f5f375a797b8b2bc8fc53148623286f22e78c83c
[WebKit.git] / Source / WebCore / ChangeLog
1 2011-02-01  James Robinson  <jamesr@chromium.org>
2
3         Reviewed by Adam Barth.
4
5         [v8] Increase V8 native->js recursion limit to match document.write() recursion limit
6         https://bugs.webkit.org/show_bug.cgi?id=53566
7
8         A recursion limit of 22 is necessary to pass fast/dom/Document/document-write-recursion.html.
9         Other than being large enough for this one test case, this limit is arbitrary.
10
11         * bindings/v8/V8Proxy.h:
12
13 2011-02-01  Adam Barth  <abarth@webkit.org>
14
15         Reviewed by Andreas Kling.
16
17         Remove useless comment
18         https://bugs.webkit.org/show_bug.cgi?id=53549
19
20         The reason for this parameter is captured in
21         plugins/netscape-plugin-setwindow-size.html, which is a better place to
22         capture it than in this comment (which otherwise just re-iterates the
23         name of the parameter).
24
25         * html/HTMLPlugInImageElement.cpp:
26         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
27
28 2011-02-01  James Simonsen  <simonjam@chromium.org>
29
30         Reviewed by Tony Gentilcore.
31
32         [WebTiming] Remove asserts that verify timestamp order
33         https://bugs.webkit.org/show_bug.cgi?id=53548
34
35         Covered by existing tests.
36
37         * loader/FrameLoader.cpp:
38         (WebCore::FrameLoader::stopLoading): Remove assert.
39         * page/DOMWindow.cpp:
40         (WebCore::DOMWindow::dispatchTimedEvent): Ditto.
41
42 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
43
44         Add the 'default_targets' enclosure to the flags.
45
46         * WebCore.gyp/WebCore.gyp: Did it.
47
48 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
49
50         Reviewed by James Robinson.
51
52         Async event handlers should not fire within a modal dialog
53         https://bugs.webkit.org/show_bug.cgi?id=53202
54
55         Asychronous events that use EventQueue would currently fire while a
56         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
57         SuspendableTimer (which automatically gets suspended while dialogs are
58         up and in other cases where JS execution is not allowed).
59         
60         Test: fast/events/scroll-event-during-modal-dialog.html
61
62         * dom/Document.cpp:
63         (WebCore::Document::Document):
64         * dom/EventQueue.cpp:
65         (WebCore::EventQueueTimer::EventQueueTimer):
66         (WebCore::EventQueueTimer::fired):
67         (WebCore::EventQueue::EventQueue):
68         (WebCore::EventQueue::enqueueEvent):
69         (WebCore::EventQueue::pendingEventTimerFired):
70         * dom/EventQueue.h:
71         (WebCore::EventQueue::create):
72         * page/SuspendableTimer.cpp:
73         (WebCore::SuspendableTimer::SuspendableTimer):
74         (WebCore::SuspendableTimer::suspend):
75         (WebCore::SuspendableTimer::resume):
76         * page/SuspendableTimer.h:
77
78 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
79
80         Reviewed by Andreas Kling.
81
82         Change wrong PLATFORM(WIN) to USE(WININET)
83         https://bugs.webkit.org/show_bug.cgi?id=53547
84
85         * platform/network/ResourceHandle.h:
86
87 2011-02-01  Beth Dakin  <bdakin@apple.com>
88
89         32-bit build fix.
90
91         * platform/mac/ScrollAnimatorMac.mm:
92         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
93
94 2011-01-25  Martin Robinson  <mrobinson@igalia.com>
95
96         Reviewed by Gustavo Noronha Silva.
97
98         [GTK] Two tests crash after r76555
99         https://bugs.webkit.org/show_bug.cgi?id=53057
100
101         Instead of creating synchronous ResourceHandles manually, use the ::create factory.
102         This ensures that ::start() is not called when there is a scheduled failure and also
103         reduces code duplication.
104
105         * platform/network/soup/ResourceHandleSoup.cpp:
106         (WebCore::ResourceHandle::loadResourceSynchronously): Use the ::create factory method.
107
108 2011-02-01  Martin Robinson  <mrobinson@igalia.com>
109
110         Reviewed by Eric Seidel.
111
112         [GTK] GObject DOM bindings do no support the CallWith attribute
113         https://bugs.webkit.org/show_bug.cgi?id=53331
114
115         Disable building GObject DOM bindings for IndexedDB because we do not support
116         the CallWith attribute at this time.
117
118         * bindings/gobject/GNUmakefile.am: Disable building bindings for the IndexedDB API.
119
120 2011-02-01  Darin Adler  <darin@apple.com>
121
122         Reviewed by Brady Eidson.
123
124         Fix a couple loose ends from the back/forward tree encode/decode work
125         https://bugs.webkit.org/show_bug.cgi?id=53537
126
127         * history/HistoryItem.cpp:
128         (WebCore::HistoryItem::encodeBackForwardTreeNode): Remove extra copy of
129         original URL string; no need to encode it twice.
130         (WebCore::HistoryItem::decodeBackForwardTree): Ditto.
131         * history/HistoryItem.h: Removed declaration for function that is no
132         longer defined nor used.
133
134 2011-02-01  Tony Chang  <tony@chromium.org>
135
136         Reviewed by Kent Tamura.
137
138         [chromium] disable arm uninitialized variable warnings
139         https://bugs.webkit.org/show_bug.cgi?id=53553
140
141         We just got another error:
142         third_party/WebKit/Source/WebCore/css/CSSPrimitiveValue.cpp:123:error:
143         'colorTransparent.unstatic.4879' may be used uninitialized in this
144         function
145
146         * WebCore.gyp/WebCore.gyp:
147
148 2011-02-01  chris reiss  <christopher.reiss@nokia.com>
149
150         Reviewed by Adam Barth.
151
152         Self-replicating code makes Safari hang and eventually crash
153         https://bugs.webkit.org/show_bug.cgi?id=15123
154
155        
156         Here we are replicating the Firefox safeguard against
157         recursive document.write( ) 's.
158
159         See  https://bug197052.bugzilla.mozilla.org/attachment.cgi?id=293907 in bug 
160         https://bugzilla.mozilla.org/show_bug.cgi?id=197052 .   Firefox does two things - 
161             a) imposes a recursion limit of 20 on document.write( ) and
162             b) once that limit is passed, panics all the way the call stack (rather than just returning one level.)
163         To see why this is necessary, consider the script : 
164
165         <script>
166            var t = document.body.innerHTML;
167            document.write(t);
168         </script> 
169
170         This will create a tree both broad and deep as the script keeps appending itself to the text.   If
171         we just return one level after the recursion limit is reached, we still allow millions of copies to 
172         duplicate (and execute).   
173
174         The recursion is fortunately depth-first, so as soon as we cross this limit, we panic up the callstack
175         to prevent this situation.    (IE apparently does the same thing, with a lower recursion limit.) 
176
177         Test: fast/dom/Document/document-write-recursion.html        
178         Test: fast/dom/Document/document-close-iframe-load.html
179         Test: fast/dom/Document/document-close-nested-iframe-load.html
180
181
182         * dom/Document.cpp:
183         (WebCore::Document::Document):
184         (WebCore::Document::write):
185         * dom/Document.h:
186
187 2011-02-01  Johnny Ding  <jnd@chromium.org>
188
189         Reviewed by Darin Adler.
190
191         Don't set user gesture in HTMLAnchorElement's click handler because the click handler can be triggered by untrusted event.
192         https://bugs.webkit.org/show_bug.cgi?id=53424
193
194         Test: fast/events/popup-blocked-from-untrusted-click-event-on-anchor.html
195
196         * html/HTMLAnchorElement.cpp:
197         (WebCore::handleLinkClick):
198
199 2011-02-01  Csaba Osztrogonác  <ossy@webkit.org>
200
201         Unreviewed Qt buildfix after r77286.
202
203         https://bugs.webkit.org/show_bug.cgi?id=53520 
204         Remove the physical terminology from IntRect and FloatRect.
205
206         * platform/graphics/TiledBackingStore.cpp:
207         (WebCore::TiledBackingStore::createTiles):
208
209 2011-02-01  Sam Weinig  <sam@webkit.org>
210
211         Fix Mac production builds.
212
213         * DerivedSources.make:
214         * WebCore.xcodeproj/project.pbxproj:
215         * platform/mac/ScrollAnimatorMac.h:
216         * platform/mac/ScrollbarThemeMac.h:
217
218 2011-02-01  Darin Adler  <darin@apple.com>
219
220         Reviewed by Chris Fleizach.
221
222         REGRESSION: Removing focus from area element causes unwanted scrolling
223         https://bugs.webkit.org/show_bug.cgi?id=50169
224
225         Test: fast/images/imagemap-scroll.html
226
227         * html/HTMLAreaElement.cpp:
228         (WebCore::HTMLAreaElement::setFocus): Added override. Calls the new
229         RenderImage::areaElementFocusChanged function.
230         (WebCore::HTMLAreaElement::updateFocusAppearance): Removed the code
231         here that calls setNeedsLayout on the image's renderer. This was an
232         attempt to cause repaint of the renderer, but this function does not
233         need to do that. Also changed this to use the imageElement function
234         to avoid repeating code.
235
236         * html/HTMLAreaElement.h: Updated for above changes.
237
238         * rendering/RenderImage.cpp:
239         (WebCore::RenderImage::paint): Updated for name change.
240         (WebCore::RenderImage::paintAreaElementFocusRing): Renamed this from
241         paintFocusRing, because it only paints area focus rings, and should
242         not be confused with paintFocusRing functions in other classes. Also
243         removed the unused style argument. Removed the code that used an
244         HTMLCollection to see if the focused area element is for this image
245         and instead just call imageElement on the area element.
246         (WebCore::RenderImage::areaElementFocusChanged): Added. Calls repaint.
247
248         * rendering/RenderImage.h: Added a public areaElementFocusChanged
249         function for HTMLAreaElement to call. Made the paintFocusRing function
250         private, renamed it to paintAreaElementFocusRing, and removed its
251         unused style argument.
252
253 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
254
255         Unreviewed WinCE build fix for r77286.
256
257         * platform/graphics/wince/GraphicsContextWinCE.cpp:
258         (WebCore::TransparentLayerDC::TransparentLayerDC):
259
260 2011-02-01  Chris Fleizach  <cfleizach@apple.com>
261
262         Reviewed by Darin Adler.
263
264         AX: AXPosition of AXScrollArea is wrong
265         https://bugs.webkit.org/show_bug.cgi?id=53511
266
267         AccessibilityScrollView needed to return a valid documentFrameView() object.
268         At the same time, the code from document() should be consolidated in 
269         AccessibilityObject, so all objects can use it.
270
271         Test: platform/mac/accessibility/webkit-scrollarea-position.html
272
273         * accessibility/AccessibilityObject.cpp:
274         (WebCore::AccessibilityObject::document):
275         * accessibility/AccessibilityObject.h:
276         * accessibility/AccessibilityScrollView.cpp:
277         (WebCore::AccessibilityScrollView::accessibilityHitTest):
278         (WebCore::AccessibilityScrollView::documentFrameView):
279         * accessibility/AccessibilityScrollView.h:
280
281 2011-02-01  Zhenyao Mo  <zmo@google.com>
282
283         Reviewed by Kenneth Russell.
284
285         getUniform should support SAMPLER_2D or SAMPLER_CUBE
286         https://bugs.webkit.org/show_bug.cgi?id=52190
287
288         * html/canvas/WebGLRenderingContext.cpp:
289         (WebCore::WebGLRenderingContext::getUniform):
290
291 2011-02-01  Zhenyao Mo  <zmo@google.com>
292
293         Reviewed by Darin Adler.
294
295         Fix the incorrect usage of RetainPtr cases in GraphicsContext3DCG.cpp
296         https://bugs.webkit.org/show_bug.cgi?id=53531
297
298         With this fix, running WebGL conformance tests should no longer crash randomly.
299
300         * platform/graphics/cg/GraphicsContext3DCG.cpp:
301         (WebCore::GraphicsContext3D::getImageData):
302
303 2011-02-01  Dimitri Glazkov  <dglazkov@chromium.org>
304
305         One more Chromium build fix after r77286.
306
307         * platform/chromium/ScrollbarThemeChromiumMac.mm:
308         (WebCore::ScrollbarThemeChromiumMac::paint): Changed to not use topLeft().
309
310 2011-02-01  Sam Weinig  <sam@webkit.org>
311
312         Fix the build for Beth.
313
314         * platform/mac/ScrollAnimatorMac.mm:
315         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
316
317 2011-02-01  Sam Weinig  <sam@webkit.org>
318
319         Reviewed by Beth Dakin.
320
321         Part 2 for <rdar://problem/8492788>
322         Adopt WKScrollbarPainterController
323
324         Use header detection to define scrollbar painting controller #define.
325
326         * WebCore.exp.in:
327         * platform/mac/ScrollAnimatorMac.h:
328         * platform/mac/ScrollbarThemeMac.h:
329         * platform/mac/WebCoreSystemInterface.h:
330         * platform/mac/WebCoreSystemInterface.mm:
331
332 2011-02-01  David Hyatt  <hyatt@apple.com>
333
334         Reviewed by Oliver Hunt.
335
336         https://bugs.webkit.org/show_bug.cgi?id=53520
337         
338         Remove the physical terminology from IntRect and FloatRect.
339         
340         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
341         we need to update our terminology to be more accurate.
342
343         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
344         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
345         even for flipped rectangles.
346
347         * accessibility/AccessibilityRenderObject.cpp:
348         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
349         * accessibility/mac/AccessibilityObjectWrapper.mm:
350         (-[AccessibilityObjectWrapper position]):
351         * dom/ClientRect.h:
352         (WebCore::ClientRect::right):
353         (WebCore::ClientRect::bottom):
354         * html/HTMLCanvasElement.cpp:
355         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
356         * html/canvas/CanvasRenderingContext2D.cpp:
357         (WebCore::normalizeRect):
358         * inspector/InspectorAgent.cpp:
359         (WebCore::InspectorAgent::drawElementTitle):
360         * page/DOMWindow.cpp:
361         (WebCore::DOMWindow::adjustWindowRect):
362         * page/DragController.cpp:
363         (WebCore::dragLocForSelectionDrag):
364         * page/EventHandler.cpp:
365         (WebCore::EventHandler::sendContextMenuEventForKey):
366         * page/PrintContext.cpp:
367         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
368         (WebCore::PrintContext::pageNumberForElement):
369         * page/SpatialNavigation.cpp:
370         (WebCore::end):
371         (WebCore::areRectsFullyAligned):
372         (WebCore::areRectsMoreThanFullScreenApart):
373         (WebCore::below):
374         (WebCore::rightOf):
375         (WebCore::isRectInDirection):
376         (WebCore::entryAndExitPointsForDirection):
377         (WebCore::virtualRectForDirection):
378         * page/WindowFeatures.cpp:
379         (WebCore::WindowFeatures::WindowFeatures):
380         * platform/ScrollView.cpp:
381         (WebCore::ScrollView::wheelEvent):
382         * platform/Scrollbar.cpp:
383         (WebCore::Scrollbar::setFrameRect):
384         * platform/ScrollbarThemeComposite.cpp:
385         (WebCore::ScrollbarThemeComposite::splitTrack):
386         * platform/chromium/ScrollbarThemeChromium.cpp:
387         (WebCore::ScrollbarThemeChromium::paintTickmarks):
388         * platform/graphics/FloatQuad.h:
389         (WebCore::FloatQuad::FloatQuad):
390         * platform/graphics/FloatRect.cpp:
391         (WebCore::FloatRect::intersects):
392         (WebCore::FloatRect::contains):
393         (WebCore::FloatRect::intersect):
394         (WebCore::FloatRect::unite):
395         (WebCore::enclosingIntRect):
396         * platform/graphics/FloatRect.h:
397         (WebCore::FloatRect::maxX):
398         (WebCore::FloatRect::maxY):
399         (WebCore::FloatRect::contains):
400         * platform/graphics/IntRect.cpp:
401         (WebCore::IntRect::intersects):
402         (WebCore::IntRect::contains):
403         (WebCore::IntRect::intersect):
404         (WebCore::IntRect::unite):
405         * platform/graphics/IntRect.h:
406         (WebCore::IntRect::maxX):
407         (WebCore::IntRect::maxY):
408         (WebCore::IntRect::shiftXEdgeTo):
409         (WebCore::IntRect::shiftMaxXEdgeTo):
410         (WebCore::IntRect::shiftYEdgeTo):
411         (WebCore::IntRect::shiftMaxYEdgeTo):
412         (WebCore::IntRect::contains):
413         * platform/graphics/WidthIterator.cpp:
414         (WebCore::WidthIterator::advance):
415         * platform/graphics/cg/GraphicsContextCG.cpp:
416         (WebCore::GraphicsContext::drawRect):
417         (WebCore::GraphicsContext::fillPath):
418         (WebCore::GraphicsContext::fillRect):
419         * platform/graphics/cg/ImageBufferCG.cpp:
420         (WebCore::getImageData):
421         (WebCore::putImageData):
422         * platform/graphics/cg/ImageCG.cpp:
423         (WebCore::BitmapImage::draw):
424         * platform/graphics/filters/FilterEffect.cpp:
425         (WebCore::FilterEffect::copyImageBytes):
426         * platform/graphics/mac/ComplexTextController.cpp:
427         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
428         * platform/graphics/mac/SimpleFontDataMac.mm:
429         (WebCore::SimpleFontData::platformBoundsForGlyph):
430         * platform/graphics/transforms/AffineTransform.cpp:
431         (WebCore::AffineTransform::mapRect):
432         * platform/graphics/win/FontCGWin.cpp:
433         (WebCore::drawGDIGlyphs):
434         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
435         (WebCore::MediaPlayerPrivate::paint):
436         * platform/gtk/RenderThemeGtk.cpp:
437         (WebCore::centerRectVerticallyInParentInputElement):
438         * platform/mac/WidgetMac.mm:
439         (WebCore::Widget::paint):
440         * rendering/InlineFlowBox.cpp:
441         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
442         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
443         * rendering/InlineTextBox.cpp:
444         (WebCore::InlineTextBox::selectionRect):
445         (WebCore::InlineTextBox::paint):
446         (WebCore::InlineTextBox::positionForOffset):
447         * rendering/RenderBlock.cpp:
448         (WebCore::RenderBlock::addOverflowFromChildren):
449         (WebCore::RenderBlock::paintChildren):
450         (WebCore::RenderBlock::paintEllipsisBoxes):
451         (WebCore::RenderBlock::inlineSelectionGaps):
452         (WebCore::RenderBlock::adjustPointToColumnContents):
453         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
454         (WebCore::RenderBlock::adjustForColumns):
455         * rendering/RenderBlock.h:
456         (WebCore::RenderBlock::FloatingObject::right):
457         (WebCore::RenderBlock::FloatingObject::bottom):
458         * rendering/RenderBox.cpp:
459         (WebCore::RenderBox::reflectedRect):
460         (WebCore::RenderBox::localCaretRect):
461         (WebCore::RenderBox::addShadowOverflow):
462         (WebCore::RenderBox::addLayoutOverflow):
463         (WebCore::RenderBox::visualOverflowRectForPropagation):
464         (WebCore::RenderBox::layoutOverflowRectForPropagation):
465         (WebCore::RenderBox::flipForWritingMode):
466         * rendering/RenderFrameSet.cpp:
467         (WebCore::RenderFrameSet::paintColumnBorder):
468         (WebCore::RenderFrameSet::paintRowBorder):
469         * rendering/RenderInline.cpp:
470         (WebCore::RenderInline::paintOutlineForLine):
471         * rendering/RenderLayer.cpp:
472         (WebCore::RenderLayer::getRectToExpose):
473         (WebCore::cornerRect):
474         (WebCore::RenderLayer::positionOverflowControls):
475         (WebCore::RenderLayer::overflowBottom):
476         (WebCore::RenderLayer::overflowRight):
477         (WebCore::RenderLayer::paintResizer):
478         * rendering/RenderLineBoxList.cpp:
479         (WebCore::RenderLineBoxList::rangeIntersectsRect):
480         (WebCore::RenderLineBoxList::paint):
481         * rendering/RenderListItem.cpp:
482         (WebCore::RenderListItem::positionListMarker):
483         * rendering/RenderListMarker.cpp:
484         (WebCore::RenderListMarker::paint):
485         * rendering/RenderObject.cpp:
486         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
487         * rendering/RenderOverflow.h:
488         (WebCore::RenderOverflow::RenderOverflow):
489         (WebCore::RenderOverflow::addLayoutOverflow):
490         (WebCore::RenderOverflow::addVisualOverflow):
491         (WebCore::RenderOverflow::setLayoutOverflow):
492         (WebCore::RenderOverflow::setVisualOverflow):
493         (WebCore::RenderOverflow::resetLayoutOverflow):
494         * rendering/RenderReplaced.cpp:
495         (WebCore::RenderReplaced::shouldPaint):
496         * rendering/RenderScrollbarTheme.cpp:
497         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
498         * rendering/RenderTable.cpp:
499         (WebCore::RenderTable::paint):
500         * rendering/RenderTableCell.cpp:
501         (WebCore::RenderTableCell::paint):
502         * rendering/RenderTableSection.cpp:
503         (WebCore::RenderTableSection::paintObject):
504         * rendering/RenderText.cpp:
505         (WebCore::RenderText::absoluteQuads):
506         * rendering/RenderTextControlSingleLine.cpp:
507         (WebCore::RenderTextControlSingleLine::forwardEvent):
508         * rendering/RenderThemeMac.mm:
509         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
510         (WebCore::RenderThemeMac::paintMenuListButton):
511         (WebCore::RenderThemeMac::paintSliderTrack):
512         * rendering/RenderView.cpp:
513         (WebCore::RenderView::computeRectForRepaint):
514         (WebCore::RenderView::docBottom):
515         (WebCore::RenderView::docRight):
516         * rendering/RootInlineBox.cpp:
517         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
518         * rendering/svg/RenderSVGInlineText.cpp:
519         (WebCore::RenderSVGInlineText::localCaretRect):
