ChangeLog   [plain text]


2010-08-09  Mark Rowe  <mrowe@apple.com>

        Merge r63772.

    2010-07-20  Leo Yang  <leo.yang@torchmobile.com.cn>

        Reviewed by David Hyatt.

        Don't merge Anonymous block whose first child is inline run-in.
        Make run-in recalculate its style after its renderer is destroyed.
        https://bugs.webkit.org/show_bug.cgi?id=41375.

        Test: fast/runin/crash-when-reparent-sibling.html

        * rendering/RenderBlock.cpp:
        (WebCore::canMergeContiguousAnonymousBlocks):
        * rendering/RenderObjectChildList.cpp:
        (WebCore::RenderObjectChildList::destroyLeftoverChildren):

2010-08-09  Mark Rowe  <mrowe@apple.com>

        Merge r64110.

    2010-07-27  Kent Tamura  <tkent@chromium.org>

        Reviewed by Ojan Vafai.

        Add a runtime setting for interactive form validation.
        https://bugs.webkit.org/show_bug.cgi?id=40520

        The interactive validation feature was disabled for non-strict
        modes by r61059 to avoid a compatibility issue. This removes the
        mode checking and introduce a runtime setting to enable/disable
        the feature instead.
        The default value is 'disable' and we'll remove the setting when
        the compatibility issue is resolved and interactive validation
        implementation is completed.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::validateInteractively):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:
        (WebCore::Settings::setInteractiveFormValidationEnabled):
        (WebCore::Settings::interactiveFormValidationEnabled):

2010-08-09  Mark Rowe  <mrowe@apple.com>

        Merge r64095.

    2010-07-26  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Google image search results broken on pages with Flash
        https://bugs.webkit.org/show_bug.cgi?id=43014

        The test for overflow added in r63452 is wrong in that it ignores the effects
        of positioning on overflow.
        
        The correct approach is to start by using RenderView's layoutOverflowRect as the largest bounds,
        then getting the oveflow rect via backgroundClipRect() relative to the root layer.
        
        Test: compositing/geometry/limit-layer-bounds-overflow-root.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::layerOrAncestorIsTransformed):
        (WebCore::RenderLayerBacking::updateCompositedBounds):

2010-07-22  Mark Rowe  <mrowe@apple.com>

        Merge r63927.

    2010-07-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for <rdar://problem/8222626>
        Send textDidChangeInTextField delegate callback only in response to typing or other forms of user text input.

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        Update project files.
        
        * dom/UserTypingGestureIndicator.cpp: Copied from dom/UserGestureIndicator.cpp.
        (WebCore::UserTypingGestureIndicator::processingUserTypingGesture):
        (WebCore::focusedNode):
        (WebCore::UserTypingGestureIndicator::focusedElementAtGestureStart):
        (WebCore::UserTypingGestureIndicator::UserTypingGestureIndicator):
        (WebCore::UserTypingGestureIndicator::~UserTypingGestureIndicator):
        * dom/UserTypingGestureIndicator.h: Copied from dom/UserGestureIndicator.h.
        Version of UserGestureIndicator that just tracks keyboard gestures and the focused
        node they were targeting.
        
        * editing/Editor.cpp:
        (WebCore::Editor::confirmComposition):
        (WebCore::Editor::setComposition):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::keyEvent):
        Put UserTypingGestureIndicator on the stack for user generated keyboard events.

2010-07-22  Mark Rowe  <mrowe@apple.com>

        Merge r63924.

    2010-07-22  Andy Estes  <aestes@apple.com>

        Reviewed by Maciej Stachowiak.

        When there are no beforeload listeners on a document,
        HTMLLinkElement::process() should be called immediately when the node is
        inserted into the document, rather than waiting until after attach is
        performed.
        <https://bugs.webkit.org/show_bug.cgi?id=42859>
        <rdar://problem/8194528>

        No new tests.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::insertedIntoDocument): If there are no
        beforeload listeners, call process() immediately.  Otherwise, add it as
        a post-attach callback.

2010-07-15  Mark Rowe  <mrowe@apple.com>

        Merge r63452.

    2010-07-15  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Avoid creating huge compositing layers for elements that project outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=42338

        The logic that computed the bounds of compositing layers naively used the
        union of the bounds of descendant, non-composited RenderLayers, without regard
        to what is actually visible. This could result in huge layers for page with
        elements are large negative offsets, or with large negative text-indent (both
        common).
        
        For elements without transforms on them or in their ancestor chain, and when
        no 3d transforms or hardware-accelerated animations are used, can clip compositing
        layers to the size of the document, or based on CSS overflow and clip.

        Tests: compositing/geometry/limit-layer-bounds-clipping-ancestor.html
               compositing/geometry/limit-layer-bounds-fixed-positioned.html
               compositing/geometry/limit-layer-bounds-overflow-repaint.html
               compositing/geometry/limit-layer-bounds-positioned-transition.html
               compositing/geometry/limit-layer-bounds-positioned.html
               compositing/geometry/limit-layer-bounds-transformed-overflow.html
               compositing/geometry/limit-layer-bounds-transformed.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::enclosingOverflowClipAncestor):  Walk up the RenderLayer tree
        looking for an ancestor that has overflow, or to the root. Along the way, check for
        transformed elements.
        (WebCore::RenderLayerBacking::updateCompositedBounds):  If we're in "consult
        overlap" mode, and we don't have transforms, then constrain the bounds
        of composited layers by the RenderView's layoutOverflowRect(), or by the
        enclosing layer with overflow.
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): If the offset from the renderer changes,
        we need to repaint the layer.

2010-07-15  Mark Rowe  <mrowe@apple.com>

        Merge r63283.

    2010-07-13  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Page flashes to mostly white towards the end of loading
        https://bugs.webkit.org/show_bug.cgi?id=42230
        
        We constrain the size of huge composited layers. When doing so, we
        need to use the constained size to set the position as well
        as the dimensions, to ensure the layer appears in the correct place.

        Test: compositing/tiling/constrained-layer-size.html

        * platform/graphics/mac/GraphicsLayerCA.mm:
        (WebCore::GraphicsLayerCA::updateLayerPosition):

2010-07-12  Mark Rowe  <mrowe@apple.com>

        Merge r63149.

    2010-07-12  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Don't go into compositing mode for 0x0 plugins
        https://bugs.webkit.org/show_bug.cgi?id=34009
        
        Don't use compositing for small (0-height or width, or 1x1) plugins, or iframes whose
        height or width is zero.
        
        Previously we made all compositing decisions inside styleChanged(). However,
        now that plugin and iframe compositing behavior depends on renderer size, we have
        to wait until layout before deciding whether to composite these. This behavior
        change is controlled by the m_compositingDependsOnGeometry flag. When set,
        updateCompositingLayers() always does a hierarchy update.

        Tests: compositing/iframes/iframe-size-from-zero.html
               compositing/iframes/iframe-size-to-zero.html
               compositing/plugins/1x1-composited-plugin.html
               compositing/plugins/large-to-small-composited-plugin.html
               compositing/plugins/small-to-large-composited-plugin.html

        * page/FrameView.cpp:
        (WebCore::FrameView::updateCompositingLayers): No longer bail if usesCompositing() is false; we
        have to always enter updateCompositingLayers().
        (WebCore::FrameView::repaintFixedElementsAfterScrolling): Ditto
        (WebCore::FrameView::enterCompositingMode): Remove bogus return of a void.

        * rendering/RenderLayerCompositor.h: Add m_compositingDependsOnGeometry.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor): Initialize m_compositingDependsOnGeometry to false.
        (WebCore::RenderLayerCompositor::updateCompositingLayers): If m_compositingDependsOnGeometry is true,
        we always need to run through the layer hierarchy looking for things which need to be composited, even if
        we're not (yet) in compositing mode.
        
        (WebCore::RenderLayerCompositor::computeCompositingRequirements): Because we can enter compositing mode
        on the fly inside updateCompositingLayers() now, the state of willBeComposited needs to be updated
        when processing the root layer, for the case where the compositing mode changes.
        
        (WebCore::RenderLayerCompositor::requiresCompositingForPlugin): Set the m_compositingDependsOnGeometry
        flag if we see a potentially-composited plugin. Once we have layout information, only composite the plugin
        if height * width > 1.
        
        (WebCore::RenderLayerCompositor::requiresCompositingForIFrame): Set the m_compositingDependsOnGeometry
        flag if we see a potentially-composited iframe. Once we have layout information, only composite the plugin
        if height or width is greater than zero.

2010-07-12  Mark Rowe  <mrowe@apple.com>

        Merge r63112.

    2010-07-12  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Need to do a layout when RenderLayers come and go because of compositing
        https://bugs.webkit.org/show_bug.cgi?id=42108
        
        If we create or destroy RenderLayers for reasons other than style changes
        (e.g. because of composited iframes or plugins), then we need to ensure
        that we do a layout.

        Test: compositing/iframes/layout-on-compositing-change.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::adjustStyleDifference):

2010-07-12  Mark Rowe  <mrowe@apple.com>

        Merge r62302.

    2010-07-01  Andy Estes  <aestes@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/8113003> Correctly fire beforeload events for images
        added to the DOM using .innerHTML.
        https://bugs.webkit.org/show_bug.cgi?id=40919

        Test: fast/dom/beforeload/image-before-load-innerHTML.html

        * html/LegacyHTMLDocumentParser.cpp:
        (WebCore::LegacyHTMLDocumentParser::write): Do not fire synchronous
        image beforeload events immediately after parsing a document fragment.
        Let the events fire later, giving the fragment time to potentially be
        inserted into the document.

2010-07-12  Mark Rowe  <mrowe@apple.com>

        Merge r62271.

    2010-07-01  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Dan Bernstein.

        Prevent crash on counter destruction
        https://bugs.webkit.org/show_bug.cgi?id=40032

        Added counter destruction to RenderWidget::destroy()

        Test: fast/css/counters/destroy-counter-crash.html

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::destroy):

2010-07-12  Mark Rowe  <mrowe@apple.com>

        Merge r62304.

    2010-07-01  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=41488
        <rdar://problem/7487420> Crash in SubresourceLoader::create when load is initiated from plug-in destructor

        Test: plugins/js-from-destroy.html

        * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::create): Null check active
        document loader.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r62687.

    2010-07-07  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        REGRESSION: GMail becomes blank after closing other tabs
        https://bugs.webkit.org/show_bug.cgi?id=40421

        RenderLayerCompositor's attach/detachRootPlatformLayer methods use
        setNeedsStyleRecalc() in order to trigger acclerated compositing layers
        to be hooked together across iframe boundaries. However, it was possible
        for these to get called while inside of Document::recalcStyle(), which
        is bad because it can cause the recalc to fail to get processed.
        
        Fix this by using the existing queuePostAttachCallback() functionality
        to delay the call to setNeedsStyleRecalc() if post-attach callbacks 
        are suspended (indicating that we're inside recalcStyle()).
        
        No new tests because I wasn't able to make a test that shows the problem.

        * dom/ContainerNode.h: Make queuePostAttachCallback() public.
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::postAttachCallbacksAreSuspended): Added; returns
        whether s_attachDepth is non-zero.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::attachRootPlatformLayer): Call scheduleNeedsStyleRecalc()
        instead of setNeedsStyleRecalc().
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer): Ditto.
        (WebCore::needsStyleRecalcCallback): Here we call setNeedsStyleRecalc().
        (WebCore::RenderLayerCompositor::scheduleNeedsStyleRecalc):
        (WebCore::RenderLayerCompositor::notifyIFramesOfCompositingChange):
        * rendering/RenderLayerCompositor.h: Add scheduleNeedsStyleRecalc().

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r62894.

    2010-07-08  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler.

        compositing/iframes/iframe-resize.html displays incorrectly after the resize
        https://bugs.webkit.org/show_bug.cgi?id=41794
        
        The clip and scroll layers of a composited iframe's RenderLayerCompositor are updated from
        from updateGraphicsLayerGeometry(), but this is too early to get the correct layoutWidth and
        layoutHeight from the FrameView which happen later in layout. So when a widget size changes,
        call updateAfterWidgetResize() directly on the RenderLayerBacking (if any).

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateAfterWidgetResize): New method that updates the clip
        and scroll layers of the iframe's content RenderLayerCompositor.
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): Call updateAfterWidgetResize()
        * rendering/RenderLayerBacking.h: Add updateAfterWidgetResize().
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::setWidgetGeometry): Call updateAfterWidgetResize().

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r62875.

    2010-07-08  Adele Peterson  <adele@apple.com>

        Reviewed by Jon Honeycutt, Adam Roben, and Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=41721
        <rdar://problem/8158561> Missing plug-in indicator should have a pressed state

        Test: plugins/clicking-missing-plugin-fires-delegate.html

        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::HTMLPlugInElement): Initialize m_isCapturingMouseEvents.
        (WebCore::HTMLPlugInElement::detach): If we're still capturing when getting detached, clear the capturing node on the EventHandler.
        (WebCore::HTMLPlugInElement::defaultEventHandler): Call handleMissingPluginIndicatorEvent when the missing plugin indicator is showing.
        * html/HTMLPlugInElement.h:
        (WebCore::HTMLPlugInElement::isCapturingMouseEvents):
        (WebCore::HTMLPlugInElement::setIsCapturingMouseEvents):
        * page/ChromeClient.h:
        (WebCore::ChromeClient::shouldMissingPluginMessageBeButton): Added default implementation.
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::replacementTextRoundedRectPressedColor):
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        (WebCore::RenderEmbeddedObject::setMissingPluginIndicatorIsPressed): Added.  Causes a repaint when the state changes.
        (WebCore::RenderEmbeddedObject::paintReplaced): Call getReplacementTextGeometry.
        (WebCore::RenderEmbeddedObject::getReplacementTextGeometry): Factored this out so it can be used in paintReplaced and in isInMissingPluginIndicator.
        (WebCore::RenderEmbeddedObject::isInMissingPluginIndicator): Hit test to see if the mouse event is in the missing plugin indicator.
        (WebCore::RenderEmbeddedObject::handleMissingPluginIndicatorEvent): Capture mouse events as needed and track the pressed appearance.
        * rendering/RenderEmbeddedObject.h:

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r62451.

    2010-07-03  Jon Honeycutt  <jhoneycutt@apple.com>

        The missing plug-in indicator should be clickable

        https://bugs.webkit.org/show_bug.cgi?id=41550
        <rdar://problem/8132162>

        From an original patch by Kevin Decker.

        Reviewed by Darin Adler.

        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::defaultEventHandler):
        If the renderer is a RenderEmbeddedWidget showing the missing plug-in
        indicator, and the event is a click even, call the ChromeClient's
        missingPluginButtonClicked() function.

        * page/ChromeClient.h:
        (WebCore::ChromeClient::missingPluginButtonClicked):
        Declare missingPluginButtonClicked(), and stub the default
        implementation.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        Initialize m_showsMissingPluginIndicator.
        (WebCore::RenderEmbeddedObject::setShowsMissingPluginIndicator):
        Assert that we're not currently showing any replacement text. Set
        m_showsMissingPluginIndicator after setting the replacement text.
        (WebCore::RenderEmbeddedObject::setShowsCrashedPluginIndicator):
        Add the same assert as above.

        * rendering/RenderEmbeddedObject.h:
        (WebCore::RenderEmbeddedObject::showsMissingPluginIndicator):
        Getter for m_showsMissingPluginIndicator.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r62284.

    2010-07-01  Timothy Hatcher  <timothy@apple.com>

        Provide a WebView preference to disable DNS prefetching.

        https://bugs.webkit.org/show_bug.cgi?id=28825
        rdar://problem/7181249

        Reviewed by Darin Adler.

        * WebCore.base.exp: Added Settings::setDNSPrefetchingEnabled.
        * dom/Document.cpp:
        (WebCore::Document::initDNSPrefetch): Check settings->dnsPrefetchingEnabled().
        * page/Settings.cpp:
        (WebCore::Settings::Settings): Set m_dnsPrefetchingEnabled to true.
        (WebCore::Settings::setDNSPrefetchingEnabled): Added. Set m_dnsPrefetchingEnabled.
        * page/Settings.h:
        (WebCore::Settings::dnsPrefetchingEnabled): Added. Return m_dnsPrefetchingEnabled.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r59338.

    2010-05-12  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by David Hyatt.

        Composited plug-ins can cause missed painting
        https://bugs.webkit.org/show_bug.cgi?id=39033
        <rdar://problem/7972478>

        Fixed missed painting (and assertions in debug builds) related to compositing
        propagating out of iframes that contain plug-ins.
        
        When an iframe enters or leaves compositing mode, RenderLayerCompositor uses
        setNeedsStyleRecalc(SyntheticStyleChange) to trigger the parent document to re-evaluate
        whether the iframe itself should be composited. However, for iframes containing plug-ins,
        this can happen at inappropriate times. For example, when a browser tab is brought frontmost,
        plug-ins are instantiated for the first time (via -viewDidMoveToWindow), which triggers a 
        setNeedsStyleRecalc() on the object element. Soon after, the -viewWillDraw machinery
        does layout from the top down. During layout of the iframe, the iframe enters compositing mode,
        and does a setNeedsStyleRecalc() on the iframe element in its parent document. This leaves the
        FrameView as needsLayout(), so the FrameView::paintContents() asserts and bails.
        
        The fix is to avoid doing a setNeedsStyleRecalc() on the root while inside a recalcStyle on
        the iframe. We do this by switching the iframe into compositing mode eagerly as soon as we know
        the plug-in needs it.
        
        A secondary fix is to ensure that if a document has composited iframes, when that document becomes
        composited, we connect compositing layers between the iframes and the parent document.

        Tests: compositing/iframes/connect-compositing-iframe-delayed.html
               compositing/iframes/iframe-src-change.html

        * WebCore.base.exp: Export FrameView::enterCompositingMode()

        * page/FrameView.h: New method, enterCompositingMode(), that we can call from WebKit plug-in code.
        * page/FrameView.cpp:
        (WebCore::FrameView::enterCompositingMode):

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::enableCompositingMode): When we switch into compositing mode, we
            force a style recaclc on any iframes to get them into compositing layers, so they can hook up
            with their content layers if necessary.
        (WebCore::RenderLayerCompositor::didMoveOnscreen): Only call attachRootPlatformLayer() if we really need to.
        (WebCore::RenderLayerCompositor::willMoveOffscreen): Only call detachRootPlatformLayer() if we really need to.
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer): Whitespace.
        (WebCore::RenderLayerCompositor::notifyIFramesOfCompositingChange): Fetch iframe elements, and send a 
            synthetic style recalc on them.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r61645.

    2010-06-22  Adele Peterson  <adele@apple.com>

        Reviewed by Darin Adler.

        Fix for Crash when the renderer for the button in <input type="number"> goes away during event handling
        https://bugs.webkit.org/show_bug.cgi?id=41013

        Test: fast/forms/input-number-crash.html

        * rendering/TextControlInnerElements.cpp: (WebCore::SpinButtonElement::defaultEventHandler):
        Nil check the RenderBox since its possible the renderer has gone away during event handling.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r61801.

    2010-06-24  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Brady Eidson.

        https://bugs.webkit.org/show_bug.cgi?id=41178
        Timed refresh in subframes isn't stopped when going into b/f cache

        Test: fast/history/timed-refresh-in-cached-frame.html

        * history/CachedFrame.cpp: (WebCore::CachedFrame::CachedFrame): Top frame's stopLoading()
        won't help cached subframes; stop loading from here.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading): Don't stop loading in child frames. This didn't work
        for cached frames due to frame tree having been already desonstructed, and it's not necessary
        in non-cached case because stopLoading() will be called for subframes via
        FrameLoader::detachFromParent() and closeURL().
        (WebCore::FrameLoader::pageHidden): This was a second code path that dispatched pagehide
        event - it's no longer needed, because everything goes through FrameLoader::stopLoading().
        (WebCore::FrameLoader::commitProvisionalLoad): Don't call pageHidden(), the code for adding
        frame to b/f cache will do everything.

        * loader/FrameLoader.h: Removed pageHidden().

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r61707.

    2010-06-23  Andy Estes  <aestes@apple.com>

        Reviewed by Alexey Proskuryakov.
        
        <rdar://problem/8107855> Prevent a crash in WebCore when removing an
        object element with an invalid data URL in in a listener to its
        beforeload event.
        https://bugs.webkit.org/show_bug.cgi?id=41054

        Tests: fast/dom/beforeload/remove-bad-object-in-beforeload-listener.html

        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::renderFallbackContent): Exit early if the
        object element is not in the document.
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::updateWidget): If RenderWidget::destroy()
        was called during processing of onbeforeload, do not proceed with loading
        the object.

2010-07-09  Mark Rowe  <mrowe@apple.com>

        Merge r61424.

    2010-06-17  Andy Estes  <aestes@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/8091385> Prevent a crash in WebCore when removing a stylesheet link element in
        in a listener to its beforeload event.
        https://bugs.webkit.org/show_bug.cgi?id=40742
        
        Postpone loading of link elements until after they have been inserted into the DOM and
        attached. This prevents DOM mutations triggered by beforeload handlers from firing in the
        midst of DOM insertion, which can lead to assertion failures and crashes.

        Test: fast/dom/beforeload/remove-link-in-beforeload-listener.html

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::HTMLLinkElement): Initialize m_shouldProcessAfterAttach to false.
        (WebCore::HTMLLinkElement::processCallback): Add a static callback function which calls
        HTMLLinkElement::process().
        (WebCore::HTMLLinkElement::insertedIntoDocument): Instead of calling process() directly, set
        m_shouldProcessAfterAttach to true to indicate that process() should be called after attach().
        (WebCore::HTMLLinkElement::removedFromDocument): Set m_shouldProcessAfterAttach to false.
        (WebCore::HTMLLinkElement::attach): If m_shouldProcessAfterAttach is true, register
        HTMLLinkElement::processCallback() as a post-attach callback.
        * html/HTMLLinkElement.h: Add m_shouldProcessAfterAttach.
        (WebCore::HTMLLinkElement::canLazyAttach): Override canLazyAttach() to return false to
        indicate that a full attach should be performed.  This ensures the post-attach callbacks are
        fired.

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62625.

    2010-07-06  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Simon Fraser.

        Expose URL matching from WebUserContentURLPattern
        https://bugs.webkit.org/show_bug.cgi?id=41726
        <rdar://problem/7910144>

        * WebCore.exp.in: Export UserContentURLPattern::matches for use in WebKit.

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62477.

    2010-07-04  Alice Liu  <alice.liu@apple.com>

        Reviewed by Dan Bernstein.

        Crash reading past end of block in UniscribeController::shapeAndPlaceItem
        https://bugs.webkit.org/show_bug.cgi?id=41554

        Test: platform/win/fast/text/uniscribe-item-boundary-crash.html

        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::shapeAndPlaceItem):
        Don't look one past the end of str. Instead look to the next item, if applicable.

2010-07-07  Hayato Ito  <hayato@chromium.org>

        Reviewed by Darin Adler.

        Rolling out 'page-break-inside:avoid' part of the r54929.
        Rebased the related layout tests, which are now expected to fail, as well.

        https://bugs.webkit.org/show_bug.cgi?id=41532

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintChildren):

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62482.

    2010-07-05  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Darin Adler.

        Memory corruption with SVG <use> element
        https://bugs.webkit.org/show_bug.cgi?id=40994

        Fix race condition in svgAttributeChanged. Never call svgAttributeChanged() from attributeChanged()
        when we're synchronizing SVG attributes. It leads to either unnecessary extra work being done or
        crashes. Especially together with <polyline>/<polygon> which always synchronize the SVGAnimatedPoints
        datastructure with the points attribute, no matter if there are changes are not. This should be
        furhter optimized, but this fix is sane and fixes the root of the evil races.

        Test: svg/custom/use-property-synchronization-crash.svg

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::attributeChanged):

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62662.

    2010-07-06  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        <use> on <font-face> causes crashes, if SVGUseElement gets detached
        https://bugs.webkit.org/show_bug.cgi?id=41621

        Do not call removeFromMappedElementSheet() from the SVGFontFaceElement destructor,
        as that can potentially cause the element to be reattached while destructing.

        In order to fix the crash in the testcase, the order of calling the base-class detach
        method in SVGUseElement and the instance/shadow tree destruction has to be reversed,
        matching the order in removedFromDocument().

        Test: svg/custom/use-font-face-crash.svg

        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::~SVGFontFaceElement): Remove removeFromMappedElementSheet() call.
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::detach): Reverse order of calling base-class detach method and instance/shadow tree destruction.

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r59903.

    2010-05-20  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        WebSocket handshake incompatible change in draft-hixie-thewebsocketprotocol-76
        https://bugs.webkit.org/show_bug.cgi?id=35572

        WebSocket opening handshake is changed.  New protocol draft could be found at http://www.whatwg.org/specs/web-socket-protocol/
        It requires https://bugs.webkit.org/show_bug.cgi?id=38034 to pass websocket tests.

        * websockets/WebSocketHandshake.cpp:
        (WebCore::extractResponseCode):
        add lineLength parameter to return length of status line.
        (WebCore::hostName): Added.
        (WebCore::generateSecWebSocketKey): Added.
        (WebCore::generateKey3): Added.
        (WebCore::setChallengeNumber): Added.
        (WebCore::generateChallengeResponseExpected): Added.
        (WebCore::WebSocketHandshake::WebSocketHandshake):
         generate challenge response key and expected data.
        (WebCore::WebSocketHandshake::clientLocation):
         use hostName.
        (WebCore::WebSocketHandshake::clientHandshakeMessage):
         changed for draft 76 spec.
        (WebCore::WebSocketHandshake::clientHandshakeRequest):
        (WebCore::WebSocketHandshake::readServerHandshake):
         changed for draft 76 spec.
         m_mode is managed in this method.
        (WebCore::WebSocketHandshake::readHTTPHeaders):
         change error log messages.
        (WebCore::WebSocketHandshake::processHeaders):
         chagned for draft 76 spec.
        (WebCore::WebSocketHandshake::checkResponseHeaders):
         return boolean whether response header is ok or not and not change m_mode in it.
        * websockets/WebSocketHandshake.h:

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62664.

