl.cpp:
2232         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2233         * platform/gtk/MIMETypeRegistryGtk.cpp:
2234         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2235         * platform/haiku/MIMETypeRegistryHaiku.cpp:
2236         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2237         * platform/mac/MIMETypeRegistryMac.mm:
2238         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2239         * platform/qt/MIMETypeRegistryQt.cpp:
2240         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2241         * platform/win/MIMETypeRegistryWin.cpp:
2242         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2243         * platform/wince/MIMETypeRegistryWinCE.cpp:
2244         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2245         * platform/wx/MimeTypeRegistryWx.cpp:
2246         (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
2247
2248 2011-02-01  Adam Barth  <abarth@webkit.org>
2249
2250         Reviewed by Alexey Proskuryakov.
2251
2252         Improve readability of updateWidget by converting bool parameter to an enum
2253         https://bugs.webkit.org/show_bug.cgi?id=53576
2254
2255         As requested on webkit-dev.
2256
2257         * html/HTMLEmbedElement.cpp:
2258         (WebCore::HTMLEmbedElement::updateWidget):
2259         * html/HTMLEmbedElement.h:
2260         * html/HTMLMediaElement.cpp:
2261         (WebCore::HTMLMediaElement::updateWidget):
2262         * html/HTMLMediaElement.h:
2263         * html/HTMLObjectElement.cpp:
2264         (WebCore::HTMLObjectElement::updateWidget):
2265         * html/HTMLObjectElement.h:
2266         * html/HTMLPlugInImageElement.cpp:
2267         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
2268         * html/HTMLPlugInImageElement.h:
2269         * page/FrameView.cpp:
2270         (WebCore::FrameView::updateWidget):
2271
2272 2011-02-01  James Robinson  <jamesr@chromium.org>
2273
2274         Reviewed by Adam Barth.
2275
2276         [v8] Increase V8 native->js recursion limit to match document.write() recursion limit
2277         https://bugs.webkit.org/show_bug.cgi?id=53566
2278
2279         A recursion limit of 22 is necessary to pass fast/dom/Document/document-write-recursion.html.
2280         Other than being large enough for this one test case, this limit is arbitrary.
2281
2282         * bindings/v8/V8Proxy.h:
2283
2284 2011-02-01  Adam Barth  <abarth@webkit.org>
2285
2286         Reviewed by Andreas Kling.
2287
2288         Remove useless comment
2289         https://bugs.webkit.org/show_bug.cgi?id=53549
2290
2291         The reason for this parameter is captured in
2292         plugins/netscape-plugin-setwindow-size.html, which is a better place to
2293         capture it than in this comment (which otherwise just re-iterates the
2294         name of the parameter).
2295
2296         * html/HTMLPlugInImageElement.cpp:
2297         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
2298
2299 2011-02-01  James Simonsen  <simonjam@chromium.org>
2300
2301         Reviewed by Tony Gentilcore.
2302
2303         [WebTiming] Remove asserts that verify timestamp order
2304         https://bugs.webkit.org/show_bug.cgi?id=53548
2305
2306         Covered by existing tests.
2307
2308         * loader/FrameLoader.cpp:
2309         (WebCore::FrameLoader::stopLoading): Remove assert.
2310         * page/DOMWindow.cpp:
2311         (WebCore::DOMWindow::dispatchTimedEvent): Ditto.
2312
2313 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
2314
2315         Add the 'default_targets' enclosure to the flags.
2316
2317         * WebCore.gyp/WebCore.gyp: Did it.
2318
2319 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
2320
2321         Reviewed by James Robinson.
2322
2323         Async event handlers should not fire within a modal dialog
2324         https://bugs.webkit.org/show_bug.cgi?id=53202
2325
2326         Asychronous events that use EventQueue would currently fire while a
2327         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
2328         SuspendableTimer (which automatically gets suspended while dialogs are
2329         up and in other cases where JS execution is not allowed).
2330         
2331         Test: fast/events/scroll-event-during-modal-dialog.html
2332
2333         * dom/Document.cpp:
2334         (WebCore::Document::Document):
2335         * dom/EventQueue.cpp:
2336         (WebCore::EventQueueTimer::EventQueueTimer):
2337         (WebCore::EventQueueTimer::fired):
2338         (WebCore::EventQueue::EventQueue):
2339         (WebCore::EventQueue::enqueueEvent):
2340         (WebCore::EventQueue::pendingEventTimerFired):
2341         * dom/EventQueue.h:
2342         (WebCore::EventQueue::create):
2343         * page/SuspendableTimer.cpp:
2344         (WebCore::SuspendableTimer::SuspendableTimer):
2345         (WebCore::SuspendableTimer::suspend):
2346         (WebCore::SuspendableTimer::resume):
2347         * page/SuspendableTimer.h:
2348
2349 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
2350
2351         Reviewed by Andreas Kling.
2352
2353         Change wrong PLATFORM(WIN) to USE(WININET)
2354         https://bugs.webkit.org/show_bug.cgi?id=53547
2355
2356         * platform/network/ResourceHandle.h:
2357
2358 2011-02-01  Beth Dakin  <bdakin@apple.com>
2359
2360         32-bit build fix.
2361
2362         * platform/mac/ScrollAnimatorMac.mm:
2363         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
2364
2365 2011-01-25  Martin Robinson  <mrobinson@igalia.com>
2366
2367         Reviewed by Gustavo Noronha Silva.
2368
2369         [GTK] Two tests crash after r76555
2370         https://bugs.webkit.org/show_bug.cgi?id=53057
2371
2372         Instead of creating synchronous ResourceHandles manually, use the ::create factory.
2373         This ensures that ::start() is not called when there is a scheduled failure and also
2374         reduces code duplication.
2375
2376         * platform/network/soup/ResourceHandleSoup.cpp:
2377         (WebCore::ResourceHandle::loadResourceSynchronously): Use the ::create factory method.
2378
2379 2011-02-01  Martin Robinson  <mrobinson@igalia.com>
2380
2381         Reviewed by Eric Seidel.
2382
2383         [GTK] GObject DOM bindings do no support the CallWith attribute
2384         https://bugs.webkit.org/show_bug.cgi?id=53331
2385
2386         Disable building GObject DOM bindings for IndexedDB because we do not support
2387         the CallWith attribute at this time.
2388
2389         * bindings/gobject/GNUmakefile.am: Disable building bindings for the IndexedDB API.
2390
2391 2011-02-01  Darin Adler  <darin@apple.com>
2392
2393         Reviewed by Brady Eidson.
2394
2395         Fix a couple loose ends from the back/forward tree encode/decode work
2396         https://bugs.webkit.org/show_bug.cgi?id=53537
2397
2398         * history/HistoryItem.cpp:
2399         (WebCore::HistoryItem::encodeBackForwardTreeNode): Remove extra copy of
2400         original URL string; no need to encode it twice.
2401         (WebCore::HistoryItem::decodeBackForwardTree): Ditto.
2402         * history/HistoryItem.h: Removed declaration for function that is no
2403         longer defined nor used.
2404
2405 2011-02-01  Tony Chang  <tony@chromium.org>
2406
2407         Reviewed by Kent Tamura.
2408
2409         [chromium] disable arm uninitialized variable warnings
2410         https://bugs.webkit.org/show_bug.cgi?id=53553
2411
2412         We just got another error:
2413         third_party/WebKit/Source/WebCore/css/CSSPrimitiveValue.cpp:123:error:
2414         'colorTransparent.unstatic.4879' may be used uninitialized in this
2415         function
2416
2417         * WebCore.gyp/WebCore.gyp:
2418
2419 2011-02-01  chris reiss  <christopher.reiss@nokia.com>
2420
2421         Reviewed by Adam Barth.
2422
2423         Self-replicating code makes Safari hang and eventually crash
2424         https://bugs.webkit.org/show_bug.cgi?id=15123
2425
2426        
2427         Here we are replicating the Firefox safeguard against
2428         recursive document.write( ) 's.
2429
2430         See  https://bug197052.bugzilla.mozilla.org/attachment.cgi?id=293907 in bug 
2431         https://bugzilla.mozilla.org/show_bug.cgi?id=197052 .   Firefox does two things - 
2432             a) imposes a recursion limit of 20 on document.write( ) and
2433             b) once that limit is passed, panics all the way the call stack (rather than just returning one level.)
2434         To see why this is necessary, consider the script : 
2435
2436         <script>
2437            var t = document.body.innerHTML;
2438            document.write(t);
2439         </script> 
2440
2441         This will create a tree both broad and deep as the script keeps appending itself to the text.   If
2442         we just return one level after the recursion limit is reached, we still allow millions of copies to 
2443         duplicate (and execute).   
2444
2445         The recursion is fortunately depth-first, so as soon as we cross this limit, we panic up the callstack
2446         to prevent this situation.    (IE apparently does the same thing, with a lower recursion limit.) 
2447
2448         Test: fast/dom/Document/document-write-recursion.html        
2449         Test: fast/dom/Document/document-close-iframe-load.html
2450         Test: fast/dom/Document/document-close-nested-iframe-load.html
2451
2452
2453         * dom/Document.cpp:
2454         (WebCore::Document::Document):
2455         (WebCore::Document::write):
2456         * dom/Document.h:
2457
2458 2011-02-01  Johnny Ding  <jnd@chromium.org>
2459
2460         Reviewed by Darin Adler.
2461
2462         Don't set user gesture in HTMLAnchorElement's click handler because the click handler can be triggered by untrusted event.
2463         https://bugs.webkit.org/show_bug.cgi?id=53424
2464
2465         Test: fast/events/popup-blocked-from-untrusted-click-event-on-anchor.html
2466
2467         * html/HTMLAnchorElement.cpp:
2468         (WebCore::handleLinkClick):
2469
2470 2011-02-01  Csaba Osztrogon√°c  <ossy@webkit.org>
2471
2472         Unreviewed Qt buildfix after r77286.
2473
2474         https://bugs.webkit.org/show_bug.cgi?id=53520 
2475         Remove the physical terminology from IntRect and FloatRect.
2476
2477         * platform/graphics/TiledBackingStore.cpp:
2478         (WebCore::TiledBackingStore::createTiles):
2479
2480 2011-02-01  Sam Weinig  <sam@webkit.org>
2481
2482         Fix Mac production builds.
2483
2484         * DerivedSources.make:
2485         * WebCore.xcodeproj/project.pbxproj:
2486         * platform/mac/ScrollAnimatorMac.h:
2487         * platform/mac/ScrollbarThemeMac.h:
2488
2489 2011-02-01  Darin Adler  <darin@apple.com>
2490
2491         Reviewed by Chris Fleizach.
2492
2493         REGRESSION: Removing focus from area element causes unwanted scrolling
2494         https://bugs.webkit.org/show_bug.cgi?id=50169
2495
2496         Test: fast/images/imagemap-scroll.html
2497
2498         * html/HTMLAreaElement.cpp:
2499         (WebCore::HTMLAreaElement::setFocus): Added override. Calls the new
2500         RenderImage::areaElementFocusChanged function.
2501         (WebCore::HTMLAreaElement::updateFocusAppearance): Removed the code
2502         here that calls setNeedsLayout on the image's renderer. This was an
2503         attempt to cause repaint of the renderer, but this function does not
2504         need to do that. Also changed this to use the imageElement function
2505         to avoid repeating code.