520
521 2011-02-01  Beth Dakin  <bdakin@apple.com>
522
523         Reviewed by Sam Weinig.
524
525         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
526
527         Lots of new WebCoreSystemInterface functions to export.
528         * WebCore.exp.in:
529         * platform/mac/WebCoreSystemInterface.h:
530         * platform/mac/WebCoreSystemInterface.mm:
531
532         Let the scrollAnimator know when the mouse has
533         moved anywhere inside the page, and when the mouse 
534         has moved in or out of the window. 
535         * page/EventHandler.cpp:
536         (WebCore::EventHandler::mouseMoved):
537         (WebCore::EventHandler::updateMouseEventTargetNode):
538
539         Let the scrollAnimator know when the window has become
540         active or inactive.
541         * page/FocusController.cpp:
542         (WebCore::FocusController::setActive):
543         
544         Let the scrollAnimator know when all of these things
545         are happening.
546         * page/FrameView.cpp:
547         (WebCore::FrameView::setContentsSize):
548         (WebCore::FrameView::didMoveOnscreen):
549         (WebCore::FrameView::willMoveOffscreen):
550         (WebCore::FrameView::currentMousePosition):
551         (WebCore::FrameView::contentsResized):
552         
553         New functions called through WebKit2 that allow the
554         scrollAnimator to know when a live resize starts and ends.
555         (WebCore::FrameView::willStartLiveResize):
556         (WebCore::FrameView::willEndLiveResize):
557         * page/FrameView.h:
558         
559         New functions on ScrollAnimator that pass information
560         to the WKPainterController when we're using one.
561         * platform/ScrollAnimator.h:
562         (WebCore::ScrollAnimator::scrollableArea):
563         (WebCore::ScrollAnimator::contentAreaWillPaint):
564         (WebCore::ScrollAnimator::mouseEnteredContentArea):
565         (WebCore::ScrollAnimator::mouseExitedContentArea):
566         (WebCore::ScrollAnimator::mouseMovedInContentArea):
567         (WebCore::ScrollAnimator::willStartLiveResize):
568         (WebCore::ScrollAnimator::contentsResized):
569         (WebCore::ScrollAnimator::willEndLiveResize):
570         (WebCore::ScrollAnimator::contentAreaDidShow):
571         (WebCore::ScrollAnimator::contentAreaDidHide):
572         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
573         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
574         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
575         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
576         (WebCore::ScrollAnimatorMac::notityPositionChanged):
577         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
578         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
579         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
580         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
581         (WebCore::ScrollAnimatorMac::willStartLiveResize):
582         (WebCore::ScrollAnimatorMac::contentsResized):
583         (WebCore::ScrollAnimatorMac::willEndLiveResize):
584         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
585         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
586         
587         Let the scrollAnimator know when this is happening.
588         * platform/ScrollView.cpp:
589         (WebCore::ScrollView::paint):
590         
591         New function lets the scrollAnimator get the current 
592         mouse position.
593         * platform/ScrollView.h:
594         (WebCore::ScrollView::currentMousePosition):
595         
596         New function that returns the scrollAnimator when needed.
597         * platform/ScrollableArea.h:
598         (WebCore::ScrollableArea::scrollAnimator):
599         
600         Keep track of if we're in a live resize using a new memeber
601         variable.
602         * platform/mac/ScrollAnimatorMac.h:
603         (WebCore::ScrollAnimatorMac::inLiveResize):
604         * platform/mac/ScrollAnimatorMac.mm:
605         (WebCore::view):
606         
607         New delegates for the WKPainter and WKPainterController
608         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
609         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
610         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
611         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
612         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
613         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
614         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
615         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
616         (-[ScrollKnobAnimation setCurrentProgress:]):
617         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
618         (-[ScrollbarPainterDelegate convertRectToBacking:]):
619         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
620         (-[ScrollbarPainterDelegate layer]):
621         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
622         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
623         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
624         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
625
626         Get the WKScrollbarPainterRefs to synch up with the 
627         WKScrollbarPainterControllerRefs when appropriate
628         * platform/mac/ScrollbarThemeMac.h:
629         * platform/mac/ScrollbarThemeMac.mm:
630         (WebCore::ScrollbarThemeMac::registerScrollbar):
631         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
632         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
633         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
634
635         Implement ScrollableArea's virtual function contentsSize() for access
636         through the scrollAnimator.
637         * rendering/RenderLayer.h:
638         (WebCore::RenderLayer::contentsSize):
639
640 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
641
642         Reviewed by David Hyatt.
643
644         layoutTestController.counterValueForElementById does not return the correct value
645         https://bugs.webkit.org/show_bug.cgi?id=53037
646
647         Test: fast/css/counters/deep-before.html
648
649         * rendering/RenderTreeAsText.cpp:
650         (WebCore::counterValueForElement):
651         Modified to use the newly available RenderObject::beforePseudoElement()
652         and RenderObject::afterPseudoElement() instead of the old imperfect
653         algorithm to find the before and after pseudo elements.
654
655 2011-02-01  Anton Muhin  <antonm@chromium.org>
656
657         Reviewed by Adam Barth.
658
659         Allow access for security origin same as this.
660         https://bugs.webkit.org/show_bug.cgi?id=53440
661
662         Hard to test as newly added path currently is never hit.
663
664         * page/SecurityOrigin.cpp:
665         (WebCore::SecurityOrigin::canAccess): allow access if this == other
666
667 2011-01-31  Oliver Hunt  <oliver@apple.com>
668
669         Reviewed by Geoffrey Garen.
670
671         Update JSObject storage for new marking API
672         https://bugs.webkit.org/show_bug.cgi?id=53467
673
674         Update WebCore to handle new anonymous slot behaviour.
675
676         * bindings/js/JSDOMWindowShell.cpp:
677         (WebCore::JSDOMWindowShell::setWindow):
678         * bindings/js/WorkerScriptController.cpp:
679         (WebCore::WorkerScriptController::initScript):
680         * bindings/scripts/CodeGeneratorJS.pm:
681
682 2011-02-01  Xiaomei Ji  <xji@chromium.org>
683
684         Reviewed by David Hyatt.
685
686         Fix a text rendering problem when enclosing block is RTL and text runs
687         are in different directionality.
688         https://bugs.webkit.org/show_bug.cgi?id=34176
689
690         The problem happens in the following example scenario (ABC represents 
691         Hebrew characters):
692         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
693
694         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
695         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
696         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
697
698         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
699
700         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
701         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
702         the run's render object's ancestor (not only its parent) has already 
703         been constructed or has something following it on the line, in which 
704         case, create a new box for TextRun2 instead of sharing the same box with
705         TextRun3.
706
707         In other words, the following 2 div should render the same results
708         (ABC represents Hebrew characters).
709         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
710         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
711
712         Test: fast/dom/34176.html
713
714         * rendering/RenderBlockLineLayout.cpp:
715         (WebCore::parentIsConstructedOrHaveNext):
716         (WebCore::RenderBlock::createLineBoxes):
717
718 2011-02-01  Abhishek Arya  <inferno@chromium.org>
719
720         Reviewed by Dan Bernstein.
721
722         Do not add a node in the document's stylesheet candidate node list if the
723         node is already removed from document.
724         https://bugs.webkit.org/show_bug.cgi?id=53441
725
726         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
727
728         * dom/Document.cpp:
729         (WebCore::Document::addStyleSheetCandidateNode):
730
731 2011-02-01  Dave Hyatt  <hyatt@apple.com>
732
733         Reviewed by Darin Adler.
734
735         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
736         with vertical text.
737
738         Change printing functions to check writing-mode and properly swap width and height
739         as needed.
740         
741         Fix the setScrollOrigin function so that the origin doesn't cause
742         scroll spasming during printing (this is only partially successful, but it's better
743         than it was).
744
745         Rewrite computePageRects to handle both RTL documents properly as well as vertical
746         text documents properly.
747
748         * WebCore.exp.in:
749         * page/FrameView.cpp:
750         (WebCore::FrameView::adjustViewSize):
751         (WebCore::FrameView::forceLayoutForPagination):
752         * page/PrintContext.cpp:
753         (WebCore::PrintContext::computePageRects):
754         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
755         (WebCore::PrintContext::computeAutomaticScaleFactor):
756         (WebCore::PrintContext::spoolPage):
757         (WebCore::PrintContext::spoolRect):
758         * page/PrintContext.h:
759         * page/mac/WebCoreFrameView.h:
760         * platform/ScrollView.cpp:
761         (WebCore::ScrollView::wheelEvent):
762         * platform/ScrollView.h:
763         * platform/mac/ScrollViewMac.mm:
764         (WebCore::ScrollView::platformSetScrollOrigin):
765         * rendering/RenderView.cpp:
766         (WebCore::RenderView::layout):
767
768 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
769
770         Reviewed by Pavel Feldman.
771
772         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
773
774         https://bugs.webkit.org/show_bug.cgi?id=53500
775
776         * inspector/InspectorProfilerAgent.cpp:
777         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
778
779 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
780
781         Reviewed by Pavel Feldman.
782
783         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
784
785         https://bugs.webkit.org/show_bug.cgi?id=53173
786
787         Adding code for accessing heap snapshot data and
788         performing graph calculations.
789
790         * English.lproj/localizedStrings.js:
791         * inspector/front-end/HeapSnapshot.js:
792         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
793         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
794         (WebInspector.HeapSnapshotEdgeIterator):
795         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
796         (WebInspector.HeapSnapshotNodeIterator):
797         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
798         (WebInspector.HeapSnapshotFilteredOrderedIterator):
799         (WebInspector.HeapSnapshotEdgesProvider):
800         (WebInspector.HeapSnapshotNodesProvider):
801         (WebInspector.HeapSnapshotPathFinder):
802         * inspector/front-end/HeapSnapshotView.js:
803         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
804
805 2011-02-01  Adam Roben  <aroben@apple.com>
806
807         Fix linker warnings in Release_LTCG builds
808
809         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
810         configurations, since they get pulled in via DOMAllInOne.cpp.
811
812 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
813
814         Reviewed by Yury Semikhatsky.
815
816         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
817         https://bugs.webkit.org/show_bug.cgi?id=53482
818
819         * English.lproj/localizedStrings.js:
820         * inspector/front-end/ElementsPanel.js:
821         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
822         * inspector/front-end/inspector.js:
823         (WebInspector.resourceForURL):
824         (WebInspector.openLinkExternallyLabel):
825
826 2011-02-01  Anton Muhin  <antonm@chromium.org>
827
828         Reviewed by Adam Barth.
829
830         Propagate parent document security origin to newly create Document XML response
831         https://bugs.webkit.org/show_bug.cgi?id=53444
832
833         Covered by the existing tests.
834
835         * xml/XMLHttpRequest.cpp:
836         (WebCore::XMLHttpRequest::responseXML):
837
838 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
839
840         Unreviewed. Rollout r77230 which caused many layout tests
841         crashes on Chromium Debug bots.
842
843         Async event handlers should not fire within a modal dialog
844         https://bugs.webkit.org/show_bug.cgi?id=53202
845
846         * dom/Document.cpp:
847         (WebCore::Document::Document):
848         * dom/EventQueue.cpp:
849         (WebCore::EventQueue::EventQueue):
850         (WebCore::EventQueue::enqueueEvent):
851         (WebCore::EventQueue::pendingEventTimerFired):
852         * dom/EventQueue.h:
853
854 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
855
856         Reviewed by Dirk Schulze.
857
858         LightElement changes does not require relayout.
859         https://bugs.webkit.org/show_bug.cgi?id=53232
860
861         When an attribute of a LightElement changes, it
862         send an update message to the lighting filters
863         to update its corresponding LightSource objects,
864         and repaint the filters.
865
866         Duplicated 'id' attributes removed from svg-filter-animation.svg.
867
868         Existing dynamic-update tests covers this feature.
869
870         5x speedup on manual-tests/svg-filter-animation.svg
871
872         * manual-tests/svg-filter-animation.svg:
873         * platform/graphics/filters/DistantLightSource.h:
874         * platform/graphics/filters/FEDiffuseLighting.cpp:
875         (WebCore::FEDiffuseLighting::setLightingColor):
876         (WebCore::FEDiffuseLighting::setSurfaceScale):
877         (WebCore::FEDiffuseLighting::setDiffuseConstant):
878         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
879         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
880         * platform/graphics/filters/FEDiffuseLighting.h:
881         * platform/graphics/filters/LightSource.cpp:
882         (WebCore::PointLightSource::setX):
883         (WebCore::PointLightSource::setY):
884         (WebCore::PointLightSource::setZ):
885         (WebCore::SpotLightSource::setX):
886         (WebCore::SpotLightSource::setY):
887         (WebCore::SpotLightSource::setZ):
888         (WebCore::SpotLightSource::setPointsAtX):
889         (WebCore::SpotLightSource::setPointsAtY):
890         (WebCore::SpotLightSource::setPointsAtZ):
891         (WebCore::SpotLightSource::setSpecularExponent):
892         (WebCore::SpotLightSource::setLimitingConeAngle):
893         (WebCore::DistantLightSource::setAzimuth):
894         (WebCore::DistantLightSource::setElevation):
895         (WebCore::LightSource::setAzimuth):
896         (WebCore::LightSource::setElevation):
897         (WebCore::LightSource::setX):
898         (WebCore::LightSource::setY):
899         (WebCore::LightSource::setZ):
900         (WebCore::LightSource::setPointsAtX):
901         (WebCore::LightSource::setPointsAtY):
902         (WebCore::LightSource::setPointsAtZ):
903         (WebCore::LightSource::setSpecularExponent):
904         (WebCore::LightSource::setLimitingConeAngle):
905         * platform/graphics/filters/LightSource.h:
906         * platform/graphics/filters/PointLightSource.h:
907         * platform/graphics/filters/SpotLightSource.h:
908         * rendering/svg/RenderSVGResourceFilter.cpp:
909         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
910         * svg/SVGFEDiffuseLightingElement.cpp:
911         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
912         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
913         (WebCore::SVGFEDiffuseLightingElement::build):
914         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
915         (WebCore::SVGFEDiffuseLightingElement::findLight):
916         * svg/SVGFEDiffuseLightingElement.h:
917         * svg/SVGFELightElement.cpp:
918         (WebCore::SVGFELightElement::svgAttributeChanged):
919         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
920         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
921         * svg/SVGFilterPrimitiveStandardAttributes.h:
922
923 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
924
925         Reviewed by Dimitri Glazkov.
926
927         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
928         https://bugs.webkit.org/show_bug.cgi?id=53289
929
930         Moving the nested class DocumentOrderedMap from Document into separate files,
931         updating code where necessary.