    2010-07-07  Andy Estes  <aestes@apple.com>

        Reviewed by Adam Barth.

        Allow a beforeload listener to prevent loading of images in <object> tags.
        https://bugs.webkit.org/show_bug.cgi?id=41027
        <rdar://problem/8120596>

        Tests: fast/dom/beforeload/image-object-before-load-innerHTML.html
               fast/dom/beforeload/image-object-before-load.html

        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::attach): Do not call
        RenderImage::setCachedImage() at the end of attach(). Instead, allow
        this to happen conditionally after beforeload is dispatched.
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::dispatchPendingBeforeLoadEvent): Render fallback
        content if an object's load was cancelled.

2010-07-07  Mark Rowe  <mrowe@apple.com>

        Merge r62391.

    2010-06-24  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Alexey Proskuryakov.

        REGRESSION: Enter does not trigger submit of forms when focus is on select.
        https://bugs.webkit.org/show_bug.cgi?id=39532

        Restore behavior where hitting "Enter" on a select element attempts to submit
        form implicitly.

        * dom/SelectElement.cpp:
        (WebCore::SelectElement::menuListDefaultEventHandler): Added htmlForm argument,
            and attempting to submit implicitly.
        (WebCore::SelectElement::listBoxDefaultEventHandler): Ditto.
        (WebCore::SelectElement::defaultEventHandler): Plumbed through htmlForm argument.
        * dom/SelectElement.h: Added htmlForm argument to method declaration.
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::defaultEventHandler): Changed to provide submitting form
            as the argument.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61667.

    2010-06-23  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Eric Seidel.

        Reproducible crash in com.apple.WebCore 0x01ed3784 WebCore::RenderLineBoxList::appendLineBox(WebCore::InlineFlowBox*) + 36
        https://bugs.webkit.org/show_bug.cgi?id=40953

        REGRESSION (r58209-58231): Memory corruption with invalid SVG
        https://bugs.webkit.org/show_bug.cgi?id=40173

        Fix several crashes, all related to <foreignObject> and/or invalid SVG documents.
        - Only allow <svg> nodes, as direct children of a <foreignObject>, not any other "partial" SVG content.
        - Assure to create RenderSVGRoot objects for <svg> nodes in <foreignObject>, treat them as "outermost SVG elements".
        - Never allow any partial SVG content to appear in any document. Only <svg> elements are allowed.

        Tests: svg/custom/bug45331.svg
               svg/foreignObject/disallowed-svg-nodes-as-direct-children.svg
               svg/foreignObject/no-crash-with-svg-content-in-html-document.svg
               svg/foreignObject/svg-document-as-direct-child.svg
               svg/foreignObject/svg-document-in-html-document.svg
               svg/foreignObject/text-tref-02-b.svg

        * dom/Element.cpp: Added childShouldCreateRenderer, with ENABLE(SVG) guards.
        (WebCore::Element::childShouldCreateRenderer): Only create a renderer for a SVG child, if we're a SVG element, or if the child is a <svg> element.
        * dom/Element.h: Added childShouldCreateRenderer, with ENABLE(SVG) guards.
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::childShouldCreateRenderer): Disallow arbitary SVG content, only <svg> elements are allowed as direct children of a <foreignObject>
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::isOutermostSVG): Be sure to create RenderSVGRoot objects for <svg> elements inside <foreignObject>

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61044.

    2010-06-11  Abhishek Arya  <inferno@chromium.org>

        Reviewed by David Hyatt.

        Don't process floats if parent node is not a RenderBlock.
        https://bugs.webkit.org/show_bug.cgi?id=40033

        Test: svg/text/clear-floats-crash.svg

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::clearFloats):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61050.

    2010-06-10  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Dave Hyatt.

        Do not render CSS Styles :first-letter and :first-line in a SVG text element context. 
        https://bugs.webkit.org/show_bug.cgi?id=40031

        Test: svg/text/text-style-invalid.svg

        * rendering/RenderSVGText.cpp:
        (WebCore::RenderSVGText::firstLineBlock):
        (WebCore::RenderSVGText::updateFirstLetter):
        * rendering/RenderSVGText.h:

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r62279.

    2010-07-01  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/8148656> <https://bugs.webkit.org/show_bug.cgi?id=41431>
        REGRESSION (r49411): Various crashes due to JavaScript execution during plug-in destruction

        Test: plugins/write-xssauditor-from-destroy.html

        Fix specific known cases that also crash in same process case. I don't know if there is
        any rule for when documentLoader should be checked for being null, it looks like a mess.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::referrer):
        * page/XSSAuditor.cpp:
        (WebCore::XSSAuditor::findInRequest):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61654.

    2010-06-22  David Levin  <levin@chromium.org>

        Reviewed by Alexey Proskuryakov.

        REGRESSION: (r47291): Upload progress events are not fired for simple cross-site XHR.
        https://bugs.webkit.org/show_bug.cgi?id=39029

        Specifically, WebKit should fire upload events if one or more event listeners are
        registered on the XMLHttpRequestUpload object when send is called in an async manner.

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest): Allow upload events to be fired when there are
        handlers for them in the cross-origin simple request case.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60882.

    2010-06-08  Mark Rowe  <mrowe@apple.com>

        Reviewed by Adele Peterson.

        <rdar://problem/8072136> REGRESSION (r56051): Inspect Element context menu does nothing in applications linked against 10.4 SDK

        Revert the change to ContextMenu::addInspectElementItem from r56051. It was made without
        explanation and broke a reliance that WebKit has on the presence of a separator before the
        Inspect Element menu item. This also restores the context menu item to the correct location
        at the bottom of the context menu in applications built against the Mac OS X 10.4 SDK.

        * platform/ContextMenu.cpp:
        (WebCore::ContextMenu::addInspectElementItem):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r62135.

    2010-06-29  Beth Dakin  <bdakin@apple.com>

        Reviewed by Darin Adler.

        Speculative fix for <rdar://problem/8071558> CrashTracer: [USER] 
        2300+ crashes in Safari at com.apple.WebCore: 
        WebCore::FrameView::scheduleRelayout + 352

        Unfortunately, we don't have a reproducible case for this bug, and 
        therefore, we do not have a layout test either. It is pretty clear 
        from the logs that m_frame->settings() is null in 
        FrameView::scheduleRelayout() in the crashing case. 
        m_frame->settings() is null whenever page is null. Everywhere else 
        in FrameView.cpp we null-check either page or settings before using 
        settings. It seems plausible to me that scheduleRelayout could be 
        called when page is null, so the fix is just to add null-checks. 

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::scheduleRelayout):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r62134.

    2010-06-29  Dan Bernstein  <mitz@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/7975842> Certain text is repeated after using splitText()

        Tests: fast/text/setData-dirty-lines.html
               fast/text/splitText-dirty-lines.html

        * dom/CharacterData.cpp:
        (WebCore::CharacterData::setData): Call RenderText::setTextWithOffset() rather than
        setText(), because only the former correctly dirties line boxes.
        * dom/Text.cpp:
        (WebCore::Text::splitText): Ditto.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61921.

    2010-06-25  Dan Bernstein  <mitz@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/8000667> Certain text is repeated before and after a line break

        Test: fast/text/bidi-explicit-embedding-past-end.html

        * platform/text/BidiResolver.h:
        (WebCore::::createBidiRunsForLine): Committing explicit embedding past the end of the range
        creates BidiRuns up to the end of the range, so at that point, we can stop iterating.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r59396.

    2010-05-13  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dave Hyatt.

        Fix scrolling in composited iframes
        https://bugs.webkit.org/show_bug.cgi?id=39088
        <rdar://problem/7980099>
        
        When propagating compositing out of iframes, we have to update the position of the iframe content
        layers on scrolling.

        Test: compositing/iframes/scrolling-iframe.html

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollPositionChanged): Call updateContentLayerScrollPosition() when scrolling.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): Renamed setRootPlatformLayerClippingBox() to updateContentLayerOffset().

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerCompositor.cpp: Rename m_clippingLayer to m_clipLayer to go better with m_scrollLayer.
        (WebCore::RenderLayerCompositor::updateContentLayerOffset): Renamed from setRootPlatformLayerClippingBox().
            Set the size of the clipping layer from the FrameView now, so that scrollbars are not clipped out.
            Update the scroll layer position too.
        (WebCore::RenderLayerCompositor::updateContentLayerScrollPosition): Set the position of the scroll layer
            when the ScrollView is scrolled.
        (WebCore::RenderLayerCompositor::rootPlatformLayer): m_clippingLayer rename.
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): m_clippingLayer rename. Also create m_scrollLayer at
            the same time as the clip layer, and clean it up as necessary.
        (WebCore::RenderLayerCompositor::destroyRootPlatformLayer): m_clippingLayer rename, and clean up the m_scrollLayer too.
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer): m_clippingLayer rename

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61435.

    2010-06-18  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=40852
        <rdar://problem/8105498> Limit simultaneous DNS prefetch request number (40852)

        No change in functionality, so no tests.

        We still queue up to 64 names, but only make up to 8 requests at once. If there are names
        remaining in queue, we retry after a short timeout (which is easier than posting
        notifications from client callback).

        * platform/network/cf/DNSCFNet.cpp:
        (WebCore::DNSResolveQueue::add):
        (WebCore::DNSResolveQueue::fired):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61296.

    2010-06-16  Brady Eidson  <beidson@apple.com>

        Reviewed by Eric Carlson

        <rdar://problem/7249553> and https://bugs.webkit.org/show_bug.cgi?id=40749
        ResourceLoader::willCacheResponse() needs to null-check Frame::Settings()

        No new tests. (Discovered via crash reports, no reproducible cases noted)

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willCacheResponse):  Null check m_frame->settings(), 
          but also add an ASSERT so debug-build developers can learn more about why
          this might be happening.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60640.

    2010-06-03  James Robinson  <jamesr@chromium.org>

        Reviewed by Dan Bernstein.

        Take container's scroll offset and clip into account when initializing LayoutState
        https://bugs.webkit.org/show_bug.cgi?id=38506

        When doing a subtree layout, the initial LayoutState creation needs to
        take the layout root container's offset and its scroll offset into account
        to create the initial offset.  Otherwise if a subtree layout occurs
        for a layout root whose container has a non-zero scroll offset
        the LayoutState's offset and clip are wrong, resulting in a mispaint.
        See the test cases for examples.

        Tests: fast/repaint/layout-state-scrolloffset.html
               fast/repaint/layout-state-scrolloffset2.html
               fast/repaint/layout-state-scrolloffset3.html

        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61070.

    2010-06-12  Dan Bernstein  <mitz@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/8025267> REGRESSION (Safari 4-TOT): Crash when a frame’s resize handler removes the frame
        https://bugs.webkit.org/show_bug.cgi?id=40534

        Test: fast/replaced/frame-removed-during-resize.html

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetPosition): Null-check m_widget, since resizing the widget
        may trigger an iframe’s resize handler, which may destroy the widget.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61200.

    2010-06-15  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        YouTube thumbnail borders vanish during transition
        https://bugs.webkit.org/show_bug.cgi?id=40551
        
        Turn off the direct image optimization if the image has a clip style, so that is is
        correctly rendered with the clip.

        Test: compositing/images/clip-on-directly-composited-image.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::isDirectlyCompositedImage):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60908.

    2010-06-09  Mark Rowe  <mrowe@apple.com>

        Reviewed by Adele Peterson.

        <rdar://problem/8070662> REGRESSION (r51629): WebBackForwardList created via -init crashes when -addItem: is called.

        A WebBackForwardList created via -init results in a BackForwardList being created with a null m_page.
        BackForwardList needs to be careful not to dereference m_page without first ensuring it's not null.

        * history/BackForwardList.cpp:
        (WebCore::BackForwardList::addItem): Null-check m_page.
        (WebCore::BackForwardList::goBack): Ditto.
        (WebCore::BackForwardList::goForward): Ditto.
        (WebCore::BackForwardList::goToItem): Ditto.
        (WebCore::BackForwardList::setCapacity): Ditto.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61060.

    2010-06-12  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        REGRESSION: Can't submit a form with <input type=radio required>
        https://bugs.webkit.org/show_bug.cgi?id=40429

        Validity state was not updated correctly for radio buttons, and it
        prevents form submission even if a radio button group has a
        checked radio button.

        Test: fast/forms/interactive-validation-required-radio.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateCheckedRadioButtons):
         Call setNeedsValidityCheck() for all of radio buttons in the same group
         to update validity state.
        (WebCore::HTMLInputElement::setChecked):
         Remove setNeedsValidityCheck() call because it is called in
         updateCheckedRadioButtons().

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60984.

    2010-06-10  Tony Chang  <tony@chromium.org>

        Reviewed by Kent Tamura.

        crash when focus is changed while trying to focus next element
        https://bugs.webkit.org/show_bug.cgi?id=40407

        Test: fast/events/focus-change-crash.html

        * dom/Element.cpp:
        (WebCore::Element::focus):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60459.

    2010-05-31  Tony Chang  <tony@chromium.org>

        Reviewed by Dan Bernstein.

        REGRESSION (r58665): Infinite recursion in Position::getInlineBoxAndOffset()
        https://bugs.webkit.org/show_bug.cgi?id=39946
        
        r58665 added an infinite recursion check, but didn't take into consideration recursion between two
        Positions.  This adds a check for when
        downstreamIgnoringEditingBoundaries(p1) == p2 and upstreamIgnoringEditingBoundaries(p2) == p1

        Test: editing/selection/mixed-editability-12.html

        * dom/Position.cpp:
        (WebCore::Position::getInlineBoxAndOffset):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61068.

    2010-06-12  Dean Jackson  <dino@apple.com>

        Reviewed by Darin Adler.

        Animation keyframe timing functions are applying incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=38963
        
        When copying RenderStyles, we have to clone the AnimationList so that each keyframe
        can have its own timing function.

        Tests: animations/keyframe-timing-functions-transform.html
               animations/keyframe-timing-functions2.html

        * platform/animation/Animation.h:
        (WebCore::Animation::create):
        * platform/animation/AnimationList.cpp:
        (WebCore::AnimationList::AnimationList):
        * platform/animation/AnimationList.h:
        (WebCore::AnimationList::AnimationList):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r60727.

    2010-06-04  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by David Kilzer.

        AX: need an aria-help
        https://bugs.webkit.org/show_bug.cgi?id=40010

        Test: accessibility/aria-help.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::helpText):
        * html/HTMLAttributeNames.in:

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61132.

    2010-06-14  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        AX: AXUnknown objects are being returned
        https://bugs.webkit.org/show_bug.cgi?id=40574

        Test: platform/mac/accessibility/no-unknown-objects-when-title-attribute-present.html

        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61231.

    2010-06-15  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by David Harrison.

        sqlite3_prepare16_v2 is not documented as always setting "tail" during error cases.
        Explicitly initialize it to null, just to be safe.

        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61171.

    2010-06-14  Mark Rowe  <mrowe@apple.com>

        Reviewed by Brady Eidson.

        <rdar://problem/8071866> REGRESSION: Crash on launch on Tiger and Leopard with network home folder

        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare): Don't assume that tail is always non-null, since that may
        not be the case with some versions of SQLite. Instead we must null-check before dereferencing.

2010-07-01  Mark Rowe  <mrowe@apple.com>

        Merge r61365.

    2010-06-17  Abhishek Arya  <inferno@chromium.org>

        Reviewed by David Kilzer.

        (Landed by Dirk Pranke).

        Check for a null frame before setting drag selection.
        https://bugs.webkit.org/show_bug.cgi?id=38893
        Same Layout test as https://bugs.webkit.org/show_bug.cgi?id=37168.

        Test: editing/pasteboard/drag-drop-iframe-refresh-crash.html  

        Note that you need to run the test manually 20-30 times for the crash
        to reproduce.

        * editing/SelectionController.cpp:
        (WebCore::SelectionController::setSelection):

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r61045.

    2010-06-11  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dr Dan Bernstein.

        REGRESSION: crash when unloading an iFrame with Flash from the DOM
        https://bugs.webkit.org/show_bug.cgi?id=40161
        <rdar://problem/7994710>
        
        Null-check the ownerElement of the RenderView's document when unhooking the compositing
        root of an iframe whose layers are parented via the enclosing document. Fixes a crash when
        dynamically removing such an iframe.

        Test: compositing/iframes/remove-iframe-crash.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer):

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59143.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Fix asserting GTK build.

        r59137 changed the behavior of RenderObject::repaintUsingContainer(). I mistakenly
        thought that non-compositing builds would always pass a 0 repaintContainer, but
        actually the RenderView is passed in this case. So use this to repaint if 
        ACCELERATED_COMPOSITING is turned off.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintUsingContainer):

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59140.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Fix warning on Windows about unreachable code.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingIFrame):

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59137.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856
        
        RenderObject::repaintUsingContainer() incorrectly did a view-based
        repaint if the repaint container was the RenderView. Instead, we need
        to check to see if the RenderView's layer is composited, and, if so,
        whether it's painting into the window or not. This can occur when iframes
        are composited.

        The bug is timing-sensitive, involving compositing in iframes, and I was not able to
        concoct a good testcase.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintUsingContainer):

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59136.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856

        Changes to allow compositing layers for iframes to switch between being hosted
        by the iframe's layer-backed NSView, and parented in the GraphicsLayer tree of the
        enclosing document.

        Tests: compositing/iframes/connect-compositing-iframe.html
               compositing/iframes/connect-compositing-iframe2.html
               compositing/iframes/connect-compositing-iframe3.html

        * page/FrameView.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::hasCompositedContent): New convenience method.
        (WebCore::FrameView::setIsOverlapped): If we're composited, poke the owner document in case it
            wants to re-evaluate compositing decisions.
        (WebCore::FrameView::isOverlapped): Just expose the existing flag.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::shouldBeNormalFlowOnly):
        (WebCore::RenderLayer::isSelfPaintingLayer):

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGraphicsLayerConfiguration): If this is an iframe, we need
            to ensure that the layers for the iframe content are hooked up.
        (WebCore::RenderLayerBacking::updateDrawsContent): When an iframe toggles between different
            attachments, the 'drawsContent' behavior of its root layer changes, so needs to be updated.

        * rendering/RenderLayerCompositor.h:
        (WebCore::RenderLayerCompositor::updateCompositingLayers): Call destroyRootPlatformLayer()
            instead of detachRootPlatformLayer() and manually zeroing out the OwnPtrs.
        (WebCore::RenderLayerCompositor::updateBacking): If a RenderIFrame changes compositing mode,
            we need to ensure that its content compositor attachment is updated.
        (WebCore::RenderLayerCompositor::repaintOnCompositingChange): The existing code had a bug
            that caused repaints for RenderViews (which have no parent) to bail. We only want to bail
            for non-RenderViews that are not attached.
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): Factored the iframe-connecting
            code into a new method, parentIFrameContentLayers().
        (WebCore::RenderLayerCompositor::parentIFrameContentLayers): New method to share the code that hooks
            up the iframe's compositing layers to the parent.
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingIFrame): Add logic to propagate
            compositing out of iframes on Mac in two situations: 1) when the FrameView is overlapped, and 2)
            if the parent document is already composited.
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): Clean up the logic here to better deal
            with dynamic changes of the attachment type.
        (WebCore::RenderLayerCompositor::destroyRootPlatformLayer): Clean up and null out the clipping layer here.
        (WebCore::RenderLayerCompositor::attachRootPlatformLayer): Call rootLayerAttachmentChanged().
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer): Ditto. Also unparent the clipping and platform layers.
        (WebCore::RenderLayerCompositor::updateRootLayerAttachment): Call ensureRootPlatformLayer() to re-evaluate
            the layer attachment.
        (WebCore::RenderLayerCompositor::rootLayerAttachmentChanged): We need to update the drawsContent() status
            of the RenderView's layer's backing, because it changes depending on the attachment.

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paint): Do overlap testing if the frameView can do fast repaints (as before),
            but also now when the frameView has composited content.

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59134.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856

        Rename the static shouldPropagateCompositingToIFrameParent() to shouldPropagateCompositingToEnclosingIFrame(),
        to pave the way for runtime switches in the propagation behavior. We have to make sure we call it on
        the correct RenderLayerCompositor (that belonging to the iframe's content document).
        
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintingGoesToWindow): Now that we know the root layer attachment, we
        can simplify this method.

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::enableCompositingMode): No need for the setNeedsStyleRecalc()
        here, because the ensureRootPlatformLayer() or destroyRootPlatformLayer() will have already done it.

        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): Use the root layer attachment to determine
        whether to parent the iframe's layers.
        
        (WebCore::RenderLayerCompositor::didMoveOnscreen): Method name change.
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingIFrame): Name change.
        (WebCore::RenderLayerCompositor::requiresCompositingForIFrame): We need to consult the iframe contents
        document's compositor to ask whether propagation is appropriate.
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): Name change.

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59133.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856
        
        Use an enum for the type of root layer attachment on a RenderLayerCompositor, so we can
        determine if the attachment is via the ChromeClient, via an enclosing iframe, or unattached.

        * rendering/RenderLayerCompositor.h: New RootLayerAttachment enum.
        (WebCore::RenderLayerCompositor::rootLayerAttachment): getter for the current attachment.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor): Init m_rootLayerAttachment.
        (WebCore::RenderLayerCompositor::~RenderLayerCompositor): Assert that is unattached.
        (WebCore::RenderLayerCompositor::updateCompositingLayers): Call destroyRootPlatformLayer instead of willMoveOffscreen,
        when there are no layers left. Also clear out the clipping layer.
        (WebCore::RenderLayerCompositor::didMoveOnscreen): Call attachRootPlatformLayer.
        (WebCore::RenderLayerCompositor::willMoveOffscreen): Call ensureRootPlatformLayer with the appropriate attachment.
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): Only create the m_rootPlatformLayer if we don't have one
           already, but be sure to always set the root layer geometry orientation. Also only create the
           m_clippingLayer if we need to.
        (WebCore::RenderLayerCompositor::destroyRootPlatformLayer): Call detachRootPlatformLayer().
        (WebCore::RenderLayerCompositor::attachRootPlatformLayer): Code moved from didMoveOnscreen, but switching on
            attachment.
        (WebCore::RenderLayerCompositor::detachRootPlatformLayer): Code moved from willMoveOffscreen, but switching on
            attachment.

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59132.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856

        Clean up the geometry logic when propagating compositing out of iframes.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateRootLayerPosition): Geometry on m_rootPlatformLayer no longer
        needs to be special when there's a clipping layer.
        
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): Don't set the clipping layer to have
        flipped geometry ever, and only set the root layer to have flipped geometry if it is not
        being hosted in an iframe. Also no need to set a custom anchor point on the clipping layer.

2010-06-28  Mark Rowe  <mrowe@apple.com>

        Merge r59129.

    2010-05-10  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson

        Allow compositing layers to be connected across iframe boundaries on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38856

        Clean up some methods related to composited iframes. No behavioral changes.

        * rendering/RenderLayerBacking.h: Move innerRenderLayerCompositor() to be a static method:
            RenderLayerCompositor::iframeContentsCompositor().
        * rendering/RenderLayerBacking.cpp: Remove innerRenderLayerCompositor().
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): Call iframeContentsCompositor().
        
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::enableCompositingMode): Call enclosingIFrameElement()
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): iframeContentsCompositor() is now a static method in this class.
        Also check that the iframe contents are in compositing mode (slightly clearer than relying on rootPlatformLayer() returning
        null).
        (WebCore::RenderLayerCompositor::iframeContentsCompositor): Moved from RenderLayerBacking.
        (WebCore::RenderLayerCompositor::didMoveOnscreen): Use enclosingIFrameElement() method.
        (WebCore::RenderLayerCompositor::willMoveOffscreen): Ditto.
        (WebCore::RenderLayerCompositor::enclosingIFrameElement): New method.
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer): Call enclosingIFrameElement().
        * rendering/RenderLayerCompositor.h: New method, iframeContentsCompositor().

2010-06-03  Mark Rowe  <mrowe@apple.com>

        Merge r59498.

    2010-05-14  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7985864> Connection properties dictionary should use standard callbacks for keys, values
        https://bugs.webkit.org/show_bug.cgi?id=39132

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::createConnectionProperties):

2010-06-01  Mark Rowe  <mrowe@apple.com>

        Merge r60502.

    2010-06-01  Jer Noble  <jer.noble@apple.com>

        Reviewed by Sam Weinig.

        QuickTime 7.6.4 + Safari Nightly = Crash
        https://bugs.webkit.org/show_bug.cgi?id=40019
        rdar://problem/8035443
        
        Check the return value of QTCFPropertyListCreateXMLData before calling CFDataGetLength().

        * platform/graphics/win/QTCFDictionary.cpp:
        (QTCFDictionaryCreateCopyWithDataCallback):

2010-05-30  Mark Rowe  <mrowe@apple.com>

        Merge r59910.

    2010-05-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Adam Roben.

        Avoid flushing CA layers when a layout is pending
        https://bugs.webkit.org/show_bug.cgi?id=39463
        <rdar://problem/7999463>

        Avoid rendering the compositing layers to the screen if there's a layout pending,
        since the layer tree not in a state that should be presented to the user.
        
        This fixes flashes in some types of content that dynamically add and remove layers.

        Do this by adding a WKCACFLayerRendererClient for WKCACFLayerRenderer, which it can
        call through to ask whether now is a good time to render. If not, it schedules
        another render soon.
        