2506
2507         * html/HTMLAreaElement.h: Updated for above changes.
2508
2509         * rendering/RenderImage.cpp:
2510         (WebCore::RenderImage::paint): Updated for name change.
2511         (WebCore::RenderImage::paintAreaElementFocusRing): Renamed this from
2512         paintFocusRing, because it only paints area focus rings, and should
2513         not be confused with paintFocusRing functions in other classes. Also
2514         removed the unused style argument. Removed the code that used an
2515         HTMLCollection to see if the focused area element is for this image
2516         and instead just call imageElement on the area element.
2517         (WebCore::RenderImage::areaElementFocusChanged): Added. Calls repaint.
2518
2519         * rendering/RenderImage.h: Added a public areaElementFocusChanged
2520         function for HTMLAreaElement to call. Made the paintFocusRing function
2521         private, renamed it to paintAreaElementFocusRing, and removed its
2522         unused style argument.
2523
2524 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
2525
2526         Unreviewed WinCE build fix for r77286.
2527
2528         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2529         (WebCore::TransparentLayerDC::TransparentLayerDC):
2530
2531 2011-02-01  Chris Fleizach  <cfleizach@apple.com>
2532
2533         Reviewed by Darin Adler.
2534
2535         AX: AXPosition of AXScrollArea is wrong
2536         https://bugs.webkit.org/show_bug.cgi?id=53511
2537
2538         AccessibilityScrollView needed to return a valid documentFrameView() object.
2539         At the same time, the code from document() should be consolidated in 
2540         AccessibilityObject, so all objects can use it.
2541
2542         Test: platform/mac/accessibility/webkit-scrollarea-position.html
2543
2544         * accessibility/AccessibilityObject.cpp:
2545         (WebCore::AccessibilityObject::document):
2546         * accessibility/AccessibilityObject.h:
2547         * accessibility/AccessibilityScrollView.cpp:
2548         (WebCore::AccessibilityScrollView::accessibilityHitTest):
2549         (WebCore::AccessibilityScrollView::documentFrameView):
2550         * accessibility/AccessibilityScrollView.h:
2551
2552 2011-02-01  Zhenyao Mo  <zmo@google.com>
2553
2554         Reviewed by Kenneth Russell.
2555
2556         getUniform should support SAMPLER_2D or SAMPLER_CUBE
2557         https://bugs.webkit.org/show_bug.cgi?id=52190
2558
2559         * html/canvas/WebGLRenderingContext.cpp:
2560         (WebCore::WebGLRenderingContext::getUniform):
2561
2562 2011-02-01  Zhenyao Mo  <zmo@google.com>
2563
2564         Reviewed by Darin Adler.
2565
2566         Fix the incorrect usage of RetainPtr cases in GraphicsContext3DCG.cpp
2567         https://bugs.webkit.org/show_bug.cgi?id=53531
2568
2569         With this fix, running WebGL conformance tests should no longer crash randomly.
2570
2571         * platform/graphics/cg/GraphicsContext3DCG.cpp:
2572         (WebCore::GraphicsContext3D::getImageData):
2573
2574 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
2575
2576         One more Chromium build fix after r77286.
2577
2578         * platform/chromium/ScrollbarThemeChromiumMac.mm:
2579         (WebCore::ScrollbarThemeChromiumMac::paint): Changed to not use topLeft().
2580
2581 2011-02-01  Sam Weinig  <sam@webkit.org>
2582
2583         Fix the build for Beth.
2584
2585         * platform/mac/ScrollAnimatorMac.mm:
2586         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
2587
2588 2011-02-01  Sam Weinig  <sam@webkit.org>
2589
2590         Reviewed by Beth Dakin.
2591
2592         Part 2 for <rdar://problem/8492788>
2593         Adopt WKScrollbarPainterController
2594
2595         Use header detection to define scrollbar painting controller #define.
2596
2597         * WebCore.exp.in:
2598         * platform/mac/ScrollAnimatorMac.h:
2599         * platform/mac/ScrollbarThemeMac.h:
2600         * platform/mac/WebCoreSystemInterface.h:
2601         * platform/mac/WebCoreSystemInterface.mm:
2602
2603 2011-02-01  David Hyatt  <hyatt@apple.com>
2604
2605         Reviewed by Oliver Hunt.
2606
2607         https://bugs.webkit.org/show_bug.cgi?id=53520
2608         
2609         Remove the physical terminology from IntRect and FloatRect.
2610         
2611         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
2612         we need to update our terminology to be more accurate.
2613
2614         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
2615         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
2616         even for flipped rectangles.
2617
2618         * accessibility/AccessibilityRenderObject.cpp:
2619         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
2620         * accessibility/mac/AccessibilityObjectWrapper.mm:
2621         (-[AccessibilityObjectWrapper position]):
2622         * dom/ClientRect.h:
2623         (WebCore::ClientRect::right):
2624         (WebCore::ClientRect::bottom):
2625         * html/HTMLCanvasElement.cpp:
2626         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
2627         * html/canvas/CanvasRenderingContext2D.cpp:
2628         (WebCore::normalizeRect):
2629         * inspector/InspectorAgent.cpp:
2630         (WebCore::InspectorAgent::drawElementTitle):
2631         * page/DOMWindow.cpp:
2632         (WebCore::DOMWindow::adjustWindowRect):
2633         * page/DragController.cpp:
2634         (WebCore::dragLocForSelectionDrag):
2635         * page/EventHandler.cpp:
2636         (WebCore::EventHandler::sendContextMenuEventForKey):
2637         * page/PrintContext.cpp:
2638         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
2639         (WebCore::PrintContext::pageNumberForElement):
2640         * page/SpatialNavigation.cpp:
2641         (WebCore::end):
2642         (WebCore::areRectsFullyAligned):
2643         (WebCore::areRectsMoreThanFullScreenApart):
2644         (WebCore::below):
2645         (WebCore::rightOf):
2646         (WebCore::isRectInDirection):
2647         (WebCore::entryAndExitPointsForDirection):
2648         (WebCore::virtualRectForDirection):
2649         * page/WindowFeatures.cpp:
2650         (WebCore::WindowFeatures::WindowFeatures):
2651         * platform/ScrollView.cpp:
2652         (WebCore::ScrollView::wheelEvent):
2653         * platform/Scrollbar.cpp:
2654         (WebCore::Scrollbar::setFrameRect):
2655         * platform/ScrollbarThemeComposite.cpp:
2656         (WebCore::ScrollbarThemeComposite::splitTrack):
2657         * platform/chromium/ScrollbarThemeChromium.cpp:
2658         (WebCore::ScrollbarThemeChromium::paintTickmarks):
2659         * platform/graphics/FloatQuad.h:
2660         (WebCore::FloatQuad::FloatQuad):
2661         * platform/graphics/FloatRect.cpp:
2662         (WebCore::FloatRect::intersects):
2663         (WebCore::FloatRect::contains):
2664         (WebCore::FloatRect::intersect):
2665         (WebCore::FloatRect::unite):
2666         (WebCore::enclosingIntRect):
2667         * platform/graphics/FloatRect.h:
2668         (WebCore::FloatRect::maxX):
2669         (WebCore::FloatRect::maxY):
2670         (WebCore::FloatRect::contains):
2671         * platform/graphics/IntRect.cpp:
2672         (WebCore::IntRect::intersects):
2673         (WebCore::IntRect::contains):
2674         (WebCore::IntRect::intersect):
2675         (WebCore::IntRect::unite):
2676         * platform/graphics/IntRect.h:
2677         (WebCore::IntRect::maxX):
2678         (WebCore::IntRect::maxY):
2679         (WebCore::IntRect::shiftXEdgeTo):
2680         (WebCore::IntRect::shiftMaxXEdgeTo):
2681         (WebCore::IntRect::shiftYEdgeTo):
2682         (WebCore::IntRect::shiftMaxYEdgeTo):
2683         (WebCore::IntRect::contains):
2684         * platform/graphics/WidthIterator.cpp:
2685         (WebCore::WidthIterator::advance):
2686         * platform/graphics/cg/GraphicsContextCG.cpp:
2687         (WebCore::GraphicsContext::drawRect):
2688         (WebCore::GraphicsContext::fillPath):
2689         (WebCore::GraphicsContext::fillRect):
2690         * platform/graphics/cg/ImageBufferCG.cpp:
2691         (WebCore::getImageData):
2692         (WebCore::putImageData):
2693         * platform/graphics/cg/ImageCG.cpp:
2694         (WebCore::BitmapImage::draw):
2695         * platform/graphics/filters/FilterEffect.cpp:
2696         (WebCore::FilterEffect::copyImageBytes):
2697         * platform/graphics/mac/ComplexTextController.cpp:
2698         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
2699         * platform/graphics/mac/SimpleFontDataMac.mm:
2700         (WebCore::SimpleFontData::platformBoundsForGlyph):
2701         * platform/graphics/transforms/AffineTransform.cpp:
2702         (WebCore::AffineTransform::mapRect):
2703         * platform/graphics/win/FontCGWin.cpp:
2704         (WebCore::drawGDIGlyphs):
2705         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
2706         (WebCore::MediaPlayerPrivate::paint):
2707         * platform/gtk/RenderThemeGtk.cpp:
2708         (WebCore::centerRectVerticallyInParentInputElement):
2709         * platform/mac/WidgetMac.mm:
2710         (WebCore::Widget::paint):
2711         * rendering/InlineFlowBox.cpp:
2712         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
2713         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
2714         * rendering/InlineTextBox.cpp:
2715         (WebCore::InlineTextBox::selectionRect):
2716         (WebCore::InlineTextBox::paint):
2717         (WebCore::InlineTextBox::positionForOffset):
2718         * rendering/RenderBlock.cpp:
2719         (WebCore::RenderBlock::addOverflowFromChildren):
2720         (WebCore::RenderBlock::paintChildren):
2721         (WebCore::RenderBlock::paintEllipsisBoxes):
2722         (WebCore::RenderBlock::inlineSelectionGaps):
2723         (WebCore::RenderBlock::adjustPointToColumnContents):
2724         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
2725         (WebCore::RenderBlock::adjustForColumns):
2726         * rendering/RenderBlock.h:
2727         (WebCore::RenderBlock::FloatingObject::right):
2728         (WebCore::RenderBlock::FloatingObject::bottom):
2729         * rendering/RenderBox.cpp:
2730         (WebCore::RenderBox::reflectedRect):
2731         (WebCore::RenderBox::localCaretRect):
2732         (WebCore::RenderBox::addShadowOverflow):
2733         (WebCore::RenderBox::addLayoutOverflow):
2734         (WebCore::RenderBox::visualOverflowRectForPropagation):
2735         (WebCore::RenderBox::layoutOverflowRectForPropagation):
2736         (WebCore::RenderBox::flipForWritingMode):
2737         * rendering/RenderFrameSet.cpp:
2738         (WebCore::RenderFrameSet::paintColumnBorder):