932
933         No new tests. (refactoring)
934
935         * Android.mk:
936         * CMakeLists.txt:
937         * GNUMakefile.am:
938         * WebCore.gypi:
939         * WebCore.pro:
940         * WebCore.vcproj/WebCore.vcproj:
941         * WebCore.xcodeproj/project.pbxproj:
942         * dom/Document.cpp:
943         (WebCore::Document::getElementById):
944         (WebCore::Document::getImageMap):
945         * dom/Document.h:
946         * dom/DocumentOrderedMap.cpp: Added.
947         (WebCore::keyMatchesId):
948         (WebCore::keyMatchesMapName):
949         (WebCore::keyMatchesLowercasedMapName):
950         (WebCore::DocumentOrderedMap::clear):
951         (WebCore::DocumentOrderedMap::add):
952         (WebCore::DocumentOrderedMap::remove):
953         (WebCore::DocumentOrderedMap::get):
954         (WebCore::DocumentOrderedMap::getElementById):
955         (WebCore::DocumentOrderedMap::getElementByMapName):
956         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
957         * dom/DocumentOrderedMap.h: Added.
958         (WebCore::DocumentOrderedMap::contains):
959         (WebCore::DocumentOrderedMap::containsMultiple):
960         * dom/DOMAllInOne.cpp:
961
962 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
963
964         Reviewed by Martin Robinson.
965
966         [Gtk] atk_text_set_caret_offset fails for list items
967         https://bugs.webkit.org/show_bug.cgi?id=53388
968
969         Allow using text ranges across list items.
970
971         * accessibility/gtk/AccessibilityObjectAtk.cpp:
972         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
973         to the list of accessibility objects supporting text ranges.
974
975 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
976
977         Reviewed by Martin Robinson.
978
979         [GTK] character range extents is off when the end of a wrapped line is included
980         https://bugs.webkit.org/show_bug.cgi?id=53323
981
982         Fixed wrong calculation getting the range extents.
983
984         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
985         (webkit_accessible_text_get_range_extents): Removed '+1' since the
986         requested interval shouldn't include the last character.
987
988 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
989
990         Reviewed by Martin Robinson.
991
992         [GTK] Caret Offset is one off at the end of wrapped lines
993         https://bugs.webkit.org/show_bug.cgi?id=53300
994
995         Consider linebreaks as special cases.
996
997         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
998         (objectAndOffsetUnignored): In order to avoid getting wrong values
999         when around linebreaks, we need to workaround this by explicitly
1000         avoiding those '\n' text nodes from affecting the result of
1001         calling to TextIterator:rangeLength().
1002
1003 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
1004
1005         Unreviewed, rolling out r77229.
1006         http://trac.webkit.org/changeset/77229
1007         https://bugs.webkit.org/show_bug.cgi?id=53289
1008
1009         revert mysterious build breakage
1010
1011         * Android.mk:
1012         * CMakeLists.txt:
1013         * GNUmakefile.am:
1014         * WebCore.gypi:
1015         * WebCore.pro:
1016         * WebCore.vcproj/WebCore.vcproj:
1017         * WebCore.xcodeproj/project.pbxproj:
1018         * dom/DOMAllInOne.cpp:
1019         * dom/Document.cpp:
1020         (WebCore::Document::DocumentOrderedMap::clear):
1021         (WebCore::Document::DocumentOrderedMap::add):
1022         (WebCore::Document::DocumentOrderedMap::remove):
1023         (WebCore::Document::DocumentOrderedMap::get):
1024         (WebCore::keyMatchesId):
1025         (WebCore::Document::getElementById):
1026         (WebCore::keyMatchesMapName):
1027         (WebCore::keyMatchesLowercasedMapName):
1028         (WebCore::Document::getImageMap):
1029         * dom/Document.h:
1030         (WebCore::Document::DocumentOrderedMap::contains):
1031         (WebCore::Document::DocumentOrderedMap::containsMultiple):
1032         * dom/DocumentOrderedMap.cpp: Removed.
1033         * dom/DocumentOrderedMap.h: Removed.
1034
1035 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
1036
1037         Reviewed by James Robinson.
1038
1039         Async event handlers should not fire within a modal dialog
1040         https://bugs.webkit.org/show_bug.cgi?id=53202
1041
1042         Asychronous events that use EventQueue would currently fire while a
1043         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
1044         SuspendableTimer (which automatically gets suspended while dialogs are
1045         up and in other cases where JS execution is not allowed).
1046         
1047         Test: fast/events/scroll-event-during-modal-dialog.html
1048
1049         * dom/Document.cpp:
1050         (WebCore::Document::Document):
1051         * dom/EventQueue.cpp:
1052         (WebCore::EventQueueTimer::EventQueueTimer):
1053         (WebCore::EventQueueTimer::fired):
1054         (WebCore::EventQueue::EventQueue):
1055         (WebCore::EventQueue::enqueueEvent):
1056         (WebCore::EventQueue::pendingEventTimerFired):
1057         * dom/EventQueue.h:
1058         (WebCore::EventQueue::create):
1059
1060 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
1061
1062         Reviewed by Dimitri Glazkov.
1063
1064         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
1065         https://bugs.webkit.org/show_bug.cgi?id=53289
1066
1067         Moving the nested class DocumentOrderedMap from Document into separate files,
1068         updating code where necessary.
1069
1070         No new tests. (refactoring)
1071
1072         * Android.mk:
1073         * CMakeLists.txt:
1074         * GNUMakefile.am:
1075         * WebCore.gypi:
1076         * WebCore.pro:
1077         * WebCore.vcproj/WebCore.vcproj:
1078         * WebCore.xcodeproj/project.pbxproj:
1079         * dom/Document.cpp:
1080         (WebCore::Document::getElementById):
1081         (WebCore::Document::getImageMap):
1082         * dom/Document.h:
1083         * dom/DocumentOrderedMap.cpp: Added.
1084         (WebCore::keyMatchesId):
1085         (WebCore::keyMatchesMapName):
1086         (WebCore::keyMatchesLowercasedMapName):
1087         (WebCore::DocumentOrderedMap::clear):
1088         (WebCore::DocumentOrderedMap::add):
1089         (WebCore::DocumentOrderedMap::remove):
1090         (WebCore::DocumentOrderedMap::get):
1091         (WebCore::DocumentOrderedMap::getElementById):
1092         (WebCore::DocumentOrderedMap::getElementByMapName):
1093         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
1094         * dom/DocumentOrderedMap.h: Added.
1095         (WebCore::DocumentOrderedMap::contains):
1096         (WebCore::DocumentOrderedMap::containsMultiple):
1097         * dom/DOMAllInOne.cpp:
1098
1099 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
1100
1101         Reviewed by Darin Fisher.
1102
1103         [Chromium] Autofill should work with HTML5 form elements
1104         https://bugs.webkit.org/show_bug.cgi?id=51809
1105         http://crbug.com/65654
1106
1107         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
1108
1109         * html/InputType.h: Insert comment for canSetSuggestedValue().
1110         * html/TextFieldInputType.cpp:
1111         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
1112         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
1113         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
1114         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
1115
1116 2011-02-01  Kent Tamura  <tkent@chromium.org>
1117
1118         Reviewed by Dan Bernstein.
1119
1120         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
1121         https://bugs.webkit.org/show_bug.cgi?id=53272
1122
1123         * editing/TextIterator.cpp:
1124         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
1125
1126 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
1127
1128         Reviewed by Maciej Stachowiak.
1129
1130         https://bugs.webkit.org/show_bug.cgi?id=53466
1131         Move WebKit2 to printing via API methods
1132
1133         * WebCore.exp.in: Export IntRect::scale().
1134
1135 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
1136
1137         Reviewed by Adam Barth.
1138
1139         Remove obsolete comment after r41871
1140         https://bugs.webkit.org/show_bug.cgi?id=53406
1141
1142         * dom/Document.h:
1143
1144 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
1145
1146         Fix according to reviewer comments: can just use Color::black now.
1147
1148         * platform/graphics/ShadowBlur.cpp:
1149         (WebCore::ShadowBlur::drawInsetShadow):
1150         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
1151
1152 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
1153
1154         Reviewed by Sam Weinig.
1155
1156         Clean up ShadowBlur
1157         https://bugs.webkit.org/show_bug.cgi?id=53472
1158
1159         Some minor ShadowBlur cleanup.
1160
1161         * platform/graphics/ShadowBlur.h:
1162         * platform/graphics/ShadowBlur.cpp:
1163         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
1164         paramter.
1165         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
1166         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
1167         layerRect. Make frameSize a float.
1168         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
1169         layerRect rather than calling calculateLayerBoundingRect() to compute
1170         it itself, since we were calling calculateLayerBoundingRect() twice.
1171         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
1172         only once. The shadowRect variable was unused, so two return paths could be
1173         collapsed into one.
1174         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
1175         beginShadowLayer() now.
1176         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
1177         We always used alpha=1, so no need to pass that in.
1178         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
1179         pass that in. Move shadowRect down to first use.
1180         ShadowBlur::clipBounds() was unused.
1181
1182 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
1183
1184         Reviewed by Kenneth Rohde Christiansen.
1185
1186         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
1187         https://bugs.webkit.org/show_bug.cgi?id=46748
1188
1189         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
1190         Added a regression test to tst_QWebFrame.
1191
1192         * bridge/qt/qt_instance.cpp:
1193         (JSC::Bindings::QtInstance::QtInstance):
1194
1195 2011-01-27  MORITA Hajime  <morrita@google.com>
1196
1197         Reviewed by Dimitri Glazkov.
1198         
1199         Convert <progress> shadow DOM to a DOM-based shadow.
1200         https://bugs.webkit.org/show_bug.cgi?id=50660
1201
1202         * Removed RenderProgress::m_valuePart, moved the shadow node
1203           to the shadow root of HTMLProgressElement.
1204         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
1205           ProgressBarValueElement is defined only for overriding
1206           shadowPseudoId().
1207         
1208         No new tests. No behavioral change.
1209
1210         * css/CSSSelector.cpp:
1211         (WebCore::CSSSelector::pseudoId):
1212         (WebCore::nameToPseudoTypeMap):
1213         (WebCore::CSSSelector::extractPseudoType):
1214         * css/CSSSelector.h:
1215         * html/HTMLProgressElement.cpp:
1216         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
1217         (WebCore::ProgressBarValueElement::shadowPseudoId):
1218         (WebCore::ProgressBarValueElement::create):
1219         (WebCore::ProgressBarValueElement::detach):
1220         (WebCore::HTMLProgressElement::parseMappedAttribute):
1221         (WebCore::HTMLProgressElement::attach):
1222         (WebCore::HTMLProgressElement::valuePart):
1223         (WebCore::HTMLProgressElement::didElementStateChange):
1224         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
1225         * html/HTMLProgressElement.h:
1226         * rendering/RenderProgress.cpp:
1227         (WebCore::RenderProgress::~RenderProgress):
1228         (WebCore::RenderProgress::updateFromElement):
1229         (WebCore::RenderProgress::layoutParts):
1230         (WebCore::RenderProgress::shouldHaveParts):
1231         (WebCore::RenderProgress::valuePart):
1232         * rendering/RenderProgress.h:
1233         * rendering/style/RenderStyleConstants.h:
1234
1235 2011-01-31  Charlie Reis  <creis@chromium.org>
1236
1237         Reviewed by Mihai Parparita.
1238
1239         Add sanity check to help diagnose bug 52819
1240         https://bugs.webkit.org/show_bug.cgi?id=53402
1241
1242         Crash early if the children of fromItem look invalid.
1243
1244         * loader/HistoryController.cpp:
1245
1246 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
1247
1248         Reviewed by Andreas Kling.
1249
1250         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
1251         https://bugs.webkit.org/show_bug.cgi?id=53325
1252
1253         Reimplement paintCurrentFrameInContext() rather than delegate the
1254         rendering to paint() to make sure we really do get the video frame
1255         content into the GraphicsContext, regardless of accelerated
1256         compositing and the video scene state.
1257
1258         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
1259         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
1260         * platform/graphics/qt/MediaPlayerPrivateQt.h:
1261
1262 2011-01-31  Emil A Eklund  <eae@chromium.org>
1263
1264         Reviewed by Darin Adler.
1265
1266         Setting "selected" attribute to false should have no effect in single line <select>
1267         https://bugs.webkit.org/show_bug.cgi?id=52436
1268
1269         Change SelectElement::setSelectedIndex to select the first selectable
1270         option when the select state of all options is set to false as required
1271         by the HTML5 specification.
1272
1273         Test: fast/dom/HTMLSelectElement/selected-false.html
1274
1275         * dom/SelectElement.cpp:
1276         (WebCore::SelectElement::setSelectedIndex):
1277
1278 2011-01-31  Alexander Pavlov  <apavlov@chromium.org>
1279
1280         Reviewed by Yury Semikhatsky.
1281
1282         Web Inspector: Console source references need a left-margin
1283         https://bugs.webkit.org/show_bug.cgi?id=53308
1284
1285         * inspector/front-end/inspector.css:
1286         (.console-message-url): Added a 4px margin on the left.
1287
1288 2011-01-31  Carol Szabo  <carol.szabo@nokia.com>
1289
1290         Reviewed by David Hyatt.
1291
1292         Code Changes only.
1293
1294         It is needlessly expensive to find the generating node from an anonymous renderer of a pseudoelement.
1295         https://bugs.webkit.org/show_bug.cgi?id=53024
1296
1297         No new tests. No change in functionality
1298
1299         * rendering/RenderObject.h:
1300         (WebCore::RenderObject::before):
1301         (WebCore::RenderObject::after):
1302         (WebCore::RenderObject::generatingNode):
1303         Added new accessors for the use of the CSS 2.1 counters code
1304         (mainlyly)
1305         * rendering/RenderObjectChildList.cpp:
1306         (WebCore::beforeAfterContainer):
1307         (WebCore::RenderObjectChildList::invalidateCounters):
1308         (WebCore::RenderObjectChildList::before):
1309         (WebCore::RenderObjectChildList::after):
1310         Refactored the code to take advantage of the new accessors.
1311         (WebCore::RenderObjectChildList::updateBeforeAfterContent):
1312         Changed to store the generating node in the :before and :after
1313         renderers.
1314         * rendering/RenderObjectChildList.h:
1315
1316 2011-01-31  Krithigassree Sambamurthy  <krithigassree.sambamurthy@nokia.com>
1317
1318         Reviewed by David Hyatt.
1319
1320         Add background-clip to background shorthand
1321         https://bugs.webkit.org/show_bug.cgi?id=52080
1322
1323         Added background-clip to background-shorthand. Also made changes to
1324         include webkitMaskClip to the mask shorthand to keep both in sync.
1325
1326         * css/CSSParser.cpp:
1327         (WebCore::CSSParser::parseValue):
1328         (WebCore::CSSParser::parseFillShorthand):
1329
1330 2011-01-31  Darin Adler  <darin@apple.com>
1331
1332         Reviewed by Adele Peterson.
1333
1334         WKView should support scrollPageDown:, scrollPageUp:, scrollToBeg and other similar selectors
1335         https://bugs.webkit.org/show_bug.cgi?id=53460
1336
1337         * editing/EditorCommand.cpp:
1338         (WebCore::executeScrollPageBackward): Added.
1339         (WebCore::executeScrollPageForward): Added.
1340         (WebCore::executeScrollToBeginningOfDocument): Added.
1341         (WebCore::executeScrollToEndOfDocument): Added.
1342         (WebCore::createCommandMap): Added the four commands above to the map.
1343
1344 2011-01-31  Dan Bernstein  <mitz@apple.com>
1345
1346         Reviewed by Adele Peterson.
1347
1348         Inter-ideograph justification should apply to hiragana and katakana as well
1349         https://bugs.webkit.org/show_bug.cgi?id=53464
1350
1351         Changed the test for expansion opportunities from isCJKIdeograph() to isCJKIdeographOrSymbol().
1352
1353         * platform/graphics/Font.cpp:
1354         (WebCore::Font::expansionOpportunityCount):
1355         * platform/graphics/WidthIterator.cpp:
1356         (WebCore::WidthIterator::advance):
1357         * platform/graphics/mac/ComplexTextController.cpp:
1358         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
1359
1360 2011-01-31  Dimitri Glazkov  <dglazkov@chromium.org>
1361
1362         Reviewed by James Robinson.
1363
1364         REGRESSION(r76951): Appearance of media controls changed slightly on Qt/Chromium ports
1365         https://bugs.webkit.org/show_bug.cgi?id=53314
1366
1367         Fixes media/controls-strict.html on Chromium.
1368
1369         * css/mediaControlsChromium.css:
1370         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
1371             Added proper box-sizing to avoid differences between strict/quirks mode.
1372
1373 2011-01-31  Kent Tamura  <tkent@chromium.org>
1374
1375         Reviewed by Dimitri Glazkov.
1376
1377         Validation message bubble shouldn't inherit text-security style
1378         https://bugs.webkit.org/show_bug.cgi?id=53457
1379
1380         No new tests because the validation message feature depends on timers
1381         and is enabled only in Chromium port.
1382
1383         * css/html.css:
1384         (::-webkit-validation-bubble): Reset -webkit-text-security.
1385
1386 2011-01-31  Michael Saboff  <msaboff@apple.com>
1387
1388         Reviewed by Geoffrey Garen.
1389
1390         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1391         https://bugs.webkit.org/show_bug.cgi?id=53271
1392
1393         Reapplying this patch again. 
1394         The removal of this patch in <http://trac.webkit.org/changeset/77125>
1395         as part of https://bugs.webkit.org/show_bug.cgi?id=53418,
1396         removed the both the first (failing) patch (r76893) and this fixed 
1397         patch (r76969).  This patch includes slight changes necessitated by
1398         r77151.
1399
1400         Reapplying this patch with the change that the second ASSERT in 
1401         RootObject::removeRuntimeObject was changed to use
1402         .uncheckedGet() instead of the failing .get().  The object in question
1403         could be in the process of being GC'ed.  The get() call will not return
1404         such an object while the uncheckedGet() call will return the (unsafe) 
1405         object.  This is the behavior we want.
1406
1407         Precautionary change.
1408         Changed RootObject to use WeakGCMap instead of HashSet.
1409         Found will looking for another issue, but can't produce a test case
1410         that is problematic.  THerefore there aren't any new tests.