        * platform/graphics/win/WKCACFLayerRenderer.h:
        (WebCore::WKCACFLayerRendererClient::~WKCACFLayerRendererClient):
        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::acceleratedCompositingAvailable):
        (WebCore::WKCACFLayerRenderer::create):
        (WebCore::WKCACFLayerRenderer::WKCACFLayerRenderer):
        (WebCore::WKCACFLayerRenderer::render):

2010-05-27  Mark Rowe  <mrowe@apple.com>

        Merge r60317.

    2010-05-27  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/8016158> Crash in CVPixelBufferCreateResolvedAttributesDictionary with RLE
        compressed movie.

        Configure the visual context to generate Direct3D compatible pixel buffers when we are able to
        use a CAImageQueue so there will be less conversion required before display. This change also  
        works around the issue that causes the RLE compressed movie to crash.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::load): Pass enum to QTMovieVisualContext
        constructor instead of CFDictionary.
        * platform/graphics/win/QTMovieVisualContext.cpp:
        (SetNumberValue):
        (getPixelBufferCreationOptions): New, create options dictionary appropriate for the visual 
        context type.
        (pixelBufferCreationOptions): New, return options dictionary appropriate for the visual 
        context type.
        (QTMovieVisualContextPriv::QTMovieVisualContextPriv): Get the options dictionary from
        getPixelBufferCreationOptions insteaad of taking it as a parameter.
        (QTMovieVisualContext::QTMovieVisualContext): Take enum instead of CFDictionary for 
        visual context configuration type.
        * platform/graphics/win/QTMovieVisualContext.h:

2010-05-27  Mark Rowe  <mrowe@apple.com>

        Merge r60272.

    2010-05-26  Jer Noble  <jer.noble@apple.com>

        Patch edited by Adele Peterson and Mark Rowe.
        Reviewed by Eric Carlson

        Video elements show no video on Windows machines that do not support accelerated compositing
        https://bugs.webkit.org/show_bug.cgi?id=39446
        rdar://problem/7999794
        
        Create the visual context in setUpVideoRendering (as opposed to in load), and destroy it in
        tearDownVideoRendering (as opposed to in the destructor.)

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::~MediaPlayerPrivateQuickTimeVisualContext):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::load): Moved creation of the visual context to setUpVideoRendering.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::paint): Return early if the visual context isn't set up.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::currentRenderingMode): If the visual context isn't set up,
        return MediaRenderingNone.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::setUpVideoRendering): Create the visual context.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::tearDownVideoRendering): Destroy the visual context.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::hasSetUpVideoRendering): For software rendering mode, 
        make sure the visual context has been set up when saying the setup has been done.
        * platform/graphics/win/QTMovieVisualContext.cpp:
        (QTMovieVisualContextPriv::~QTMovieVisualContextPriv): Destruction moved to tearDownVideoRendering.
        Also, make sure to cancel the visual context's newImageAvailable callback in the visual context's destructor.
        (QTMovieVisualContext::create): Added.
        * platform/graphics/win/QTMovieVisualContext.h:

2010-05-27  Mark Rowe  <mrowe@apple.com>

        Merge r60252.

    2010-05-26  Alexey Proskuryakov  <ap@apple.com>

        Mac 32 bit build fix.

        * platform/graphics/mac/SimpleFontDataMac.mm: (WebCore::SimpleFontData::platformInit):
        Use static_cast instead of narrowPrecisionToFloat - the latter can't convert from float to float.

2010-05-27  Mark Rowe  <mrowe@apple.com>

        Merge r60247.

    2010-05-26  Dan Bernstein  <mitz@apple.com>

        Typed and reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=39682
        <rdar://problem/8026774> REGRESSION: WebKit nightly adding insane height to div at random

        Test: fast/css/custom-font-xheight.html

        * platform/graphics/mac/SimpleFontDataMac.mm: (WebCore::SimpleFontData::platformInit):
        Calling an Objective C method that returns a structure with a null object can leave garbage in
        returned value. Custom fonts don't have an NSFont, they only have a CGFont. Call
        platformBoundsForGlyph() function instead, which works with CGFont.
        (WebCore::SimpleFontData::platformBoundsForGlyph): Fixed to work on Tiger (for fonts that
        have an NSFont), since this is now used in more cases.

2010-05-25  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.
        Branch doesn't have r59910, so remove the argument from WKCACFLayerRenderer::create.

        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
        (WebCore::MediaPlayerPrivateFullscreenWindow::MediaPlayerPrivateFullscreenWindow):

2010-05-25  Mark Rowe  <mrowe@apple.com>

        Merge r60207.

    2010-05-25  Mark Rowe  <mrowe@apple.com>

        Build fix.

        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:

2010-05-25  Mark Rowe  <mrowe@apple.com>

        Merge r60190.

    2010-05-22  Jer Noble  <jer.noble@apple.com>

        Reviewed by Adam Roben.

        Full screen doesn't work for video elements
        https://bugs.webkit.org/show_bug.cgi?id=39557
        rdar://problem/8011813
        
        Add fullscreen support for MediaPlayerPrivateVisualContext.  A new class, MediaPlayerPrivateFullscreenWindow,
        provides the fullscreen hwnd and layer renderer.  Any WKCACFLayer can be provided to MediaPlayerPrivateFullscreenWindow
        so future additional MediaPlayerPrivate implementations can use the fullscreen window.
        
        Minor additions have been made to the FloatSize and IntSize classes.

        MediaPlayerPrivateQuickTimeVisualContext now calls retrieveCurrentImage after creating a new 
        videoLayer; this is an existing bug that was never really exposed before now.

        * WebCore.vcproj/WebCore.vcproj:
        * platform/graphics/FloatSize.h: Added aspectRatio() and scale(float).
        (WebCore::FloatSize::aspectRatio):
        (WebCore::FloatSize::scale):
        * platform/graphics/IntSize.h: Added aspectRatio().
        (WebCore::IntSize::aspectRatio):
        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp: Added.
        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Added.
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: Call retrieveCurrentImage() after creating the videoLayer.
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::supportsFullscreen):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::retrieveCurrentImage):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::createLayerForMovie):
        * platform/graphics/win/WKCACFLayer.cpp: 
        (WebCore::WKCACFLayer::WKCACFLayer):
        (WebCore::WKCACFLayer::removeFromSuperlayer):
        (WebCore::WKCACFLayer::setFrame):
        (WebCore::WKCACFLayer::internalSetNeedsDisplay):
        (WebCore::WKCACFLayer::setLayoutClient):
        (WebCore::WKCACFLayer::layoutSublayersProc):
        (WebCore::WKCACFLayer::layoutClient):
        (WebCore::WKCACFLayer::setNeedsLayout):
        * platform/graphics/win/WKCACFLayer.h: Add layout client class.
        (WebCore::WKCACFLayerLayoutClient::~WKCACFLayerLayoutClient):
        (WebCore::WKCACFLayer::frame): Added back frame()/setFrame().
        * platform/graphics/win/WebTiledLayer.cpp:
        (WebCore::WebTiledLayer::setFrame): Implamented setFrame() in subclass of WKCACFLayer
        * platform/graphics/win/WebTiledLayer.h:
        * platform/graphics/win/WebTiledLayer.cpp: Added setFrame() overriding WKCACFLayer's implementation
        (WebCore::WebTiledLayer::setFrame):
        * platform/graphics/win/WebTiledLayer.h:


2010-05-25  Mark Rowe  <mrowe@apple.com>

        Merge r60150.

    2010-05-25  Ada Chan  <adachan@apple.com>

        Reviewed by Steve Falkenburg.

        Add a base class for DOMTimer called SuspendableTimer which captures just the
        basic functionality of TimerBase and ActiveDOMObject combined.  It does not
        contain functionality specific to scripting timers.
        
        SuspendableTimer is used in fixing https://bugs.webkit.org/show_bug.cgi?id=39651

        * Android.mk:
        * CMakeLists.txt:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::DOMTimer):
        (WebCore::DOMTimer::contextDestroyed):
        (WebCore::DOMTimer::stop):
        * page/DOMTimer.h:
        * page/SuspendableTimer.cpp: Added.
        (WebCore::SuspendableTimer::SuspendableTimer):
        (WebCore::SuspendableTimer::~SuspendableTimer):
        (WebCore::SuspendableTimer::hasPendingActivity):
        (WebCore::SuspendableTimer::stop):
        (WebCore::SuspendableTimer::suspend):
        (WebCore::SuspendableTimer::resume):
        (WebCore::SuspendableTimer::canSuspend):
        * page/SuspendableTimer.h: Added.

2010-05-25  Mark Rowe  <mrowe@apple.com>

        Merge r60092.

    2010-05-24  Brady Eidson  <beidson@apple.com>

        Reviewed by Darin Adler.

        Database origins aren't populated at launch (missing db in prefs sheet, possible other symptoms)
        <rdar://problem/8013233> and https://bugs.webkit.org/show_bug.cgi?id=39486

        Currently, a Tracker needs to know it's path before origins are populated. Testing databases and 
        related features is made very difficult with this regression, so instead of changing things in a
        complicated way to make this not the case, I've added an "initialize Tracker with this path" function
        that calls the DatabaseTracker constructor with the initial path.

        I checked the other platforms besides Mac and Win, and none of them seem to perform the 
        "initialize databases if necessary" step in their init routines, so this change shouldn't effect them.

        No new tests. (API specific layout test in DRT is forthcoming)

        * WebCore.base.exp:

        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::initializeTracker): Added to create the tracker with its initial path.
        (WebCore::DatabaseTracker::tracker): Move the static tracker out so tracker() and initializeTracker()
          can share it. Add a fallback to not change behavior of platforms that don't call the new 
          "initializeTracker()" method.
        (WebCore::DatabaseTracker::DatabaseTracker): Changed to take the initial path as an argument.
        * storage/DatabaseTracker.h:

        * storage/chromium/DatabaseTrackerChromium.cpp:
        (WebCore::DatabaseTracker::tracker): Adapt to new c'tor.
        (WebCore::DatabaseTracker::DatabaseTracker): Ditto.


2010-05-25  Mark Rowe  <mrowe@apple.com>

        Merge r60110.

    2010-05-24  Jer Noble  <jer.noble@apple.com>

        Reviewed by Eric Carlson.

        HTML5 <video> tag performance worse than Flash
        https://bugs.webkit.org/show_bug.cgi?id=39577
        rdar://problem/7982458
        
        Added attachments() back to QTPixelBuffer, as they are necessary for CAImageQueue.
        
        WKCACFLayer contents()/setContents() now return/take a CFTypeRef instead of a CGImageRef, which allows
        a CAImageQueueRef to be set as a layer's contents.
        
        WKCAImageQueue is a simple C++ wrapper around the WebKitSystemInterface CAImageQueue functions.
        
        MediaPlayerPrivateQuickTimeVisualContext will now use a CAImageQueue to display movie frames if 
        certain prerequisites are met (QuartzCore.dll and CoreVideo.dll version numbers must meet a certain
        threshold defined in MediaPlayerPrivateQuickTimeVisualContext.cpp).
        
        * WebCore.vcproj/WebCore.vcproj:
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.h:
        * platform/graphics/win/QTPixelBuffer.cpp:
        * platform/graphics/win/QTPixelBuffer.h:
        * platform/graphics/win/WKCACFLayer.cpp:
        * platform/graphics/win/WKCACFLayer.h:
        * platform/graphics/win/WKCAImageQueue.cpp: Added.
        * platform/graphics/win/WKCAImageQueue.h: Added.

2010-05-24  Mark Rowe  <mrowe@apple.com>

        Merge r60045.

    2010-05-23  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Limit the number of tiles created for large tiled layers
        https://bugs.webkit.org/show_bug.cgi?id=39522
        
        I added an algorithm to limit the number of tiles created to 512.
        It tried to limit them in only one dimension and if that's not
        possible it limits them in both dimensions according to the
        ratio of width to height. This has the effect of rendering
        tiles starting from the upper-left, which is often the part
        that is visible. So it both prevents crashing and tried to do
        the best job it can of displaying what the author intended.

        The test LayoutTests/compositing/geometry/huge-layers.html was
        crashing before this fix. Now it works correctly.

        * platform/graphics/win/WebTiledLayer.cpp:
        (WebCore::WebTiledLayer::WebTiledLayer):
        (WebCore::WebTiledLayer::setBounds):
        (WebCore::WebTiledLayer::constrainedSize):
        (WebCore::WebTiledLayer::updateTiles):
        * platform/graphics/win/WebTiledLayer.h:

2010-05-24  Mark Rowe  <mrowe@apple.com>

        Merge r59982.

    2010-05-21  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Implement tiled compositing layers on Windows
        https://bugs.webkit.org/show_bug.cgi?id=39461
        
        This adds a tiling implementation similar (from a GraphicsLayer standpoint)
        to the one for Mac. But where Mac uses the existing CATiledLayer, I've had
        to implement one. If a layer is greater then 2k x 2k, I split it into an
        array of 512 x 512 tiles. These tiles are positioned in the correct place 
        for the TiledLayer's content. When setNeedsDisplay is called on the TiledLayer
        the tiles' setNeedDisplay methods are called. Each tile clips and positions the
        CGContext appropriately and then renders the layer.
        
        I also got rid of all frame()/setFrame() API to reduce the number of calls to
        override for tiling.
        
        Much optimization is possible. Most significantly right now all tiles are
        rendered whether visible or not. We need to only render tiles that are 
        currently visible.

        Tests: compositing/huge-layer-add-remove-child.html
               compositing/huge-layer-resize.html
               compositing/huge-layer-with-layer-children-resize.html
               compositing/huge-layer-with-layer-children.html
               compositing/huge-layer.html

        * WebCore.vcproj/WebCore.vcproj:
        * platform/graphics/win/GraphicsLayerCACF.cpp: Added tiling code similar to GraphicsLayerCA
        (WebCore::GraphicsLayerCACF::requiresTiledLayer):
        (WebCore::GraphicsLayerCACF::swapFromOrToTiledLayer):
        (WebCore::GraphicsLayerCACF::updateLayerSize):
        (WebCore::GraphicsLayerCACF::updateLayerDrawsContent):
        * platform/graphics/win/GraphicsLayerCACF.h:
        * platform/graphics/win/WKCACFLayer.cpp: Made some methods virtual so WebTiledLayer can override.
                                                 Also added sublayer setting and manipulation methods needed for tiling
        (WebCore::WKCACFLayer::addSublayer):
        (WebCore::WKCACFLayer::internalInsertSublayer):
        (WebCore::WKCACFLayer::insertSublayerAboveLayer):
        (WebCore::WKCACFLayer::insertSublayerBelowLayer):
        (WebCore::WKCACFLayer::replaceSublayer):
        (WebCore::WKCACFLayer::internalSublayerCount):
        (WebCore::WKCACFLayer::adoptSublayers):
        (WebCore::WKCACFLayer::internalSublayerAtIndex):
        (WebCore::WKCACFLayer::internalIndexOfSublayer):
        (WebCore::WKCACFLayer::internalRemoveAllSublayers):
        (WebCore::WKCACFLayer::internalSetSublayers):
        (WebCore::WKCACFLayer::internalSetNeedsDisplay):
        (WebCore::WKCACFLayer::printLayer):
        * platform/graphics/win/WKCACFLayer.h:
        (WebCore::WKCACFLayer::setNeedsDisplay):
        (WebCore::WKCACFLayer::removeAllSublayers):
        (WebCore::WKCACFLayer::setSublayers):
        (WebCore::WKCACFLayer::insertSublayer):
        (WebCore::WKCACFLayer::sublayerCount):
        * platform/graphics/win/WKCACFLayerRenderer.cpp: Fix a crash exposed when tiling code is active
        (WebCore::WKCACFLayerRenderer::createRenderer):
        (WebCore::WKCACFLayerRenderer::destroyRenderer):
        (WebCore::WKCACFLayerRenderer::resize):
        * platform/graphics/win/WebLayer.cpp: Added. Split this out from GraphicsLayerCACF so it could be subclassed by WebTiledLayer
        (WebCore::WebLayer::internalSetNeedsDisplay):
        (WebCore::WebLayer::drawInContext):
        * platform/graphics/win/WebLayer.h: Added.
        (WebCore::WebLayer::create):
        (WebCore::WebLayer::WebLayer):
        * platform/graphics/win/WebTiledLayer.cpp: Added. Where all the tile construction and rendering is done
        (WebCore::WebTiledLayer::tileDisplayCallback):
        (WebCore::WebTiledLayer::create):
        (WebCore::WebTiledLayer::WebTiledLayer):
        (WebCore::WebTiledLayer::~WebTiledLayer):
        (WebCore::WebTiledLayer::setBounds):
        (WebCore::WebTiledLayer::internalSetNeedsDisplay):
        (WebCore::WebTiledLayer::internalSublayerCount):
        (WebCore::WebTiledLayer::internalRemoveAllSublayers):
        (WebCore::WebTiledLayer::internalSetSublayers):
        (WebCore::WebTiledLayer::internalInsertSublayer):
        (WebCore::WebTiledLayer::internalSublayerAtIndex):
        (WebCore::WebTiledLayer::internalIndexOfSublayer):
        (WebCore::WebTiledLayer::addTile):
        (WebCore::WebTiledLayer::removeTile):
        (WebCore::WebTiledLayer::tileAtIndex):
        (WebCore::WebTiledLayer::tileCount):
        (WebCore::WebTiledLayer::updateTiles):
        (WebCore::WebTiledLayer::drawTile):
        * platform/graphics/win/WebTiledLayer.h: Added.

2010-05-24  Mark Rowe  <mrowe@apple.com>

        Merge r60014.

    2010-05-22  Daniel Bates  <dbates@rim.com>

        Reviewed by Adam Barth.

        REGRESSION (r56295): Can't create a new wave on Google Wave
        https://bugs.webkit.org/show_bug.cgi?id=39249

        Instead of just using the source code portion of a JavaScript URL to
        detect an XSS attack, we now include the JavaScript URL schema. This
        reduces the chance of a false positive by providing additional context.

        Test: http/tests/security/xssAuditor/javascript-link-safe.html

        * WebCore.base.exp: Updated exported symbols as necessary.
        * bindings/ScriptControllerBase.cpp:
        (WebCore::ScriptController::executeScript): Added parameter shouldAllowXSS.
        (WebCore::ScriptController::executeIfJavaScriptURL): Ditto.
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld): Ditto.
        (WebCore::ScriptController::evaluate): Ditto.
        (WebCore::ScriptController::executeScriptInWorld): Ditto.
        * bindings/js/ScriptController.h: Added enum ShouldAllowXSS.
        (WebCore::):
        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::evaluate): Added parameter shouldAllowXSS.
        * bindings/v8/ScriptController.h: Added enum ShouldAllowXSS.
        (WebCore::):

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59956.

    2010-05-21  David Hyatt  <hyatt@apple.com>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=39420, :visited not working with background-color.

        Make the RenderStyle color accessors private.  This forces callers to use visitedDependentColor
        instead (or to make the decision to become friends of the RenderStyle class in order to get access
        to the real style information).

        Modified history/self-is-visited.html to also test background colors.

        * WebCore.base.exp:
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::isTableExposableThroughAccessibility):
        * accessibility/mac/AccessibilityObjectWrapper.mm:
        (AXAttributeStringSetStyle):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::currentColorOrValidColor):
        * css/CSSComputedStyleDeclaration.h:
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::colorFromSVGColorCSSValue):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::editingStyleAtPosition):
        (WebCore::prepareEditingStyleToApplyAt):
        (WebCore::removeStylesAddedByNode):
        (WebCore::fontColorChangesComputedStyle):
        (WebCore::ApplyStyleCommand::addInlineStyleIfNeeded):
        * editing/ApplyStyleCommand.h:
        (WebCore::):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphs):
        (WebCore::CompositeEditCommand::breakOutOfEmptyListItem):
        * editing/DeleteButtonController.cpp:
        (WebCore::isDeletableElement):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::saveTypingStyleState):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::calculateStyleBeforeInsertion):
        * editing/RemoveFormatCommand.cpp:
        (WebCore::RemoveFormatCommand::doApply):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::handleStyleSpansBeforeInsertion):
        (WebCore::ReplaceSelectionCommand::handleStyleSpans):
        (WebCore::ReplaceSelectionCommand::doApply):
        * editing/SelectionController.cpp:
        (WebCore::SelectionController::paintCaret):
        * editing/markup.cpp:
        (WebCore::createMarkup):
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::ensurePropertyMap):
        * page/animation/AnimationBase.h:
        * page/mac/FrameMac.mm:
        (WebCore::Frame::fontAttributesForSelectionStart):
        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::paint):
        (WebCore::EllipsisBox::paintSelection):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::styleDidChange):
        (WebCore::RenderBox::paintRootBoxDecorations):
        (WebCore::RenderBox::paintBoxDecorationsWithSize):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintBoxShadow):
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::paintBoxDecorations):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::paintColumnBorder):
        (WebCore::RenderFrameSet::paintRowBorder):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintReplaced):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::rendererBackgroundColor):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::paintItemForeground):
        (WebCore::RenderListBox::paintItemBackground):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::paint):
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::itemStyle):
        (WebCore::RenderMenuList::itemBackgroundColor):
        (WebCore::RenderMenuList::menuStyle):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::selectionBackgroundColor):
        (WebCore::RenderObject::selectionForegroundColor):
        * rendering/RenderSVGResource.cpp:
        (WebCore::RenderSVGResource::adjustColorForPseudoRules):
        (WebCore::RenderSVGResource::fillPaintingResource):
        (WebCore::RenderSVGResource::strokePaintingResource):
        * rendering/RenderSVGResource.h:
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::paintBoxDecorations):
        * rendering/RenderTable.h:
        (WebCore::RenderTable::bgColor):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::paintBackgroundsBehindCell):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::adjustInnerTextStyle):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::menuStyle):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::isControlStyled):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMenuListButton):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        (WebCore::write):
        * rendering/RenderTreeAsText.h:
        * rendering/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paintSelection):
        * rendering/SVGRenderTreeAsText.cpp:
        (WebCore::writeRenderSVGTextBox):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::colorIncludingFallback):
        (WebCore::RenderStyle::visitedDependentColor):
        * rendering/style/RenderStyle.h:
        (WebCore::):
        (WebCore::InheritedFlags::hasBackground):
        (WebCore::InheritedFlags::borderLeftStyle):
        (WebCore::InheritedFlags::borderRightStyle):
        (WebCore::InheritedFlags::borderTopStyle):
        (WebCore::InheritedFlags::borderBottomStyle):
        (WebCore::InheritedFlags::textShadow):
        (WebCore::InheritedFlags::textStrokeWidth):
        (WebCore::InheritedFlags::hasNormalColumnGap):
        (WebCore::InheritedFlags::borderLeftColor):
        (WebCore::InheritedFlags::borderRightColor):
        (WebCore::InheritedFlags::borderTopColor):
        (WebCore::InheritedFlags::borderBottomColor):
        (WebCore::InheritedFlags::backgroundColor):
        (WebCore::InheritedFlags::color):
        (WebCore::InheritedFlags::columnRuleColor):
        (WebCore::InheritedFlags::outlineColor):
        (WebCore::InheritedFlags::textFillColor):
        (WebCore::InheritedFlags::textStrokeColor):
        * svg/SVGAnimationElement.cpp:
        (WebCore::adjustForCurrentColor):

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59904.

    2010-05-20  Jon Honeycutt  <jhoneycutt@apple.com>

        REGRESSION(r53637): DivX plug-in fails to start until window is resized
        https://bugs.webkit.org/show_bug.cgi?id=39457
        <rdar://problem/8006102>

        Before r53637, we called Widget::move() (which caused us to call
        NPP_SetWindow) before painting a plug-in. r53637 removed the call to
        Widget::move(), and we end up never calling NPP_SetWindow for plug-ins
        with the "DeferFirstSetWindowCall" quirk, including the DivX plug-in.

        Reviewed by Simon Fraser.

        * manual-tests/divx-plugin-fails-to-draw.html: Added.

        * plugins/PluginView.cpp:
        (WebCore::PluginView::PluginView):
        Initialize new member to false.

        * plugins/PluginView.h:
        Added new member.

        * plugins/win/PluginViewWin.cpp:
        (WebCore::PluginView::paint):
        Call setNPWindowRect() before painting to ensure that NPP_SetWindow gets
        called.
        (WebCore::PluginView::setNPWindowRect):
        Set m_haveCalledSetWindow.

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59966.

    2010-05-21  Jer Noble  <jer.noble@apple.com>

        Reviewed by Anders Carlsson.

        Disable full-screen video on Windows
        https://bugs.webkit.org/show_bug.cgi?id=39506
        rdar://problem/8012516
        
        Disable full-screen video through MediaPlayerPrivateVisualContext since
        we no longer use GWorlds and QuickTime's built in full-screen support.
        
        Media layout tests updated with new expected results.        
        
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::supportsFullscreen):

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59950.

    2010-05-21  Beth Dakin  <bdakin@apple.com>

        Reviewed by Darin Adler.

        Fix for <rdar://problem/8009118> Crash in WebCore::toAlphabetic() 
        while running MangleMe
        -and corresponding-
        https://bugs.webkit.org/show_bug.cgi?id=39508

        The math was slightly off here, and we wound up trying to access an 
        array at index -1 in some cases. We need to decrement numberShadow 
        rather than subtracting one from the result of the modulo 
        operation.

        * rendering/RenderListMarker.cpp:
        (WebCore::toAlphabeticOrNumeric):

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59897.

    2010-05-20  Adam Roben  <aroben@apple.com>

        Stop leaking all CACFContexts

        Fixes <http://webkit.org/b/39466> <rdar://problem/8007141>.