2739         (WebCore::RenderFrameSet::paintRowBorder):
2740         * rendering/RenderInline.cpp:
2741         (WebCore::RenderInline::paintOutlineForLine):
2742         * rendering/RenderLayer.cpp:
2743         (WebCore::RenderLayer::getRectToExpose):
2744         (WebCore::cornerRect):
2745         (WebCore::RenderLayer::positionOverflowControls):
2746         (WebCore::RenderLayer::overflowBottom):
2747         (WebCore::RenderLayer::overflowRight):
2748         (WebCore::RenderLayer::paintResizer):
2749         * rendering/RenderLineBoxList.cpp:
2750         (WebCore::RenderLineBoxList::rangeIntersectsRect):
2751         (WebCore::RenderLineBoxList::paint):
2752         * rendering/RenderListItem.cpp:
2753         (WebCore::RenderListItem::positionListMarker):
2754         * rendering/RenderListMarker.cpp:
2755         (WebCore::RenderListMarker::paint):
2756         * rendering/RenderObject.cpp:
2757         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
2758         * rendering/RenderOverflow.h:
2759         (WebCore::RenderOverflow::RenderOverflow):
2760         (WebCore::RenderOverflow::addLayoutOverflow):
2761         (WebCore::RenderOverflow::addVisualOverflow):
2762         (WebCore::RenderOverflow::setLayoutOverflow):
2763         (WebCore::RenderOverflow::setVisualOverflow):
2764         (WebCore::RenderOverflow::resetLayoutOverflow):
2765         * rendering/RenderReplaced.cpp:
2766         (WebCore::RenderReplaced::shouldPaint):
2767         * rendering/RenderScrollbarTheme.cpp:
2768         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
2769         * rendering/RenderTable.cpp:
2770         (WebCore::RenderTable::paint):
2771         * rendering/RenderTableCell.cpp:
2772         (WebCore::RenderTableCell::paint):
2773         * rendering/RenderTableSection.cpp:
2774         (WebCore::RenderTableSection::paintObject):
2775         * rendering/RenderText.cpp:
2776         (WebCore::RenderText::absoluteQuads):
2777         * rendering/RenderTextControlSingleLine.cpp:
2778         (WebCore::RenderTextControlSingleLine::forwardEvent):
2779         * rendering/RenderThemeMac.mm:
2780         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
2781         (WebCore::RenderThemeMac::paintMenuListButton):
2782         (WebCore::RenderThemeMac::paintSliderTrack):
2783         * rendering/RenderView.cpp:
2784         (WebCore::RenderView::computeRectForRepaint):
2785         (WebCore::RenderView::docBottom):
2786         (WebCore::RenderView::docRight):
2787         * rendering/RootInlineBox.cpp:
2788         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
2789         * rendering/svg/RenderSVGInlineText.cpp:
2790         (WebCore::RenderSVGInlineText::localCaretRect):
2791
2792 2011-02-01  Beth Dakin  <bdakin@apple.com>
2793
2794         Reviewed by Sam Weinig.
2795
2796         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
2797
2798         Lots of new WebCoreSystemInterface functions to export.
2799         * WebCore.exp.in:
2800         * platform/mac/WebCoreSystemInterface.h:
2801         * platform/mac/WebCoreSystemInterface.mm:
2802
2803         Let the scrollAnimator know when the mouse has
2804         moved anywhere inside the page, and when the mouse 
2805         has moved in or out of the window. 
2806         * page/EventHandler.cpp:
2807         (WebCore::EventHandler::mouseMoved):
2808         (WebCore::EventHandler::updateMouseEventTargetNode):
2809
2810         Let the scrollAnimator know when the window has become
2811         active or inactive.
2812         * page/FocusController.cpp:
2813         (WebCore::FocusController::setActive):
2814         
2815         Let the scrollAnimator know when all of these things
2816         are happening.
2817         * page/FrameView.cpp:
2818         (WebCore::FrameView::setContentsSize):
2819         (WebCore::FrameView::didMoveOnscreen):
2820         (WebCore::FrameView::willMoveOffscreen):
2821         (WebCore::FrameView::currentMousePosition):
2822         (WebCore::FrameView::contentsResized):
2823         
2824         New functions called through WebKit2 that allow the
2825         scrollAnimator to know when a live resize starts and ends.
2826         (WebCore::FrameView::willStartLiveResize):
2827         (WebCore::FrameView::willEndLiveResize):
2828         * page/FrameView.h:
2829         
2830         New functions on ScrollAnimator that pass information
2831         to the WKPainterController when we're using one.
2832         * platform/ScrollAnimator.h:
2833         (WebCore::ScrollAnimator::scrollableArea):
2834         (WebCore::ScrollAnimator::contentAreaWillPaint):
2835         (WebCore::ScrollAnimator::mouseEnteredContentArea):
2836         (WebCore::ScrollAnimator::mouseExitedContentArea):
2837         (WebCore::ScrollAnimator::mouseMovedInContentArea):
2838         (WebCore::ScrollAnimator::willStartLiveResize):
2839         (WebCore::ScrollAnimator::contentsResized):
2840         (WebCore::ScrollAnimator::willEndLiveResize):
2841         (WebCore::ScrollAnimator::contentAreaDidShow):
2842         (WebCore::ScrollAnimator::contentAreaDidHide):
2843         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
2844         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
2845         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
2846         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
2847         (WebCore::ScrollAnimatorMac::notityPositionChanged):
2848         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
2849         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
2850         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
2851         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
2852         (WebCore::ScrollAnimatorMac::willStartLiveResize):
2853         (WebCore::ScrollAnimatorMac::contentsResized):
2854         (WebCore::ScrollAnimatorMac::willEndLiveResize):
2855         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
2856         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
2857         
2858         Let the scrollAnimator know when this is happening.
2859         * platform/ScrollView.cpp:
2860         (WebCore::ScrollView::paint):
2861         
2862         New function lets the scrollAnimator get the current 
2863         mouse position.
2864         * platform/ScrollView.h:
2865         (WebCore::ScrollView::currentMousePosition):
2866         
2867         New function that returns the scrollAnimator when needed.
2868         * platform/ScrollableArea.h:
2869         (WebCore::ScrollableArea::scrollAnimator):
2870         
2871         Keep track of if we're in a live resize using a new memeber
2872         variable.
2873         * platform/mac/ScrollAnimatorMac.h:
2874         (WebCore::ScrollAnimatorMac::inLiveResize):
2875         * platform/mac/ScrollAnimatorMac.mm:
2876         (WebCore::view):
2877         
2878         New delegates for the WKPainter and WKPainterController
2879         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
2880         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
2881         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
2882         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
2883         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
2884         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
2885         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
2886         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
2887         (-[ScrollKnobAnimation setCurrentProgress:]):
2888         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
2889         (-[ScrollbarPainterDelegate convertRectToBacking:]):
2890         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
2891         (-[ScrollbarPainterDelegate layer]):
2892         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
2893         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
2894         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
2895         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
2896
2897         Get the WKScrollbarPainterRefs to synch up with the 
2898         WKScrollbarPainterControllerRefs when appropriate
2899         * platform/mac/ScrollbarThemeMac.h:
2900         * platform/mac/ScrollbarThemeMac.mm:
2901         (WebCore::ScrollbarThemeMac::registerScrollbar):
2902         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
2903         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
2904         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
2905
2906         Implement ScrollableArea's virtual function contentsSize() for access
2907         through the scrollAnimator.
2908         * rendering/RenderLayer.h:
2909         (WebCore::RenderLayer::contentsSize):
2910
2911 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
2912
2913         Reviewed by David Hyatt.
2914
2915         layoutTestController.counterValueForElementById does not return the correct value
2916         https://bugs.webkit.org/show_bug.cgi?id=53037
2917
2918         Test: fast/css/counters/deep-before.html
2919
2920         * rendering/RenderTreeAsText.cpp:
2921         (WebCore::counterValueForElement):
2922         Modified to use the newly available RenderObject::beforePseudoElement()
2923         and RenderObject::afterPseudoElement() instead of the old imperfect
2924         algorithm to find the before and after pseudo elements.
2925
2926 2011-02-01  Anton Muhin  <antonm@chromium.org>
2927
2928         Reviewed by Adam Barth.
2929
2930         Allow access for security origin same as this.
2931         https://bugs.webkit.org/show_bug.cgi?id=53440
2932
2933         Hard to test as newly added path currently is never hit.
2934
2935         * page/SecurityOrigin.cpp:
2936         (WebCore::SecurityOrigin::canAccess): allow access if this == other
2937
2938 2011-01-31  Oliver Hunt  <oliver@apple.com>
2939
2940         Reviewed by Geoffrey Garen.
2941
2942         Update JSObject storage for new marking API
2943         https://bugs.webkit.org/show_bug.cgi?id=53467
2944
2945         Update WebCore to handle new anonymous slot behaviour.
2946
2947         * bindings/js/JSDOMWindowShell.cpp:
2948         (WebCore::JSDOMWindowShell::setWindow):
2949         * bindings/js/WorkerScriptController.cpp:
2950         (WebCore::WorkerScriptController::initScript):
2951         * bindings/scripts/CodeGeneratorJS.pm:
2952
2953 2011-02-01  Xiaomei Ji  <xji@chromium.org>
2954
2955         Reviewed by David Hyatt.
2956
2957         Fix a text rendering problem when enclosing block is RTL and text runs
2958         are in different directionality.