1411
1412         * bridge/runtime_root.cpp:
1413         (JSC::Bindings::RootObject::invalidate):
1414         (JSC::Bindings::RootObject::addRuntimeObject):
1415         (JSC::Bindings::RootObject::removeRuntimeObject):
1416         * bridge/runtime_root.h:
1417
1418 2011-01-31  Andreas Kling  <kling@webkit.org>
1419
1420         Unbreak Qt build after r77151.
1421
1422         * bridge/qt/qt_instance.cpp:
1423         (JSC::Bindings::QtInstance::removeCachedMethod):
1424         (JSC::Bindings::QtInstance::markAggregate):
1425
1426 2011-01-31  takano takumi  <takano@apple.com>
1427
1428         Reviewed by Dave Hyatt.
1429
1430         Implement text-combine rendering code
1431         https://bugs.webkit.org/show_bug.cgi?id=50621
1432
1433         Test: fast/text/international/text-combine-image-test.html
1434
1435         * Android.mk: Added RenderCombineText.cpp/h
1436         * CMakeLists.txt: Added RenderCombineText.cpp/h
1437         * GNUmakefile.am: Added RenderCombineText.cpp/h
1438         * WebCore.exp.in:
1439         * WebCore.gypi: Added RenderCombineText.cpp/h
1440         * WebCore.pro: Added RenderCombineText.cpp/h
1441         * WebCore.vcproj/WebCore.vcproj: Added RenderCombineText.cpp/h
1442         * WebCore.xcodeproj/project.pbxproj: Added RenderCombineText.cpp/h
1443         * css/CSSFontFaceSource.cpp:
1444         (WebCore::CSSFontFaceSource::getFontData):
1445         - Added fontDescription.widthVariant to SimpleFontData creation.
1446         * css/CSSStyleSelector.cpp:
1447         (WebCore::CSSStyleSelector::applyProperty):
1448         - Changed to set "Unique" flag to RenderStyle in case of TextCombine.
1449         * dom/Text.cpp:
1450         (WebCore::Text::createRenderer):
1451         - Changed to create RenderCombineText in case of TextCombine.
1452         * loader/cache/CachedFont.cpp:
1453         (WebCore::CachedFont::platformDataFromCustomData):
1454         - Added FontWidthVariant as an argument for FontPlatformData creation.
1455         * loader/cache/CachedFont.h:
1456         - Ditto.
1457         * platform/graphics/Font.h:
1458         (WebCore::Font::widthVariant):
1459         - The accessor to FontWidthVariant member variable.
1460         * platform/graphics/FontCache.cpp:
1461         - Made cache to incorporate FontWidthVariant value.
1462         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
1463         (WebCore::FontPlatformDataCacheKey::operator==):
1464         (WebCore::computeHash):
1465         (WebCore::FontCache::getCachedFontPlatformData):
1466         * platform/graphics/FontDescription.h:
1467         - Add a member variable that holds a width variant - none, half-width, third-width, and quarter-width.
1468         (WebCore::FontDescription::FontDescription):
1469         (WebCore::FontDescription::widthVariant):
1470         (WebCore::FontDescription::setWidthVariant):
1471         (WebCore::FontDescription::operator==):
1472         * platform/graphics/FontWidthVariant.h: Added.
1473         * platform/graphics/cairo/FontCustomPlatformData.h:
1474         - Changed to carry FontWidthVariant value.
1475         * platform/graphics/cocoa/FontPlatformData.h:
1476         - Changed to carry FontWidthVariant value.
1477         (WebCore::FontPlatformData::FontPlatformData):
1478         (WebCore::FontPlatformData::widthVariant):
1479         (WebCore::FontPlatformData::hash):
1480         (WebCore::FontPlatformData::operator==):
1481         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1482         (WebCore::FontPlatformData::FontPlatformData):
1483         - Changed to carry FontWidthVariant value.
1484         (WebCore::FontPlatformData::operator=):
1485         - Ditto.
1486         (WebCore::mapFontWidthVariantToCTFeatureSelector):
1487         - A function to map a FontWidthVariant value to a CoreText's text spacing feature selector.
1488         (WebCore::FontPlatformData::ctFont):
1489         - Changed to create CTFont with text spacing variant based on FontWidthVariant.
1490         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1491         (WebCore::FontCustomPlatformData::fontPlatformData):
1492         - Changed to carry FontWidthVariant value.
1493         * platform/graphics/haiku/FontCustomPlatformData.cpp:
1494         (WebCore::FontCustomPlatformData::fontPlatformData):
1495         - Changed to carry FontWidthVariant value.
1496         * platform/graphics/haiku/FontCustomPlatformData.h:
1497         * platform/graphics/mac/FontCacheMac.mm:
1498         (WebCore::FontCache::createFontPlatformData):
1499         - Changed to carry FontWidthVariant value.
1500         * platform/graphics/mac/FontCustomPlatformData.cpp:
1501         (WebCore::FontCustomPlatformData::fontPlatformData):
1502         - Changed to carry FontWidthVariant value.
1503         * platform/graphics/mac/FontCustomPlatformData.h:
1504         - Ditto.
1505         * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
1506         (WebCore::shouldUseCoreText):
1507         - Changed to skip CT path when width variant is specified.
1508         * platform/graphics/pango/FontCustomPlatformDataPango.cpp:
1509         (WebCore::FontCustomPlatformData::fontPlatformData):
1510         - Ditto.
1511         * platform/graphics/qt/FontCustomPlatformData.h:
1512         - Ditto.
1513         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
1514         (WebCore::FontCustomPlatformData::fontPlatformData):
1515         - Ditto.
1516         * platform/graphics/skia/FontCustomPlatformData.cpp:
1517         (WebCore::FontCustomPlatformData::fontPlatformData):
1518         - Ditto.
1519         * platform/graphics/skia/FontCustomPlatformData.h:
1520         - Ditto.
1521         * platform/graphics/win/FontCustomPlatformData.cpp:
1522         (WebCore::FontCustomPlatformData::fontPlatformData):
1523         - Ditto.
1524         * platform/graphics/win/FontCustomPlatformData.h:
1525         - Ditto.
1526         * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
1527         - Ditto.
1528         (WebCore::FontCustomPlatformData::fontPlatformData):
1529         - Ditto.
1530         * platform/graphics/win/FontCustomPlatformDataCairo.h:
1531         - Ditto.
1532         * platform/graphics/wince/FontCustomPlatformData.cpp:
1533         (WebCore::FontCustomPlatformData::fontPlatformData):
1534         - Ditto.
1535         * platform/graphics/wince/FontCustomPlatformData.h:
1536         - Ditto.
1537         * platform/graphics/wx/FontCustomPlatformData.cpp:
1538         (WebCore::FontCustomPlatformData::fontPlatformData):
1539         - Ditto.
1540         * platform/graphics/wx/FontCustomPlatformData.h:
1541         - Ditto.
1542         * rendering/InlineTextBox.cpp:
1543         (WebCore::InlineTextBox::paint):
1544         - In case of RenderCombineText, we don't rotate text even in vertical writing. Also, we render original text
1545         instead of text returned from text().
1546         * rendering/RenderBlock.cpp:
1547         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
1548         - Made to call RenderCombinedText's prepareTextCombine() here.
1549         * rendering/RenderBlockLineLayout.cpp:
1550         (WebCore::textWidth):
1551         - Made to always use the render object's width() in case of TextCombine.
1552         (WebCore::RenderBlock::findNextLineBreak):
1553         - Made to call RenderCombinedText's prepareTextCombine() here.
1554         * rendering/RenderCombineText.cpp: Added. A subclass of RenderText.
1555         (WebCore::RenderCombineText::RenderCombineText):
1556         (WebCore::RenderCombineText::styleDidChange):
1557         - Clear the flag that indicated the font has been prepared for combining. The font will be reinitialized in
1558         the next call of RenderBlock::findNextLineBreak().
1559         (WebCore::RenderCombineText::setTextInternal):
1560         - Ditto.
1561         (WebCore::RenderCombineText::width):
1562         - Returns 1-em width in case of font combine.
1563         (WebCore::RenderCombineText::adjustTextOrigin):
1564         - Adjust drawing origin point in case of font combine.
1565         (WebCore::RenderCombineText::charactersToRender):
1566         - Return original text instead of current text in case of font combine.
1567         (WebCore::RenderCombineText::combineText):
1568         - This function tries to pack passed text with; 1) the current font as is, 2) the font created
1569         from the descriptor with half-width variant specified, 3) the font with third-width variant, 4) the font
1570         with quarter-width variant.
1571         - If a suitable font successfully found, replace the current font with the new font. If no appropriate font found,
1572         we give up text-combine as the CSS spec describes.
1573         - If a new font found, we replace the text with 0xFFFC. This is needed for a combined text block to be able to
1574         behave like a single character against text decorations.
1575         * rendering/RenderCombineText.h: Added.
1576         (WebCore::RenderCombineText::isCombined):
1577         (WebCore::RenderCombineText::combinedTextWidth):
1578         - Returns 1-em width in case of font combine.
1579         (WebCore::RenderCombineText::renderName):
1580         (WebCore::toRenderCombineText):
1581         * rendering/RenderText.cpp:
1582         (WebCore::RenderText::widthFromCache):
1583         - Made to call RenderCombineText's combinedTextWidth when the text is combined.
1584         * rendering/RenderingAllInOne.cpp: Added RenderCombineText.cpp
1585         * rendering/style/RenderStyle.h:
1586         (WebCore::InheritedFlags::hasTextCombine):
1587         - Added for a quick test of TextCombine.
1588
1589 2011-01-31  Oliver Hunt  <oliver@apple.com>
1590
1591         Convert markstack to a slot visitor API
1592         https://bugs.webkit.org/show_bug.cgi?id=53219
1593
1594         rolling r77098, r77099, r77100, r77109, and
1595         r77111 back in, along with a few more Qt fix attempts.
1596
1597         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1598         * WebCore.exp.in:
1599         * bindings/js/DOMWrapperWorld.h:
1600         (WebCore::DOMWrapperWorld::globalData):
1601         * bindings/js/JSAudioConstructor.cpp:
1602         (WebCore::JSAudioConstructor::JSAudioConstructor):
1603         * bindings/js/JSDOMBinding.cpp:
1604         (WebCore::markDOMNodesForDocument):
1605         (WebCore::markDOMObjectWrapper):
1606         (WebCore::markDOMNodeWrapper):
1607         * bindings/js/JSDOMGlobalObject.cpp:
1608         (WebCore::JSDOMGlobalObject::markChildren):
1609         (WebCore::JSDOMGlobalObject::setInjectedScript):
1610         (WebCore::JSDOMGlobalObject::injectedScript):
1611         * bindings/js/JSDOMGlobalObject.h:
1612         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1613         (WebCore::getDOMConstructor):
1614         * bindings/js/JSDOMWindowCustom.cpp:
1615         (WebCore::JSDOMWindow::setLocation):
1616         (WebCore::DialogHandler::dialogCreated):
1617         * bindings/js/JSDOMWindowShell.cpp:
1618         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1619         (WebCore::JSDOMWindowShell::setWindow):
1620         (WebCore::JSDOMWindowShell::markChildren):
1621         (WebCore::JSDOMWindowShell::unwrappedObject):
1622         * bindings/js/JSDOMWindowShell.h:
1623         (WebCore::JSDOMWindowShell::window):
1624         (WebCore::JSDOMWindowShell::setWindow):
1625         * bindings/js/JSDeviceMotionEventCustom.cpp:
1626         (WebCore::createAccelerationObject):
1627         (WebCore::createRotationRateObject):
1628         * bindings/js/JSEventListener.cpp:
1629         (WebCore::JSEventListener::JSEventListener):
1630         (WebCore::JSEventListener::markJSFunction):
1631         * bindings/js/JSEventListener.h:
1632         (WebCore::JSEventListener::jsFunction):
1633         * bindings/js/JSHTMLDocumentCustom.cpp:
1634         (WebCore::JSHTMLDocument::setAll):
1635         * bindings/js/JSImageConstructor.cpp:
1636         (WebCore::JSImageConstructor::JSImageConstructor):
1637         * bindings/js/JSImageDataCustom.cpp:
1638         (WebCore::toJS):
1639         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1640         (WebCore::JSJavaScriptCallFrame::scopeChain):
1641         (WebCore::JSJavaScriptCallFrame::scopeType):
1642         * bindings/js/JSNodeFilterCondition.cpp:
1643         (WebCore::JSNodeFilterCondition::markAggregate):
1644         (WebCore::JSNodeFilterCondition::acceptNode):
1645         * bindings/js/JSNodeFilterCondition.h:
1646         * bindings/js/JSNodeFilterCustom.cpp:
1647         * bindings/js/JSOptionConstructor.cpp:
1648         (WebCore::JSOptionConstructor::JSOptionConstructor):
1649         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1650         (WebCore::JSSQLResultSetRowList::item):
1651         * bindings/js/ScriptCachedFrameData.cpp:
1652         (WebCore::ScriptCachedFrameData::restore):
1653         * bindings/js/ScriptObject.cpp:
1654         (WebCore::ScriptGlobalObject::set):
1655         * bindings/js/SerializedScriptValue.cpp:
1656         (WebCore::CloneDeserializer::putProperty):
1657         * bindings/scripts/CodeGeneratorJS.pm:
1658         * bridge/qt/qt_class.cpp:
1659         (JSC::Bindings::QtClass::fallbackObject):
1660         * bridge/qt/qt_instance.cpp:
1661         (JSC::Bindings::QtInstance::QtInstance):
1662         (JSC::Bindings::QtInstance::removeCachedMethod):
1663         (JSC::Bindings::QtInstance::markAggregate):
1664         * bridge/qt/qt_instance.h:
1665         * bridge/qt/qt_runtime.cpp:
1666         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1667         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1668         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1669         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1670         * bridge/qt/qt_runtime.h:
1671         * dom/Document.h:
1672
1673 2011-01-31  Dan Winship  <danw@gnome.org>
1674
1675         Reviewed by Gustavo Noronha Silva.
1676
1677         wss (websockets ssl) support for gtk via new gio TLS support
1678         https://bugs.webkit.org/show_bug.cgi?id=50344
1679
1680         Update to use GPollableOutputStream and GTlsConnection to
1681         implement wss URLs
1682
1683         * platform/network/soup/SocketStreamHandle.h:
1684         * platform/network/soup/SocketStreamHandleSoup.cpp:
1685         (WebCore::SocketStreamHandle::SocketStreamHandle):
1686         (WebCore::SocketStreamHandle::connected):
1687         (WebCore::SocketStreamHandle::platformSend):
1688         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
1689         (WebCore::writeReadyCallback):
1690
1691 2011-01-31  Abhishek Arya  <inferno@chromium.org>
1692
1693         Reviewed by Dimitri Glazkov.
1694
1695         Check the textarea node still exists in document before casting
1696         it to HTMLTextAreaElement.
1697         https://bugs.webkit.org/show_bug.cgi?id=53429
1698
1699         Test: fast/forms/textarea-node-removed-from-document-crash.html
1700
1701         * rendering/RenderTextControlMultiLine.cpp:
1702         (WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
1703
1704 2011-01-27  Abhishek Arya  <inferno@chromium.org>
1705
1706         Reviewed by Dave Hyatt.
1707
1708         If beforeChild is wrapped in an anonymous table section, we need to
1709         go the parent to find it and use it before adding childs to table.
1710         https://bugs.webkit.org/show_bug.cgi?id=53276
1711
1712         We need to make sure that beforeChild's parent is "this" before calling
1713         RenderBox::addChild. The previous condition in while is too restrictive
1714         and fails to calculate the right beforeChild value when its display
1715         style is table caption.
1716         Test: fast/table/before-child-non-table-section-add-table-crash.html
1717
1718         * rendering/RenderTable.cpp:
1719         (WebCore::RenderTable::addChild):
1720
1721 2011-01-31  Shane Stephens  <shanestephens@google.com>
1722
1723         Reviewed by Simon Fraser.
1724
1725         AffineTransform::translateRight incorrectly computes a translateLeft.
1726         https://bugs.webkit.org/show_bug.cgi?id=52551
1727
1728         Removed translateRight and converted all uses to perform standard
1729         matrix multiplication.
1730
1731         No new tests because patch doesn't modify functionality.
1732
1733         * platform/graphics/transforms/AffineTransform.cpp:
1734         * platform/graphics/transforms/AffineTransform.h:
1735         (WebCore::AffineTransform::translation):
1736         * rendering/svg/RenderSVGResourceMarker.cpp:
1737         (WebCore::RenderSVGResourceMarker::localToParentTransform):
1738         * rendering/svg/RenderSVGRoot.cpp:
1739         (WebCore::RenderSVGRoot::localToRepaintContainerTransform):
1740         (WebCore::RenderSVGRoot::localToParentTransform):
1741         * rendering/svg/RenderSVGViewportContainer.cpp:
1742         (WebCore::RenderSVGViewportContainer::localToParentTransform):
1743         * rendering/svg/SVGTextLayoutEngine.cpp:
1744         (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices):
1745
1746 2011-01-31  Mario Sanchez Prada  <msanchez@igalia.com>
1747
1748         Reviewed by Martin Robinson.
1749
1750         [Gtk] atk_text_set_caret_offset returns True even when it is unsuccessful
1751         https://bugs.webkit.org/show_bug.cgi?id=53389
1752
1753         Return FALSE when not able to set the caret at the specified offset.
1754
1755         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
1756         (webkit_accessible_text_set_caret_offset): Return FALSE when the
1757         range created is NULL and adjust offset to account for list markers.