        Reviewed by Simon Fraser.

        * platform/graphics/win/WKCACFContextFlusher.cpp:
        (WebCore::WKCACFContextFlusher::addContext): Only retain the context
        when we first add it to the m_contexts set. Otherwise we'll retain the
        same context multiple times, causing it to leak.

2010-05-21  Mark Rowe  <mrowe@apple.com>

        Merge r59962.

    2010-05-21  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Avoid creating huge tiled layers with accelerated compositing
        https://bugs.webkit.org/show_bug.cgi?id=39515
        
        Constrain the size of huge composited layers, to avoid bad behavior. We only
        need to do this if we detect that we need a tiled layer, since we'll make tiled
        layers for elements over a certain size that need to draw already.
        
        Constrain the size by attempting to shrink the longer dimension first.

        Test: compositing/geometry/huge-layer.html

        * platform/graphics/mac/GraphicsLayerCA.h:
        * platform/graphics/mac/GraphicsLayerCA.mm:
        (WebCore::GraphicsLayerCA::updateLayerPosition):
        (WebCore::GraphicsLayerCA::updateLayerSize):
        (WebCore::GraphicsLayerCA::constrainedSize):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59876.

    2010-05-20  Dan Bernstein  <mitz@apple.com>

        Reviewed by Dave Hyatt.

        <rdar://problem/8007953> Textarea using custom font appears blank

        Test: fast/css/font-face-in-shadow-DOM.html

        When a remote font is loaded, CSSFontSelector forces a style recalc, which replaces all
        RenderSyles that have FontFallbackLists referencing the placeholder font with fresh
        RenderStyles. However, it does not descend into shadow DOM trees, so those may end up with
        styles that still reference the placeholder font.

        The fix is to add RenderObject::requiresForcedStyleRecalcPropagation() and have it return
        true from renderers that maintain shadow DOM trees or otherwise keep their own RenderStyles.

        * dom/Element.cpp:
        (WebCore::Element::recalcStyle): Check if forced style recalc needs to propagated.
        * rendering/RenderButton.h:
        (WebCore::RenderButton::requiresForcedStyleRecalcPropagation):
        * rendering/RenderDataGrid.h:
        (WebCore::RenderDataGrid::requiresForcedStyleRecalcPropagation):
        * rendering/RenderFileUploadControl.h:
        (WebCore::RenderFileUploadControl::requiresForcedStyleRecalcPropagation):
        * rendering/RenderListItem.h:
        (WebCore::RenderListItem::requiresForcedStyleRecalcPropagation):
        * rendering/RenderMedia.h:
        (WebCore::RenderMedia::requiresForcedStyleRecalcPropagation):
        * rendering/RenderMenuList.h:
        (WebCore::RenderMenuList::RenderMenuList::requiresForcedStyleRecalcPropagation):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::requiresForcedStyleRecalcPropagation):
        * rendering/RenderProgress.h:
        (WebCore::RenderProgress::requiresForcedStyleRecalcPropagation):
        * rendering/RenderSlider.h:
        (WebCore::RenderSlider::requiresForcedStyleRecalcPropagation):
        * rendering/RenderTextControl.h:
        (WebCore::RenderTextControl::requiresForcedStyleRecalcPropagation):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59853.

    2010-05-20  Adam Roben  <aroben@apple.com>

        Fix a CFData leak in MediaPlayerPrivateQuickTimeVisualContext

        Fixes <http://webkit.org/b/39432> <rdar://problem/8008992>

        Reviewed by Ada Chan

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::QTCFDictionaryCreateWithDataCallback): Use a RetainPtr to
        hold the CFData we allocate so it will get released when this function
        is exited. Also pass kCFAllocatorNull as the bytes deallocator to
        CFDataCreateWithBytesNoCopy so that CF doesn't try to deallocate the
        bytes we pass to it.

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59873.

    2010-05-20  Jer Noble  <jer.noble@apple.com>

        No review; build fix only.

        When WTF_USE_ACCELERATED_COMPOSITING is turned off, MediaPlayerPrivateQuickTimeVisualContext.cpp
        must include CoreGraphics/CGContext.h.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59871.

    2010-05-20  Jer Noble  <jer.noble@apple.com>

        Reviewed by Sam Weinig.

        Video elements show no video on Windows machines that do not support accelerated compositing
        https://bugs.webkit.org/show_bug.cgi?id=39446
        rdar://problem/7999794

        Implement the paint() method in MediaPlayerPrivateQuickTimeVisualContext.  The visual context should
        be set up in load() and torn down in the destructor (as opposed to setUpVideoRendering and 
        tearDownVideoRendering, which won't get called in a non-accelerated compositing case).
        
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::~MediaPlayerPrivateQuickTimeVisualContext):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::load):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::paint):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::visualContextTimerFired):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::retrieveCurrentImage):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::setUpVideoRendering):
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::tearDownVideoRendering):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59854.

    2010-05-20  Adam Roben  <aroben@apple.com>

        Remove code that fetched, but did nothing useful with, a CFDictionary
        in MediaPlayerPrivateQuickTimeVisualContext

        I also removed the code in QTPixelBuffer that vended the dictionary.

        Fixes <http://webkit.org/b/39435> <rdar://problem/8009278>
        QTPixelBuffer passes CFDictionaries across the DLL boundary, which can
        lead to crashes

        Reviewed by Darin Adler.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::retrieveCurrentImage):
        Deleted code that fetched the attachments dictionary, which was never
        used other than to pass it to CFRetain/CFRelease, which could be
        enough to cause a crash due to incompatible copies of
        CoreFoundation.dll.

        * platform/graphics/win/QTMovieVisualContext.h: Added a now-needed
        forward declaration.

        * platform/graphics/win/QTPixelBuffer.cpp:
        * platform/graphics/win/QTPixelBuffer.h:
        Removed the now-unused attachments function.

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59864.

    2010-05-20  Adam Roben  <aroben@apple.com>

        Fix an HRGN leak in WKCACFLayerRenderer

        Fixes <http://webkit.org/b/39312> <rdar://problem/7998728> REGRESSION
        (r53686-r55990): Graphics corruption when watching video (affects
        youtube.com)

        Reviewed by Darin Adler.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::getDirtyRects): Use an OwnPtr to hold the HRGN we allocate.
        That way we don't have to remember to destroy it (as we were
        forgetting to do) when we bail out of this function early.

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59795.

    2010-05-19  Abhishek Arya  <inferno@chromium.org>

        Reviewed by David Hyatt.

        Check that the node is a text node before doing a static cast
        to a Text class pointer.
        https://bugs.webkit.org/show_bug.cgi?id=38626    

        Test: fast/text/text-transform-nontext-node-crash.xhtml

        * rendering/RenderText.cpp:
        (WebCore::RenderText::originalText):
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::originalText):
        (WebCore::RenderTextFragment::previousCharacter):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59859.

    2010-05-20  Marcus Bulach  <bulach@chromium.org>

        Reviewed by Steve Block.

        Ensure timers are stopped on Geolocation::disconnectFrame()
        https://bugs.webkit.org/show_bug.cgi?id=39388

        fast/dom/Geolocation/notimer-after-unload.html, plus it should be possible to re-enable Gtk LayoutTests.

        * page/Geolocation.cpp:
        (WebCore::Geolocation::disconnectFrame):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59732.

    2010-05-18  Sam Weinig  <sam@webkit.org>

        Fix release build.

        * dom/Attribute.cpp:
        (WebCore::Attribute::unbindAttr):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59731.

    2010-05-18  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Move Attr pointer from Attribute to a global HashMap.
        https://bugs.webkit.org/show_bug.cgi?id=39337
        <rdar://problem/8001168>

        Shaves another word off of Attribute.

        * dom/Attr.cpp:
        (WebCore::Attr::Attr):
        (WebCore::Attr::~Attr):
        * dom/Attribute.cpp:
        (WebCore::attributeAttrMap):
        (WebCore::Attribute::attr):
        (WebCore::Attribute::createAttrIfNeeded):
        (WebCore::Attribute::bindAttr):
        (WebCore::Attribute::unbindAttr):
        * dom/Attribute.h:
        (WebCore::Attribute::Attribute):

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59776.

    2010-05-19  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Move member variables from NamedMappedAttrMap to its base class NamedNodeMap
        https://bugs.webkit.org/show_bug.cgi?id=39367
        <rdar://problem/8003304>

        This lets us get rid of the vtable pointer in NamedNodeMap which saves 8 bytes, and also allows us to
        fit the m_mappedAttributeCount unsigned int in the RefCounted padding (in 64-bit).
        
        The net result is that we shrink the NamedMappedAttrMap size by 16 bytes, while keeping the size of NamedNodeMap the same.

        * dom/Element.cpp:
        (WebCore::Element::createAttributeMap):
        * dom/Element.h:
        * dom/NamedMappedAttrMap.cpp:
        * dom/NamedMappedAttrMap.h:
        (WebCore::NamedMappedAttrMap::NamedMappedAttrMap):
        * dom/NamedNodeMap.cpp:
        (WebCore::NamedNodeMap::clearAttributes):
        * dom/NamedNodeMap.h:
        (WebCore::NamedNodeMap::NamedNodeMap):
        * dom/Node.cpp:
        (WebCore::Node::dumpStatistics):
        * dom/StyledElement.cpp:
        * dom/StyledElement.h:

2010-05-20  Mark Rowe  <mrowe@apple.com>

        Merge r59677.

    2010-05-17  Sam Weinig  <sam@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=39258
        Remove NamedAttrMap residual gunk

        Replace NamedAttrMap.h/cpp with NamedNodeMap.h/cpp which was the class
        it contained.

        * CMakeLists.txt:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/v8/custom/V8NamedNodesCollection.cpp:
        * dom/NamedAttrMap.cpp: Removed.
        * dom/NamedAttrMap.h: Removed.
        * dom/NamedNodeMap.cpp: Copied from dom/NamedAttrMap.cpp.
        * dom/NamedNodeMap.h: Replaced with dom/NamedAttrMap.h.
        * editing/ReplaceNodeWithSpanCommand.cpp:
        * platform/chromium/ClipboardChromium.cpp:

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59719.

    2010-05-18  Brady Eidson  <beidson@apple.com>

        Reviewed by Maciej Stachowiak.

        Repro crash with many Google image search results
        <rdar://problem/7685669> and https://bugs.webkit.org/show_bug.cgi?id=39323

        When an iframe has a plugin resource as its src, that case bypassed the plugin sandboxing checks and continued to load
        the data for the plugin resource. It handed that data off to a nonexistent Widget, causing a null deref and the crash.

        By replacing PluginDocuments in sandboxes iframes with a new "SinkDocument" that just acts as a data sink, we prevent the
        crash and also prevent actually loading the plugin binaries.

        I filed https://bugs.webkit.org/show_bug.cgi?id=39330 to follow up and let us cancel the load as soon as we know we should.

        Test: fast/loader/sandboxed-plugin-crash.html

        * CMakeLists.txt:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:

        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::begin): If the created document is a PluginDocument and the plugin sandbox flag is set,
          replace it with a SinkDocument.

        * loader/PluginDocument.h:
        (WebCore::PluginDocument::isPluginDocument): Make public (it was already public at the Document.h level).

        Add a simple document/tokenizer pair that simply presents a blank HTML document and acts as a data sink for whatever
        data is handed to it:
        * loader/SinkDocument.cpp: Added.
        (WebCore::SinkTokenizer::SinkTokenizer):
        (WebCore::SinkTokenizer::write):
        (WebCore::SinkTokenizer::isWaitingForScripts):
        (WebCore::SinkTokenizer::wantsRawData):
        (WebCore::SinkTokenizer::writeRawData):
        (WebCore::SinkTokenizer::stopParsing):
        (WebCore::SinkTokenizer::finish):
        (WebCore::SinkDocument::SinkDocument):
        (WebCore::SinkDocument::createTokenizer):
        * loader/SinkDocument.h: Added.
        (WebCore::SinkDocument::create):

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59674.

    2010-05-18  Brady Eidson  <beidson@apple.com>

        Reviewed by Eric Carlson.

        <rdar://problem/7993468> REGRESSION (r58586): Audio doesn't play on first click of play button at NPR.org

        NPR swallows the first mouse click on the play button, calls load() on the element, then waits for the
        canplay event to come in before calling play itself.

        After the site specific hack added in r58586, we disallowed play() from within the canplay event handler.
        By tracking whether a load() was triggered by a user gesture, we can differentiate between the original
        canplay event that we meant to ignore and the one resulting from the first mouse click which we want to honor.
        
        No new tests. (Currently no way to test such site specific hack behavior)

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::load): Set the m_loadInitiatedByUserGesture flag
        (WebCore::HTMLMediaElement::play): Only apply the site specific hack if the load wasn't initiated by a user gesture.
        * html/HTMLMediaElement.h:

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59684.

    2010-05-18  Adam Roben  <aroben@apple.com>

        Make accelerated compositing work on machines that don't support
        hardware vertex processing

        Fixes <http://webkit.org/b/39299> <rdar://problem/7997692> Accelerated
        compositing on Windows doesn't work on machines that don't support
        hardware vertex processing, but should

        Reviewed by Eric Carlson.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::createRenderer): Query the device
        capabilities to decide whether to request hardware or software vertex
        processing.

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59683.

    2010-05-18  Adam Roben  <aroben@apple.com>

        Make WKCACFLayerRenderer robust against temporary failure of
        Direct3DCreate9 and IDirect3D9::CreateDevice

        For a short time after waking from sleep, Direct3DCreate9() will
        return an IDirect3D9 for which IDirect3D9::CreateDevice will always
        fail. Also during this time period, IDirect3D9::CreateDevice
        will fail even for non-bad IDirect3D9s. (It will later start
        succeeding.) WKCACFLayerRenderer now works around this behavior by
        detecting when it might be in this situation and calling these
        functions again later.

        Fixes <http://webkit.org/b/39297> <rdar://problem/7997431> WebView
        doesn't repaint until page reloads when page using hardware
        acceleration loads just after waking from sleep

        Reviewed by John Sullivan.

        * manual-tests/crash-and-no-repaint-after-wake-from-sleep.html:
        Renamed from WebCore/manual-tests/crash-after-wake-from-sleep.html.
        Modified to also include instructions for reproducing this bug.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::WKCACFLayerRenderer): Replaced
        m_triedToCreateD3DRenderer with m_mightBeAbleToCreateDeviceLater. The
        new member is initialized to true, since we haven't even tried to
        create a device once yet.
        (WebCore::WKCACFLayerRenderer::createRenderer): If we already have a
        D3D device, or we don't have one and are sure that we won't be able to
        create one later, just return the previously-created device, if any.
        We assume that we won't be able to create a device later if this
        function fails, unless the function fails due to CreateDevice failing.
        As noted above, CreateDevice will sometimes temporarily fail and then
        later start working again. When CreateDevice fails, we also assume
        that we might have a bad IDirect3D9, so we get rid of the one we have
        so a new (and hopefully non-bad) one will be allocated later.
        (WebCore::WKCACFLayerRenderer::destroyRenderer): Reset
        m_mightBeAbleToCreateDeviceLater to true, since we no longer have a
        device.
        (WebCore::WKCACFLayerRenderer::paint): Before trying to paint, try to
        create our D3D device and renderer. If this fails, we bail out, but if
        we think we might be able to create a device later we schedule another
        paint (via renderSoon()) so that we'll try again soon.

        * platform/graphics/win/WKCACFLayerRenderer.h: Replaced
        m_triedToCreateD3DRenderer with m_mightBeAbleToCreateDeviceLater.

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59682.

    2010-05-18  Adam Roben  <aroben@apple.com>

        Fix a crash when a page that uses accelerated compositing loads soon
        after the computer wakes from sleep

        The set-up:

        For a short time after waking from sleep, IDirect3D9::CreateDevice
        will fail. This caused WKCACFLayerRenderer::createRenderer to fail,
        and meant that WKCACFLayerRenderer never allocated a root layer.
        WebView wouldn't notice that createRenderer failed, and would go ahead
        and try to use the root layer anyway, resulting in a crash.

        The fix:

        We now allocate the root layer (and all the other members of
        WKCACFLayerRenderer that aren't dependent on having an
        IDirect3DDevice9) in WKCACFLayerRenderer's constructor. This way the
        layers will always be present, even when creating the D3D device
        fails.

        There are two remaining problems:
          1) This results in slightly more memory usage in the case where
             CreateDevice fails.
          2) Once we get into this bad state, the WebView doesn't repaint
             until we navigate somewhere else.

        (2) is covered by
        <http://webkit.org/b/39297>/<rdar://problem/7997431>. We'll fix it by
        retrying CreateDevice later in hopes that it will succeed after more
        time has passed. This will in turn fix (1). (We should never end up in
        a case where CreateDevice fails forever because we already did some
        preliminary checks in acceleratedCompositingAvailable().)

        Fixes <http://webkit.org/b/39295> <rdar://problem/7971319> Crash
        (preceded by assertion) in WKCACFLayerRenderer::setNeedsDisplay when
        computer wakes from sleep on particular page

        Reviewed by John Sullivan.

        * manual-tests/crash-after-wake-from-sleep.html: Added. This
        is the Poster Circle demo from webkit.org/blog, but modified to
        automatically reload every 5 seconds and with instructions to put the
        computer to sleep and wake it up again.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::WKCACFLayerRenderer): Moved code to
        initialize m_context, m_renderContext, and m_*Layer here...
        (WebCore::WKCACFLayerRenderer::createRenderer): ...from here.

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59724.

    2010-05-18  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Move all member variables from MappedAttribute to Attribute.
        https://bugs.webkit.org/show_bug.cgi?id=39336
        <rdar://problem/8000853>

        This saves one word because we no longer have any virtual member functions in Attribute, and
        thus no vtable pointer.
        
        I plan to remove MappedAttribute altogether in a subsequent commit.

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::styleForElement):
        * dom/Attribute.cpp:
        (WebCore::Attribute::clone):
        * dom/Attribute.h:
        (WebCore::Attribute::create):
        (WebCore::Attribute::style):
        (WebCore::Attribute::decl):
        (WebCore::Attribute::setDecl):
        (WebCore::Attribute::isMappedAttribute):
        (WebCore::Attribute::Attribute):
        * dom/MappedAttribute.cpp: Removed.
        * dom/MappedAttribute.h:
        (WebCore::MappedAttribute::create):
        (WebCore::MappedAttribute::MappedAttribute):
        (WebCore::toMappedAttribute):
        * dom/NamedMappedAttrMap.cpp:
        (WebCore::NamedMappedAttrMap::declCount):
        (WebCore::NamedMappedAttrMap::mapsEquivalent):
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::attributeChanged):
        * svg/SVGSVGElement.cpp:
        (WebCore::updateCSSForAttribute):
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::getPresentationAttribute):

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59716.

    2010-05-18  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=39321
        Reduce the size of ListHashSets used by Document
        <rdar://problem/7999388>

        Reduce Membuster peak memory usage by ~450K by reducing the pool sizes
        of the ListHashSets used by Document.

        * dom/Document.cpp:
        (WebCore::Document::addStyleSheetCandidateNode):
        (WebCore::Document::recalcStyleSelector):
        * dom/Document.h:

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59680.

    2010-05-18  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Allocate the m_preloads list hash set dynamically and free it when done.
        https://bugs.webkit.org/show_bug.cgi?id=39309
        <rdar://problem/7998495>

        This saves about 6000 bytes on a fully loaded document.

        * loader/DocLoader.cpp:
        (WebCore::DocLoader::requestPreload):
        (WebCore::DocLoader::clearPreloads):
        * loader/DocLoader.h:

2010-05-19  Mark Rowe  <mrowe@apple.com>

        Merge r59678.

    2010-05-18  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add an inlineCapacity template parameter to ListHashSet and use it to shrink the positioned object list hash set.
        https://bugs.webkit.org/show_bug.cgi?id=39304
        <rdar://problem/7998366>

        Set the inlineCapacity for the positionedObjects ListHashSet to 4 instead of 256. Since a RenderBlock usually has 
        few positioned objects, this saves memory.

        * WebCore.base.exp:
        * rendering/RenderBlock.cpp:
        (WebCore::clipOutPositionedObjects):
        (WebCore::RenderBlock::insertPositionedObject):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::positionedObjects):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59556.

    2010-05-14  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=39048
        <rdar://problem/7978384> REGRESSION (r55802): XML errors on Google maps ("Entity 'nbsp' not
        defined") with JavaScript disabled

        Google Maps goes into mobile mode if JavaScript is disabled for some reason, and sends XHTML
        content with XHTML Mobile DOCTYPE. We want to handle it whether XHTMLMP is enabled or not.

        Test: fast/doctypes/xhtml-with-xhtmlmp-doctype.xhtml

        * dom/XMLTokenizerLibxml2.cpp: (WebCore::externalSubsetHandler): Restore pre-55802 behavior
        for builds that don't have XHTMLMP enabled. Given that r55802 negated the condition without
        breaking XHTMLMP, this line is actually always needed.

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59495.

    2010-05-14  Abhishek Arya  <inferno@chromium.org>

        Reviewed by David Hyatt.

        Move the m_width(Length) and m_columns(RenderTable::ColumnStruct)
        vector out-of-bounds check out of the ASSERT into the main code.
        https://bugs.webkit.org/show_bug.cgi?id=38261

        Test: fast/table/fixed-table-layout-large-colspan-crash.html

        * rendering/FixedTableLayout.cpp:
        (WebCore::FixedTableLayout::calcWidthArray):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59576.

    2010-05-15  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Maciej Stachowiak.

        Reduce the size of CachedResource
        https://bugs.webkit.org/show_bug.cgi?id=39171

        Make protected data members of CachedResource private, to allow for
        easier rearrangement, and hide the fact that enums are in bitfields.
        
        Rearrange the data members of CachedResource to save 32 bytes per instance
        in 64-bit. Also modernized the constructor code.

        * loader/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::didAddClient):
        (WebCore::CachedCSSStyleSheet::data):
        (WebCore::CachedCSSStyleSheet::checkNotify):
        (WebCore::CachedCSSStyleSheet::error):
        * loader/CachedFont.cpp:
        (WebCore::CachedFont::load):
        (WebCore::CachedFont::didAddClient):
        (WebCore::CachedFont::data):
        (WebCore::CachedFont::ensureCustomFontData):
        (WebCore::CachedFont::ensureSVGFontData):
        (WebCore::CachedFont::checkNotify):
        (WebCore::CachedFont::error):
        * loader/CachedImage.cpp:
        (WebCore::CachedImage::CachedImage):
        (WebCore::CachedImage::load):
        (WebCore::CachedImage::didAddClient):
        (WebCore::CachedImage::allClientsRemoved):
        (WebCore::CachedImage::image):
        (WebCore::CachedImage::data):
        (WebCore::CachedImage::error):
        (WebCore::CachedImage::checkNotify):
        (WebCore::CachedImage::destroyDecodedData):
        * loader/CachedImage.h:
        (WebCore::CachedImage::stillNeedsLoad):
        * loader/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        * loader/CachedResource.h:
        (WebCore::CachedResource::type):
        (WebCore::CachedResource::preloadResult):
        (WebCore::CachedResource::status):
        (WebCore::CachedResource::setStatus):
        (WebCore::CachedResource::isLoaded):
        (WebCore::CachedResource::isLoading):
        (WebCore::CachedResource::setErrorOccurred):
        * loader/CachedScript.cpp:
        (WebCore::CachedScript::didAddClient):
        (WebCore::CachedScript::data):
        (WebCore::CachedScript::checkNotify):
        (WebCore::CachedScript::error):
        * loader/CachedXSLStyleSheet.cpp:
        (WebCore::CachedXSLStyleSheet::didAddClient):
        (WebCore::CachedXSLStyleSheet::data):
        (WebCore::CachedXSLStyleSheet::checkNotify):
        (WebCore::CachedXSLStyleSheet::error):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59486.

    2010-05-14  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Brady Eidson.

        https://bugs.webkit.org/show_bug.cgi?id=39008
        <rdar://problem/7976142> REGRESSION (r58950): Webkit crashes on clicking back button when in Hotmail

        Test: fast/parser/tokenizer-close-during-document-write.html

        * dom/Document.cpp: (WebCore::Document::write): Check that the tokenizer is still around
        after calling write(). It can become null (as it happens in regression test), and I don't
        see any guarantee that it would never be replaced with a different one (but I can't make a
        test for that).

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59577.

    2010-05-16  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson.

        Shrink SimpleFontData
        https://bugs.webkit.org/show_bug.cgi?id=39179

        Change SimpleFontData to have a pointer to the m_glyphToBoundsMap, 
        and to allocate this lazily. This reduces the size of the class from
        5632 to 1536 bytes.

        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::boundsForGlyph):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59610.

    2010-05-15  Adam Roben  <aroben@apple.com>

        Periodically try to reset a lost IDirect3DDevice9 until we succeed

        This is how MSDN says we must respond to a lost device (see
        <http://msdn.microsoft.com/en-us/library/bb174714(v=VS.85).aspx>).

        Only testable by a manual test, unfortunately.

        Fixes <rdar://problem/7986906> <http://webkit.org/b/39139> Pages that
        use hardware acceleration don't repaint after waking computer from
        sleep

        Reviewed by John Sullivan.