2959         https://bugs.webkit.org/show_bug.cgi?id=34176
2960
2961         The problem happens in the following example scenario (ABC represents 
2962         Hebrew characters):
2963         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
2964
2965         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
2966         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
2967         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
2968
2969         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
2970
2971         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
2972         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
2973         the run's render object's ancestor (not only its parent) has already 
2974         been constructed or has something following it on the line, in which 
2975         case, create a new box for TextRun2 instead of sharing the same box with
2976         TextRun3.
2977
2978         In other words, the following 2 div should render the same results
2979         (ABC represents Hebrew characters).
2980         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
2981         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
2982
2983         Test: fast/dom/34176.html
2984
2985         * rendering/RenderBlockLineLayout.cpp:
2986         (WebCore::parentIsConstructedOrHaveNext):
2987         (WebCore::RenderBlock::createLineBoxes):
2988
2989 2011-02-01  Abhishek Arya  <inferno@chromium.org>
2990
2991         Reviewed by Dan Bernstein.
2992
2993         Do not add a node in the document's stylesheet candidate node list if the
2994         node is already removed from document.
2995         https://bugs.webkit.org/show_bug.cgi?id=53441
2996
2997         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
2998
2999         * dom/Document.cpp:
3000         (WebCore::Document::addStyleSheetCandidateNode):
3001
3002 2011-02-01  Dave Hyatt  <hyatt@apple.com>
3003
3004         Reviewed by Darin Adler.
3005
3006         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
3007         with vertical text.
3008
3009         Change printing functions to check writing-mode and properly swap width and height
3010         as needed.
3011         
3012         Fix the setScrollOrigin function so that the origin doesn't cause
3013         scroll spasming during printing (this is only partially successful, but it's better
3014         than it was).
3015
3016         Rewrite computePageRects to handle both RTL documents properly as well as vertical
3017         text documents properly.
3018
3019         * WebCore.exp.in:
3020         * page/FrameView.cpp:
3021         (WebCore::FrameView::adjustViewSize):
3022         (WebCore::FrameView::forceLayoutForPagination):
3023         * page/PrintContext.cpp:
3024         (WebCore::PrintContext::computePageRects):
3025         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
3026         (WebCore::PrintContext::computeAutomaticScaleFactor):
3027         (WebCore::PrintContext::spoolPage):
3028         (WebCore::PrintContext::spoolRect):
3029         * page/PrintContext.h:
3030         * page/mac/WebCoreFrameView.h:
3031         * platform/ScrollView.cpp:
3032         (WebCore::ScrollView::wheelEvent):
3033         * platform/ScrollView.h:
3034         * platform/mac/ScrollViewMac.mm:
3035         (WebCore::ScrollView::platformSetScrollOrigin):
3036         * rendering/RenderView.cpp:
3037         (WebCore::RenderView::layout):
3038
3039 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
3040
3041         Reviewed by Pavel Feldman.
3042
3043         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
3044
3045         https://bugs.webkit.org/show_bug.cgi?id=53500
3046
3047         * inspector/InspectorProfilerAgent.cpp:
3048         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
3049
3050 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
3051
3052         Reviewed by Pavel Feldman.
3053
3054         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
3055
3056         https://bugs.webkit.org/show_bug.cgi?id=53173
3057
3058         Adding code for accessing heap snapshot data and
3059         performing graph calculations.
3060
3061         * English.lproj/localizedStrings.js:
3062         * inspector/front-end/HeapSnapshot.js:
3063         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
3064         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
3065         (WebInspector.HeapSnapshotEdgeIterator):
3066         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
3067         (WebInspector.HeapSnapshotNodeIterator):
3068         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
3069         (WebInspector.HeapSnapshotFilteredOrderedIterator):
3070         (WebInspector.HeapSnapshotEdgesProvider):
3071         (WebInspector.HeapSnapshotNodesProvider):
3072         (WebInspector.HeapSnapshotPathFinder):
3073         * inspector/front-end/HeapSnapshotView.js:
3074         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
3075
3076 2011-02-01  Adam Roben  <aroben@apple.com>
3077
3078         Fix linker warnings in Release_LTCG builds
3079
3080         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
3081         configurations, since they get pulled in via DOMAllInOne.cpp.
3082
3083 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
3084
3085         Reviewed by Yury Semikhatsky.
3086
3087         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
3088         https://bugs.webkit.org/show_bug.cgi?id=53482
3089
3090         * English.lproj/localizedStrings.js:
3091         * inspector/front-end/ElementsPanel.js:
3092         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
3093         * inspector/front-end/inspector.js:
3094         (WebInspector.resourceForURL):
3095         (WebInspector.openLinkExternallyLabel):
3096
3097 2011-02-01  Anton Muhin  <antonm@chromium.org>
3098
3099         Reviewed by Adam Barth.
3100
3101         Propagate parent document security origin to newly create Document XML response
3102         https://bugs.webkit.org/show_bug.cgi?id=53444
3103
3104         Covered by the existing tests.
3105
3106         * xml/XMLHttpRequest.cpp:
3107         (WebCore::XMLHttpRequest::responseXML):
3108
3109 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
3110
3111         Unreviewed. Rollout r77230 which caused many layout tests
3112         crashes on Chromium Debug bots.
3113
3114         Async event handlers should not fire within a modal dialog
3115         https://bugs.webkit.org/show_bug.cgi?id=53202
3116
3117         * dom/Document.cpp:
3118         (WebCore::Document::Document):
3119         * dom/EventQueue.cpp:
3120         (WebCore::EventQueue::EventQueue):
3121         (WebCore::EventQueue::enqueueEvent):
3122         (WebCore::EventQueue::pendingEventTimerFired):
3123         * dom/EventQueue.h:
3124
3125 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
3126
3127         Reviewed by Dirk Schulze.
3128
3129         LightElement changes does not require relayout.
3130         https://bugs.webkit.org/show_bug.cgi?id=53232
3131
3132         When an attribute of a LightElement changes, it
3133         send an update message to the lighting filters
3134         to update its corresponding LightSource objects,
3135         and repaint the filters.
3136
3137         Duplicated 'id' attributes removed from svg-filter-animation.svg.
3138
3139         Existing dynamic-update tests covers this feature.
3140
3141         5x speedup on manual-tests/svg-filter-animation.svg
3142
3143         * manual-tests/svg-filter-animation.svg:
3144         * platform/graphics/filters/DistantLightSource.h:
3145         * platform/graphics/filters/FEDiffuseLighting.cpp:
3146         (WebCore::FEDiffuseLighting::setLightingColor):
3147         (WebCore::FEDiffuseLighting::setSurfaceScale):
3148         (WebCore::FEDiffuseLighting::setDiffuseConstant):
3149         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
3150         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
3151         * platform/graphics/filters/FEDiffuseLighting.h:
3152         * platform/graphics/filters/LightSource.cpp:
3153         (WebCore::PointLightSource::setX):
3154         (WebCore::PointLightSource::setY):
3155         (WebCore::PointLightSource::setZ):
3156         (WebCore::SpotLightSource::setX):
3157         (WebCore::SpotLightSource::setY):
3158         (WebCore::SpotLightSource::setZ):
3159         (WebCore::SpotLightSource::setPointsAtX):
3160         (WebCore::SpotLightSource::setPointsAtY):
3161         (WebCore::SpotLightSource::setPointsAtZ):
3162         (WebCore::SpotLightSource::setSpecularExponent):
3163         (WebCore::SpotLightSource::setLimitingConeAngle):
3164         (WebCore::DistantLightSource::setAzimuth):
3165         (WebCore::DistantLightSource::setElevation):
3166         (WebCore::LightSource::setAzimuth):
3167         (WebCore::LightSource::setElevation):
3168         (WebCore::LightSource::setX):
3169         (WebCore::LightSource::setY):
3170         (WebCore::LightSource::setZ):
3171         (WebCore::LightSource::setPointsAtX):
3172         (WebCore::LightSource::setPointsAtY):
3173         (WebCore::LightSource::setPointsAtZ):
3174         (WebCore::LightSource::setSpecularExponent):
3175         (WebCore::LightSource::setLimitingConeAngle):
3176         * platform/graphics/filters/LightSource.h:
3177         * platform/graphics/filters/PointLightSource.h:
3178         * platform/graphics/filters/SpotLightSource.h:
3179         * rendering/svg/RenderSVGResourceFilter.cpp:
3180         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
3181         * svg/SVGFEDiffuseLightingElement.cpp:
3182         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
3183         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
3184         (WebCore::SVGFEDiffuseLightingElement::build):
3185         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
3186         (WebCore::SVGFEDiffuseLightingElement::findLight):
3187         * svg/SVGFEDiffuseLightingElement.h:
3188         * svg/SVGFELightElement.cpp:
3189         (WebCore::SVGFELightElement::svgAttributeChanged):
3190         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
3191         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
3192         * svg/SVGFilterPrimitiveStandardAttributes.h:
3193
3194 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3195
3196         Reviewed by Dimitri Glazkov.
3197
3198         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
3199         https://bugs.webkit.org/show_bug.cgi?id=53289
3200
3201         Moving the nested class DocumentOrderedMap from Document into separate files,
3202         updating code where necessary.
3203
3204         No new tests. (refactoring)
3205
3206         * Android.mk:
3207         * CMakeLists.txt:
3208         * GNUMakefile.am:
3209         * WebCore.gypi:
3210         * WebCore.pro:
3211         * WebCore.vcproj/WebCore.vcproj:
3212         * WebCore.xcodeproj/project.pbxproj:
3213         * dom/Document.cpp:
3214         (WebCore::Document::getElementById):
3215         (WebCore::Document::getImageMap):
3216         * dom/Document.h:
3217         * dom/DocumentOrderedMap.cpp: Added.