1758
1759 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
1760
1761         Reviewed by Yury Semikhatsky.
1762
1763         Web Inspector: copy HAR to clipboard instead of saving blob on export.
1764         https://bugs.webkit.org/show_bug.cgi?id=53328
1765
1766         * inspector/front-end/NetworkPanel.js:
1767         (WebInspector.NetworkPanel.prototype._exportAll):
1768         (WebInspector.NetworkPanel.prototype._exportResource):
1769
1770 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
1771
1772         Reviewed by Timothy Hatcher.
1773
1774         Web Inspector: speed up network panel rendering.
1775         https://bugs.webkit.org/show_bug.cgi?id=53397
1776
1777         * inspector/front-end/DataGrid.js:
1778         (WebInspector.DataGrid.prototype.get scrollContainer):
1779         * inspector/front-end/NetworkPanel.js:
1780         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
1781         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
1782         (WebInspector.NetworkPanel.prototype._createTable):
1783         (WebInspector.NetworkPanel.prototype._exportResource):
1784         (WebInspector.NetworkPanel.prototype._onScroll):
1785         * inspector/front-end/networkPanel.css:
1786         (.network-sidebar .data-grid.small tr.offscreen):
1787         (.network-sidebar .data-grid tr.offscreen):
1788         (.network-sidebar .data-grid tr.offscreen td):
1789
1790 2011-01-31  Peter Varga  <pvarga@webkit.org>
1791
1792         Reviewed by Andreas Kling.
1793
1794         Remove wrec from WebCore
1795         https://bugs.webkit.org/show_bug.cgi?id=53298
1796
1797         No new tests needed.
1798
1799         * Android.jscbindings.mk:
1800         * ForwardingHeaders/wrec/WREC.h: Removed.
1801         * WebCore.vcproj/WebCore.vcproj:
1802         * WebCore.vcproj/copyForwardingHeaders.cmd:
1803
1804 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1805
1806         Unreviewed, rolling out r76969.
1807         http://trac.webkit.org/changeset/76969
1808         https://bugs.webkit.org/show_bug.cgi?id=53418
1809
1810         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1811         alexg__ on #webkit).
1812
1813         * bridge/runtime_root.cpp:
1814         (JSC::Bindings::RootObject::invalidate):
1815         (JSC::Bindings::RootObject::addRuntimeObject):
1816         (JSC::Bindings::RootObject::removeRuntimeObject):
1817         * bridge/runtime_root.h:
1818
1819 2011-01-31  Antti Koivisto  <antti@apple.com>
1820
1821         Not reviewed.
1822
1823         Spelling.
1824
1825         * css/CSSSelectorList.h:
1826         (WebCore::CSSSelectorList::next):
1827
1828 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1829
1830         Unreviewed. Fix Chromium compilation on Linux.
1831
1832         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
1833         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
1834
1835 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1836
1837         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
1838
1839         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
1840
1841 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
1842
1843         Reviewed by Yury Semikhatsky.
1844
1845         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
1846
1847         https://bugs.webkit.org/show_bug.cgi?id=53309
1848
1849         * English.lproj/localizedStrings.js:
1850         * inspector/front-end/ProfilesPanel.js:
1851         (WebInspector.ProfilesPanel):
1852
1853 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
1854
1855         Unreviewed, fix the build with current GTK+ 3.x.
1856
1857         * plugins/gtk/gtk2xtbin.c:
1858         * plugins/gtk/gtk2xtbin.h:
1859
1860 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
1861
1862         Reviewed by Kent Tamura.
1863
1864         Dangling form associated elements should not be registered on the document
1865         https://bugs.webkit.org/show_bug.cgi?id=53223
1866
1867         Adds insertedIntoDocument() and remvoedFromDocument() to
1868         FormAssociatedElement class to register the element on the document
1869         if and only if it actually inserted into (removed from) the document.
1870
1871         Test: fast/forms/dangling-form-element-crash.html
1872
1873         * html/FormAssociatedElement.cpp:
1874         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
1875         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
1876         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
1877         the element to a document.
1878         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
1879         the element from a document.
1880         * html/FormAssociatedElement.h:
1881         * html/HTMLFormControlElement.cpp:
1882         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
1883         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
1884         * html/HTMLFormControlElement.h:
1885         * html/HTMLObjectElement.cpp:
1886         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
1887         FormAssociatedElement::insertedIntoDocument().
1888         (WebCore::HTMLObjectElement::removedFromDocument): Calls
1889         FormAssociatedElement::removedFromDocument().
1890
1891 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1892
1893         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1894         r77111.
1895         http://trac.webkit.org/changeset/77098
1896         http://trac.webkit.org/changeset/77099
1897         http://trac.webkit.org/changeset/77100
1898         http://trac.webkit.org/changeset/77109
1899         http://trac.webkit.org/changeset/77111
1900         https://bugs.webkit.org/show_bug.cgi?id=53219
1901
1902         Qt build is broken
1903
1904         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
1905         * WebCore.exp.in:
1906         * bindings/js/DOMWrapperWorld.h:
1907         * bindings/js/JSAudioConstructor.cpp:
1908         (WebCore::JSAudioConstructor::JSAudioConstructor):
1909         * bindings/js/JSDOMBinding.cpp:
1910         (WebCore::markDOMNodesForDocument):
1911         (WebCore::markDOMObjectWrapper):
1912         (WebCore::markDOMNodeWrapper):
1913         * bindings/js/JSDOMGlobalObject.cpp:
1914         (WebCore::JSDOMGlobalObject::markChildren):
1915         (WebCore::JSDOMGlobalObject::setInjectedScript):
1916         (WebCore::JSDOMGlobalObject::injectedScript):
1917         * bindings/js/JSDOMGlobalObject.h:
1918         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1919         (WebCore::getDOMConstructor):
1920         * bindings/js/JSDOMWindowCustom.cpp:
1921         (WebCore::JSDOMWindow::setLocation):
1922         (WebCore::DialogHandler::dialogCreated):
1923         * bindings/js/JSDOMWindowShell.cpp:
1924         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1925         (WebCore::JSDOMWindowShell::setWindow):
1926         (WebCore::JSDOMWindowShell::markChildren):
1927         (WebCore::JSDOMWindowShell::unwrappedObject):
1928         * bindings/js/JSDOMWindowShell.h:
1929         (WebCore::JSDOMWindowShell::window):
1930         (WebCore::JSDOMWindowShell::setWindow):
1931         * bindings/js/JSDeviceMotionEventCustom.cpp:
1932         (WebCore::createAccelerationObject):
1933         (WebCore::createRotationRateObject):
1934         * bindings/js/JSEventListener.cpp:
1935         (WebCore::JSEventListener::JSEventListener):
1936         (WebCore::JSEventListener::markJSFunction):
1937         * bindings/js/JSEventListener.h:
1938         (WebCore::JSEventListener::jsFunction):
1939         * bindings/js/JSHTMLDocumentCustom.cpp:
1940         (WebCore::JSHTMLDocument::setAll):
1941         * bindings/js/JSImageConstructor.cpp:
1942         (WebCore::JSImageConstructor::JSImageConstructor):
1943         * bindings/js/JSImageDataCustom.cpp:
1944         (WebCore::toJS):
1945         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1946         (WebCore::JSJavaScriptCallFrame::scopeChain):
1947         (WebCore::JSJavaScriptCallFrame::scopeType):
1948         * bindings/js/JSNodeFilterCondition.cpp:
1949         (WebCore::JSNodeFilterCondition::markAggregate):
1950         (WebCore::JSNodeFilterCondition::acceptNode):
1951         * bindings/js/JSNodeFilterCondition.h:
1952         * bindings/js/JSNodeFilterCustom.cpp:
1953         * bindings/js/JSOptionConstructor.cpp:
1954         (WebCore::JSOptionConstructor::JSOptionConstructor):
1955         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1956         (WebCore::JSSQLResultSetRowList::item):
1957         * bindings/js/ScriptCachedFrameData.cpp:
1958         (WebCore::ScriptCachedFrameData::restore):
1959         * bindings/js/ScriptObject.cpp:
1960         (WebCore::ScriptGlobalObject::set):
1961         * bindings/js/SerializedScriptValue.cpp:
1962         (WebCore::CloneDeserializer::putProperty):
1963         * bindings/scripts/CodeGeneratorJS.pm:
1964         * bridge/qt/qt_instance.cpp:
1965         (JSC::Bindings::QtInstance::QtInstance):
1966         (JSC::Bindings::QtInstance::removeCachedMethod):
1967         (JSC::Bindings::QtInstance::markAggregate):
1968         * bridge/qt/qt_instance.h:
1969         * bridge/qt/qt_runtime.cpp:
1970         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1971         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1972         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1973         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1974         * bridge/qt/qt_runtime.h:
1975         * bridge/runtime_root.cpp:
1976         (JSC::Bindings::RootObject::invalidate):
1977         * bridge/runtime_root.h:
1978         * dom/Document.h:
1979
1980 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1981
1982         Unreviewed, rolling out r77107.
1983         http://trac.webkit.org/changeset/77107
1984         https://bugs.webkit.org/show_bug.cgi?id=53412
1985
1986         Caused 5 new form-related test crashes (Requested by smfr on
1987         #webkit).
1988
1989         * css/CSSSelector.cpp:
1990         (WebCore::CSSSelector::pseudoId):
1991         (WebCore::nameToPseudoTypeMap):
1992         (WebCore::CSSSelector::extractPseudoType):
1993         * css/CSSSelector.h:
1994         * html/HTMLProgressElement.cpp:
1995         (WebCore::HTMLProgressElement::parseMappedAttribute):
1996         (WebCore::HTMLProgressElement::attach):
1997         * html/HTMLProgressElement.h:
1998         * rendering/RenderProgress.cpp:
1999         (WebCore::RenderProgress::~RenderProgress):
2000         (WebCore::RenderProgress::updateFromElement):
2001         (WebCore::RenderProgress::layoutParts):
2002         (WebCore::RenderProgress::shouldHaveParts):
2003         * rendering/RenderProgress.h:
2004         * rendering/style/RenderStyleConstants.h:
2005
2006 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2007
2008         Reviewed by Sam Weinig.
2009
2010         Enhance ShadowBlur to render inset box shadows
2011         https://bugs.webkit.org/show_bug.cgi?id=51567
2012         
2013         Use ShadowBlur for inset box-shadows with CG. It 
2014         currently lacks a tiled version, but is still much
2015         faster than CG shadows.
2016
2017         Test: fast/box-shadow/inset-box-shadow-radius.html
2018
2019         * platform/graphics/ShadowBlur.cpp:
2020         * platform/graphics/ShadowBlur.h: New method for inset
2021         shadows.
2022         (WebCore::ShadowBlur::drawInsetShadow): 
2023
2024         * platform/graphics/GraphicsContext.cpp: #ifdef out
2025         fillRectWithRoundedHole() for CG.
2026
2027         * platform/graphics/cg/GraphicsContextCG.cpp:
2028         (WebCore::GraphicsContext::fillRectWithRoundedHole): If there's
2029         a shadow with a radius > 0, use ShadowBlur.
2030
2031 2011-01-28  Kenneth Russell  <kbr@google.com>
2032
2033         Reviewed by Chris Marrin.
2034
2035         WebGL shows PNG Textures with indexed colors too dark
2036         https://bugs.webkit.org/show_bug.cgi?id=47477
2037
2038         Properly handle indexed PNG images by re-rendering them as RGBA
2039         images before upload. Verified with this layout test and the test
2040         cases from bugs 47477 and 53269.
2041
2042         * platform/graphics/cg/GraphicsContext3DCG.cpp:
2043         (WebCore::GraphicsContext3D::getImageData):
2044
2045 2011-01-27  MORITA Hajime  <morrita@google.com>
2046
2047         Reviewed by Dimitri Glazkov.
2048         
2049         Convert <progress> shadow DOM to a DOM-based shadow.
2050         https://bugs.webkit.org/show_bug.cgi?id=50660
2051
2052         * Removed RenderProgress::m_valuePart, moved the shadow node
2053           to the shadow root of HTMLProgressElement.
2054         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
2055           ProgressBarValueElement is defined only for overriding
2056           shadowPseudoId().
2057         
2058         No new tests. No behavioral change.
2059
2060         * css/CSSSelector.cpp:
2061         (WebCore::CSSSelector::pseudoId):
2062         (WebCore::nameToPseudoTypeMap):
2063         (WebCore::CSSSelector::extractPseudoType):
2064         * css/CSSSelector.h:
2065         * html/HTMLProgressElement.cpp:
2066         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
2067         (WebCore::ProgressBarValueElement::shadowPseudoId):
2068         (WebCore::ProgressBarValueElement::create):
2069         (WebCore::HTMLProgressElement::parseMappedAttribute):
2070         (WebCore::HTMLProgressElement::attach):
2071         (WebCore::HTMLProgressElement::valuePart):
2072         (WebCore::HTMLProgressElement::didElementStateChange):
2073         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
2074         * html/HTMLProgressElement.h:
2075         * rendering/RenderProgress.cpp:
2076         (WebCore::RenderProgress::~RenderProgress):
2077         (WebCore::RenderProgress::updateFromElement):
2078         (WebCore::RenderProgress::layoutParts):
2079         (WebCore::RenderProgress::shouldHaveParts):
2080         (WebCore::RenderProgress::valuePart):
2081         * rendering/RenderProgress.h:
2082         * rendering/style/RenderStyleConstants.h:
2083
2084 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2085
2086         Reviewed by Ariya Hidayat.
2087
2088         Enhance ShadowBlur to render inset box shadows; Part 1.
2089         https://bugs.webkit.org/show_bug.cgi?id=51567
2090         
2091         Add a new method to GraphicsContext to render a rect with a rounded hole,
2092         for use by inset box-shadow code. Knowledge that we're rendering a rounded
2093         hole will enable ShadowBlur to be used here in future.
2094
2095         * platform/graphics/GraphicsContext.cpp:
2096         (WebCore::GraphicsContext::fillRectWithRoundedHole):
2097         * platform/graphics/GraphicsContext.h:
2098         * rendering/RenderBoxModelObject.cpp:
2099         (WebCore::RenderBoxModelObject::paintBoxShadow):
2100
2101 2011-01-23  MORITA Hajime  <morrita@google.com>
2102
2103         Reviewed by Eric Seidel.
2104
2105         REGRESSION: Inset shadow with too large border radius misses rounded corner.
2106         https://bugs.webkit.org/show_bug.cgi?id=52800
2107
2108         The refactoring on r76083 broke the invariant between border
2109         IntRect and its radii because RoundedIntRect::setRect() is called
2110         after getRoundedInnerBorderWithBorderWidths(), which enforces the
2111         invariant. Th rounded-rect clipping code verifies the invariant,
2112         and discard the invalid radii, that results broken paintings.
2113         
2114         This change moved setRect() before
2115         getRoundedInnerBorderWithBorderWidths() not to modify the valid
2116         RoundedIntRect value.
2117         
2118         Test: fast/box-shadow/inset-with-extraordinary-radii-and-border.html
2119
2120         * rendering/RenderBoxModelObject.cpp:
2121         (WebCore::RenderBoxModelObject::paintBoxShadow):
2122
2123 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2124
2125         Attempt to fix Windows build by adding ShadowBlur.cpp/h to the
2126         vcproj.
2127
2128         * WebCore.vcproj/WebCore.vcproj:
2129
2130 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2131
2132         Reviewed by Dan Bernstein.
2133
2134         -webkit-box-shadow causes awful scroll/resize/redraw performance
2135         https://bugs.webkit.org/show_bug.cgi?id=22102
2136         
2137         Use ShadowBlur for CG, whe rendering shadows on rects and
2138         rounded rects outside of canvas.
2139         
2140         CG shadows with a radius of more than 8px do not render
2141         correctly. We preserve this incorrect rendering by compensating
2142         for it when rending -webkit-box-shadow. Calls that should use
2143         this deprecated radius behavior now use setLegacyShadow().
2144
2145         Test: fast/box-shadow/box-shadow-transformed.html
2146         
2147         * html/canvas/CanvasRenderingContext2D.cpp: Use setLegacyShadow()
2148         for canvas, to indicate that it should use the deprecated radius
2149         behavior.
2150         (WebCore::CanvasRenderingContext2D::setAllAttributesToDefault): Ditto.
2151         (WebCore::CanvasRenderingContext2D::setShadow): Ditto.
2152         (WebCore::CanvasRenderingContext2D::applyShadow): Ditto.
2153         
2154         * platform/graphics/GraphicsContext.cpp:
2155         (WebCore::GraphicsContext::setLegacyShadow): Set the m_state.shadowsUseLegacyRadius bit.
2156         
2157         * platform/graphics/GraphicsContext.h:
2158         (WebCore::GraphicsContextState::GraphicsContextState): Add a 
2159         shadowsUseLegacyRadius bit to the state.
2160         
2161         * platform/graphics/cg/GraphicsContextCG.cpp:
2162         (WebCore::radiusToLegacyRadius): Map from the actual radius to one
2163         that approximates CG behavior.
2164         (WebCore::hasBlurredShadow): Helper that returns true if we have a shadow
2165         with a non-zero blur radius.
2166         (WebCore::GraphicsContext::fillRect): Use ShadowBlur if not canvas.
2167         (WebCore::GraphicsContext::fillRoundedRect): Ditto.
2168         (WebCore::GraphicsContext::setPlatformShadow): Comment.
2169
2170         * rendering/RenderBoxModelObject.cpp:
2171         (WebCore::RenderBoxModelObject::paintBoxShadow): Call setLegacyShadow()
2172         for -webkit-box-shadow.
2173
2174         * platform/graphics/ShadowBlur.cpp: 
2175         (WebCore::ShadowBlur::calculateLayerBoundingRect): Fix some pixel crack issues
2176         by rounding up the blur radius.
2177         (WebCore::ShadowBlur::drawRectShadow): Ditto
2178         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ditto.
2179
2180 2011-01-30  Oliver Hunt  <oliver@apple.com>
2181
2182         Try to fix Qt build (again).
2183
2184         * bridge/qt/qt_runtime.cpp:
2185         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2186         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2187
2188 2011-01-30  Oliver Hunt  <oliver@apple.com>
2189
2190         Try to fix Qt build.
2191
2192         * bridge/qt/qt_instance.cpp:
2193         (JSC::Bindings::QtInstance::QtInstance):
2194         (JSC::Bindings::QtInstance::removeCachedMethod):
2195         (JSC::Bindings::QtInstance::markAggregate):
2196         * bridge/qt/qt_instance.h:
2197
2198 2011-01-30  Oliver Hunt  <oliver@apple.com>
2199
2200         Convert markstack to a slot visitor API
2201         https://bugs.webkit.org/show_bug.cgi?id=53219
2202
2203         rolling r77006 and r77020 back in.