        * manual-tests/no-repaint-after-wake-from-sleep.html: Added. This is
        the Poster Circle demo from webkit.org/blog, but with instructions for
        putting the computer to sleep and waking it up again.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::WKCACFLayerRenderer): Initialize new
        member that tells us whether we need to try to reset the device before
        rendering.
        (WebCore::WKCACFLayerRenderer::resize): Changed to tell resetDevice
        the reason why the device needs to be reset (which is because the
        window's size has changed).
        (WebCore::WKCACFLayerRenderer::render): Before we do anything else,
        check if we need to reset the device before rendering. If we do, try
        to reset it. If that fails, bail out and set a timer to try again
        later. If we discover that the device is lost when calling
        IDirect3DDevice9::Present and resetting the device fails, bail out and
        set a timer to try again later.
        (WebCore::WKCACFLayerRenderer::resetDevice): Changed to return a
        boolean indicating whether resetting succeeded or not. Added a
        ResetReason parameter so callers can specify whey the device needs to
        be reset. Before trying to do anything, we call
        IDirect3DDevice9::TestCooperativeLevel to find out whether the device
        can be reset currently. If it can't, we set a flag to tell ourselves
        that the device must be reset before we next render, and indicate to
        the caller that the reset failed. If we thought the device was lost
        but it turns out not to be, we don't have to do anything and can tell
        the caller that the reset succeeded. Otherwise we go ahead and reset
        the device as before, and indicate to the caller that the reset
        succeeded.

        * platform/graphics/win/WKCACFLayerRenderer.h: Changed resetDevice to
        return a boolean and take a ResetReason parameter. Added a comment
        about when and why this function should be called. And added
        m_mustResetLostDeviceBeforeRendering.

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59609.

    2010-05-15  Adam Roben  <aroben@apple.com>

        Call CARenderOGLPurge whenever we call IDirect3DDevice9::Reset

        MSDN says that all resoures allocated with D3DPOOL_DEFAULT must be
        destroyed before calling IDirect3DDevice9::Reset. The only way to
        guarantee this with Core Animation is to call CARenderOGLPurge.

        Unfortunately this isn't testable at the moment, as we don't use any
        features of Core Animation (e.g., mask layers) that actually make this
        required. But it seems like a good idea to fix the code now so that
        if/when we do start using those features we won't run into problems.

        Fixes <http://webkit.org/b/39159> WKCACFLayerRenderer::resetDevice
        might fail due to failing to destroy all D3DPOOL_DEFAULT resources

        Reviewed by John Sullivan.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::render): Moved the call to
        CARenderOGLPurge from here...
        (WebCore::WKCACFLayerRenderer::resetDevice): ...to here, so that it
        will be called whenever we reset the device (e.g., when resizing the
        window).

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59516.

    2010-05-14  Adele Peterson  <adele@apple.com>

        Reviewed by Dave Hyatt.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=39095 
        <rdar://problem/7984158> REGRESSION (r53085): Infinite recursion in Position::getInlineBoxAndOffset when changing writing direction to right-to-left

        Test: editing/selection/applystyle-to-inline-inside-block.html

        * dom/Position.cpp: (WebCore::Position::getInlineBoxAndOffset): Now that this function correctly goes in and out of editable areas by calling
        downstreamIgnoringEditingBoundaries and upstreamIgnoringEditingBoundaries for blocks (added in r58665), we no longer need a special case to 
        jump out to the parent when we hit an inline (which was added in r53085 when this issue was introduced).

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59443.

    2010-05-13  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        iframes in compositing layers don't redraw correctly on scrolling
        https://bugs.webkit.org/show_bug.cgi?id=39096

        When an iframe ends up in a compositing layer (that is painting to its backing store), we need
        to turn off blitting on scrolling. RenderView::paintBoxDecorations() already has code to do this
        for transformed frames, so do the same thing when the frame is enclosed in a compositing layer.

        Test: compositing/iframes/iframe-copy-on-scroll.html

        * rendering/RenderView.cpp:
        (WebCore::RenderView::paintBoxDecorations):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59390.

    2010-05-13  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Can't submit a form with <input type=checkbox required>
        https://bugs.webkit.org/show_bug.cgi?id=39065

        Test: fast/forms/interactive-validation-required-checkbox.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setChecked):
          Update the validity cache when a checkbox state is changed.

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59591.

    2010-05-13  Tony Chang  <tony@chromium.org>

        Reviewed by Darin Adler.

        REGRESSION: Crash by pasting to a textarea with white-space:nowrap
        https://bugs.webkit.org/show_bug.cgi?id=38992

        Test: editing/pasteboard/paste-plaintext-nowrap.html

        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::highestVisuallyEquivalentDivBelowRoot):
        (WebCore::InsertParagraphSeparatorCommand::doApply):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59629.

    2010-05-17  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=39247
        <rdar://problem/7994707>
        Move rarely used data members to the rare structures, thus saving memory.

        Move rarely used member variables from StyleInheritedData and StyleVisualData to
        StyleRareInheritedData and StyleRareNonInheritedData, namely:

        indent, cursorData, m_effectiveZoom, widows and orphans move from StyleInheritedData to StyleRareInheritedData.
        m_counterIncrement and m_counterReset move from StyleVisualData to StyleRareNonInheritedData.

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::diff):
        (WebCore::RenderStyle::addCursor):
        (WebCore::RenderStyle::setCursorList):
        (WebCore::RenderStyle::clearCursorList):
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::textIndent):
        (WebCore::InheritedFlags::effectiveZoom):
        (WebCore::InheritedFlags::counterIncrement):
        (WebCore::InheritedFlags::counterReset):
        (WebCore::InheritedFlags::cursors):
        (WebCore::InheritedFlags::widows):
        (WebCore::InheritedFlags::orphans):
        (WebCore::InheritedFlags::setTextIndent):
        (WebCore::InheritedFlags::setEffectiveZoom):
        (WebCore::InheritedFlags::setCounterIncrement):
        (WebCore::InheritedFlags::setCounterReset):
        (WebCore::InheritedFlags::setWidows):
        (WebCore::InheritedFlags::setOrphans):
        * rendering/style/StyleInheritedData.cpp:
        (WebCore::StyleInheritedData::StyleInheritedData):
        (WebCore::StyleInheritedData::operator==):
        * rendering/style/StyleInheritedData.h:
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::cursorDataEquivalent):
        (WebCore::StyleRareInheritedData::operator==):
        * rendering/style/StyleRareInheritedData.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:
        * rendering/style/StyleVisualData.cpp:
        (WebCore::StyleVisualData::StyleVisualData):
        * rendering/style/StyleVisualData.h:
        (WebCore::StyleVisualData::operator==):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59583.

    2010-05-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=39190
        Shave a word off of GlyphPageTreeNode
        <rdar://problem/7990428>

        * platform/graphics/GlyphPageTreeNode.h:
        (WebCore::GlyphPageTreeNode::GlyphPageTreeNode):

2010-05-18  Mark Rowe  <mrowe@apple.com>

        Merge r59514.

    2010-05-14  Stephanie Lewis  <slewis@apple.com>

        Rubber-stamped by Mark Rowe.

        Update order files.

        * WebCore.order:

2010-05-17  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/7987585> Disable SVG filters.

        * Configurations/FeatureDefines.xcconfig:

2010-05-17  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/7987743> Disable Blob.slice.

        * Configurations/FeatureDefines.xcconfig:

2010-05-17  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/7987750> Disable progress element.

        * Configurations/FeatureDefines.xcconfig:

2010-05-14  Steve Falkenburg  <sfalken@apple.com>

        Merge r59515

    2010-05-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Mark Rowe.

        Hopefully a last fix for the build. Call -mkdir instead of mkdir, so we don't bail if the mkdir call fails. Additionally,
        use the %Env% syntax instead of $(Env), which is what we need if we are referring to Windows environment variables instead
        of nmake variables.
        
        * WebCore.vcproj/WebCore.make:

2010-05-14  Mark Rowe  <mrowe@apple.com>

        Merge r59505.

    2010-05-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Mark Rowe.

        Build fix. Had the environment variables wrong for source and destination of the copy operation
        that was added.

        * WebCore.vcproj/WebCore.make:

2010-05-14  Mark Rowe  <mrowe@apple.com>

        Merge r59481.

    2010-05-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Adam Roben.

        Build fix, we need to copy over the files in $(WebKitOutputDir)/include/JavaScriptCore/private before
        WebCore builds. This is because we are building a couple WTF files in WebCore and JavaScriptCore.

        * WebCore.vcproj/WebCore.make: 

2010-05-14  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/7677994> Disable WebGL

        * Configurations/FeatureDefines.xcconfig:

2010-05-13  Timothy Hatcher  <timothy@apple.com>

        Disable the Audits panel and Workers sidebar in the Web Inspector.

        <rdar://problem/7947035>

        Reviewed by Ada Chan.

        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel): Don't make a workers sidebar pane.
        (WebInspector.ScriptsPanel.prototype.reset): Null check workers sidebar pane.
        * inspector/front-end/Settings.js: Set auditsPanelEnabled to false.
        * inspector/front-end/WorkersSidebarPane.js:
        (WebInspector.didCreateWorker): Null check workers sidebar pane.
        (WebInspector.didDestroyWorker): Ditto.

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59418.

    2010-05-13  Timothy Hatcher  <timothy@apple.com>

        Expose WebCore::reportException and WebCore::toJSDOMWindow symbols.

        Reviewed by Sam Weinig.

        * WebCore.base.exp: Expose reportException and toJSDOMWindow.

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59330.

    2010-05-12  Anders Carlsson  <andersca@apple.com>

        Reviewed by Simon Fraser.

        Shrink the size of FillLayer by moving a member variable.
        https://bugs.webkit.org/show_bug.cgi?id=39035

        * rendering/style/FillLayer.cpp:
        (WebCore::FillLayer::FillLayer):
        * rendering/style/FillLayer.h:

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59387.

    2010-05-13  David Hyatt  <hyatt@apple.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=39084

        Improve :visited style resolution to reduce its memory footprint and to make some speed adjustments and
        simplifications.

        (1) Tie the caching of link state on CSSStyleSelector to the element.  Just clear out the element when
        style resolution finishes for the unvisited case to avoid caching across external calls.  The internal
        calls share the cache just fine by doing this.

        (2) Delete the RenderStyle if the link is unvisited.  This shouldn't take long enough to make us vulnerable
        to timing attacks, and it makes sure the overall footprint stays the way it used to be for unvisited links.

        (3) Limit the set of properties that can be applied to :visited links to only the colors it supports.  This
        stops images from being loadable from :visited rules.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::init):
        (WebCore::CSSStyleSelector::SelectorChecker::determineLinkState):
        (WebCore::CSSStyleSelector::initElement):
        (WebCore::CSSStyleSelector::canShareStyleWithElement):
        (WebCore::CSSStyleSelector::styleForElement):
        (WebCore::CSSStyleSelector::pseudoStyleForElement):
        (WebCore::isValidVisitedLinkProperty):
        (WebCore::CSSStyleSelector::applyProperty):
        * css/CSSStyleSelector.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::colorIncludingFallback):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59417.

    2010-05-13  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Clearing Breakpoints Too Often
        https://bugs.webkit.org/show_bug.cgi?id=39094

        Minor resets should preserve both workers and breakpoints.

        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.reset):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59281.

    2010-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        A bunch of nice micro-optimizations for ~1% speedup on PLT.
        - Add fastGetAttribute. The same as getAttribute except can only be
          called when it is known not to be style attribute or one of the SVG
          animatable attributes.
        - Inline some functions from Font.
        - Return the same string from deprecatedParseURL if there is nothing
          to strip.
        - Use a member variable instead of a virtual function to determine 
          whether a ScheduledNavigation is a location change.

        * WebCore.base.exp:
        * css/CSSHelper.cpp:
        (WebCore::deprecatedParseURL):
        * css/CSSStyleSelector.cpp:
        (WebCore::linkAttribute):
        (WebCore::CSSStyleSelector::canShareStyleWithElement):
        (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector):
        * dom/Element.cpp:
        (WebCore::Element::getAttribute):
        * dom/Element.h:
        (WebCore::Element::fastHasAttribute):
        (WebCore::Element::fastGetAttribute):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::formControlName):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::value):
        * loader/RedirectScheduler.cpp:
        (WebCore::ScheduledNavigation::ScheduledNavigation):
        (WebCore::ScheduledNavigation::isLocationChange):
        (WebCore::ScheduledURLNavigation::ScheduledURLNavigation):
        (WebCore::ScheduledRedirect::ScheduledRedirect):
        (WebCore::ScheduledLocationChange::ScheduledLocationChange):
        (WebCore::ScheduledRefresh::ScheduledRefresh):
        (WebCore::ScheduledHistoryNavigation::ScheduledHistoryNavigation):
        (WebCore::ScheduledFormSubmission::ScheduledFormSubmission):
        (WebCore::RedirectScheduler::locationChangePending):
        * platform/graphics/Font.cpp:
        * platform/graphics/Font.h:
        (WebCore::Font::~Font):
        (WebCore::Font::primaryFont):
        (WebCore::Font::fontDataAt):
        (WebCore::Font::fontDataForCharacters):
        (WebCore::Font::isFixedPitch):
        (WebCore::Font::fontSelector):
        * platform/graphics/FontFallbackList.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::imageMap):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59381.

    2010-05-13  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: A disabled style property cannot be deleted.

        https://bugs.webkit.org/show_bug.cgi?id=39057

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::applyStyleText):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59372.

    2010-05-13  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Event Markers should be hidden in Resource's "Size" Graph
        https://bugs.webkit.org/show_bug.cgi?id=39074

        Added Show / Hide event dividers functionality to the timeline grid,
        and included delegation functions in AbstractTimelinePanel.

        * inspector/front-end/AbstractTimelinePanel.js: delegate to the inner grid
        (WebInspector.AbstractTimelinePanel.prototype.hideEventDividers):
        (WebInspector.AbstractTimelinePanel.prototype.showEventDividers):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.populateSidebar): save a reference to the size graph item to know when its selected
        (WebInspector.ResourcesPanel.prototype._graphSelected): if the size graph is selected hide the dividers, otherwise show them
        * inspector/front-end/TimelineGrid.js:
        (WebInspector.TimelineGrid.prototype.hideEventDividers): set the container to display: none
        (WebInspector.TimelineGrid.prototype.showEventDividers): set the container to display: block

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59374.

    2010-05-13  Brady Eidson  <beidson@apple.com>

        Reviewed by John Sullivan.

        Part of <rdar://problem/7965182> and https://bugs.webkit.org/show_bug.cgi?id=38928

        No new tests. (No change in behavior)

        m_unloadEventBeingDispatched was already overloaded to include both unload and pagehide events.
        In general, these are "page dismissal" events, and might also include beforeunload, so let's rename
        the flag!

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::stopLoading):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::pageHidden):
        * loader/FrameLoader.h:

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59384.

    2010-05-13  Brady Eidson  <beidson@apple.com>

        Reviewed by Darin Adler.

        Repro crash at www.sears.com (infinite recursion in beforeunload handler)
        <rdar://problem/7965182> and https://bugs.webkit.org/show_bug.cgi?id=38928

        Test: fast/loader/recursive-before-unload-crash.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::shouldClose): Copied from Frame, with the pageDismissal flag set.
        * loader/FrameLoader.h:

        * page/Frame.cpp:
        (WebCore::Frame::shouldClose): Forward to the new FrameLoader::shouldClose().
        * page/Frame.h:
        (WebCore::Frame::existingDOMWindow):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59351.

    2010-05-12  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Darin Adler.

        Fix Bug 35014 - Modifying UA rules from page JS crashes
        Added a NULL check.
        https://bugs.webkit.org/show_bug.cgi?id=35014

        Test: fast/css/modify-ua-rules-from-javascript.html

        * css/CSSMutableStyleDeclaration.cpp:
        (WebCore::CSSMutableStyleDeclaration::setNeedsStyleRecalc):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59025.

    2010-05-08  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Timothy Hatcher.

        WebInspector: Autocompletion in console is not usable because it is not add to the entered text the common prefix of suggestions.
        As example if you entered $0.getE then getElementByClassName will be suggested as gray text.
        If you press tab then getElementByClassName be suggested again and lementByClassName becomes selected as black text with selection background.
        Really after pressing the TAB the next suggestion should be selected (getElementByTagName) and only flexible part of suggestions should be selected.
        In this case it should be TagName because getElementBy is the common part for all getE prefix suggestions.
        https://bugs.webkit.org/show_bug.cgi?id=38753

        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt.prototype._completionsReady):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r58954.

    2010-05-07  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: On Linux/Windows panel history is
        traversed while iterating over words in text prompt.

        https://bugs.webkit.org/show_bug.cgi?id=38740

        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt):
        * inspector/front-end/inspector.js:
        (WebInspector.documentKeyDown):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59243.

    2010-05-12  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: disabling style property on container breaks styles inspection for given node.

        https://bugs.webkit.org/show_bug.cgi?id=39005

        Tests: inspector/styles-disable-inherited.html
               inspector/styles-disable-then-enable.html

        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylesSidebarPane.prototype._containsInherited):
        (WebInspector.StylesSidebarPane.prototype._arrayContainsInheritedProperty):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59210.

    2010-05-11  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Shorthand Properties Getting Deleted When Editing
        https://bugs.webkit.org/show_bug.cgi?id=38958

        * inspector/front-end/DOMAgent.js:
        (WebInspector.CSSStyleDeclaration.prototype.styleTextWithShorthands): was getting regular values instead of shorthand values

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59232.

    2010-05-12  Jer Noble  <jer.noble@apple.com>

        Reviewed by Darin Adler.
        
        Bug 38689: #34005 will break fullscreen video playback
        https://bugs.webkit.org/show_bug.cgi?id=38689
        
        The PlatformMedia struct now contains a type field indicating which type
        it contains.  The struct now contains a union of all possible return types,
        allowing the type of media returned by MediaPlayerPrivate instances to be
        determined at runtime.

        * platform/graphics/MediaPlayer.h:
        (WebCore::PlatformMedia::):
        (WebCore::):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivate::platformMedia):
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp:
        (WebCore::MediaPlayerPrivateQuickTimeVisualContext::platformMedia):
        * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
        (WebCore::MediaPlayerPrivate::platformMedia):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59239.

    2010-05-12  Beth Dakin  <bdakin@apple.com>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38871 REGRESSION: 
        Crash clicking background NPR tab after few minutes of sitting idle
        -and corresponding-
        <rdar://problem/7941504>

        Move m_mediaCanStartListeners HashSet to Document away from Page.
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::addMediaCanStartListener):
        (WebCore::Document::removeMediaCanStartListener):
        (WebCore::Document::takeAnyMediaCanStartListener):
        * dom/Document.h:
        * page/Page.cpp:
        (WebCore::Page::takeAnyMediaCanStartListener):
        * page/Page.h:
        (WebCore::Page::canStartMedia):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59189.

    2010-05-11  Darin Adler  <darin@apple.com>

        Reviewed by Beth Dakin.

        Another refactoring patch in preparation for a fix to
        https://bugs.webkit.org/show_bug.cgi?id=38871
        REGRESSION: Crash clicking background NPR tab after few minutes of sitting idle

        * dom/Document.cpp:
        (WebCore::Document::addMediaCanStartListener): Added.
        (WebCore::Document::removeMediaCanStartListener): Added.

        * dom/Document.h: Added add/removeMediaCanStartListener.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Call removeMediaCanStartListener
        on the document instead of the page.
        (WebCore::HTMLMediaElement::willMoveToNewOwnerDocument): Call
        removeMediaCanStartListener on the current document.
        (WebCore::HTMLMediaElement::didMoveToNewOwnerDocument): Call
        addMediaCanStartListener on the new document.
        (WebCore::HTMLMediaElement::loadInternal): Call addMediaCanStartListener
        on the document instead of the page.

        * plugins/PluginView.cpp:
        (WebCore::PluginView::startOrAddToUnstartedList): Call addMediaCanStartListener
        on the document instead of the page.
        (WebCore::PluginView::~PluginView): Call removeMediaCanStartListener
        on the document instead of the page, and do it in line instead of calling
        a function.

        * plugins/PluginView.h: Removed unused removeFromUnstartedListIfNecessary.

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59186.

    2010-05-11  Beth Dakin  <bdakin@apple.com>

        Reviewed by Darin Adler.

        Small re-factoring patch in preparation for fixing https://
        bugs.webkit.org/show_bug.cgi?id=38871 REGRESSION: Crash clicking 
        background NPR tab after few minutes of sitting idle

        * page/Page.cpp:
        (WebCore::Page::takeAnyMediaCanStartListener):
        (WebCore::Page::setCanStartMedia):
        * page/Page.h:

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59199.

    2010-05-11  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Maciej Stachowiak.

        Body not redrawn, and filled with garbage on some composited pages
        https://bugs.webkit.org/show_bug.cgi?id=38951
        <rdar://problem/7891548>
        
        When the root layer becomes composited (for example, because a negative z-index
        descendant in its stacking context becomes composited), then it has to be made
        large enough to fill the viewport, because the page background draws into it.

        Test: compositing/geometry/composited-html-size.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::calculateCompositedBounds):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59263.

    2010-05-12  James Robinson  <jamesr@chromium.org>

        Patch by Dan Bernstein.

        Reviewed by David Hyatt.

        Fix marking the layout root's parent as needing layout
        https://bugs.webkit.org/show_bug.cgi?id=37760

        If an element gets marked as needing layout due to the recalcStyle()
        call in FrameView::layout(), the m_layoutSchedulingEnabled flag will
        be set to false.  It's possible at this point that a parent of the
        existing FrameView::m_layoutRoot will be marked as needing layout.

        This patch updates FrameView::scheduleRelayoutOfSubtree to account
        for this case.

        Manual test only due to subtle timing issues.

        * manual-tests/layoutroot_detach.xml: Added.
        * page/FrameView.cpp:
        (WebCore::FrameView::scheduleRelayoutOfSubtree):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59241.

    2010-05-12  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Darin Adler.

        HTML Entity Escape the contents of a textarea node when accessed
        via the innerHTML and outerHTML node properties.
        https://bugs.webkit.org/show_bug.cgi?id=38922

        Test: fast/innerHTML/innerHTML-special-elements.html

        * editing/markup.cpp:
        (WebCore::appendStartMarkup):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59247.

    2010-05-12  David Hyatt  <hyatt@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=38891

        First-letter had a number of bugs that were exposed by my attempt to optimize the setting of styles when updating first-letter.
        The code that drills down to find the first-letter child stopped if it hit an element that didn't need layout.  This means it could
        return random incorrect results (and cause the first-letter object to not be found).

        In addition when the first-letter was floated/positioned, the text child was not correctly returned, but the container itself was
        returned instead.

        Finally, the updating code was leaving the box that wrapped the first letter text with a stale style.  The old code happened to work because
        it made new styles for the text elements instead of using the enclosing box style.  The regression was caused by my change to make the
        text children simply share style with their parent (thus making the bug that the parent had the wrong style become more prominent).

        No new tests, since there's a timing component to reproducing the issue.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::updateFirstLetter):

2010-05-13  Mark Rowe  <mrowe@apple.com>

        Merge r59187.

    2010-05-11  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Steve Falkenburg and Jon Honeycutt.
        Patch by Gavin Barraclough.

        REGRESSION (r57900-57919): 3% PLT Regression from moving strings into WTF.
        https://bugs.webkit.org/show_bug.cgi?id=38930
        <rdar://problem/7937188>
        
        Add the WTF strings into the WebCore vcproj, from their copied location in $(WebKitOutputDir).

        No new tests because no change in behavior.

        * WebCore.vcproj/WebCore.vcproj:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59192.

    2010-05-11  Jer Noble  <jer.noble@apple.com>

        No Review.
        
        Fix the Windows Debug Build: the correct VCProj variable to use when linking against
        JavaScriptCore is $(WebKitDLLConfigSuffix), not $(WebKitConfigSuffix), which expands
        to an empty string rather than "_debug".
        
        * WebCore.vcproj/QTMovieWin.vcproj:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59190.

    2010-05-11  Jer Noble  <jer.noble@apple.com>

        Darin Adler.

        19 media tests are crashing on Windows Release
        https://bugs.webkit.org/show_bug.cgi?id=38950
        rdar://problem/7971658

        Link against JavaScriptCore.lib instead of WTF.lib, so the free and malloc used by 
        QTMovieWin is always the free and malloc in JavaScriptCore.dll.
        
        * WebCore.vcproj/QTMovieWin.vcproj:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59173.

    2010-05-11  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Adler.

        REGRESSION(r58520): Implicit submission on forms with button type="submit" no longer works
        https://bugs.webkit.org/show_bug.cgi?id=38913

        * Widened the check for a successful submit button to include all HTMLFormControlElements.
        * Clarified implicit submission code by:
            - introducing HTMLFormControlElement::canTriggerImplicitSubmission flag,
            - getting rid of static casting and checking for tag names.

        * html/HTMLFormControlElement.h:
        (WebCore::HTMLFormControlElement::canTriggerImplicitSubmission): Added.
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::submitImplicitly): Renamed parameters for clarity, refactored code
            to use canTriggerImplicitSubmission.
        * html/HTMLFormElement.h: Renamed parameter for clarity.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::defaultEventHandler):  Used canTriggerImplicitSubmission()
            instead of isTextField() for clarity.
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::canTriggerImplicitSubmission): Added.
        * html/HTMLIsIndexElement.h:
        (WebCore::HTMLIsIndexElement::canTriggerImplicitSubmission): Added.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59155.

    2010-05-11  Jer Noble  <jer.noble@apple.com>

        Reviewed by Adele Peterson.

        REGRESSION (r59001): 11 media tests are failing on Windows (38847)
        rdar://problem/7962997
        https://bugs.webkit.org/show_bug.cgi?id=38847
        
        QTMovieWin was too much refactored; the cacheMovieScale() function should have
        been left in QTMovie (instead of being moved into QTMovieGWorld).  This fixes the
        video-size-intrinsic-scale test.
        
        QTMovieTask::updateTaskTimer() was ignoring the maxInterval parameter unless 
        QTGetTimeUntilNextTask() returned an error, which caused the next timer to be
        scheduled for extremely far in the future, breaking some of the layout tests.
        