3218         (WebCore::keyMatchesId):
3219         (WebCore::keyMatchesMapName):
3220         (WebCore::keyMatchesLowercasedMapName):
3221         (WebCore::DocumentOrderedMap::clear):
3222         (WebCore::DocumentOrderedMap::add):
3223         (WebCore::DocumentOrderedMap::remove):
3224         (WebCore::DocumentOrderedMap::get):
3225         (WebCore::DocumentOrderedMap::getElementById):
3226         (WebCore::DocumentOrderedMap::getElementByMapName):
3227         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
3228         * dom/DocumentOrderedMap.h: Added.
3229         (WebCore::DocumentOrderedMap::contains):
3230         (WebCore::DocumentOrderedMap::containsMultiple):
3231         * dom/DOMAllInOne.cpp:
3232
3233 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3234
3235         Reviewed by Martin Robinson.
3236
3237         [Gtk] atk_text_set_caret_offset fails for list items
3238         https://bugs.webkit.org/show_bug.cgi?id=53388
3239
3240         Allow using text ranges across list items.
3241
3242         * accessibility/gtk/AccessibilityObjectAtk.cpp:
3243         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
3244         to the list of accessibility objects supporting text ranges.
3245
3246 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3247
3248         Reviewed by Martin Robinson.
3249
3250         [GTK] character range extents is off when the end of a wrapped line is included
3251         https://bugs.webkit.org/show_bug.cgi?id=53323
3252
3253         Fixed wrong calculation getting the range extents.
3254
3255         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3256         (webkit_accessible_text_get_range_extents): Removed '+1' since the
3257         requested interval shouldn't include the last character.
3258
3259 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
3260
3261         Reviewed by Martin Robinson.
3262
3263         [GTK] Caret Offset is one off at the end of wrapped lines
3264         https://bugs.webkit.org/show_bug.cgi?id=53300
3265
3266         Consider linebreaks as special cases.
3267
3268         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3269         (objectAndOffsetUnignored): In order to avoid getting wrong values
3270         when around linebreaks, we need to workaround this by explicitly
3271         avoiding those '\n' text nodes from affecting the result of
3272         calling to TextIterator:rangeLength().
3273
3274 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3275
3276         Unreviewed, rolling out r77229.
3277         http://trac.webkit.org/changeset/77229
3278         https://bugs.webkit.org/show_bug.cgi?id=53289
3279
3280         revert mysterious build breakage
3281
3282         * Android.mk:
3283         * CMakeLists.txt:
3284         * GNUmakefile.am:
3285         * WebCore.gypi:
3286         * WebCore.pro:
3287         * WebCore.vcproj/WebCore.vcproj:
3288         * WebCore.xcodeproj/project.pbxproj:
3289         * dom/DOMAllInOne.cpp:
3290         * dom/Document.cpp:
3291         (WebCore::Document::DocumentOrderedMap::clear):
3292         (WebCore::Document::DocumentOrderedMap::add):
3293         (WebCore::Document::DocumentOrderedMap::remove):
3294         (WebCore::Document::DocumentOrderedMap::get):
3295         (WebCore::keyMatchesId):
3296         (WebCore::Document::getElementById):
3297         (WebCore::keyMatchesMapName):
3298         (WebCore::keyMatchesLowercasedMapName):
3299         (WebCore::Document::getImageMap):
3300         * dom/Document.h:
3301         (WebCore::Document::DocumentOrderedMap::contains):
3302         (WebCore::Document::DocumentOrderedMap::containsMultiple):
3303         * dom/DocumentOrderedMap.cpp: Removed.
3304         * dom/DocumentOrderedMap.h: Removed.
3305
3306 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
3307
3308         Reviewed by James Robinson.
3309
3310         Async event handlers should not fire within a modal dialog
3311         https://bugs.webkit.org/show_bug.cgi?id=53202
3312
3313         Asychronous events that use EventQueue would currently fire while a
3314         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
3315         SuspendableTimer (which automatically gets suspended while dialogs are
3316         up and in other cases where JS execution is not allowed).
3317         
3318         Test: fast/events/scroll-event-during-modal-dialog.html
3319
3320         * dom/Document.cpp:
3321         (WebCore::Document::Document):
3322         * dom/EventQueue.cpp:
3323         (WebCore::EventQueueTimer::EventQueueTimer):
3324         (WebCore::EventQueueTimer::fired):
3325         (WebCore::EventQueue::EventQueue):
3326         (WebCore::EventQueue::enqueueEvent):
3327         (WebCore::EventQueue::pendingEventTimerFired):
3328         * dom/EventQueue.h:
3329         (WebCore::EventQueue::create):
3330
3331 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
3332
3333         Reviewed by Dimitri Glazkov.
3334
3335         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
3336         https://bugs.webkit.org/show_bug.cgi?id=53289
3337
3338         Moving the nested class DocumentOrderedMap from Document into separate files,
3339         updating code where necessary.
3340
3341         No new tests. (refactoring)
3342
3343         * Android.mk:
3344         * CMakeLists.txt:
3345         * GNUMakefile.am:
3346         * WebCore.gypi:
3347         * WebCore.pro:
3348         * WebCore.vcproj/WebCore.vcproj:
3349         * WebCore.xcodeproj/project.pbxproj:
3350         * dom/Document.cpp:
3351         (WebCore::Document::getElementById):
3352         (WebCore::Document::getImageMap):
3353         * dom/Document.h:
3354         * dom/DocumentOrderedMap.cpp: Added.
3355         (WebCore::keyMatchesId):
3356         (WebCore::keyMatchesMapName):
3357         (WebCore::keyMatchesLowercasedMapName):
3358         (WebCore::DocumentOrderedMap::clear):
3359         (WebCore::DocumentOrderedMap::add):
3360         (WebCore::DocumentOrderedMap::remove):
3361         (WebCore::DocumentOrderedMap::get):
3362         (WebCore::DocumentOrderedMap::getElementById):
3363         (WebCore::DocumentOrderedMap::getElementByMapName):
3364         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
3365         * dom/DocumentOrderedMap.h: Added.
3366         (WebCore::DocumentOrderedMap::contains):
3367         (WebCore::DocumentOrderedMap::containsMultiple):
3368         * dom/DOMAllInOne.cpp:
3369
3370 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
3371
3372         Reviewed by Darin Fisher.
3373
3374         [Chromium] Autofill should work with HTML5 form elements
3375         https://bugs.webkit.org/show_bug.cgi?id=51809
3376         http://crbug.com/65654
3377
3378         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
3379
3380         * html/InputType.h: Insert comment for canSetSuggestedValue().
3381         * html/TextFieldInputType.cpp:
3382         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
3383         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
3384         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
3385         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
3386
3387 2011-02-01  Kent Tamura  <tkent@chromium.org>
3388
3389         Reviewed by Dan Bernstein.
3390
3391         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
3392         https://bugs.webkit.org/show_bug.cgi?id=53272
3393
3394         * editing/TextIterator.cpp:
3395         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
3396
3397 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
3398
3399         Reviewed by Maciej Stachowiak.
3400
3401         https://bugs.webkit.org/show_bug.cgi?id=53466
3402         Move WebKit2 to printing via API methods
3403
3404         * WebCore.exp.in: Export IntRect::scale().
3405
3406 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
3407
3408         Reviewed by Adam Barth.
3409
3410         Remove obsolete comment after r41871
3411         https://bugs.webkit.org/show_bug.cgi?id=53406
3412
3413         * dom/Document.h:
3414
3415 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
3416
3417         Fix according to reviewer comments: can just use Color::black now.
3418
3419         * platform/graphics/ShadowBlur.cpp:
3420         (WebCore::ShadowBlur::drawInsetShadow):
3421         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
3422
3423 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
3424
3425         Reviewed by Sam Weinig.
3426
3427         Clean up ShadowBlur
3428         https://bugs.webkit.org/show_bug.cgi?id=53472
3429
3430         Some minor ShadowBlur cleanup.
3431
3432         * platform/graphics/ShadowBlur.h:
3433         * platform/graphics/ShadowBlur.cpp:
3434         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
3435         paramter.
3436         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
3437         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
3438         layerRect. Make frameSize a float.
3439         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
3440         layerRect rather than calling calculateLayerBoundingRect() to compute
3441         it itself, since we were calling calculateLayerBoundingRect() twice.
3442         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
3443         only once. The shadowRect variable was unused, so two return paths could be
3444         collapsed into one.
3445         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
3446         beginShadowLayer() now.
3447         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
3448         We always used alpha=1, so no need to pass that in.
3449         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
3450         pass that in. Move shadowRect down to first use.
3451         ShadowBlur::clipBounds() was unused.
3452
3453 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
3454
3455         Reviewed by Kenneth Rohde Christiansen.
3456
3457         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
3458         https://bugs.webkit.org/show_bug.cgi?id=46748
3459
3460         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
3461         Added a regression test to tst_QWebFrame.
3462
3463         * bridge/qt/qt_instance.cpp:
3464         (JSC::Bindings::QtInstance::QtInstance):
3465
3466 2011-01-27  MORITA Hajime  <morrita@google.com>
3467
3468         Reviewed by Dimitri Glazkov.
3469         
3470         Convert <progress> shadow DOM to a DOM-based shadow.
3471         https://bugs.webkit.org/show_bug.cgi?id=50660
3472
3473         * Removed RenderProgress::m_valuePart, moved the shadow node
3474           to the shadow root of HTMLProgressElement.
3475         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
3476           ProgressBarValueElement is defined only for overriding
3477           shadowPseudoId().
3478         
3479         No new tests. No behavioral change.
3480
3481         * css/CSSSelector.cpp:
3482         (WebCore::CSSSelector::pseudoId):
3483         (WebCore::nameToPseudoTypeMap):
3484         (WebCore::CSSSelector::extractPseudoType):
3485         * css/CSSSelector.h:
3486         * html/HTMLProgressElement.cpp:
3487         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
3488         (WebCore::ProgressBarValueElement::shadowPseudoId):
3489         (WebCore::ProgressBarValueElement::create):
3490         (WebCore::ProgressBarValueElement::detach):
3491         (WebCore::HTMLProgressElement::parseMappedAttribute):
3492         (WebCore::HTMLProgressElement::attach):
3493         (WebCore::HTMLProgressElement::valuePart):
3494         (WebCore::HTMLProgressElement::didElementStateChange):
3495         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
3496         * html/HTMLProgressElement.h:
3497         * rendering/RenderProgress.cpp:
3498         (WebCore::RenderProgress::~RenderProgress):
3499         (WebCore::RenderProgress::updateFromElement):
3500         (WebCore::RenderProgress::layoutParts):
3501         (WebCore::RenderProgress::shouldHaveParts):
3502         (WebCore::RenderProgress::valuePart):
3503         * rendering/RenderProgress.h:
3504         * rendering/style/RenderStyleConstants.h:
3505
3506 2011-01-31  Charlie Reis  <creis@chromium.org>
3507
3508         Reviewed by Mihai Parparita.
3509
3510         Add sanity check to help diagnose bug 52819
3511         https://bugs.webkit.org/show_bug.cgi?id=53402
3512
3513         Crash early if the children of fromItem look invalid.
3514
3515         * loader/HistoryController.cpp:
3516
3517 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
3518
3519         Reviewed by Andreas Kling.
3520
3521         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
3522         https://bugs.webkit.org/show_bug.cgi?id=53325
3523
3524         Reimplement paintCurrentFrameInContext() rather than delegate the
3525         rendering to paint() to make sure we really do get the video frame
3526         content into the GraphicsContext, regardless of accelerated
3527         compositing and the video scene state.