2204
2205         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2206         * WebCore.exp.in:
2207         * bindings/js/DOMWrapperWorld.h:
2208         (WebCore::DOMWrapperWorld::globalData):
2209         * bindings/js/JSAudioConstructor.cpp:
2210         (WebCore::JSAudioConstructor::JSAudioConstructor):
2211         * bindings/js/JSDOMBinding.cpp:
2212         (WebCore::markDOMNodesForDocument):
2213         (WebCore::markDOMObjectWrapper):
2214         (WebCore::markDOMNodeWrapper):
2215         * bindings/js/JSDOMGlobalObject.cpp:
2216         (WebCore::JSDOMGlobalObject::markChildren):
2217         (WebCore::JSDOMGlobalObject::setInjectedScript):
2218         (WebCore::JSDOMGlobalObject::injectedScript):
2219         * bindings/js/JSDOMGlobalObject.h:
2220         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2221         (WebCore::getDOMConstructor):
2222         * bindings/js/JSDOMWindowCustom.cpp:
2223         (WebCore::JSDOMWindow::setLocation):
2224         (WebCore::DialogHandler::dialogCreated):
2225         * bindings/js/JSDOMWindowShell.cpp:
2226         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2227         (WebCore::JSDOMWindowShell::setWindow):
2228         (WebCore::JSDOMWindowShell::markChildren):
2229         (WebCore::JSDOMWindowShell::unwrappedObject):
2230         * bindings/js/JSDOMWindowShell.h:
2231         (WebCore::JSDOMWindowShell::window):
2232         (WebCore::JSDOMWindowShell::setWindow):
2233         * bindings/js/JSDeviceMotionEventCustom.cpp:
2234         (WebCore::createAccelerationObject):
2235         (WebCore::createRotationRateObject):
2236         * bindings/js/JSEventListener.cpp:
2237         (WebCore::JSEventListener::JSEventListener):
2238         (WebCore::JSEventListener::markJSFunction):
2239         * bindings/js/JSEventListener.h:
2240         (WebCore::JSEventListener::jsFunction):
2241         * bindings/js/JSHTMLDocumentCustom.cpp:
2242         (WebCore::JSHTMLDocument::setAll):
2243         * bindings/js/JSImageConstructor.cpp:
2244         (WebCore::JSImageConstructor::JSImageConstructor):
2245         * bindings/js/JSImageDataCustom.cpp:
2246         (WebCore::toJS):
2247         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2248         (WebCore::JSJavaScriptCallFrame::scopeChain):
2249         (WebCore::JSJavaScriptCallFrame::scopeType):
2250         * bindings/js/JSNodeFilterCondition.cpp:
2251         (WebCore::JSNodeFilterCondition::markAggregate):
2252         (WebCore::JSNodeFilterCondition::acceptNode):
2253         * bindings/js/JSNodeFilterCondition.h:
2254         * bindings/js/JSNodeFilterCustom.cpp:
2255         * bindings/js/JSOptionConstructor.cpp:
2256         (WebCore::JSOptionConstructor::JSOptionConstructor):
2257         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2258         (WebCore::JSSQLResultSetRowList::item):
2259         * bindings/js/ScriptCachedFrameData.cpp:
2260         (WebCore::ScriptCachedFrameData::restore):
2261         * bindings/js/ScriptObject.cpp:
2262         (WebCore::ScriptGlobalObject::set):
2263         * bindings/js/SerializedScriptValue.cpp:
2264         (WebCore::CloneDeserializer::putProperty):
2265         * bindings/scripts/CodeGeneratorJS.pm:
2266         * bridge/qt/qt_runtime.cpp:
2267         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2268         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2269         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2270         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2271         * bridge/qt/qt_runtime.h:
2272         * bridge/runtime_root.cpp:
2273         (JSC::Bindings::RootObject::invalidate):
2274         * bridge/runtime_root.h:
2275         * dom/Document.h:
2276
2277 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2278
2279         Reviewed by Sam Weinig.
2280
2281         Make ContextShadow code cross-platform
2282         https://bugs.webkit.org/show_bug.cgi?id=51312
2283
2284         Add a new class, ShadowBlur, that contains most of the
2285         code from ContextShadow, but is fully cross-platform.
2286         It depends on one new method, GraphicsContext::clipBounds(),
2287         which platforms will have to implement.
2288         
2289         Add ShadowBlur to the Mac Xcode project, but don't use it
2290         anywhere yet.
2291
2292         * WebCore.xcodeproj/project.pbxproj:
2293         * platform/graphics/GraphicsContext.cpp:
2294         (WebCore::GraphicsContext::clipBounds):
2295         * platform/graphics/GraphicsContext.h:
2296         * platform/graphics/ShadowBlur.cpp: Added.
2297         (WebCore::roundUpToMultipleOf32):
2298         (WebCore::ScratchBuffer::ScratchBuffer):
2299         (WebCore::ScratchBuffer::getScratchBuffer):
2300         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
2301         (WebCore::ScratchBuffer::timerFired):
2302         (WebCore::ScratchBuffer::clearScratchBuffer):
2303         (WebCore::ScratchBuffer::shared):
2304         (WebCore::ShadowBlur::ShadowBlur):
2305         (WebCore::ShadowBlur::blurLayerImage):
2306         (WebCore::ShadowBlur::adjustBlurDistance):
2307         (WebCore::ShadowBlur::calculateLayerBoundingRect):
2308         (WebCore::ShadowBlur::beginShadowLayer):
2309         (WebCore::ShadowBlur::endShadowLayer):
2310         (WebCore::ShadowBlur::drawRectShadow):
2311         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
2312         (WebCore::ShadowBlur::drawRectShadowWithTiling):
2313         (WebCore::ShadowBlur::clipBounds):
2314         * platform/graphics/ShadowBlur.h: Added.
2315         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
2316         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
2317         * platform/graphics/cg/GraphicsContextCG.cpp:
2318         (WebCore::GraphicsContext::clipBounds):
2319
2320 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2321
2322         Reviewed by Dan Bernstein.
2323
2324         CSS3 gradients with em-based stops fail to repaint when font size changes
2325         https://bugs.webkit.org/show_bug.cgi?id=51845
2326         
2327         Mark as uncacheable gradidients whose color stops depend on font size,
2328         and don't attempt to put these into CSSImageGeneratorValue's image cache.
2329         This means we return a new gradient each time, which is fairly cheap, and
2330         fixes repaint issues under changing font size.
2331
2332         Test: fast/repaint/gradients-em-stops-repaint.html
2333
2334         * css/CSSGradientValue.cpp:
2335         (WebCore::CSSGradientValue::image):
2336         (WebCore::CSSGradientValue::isCacheable):
2337         * css/CSSGradientValue.h:
2338
2339 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2340
2341         Undo try to fix the Qt build.
2342         
2343         My guess didn't work.
2344
2345         * WebCore.pro:
2346
2347 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2348
2349         Try to fix the Qt build.
2350
2351         * WebCore.pro: Added platform/text/CharacterNames.h.
2352
2353 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2354
2355         Reviewed by Maciej Stachowiak.
2356
2357         Some more Heap cleanup.
2358         https://bugs.webkit.org/show_bug.cgi?id=53357
2359         
2360         Updated for JavaScriptCore changes.
2361
2362         * bindings/js/ScriptGCEvent.cpp:
2363         (WebCore::ScriptGCEvent::getHeapSize):
2364
2365 2011-01-29  Adam Barth  <abarth@webkit.org>
2366
2367         Reviewed by Daniel Bates.
2368
2369         Fix XSSFilter crash when extracting the source for a token twice
2370         https://bugs.webkit.org/show_bug.cgi?id=53368
2371
2372         Previously, it was unsafe to extract the source for the same token
2373         twice because the HTMLSourceTracker would advance its internal
2374         representation of the SegmentedString.  This patch introduces a cache
2375         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
2376
2377         * html/parser/HTMLSourceTracker.cpp:
2378         (WebCore::HTMLSourceTracker::end):
2379         (WebCore::HTMLSourceTracker::sourceForToken):
2380         * html/parser/HTMLSourceTracker.h:
2381
2382 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
2383
2384         Reviewed by Dan Bernstein.
2385
2386         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
2387         https://bugs.webkit.org/show_bug.cgi?id=53386
2388
2389         * platform/mac/ScrollAnimatorMac.mm:
2390         (WebCore::elasticDeltaForReboundDelta):
2391         (WebCore::scrollWheelMultiplier):
2392         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2393         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2394         (WebCore::roundTowardZero):
2395         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2396
2397 2011-01-29  Daniel Bates  <dbates@rim.com>
2398
2399         Reviewed by Maciej Stachowiak.
2400
2401         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
2402         https://bugs.webkit.org/show_bug.cgi?id=53382
2403
2404         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
2405         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
2406         Therefore, we should remove such references.
2407
2408         * CMakeLists.txt:
2409
2410 2011-01-29  Sam Weinig  <sam@webkit.org>
2411
2412         Reviewed by Jon Honeycutt.
2413
2414         Fix 32-bit build on the Mac.
2415
2416         * platform/mac/ScrollAnimatorMac.mm:
2417         (WebCore::roundTowardZero):
2418         (WebCore::roundToDevicePixelTowardZero):
2419         Use floats instead of doubles to avoid double-to-float conversion
2420         issues.
2421
2422 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2423
2424         Reviewed by Adam Barth.
2425
2426         Use clampToInteger() functions in a few places
2427         https://bugs.webkit.org/show_bug.cgi?id=53363
2428         
2429         * css/CSSStyleSelector.cpp:
2430         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
2431         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
2432         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
2433         (WebCore::PerspectiveTransformOperation::blend): Ditto.
2434
2435 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2436
2437         Reviewed by David Kilzer.
2438
2439         Move CharacterNames.h into WTF directory
2440         https://bugs.webkit.org/show_bug.cgi?id=49618
2441
2442         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
2443         * GNUmakefile.am:
2444         * WebCore.gypi:
2445         * WebCore.vcproj/WebCore.vcproj:
2446         * WebCore.xcodeproj/project.pbxproj:
2447         * accessibility/AccessibilityObject.cpp:
2448         * accessibility/AccessibilityRenderObject.cpp:
2449         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
2450         * bindings/js/JSHTMLDocumentCustom.cpp:
2451         * dom/Position.cpp:
2452         * dom/SelectElement.cpp:
2453         * editing/CompositeEditCommand.cpp:
2454         * editing/Editor.cpp:
2455         * editing/HTMLInterchange.cpp:
2456         * editing/InsertTextCommand.cpp:
2457         * editing/MarkupAccumulator.cpp:
2458         * editing/TextIterator.cpp:
2459         * editing/VisibleSelection.cpp:
2460         * editing/htmlediting.cpp:
2461         * editing/htmlediting.h:
2462         * editing/markup.cpp:
2463         * html/FTPDirectoryDocument.cpp:
2464         * html/HTMLFormControlElement.cpp:
2465         * html/parser/HTMLTreeBuilder.cpp:
2466         * loader/appcache/ManifestParser.cpp:
2467         * platform/chromium/PopupMenuChromium.cpp:
2468         * platform/graphics/Font.h:
2469         * platform/graphics/FontFastPath.cpp:
2470         * platform/graphics/GlyphPageTreeNode.cpp:
2471         * platform/graphics/StringTruncator.cpp:
2472         * platform/graphics/mac/ComplexTextController.cpp:
2473         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
2474         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2475         * platform/mac/PasteboardMac.mm:
2476         * platform/text/TextCodecICU.cpp:
2477         * platform/text/mac/TextCodecMac.cpp:
2478         * platform/text/transcoder/FontTranscoder.cpp:
2479         * rendering/RenderBlockLineLayout.cpp:
2480         * rendering/RenderFlexibleBox.cpp:
2481         * rendering/RenderListMarker.cpp:
2482         * rendering/RenderText.cpp:
2483         * rendering/RenderTextControl.cpp:
2484         * rendering/RenderTreeAsText.cpp:
2485         * rendering/break_lines.cpp:
2486         * rendering/mathml/RenderMathMLOperator.h:
2487         * websockets/WebSocketHandshake.cpp:
2488         * wml/WMLTableElement.cpp:
2489
2490 2011-01-29  Dan Winship  <danw@gnome.org>
2491
2492         Reviewed by Xan Lopez.
2493
2494         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
2495         libsoup 2.33.1 now.
2496         https://bugs.webkit.org/show_bug.cgi?id=50675
2497
2498         * platform/network/soup/CookieJarSoup.cpp:
2499         (WebCore::defaultCookieJar):
2500         (WebCore::setCookies):
2501         * platform/network/soup/ResourceHandleSoup.cpp:
2502         (WebCore::ResourceHandle::prepareForURL):
2503         (WebCore::restartedCallback):
2504         (WebCore::startHttp):
2505         * platform/network/soup/ResourceRequestSoup.cpp:
2506         (WebCore::ResourceRequest::updateSoupMessage):
2507         (WebCore::ResourceRequest::toSoupMessage):
2508         (WebCore::ResourceRequest::updateFromSoupMessage):
2509
2510 2011-01-29  Adam Barth  <abarth@webkit.org>
2511
2512         Reviewed by Daniel Bates.
2513
2514         XSSFilter should replace URLs with about:blank instead of the empty string
2515         https://bugs.webkit.org/show_bug.cgi?id=53370
2516
2517         Using the empty string will make the URL complete to the current
2518         document's URL, which isn't really what we want.  Instead, we want to
2519         use about:blank, which is safe.
2520
2521         * html/parser/XSSFilter.cpp:
2522         (WebCore::XSSFilter::filterObjectToken):
2523         (WebCore::XSSFilter::filterEmbedToken):
2524
2525 2011-01-29  Adam Barth  <abarth@webkit.org>
2526
2527         Reviewed by Daniel Bates.
2528
2529         XSSFilter should pass xssAuditor/script-tag-addslashes*
2530         https://bugs.webkit.org/show_bug.cgi?id=53365
2531
2532         We need to canonicalize strings to avoid being tricked by addslashes.
2533
2534         * html/parser/XSSFilter.cpp:
2535         (WebCore::HTMLNames::isNonCanonicalCharacter):
2536             - This function is copied from the XSSAuditor (with some tweaks).
2537               We'll eventually remove the XSSAuditor once we've got XSSFilter
2538               working properly.
2539         (WebCore::HTMLNames::canonicalize):
2540         (WebCore::HTMLNames::decodeURL):
2541         (WebCore::XSSFilter::isContainedInRequest):
2542
2543 2011-01-29  Adam Barth  <abarth@webkit.org>
2544
2545         Reviewed by Daniel Bates.
2546
2547         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
2548         and xssAuditor/script-tag-post-*
2549         https://bugs.webkit.org/show_bug.cgi?id=53364
2550
2551         We're supposed to allow loading same-origin resources even if they
2552         appear as part of the request.
2553
2554         Also, we're supposed to look at the POST data too.  :)
2555
2556         * html/parser/XSSFilter.cpp:
2557         (WebCore::XSSFilter::eraseAttributeIfInjected):
2558         (WebCore::XSSFilter::isSameOriginResource):
2559             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
2560               eventually remove the XSSAuditor version when XSSFilter is done.
2561         * html/parser/XSSFilter.h:
2562
2563 2011-01-29  Adam Barth  <abarth@webkit.org>
2564
2565         Reviewed by Daniel Bates.
2566
2567         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
2568         https://bugs.webkit.org/show_bug.cgi?id=53362
2569
2570         Turns out we need to replace the src attribute of script tags with
2571         about:blank to avoid loading the main document URL as a script.  Also,
2572         move misplaced return statement that was triggering the console message
2573         too often.
2574
2575         * html/parser/HTMLToken.h:
2576         (WebCore::HTMLToken::appendToAttributeValue):
2577         * html/parser/XSSFilter.cpp:
2578         (WebCore::XSSFilter::filterScriptToken):
2579         (WebCore::XSSFilter::eraseAttributeIfInjected):
2580         * html/parser/XSSFilter.h:
2581
2582 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
2583
2584         Downloads in WK2 on Windows should write resume data to bundle
2585         https://bugs.webkit.org/show_bug.cgi?id=53282
2586         <rdar://problem/8753077>
2587
2588         Reviewed by Alice Liu.
2589
2590         * WebCore.vcproj/WebCore.vcproj:
2591         Added new files to project.
2592
2593         * platform/network/cf/DownloadBundle.h: Added.
2594         * platform/network/win/DownloadBundleWin.cpp: Added.
2595         (WebCore::DownloadBundle::magicNumber):
2596         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
2597         it.
2598         (WebCore::DownloadBundle::fileExtension):
2599         Ditto.
2600         (WebCore::DownloadBundle::appendResumeData):
2601         Ditto - but modified to return bool rather than HRESULT and to clean up
2602         whitespace.
2603         (WebCore::DownloadBundle::extractResumeData):
2604         Ditto - modified to clean up whitespace.
2605
2606 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
2607
2608         Unreviewed, rolling out r77050.
2609         http://trac.webkit.org/changeset/77050
2610         https://bugs.webkit.org/show_bug.cgi?id=53371
2611
2612         Caused a crash in Chromium's test_shell_tests (Requested by
2613         rniwa on #webkit).
2614
2615         * html/parser/HTMLTreeBuilder.cpp:
2616         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2617         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2618         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2619         * html/parser/HTMLTreeBuilder.h:
2620
2621 2011-01-28  Eric Seidel  <eric@webkit.org>
2622
2623         Reviewed by Darin Adler.
2624
2625         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
2626         https://bugs.webkit.org/show_bug.cgi?id=48719
2627
2628         It's unclear exactly what the Peacekeeper benchmark is testing,
2629         because I haven't found a way to run it myself.
2630
2631         However, I constructed a benchmark which shows at least one possible slow point.
2632         The HTML5 spec talks about creating a new document for every time we use
2633         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
2634         mess, and the constructor and destructor do a huge amount of work.
2635         To avoid constructing (or destructing) documents for each innerHTML call,
2636         this patch adds a shared dummy document used by all innerHTML calls.
2637
2638         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
2639         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
2640
2641         Saving a shared Document like this is error prone.  Currently
2642         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
2643         in an attempt to clear the Document's state. However it's possible
2644         that that call is not sufficient and we'll have future bugs here.