        QTMovieTask::fireTaskClients() now makes a local copy of the task list before 
        calling clients, in case one of them removes themselves from the task list and
        invalidates our iterating pointer.
        
        * platform/graphics/win/QTMovie.cpp:
        (QTMoviePrivate::task):
        (QTMoviePrivate::createMovieController):
        (QTMoviePrivate::cacheMovieScale):
        * platform/graphics/win/QTMovieGWorld.cpp:
        (QTMovieGWorldPrivate::movieLoadStateChanged):
        * platform/graphics/win/QTMovieTask.cpp:
        (QTMovieTask::updateTaskTimer):
        (QTMovieTask::fireTaskClients):

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59109.

    2010-05-10  Sam Weinig  <sam@webkit.org>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38583
        <rdar://problem/7948784> Crash in Element::normalizeAttributes.

        Test: fast/dom/Element/normalize-crash.html

        * dom/Element.cpp:
        (WebCore::Element::normalizeAttributes): Copy attributes to a vector
        before iterating.
        * dom/NamedAttrMap.cpp:
        (WebCore::NamedNodeMap::copyAttributesToVector): Added.
        * dom/NamedAttrMap.h:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59100.

    2010-05-07  Jon Honeycutt  <jhoneycutt@apple.com>

        Crash closing window containing Flash plug-in
        https://bugs.webkit.org/show_bug.cgi?id=38797
        <rdar://problem/7935266>

        Reviewed by Eric Seidel.

        Test: plugins/geturlnotify-during-document-teardown.html

        * plugins/PluginView.cpp:
        (WebCore::PluginView::load):
        Null check the DocumentLoader; it's possible for this to be null while
        the Document is being torn down and before the plug-in is destroyed.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59098.

    2010-05-10  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        Based on a patch by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28697
        <rdar://problem/7946578> WebKit crash on WebCore::Node::nodeIndex()

        It's not OK to call ContainerNode::willRemoveChild() in a loop, because Range code assumes
        that it can adjust start and end position to any node except for the one being removed -
        so these notifications cannot be batched.

        Test: fast/dom/Range/remove-all-children-crash.html

        * dom/ContainerNode.cpp:
        (WebCore::willRemoveChild): Removed unused ExceptionCode.
        (WebCore::willRemoveChildren): New function, used in removeChildren() case.
        (WebCore::ContainerNode::removeChild): ExceptionCode return was always 0, don't bother with it.
        (WebCore::ContainerNode::removeChildren): Call willRemoveChildrenFromNode.
        (WebCore::dispatchChildRemovalEvents): Moved some logic out into willRemoveChildrenFromNode
        and willRemoveChild.

        * dom/Document.cpp:
        (WebCore::Document::nodeChildrenWillBeRemoved): New function, used in removeChildren() case.

        * dom/Document.h: 
        (WebCore::Document::nodeChildrenWillBeRemoved): New function, used in removeChildren() case.

        * dom/Range.h:
        * dom/Range.cpp:
        (WebCore::boundaryNodeChildrenWillBeRemoved): New function, used in removeChildren() case.
        (WebCore::Range::nodeChildrenWillBeRemoved): Ditto.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59058.

    2010-05-07  Sam Weinig  <sam@webkit.org>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38557
        r58526 introduced a ~30% regression on Dromaeo JS lib

        This fix does two things.
        - Don't use QualifiedName as the key to a HashMap, use a
          RefPtr<QualifiedNameImpl> instead.  We should remove the HashTraits for
          QualifiedName and that will happen in a follow up patch.
        - Only mark cached NodeLists on Documents instead of all Nodes. This is
          okay since the marking of NodeLists is an optimization to keep NodeList
          wrappers alive and is not mandated by any spec.

        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::JSDocument::markChildren):
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::markChildren):
        * dom/Node.cpp:
        (WebCore::Node::removeCachedTagNodeList):
        (WebCore::Node::getElementsByTagNameNS):
        * dom/NodeRareData.h:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59009.

    2010-05-08  Jer Noble  <jer.noble@apple.com>

        Unreviewed, just fixing windows build.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.h: Add #if USE(ACCELERATED_COMPOSITING) guards around GraphicsLayer areas of the code.  Include GraphicsLayer.h directly.
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: As above.
        * platform/graphics/win/QTMovieVisualContext.cpp: Remove the #include of d3d9types.h.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59001.

    2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Eric Carlson

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>

        The original functionality of QTMovieWin has been split between QTMovieGWorld, 
        and a new class: QTMovie.  QTMovie contains all the "controller" parts (changing
        the rate, seeking, etc) while QTMovieGWorld retains all the drawing code.  QTMovieGWorld
        now takes a QTMovie, and as such QTMovie is now retainable.  QTMovieGWorld registers
        itself as a client of QTMovie, so that it can receive load-state notifications,
        and thus QTMovie must now support multiple clients.  Movie tasking timer support
        has been moved into its own class (QTMovieTask) and will be addressed in a future 
        patch.  Most of the functions listed below only changed so much as their class name changed.
        
        * platform/graphics/win/QTMovie.cpp: Copied from WebCore/platform/graphics/win/QTMovieWin.cpp.
        (QTMoviePrivate::QTMoviePrivate):
        (QTMoviePrivate::~QTMoviePrivate):
        (QTMoviePrivate::startTask):
        (QTMoviePrivate::endTask):
        (QTMoviePrivate::task):
        (QTMoviePrivate::createMovieController):
        (QTMovie::QTMovie):
        (QTMovie::~QTMovie):
        (QTMovie::addClient):
        (QTMovie::removeClient):
        (QTMovie::play):
        (QTMovie::pause):
        (QTMovie::rate):
        (QTMovie::setRate):
        (QTMovie::duration):
        (QTMovie::currentTime):
        (QTMovie::setCurrentTime):
        (QTMovie::setVolume):
        (QTMovie::setPreservesPitch):
        (QTMovie::dataSize):
        (QTMovie::maxTimeLoaded):
        (QTMovie::loadState):
        (QTMovie::getNaturalSize):
        (QTMovie::load):
        (QTMovie::disableUnsupportedTracks):
        (QTMovie::isDisabled):
        (QTMovie::setDisabled):
        (QTMovie::hasVideo):
        (QTMovie::hasAudio):
        (QTMovie::hasClosedCaptions):
        (QTMovie::setClosedCaptionsVisible):
        (QTMovie::countSupportedTypes):
        (QTMovie::getSupportedType):
        (QTMovie::initializeQuickTime):
        (QTMovie::getMovieHandle):
        * platform/graphics/win/QTMovie.h: Copied from WebCore/platform/graphics/win/QTMovieWin.h.
        * platform/graphics/win/QTMovieGWorld.cpp: Copied from WebCore/platform/graphics/win/QTMovieWin.cpp.
        (QTMovieGWorldPrivate::QTMovieGWorldPrivate):
        (QTMovieGWorldPrivate::~QTMovieGWorldPrivate):
        (QTMovieGWorldPrivate::cacheMovieScale):
        (movieDrawingCompleteProc):
        (QTMovieGWorldPrivate::registerDrawingCallback):
        (QTMovieGWorldPrivate::unregisterDrawingCallback):
        (QTMovieGWorldPrivate::drawingComplete):
        (QTMovieGWorldPrivate::updateGWorld):
        (QTMovieGWorldPrivate::createGWorld):
        (QTMovieGWorldPrivate::clearGWorld):
        (QTMovieGWorldPrivate::setSize):
        (QTMovieGWorldPrivate::updateMovieSize):
        (QTMovieGWorldPrivate::deleteGWorld):
        (QTMovieGWorldPrivate::movieEnded):
        (QTMovieGWorldPrivate::movieLoadStateChanged):
        (QTMovieGWorldPrivate::movieTimeChanged):
        (QTMovieGWorld::QTMovieGWorld):
        (QTMovieGWorld::~QTMovieGWorld):
        (QTMovieGWorld::setSize):
        (QTMovieGWorld::setVisible):
        (QTMovieGWorld::getCurrentFrameInfo):
        (QTMovieGWorld::paint):
        (QTMovieGWorld::setDisabled):
        (QTMovieGWorld::isDisabled):
        (QTMovieGWorld::fullscreenWndProc):
        (QTMovieGWorld::enterFullscreen):
        (QTMovieGWorld::exitFullscreen):
        (QTMovieGWorld::setMovie):
        (QTMovieGWorld::movie):
        * platform/graphics/win/QTMovieGWorld.h: Copied from WebCore/platform/graphics/win/QTMovieWin.h.
        * platform/graphics/win/QTMovieTask.cpp: Added.
        (QTMovieTask::QTMovieTask):
        (QTMovieTask::~QTMovieTask):
        (QTMovieTask::sharedTask):
        (QTMovieTask::updateTaskTimer):
        (QTMovieTask::fireTaskClients):
        (QTMovieTask::addTaskClient):
        (QTMovieTask::removeTaskClient):
        (QTMovieTask::setTaskTimerFuncs):
        * platform/graphics/win/QTMovieTask.h: Added.

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Eric Carlson

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>

        MediaPlayerPrivateQuickTimeVisualContext has been added as a 
        supported MediaPlayer implementation.  MediaPlayerPrivateQuickTimeWin
        has been left as a fallback MediaPlayer implementation for those media
        types which do not support visual contexts (currently, none).

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::installedMediaEngines):

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>

        MediaPlayerPrivateTaskTimer has been broken out from MediaPlayerPrivateQuickTimeWin::TaskTimer
        so that multiple clients can share its implementation.  It works with the new 
        QTMovieTaskTimer to provide timer support to QTMovieTaskTimer clients.
        
        * platform/graphics/win/MediaPlayerPrivateTaskTimer.cpp: Added.
        (WebCore::MediaPlayerPrivateTaskTimer::initialize):
        (WebCore::MediaPlayerPrivateTaskTimer::setDelay):
        (WebCore::MediaPlayerPrivateTaskTimer::stopTaskTimer):
        (WebCore::MediaPlayerPrivateTaskTimer::fired):
        * platform/graphics/win/MediaPlayerPrivateTaskTimer.h: Added.

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Eric Carlson

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>

        MediaPlayerPrivateQuickTimeVisualContext is a new MediaPlayerPrivate implementation
        which uses QTMovieVisualContext instead of QTMovieWin to render video frames. Much
        like MediaPlayerPrivateQuickTimeWin, MPPQTVisualContext breaks out QTMovie and 
        QTMovieVisualContext, and uses the newly shared MediaPlayerPrivateTaskTimer.  It also
        uses aggregation (in the form of friend classes) instead of multiple inheritence 
        to implement its various client callbacks, so as not to expose its own clients to
        the QTMovie classes.

        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: Copied from WebCore/platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp.
        * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.h: Copied from WebCore/platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h.

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>
        
        MediaPlayerPrivateQuickTimeWin has been modified to support the new bifurcated 
        QTMovie/QTMovieWin classes.  It's private TaskTimer class has been broken out
        into a new top-level class (MediaPlayerPrivateTaskTimer) which will be addressed
        in a future patch. 

        * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
        (WebCore::MediaPlayerPrivate::~MediaPlayerPrivate):
        (WebCore::MediaPlayerPrivate::load):
        (WebCore::MediaPlayerPrivate::paused):
        (WebCore::MediaPlayerPrivate::setSize):
        (WebCore::MediaPlayerPrivate::setVisible):
        (WebCore::MediaPlayerPrivate::paint):
        (WebCore::mimeTypeCache):
        (WebCore::MediaPlayerPrivate::isAvailable):
        (WebCore::MediaPlayerPrivate::movieEnded):
        (WebCore::MediaPlayerPrivate::movieLoadStateChanged):
        (WebCore::MediaPlayerPrivate::movieTimeChanged):
        (WebCore::MediaPlayerPrivate::movieNewImageAvailable):
        (WebCore::MediaPlayerPrivate::paintContents):
        * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h:

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Anders Carlsson

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>

        QTCFDictionary defines functions which help serialize and unserialize
        CFDictionaries.  This is necessary because QuickTime links against a 
        non-debug CoreFoundation in our debug build, and passing non-debug 
        CFDictionaries to a debug CF will cause a crash.
        
        QTMovieTask is a new class containing the tasking functionality broken
        out from QTMovieWin.  This is necessary now that the tasking
        functionality is needed in multiple files/classes.
        
        QTPixelBuffer is a C++ wrapper for CVPixelBuffers, necessary because
        like the CF case above, QuickTime has its own implementation of CoreVideo
        and its CV types cannot be used with the AAS version of CoreVideo.
        
        QTMovieVisualContext is the new drawing implementation, parallel to 
        QTMovieWin.  It currently uses a software rendering path, but can be
        extended in the future to support hardware rendering.
        
        * platform/graphics/win/QTCFDictionary.cpp: Added.
        * platform/graphics/win/QTCFDictionary.h: Added.
        * platform/graphics/win/QTMovieTask.cpp: Added.
        * platform/graphics/win/QTMovieTask.h: Added.
        * platform/graphics/win/QTMovieVisualContext.cpp: Added.
        * platform/graphics/win/QTMovieVisualContext.h: Added.
        * platform/graphics/win/QTPixelBuffer.cpp: Added.
        * platform/graphics/win/QTPixelBuffer.h: Added.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58983.

    2010-05-07  Beth Dakin  <bdakin@apple.com>

        Reviewed by Simon Fraser.

        Fix for <rdar://problem/7956972> REGRESSION: Can't focus and type 
        in GMail due to bad repainting
        -and corresponding-
        https://bugs.webkit.org/show_bug.cgi?id=38782

        This patch reverts back to pre-r58797 behavior when 
        shouldPropagateCompositingToIFrameParent() is false.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintingGoesToWindow):

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58950.

    2010-05-07  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Adam Barth.

        document.write is not synchronous after page load
        https://bugs.webkit.org/show_bug.cgi?id=38146

        If there are no pending scripts, a document.write call should be
        synchronous. This matches other browsers and the HTML5 spec. Forcing
        the tokenizer to be synchronous in Document::write does not affect
        external scripts written by the write call. This should only change
        behavior of document.write after the page is done loading.

        Difficult to test reliably due to HTMLTokenizing relying on processing time.
        I made a manual test because the test requires processing very large strings
        synchronously and therefore can take some time.

        Test: WebCore/manual-tests/dom/document-write-synchronous-after-page-load.html

        * dom/Document.cpp:
        (WebCore::SynchronousHTMLTokenizerGuard::SynchronousHTMLTokenizerGuard): if the provided tokenizer is an HTMLTokenizer make it synchronous
        (WebCore::SynchronousHTMLTokenizerGuard::~SynchronousHTMLTokenizerGuard): if the provided tokenizer was an HTMLTokenizer return its synchronous state
        (WebCore::Document::write): temporarily set the tokenizer to synchronous during document.write
        * dom/Tokenizer.h:
        (WebCore::Tokenizer::asHTMLTokenizer): default implementation returns 0, to be overridden by HTMLTokenizer
        * html/HTMLTokenizer.h: allow access to to the force synchronous state
        (WebCore::HTMLTokenizer::forceSynchronous): accessor
        (WebCore::HTMLTokenizer::asHTMLTokenizer): override the default to return itself
        * manual-tests/dom/document-write-synchronous-after-page-load.html: Added.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58936.

    2010-05-06  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Compositing layers that are clipped out by an overflow:scroll parent fail to get created on reveal
        https://bugs.webkit.org/show_bug.cgi?id=38712
        
        When compositing layer creation is testing layer overlap, we need to re-run the
        algorithm when an overflow:scroll element scrolls, to create new layers for revealed
        elements.
        
        Test: compositing/layer-creation/overflow-scroll-overlap.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollToOffset): First, move the compositing updates
        until after the call to updateWidgetPositions(), so that this order is similar
        to what we done when a FrameView scrolls. This change has no known side effects.
        Second, if compositingConsultsOverlap() is true, we need to actually do a 
        compositing layer update to compute whether revealed/hidden layers should
        be created/destroyed.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59147.

    2010-05-11  Zoltan Herczeg  <zherczeg@webkit.org>

        Reviewed by Dirk Schulze.

        RenderSVGImage::imageChanged should invalidate the SVG filter cache
        https://bugs.webkit.org/show_bug.cgi?id=38838

        Test: svg/filters/filteredImage.svg

        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::imageChanged):

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59116.

    2010-05-10  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        WebSocket needs to suspend/resume as Active DOM object.
        https://bugs.webkit.org/show_bug.cgi?id=38171

        Implement suspend()/resume() in WebSocket and WebSocketChannel.
        While WebSocketChannel is suspended, it only adds received data in m_buffer
        or record the handle was closed, and report no event to WebSocket.
        When resumed, it will process buffer or handle closing.
        Since suspend/resume would be called while processing JavaScript event handler (e.g. before/after alert()), WebSocketChannel method that would fire an event need to be reentrant.
        So, WebSocketChannel::processBuffer() call WebSocket to fire an event at most once and skips buffer before the calling,
        so that next call of processBuffer() would process the next frame.

        * websockets/ThreadableWebSocketChannel.h:
        * websockets/ThreadableWebSocketChannelClientWrapper.h:
        (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect):
          Mark channel is opened, and process pending events if not suspended.
        (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage):
          Push message back in pending queue, and process pending events if not suspended.
        (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
          Mark channel is closed, and process pending events if not suspended.
        (WebCore::ThreadableWebSocketChannelClientWrapper::suspend):
          Mark suspended.
        (WebCore::ThreadableWebSocketChannelClientWrapper::resume):
          Unmark suspended, and process pending events.
        (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
        (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingEvents):
        * websockets/WebSocket.cpp:
        (WebCore::WebSocket::canSuspend):
        (WebCore::WebSocket::suspend):
        (WebCore::WebSocket::resume):
        (WebCore::WebSocket::didClose):
        * websockets/WebSocket.h:
        * websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::WebSocketChannel):
        (WebCore::WebSocketChannel::connect):
        (WebCore::WebSocketChannel::send):
        (WebCore::WebSocketChannel::bufferedAmount):
        (WebCore::WebSocketChannel::close):
        (WebCore::WebSocketChannel::suspend):
        (WebCore::WebSocketChannel::resume):
         When resumed, it will process buffer and
         handle closing if handle was already closed while suspended.
        (WebCore::WebSocketChannel::didClose):
         If suspended, record unhandled bufferedAmount and set m_closed true, so that closing will be processed when resumed.
        (WebCore::WebSocketChannel::didReceiveData):
         Add received data in buffer and process buffer while it is not suspended.
        (WebCore::WebSocketChannel::processBuffer):
         Process handshake header or one frame message.
         Return true if there are more data to be processed.
         Return false otherwise (e.g. incomplete handshake header or incomplete frame).
        * websockets/WebSocketChannel.h:
        * websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::suspend):
        (WebCore::WorkerThreadableWebSocketChannel::resume):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::suspend):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::resume):
        (WebCore::WorkerThreadableWebSocketChannel::mainThreadSuspend):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::suspend):
        (WebCore::WorkerThreadableWebSocketChannel::mainThreadResume):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::resume):
        * websockets/WorkerThreadableWebSocketChannel.h:

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r59111.

    2010-05-10  Dean Jackson  <dino@apple.com>

        Reviewed by Simon Fraser.

        https://bugs.webkit.org/show_bug.cgi?id=36566
        The animation-fill-mode property was missing from
        a few places where the animation shorthand is set up.

        Test: animations/animation-shorthand-removed.html

        * css/CSSMutableStyleDeclaration.cpp:
        (WebCore::CSSMutableStyleDeclaration::getPropertyValue): Make sure
        animation-fill-mode is included in the animation shorthand
        * css/CSSPropertyLonghand.cpp:
        (WebCore::initShorthandMap):

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58965.

    2010-05-07  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        RenderSVGResourceClipper assigns a temporary mutated RenderStyle but does not correctly preserve the old style
        https://bugs.webkit.org/show_bug.cgi?id=38767

        Fix small logic error leading to a problem in RenderSVGResourceClipper. It assigns a new temporary RenderStyle
        to the target object, but fails to reset it correctly to the old style. Fixes all svg/clip-path errors on the windows bots.

        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::createClipData):

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58961.

    2010-05-07  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adele Peterson.

        https://bugs.webkit.org/show_bug.cgi?id=38546
        Node.focus() fails to move focus from subframe properly

        Test: fast/frames/take-focus-from-iframe.html

        * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::setFocus): Don't clear
        focus if this frame doesn't have it. This can happen if page's and HTMLFrameElement's ideas
        of focused frame get out of sync temporarily.

2010-05-12  Mark Rowe  <mrowe@apple.com>

        Merge r58960.

    2010-05-07  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        svg/custom/use-instanceRoot-as-event-target.xhtml crashes randomly
        https://bugs.webkit.org/show_bug.cgi?id=37798

        When creating JSEventListeners through attributes (onclick, etc..) or add/removeEventListener
        calls on a SVGElementInstance, do NOT pass the element instance itself as JS wrapper object
        but the correspondingElement(). SVGElementInstance redirects all event listener registrations
        to the correspondingElement(), as they share an event listener list, per SVG spec. The old
        code was very dangerous, leading to random assertions, when garbage collection teared down
        the JSSVGElementInstance and event listeners fired, whose listeners were registered with
        it, but residing in the correspondingElement() event listener list.

        Removes the need for CustomToJS code for JSSVGElementInstance, which was wrong anyways. We hoped
        to keep the event listeers alive by just creating a js wrapper of the correspondingElement(), that
        could only work as long as garbage collection didn't tear it down, just luck. Also remove the
        CustomPushEventHandlerScope marker, as it is only used for JSLazyEventListeners and only works
        for JSNode derived objects, it was a no-op for SVGElementInstance, thus removed it.

        Should fix all random crashes/assertions seen with svg/custom/use-instanceRoot-as-event-target.xhtml
        See bug report for a detailed crash analysis.

        * bindings/js/JSSVGElementInstanceCustom.cpp: Remove custom toJS()/pushEventHandlerScope() handling, not necessary anymore.
        (WebCore::JSSVGElementInstance::markChildren):
        * bindings/scripts/CodeGeneratorJS.pm: For JSSVGElementInstance pass the correspondingElement() as JS wrapper object, not itself.
        * svg/SVGElementInstance.cpp:
        (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Be sure to trigger a style update here, so dirty shadow trees for <use> get rebuild. Otherwhise DOM may be out-of-sync.
        (WebCore::SVGElementInstance::eventTargetData): Add ASSERT_NOT_REACHED(), all event listener calls are forwarded to the correspondingElement().
        (WebCore::SVGElementInstance::ensureEventTargetData): Ditto.
        * svg/SVGElementInstance.idl: Remove CustomToJS, CustomPushEventHandlerScope markers.

2010-05-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Try again - with quotes this time. *facepalm*

        * dom/Notation.cpp:

2010-05-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Speculative fix for Qt and Gtk.

        * dom/Notation.cpp:

2010-05-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Fix an assert that I failed to update in my earlier change.

        * dom/CharacterData.h:
        (WebCore::CharacterData::CharacterData):

2010-05-06  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=38697
        REGRESSION (r58299): Replying on reddit.com no longer works

        * css/CSSSelector.cpp: (WebCore::CSSSelector::extractPseudoType): Don't recognize :first,
        :left and :right. The aren't allowed in all contexts, and properly implementing them is out
        of scope for this regression fix.

2010-05-06  Jian Li  <jianli@chromium.org>

        Reviewed by Adam Barth.

        Improve code generator scripts to support converting ScriptString.
        https://bugs.webkit.org/show_bug.cgi?id=38699

        Change both JSC and V8 generators to introduce "ConvertScriptString"
        attribute to allow converting from ScriptString. Also updated the
        bindings test result.

        These changes are necessary in order to avoid adding custom binding codes
        when we add the FileReader interface.

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_get_script_string_attr):
        (webkit_dom_test_obj_get_property):
        (webkit_dom_test_obj_class_init):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::):
        (WebCore::jsTestObjScriptStringAttr):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj scriptStringAttr]):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::scriptStringAttrAttrGetter):
        (WebCore::):

2010-05-06  Jian Li  <jianli@chromium.org>

        Reviewed by Adam Barth.

        Improve code generator scripts to pass additional ScriptExecutionContext
        argument to the constructor.
        https://bugs.webkit.org/show_bug.cgi?id=38687

        Change both JSC and V8 generators to introduce "CallWith=ScriptExecutionContext"
        attribute to allow passing the additional ScriptExecutionContext argument to
        the constructor. Also add another test IDL file to test interface-level
        features.

        These changes are necessary in order to avoid adding custom binding codes
        when we add the FileReader interface.

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.h: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestInterfacePrivate.h: Added.
        * bindings/scripts/test/JS/JSTestInterface.cpp: Added.
        * bindings/scripts/test/JS/JSTestInterface.h: Added.
        * bindings/scripts/test/ObjC/DOMTestInterface.h: Added.
        * bindings/scripts/test/ObjC/DOMTestInterface.mm: Added.
        * bindings/scripts/test/ObjC/DOMTestInterfaceInternal.h: Added.
        * bindings/scripts/test/TestInterface.idl: Added.
        * bindings/scripts/test/V8/V8TestInterface.cpp: Added.
        * bindings/scripts/test/V8/V8TestInterface.h: Added.
        * bindings/v8/V8Proxy.h:
        (WebCore::V8Proxy::constructDOMObjectWithScriptExecutionContext):

2010-05-06  Maciej Stachowiak  <mjs@apple.com>

        Build fix, not reviewed.
        
        Speculative Windows and Debug build fixes for the last change.

        * dom/Node.h:
        (WebCore::Node::inDocument):
        (WebCore::Node::setFlag):

2010-05-06  James Robinson  <jamesr@chromium.org>

        Reviewed by Eric Seidel.