3528
3529         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
3530         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
3531         * platform/graphics/qt/MediaPlayerPrivateQt.h:
3532
3533 2011-01-31  Emil A Eklund  <eae@chromium.org>
3534
3535         Reviewed by Darin Adler.
3536
3537         Setting "selected" attribute to false should have no effect in single line <select>
3538         https://bugs.webkit.org/show_bug.cgi?id=52436
3539
3540         Change SelectElement::setSelectedIndex to select the first selectable
3541         option when the select state of all options is set to false as required
3542         by the HTML5 specification.
3543
3544         Test: fast/dom/HTMLSelectElement/selected-false.html
3545
3546         * dom/SelectElement.cpp:
3547         (WebCore::SelectElement::setSelectedIndex):
3548
3549 2011-01-31  Alexander Pavlov  <apavlov@chromium.org>
3550
3551         Reviewed by Yury Semikhatsky.
3552
3553         Web Inspector: Console source references need a left-margin
3554         https://bugs.webkit.org/show_bug.cgi?id=53308
3555
3556         * inspector/front-end/inspector.css:
3557         (.console-message-url): Added a 4px margin on the left.
3558
3559 2011-01-31  Carol Szabo  <carol.szabo@nokia.com>
3560
3561         Reviewed by David Hyatt.
3562
3563         Code Changes only.
3564
3565         It is needlessly expensive to find the generating node from an anonymous renderer of a pseudoelement.
3566         https://bugs.webkit.org/show_bug.cgi?id=53024
3567
3568         No new tests. No change in functionality
3569
3570         * rendering/RenderObject.h:
3571         (WebCore::RenderObject::before):
3572         (WebCore::RenderObject::after):
3573         (WebCore::RenderObject::generatingNode):
3574         Added new accessors for the use of the CSS 2.1 counters code
3575         (mainlyly)
3576         * rendering/RenderObjectChildList.cpp:
3577         (WebCore::beforeAfterContainer):
3578         (WebCore::RenderObjectChildList::invalidateCounters):
3579         (WebCore::RenderObjectChildList::before):
3580         (WebCore::RenderObjectChildList::after):
3581         Refactored the code to take advantage of the new accessors.
3582         (WebCore::RenderObjectChildList::updateBeforeAfterContent):
3583         Changed to store the generating node in the :before and :after
3584         renderers.
3585         * rendering/RenderObjectChildList.h:
3586
3587 2011-01-31  Krithigassree Sambamurthy  <krithigassree.sambamurthy@nokia.com>
3588
3589         Reviewed by David Hyatt.
3590
3591         Add background-clip to background shorthand
3592         https://bugs.webkit.org/show_bug.cgi?id=52080
3593
3594         Added background-clip to background-shorthand. Also made changes to
3595         include webkitMaskClip to the mask shorthand to keep both in sync.
3596
3597         * css/CSSParser.cpp:
3598         (WebCore::CSSParser::parseValue):
3599         (WebCore::CSSParser::parseFillShorthand):
3600
3601 2011-01-31  Darin Adler  <darin@apple.com>
3602
3603         Reviewed by Adele Peterson.
3604
3605         WKView should support scrollPageDown:, scrollPageUp:, scrollToBeg and other similar selectors
3606         https://bugs.webkit.org/show_bug.cgi?id=53460
3607
3608         * editing/EditorCommand.cpp:
3609         (WebCore::executeScrollPageBackward): Added.
3610         (WebCore::executeScrollPageForward): Added.
3611         (WebCore::executeScrollToBeginningOfDocument): Added.
3612         (WebCore::executeScrollToEndOfDocument): Added.
3613         (WebCore::createCommandMap): Added the four commands above to the map.
3614
3615 2011-01-31  Dan Bernstein  <mitz@apple.com>
3616
3617         Reviewed by Adele Peterson.
3618
3619         Inter-ideograph justification should apply to hiragana and katakana as well
3620         https://bugs.webkit.org/show_bug.cgi?id=53464
3621
3622         Changed the test for expansion opportunities from isCJKIdeograph() to isCJKIdeographOrSymbol().
3623
3624         * platform/graphics/Font.cpp:
3625         (WebCore::Font::expansionOpportunityCount):
3626         * platform/graphics/WidthIterator.cpp:
3627         (WebCore::WidthIterator::advance):
3628         * platform/graphics/mac/ComplexTextController.cpp:
3629         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
3630
3631 2011-01-31  Dimitri Glazkov  <dglazkov@chromium.org>
3632
3633         Reviewed by James Robinson.
3634
3635         REGRESSION(r76951): Appearance of media controls changed slightly on Qt/Chromium ports
3636         https://bugs.webkit.org/show_bug.cgi?id=53314
3637
3638         Fixes media/controls-strict.html on Chromium.
3639
3640         * css/mediaControlsChromium.css:
3641         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
3642             Added proper box-sizing to avoid differences between strict/quirks mode.
3643
3644 2011-01-31  Kent Tamura  <tkent@chromium.org>
3645
3646         Reviewed by Dimitri Glazkov.
3647
3648         Validation message bubble shouldn't inherit text-security style
3649         https://bugs.webkit.org/show_bug.cgi?id=53457
3650
3651         No new tests because the validation message feature depends on timers
3652         and is enabled only in Chromium port.
3653
3654         * css/html.css:
3655         (::-webkit-validation-bubble): Reset -webkit-text-security.
3656
3657 2011-01-31  Michael Saboff  <msaboff@apple.com>
3658
3659         Reviewed by Geoffrey Garen.
3660
3661         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3662         https://bugs.webkit.org/show_bug.cgi?id=53271
3663
3664         Reapplying this patch again. 
3665         The removal of this patch in <http://trac.webkit.org/changeset/77125>
3666         as part of https://bugs.webkit.org/show_bug.cgi?id=53418,
3667         removed the both the first (failing) patch (r76893) and this fixed 
3668         patch (r76969).  This patch includes slight changes necessitated by
3669         r77151.
3670
3671         Reapplying this patch with the change that the second ASSERT in 
3672         RootObject::removeRuntimeObject was changed to use
3673         .uncheckedGet() instead of the failing .get().  The object in question
3674         could be in the process of being GC'ed.  The get() call will not return
3675         such an object while the uncheckedGet() call will return the (unsafe) 
3676         object.  This is the behavior we want.
3677
3678         Precautionary change.
3679         Changed RootObject to use WeakGCMap instead of HashSet.
3680         Found will looking for another issue, but can't produce a test case
3681         that is problematic.  THerefore there aren't any new tests.
3682
3683         * bridge/runtime_root.cpp:
3684         (JSC::Bindings::RootObject::invalidate):
3685         (JSC::Bindings::RootObject::addRuntimeObject):
3686         (JSC::Bindings::RootObject::removeRuntimeObject):
3687         * bridge/runtime_root.h:
3688
3689 2011-01-31  Andreas Kling  <kling@webkit.org>
3690
3691         Unbreak Qt build after r77151.
3692
3693         * bridge/qt/qt_instance.cpp:
3694         (JSC::Bindings::QtInstance::removeCachedMethod):
3695         (JSC::Bindings::QtInstance::markAggregate):
3696
3697 2011-01-31  takano takumi  <takano@apple.com>
3698
3699         Reviewed by Dave Hyatt.
3700
3701         Implement text-combine rendering code
3702         https://bugs.webkit.org/show_bug.cgi?id=50621
3703
3704         Test: fast/text/international/text-combine-image-test.html
3705
3706         * Android.mk: Added RenderCombineText.cpp/h
3707         * CMakeLists.txt: Added RenderCombineText.cpp/h
3708         * GNUmakefile.am: Added RenderCombineText.cpp/h
3709         * WebCore.exp.in:
3710         * WebCore.gypi: Added RenderCombineText.cpp/h
3711         * WebCore.pro: Added RenderCombineText.cpp/h
3712         * WebCore.vcproj/WebCore.vcproj: Added RenderCombineText.cpp/h
3713         * WebCore.xcodeproj/project.pbxproj: Added RenderCombineText.cpp/h
3714         * css/CSSFontFaceSource.cpp:
3715         (WebCore::CSSFontFaceSource::getFontData):
3716         - Added fontDescription.widthVariant to SimpleFontData creation.
3717         * css/CSSStyleSelector.cpp:
3718         (WebCore::CSSStyleSelector::applyProperty):
3719         - Changed to set "Unique" flag to RenderStyle in case of TextCombine.
3720         * dom/Text.cpp:
3721         (WebCore::Text::createRenderer):
3722         - Changed to create RenderCombineText in case of TextCombine.
3723         * loader/cache/CachedFont.cpp:
3724         (WebCore::CachedFont::platformDataFromCustomData):
3725         - Added FontWidthVariant as an argument for FontPlatformData creation.
3726         * loader/cache/CachedFont.h:
3727         - Ditto.
3728         * platform/graphics/Font.h:
3729         (WebCore::Font::widthVariant):
3730         - The accessor to FontWidthVariant member variable.
3731         * platform/graphics/FontCache.cpp:
3732         - Made cache to incorporate FontWidthVariant value.
3733         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
3734         (WebCore::FontPlatformDataCacheKey::operator==):
3735         (WebCore::computeHash):
3736         (WebCore::FontCache::getCachedFontPlatformData):
3737         * platform/graphics/FontDescription.h:
3738         - Add a member variable that holds a width variant - none, half-width, third-width, and quarter-width.