2645
2646         * html/parser/HTMLTreeBuilder.cpp:
2647         (WebCore::DummyDocumentFactory::createDummyDocument):
2648         (WebCore::DummyDocumentFactory::releaseDocument):
2649         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2650         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2651         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2652         * html/parser/HTMLTreeBuilder.h:
2653
2654 2011-01-28  Johnny Ding  <jnd@chromium.org>
2655
2656         Reviewed by Adam Barth.
2657
2658         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
2659         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
2660         https://bugs.webkit.org/show_bug.cgi?id=53244
2661
2662         Test: fast/events/popup-blocked-from-iframe-src.html
2663
2664         * bindings/ScriptControllerBase.cpp:
2665         (WebCore::ScriptController::executeIfJavaScriptURL):
2666
2667 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2668
2669         Reviewed by Gavin Barraclough.
2670
2671         Add various clampToInt() methods to MathExtras.h
2672         https://bugs.webkit.org/show_bug.cgi?id=52910
2673
2674         Use clampToInteger() from MathExtras.h
2675
2676         * css/CSSParser.cpp:
2677         (WebCore::CSSParser::parseCounter):
2678
2679 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2680
2681         Unreviewed, rolling out r77006 and r77020.
2682         http://trac.webkit.org/changeset/77006
2683         http://trac.webkit.org/changeset/77020
2684         https://bugs.webkit.org/show_bug.cgi?id=53360
2685
2686         "Broke Windows tests" (Requested by rniwa on #webkit).
2687
2688         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
2689         * WebCore.exp.in:
2690         * bindings/js/DOMWrapperWorld.h:
2691         * bindings/js/JSAudioConstructor.cpp:
2692         (WebCore::JSAudioConstructor::JSAudioConstructor):
2693         * bindings/js/JSDOMBinding.cpp:
2694         (WebCore::markDOMNodesForDocument):
2695         (WebCore::markDOMObjectWrapper):
2696         (WebCore::markDOMNodeWrapper):
2697         * bindings/js/JSDOMGlobalObject.cpp:
2698         (WebCore::JSDOMGlobalObject::markChildren):
2699         (WebCore::JSDOMGlobalObject::setInjectedScript):
2700         (WebCore::JSDOMGlobalObject::injectedScript):
2701         * bindings/js/JSDOMGlobalObject.h:
2702         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2703         (WebCore::getDOMConstructor):
2704         * bindings/js/JSDOMWindowCustom.cpp:
2705         (WebCore::JSDOMWindow::setLocation):
2706         (WebCore::DialogHandler::dialogCreated):
2707         * bindings/js/JSDOMWindowShell.cpp:
2708         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2709         (WebCore::JSDOMWindowShell::setWindow):
2710         (WebCore::JSDOMWindowShell::markChildren):
2711         (WebCore::JSDOMWindowShell::unwrappedObject):
2712         * bindings/js/JSDOMWindowShell.h:
2713         (WebCore::JSDOMWindowShell::window):
2714         (WebCore::JSDOMWindowShell::setWindow):
2715         * bindings/js/JSDeviceMotionEventCustom.cpp:
2716         (WebCore::createAccelerationObject):
2717         (WebCore::createRotationRateObject):
2718         * bindings/js/JSEventListener.cpp:
2719         (WebCore::JSEventListener::JSEventListener):
2720         (WebCore::JSEventListener::markJSFunction):
2721         * bindings/js/JSEventListener.h:
2722         (WebCore::JSEventListener::jsFunction):
2723         * bindings/js/JSHTMLDocumentCustom.cpp:
2724         (WebCore::JSHTMLDocument::setAll):
2725         * bindings/js/JSImageConstructor.cpp:
2726         (WebCore::JSImageConstructor::JSImageConstructor):
2727         * bindings/js/JSImageDataCustom.cpp:
2728         (WebCore::toJS):
2729         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2730         (WebCore::JSJavaScriptCallFrame::scopeChain):
2731         (WebCore::JSJavaScriptCallFrame::scopeType):
2732         * bindings/js/JSNodeFilterCondition.cpp:
2733         (WebCore::JSNodeFilterCondition::markAggregate):
2734         (WebCore::JSNodeFilterCondition::acceptNode):
2735         * bindings/js/JSNodeFilterCondition.h:
2736         * bindings/js/JSNodeFilterCustom.cpp:
2737         * bindings/js/JSOptionConstructor.cpp:
2738         (WebCore::JSOptionConstructor::JSOptionConstructor):
2739         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2740         (WebCore::JSSQLResultSetRowList::item):
2741         * bindings/js/ScriptCachedFrameData.cpp:
2742         (WebCore::ScriptCachedFrameData::restore):
2743         * bindings/js/ScriptObject.cpp:
2744         (WebCore::ScriptGlobalObject::set):
2745         * bindings/js/SerializedScriptValue.cpp:
2746         (WebCore::CloneDeserializer::putProperty):
2747         * bindings/scripts/CodeGeneratorJS.pm:
2748         * bridge/qt/qt_runtime.cpp:
2749         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2750         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2751         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2752         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2753         * bridge/qt/qt_runtime.h:
2754         * bridge/runtime_root.cpp:
2755         (JSC::Bindings::RootObject::invalidate):
2756         * bridge/runtime_root.h:
2757         * dom/Document.h:
2758
2759 2011-01-28  Adam Barth  <abarth@webkit.org>
2760
2761         Reviewed by Eric Seidel.
2762
2763         XSSFilter should log to the console when it blocks something
2764         https://bugs.webkit.org/show_bug.cgi?id=53354
2765
2766         This patch refactors a bunch of methods in XSSFilter to return a bool
2767         indicating whether they blocked anything.  Using this bool, we decide
2768         whether to log to the console.  We're using the same log message as the
2769         XSSAuditor, but it seems likely we can improve this message in the
2770         future (especially by piping in the correct line number, which is now
2771         accessible via the parser).
2772
2773         * html/parser/XSSFilter.cpp:
2774         (WebCore::HTMLNames::isNameOfInlineEventHandler):
2775         (WebCore::XSSFilter::filterToken):
2776         (WebCore::XSSFilter::filterTokenInitial):
2777         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
2778         (WebCore::XSSFilter::filterScriptToken):
2779         (WebCore::XSSFilter::filterObjectToken):
2780         (WebCore::XSSFilter::filterEmbedToken):
2781         (WebCore::XSSFilter::filterAppletToken):
2782         (WebCore::XSSFilter::filterMetaToken):
2783         (WebCore::XSSFilter::filterBaseToken):
2784         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
2785         * html/parser/XSSFilter.h:
2786
2787 2011-01-28  Adam Barth  <abarth@webkit.org>
2788
2789         Reviewed by Daniel Bates.
2790
2791         Wire up settings->xssAuditorEnabled to XSSFilter
2792         https://bugs.webkit.org/show_bug.cgi?id=53345
2793
2794         * html/parser/XSSFilter.cpp:
2795         (WebCore::XSSFilter::XSSFilter):
2796         (WebCore::XSSFilter::filterToken):
2797         * html/parser/XSSFilter.h:
2798
2799 2011-01-28  Adam Barth  <abarth@webkit.org>
2800
2801         Reviewed by Daniel Bates.
2802
2803         Teach XSSFilter about <meta> and <base> tags
2804         https://bugs.webkit.org/show_bug.cgi?id=53339
2805
2806         I'm not 100% sure we need to block <meta http-equiv>, but it seems
2807         prudent given how powerful that attribute is.  We definitely need to
2808         block injection of <base href> because that can redirect script tags
2809         that use relative URLs.
2810
2811         * html/parser/XSSFilter.cpp:
2812         (WebCore::XSSFilter::filterToken):
2813         (WebCore::XSSFilter::filterMetaToken):
2814         (WebCore::XSSFilter::filterBaseToken):
2815         * html/parser/XSSFilter.h:
2816
2817 2011-01-28  Adam Barth  <abarth@webkit.org>
2818
2819         Reviewed by Daniel Bates.
2820
2821         Teach XSSFilter about <applet>
2822         https://bugs.webkit.org/show_bug.cgi?id=53338
2823
2824         HTML5 is pretty light on information about how the <applet> tag works.
2825         According to this site:
2826
2827         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
2828
2829         The "code" and "object" attributes are the essential attributes for
2830         determining which piece of Java to run.  We might need to expand to the
2831         codebase and archive attributes at some point, but hopefully code and
2832         object will be sufficient.
2833
2834         * html/parser/XSSFilter.cpp:
2835         (WebCore::XSSFilter::filterToken):
2836         (WebCore::XSSFilter::filterAppletToken):
2837         * html/parser/XSSFilter.h:
2838
2839 2011-01-28  Adam Barth  <abarth@webkit.org>
2840
2841         Reviewed by Daniel Bates.
2842
2843         Teach the XSSFilter about object and embed tags
2844         https://bugs.webkit.org/show_bug.cgi?id=53336
2845
2846         For <object> and <embed>, we filter out attribute values that either
2847         indicate which piece of media to load or which plugin to load.  In a
2848         perfect world, we'd only need to filter out the URLs of the media, but
2849         some plug-ins (like Flash) have lots of fun places you can hide the
2850         URL (e.g., the "movie" <param>).
2851
2852         * html/parser/XSSFilter.cpp:
2853         (WebCore::XSSFilter::filterToken):
2854         (WebCore::XSSFilter::filterScriptToken):
2855         (WebCore::XSSFilter::filterObjectToken):
2856         (WebCore::XSSFilter::filterEmbedToken):
2857         (WebCore::XSSFilter::eraseAttributeIfInjected):
2858         * html/parser/XSSFilter.h:
2859
2860 2011-01-28  Oliver Hunt  <oliver@apple.com>
2861
2862         Fix Qt build.
2863
2864         * bridge/qt/qt_runtime.cpp:
2865         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2866         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2867         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2868         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2869         * bridge/qt/qt_runtime.h:
2870
2871 2011-01-28  Antti Koivisto  <antti@apple.com>
2872
2873         Reviewed by Simon Fraser.
2874
2875         CSS styles are shared based on uninitialized property values
2876         https://bugs.webkit.org/show_bug.cgi?id=53285
2877         
2878         Null test.
2879
2880         * dom/NamedNodeMap.cpp:
2881         (WebCore::NamedNodeMap::mappedMapsEquivalent):
2882
2883 2011-01-27  Oliver Hunt  <oliver@apple.com>
2884
2885         Reviewed by Geoffrey Garen.
2886
2887         Convert markstack to a slot visitor API
2888         https://bugs.webkit.org/show_bug.cgi?id=53219
2889
2890         Update WebCore to the new marking apis, correct bindings
2891         codegen. 
2892
2893         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2894         * WebCore.exp.in:
2895         * bindings/js/DOMWrapperWorld.h:
2896         (WebCore::DOMWrapperWorld::globalData):
2897         * bindings/js/JSAudioConstructor.cpp:
2898         (WebCore::JSAudioConstructor::JSAudioConstructor):
2899         * bindings/js/JSDOMBinding.cpp:
2900         (WebCore::markDOMNodesForDocument):
2901         (WebCore::markDOMObjectWrapper):
2902         (WebCore::markDOMNodeWrapper):
2903         * bindings/js/JSDOMGlobalObject.cpp:
2904         (WebCore::JSDOMGlobalObject::markChildren):
2905         (WebCore::JSDOMGlobalObject::setInjectedScript):
2906         (WebCore::JSDOMGlobalObject::injectedScript):
2907         * bindings/js/JSDOMGlobalObject.h:
2908         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2909         (WebCore::getDOMConstructor):
2910         * bindings/js/JSDOMWindowCustom.cpp:
2911         (WebCore::JSDOMWindow::setLocation):
2912         (WebCore::DialogHandler::dialogCreated):
2913         * bindings/js/JSDOMWindowShell.cpp:
2914         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2915         (WebCore::JSDOMWindowShell::setWindow):
2916         (WebCore::JSDOMWindowShell::markChildren):
2917         (WebCore::JSDOMWindowShell::unwrappedObject):
2918         * bindings/js/JSDOMWindowShell.h:
2919         (WebCore::JSDOMWindowShell::window):
2920         (WebCore::JSDOMWindowShell::setWindow):
2921         * bindings/js/JSEventListener.cpp:
2922         (WebCore::JSEventListener::JSEventListener):
2923         (WebCore::JSEventListener::markJSFunction):
2924         * bindings/js/JSEventListener.h:
2925         (WebCore::JSEventListener::jsFunction):
2926         * bindings/js/JSHTMLDocumentCustom.cpp:
2927         (WebCore::JSHTMLDocument::setAll):
2928         * bindings/js/JSImageConstructor.cpp:
2929         (WebCore::JSImageConstructor::JSImageConstructor):
2930         * bindings/js/JSImageDataCustom.cpp:
2931         (WebCore::toJS):
2932         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2933         (WebCore::JSJavaScriptCallFrame::scopeChain):
2934         (WebCore::JSJavaScriptCallFrame::scopeType):
2935         * bindings/js/JSNodeFilterCondition.cpp:
2936         (WebCore::JSNodeFilterCondition::markAggregate):
2937         (WebCore::JSNodeFilterCondition::acceptNode):
2938         * bindings/js/JSNodeFilterCondition.h:
2939         * bindings/js/JSNodeFilterCustom.cpp:
2940         * bindings/js/JSOptionConstructor.cpp:
2941         (WebCore::JSOptionConstructor::JSOptionConstructor):
2942         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2943         (WebCore::JSSQLResultSetRowList::item):
2944         * bindings/js/ScriptCachedFrameData.cpp:
2945         (WebCore::ScriptCachedFrameData::restore):
2946         * bindings/js/ScriptObject.cpp:
2947         (WebCore::ScriptGlobalObject::set):
2948         * bindings/js/SerializedScriptValue.cpp:
2949         (WebCore::CloneDeserializer::putProperty):
2950         * bindings/scripts/CodeGeneratorJS.pm:
2951         * dom/Document.h:
2952
2953 2011-01-28  Sam Weinig  <sam@webkit.org>
2954
2955         Reviewed by Anders Carlsson.
2956
2957         Keyboard scrolling doesn’t work in WebKit2
2958         <rdar://problem/8909672>
2959
2960         * platform/mac/ScrollAnimatorMac.mm:
2961         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
2962         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
2963         Add additional necessary delegate methods.
2964
2965 2011-01-29  Darin Adler  <darin@apple.com>
2966
2967         Reviewed by Dan Bernstein.
2968
2969         Re-land this patch with the missing null check that caused crashes in layout tests.
2970
2971         Changing cursor style has no effect until the mouse moves
2972         https://bugs.webkit.org/show_bug.cgi?id=14344
2973         rdar://problem/7563712
2974
2975         No tests added because we don't have infrastructure for testing actual cursor
2976         changes (as opposed to cursor style computation) at this time. We might add it later.
2977
2978         * page/EventHandler.cpp:
2979         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
2980         * page/EventHandler.h: Ditto.
2981
2982         * rendering/RenderObject.cpp:
2983         (WebCore::areNonIdenticalCursorListsEqual): Added.
2984         (WebCore::areCursorsEqual): Added.
2985         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
2986         cursor styles changed.
2987
2988 2011-01-28  Justin Schuh  <jschuh@chromium.org>
2989
2990         Reviewed by Eric Seidel.
2991
2992         We should hold RefPtrs to SVG font faces
2993         https://bugs.webkit.org/show_bug.cgi?id=53270
2994
2995         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
2996
2997         * css/CSSFontFaceSource.cpp:
2998         (WebCore::CSSFontFaceSource::getFontData):
2999         * css/CSSFontFaceSource.h:
3000         * svg/SVGFontFaceElement.cpp:
3001         (WebCore::SVGFontFaceElement::associatedFontElement):
3002         * svg/SVGFontFaceElement.h:
3003
3004 2011-01-28  Zhenyao Mo  <zmo@google.com>
3005
3006         Reviewed by Kenneth Russell.
3007
3008         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
3009         https://bugs.webkit.org/show_bug.cgi?id=53306
3010
3011         * html/canvas/WebGLRenderingContext.cpp:
3012         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
3013
3014 2011-01-28  Tom Sepez  <tsepez@chromium.org>
3015
3016         Reviewed by Eric Seidel.
3017
3018         NULL pointer crash in TextIterator::handleTextBox()
3019         https://bugs.webkit.org/show_bug.cgi?id=53267
3020
3021         Test: fast/css/rtl-nth-child-first-letter-crash.html
3022
3023         * editing/TextIterator.cpp:
3024         (WebCore::TextIterator::handleTextBox):
3025
3026 2011-01-28  Adrienne Walker  <enne@google.com>
3027
3028         Reviewed by Kenneth Russell.
3029
3030         [chromium] Remove a spurious diagnostic CRASH check.
3031         https://bugs.webkit.org/show_bug.cgi?id=52379
3032
3033         * platform/graphics/chromium/LayerTilerChromium.cpp:
3034         (WebCore::LayerTilerChromium::invalidateRect):
3035
3036 2011-01-28  Dan Bernstein  <mitz@apple.com>
3037
3038         Reviewed by Sam Weinig.
3039
3040         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
3041         https://bugs.webkit.org/show_bug.cgi?id=19785
3042
3043         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
3044         direction corresponding to the writing direction of the <select> element, with the checkmarks
3045         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
3046         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
3047         which returns true for this pop-up behavior.
3048
3049         * loader/EmptyClients.h:
3050         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
3051         * manual-tests/pop-up-alignment-and-direction.html: Added.
3052         * page/Chrome.cpp:
3053         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
3054         client.
3055         * page/Chrome.h:
3056         * page/ChromeClient.h:
3057         * platform/PopupMenuStyle.h:
3058         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
3059         variable initialization.
3060         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
3061         * platform/mac/PopupMenuMac.mm:
3062         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
3063         to match the menu's writing direction. Set items' writing direction and direction override
3064         according to their styles.
3065         * rendering/RenderMenuList.cpp:
3066         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
3067         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
3068         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
3069         item's writing direction and override setting.
3070         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
3071         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
3072         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
3073         * rendering/RenderMenuList.h:
3074         * rendering/RenderTextControlSingleLine.cpp:
3075         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
3076
3077 2011-01-28  Adam Barth  <abarth@webkit.org>
3078
3079         Reviewed by Daniel Bates.
3080
3081         Teach XSSFilter how to filter <script> elements
3082         https://bugs.webkit.org/show_bug.cgi?id=53279
3083
3084         This patch adds the ability for the XSSFilter to block injected
3085         <script> elements.  Handling script elements is slightly subtle because
3086         these elements act very differently depending on whether they have a
3087         src attribute.