        Fix warnings emitted by gcc 4.4.1 on linux in chromium-specific platform graphics files.
        https://bugs.webkit.org/show_bug.cgi?id=38158

        Fixes:
        - replace NULL with 0
        - remove unusued locals
        - add parens around ambiguous looking compound predicates like (a || b && c)

        This also adds a check for x >= 0 to FontLinux.cpp's in this statement:
          if (x < walker.width())
        This is more documentation than anything else since walker.width() returns
        an unsigned the current behavior is that x is promoted to unsigned and as
        long as x + walker.width() is less than 2^31 all negative values of x
        end up wrapping around and not being < walker.width().  This behavior is
        tested by fast/text/international/khmer-selection.html

        * platform/graphics/chromium/FontLinux.cpp:
        (WebCore::adjustTextRenderMode):
        (WebCore::TextRunWalker::TextRunWalker):
        (WebCore::TextRunWalker::length):
        (WebCore::TextRunWalker::width):
        (WebCore::TextRunWalker::getTextRun):
        (WebCore::TextRunWalker::getNormalizedTextRun):
        (WebCore::Font::offsetForPositionForComplexText):
        * platform/graphics/chromium/FontPlatformDataLinux.cpp:
        (WebCore::FontPlatformData::setupPaint):
        * platform/graphics/chromium/HarfbuzzSkia.cpp:
        (WebCore::getOutlinePoint):
        * platform/graphics/skia/GraphicsContext3DSkia.cpp:
        (WebCore::GraphicsContext3D::getImageData):
        * platform/graphics/skia/GraphicsContextSkia.cpp:
        (WebCore::isCoordinateSkiaSafe):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::strokeRect):

2010-05-06  Ada Chan  <adachan@apple.com>

        Reviewed by David Kilzer.

        https://bugs.webkit.org/show_bug.cgi?id=38695
        
        Check the result from widget() for NULL before accessing it.

        * rendering/RenderIFrame.cpp:
        (WebCore::RenderIFrame::calcHeight):
        (WebCore::RenderIFrame::calcWidth):

2010-05-06  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        further fixes towards REGRESSION (r57292): 1% PLT regression from visited link information leak fix
        https://bugs.webkit.org/show_bug.cgi?id=38682
        <rdar://problem/7859794>

        Looks like a 1-2% speedup on PLT.

        - Reorder CSS properties.
        - Remove short circuit tag check in matchRulesForList which costs more than it saves.
        - Inline initForStyleResolve.
        - Optimize applyDeclarations to avoid switch and take fewer branches in the inner loop.
        
        - Change the way Node handles flags - replace bitfield with a uint32_t and explicit masking, 
        to make it cheaper to initialize the bits and give faster access.
        - Added new Node flags to check for isStyledElement, isHTMLElement, isSVGElement, isComment, 
        and devirtualize those methods.
        - Inline constructors for Node, Element, Text, CharacterData, StyledElement, etc since
        they are very simple and lots of nodes get constructed.
        
        * css/CSSPropertyNames.in: Move a few of the properties up front so we can check for them
        with < instead of switch statements
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::matchRulesForList): Remove unnecessary preflight check
        for tag match before checking selector. This check very rarely short circuits anything,
        since most rules with a tag end up in the appropriate tag bucket. So doing the check
        cost more time than the time saved.
        (WebCore::CSSStyleSelector::initForStyleResolve): Inline. Create RenderStyle in a better way.
        (WebCore::CSSStyleSelector::applyDeclarations): Get rid of switch statement and use <= to
        check for the high priority properties. Convert to template to avoid checking "applyFirst"
        each time through the loop.
        (WebCore::CSSStyleSelector::styleForElement): Adjust for new applyDeclarations() signature.
        (WebCore::CSSStyleSelector::keyframeStylesForAnimation): ditto
        (WebCore::CSSStyleSelector::pseudoStyleForElement): ditto
        * css/CSSStyleSelector.h: Adjust for new applyDeclarations() signature.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle): Inline constructor.
        * rendering/style/RenderStyle.h: Make constructor private so it can be inline.
        * dom/Node.h:
        (WebCore::): See high-level description of changes above. Redid the
        way boolean flags work.
        (WebCore::Node::isElementNode):
        (WebCore::Node::isContainerNode):
        (WebCore::Node::isTextNode):
        (WebCore::Node::isHTMLElement):
        (WebCore::Node::isSVGElement):
        (WebCore::Node::isStyledElement):
        (WebCore::Node::isCommentNode):
        (WebCore::Node::hasID):
        (WebCore::Node::hasClass):
        (WebCore::Node::active):
        (WebCore::Node::inActiveChain):
        (WebCore::Node::inDetach):
        (WebCore::Node::hovered):
        (WebCore::Node::attached):
        (WebCore::Node::setAttached):
        (WebCore::Node::needsStyleRecalc):
        (WebCore::Node::styleChangeType):
        (WebCore::Node::childNeedsStyleRecalc):
        (WebCore::Node::isLink):
        (WebCore::Node::setHasID):
        (WebCore::Node::setHasClass):
        (WebCore::Node::setChildNeedsStyleRecalc):
        (WebCore::Node::clearChildNeedsStyleRecalc):
        (WebCore::Node::setInDocument):
        (WebCore::Node::clearInDocument):
        (WebCore::Node::setInActiveChain):
        (WebCore::Node::clearInActiveChain):
        (WebCore::Node::setIsLink):
        (WebCore::Node::clearIsLink):
        (WebCore::Node::setActive):
        (WebCore::Node::setHovered):
        (WebCore::Node::inDocument):
        (WebCore::Node::):
        (WebCore::Node::getFlag):
        (WebCore::Node::setFlag):
        (WebCore::Node::clearFlag):
        (WebCore::Node::hasRareData):
        (WebCore::Node::isParsingChildrenFinished):
        (WebCore::Node::setIsParsingChildrenFinished):
        (WebCore::Node::clearIsParsingChildrenFinished):
        (WebCore::Node::isStyleAttributeValid):
        (WebCore::Node::setIsStyleAttributeValid):
        (WebCore::Node::clearIsStyleAttributeValid):
        (WebCore::Node::isSynchronizingStyleAttribute):
        (WebCore::Node::setIsSynchronizingStyleAttribute):
        (WebCore::Node::clearIsSynchronizingStyleAttribute):
        (WebCore::Node::areSVGAttributesValid):
        (WebCore::Node::setAreSVGAttributesValid):
        (WebCore::Node::clearAreSVGAttributesValid):
        (WebCore::Node::isSynchronizingSVGAttributes):
        (WebCore::Node::setIsSynchronizingSVGAttributes):
        (WebCore::Node::clearIsSynchronizingSVGAttributes):
        (WebCore::Node::hasRareSVGData):
        (WebCore::Node::setHasRareSVGData):
        (WebCore::Node::clearHasRareSVGData):
        (WebCore::Node::initialRefCount):
        * dom/Node.cpp:
        (WebCore::Node::trackForDebugging): Adjusted for changes in
        flag handling.
        (WebCore::Node::ensureRareData): ditto
        (WebCore::Node::setStyleChange): ditto
        (WebCore::Node::setNeedsStyleRecalc): ditto
        (WebCore::Node::lazyAttach): ditto
        (WebCore::Node::attach): ditto
        (WebCore::Node::detach): ditto
        (WebCore::Node::insertedIntoDocument): ditto
        (WebCore::Node::removedFromDocument): ditto
        * dom/CharacterData.cpp:
        * dom/CharacterData.h:
        (WebCore::CharacterData::CharacterData): Inline the constructor (moved from .cpp)
        * dom/Comment.cpp:
        (WebCore::Comment::Comment): Tell the base class that we're a comment.
        * dom/Comment.h: Remove isCommentNode override.
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::detach): Adjusted for changes in flag
        handling.
        (WebCore::ContainerNode::removedFromDocument): ditto
        * dom/Document.cpp:
        (WebCore::Document::Document): Adjusted for changes in flag handling.
        (WebCore::Document::recalcStyle): ditto
        (WebCore::Document::setFocusedNode): ditto
        * dom/Document.h:
        (WebCore::Node::Node): Inline the Node constructor - goes here
        because it uses Document.
        * dom/DocumentFragment.cpp: include Document.h due to above change
        * dom/EditingText.cpp: ditto
        * dom/EntityReference.cpp: ditto
        * dom/Element.cpp:
        (WebCore::Element::getAttribute): Adjusted for changes in flag
        handling.
        (WebCore::Element::setAttribute): ditto
        (WebCore::Element::hasAttributes): ditto
        (WebCore::Element::recalcStyle): ditto
        (WebCore::Element::finishParsingChildren): ditto
        * dom/Element.h:
        (WebCore::Element::Element): Inline (moved from .cpp)
        (WebCore::Element::isFinishedParsingChildren):
        (WebCore::Element::beginParsingChildren):
        (WebCore::Element::attributes): Adjusted for changes in flag
        handling.
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::updateStyleAttribute): Adjust for
        changes to flag handling.
        (WebCore::StyledElement::mapToEntry): ditto
        (WebCore::StyledElement::parseMappedAttribute): ditto
        (WebCore::StyledElement::copyNonAttributeProperties): ditto
        * dom/StyledElement.h:
        (WebCore::StyledElement::StyledElement): Inline (moved from.cpp)
        (WebCore::StyledElement::invalidateStyleAttribute): Adjust for
        changes in flag handling.
        * dom/Text.h:
        (WebCore::Text::Text): Inline (moved from .cpp)
        * dom/Text.cpp:
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::HTMLAnchorElement): Adjust for changes in
        flag handling.
        (WebCore::HTMLAnchorElement::parseMappedAttribute): ditto
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::create): Tell base class we're an HTML element.
        * html/HTMLElement.h: ditto above; remove isHTMLElement override.
        * html/HTMLFormControlElement.h: Tell base class we're an HTML element.
        * html/HTMLFrameOwnerElement.cpp:
        (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement): ditto
        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::HTMLProgressElement): ditto
        * mathml/MathMLElement.cpp:
        (WebCore::MathMLElement::MathMLElement): Tell base class we're a styled
        element.
        * rendering/MediaControlElements.cpp:
        (WebCore::MediaControlShadowRootElement::MediaControlShadowRootElement):
        Adjust for changes in flag handling.
        (WebCore::MediaControlElement::MediaControlElement): ditto
        (WebCore::MediaControlInputElement::MediaControlInputElement): ditto
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::updateFromElement): ditto
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateHoverActiveState): ditto
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::updateValuePartState): ditto
        * rendering/RenderSlider.cpp:
        (WebCore::RenderSlider::updateFromElement): ditto
        * rendering/SVGShadowTreeElements.cpp:
        (WebCore::SVGShadowTreeRootElement::SVGShadowTreeRootElement): ditto
        * rendering/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::attachInnerElement): ditto
        * svg/SVGAnimatedProperty.h:
        (WebCore::SVGAnimatedPropertyTearOff::setBaseVal): ditto
        (WebCore::SVGAnimatedPropertyTearOff::setAnimVal): ditto
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::SVGElement): Tell base class we're
        an svg element.
        (WebCore::SVGElement::ensureRareSVGData): Adjust for flag handling
        changes.
        (WebCore::SVGElement::updateAnimatedSVGAttribute): ditto
        * svg/SVGElement.h:
        (WebCore::SVGElement::invalidateSVGAttributes): ditto
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::svgAttributeChanged): ditto
        * wml/WMLAnchorElement.cpp:
        (WebCore::WMLAnchorElement::WMLAnchorElement): ditto
        * wml/WMLElement.cpp:
        (WebCore::WMLElement::WMLElement): Tell base class we're a styled
        element.

2010-05-06  Adam Barth  <abarth@webkit.org>

        Unreviewed.  Fix indent.  Sorry, my OCD was acting up.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMouseReleaseEvent):

2010-05-06  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: store selected Headers / Content tab on explicit switch and/or explicit navigate only.

        https://bugs.webkit.org/show_bug.cgi?id=38660

        * inspector/front-end/ResourceView.js:
        (WebInspector.ResourceView):
        (WebInspector.ResourceView.prototype._selectHeadersTab):
        (WebInspector.ResourceView.prototype.selectContentTab):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.showResource):

2010-05-06  Luiz Agostini  <luiz.agostini@openbossa.org>

        Rubber-stamped by Simon Hausmann.

        [Qt] use QT_MOBILE_THEME in Symbian
        https://bugs.webkit.org/show_bug.cgi?id=38440

        Putting QT_MOBILE_THEME into use for Symbian.

        * WebCore.pro:

2010-05-06  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, build fix WinCE for QtWebKit.

        [Qt] Compilation with Plugins disabled is broken
        https://bugs.webkit.org/show_bug.cgi?id=31407

        Rename platform/qt/TemporaryLinkStubs.cpp to avoid name collition on
        Windows.

        Thanks for Ismail "cartman" Donmez for help.

        No new tests, as there is no new functionality.

        * WebCore.gypi:
        * WebCore.pro:
        * platform/qt/TemporaryLinkStubs.cpp: Removed.
        * platform/qt/TemporaryLinkStubsQt.cpp: Copied from WebCore/platform/qt/TemporaryLinkStubs.cpp.

2010-05-06  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] REGRESSION: Loading of external CSS and JS files over network fails in some cases
        https://bugs.webkit.org/show_bug.cgi?id=36755

        Enable the direct connection between QtNetwork and QtWebKit only for Qt versions
        greater than 4.6.2, due to a bug in Qt that's been fixed after 4.6.2.

        * platform/network/qt/QNetworkReplyHandler.cpp:

2010-05-06  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Reviewed by Xan Lopez.

        Rework where we get page step and line step from, so we do not
        depend on scrollbars existing. Caught by API test I forgot to run.

        * platform/gtk/ScrollViewGtk.cpp:
        (WebCore::ScrollView::setGtkAdjustments):

2010-05-06  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Reviewed by Xan Lopez.

        [GTK] Adjustment resetting uses wrong values, and misses page_size and steps
        https://bugs.webkit.org/show_bug.cgi?id=38657

        Fix resetting adjustment values. In the page cache case, we were
        confusing page_size and upper, leading to stray scrollbars
        sometimes.

        * platform/gtk/ScrollViewGtk.cpp:
        (WebCore::ScrollView::setGtkAdjustments):

2010-05-06  Darin Adler  <darin@apple.com>

        Reviewed by Beth Dakin.

        Page::setCanStartMedia does not properly handle the case where a media listener is removed
        https://bugs.webkit.org/show_bug.cgi?id=38602

        We can't find any real case where this causes a crash at this time, but
        we want to harden the code anyway. Thus there are no new regression tests.

        * page/Page.cpp:
        (WebCore::Page::removeMediaCanStartListener): Removed incorrect assertion.
        (WebCore::Page::setCanStartMedia): Change algorithm so we notify listeners
        one at a time and don't notify any listener that has already been removed
        from the set.

2010-05-05  Ojan Vafai  <ojan@chromium.org>

        Reviewed by Darin Adler.

        shift+click on an existing selection doesn't work right
        https://bugs.webkit.org/show_bug.cgi?id=36542

        NSTextView behavior is to move the end of the selection
        closest to the shift-click. Win/Linux behavior is to always
        move the focus end of the selection.

        Test: editing/selection/shift-click.html

        * page/EventHandler.cpp:
        (WebCore::textDistance):
        (WebCore::EventHandler::handleMousePressEventSingleClick):

2010-05-06  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: implement panels history traversal on Cmd+Left/Right.

        https://bugs.webkit.org/show_bug.cgi?id=38649

        * inspector/front-end/inspector.js:
        (WebInspector.set currentPanel):
        (WebInspector.loaded):
        (WebInspector.documentKeyDown):
        (WebInspector.PanelHistory):
        (WebInspector.PanelHistory.prototype.canGoBack):
        (WebInspector.PanelHistory.prototype.goBack):
        (WebInspector.PanelHistory.prototype.canGoForward):
        (WebInspector.PanelHistory.prototype.goForward):
        (WebInspector.PanelHistory.prototype.setPanel):

2010-05-03  Evan Martin  <evan@chromium.org>

        Reviewed by Eric Seidel.

        [chromium] use glyphDataForCharacter so we hit the glyphdata cache
        https://bugs.webkit.org/show_bug.cgi?id=38500

        Calling fontDataForCharacters() while rendering text is expensive.
        Examining the relevant Mac code in WebKit revealed that calling the
        similarly-named glyphDataForCharacters() results in caching the font
        data on a per-glyph basis.

        Since we now choose a font based on the first character in a run, we
        need to be careful that all the glyphs within the run use the same font.
        This is also similar to the WebKit Mac code.  We need to remove all of
        the script run bits eventually and this is a step in that direction.

        Tests: fast/text/international/danda-space.html spacing changes slightly
        (now matches Firefox better) and fast/text/international/thai-baht-space.html
        now picks the correct (serif) font for the digits.

        * platform/graphics/chromium/FontLinux.cpp:
        (WebCore::TextRunWalker::nextScriptRun):
        (WebCore::TextRunWalker::setupFontForScriptRun):

2010-05-06  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha Silva.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Convert dragging portion of drag-and-drop to use DataObjectGtk.

        No new tests, because functionality has not changed.

        * page/gtk/EventHandlerGtk.cpp:
        (WebCore::EventHandler::createDraggingClipboard): Pass the DataObjectGtk as a parameter here.
        * platform/gtk/ClipboardGtk.h:
        (WebCore::ClipboardGtk::create): Take the DataObject as a parameter instead of creating it here.
        (WebCore::ClipboardGtk::helper): Added.
        (WebCore::ClipboardGtk::dataObject): Added.
        * platform/gtk/PasteboardHelper.h: Make targetListForDataObject a public method.

2010-05-06  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Do not show content tab for resources
        not supporting content preview.

        https://bugs.webkit.org/show_bug.cgi?id=38635

        * English.lproj/localizedStrings.js:
        * inspector/front-end/FontView.js:
        (WebInspector.FontView.prototype.hasContentTab):
        * inspector/front-end/ImageView.js:
        (WebInspector.ImageView.prototype.hasContentTab):
        * inspector/front-end/ResourceView.js:
        (WebInspector.ResourceView):
        (WebInspector.ResourceView.prototype._selectTab):
        (WebInspector.ResourceView.prototype.hasContentTab):
        * inspector/front-end/SourceView.js:
        (WebInspector.SourceView.prototype.hasContentTab):

2010-05-06  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Kenneth Christiansen.

        Spatial Navigation: adapt the logic of {deep}findFocusableNodeInDirection to do traversal starting from Node* not Document*
        https://bugs.webkit.org/show_bug.cgi?id=37803

        Instead of receiving a Document pointer as incoming parameter, patch modifies
        findFocusableNodeInDirection and deepFindFocusableNodeInDirection methods to
        receive a Node pointer as start for content traversal.
        This way we can make good use of deepFindFocusableNodeInDirection to traverse
        other scrollable container like scrollable div's, and not only frames or iframes.

        Patch also makes use of 'while' instead of 'for' to loop control, that gives move
        flexibility to the incremental step: e.g. if a scrollable div was processed, the incremental
        step in the loop does not have to do node->traverseNextNode() but node->traverseNextSibling().

        No behavior change. It is a preparation for supporting scrollable containers in Spatial
        Navigation.

        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusDirectionally):
        (WebCore::FocusController::findFocusableNodeInDirection):
        (WebCore::FocusController::deepFindFocusableNodeInDirection):
        * page/FocusController.h:

2010-05-06  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed WinCE buildfix after r58842.
        Preprocessor doesn't understand "true", changed to "1"

        * platform/graphics/MediaPlayer.cpp:

2010-05-06  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Pavel Feldman.

        Temporarily disable 'console.profiles' until we can distinguish
        functions from different frames

        https://bugs.webkit.org/show_bug.cgi?id=38638

        * bindings/v8/custom/V8ConsoleCustom.cpp:
        (WebCore::V8Console::profilesAccessorGetter):

2010-05-06  Steve Block  <steveblock@google.com>

        Reviewed by Eric Seidel.

        MAC_JAVA_BRIDGE should be renamed JAVA_BRIDGE
        https://bugs.webkit.org/show_bug.cgi?id=38544

        No new tests, build fix only.

        * DerivedSources.make:
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::ScriptController):
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptControllerMac.mm:
        (WebCore::ScriptController::createScriptInstanceForWidget):
        * bridge/jni/JNIBridge.cpp:
        * bridge/jni/JNIBridge.h:
        * bridge/jni/JNIUtility.cpp:
        * bridge/jni/JNIUtility.h:
        * bridge/jni/jni_jsobject.h:
        * bridge/jni/jni_jsobject.mm:
        * bridge/jni/jni_objc.mm:
        * bridge/jni/jsc/JNIBridgeJSC.cpp:
        * bridge/jni/jsc/JNIBridgeJSC.h:
        * bridge/jni/jsc/JNIUtilityPrivate.cpp:
        * bridge/jni/jsc/JNIUtilityPrivate.h:
        * bridge/jni/jsc/JavaClassJSC.cpp:
        * bridge/jni/jsc/JavaClassJSC.h:
        * bridge/jni/jsc/JavaInstanceJSC.cpp:
        * bridge/jni/jsc/JavaInstanceJSC.h:
        * loader/FrameLoaderClient.h:

2010-05-05  Alejandro G. Castro  <alex@igalia.com>

        Reviewed by Xan Lopez.

        Fixed the gobject introspection compilation with the new DOM
        bindings, we needed to add DOM objects.

        * GNUmakefile.am:

2010-05-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        drop support for sessionStorage in sandbox iframes
        https://bugs.webkit.org/show_bug.cgi?id=38151

        This patch causes us to throw a security exception when a sandboxed
        iframe attempts to access sessionStorage, matching our behavior for
        localStorage.  The letter of the spec asks us to create a separate
        storage area for each unique origin.  We might want to do that in a
        future patch, but throwing a security error seems like a safe move now.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::sessionStorage):
        (WebCore::DOMWindow::localStorage):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::canAccessSessionStorage):
        * storage/StorageEventDispatcher.cpp:
        (WebCore::StorageEventDispatcher::dispatch):

2010-05-06  Andy Estes  <aestes@apple.com>

        Reviewed by Maciej Stachowiak.

        Allow forms submitting to target="_blank" to open popups if the submission
        originated from a user gesture.

        https://bugs.webkit.org/show_bug.cgi?id=37335
        <rdar://problem/7884980>

        Test: fast/events/popup-allowed-from-gesture-initiated-form-submit.html

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::processingUserGesture): If no DOM event is
        being processed, consult UserGestureIndicator to determine return value.
        * bindings/js/ScriptController.h: Moved the logic of processingUserGestureEvent()
        into processingUserGesture().

2010-05-06  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Eric Seidel.

        [GTK] Refactor GenerateProperties in CodeGenerationGObject.pm
        https://bugs.webkit.org/show_bug.cgi?id=38577

        Thinko caught while refactoring, $custom variable was not
        initialized.

        * bindings/scripts/CodeGeneratorGObject.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_set_property):
        (webkit_dom_test_obj_get_property):
        (webkit_dom_test_obj_class_init):

2010-05-06  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Eric Seidel.

        [GTK] Refactor GenerateProperties in CodeGenerationGObject.pm
        https://bugs.webkit.org/show_bug.cgi?id=38577

        Refactor GenerateProperty out of GenerateProperties. This is in
        preparation for EventListeren attributes, which won't generate
        normal GObject properties.

        * bindings/scripts/CodeGeneratorGObject.pm:

2010-05-06  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: follow up to linkify event listeners.

        https://bugs.webkit.org/show_bug.cgi?id=38257

        * bindings/js/ScriptEventListener.cpp:
        (WebCore::eventListenerHandlerLocation):
        * bindings/v8/ScriptEventListener.cpp:
        (WebCore::eventListenerHandlerLocation):
        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.prototype.linkifyNodeReference):
        * inspector/front-end/EventListenersSidebarPane.js:

2010-05-05  Charles Wei  <charles.wei@torchmobile.com.cn>

        Reviewed by George Staikos

        https://bugs.webkit.org/show_bug.cgi?id=37848
        This patch adds WCSS -wap-input-format and -wap-input-required support to WebKit

        Tests: fast/wcss/wap-input-format.xhtml
               fast/wcss/wap-input-required.xhtml

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseWCSSInputProperty):
        * css/CSSParser.h:
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::applyProperty):
        * css/WCSSPropertyNames.in:
        * dom/InputElement.cpp:
        (WebCore::InputElement::sanitizeValue):
        (WebCore::InputElement::handleBeforeTextInsertedEvent):
        (WebCore::InputElementData::InputElementData):
        (WebCore::formatCodes):
        (WebCore::cursorPositionToMaskIndex):
        (WebCore::InputElement::isConformToInputMask):
        (WebCore::InputElement::validateInputMask):
        * dom/InputElement.h:
        (WebCore::InputElementData::inputFormatMask):
        (WebCore::InputElementData::setInputFormatMask):
        (WebCore::InputElementData::maxInputCharsAllowed):
        (WebCore::InputElementData::setMaxInputCharsAllowed):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setWapInputFormat):
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::data):
        * wml/WMLInputElement.h:
        (WebCore::WMLInputElement::data):

2010-05-05  MORITA Hajime  <morrita@google.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=38150
        Refactoring: webkitEditableContentChangedEvent should be handled by the owner of appropriate the renderer.

        Moved a part of code chunk in HTMLFormControlElementWithState::defaultEventHandler()
        which accesses the renderer from foreign node, 
        to TextControlInnerTextElement::defaultEventHandler() which owns the renderer.
        
        No new tests. No behavioral change.