3739         (WebCore::FontDescription::FontDescription):
3740         (WebCore::FontDescription::widthVariant):
3741         (WebCore::FontDescription::setWidthVariant):
3742         (WebCore::FontDescription::operator==):
3743         * platform/graphics/FontWidthVariant.h: Added.
3744         * platform/graphics/cairo/FontCustomPlatformData.h:
3745         - Changed to carry FontWidthVariant value.
3746         * platform/graphics/cocoa/FontPlatformData.h:
3747         - Changed to carry FontWidthVariant value.
3748         (WebCore::FontPlatformData::FontPlatformData):
3749         (WebCore::FontPlatformData::widthVariant):
3750         (WebCore::FontPlatformData::hash):
3751         (WebCore::FontPlatformData::operator==):
3752         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
3753         (WebCore::FontPlatformData::FontPlatformData):
3754         - Changed to carry FontWidthVariant value.
3755         (WebCore::FontPlatformData::operator=):
3756         - Ditto.
3757         (WebCore::mapFontWidthVariantToCTFeatureSelector):
3758         - A function to map a FontWidthVariant value to a CoreText's text spacing feature selector.
3759         (WebCore::FontPlatformData::ctFont):
3760         - Changed to create CTFont with text spacing variant based on FontWidthVariant.
3761         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
3762         (WebCore::FontCustomPlatformData::fontPlatformData):
3763         - Changed to carry FontWidthVariant value.
3764         * platform/graphics/haiku/FontCustomPlatformData.cpp:
3765         (WebCore::FontCustomPlatformData::fontPlatformData):
3766         - Changed to carry FontWidthVariant value.
3767         * platform/graphics/haiku/FontCustomPlatformData.h:
3768         * platform/graphics/mac/FontCacheMac.mm:
3769         (WebCore::FontCache::createFontPlatformData):
3770         - Changed to carry FontWidthVariant value.
3771         * platform/graphics/mac/FontCustomPlatformData.cpp:
3772         (WebCore::FontCustomPlatformData::fontPlatformData):
3773         - Changed to carry FontWidthVariant value.
3774         * platform/graphics/mac/FontCustomPlatformData.h:
3775         - Ditto.
3776         * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
3777         (WebCore::shouldUseCoreText):
3778         - Changed to skip CT path when width variant is specified.
3779         * platform/graphics/pango/FontCustomPlatformDataPango.cpp:
3780         (WebCore::FontCustomPlatformData::fontPlatformData):
3781         - Ditto.
3782         * platform/graphics/qt/FontCustomPlatformData.h:
3783         - Ditto.
3784         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
3785         (WebCore::FontCustomPlatformData::fontPlatformData):
3786         - Ditto.
3787         * platform/graphics/skia/FontCustomPlatformData.cpp:
3788         (WebCore::FontCustomPlatformData::fontPlatformData):
3789         - Ditto.
3790         * platform/graphics/skia/FontCustomPlatformData.h:
3791         - Ditto.
3792         * platform/graphics/win/FontCustomPlatformData.cpp:
3793         (WebCore::FontCustomPlatformData::fontPlatformData):
3794         - Ditto.
3795         * platform/graphics/win/FontCustomPlatformData.h:
3796         - Ditto.
3797         * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
3798         - Ditto.
3799         (WebCore::FontCustomPlatformData::fontPlatformData):
3800         - Ditto.
3801         * platform/graphics/win/FontCustomPlatformDataCairo.h:
3802         - Ditto.
3803         * platform/graphics/wince/FontCustomPlatformData.cpp:
3804         (WebCore::FontCustomPlatformData::fontPlatformData):
3805         - Ditto.
3806         * platform/graphics/wince/FontCustomPlatformData.h:
3807         - Ditto.
3808         * platform/graphics/wx/FontCustomPlatformData.cpp:
3809         (WebCore::FontCustomPlatformData::fontPlatformData):
3810         - Ditto.
3811         * platform/graphics/wx/FontCustomPlatformData.h:
3812         - Ditto.
3813         * rendering/InlineTextBox.cpp:
3814         (WebCore::InlineTextBox::paint):
3815         - In case of RenderCombineText, we don't rotate text even in vertical writing. Also, we render original text
3816         instead of text returned from text().
3817         * rendering/RenderBlock.cpp:
3818         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
3819         - Made to call RenderCombinedText's prepareTextCombine() here.
3820         * rendering/RenderBlockLineLayout.cpp:
3821         (WebCore::textWidth):
3822         - Made to always use the render object's width() in case of TextCombine.
3823         (WebCore::RenderBlock::findNextLineBreak):
3824         - Made to call RenderCombinedText's prepareTextCombine() here.
3825         * rendering/RenderCombineText.cpp: Added. A subclass of RenderText.
3826         (WebCore::RenderCombineText::RenderCombineText):
3827         (WebCore::RenderCombineText::styleDidChange):
3828         - Clear the flag that indicated the font has been prepared for combining. The font will be reinitialized in
3829         the next call of RenderBlock::findNextLineBreak().
3830         (WebCore::RenderCombineText::setTextInternal):
3831         - Ditto.
3832         (WebCore::RenderCombineText::width):
3833         - Returns 1-em width in case of font combine.
3834         (WebCore::RenderCombineText::adjustTextOrigin):
3835         - Adjust drawing origin point in case of font combine.
3836         (WebCore::RenderCombineText::charactersToRender):
3837         - Return original text instead of current text in case of font combine.
3838         (WebCore::RenderCombineText::combineText):
3839         - This function tries to pack passed text with; 1) the current font as is, 2) the font created
3840         from the descriptor with half-width variant specified, 3) the font with third-width variant, 4) the font
3841         with quarter-width variant.
3842         - If a suitable font successfully found, replace the current font with the new font. If no appropriate font found,
3843         we give up text-combine as the CSS spec describes.
3844         - If a new font found, we replace the text with 0xFFFC. This is needed for a combined text block to be able to
3845         behave like a single character against text decorations.
3846         * rendering/RenderCombineText.h: Added.
3847         (WebCore::RenderCombineText::isCombined):
3848         (WebCore::RenderCombineText::combinedTextWidth):
3849         - Returns 1-em width in case of font combine.
3850         (WebCore::RenderCombineText::renderName):
3851         (WebCore::toRenderCombineText):
3852         * rendering/RenderText.cpp:
3853         (WebCore::RenderText::widthFromCache):
3854         - Made to call RenderCombineText's combinedTextWidth when the text is combined.
3855         * rendering/RenderingAllInOne.cpp: Added RenderCombineText.cpp
3856         * rendering/style/RenderStyle.h:
3857         (WebCore::InheritedFlags::hasTextCombine):
3858         - Added for a quick test of TextCombine.
3859
3860 2011-01-31  Oliver Hunt  <oliver@apple.com>
3861
3862         Convert markstack to a slot visitor API
3863         https://bugs.webkit.org/show_bug.cgi?id=53219
3864
3865         rolling r77098, r77099, r77100, r77109, and
3866         r77111 back in, along with a few more Qt fix attempts.
3867
3868         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
3869         * WebCore.exp.in:
3870         * bindings/js/DOMWrapperWorld.h:
3871         (WebCore::DOMWrapperWorld::globalData):
3872         * bindings/js/JSAudioConstructor.cpp:
3873         (WebCore::JSAudioConstructor::JSAudioConstructor):
3874         * bindings/js/JSDOMBinding.cpp:
3875         (WebCore::markDOMNodesForDocument):
3876         (WebCore::markDOMObjectWrapper):
3877         (WebCore::markDOMNodeWrapper):
3878         * bindings/js/JSDOMGlobalObject.cpp:
3879         (WebCore::JSDOMGlobalObject::markChildren):
3880         (WebCore::JSDOMGlobalObject::setInjectedScript):
3881         (WebCore::JSDOMGlobalObject::injectedScript):
3882         * bindings/js/JSDOMGlobalObject.h:
3883         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
3884         (WebCore::getDOMConstructor):
3885         * bindings/js/JSDOMWindowCustom.cpp:
3886         (WebCore::JSDOMWindow::setLocation):
3887         (WebCore::DialogHandler::dialogCreated):
3888         * bindings/js/JSDOMWindowShell.cpp:
3889         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
3890         (WebCore::JSDOMWindowShell::setWindow):
3891         (WebCore::JSDOMWindowShell::markChildren):
3892         (WebCore::JSDOMWindowShell::unwrappedObject):
3893         * bindings/js/JSDOMWindowShell.h:
3894         (WebCore::JSDOMWindowShell::window):
3895         (WebCore::JSDOMWindowShell::setWindow):
3896         * bindings/js/JSDeviceMotionEventCustom.cpp:
3897         (WebCore::createAccelerationObject):
3898         (WebCore::createRotationRateObject):
3899         * bindings/js/JSEventListener.cpp:
3900         (WebCore::JSEventListener::JSEventListener):
3901         (WebCore::JSEventListener::markJSFunction):
3902         * bindings/js/JSEventListener.h:
3903         (WebCore::JSEventListener::jsFunction):
3904         * bindings/js/JSHTMLDocumentCustom.cpp:
3905         (WebCore::JSHTMLDocument::setAll):
3906         * bindings/js/JSImageConstructor.cpp:
3907         (WebCore::JSImageConstructor::JSImageConstructor):
3908         * bindings/js/JSImageDataCustom.cpp:
3909         (WebCore::toJS):
3910         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
3911         (WebCore::JSJavaScriptCallFrame::scopeChain):
3912         (WebCore::JSJavaScriptCallFrame::scopeType):
3913         * bindings/js/JSNodeFilterCondition.cpp:
3914         (WebCore::JSNodeFilterCondition::markAggregate):
3915         (WebCore::JSNodeFilterCondition::acceptNode):
3916         * bindings/js/JSNodeFilterCondition.h:
3917         * bindings/js/JSNodeFilterCustom.cpp:
3918         * bindings/js/JSOptionConstructor.cpp:
3919         (WebCore::JSOptionConstructor::JSOptionConstructor):
3920         * bindings/js/JSSQLResultSetRowListCustom.cpp:
3921         (WebCore::JSSQLResultSetRowList::item):
3922         * bindings/js/ScriptCachedFrameData.cpp:
3923         (WebCore::ScriptCachedFrameData::restore):
3924         * bindings/js/ScriptObject.cpp:
3925         (WebCore::ScriptGlobalObject::set):
3926         * bindings/js/SerializedScriptValue.cpp:
3927         (WebCore::CloneDeserializer::putProperty):
3928         * bindings/scripts/CodeGeneratorJS.pm:
3929         * bridge/qt/qt_class.cpp:
3930         (JSC::Bindings::QtClass::fallbackObject):
3931         * bridge/qt/qt_instance.cpp:
3932         (JSC::Bindings::QtInstance::QtInstance):
3933         (JSC::Bindings::QtInstance::removeCachedMethod):
3934         (JSC::Bindings::QtInstance::markAggregate):
3935         * bridge/qt/qt_instance.h:
3936         * bridge/qt/qt_runtime.cpp:
3937         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
3938         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
3939         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
3940         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
3941         * bridge/qt/qt_runtime.h:
3942         * dom/Document.h:
3943
3944 2011-01-31  Dan Winship  <danw@gnome.org>
3945
3946         Reviewed by Gustavo Noronha Silva.
3947
3948         wss (websockets ssl) support for gtk via new gio TLS support
3949         https://bugs.webkit.org/show_bug.cgi?id=50344
3950
3951         Update to use GPollableOutputStream and GTlsConnection to
3952         implement wss URLs
3953
3954         * platform/network/soup/SocketStreamHandle.h:
3955         * platform/network/soup/SocketStreamHandleSoup.cpp:
3956         (WebCore::SocketStreamHandle::SocketStreamHandle):
3957         (WebCore::SocketStreamHandle::connected):
3958         (WebCore::SocketStreamHandle::platformSend):
3959         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
3960         (WebCore::writeReadyCallback):
3961
3962 2011-01-31  Abhishek Arya  <inferno@chromium.org>
3963
3964         Reviewed by Dimitri Glazkov.
3965
3966         Check the textarea node still exists in document before casting
3967         it to HTMLTextAreaElement.
3968         https://bugs.webkit.org/show_bug.cgi?id=53429
3969
3970         Test: fast/forms/textarea-node-removed-from-document-crash.html
3971
3972         * rendering/RenderTextControlMultiLine.cpp:
3973         (WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
3974
3975 2011-01-27  Abhishek Arya  <inferno@chromium.org>
3976
3977         Reviewed by Dave Hyatt.
3978
3979         If beforeChild is wrapped in an anonymous table section, we need to
3980         go the parent to find it and use it before adding childs to table.
3981         https://bugs.webkit.org/show_bug.cgi?id=53276
3982
3983         We need to make sure that beforeChild's parent is "this" before calling
3984         RenderBox::addChild. The previous condition in while is too restrictive
3985         and fails to calculate the right beforeChild value when its display
3986         style is table caption.
3987         Test: fast/table/before-child-non-table-section-add-table-crash.html
3988
3989         * rendering/RenderTable.cpp:
3990         (WebCore::RenderTable::addChild):
3991
3992 2011-01-31  Shane Stephens  <shanestephens@google.com>
3993
3994         Reviewed by Simon Fraser.
3995
3996         AffineTransform::translateRight incorrectly computes a translateLeft.
3997         https://bugs.webkit.org/show_bug.cgi?id=52551
3998
3999         Removed translateRight and converted all uses to perform standard
4000         matrix multiplication.
4001
4002         No new tests because patch doesn't modify functionality.
4003
4004         * platform/graphics/transforms/AffineTransform.cpp:
4005         * platform/graphics/transforms/AffineTransform.h:
4006         (WebCore::AffineTransform::translation):
4007         * rendering/svg/RenderSVGResourceMarker.cpp:
4008         (WebCore::RenderSVGResourceMarker::localToParentTransform):
4009         * rendering/svg/RenderSVGRoot.cpp:
4010         (WebCore::RenderSVGRoot::localToRepaintContainerTransform):
4011         (WebCore::RenderSVGRoot::localToParentTransform):
4012         * rendering/svg/RenderSVGViewportContainer.cpp:
4013         (WebCore::RenderSVGViewportContainer::localToParentTransform):
4014         * rendering/svg/SVGTextLayoutEngine.cpp:
4015         (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices):
4016
4017 2011-01-31  Mario Sanchez Prada  <msanchez@igalia.com>
4018
4019         Reviewed by Martin Robinson.
4020
4021         [Gtk] atk_text_set_caret_offset returns True even when it is unsuccessful
4022         https://bugs.webkit.org/show_bug.cgi?id=53389
4023
4024         Return FALSE when not able to set the caret at the specified offset.
4025
4026         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
4027         (webkit_accessible_text_set_caret_offset): Return FALSE when the
4028         range created is NULL and adjust offset to account for list markers.
4029
4030 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
4031
4032         Reviewed by Yury Semikhatsky.
4033
4034         Web Inspector: copy HAR to clipboard instead of saving blob on export.
4035         https://bugs.webkit.org/show_bug.cgi?id=53328
4036
4037         * inspector/front-end/NetworkPanel.js:
4038         (WebInspector.NetworkPanel.prototype._exportAll):
4039         (WebInspector.NetworkPanel.prototype._exportResource):
4040
4041 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
4042
4043         Reviewed by Timothy Hatcher.
4044
4045         Web Inspector: speed up network panel rendering.
4046         https://bugs.webkit.org/show_bug.cgi?id=53397
4047
4048         * inspector/front-end/DataGrid.js:
4049         (WebInspector.DataGrid.prototype.get scrollContainer):
4050         * inspector/front-end/NetworkPanel.js:
4051         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
4052         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
4053         (WebInspector.NetworkPanel.prototype._createTable):
4054         (WebInspector.NetworkPanel.prototype._exportResource):
4055         (WebInspector.NetworkPanel.prototype._onScroll):
4056         * inspector/front-end/networkPanel.css:
4057         (.network-sidebar .data-grid.small tr.offscreen):
4058         (.network-sidebar .data-grid tr.offscreen):
4059         (.network-sidebar .data-grid tr.offscreen td):
4060
4061 2011-01-31  Peter Varga  <pvarga@webkit.org>
4062
4063         Reviewed by Andreas Kling.
4064
4065         Remove wrec from WebCore
4066         https://bugs.webkit.org/show_bug.cgi?id=53298
4067
4068         No new tests needed.
4069
4070         * Android.jscbindings.mk:
4071         * ForwardingHeaders/wrec/WREC.h: Removed.
4072         * WebCore.vcproj/WebCore.vcproj:
4073         * WebCore.vcproj/copyForwardingHeaders.cmd:
4074
4075 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
4076
4077         Unreviewed, rolling out r76969.
4078         http://trac.webkit.org/changeset/76969
4079         https://bugs.webkit.org/show_bug.cgi?id=53418
4080
4081         "It is causing crashes in GTK+ and Leopard bots" (Requested by
4082         alexg__ on #webkit).
4083
4084         * bridge/runtime_root.cpp:
4085         (JSC::Bindings::RootObject::invalidate):
4086         (JSC::Bindings::RootObject::addRuntimeObject):
4087         (JSC::Bindings::RootObject::removeRuntimeObject):
4088         * bridge/runtime_root.h:
4089
4090 2011-01-31  Antti Koivisto  <antti@apple.com>
4091
4092         Not reviewed.
4093
4094         Spelling.
4095
4096         * css/CSSSelectorList.h:
4097         (WebCore::CSSSelectorList::next):
4098
4099 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
4100
4101         Unreviewed. Fix Chromium compilation on Linux.
4102
4103         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
4104         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
4105
4106 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
4107
4108         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
4109
4110         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
4111
4112 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
4113
4114         Reviewed by Yury Semikhatsky.
4115
4116         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
4117
4118         https://bugs.webkit.org/show_bug.cgi?id=53309
4119
4120         * English.lproj/localizedStrings.js:
4121         * inspector/front-end/ProfilesPanel.js:
4122         (WebInspector.ProfilesPanel):
4123
4124 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
4125
4126         Unreviewed, fix the build with current GTK+ 3.x.
4127
4128         * plugins/gtk/gtk2xtbin.c:
4129         * plugins/gtk/gtk2xtbin.h:
4130
4131 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
4132
4133         Reviewed by Kent Tamura.
4134
4135         Dangling form associated elements should not be registered on the document
4136         https://bugs.webkit.org/show_bug.cgi?id=53223
4137
4138         Adds insertedIntoDocument() and remvoedFromDocument() to
4139         FormAssociatedElement class to register the element on the document
4140         if and only if it actually inserted into (removed from) the document.
4141
4142         Test: fast/forms/dangling-form-element-crash.html
4143
4144         * html/FormAssociatedElement.cpp:
4145         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
4146         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
4147         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
4148         the element to a document.
4149         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
4150         the element from a document.
4151         * html/FormAssociatedElement.h:
4152         * html/HTMLFormControlElement.cpp:
4153         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
4154         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
4155         * html/HTMLFormControlElement.h:
4156         * html/HTMLObjectElement.cpp:
4157         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
4158         FormAssociatedElement::insertedIntoDocument().
4159         (WebCore::HTMLObjectElement::removedFromDocument): Calls
4160         FormAssociatedElement::removedFromDocument().
4161
4162 2011-01-30  Csaba Osztrogon√°c  <ossy@webkit.org>
4163
4164         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
4165         r77111.
4166         http://trac.webkit.org/changeset/77098
4167         http://trac.webkit.org/changeset/77099
4168         http://trac.webkit.org/changeset/77100
4169         http://trac.webkit.org/changeset/77109
4170         http://trac.webkit.org/changeset/77111
4171         https://bugs.webkit.org/show_bug.cgi?id=53219
4172
4173         Qt build is broken
4174
4175         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
4176         * WebCore.exp.in:
4177         * bindings/js/DOMWrapperWorld.h:
4178         * bindings/js/JSAudioConstructor.cpp:
4179         (WebCore::JSAudioConstructor::JSAudioConstructor):
4180         * bindings/js/JSDOMBinding.cpp:
4181         (WebCore::markDOMNodesForDocument):
4182         (WebCore::markDOMObjectWrapper):
4183         (WebCore::markDOMNodeWrapper):
4184         * bindings/js/JSDOMGlobalObject.cpp:
4185         (WebCore::JSDOMGlobalObject::markChildren):
4186         (WebCore::JSDOMGlobalObject::setInjectedScript):
4187         (WebCore::JSDOMGlobalObject::injectedScript):
4188         * bindings/js/JSDOMGlobalObject.h:
4189         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
4190         (WebCore::getDOMConstructor):
4191         * bindings/js/JSDOMWindowCustom.cpp:
4192         (WebCore::JSDOMWindow::setLocation):