3088         
3089         In the "src case", which check whether the src attribute was present in
3090         the request.  In the "non-src case", we check whether the start tag and
3091         the body of the script element was included in the request.  Checking
3092         for the whole start tag means we miss out on some attribute splitting
3093         attacks inside of script tags, but that doesn't seem like that big a
3094         deal.
3095
3096         This patch also introduces some amount of state into the XSSFilter
3097         because inline script elements span multiple tokens.  There's a lot of
3098         tuning and optimization left in these cases, some of which I've noted
3099         with FIXMEs.
3100
3101         To test this patch, I played around with some of the existing
3102         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
3103         systematically in the future.
3104
3105         * html/parser/HTMLToken.h:
3106         (WebCore::HTMLToken::eraseCharacters):
3107         (WebCore::HTMLToken::eraseValueOfAttribute):
3108         * html/parser/XSSFilter.cpp:
3109         (WebCore::HTMLNames::hasName):
3110         (WebCore::HTMLNames::findAttributeWithName):
3111         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
3112         (WebCore::XSSFilter::XSSFilter):
3113         (WebCore::XSSFilter::filterToken):
3114         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
3115         (WebCore::XSSFilter::filterScriptToken):
3116         (WebCore::XSSFilter::snippetForRange):
3117         (WebCore::XSSFilter::snippetForAttribute):
3118         * html/parser/XSSFilter.h:
3119
3120 2011-01-28  Adam Barth  <abarth@webkit.org>
3121
3122         Reviewed by Daniel Bates.
3123
3124         Sketch out new XSS filter design (disabled by default)
3125         https://bugs.webkit.org/show_bug.cgi?id=53205
3126
3127         This patch adds a basic sketch of the new XSS filter design.  Rather
3128         than watching scripts as they execute, in this design, we watch tokens
3129         emitted by the tokenizer.  We then map the tokens directly back into
3130         input characters, which lets us skip all the complicated logic related
3131         to HTML entities and double-decoding of JavaScript URLs.
3132
3133         This patch contains only the bare essentially machinery.  I'll add more
3134         in future patches and eventually remove the previous code once this
3135         code is up and running correctly.
3136
3137         * Android.mk:
3138         * CMakeLists.txt:
3139         * GNUmakefile.am:
3140         * WebCore.gypi:
3141         * WebCore.pro:
3142         * WebCore.vcproj/WebCore.vcproj:
3143         * WebCore.xcodeproj/project.pbxproj:
3144         * html/parser/HTMLDocumentParser.cpp:
3145         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
3146         (WebCore::HTMLDocumentParser::pumpTokenizer):
3147         (WebCore::HTMLDocumentParser::sourceForToken):
3148         * html/parser/HTMLDocumentParser.h:
3149         * html/parser/XSSFilter.cpp: Added.
3150         * html/parser/XSSFilter.h: Added.
3151
3152 2011-01-28  Michael Saboff  <msaboff@apple.com>
3153
3154         Reviewed by Geoffrey Garen.
3155
3156         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3157         https://bugs.webkit.org/show_bug.cgi?id=53271
3158
3159         Reapplying this patch with the change that the second ASSERT in 
3160         RootObject::removeRuntimeObject was changed to use
3161         .uncheckedGet() instead of the failing .get().  The object in question
3162         could be in the process of being GC'ed.  The get() call will not return
3163         such an object while the uncheckedGet() call will return the (unsafe) 
3164         object.  This is the behavior we want.
3165
3166         Precautionary change.
3167         Changed RootObject to use WeakGCMap instead of HashSet.
3168         Found will looking for another issue, but can't produce a test case
3169         that is problematic.  THerefore there aren't any new tests.
3170
3171         * bridge/runtime_root.cpp:
3172         (JSC::Bindings::RootObject::invalidate):
3173         (JSC::Bindings::RootObject::addRuntimeObject):
3174         (JSC::Bindings::RootObject::removeRuntimeObject):
3175         * bridge/runtime_root.h:
3176
3177 2011-01-28  Adam Roben  <aroben@apple.com>
3178
3179         Notify CACFLayerTreeHost when the context is flushed
3180
3181         LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
3182         timers were never starting.
3183
3184         Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
3185         76858 broke ~36 animations, compositing, and transitions tests
3186
3187         Reviewed by Sam Weinig.
3188
3189         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
3190         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
3191         start our render timer.
3192
3193 2011-01-28  Antti Koivisto  <antti@apple.com>
3194
3195         Reviewed by Dan Bernstein.
3196
3197         Remove dead code that tried to map from CSS values to parser values
3198         https://bugs.webkit.org/show_bug.cgi?id=53318
3199
3200         * css/CSSFunctionValue.cpp:
3201         * css/CSSFunctionValue.h:
3202         * css/CSSPrimitiveValue.cpp:
3203         * css/CSSPrimitiveValue.h:
3204         * css/CSSValue.h:
3205         * css/CSSValueList.cpp:
3206         * css/CSSValueList.h:
3207
3208 2011-01-28  Enrica Casucci  <enrica@apple.com>
3209
3210         Reviewed by Adam Roben.
3211
3212         Some drag and drop tests fail since r76824
3213         https://bugs.webkit.org/show_bug.cgi?id=53304
3214
3215         There were '||' instead of '&&' in the checks for valid
3216         clipboard content.
3217         
3218         * platform/win/ClipboardWin.cpp:
3219         (WebCore::ClipboardWin::getData):
3220         (WebCore::ClipboardWin::types):
3221         (WebCore::ClipboardWin::files):
3222
3223 2011-01-28  Martin Robinson  <mrobinson@igalia.com>
3224
3225         [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
3226         https://bugs.webkit.org/show_bug.cgi?id=52889
3227
3228         Build fix for WebAudio. Include WebAudio source files on the source
3229         list when WebAudio is enabled.
3230
3231         * GNUmakefile.am: Include missing source files.
3232
3233 2011-01-28  Sam Weinig  <sam@webkit.org>
3234
3235         Reviewed by Maciej Stachowiak.
3236
3237         Add basic rubber banding support
3238         <rdar://problem/8219429>
3239         https://bugs.webkit.org/show_bug.cgi?id=53277
3240
3241         * page/EventHandler.cpp:
3242         (WebCore::EventHandler::handleGestureEvent):
3243         Pass gesture events to the FrameView.
3244
3245         * platform/ScrollAnimator.cpp:
3246         (WebCore::ScrollAnimator::handleGestureEvent):
3247         * platform/ScrollAnimator.h:
3248         Add stubbed out implementation.
3249
3250         * platform/ScrollView.cpp:
3251         (WebCore::ScrollView::ScrollView):
3252         (WebCore::ScrollView::overhangAmount):
3253         (WebCore::ScrollView::wheelEvent):
3254         * platform/ScrollView.h:
3255         * platform/ScrollableArea.cpp:
3256         (WebCore::ScrollableArea::ScrollableArea):
3257         (WebCore::ScrollableArea::handleGestureEvent):
3258         * platform/ScrollableArea.h:
3259         (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
3260         (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
3261         Move constrains scrolling bit to ScrollableArea from ScrollView.
3262
3263         (WebCore::ScrollableArea::contentsSize):
3264         (WebCore::ScrollableArea::overhangAmount):
3265         Add additional virtual functions for information needed by the animator.
3266
3267         * platform/mac/ScrollAnimatorMac.h:
3268         * platform/mac/ScrollAnimatorMac.mm:
3269         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
3270         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
3271         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
3272         (WebCore::elasticDeltaForTimeDelta):
3273         (WebCore::elasticDeltaForReboundDelta):
3274         (WebCore::reboundDeltaForElasticDelta):
3275         (WebCore::scrollWheelMultiplier):
3276         (WebCore::ScrollAnimatorMac::handleWheelEvent):
3277         (WebCore::ScrollAnimatorMac::handleGestureEvent):
3278         (WebCore::ScrollAnimatorMac::pinnedInDirection):
3279         (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
3280         (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
3281         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
3282         (WebCore::ScrollAnimatorMac::beginScrollGesture):
3283         (WebCore::ScrollAnimatorMac::endScrollGesture):
3284         (WebCore::ScrollAnimatorMac::snapRubberBand):
3285         (WebCore::roundTowardZero):
3286         (WebCore::roundToDevicePixelTowardZero):
3287         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
3288         Implement basic rubber banding.
3289
3290 2011-01-28  Dan Bernstein  <mitz@apple.com>
3291
3292         Reviewed by Anders Carlsson.
3293
3294         Changing unicode-bidi doesn’t force layout
3295         https://bugs.webkit.org/show_bug.cgi?id=53311
3296
3297         Test: fast/dynamic/unicode-bidi.html
3298
3299         * rendering/style/RenderStyle.cpp:
3300         (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
3301
3302 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3303
3304         Reviewed by Kent Tamura.
3305
3306         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
3307         https://bugs.webkit.org/show_bug.cgi?id=53122
3308
3309         This is the first step in converting HTMLMediaElement to the new shadow DOM.
3310
3311         Should not regress any existing tests. No observable change in behavior.
3312
3313         * css/CSSSelector.cpp:
3314         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
3315         (WebCore::nameToPseudoTypeMap): Ditto.
3316         (WebCore::CSSSelector::extractPseudoType): Ditto.
3317         * css/CSSSelector.h: Ditto.
3318         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
3319         * rendering/MediaControlElements.cpp:
3320         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
3321             which is now replaced with virtual shadowPseudoId on each corresponding class.
3322         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
3323         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
3324             display type in constructor.
3325         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
3326             constructor argument.
3327         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
3328         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
3329             to disambiguate from the MediaControlMuteButtonElement.
3330         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
3331         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
3332         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
3333             constructor argument.
3334         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
3335         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
3336             constructor argument.
3337         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
3338         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
3339         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
3340         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
3341         (WebCore::MediaControlSeekBackButtonElement::create): Added.
3342         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
3343         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
3344         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
3345         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
3346             constructor argument.
3347         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
3348         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
3349             constructor argument.
3350         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
3351         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
3352             constructor argument.
3353         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
3354         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
3355             constructor argument.
3356         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
3357         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
3358             constructor argument.
3359         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
3360         * rendering/MediaControlElements.h:
3361         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
3362         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
3363         * rendering/RenderMedia.cpp:
3364         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
3365         (WebCore::RenderMedia::createSeekBackButton): Ditto.
3366         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
3367         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
3368         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
3369
3370 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3371
3372         Reviewed by Eric Carlson.
3373
3374         Split MediaControls out of RenderMedia.
3375         https://bugs.webkit.org/show_bug.cgi?id=53252
3376
3377         Near-mechanical moving of stuff, no change in behavior, thus no new tests.
3378
3379         * Android.mk: Added MediaControls to build system.
3380         * CMakeLists.txt: Ditto.
3381         * GNUmakefile.am: Ditto.
3382         * WebCore.gypi: Ditto.
3383         * WebCore.pro: Ditto.
3384         * WebCore.vcproj/WebCore.vcproj: Ditto.
3385         * WebCore.xcodeproj/project.pbxproj: Ditto.
3386         * html/HTMLMediaElement.cpp:
3387         (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
3388         * html/shadow/MediaControls.cpp: Copied all controls-related methods from
3389             Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
3390         * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
3391         * rendering/MediaControlElements.cpp:
3392         (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
3393         * rendering/RenderMedia.cpp:
3394         (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
3395         (WebCore::RenderMedia::destroy): Changed to use MediaControls.
3396         (WebCore::RenderMedia::styleDidChange): Ditto.
3397         (WebCore::RenderMedia::layout): Ditto.
3398         (WebCore::RenderMedia::updateFromElement): Ditto.
3399         * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
3400             is only used by sub-class RenderVideo.
3401         (WebCore::RenderMedia::controls): Added.
3402         * rendering/RenderVideo.cpp:
3403         (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
3404         (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
3405         (WebCore::RenderVideo::paintReplaced): Ditto.
3406         (WebCore::RenderVideo::updatePlayer): Ditto.
3407         (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
3408         (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
3409
3410 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
3411
3412         Reviewed by Yury Semikhatsky.
3413
3414         Web Inspector: allow remote debugging with front-end
3415         served from the cloud.
3416         https://bugs.webkit.org/show_bug.cgi?id=53303
3417
3418         * inspector/front-end/inspector.js:
3419
3420 2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
3421
3422         Reviewed by Andreas Kling.
3423
3424         Setting value of m_PressedPos to make scrolling smooth
3425
3426         Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
3427         https://bugs.webkit.org/show_bug.cgi?id=51349
3428
3429         The value of m_PressedPos was getting set before moveThumb() call
3430         in all other scenarios except when "Scroll Here" option is used.
3431         Hence scrolling with this option was not as expected even in cases
3432         where scrolling was happening. The thumb would move in unexpected
3433         direction. m_PressedPos is now set to pressed position so delta is
3434         calculated.
3435         Unable to write a test case as the test needs to click on "Scroll
3436         Here" option of context sensitive menu and QTest is unable to do it.
3437         Besides no new functionality introduced.
3438
3439         * platform/qt/ScrollbarQt.cpp:
3440         (WebCore::Scrollbar::contextMenu):
3441
3442 2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
3443
3444         Reviewed by Pavel Feldman.
3445
3446         Web Inspector: [Extensions API] add JSON schema for extensions API
3447         https://bugs.webkit.org/show_bug.cgi?id=53236
3448
3449         * inspector/front-end/ExtensionAPISchema.json: Added.
3450
3451 2011-01-27  Zhenyao Mo  <zmo@google.com>
3452
3453         Reviewed by Kenneth Russell.
3454
3455         Remove _LENGTH enumerants
3456         https://bugs.webkit.org/show_bug.cgi?id=53259
3457
3458         * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
3459         (WebCore::WebGLRenderingContext::getProgramParameter):
3460         (WebCore::WebGLRenderingContext::getShaderParameter):
3461         * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
3462
3463 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3464
3465         Reviewed by Yury Semikhatsky.
3466
3467         Web Inspector: syntax highlight inline JS and CSS in HTML resources
3468         https://bugs.webkit.org/show_bug.cgi?id=30831
3469
3470         * inspector/front-end/SourceHTMLTokenizer.js:
3471         (WebInspector.SourceHTMLTokenizer):
3472         (WebInspector.SourceHTMLTokenizer.prototype.set line):
3473         (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
3474         * inspector/front-end/SourceHTMLTokenizer.re2js:
3475
3476 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3477
3478         Reviewed by Yury Semikhatsky.
3479
3480         Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
3481         https://bugs.webkit.org/show_bug.cgi?id=53295
3482
3483         Select the current word suffix before switching to the next suggestion.
3484
3485         * inspector/front-end/StylesSidebarPane.js:
3486         ():
3487
3488 2011-01-28  Alejandro G. Castro  <alex@igalia.com>
3489
3490         Reviewed by Xan Lopez.
3491
3492         [GTK] Fix dist compilation for the release
3493         https://bugs.webkit.org/show_bug.cgi?id=53290
3494
3495         * GNUmakefile.am: Added inspector files to the extra dist.
3496
3497 2011-01-28  Ilya Sherman  <isherman@chromium.org>
3498
3499         Reviewed by Andreas Kling.
3500
3501         Const-correct HTMLSelectElement and WebSelectElement
3502         https://bugs.webkit.org/show_bug.cgi?id=53293
3503
3504         * html/HTMLSelectElement.cpp:
3505         (WebCore::HTMLSelectElement::value): const.
3506         * html/HTMLSelectElement.h:
3507
3508 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3509
3510         Unreviewed, rolling out r76893.
3511         http://trac.webkit.org/changeset/76893
3512         https://bugs.webkit.org/show_bug.cgi?id=53287
3513
3514         It made some tests crash on GTK and Qt debug bots (Requested
3515         by Ossy on #webkit).
3516
3517         * bridge/runtime_root.cpp:
3518         (JSC::Bindings::RootObject::invalidate):
3519         (JSC::Bindings::RootObject::addRuntimeObject):
3520         (JSC::Bindings::RootObject::removeRuntimeObject):
3521         * bridge/runtime_root.h:
3522
3523 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
3524
3525         Reviewed by Laszlo Gombos.
3526
3527         Get rid of prefix header dependency for WebKit2 build system
3528         https://bugs.webkit.org/show_bug.cgi?id=50174
3529
3530         Guard EmptyProtocalDefinitions.h to make sure it's not included twice.
3531
3532         * platform/mac/EmptyProtocolDefinitions.h:
3533
3534 2011-01-27  Abhishek Arya  <inferno@chromium.org>
3535
3536         Reviewed by Dan Bernstein.
3537
3538         Recalc table sections if needed before calculating the first line
3539         box baseline.
3540         https://bugs.webkit.org/show_bug.cgi?id=53265
3541
3542         When we try to calculate the baseline position of a table cell,
3543         we recurse through all the child sibling boxes (when children are
3544         non inline) and add their first linebox baseline values. If one of
3545         the children is a table with pending section recalc, we will access
3546         wrong table section values. We recalc table sections if it is needed.
3547
3548         Test: fast/table/recalc-section-first-body-crash-main.html
3549
3550         * rendering/RenderTable.cpp:
3551         (WebCore::RenderTable::firstLineBoxBaseline):
3552
3553 2011-01-27  Adrienne Walker  <enne@google.com>
3554
3555         Reviewed by Kenneth Russell.
3556
3557         [chromium] Add CRASH calls to further debug tiled compositor memcpy crash.
3558         https://bugs.webkit.org/show_bug.cgi?id=52379
3559
3560         Test: LayoutTests/compositing (to verify these weren't triggered)
3561
3562         * platform/graphics/chromium/LayerTilerChromium.cpp:
3563         (WebCore::LayerTilerChromium::invalidateRect):
3564         (WebCore::LayerTilerChromium::update):
3565
3566 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
3567
3568         Reviewed by Pavel Feldman.
3569
3570         Web Inspector: [STYLES] Cancelled suggestion of a property name results in a visual artifact
3571         https://bugs.webkit.org/show_bug.cgi?id=53242
3572
3573         * inspector/front-end/StylesSidebarPane.js:
3574         (WebInspector.StylePropertyTreeElement.prototype):
3575
3576 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
3577
3578         Unreviewed, rolling out r76891.
3579         http://trac.webkit.org/changeset/76891
3580         https://bugs.webkit.org/show_bug.cgi?id=53280
3581
3582         Makes every layout test crash (Requested by othermaciej on