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElementWithState::defaultEventHandler):
        * html/HTMLFormControlElement.h:
        * html/HTMLInputElement.h:
        * html/HTMLTextAreaElement.h:
        * rendering/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerTextElement::defaultEventHandler):

2010-05-05  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Line Numbers should be Aligned with the Source Code Line
        https://bugs.webkit.org/show_bug.cgi?id=38593

        If there is a message bubble, such as an error message, in a source view
        the line number should be in line with the source code line, not centered
        between the source and bubble.

        * inspector/front-end/textViewer.css:
        (.webkit-line-number): added vertical-align: top

2010-05-05  Dan Bernstein  <mitz@apple.com>

        Fix the decelerated compositing build.

        * page/FrameView.cpp:
        (WebCore::FrameView::isEnclosedInCompositingLayer):
        * page/FrameView.h:

2010-05-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        Bug 38604 - workers-gc2 crashing on Qt

        This appears to be due to a couple of issues.
        (1) When the atomic string table is deleted it does not clear the 'inTable' bit
        on AtomicStrings - it implicitly assumes that all AtomicStrings have already
        been deleted at this point (otherwise they will crash in their destructor when
        they try to remove themselves from the atomic string table).
        (2) We don't fix the ordering in which WTF::WTFThreadData and
        WebCore::ThreadGlobalData are destructed.

        We should make sure that ThreadGlobalData is cleaned up before worker threads
        terminate and WTF::WTFThreadData is destroyed, and we should clear the inTable
        bit of members on atomic string table destruction.

        WTF changes (fix issue 2, above) - clean up the thread data on worker termination.

        * platform/ThreadGlobalData.cpp:
        (WebCore::ThreadGlobalData::~ThreadGlobalData):
        (WebCore::ThreadGlobalData::destroy):
        * platform/ThreadGlobalData.h:
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::workerThread):

2010-05-05  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/7932072> Iframes in composited layers don’t repaint correctly (affects Yahoo! Mail with Flash Player 10.1)
        https://bugs.webkit.org/show_bug.cgi?id=38427

        Test: compositing/iframes/iframe-in-composited-layer.html

        * WebCore.base.exp: Export FrameView::isEnclosedInCompositingLayer().
        * page/FrameView.cpp:
        (WebCore::FrameView::isEnclosedInCompositingLayer): Added this predicate.
        * page/FrameView.h:

2010-05-05  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Got composited iframes showing up on Mac again
        https://bugs.webkit.org/show_bug.cgi?id=38565

        This was broken by http://trac.webkit.org/changeset/58798. That
        change connected iframes through the parent document to the root
        of the layer tree. That is correct for Windows, but not for Mac.
        So the places where the linkage is made were wrapped in 
        shouldPropagateCompositingToIFrameParent() calls, which is 
        always false for Mac.

        Test: compositing/iframes/composited-iframe-alignment.html

        * rendering/RenderLayerCompositor.cpp:Avoid doing composited iframe linkage on Mac
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        (WebCore::RenderLayerCompositor::didMoveOnscreen):
        (WebCore::RenderLayerCompositor::willMoveOffscreen):
        (WebCore::RenderLayerCompositor::ensureRootPlatformLayer):

2010-05-05  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=38260
        <rdar://problem/7917548> Fix whitespace removing in deprecatedParseURL().

        Broken all the way since r4 (yes, that's a revision number).

        Test: http/tests/security/xss-DENIED-javascript-with-spaces.html

        * css/CSSHelper.cpp: (WebCore::deprecatedParseURL): Fixed loop conditions for remaining length.

2010-05-05  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        Many AXUnknown showing up in the hierarchy
        https://bugs.webkit.org/show_bug.cgi?id=38607

        The RenderTableSection should not be an accessible element.

        Test: platform/mac/accessibility/parent-of-table-row-is-table.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):

2010-05-05  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt]Disable Qt Multimedia backend for HTML 5 Audio and Video elements
        Fall back to the Phonon backend until the release situation has been cleared up.

        https://bugs.webkit.org/show_bug.cgi?id=38612

        Buildfix for QT_VERSION >= 0x040700 after r58810.

        * platform/graphics/MediaPlayer.cpp:

2010-05-05  Jian Li  <jianli@chromium.org>

        Reviewed by David Levin.

        XMLHttpRequestUpload events do not fire when sending a raw file or FormData object.
        https://bugs.webkit.org/show_bug.cgi?id=37771

        Test: http/tests/local/formdata/upload-events.html

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):

2010-05-05  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Qt port should use its own QUuid class to create UUID string.
        https://bugs.webkit.org/show_bug.cgi?id=38581

        * platform/UUID.cpp:
        (WebCore::createCanonicalUUIDString): Added PLATFORM(QT) case.

2010-05-05  Alexey Proskuryakov  <ap@apple.com>

        Roll out r58830 for breaking tests.

        Was: https://bugs.webkit.org/show_bug.cgi?id=38546
        Node.focus() fails to move focus from subframe properly

        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::setFocus):

2010-05-05  Jian Li  <jianli@chromium.org>

        Reviewed by Adam Barth.

        Implement FileReader class.
        https://bugs.webkit.org/show_bug.cgi?id=38157

        This patch only contains the implementation of FileReader class as defined
        in the File API spec: http://www.w3.org/TR/file-upload/#dfn-filereader.

        New test will be added when a IDL is exposed and the FILE_READER is turned
        on.

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/EventNames.h:
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::toFileReader):
        * dom/EventTarget.h:
        * html/FileError.h:
        (WebCore::FileError::FileError):
        * html/FileReader.cpp: Added.
        * html/FileReader.h: Added.
        * html/FileStream.cpp:
        (WebCore::FileStream::FileStream):
        (WebCore::FileStream::openForRead):
        (WebCore::FileStream::close):
        (WebCore::FileStream::read):
        * html/FileStream.h:

2010-05-05  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Maciej Stachowiak.

        REGRESSION(r57969) Image decoder is repeatedly destroyed/created in CoreGraphics-based Windows WebKit
        https://bugs.webkit.org/show_bug.cgi?id=38595

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::setData):

2010-05-05  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adele Peterson.

        https://bugs.webkit.org/show_bug.cgi?id=38546
        Node.focus() fails to move focus from subframe properly

        Test: fast/frames/take-focus-from-iframe.html

        * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::setFocus): Don't clear
        focus if this frame doesn't have it. This can happen if page's and HTMLFrameElement's ideas
        of focused frame get out of sync temporarily.

2010-05-05  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adele Peterson.

        https://bugs.webkit.org/show_bug.cgi?id=26824
        <rdar://problem/7018610> EventHandler can operate on a wrong frame if focus changes during
        keyboard event dispatch.

        EventHandler object is tied to a frame, so it's wrong for it to continue processing a keyboard
        event if focused frame changes between keydown and keypress.

        * manual-tests/focus-change-between-key-events.html: Added.

        * page/EventHandler.cpp: (WebCore::EventHandler::keyEvent): Bail out early if focused frame
        changes while dispatching keydown. Also made similar changes for Windows to maintain matching
        behavior, even though EventHandler was re-entered anyway due to WM_KEYDOWN and WM_CHAR being
        separate events.

2010-05-05  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        MediaError.h is missing PassRefPtr.h include
        https://bugs.webkit.org/show_bug.cgi?id=38575

        No new tests, build fix only.

        * html/MediaError.h:

2010-05-05  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Audits panel: Resource counters get reset when switching panels while reloading page
        https://bugs.webkit.org/show_bug.cgi?id=38579

        * inspector/front-end/AuditLauncherView.js:
        (WebInspector.AuditLauncherView.prototype.updateResourceTrackingState):
        (WebInspector.AuditLauncherView.prototype._updateResourceProgress):

2010-05-05  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: Doubleclick on line number should not trigger source editing.

        https://bugs.webkit.org/show_bug.cgi?id=38588

        * inspector/front-end/TextViewer.js:
        (WebInspector.TextViewer.prototype._handleDoubleClick):

2010-05-05  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Add support in the PasteboardHelper for images, in preparation for drag-and-drop data.

        No new tests as functionality has not changed.

        * platform/gtk/PasteboardHelper.cpp:
        (WebCore::PasteboardHelper::fillSelectionData): Add support for images here.
        (WebCore::PasteboardHelper::targetListForDataObject): Add support for images here.

2010-05-05  Stuart Morgan  <stuartmorgan@chromium.org>

        Reviewed by Darin Fisher.

        Add a "focused" parameter to Widget::setFocus, and updates Document
        so that Widget is informed of focus loss as well as focus gain.
        Changes all existing setFocus implementations so that they ignore
        the 'false' case, so no behavior is changed until individual
        platforms are updated to handle the new case (if they want to).

        https://bugs.webkit.org/show_bug.cgi?id=37961

        * dom/Document.cpp:
        (WebCore::Document::setFocusedNode):
        * platform/Widget.h:
        * platform/android/WidgetAndroid.cpp:
        (WebCore::Widget::setFocus):
        * platform/chromium/WidgetChromium.cpp:
        (WebCore::Widget::setFocus):
        * platform/efl/WidgetEfl.cpp:
        (WebCore::Widget::setFocus):
        * platform/gtk/WidgetGtk.cpp:
        (WebCore::Widget::setFocus):
        * platform/haiku/WidgetHaiku.cpp:
        (WebCore::Widget::setFocus):
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::setFocus):
        * platform/qt/WidgetQt.cpp:
        (WebCore::Widget::setFocus):
        * platform/win/WidgetWin.cpp:
        (WebCore::Widget::setFocus):
        * platform/wx/WidgetWx.cpp:
        (WebCore::Widget::setFocus):
        * plugins/PluginView.h:
        * plugins/PluginViewNone.cpp:
        (WebCore::PluginView::setFocus):
        * plugins/gtk/PluginViewGtk.cpp:
        (WebCore::PluginView::setFocus):
        * plugins/mac/PluginViewMac.cpp:
        (WebCore::PluginView::setFocus):
        * plugins/qt/PluginViewQt.cpp:
        (WebCore::PluginView::setFocus):
        * plugins/symbian/PluginViewSymbian.cpp:
        (WebCore::PluginView::setFocus):
        * plugins/win/PluginViewWin.cpp:
        (WebCore::PluginView::setFocus):

2010-05-05  Steve Block  <steveblock@google.com>

        Reviewed by Pavel Feldman.

        Move V8 ScriptDebugServer::topStackFrame() to ScriptCallStack
        https://bugs.webkit.org/show_bug.cgi?id=38531

        ScriptCallStack::create() uses ScriptDebugServer::topStackFrame(), but ScriptDebugServer
        is guarded with ENABLE(JAVASCRIPT_DEBUGGER). This prevents ScriptCallStack from being
        built on platforms that do not define ENABLE(JAVASCRIPT_DEBUGGER).

        No new tests, build fix only.

        * bindings/v8/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::callLocation):
        (WebCore::ScriptCallStack::createUtilityContext): Helper for topStackFrame, moved from ScriptDebugServer
        (WebCore::ScriptCallStack::topStackFrame): Moved from ScriptDebugServer
        * bindings/v8/ScriptCallStack.h:
        (WebCore::ScriptCallStack::utilityContext): Helper for topStackFrame, moved from ScriptDebugServer
        * bindings/v8/ScriptDebugServer.cpp:
        * bindings/v8/ScriptDebugServer.h:

2010-05-05  Csaba Osztrogonác  <ossy@webkit.org>

        Rubber-stamped by Simon Hausmann.

        [Qt] REGRESSION(r56869): WinCE build is broken
        https://bugs.webkit.org/show_bug.cgi?id=36929

        * WebCore.pro: LIBS += -lOle32 added.

2010-05-05  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Disable Qt Multimedia backend for HTML 5 Audio and Video elements

        Fall back to the Phonon backend until the release situation has been cleared up.

        * WebCore.pro:

2010-05-05  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Pavel Feldman.

        WebInspector: Clickable links to resources should be used as 'details' part for the all suitable kinds of records.
        https://bugs.webkit.org/show_bug.cgi?id=38542

        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype._innerAddRecordToTimeline):
        (WebInspector.TimelineRecordListRow):
        (WebInspector.TimelineRecordListRow.prototype.update):
        (WebInspector.TimelinePanel.FormattedRecord):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._generatePopupContent):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._getRecordDetails):
        (WebInspector.TimelinePanel.PopupContentHelper):
        (WebInspector.TimelinePanel.PopupContentHelper.prototype._createCell):
        (WebInspector.TimelinePanel.PopupContentHelper.prototype._appendTextRow):
        (WebInspector.TimelinePanel.PopupContentHelper.prototype._appendElementRow):
        (WebInspector.TimelinePanel.PopupContentHelper.prototype._appendLinkRow):

2010-05-05  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Add missing files generated by "run-bindings-test", after the DOMTestCallback.idl addition.

        * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp: Added.
        (WebKit::kit):
        (webkit_dom_test_callback_callback_with_class1param):
        (webkit_dom_test_callback_callback_with_class2param):
        (webkit_dom_test_callback_callback_with_non_bool_return_type):
        (WebKit::wrapTestCallback):
        (WebKit::core):
        (webkit_dom_test_callback_finalize):
        (webkit_dom_test_callback_set_property):
        (webkit_dom_test_callback_get_property):
        (webkit_dom_test_callback_class_init):
        (webkit_dom_test_callback_init):
        * bindings/scripts/test/GObject/WebKitDOMTestCallback.h: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestCallbackPrivate.h: Added.
        * bindings/scripts/test/ObjC/DOMTestCallback.h: Added.
        * bindings/scripts/test/ObjC/DOMTestCallback.mm: Added.
        (-[DOMTestCallback dealloc]):
        (-[DOMTestCallback finalize]):
        (-[DOMTestCallback callbackWithClass1Param:]):
        (-[DOMTestCallback callbackWithClass2Param:strArg:]):
        (-[DOMTestCallback callbackWithNonBoolReturnType:]):
        (-[DOMTestCallback customCallback:class6Param:]):
        (core):
        (kit):
        * bindings/scripts/test/ObjC/DOMTestCallbackInternal.h: Added.

2010-05-05  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Pavel Feldman.

        Web Inspector: FontView needs Cleanup
        https://bugs.webkit.org/show_bug.cgi?id=38567

        FontView was missing some of the newer practices for initialization
        that other Resource Views had. Also its width calculations could
        result in a single character wrapping. This is general cleanup.

        * inspector/front-end/FontView.js:
        (WebInspector.FontView): move initialization into contentTabSelected
        (WebInspector.FontView.prototype.contentTabSelected): handle initialization like other Resource Views
        (WebInspector.FontView.prototype.updateFontPreviewSize): use a narrower width to prevent text from widowing

2010-05-05  Dirk Schulze  <krit@webkit.org>

        Reviewed by Nikolas Zimmermann.

        SVG hit testing is *way* too slow
        https://bugs.webkit.org/show_bug.cgi?id=19312

        Use the cached stroke and fill boundaries in RenderPath as a heuristik to
        speed up SVG's hit testing.

        No new tests added.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::fillContains):
        (WebCore::RenderPath::strokeContains):

2010-05-04  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Adam Barth.

        Auto-generate all Database callbacks.
        https://bugs.webkit.org/show_bug.cgi?id=38503

        * DerivedSources.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pri:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSCustomSQLStatementCallback.cpp: Removed.
        * bindings/js/JSCustomSQLStatementCallback.h: Removed.
        * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
        (WebCore::JSSQLStatementErrorCallback::handleEvent):
        * bindings/js/JSCustomSQLStatementErrorCallback.h: Removed.
        * bindings/js/JSCustomSQLTransactionCallback.cpp: Removed.
        * bindings/js/JSCustomSQLTransactionCallback.h: Removed.
        * bindings/js/JSCustomSQLTransactionErrorCallback.cpp: Removed.
        * bindings/js/JSCustomSQLTransactionErrorCallback.h: Removed.
        * bindings/js/JSDatabaseCallback.cpp: Removed.
        * bindings/js/JSDatabaseCallback.h: Removed.
        * bindings/js/JSDatabaseCustom.cpp:
        (WebCore::JSDatabase::changeVersion):
        (WebCore::createTransaction):
        * bindings/js/JSSQLTransactionCustom.cpp:
        (WebCore::JSSQLTransaction::executeSql):
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/test/JS/JSTestCallback.cpp:
        * bindings/v8/custom/V8CustomSQLStatementCallback.cpp: Removed.
        * bindings/v8/custom/V8CustomSQLStatementCallback.h: Removed.
        * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
        (WebCore::V8SQLStatementErrorCallback::handleEvent):
        * bindings/v8/custom/V8CustomSQLStatementErrorCallback.h: Removed.
        * bindings/v8/custom/V8CustomSQLTransactionCallback.cpp: Removed.
        * bindings/v8/custom/V8CustomSQLTransactionCallback.h: Removed.
        * bindings/v8/custom/V8CustomSQLTransactionErrorCallback.cpp: Removed.
        * bindings/v8/custom/V8CustomSQLTransactionErrorCallback.h: Removed.
        * bindings/v8/custom/V8DatabaseCallback.cpp: Removed.
        * bindings/v8/custom/V8DatabaseCallback.h: Removed.
        * bindings/v8/custom/V8DatabaseCustom.cpp:
        (WebCore::V8Database::changeVersionCallback):
        (WebCore::createTransaction):
        * bindings/v8/custom/V8SQLTransactionCustom.cpp:
        (WebCore::V8SQLTransaction::executeSqlCallback):
        * storage/DatabaseCallback.h:
        * storage/DatabaseCallback.idl: Added.
        * storage/SQLStatement.cpp:
        (WebCore::SQLStatement::performCallback):
        * storage/SQLStatementCallback.h:
        * storage/SQLStatementCallback.idl: Added.
        * storage/SQLStatementErrorCallback.idl: Added.
        * storage/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverTransactionCallback):
        * storage/SQLTransactionCallback.h:
        * storage/SQLTransactionCallback.idl: Added.
        * storage/SQLTransactionErrorCallback.h:
        * storage/SQLTransactionErrorCallback.idl: Added.

2010-05-04  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Made composited iframes work on Windows
        https://bugs.webkit.org/show_bug.cgi?id=32446
        
        This completes the work in http://trac.webkit.org/changeset/57919
        to create compositing layers in the parent document when an iframe has 
        a compositing layer. The parent document has a layer for the iframe 
        element and builds a layer tree to the page root. The layer tree for the
        iframe document is then parented to the iframe element's GraphicsLayer.
        
        The RenderLayerCompositor for the iframe document (which owns the
        root of the layer tree) now has a clippingLayer which is the 
        parent of the layer tree root so it can be clipped to the parent
        iframe's bounds, taking into account borders, padding, etc. in
        the parent iframe element.
        
        I also got rid of a no longer used function: RenderLayerCompositor::parentInRootLayer

        Test: compositing/iframes/composited-parent-iframe.html

        * rendering/RenderLayerBacking.cpp:Make calls to RenderLayerCompositor to set the clipping bounds for iframe content
        * rendering/RenderLayerCompositor.cpp:Hook the iframe content to the parent iframe element
        * rendering/RenderLayerCompositor.h:

2010-05-03  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=38497
        <rdar://problem/7759438> Make sure that http URLs always have a host in SecurityOrigin

        This is a hardening fix, and behavior really depends on what an underlying networking layer
        does. So, no test.

        * page/SecurityOrigin.cpp:
        (WebCore::schemeRequiresAuthority): List schemes that need an authority for successful loading.
        (WebCore::SecurityOrigin::SecurityOrigin): Never let e.g. http origins with empty authorities
        have the same security origin.

2010-05-04  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        getFramebufferAttachmentParameter should return the original WebGLTexture/WebGLRenderbuffer instead of creating new ones sharing names.
        https://bugs.webkit.org/show_bug.cgi?id=38236

        * html/canvas/CanvasObject.h: Add type check functions.
        (WebCore::CanvasObject::isBuffer):
        (WebCore::CanvasObject::isFramebuffer):
        (WebCore::CanvasObject::isProgram):
        (WebCore::CanvasObject::isRenderbuffer):
        (WebCore::CanvasObject::isShader):
        (WebCore::CanvasObject::isTexture):
        * html/canvas/WebGLBuffer.h: Add type check functions.
        (WebCore::WebGLBuffer::isBuffer):
        * html/canvas/WebGLFramebuffer.h: Add type check functions.
        (WebCore::WebGLFramebuffer::isFramebuffer):
        * html/canvas/WebGLProgram.h: Add type check functions.
        (WebCore::WebGLProgram::isProgram):
        * html/canvas/WebGLRenderbuffer.cpp: remove constructor using existing name.
        * html/canvas/WebGLRenderbuffer.h: Add type check functions; remove constructor using existing name.
        (WebCore::WebGLRenderbuffer::isRenderbuffer):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getFramebufferAttachmentParameter): Return original Texture/Renderbuffer instead of creating new ones.
        (WebCore::WebGLRenderingContext::findTexture): Find a WebGLTexture using a name.
        (WebCore::WebGLRenderingContext::findRenderbuffer): Find a WebGLRenderbuffer using a name.
        * html/canvas/WebGLRenderingContext.h: Add find* functions.
        * html/canvas/WebGLShader.h: Add type check functions.
        (WebCore::WebGLShader::isShader):
        * html/canvas/WebGLTexture.cpp: remove constructor using existing name.
        * html/canvas/WebGLTexture.h: Add type check functions; remove constructor using existing name.
        (WebCore::WebGLTexture::isTexture):

2010-05-04  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Simon Hausmann.

        [Qt] QT_MOBILE_THEME compile time flag
        https://bugs.webkit.org/show_bug.cgi?id=38439

        Replacing preprocessor conditional used in RenderThemeQt from Q_WS_MAEMO_5 to
        USE(QT_MOBILE_THEME).

        * WebCore.pro:
        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::RenderThemeQt):
        (WebCore::RenderThemeQt::qStyle):
        (WebCore::RenderThemeQt::extraDefaultStyleSheet):
        (WebCore::RenderThemeQt::adjustMenuListButtonStyle):
        (WebCore::RenderThemeQt::setPaletteFromPageClientIfExists):
        * platform/qt/RenderThemeQt.h:

2010-05-04  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Dan Bernstein.

        SVG fonts trigger GlyphPage::fill with null font
        https://bugs.webkit.org/show_bug.cgi?id=38530

        SVG fonts do not use the glyph page cache. This change detects when
        attempting to fill a GlyphPage with an SVG font and indicates that
        the glyphs were not available.

        * platform/graphics/GlyphPageTreeNode.cpp:
        (WebCore::fill): helper method which handles attempts to fill a GlyphPage with SVG or non-SVG fonts
        (WebCore::GlyphPageTreeNode::initializePage): use the helper where appropriate

2010-05-04  Kent Tamura  <tkent@chromium.org>

        Reviewed by David Levin (and unofficially by Enrica Casucci).

        REGRESSION(r54368): Text drag-and-drop from input/textarea doesn't work
        if the text is like a URL
        https://bugs.webkit.org/show_bug.cgi?id=38374

        Since r54368, documentFragmentFromDragData() creates an <a> element
        with no anchor text for URL-like text dragged from input/textarea
        element. If such text is dropped to input/textarea element, the text
        is not inserted.
        To fix this problem, use the original text or the URL as an anchor
        text.

        Test: editing/pasteboard/drag-drop-url-text.html

        * page/DragController.cpp:
        (WebCore::documentFragmentFromDragData):

2010-05-04  Steve Block  <steveblock@google.com>

        Reviewed by Darin Adler.

        JavaInstanceJSC.cpp and JNIUtilityPrivate.cpp need to include jni_jsobject.h for jlong_to_pt() and ptr_to_jlong()
        https://bugs.webkit.org/show_bug.cgi?id=38525

        No new tests, build fix only.

        * bridge/jni/jni_jsobject.h: Guard Mac-specific code with PLATFORM(MAC)
        * bridge/jni/jsc/JNIUtilityPrivate.cpp: Include jni_jsobject.h
        * bridge/jni/jsc/JavaInstanceJSC.cpp: Include jni_jsobject.h

2010-05-04  Steve Block  <steveblock@google.com>

        Reviewed by Darin Adler.

        New FileSystemPOSIX functions cause linker errors on Android
        https://bugs.webkit.org/show_bug.cgi?id=38521

        No new tests, build fix only.

        * platform/android/FileSystemAndroid.cpp: Remove closeFile, which is provided in FileSystemPOSIX.cpp
        * platform/posix/FileSystemPOSIX.cpp: Guard writeToFile with !PLATFORM(ANDROID)

2010-05-04  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: restore main and sidebar scroller positions
        when switching between panels.

        https://bugs.webkit.org/show_bug.cgi?id=38522

        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.prototype.elementsToRestoreScrollPositionsFor):
        * inspector/front-end/Panel.js:
        (WebInspector.Panel.prototype.show):
        (WebInspector.Panel.prototype.hide):
        (WebInspector.Panel.prototype.elementsToRestoreScrollPositionsFor):
        (WebInspector.Panel.prototype._storeScrollPositions):
        (WebInspector.Panel.prototype._restoreScrollPositions):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.elementsToRestoreScrollPositionsFor):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.elementsToRestoreScrollPositionsFor):

2010-05-04  Steven Lai  <steven_lai@asia.apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37900
        <rdar://problem/7806164> cloneNode() does not preserve z-index with more than six digits 

        Tests: fast/dom/HTMLInputElement/clone-input-checked.html
               fast/dom/clone-node-z-index.html

        * dom/Element.cpp: undid the order change of calling copyNonAttributeProperties() before setAttributes()
        (WebCore::Element::cloneElementWithoutChildren): uncheck the previous radio button in the same radio button group only when the checked radio box is appended to the dom tree
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateCheckedRadioButtons):
        (WebCore::HTMLInputElement::attach):
        (WebCore::HTMLInputElement::setChecked):
        * html/HTMLInputElement.h:

2010-04-29  John Gregg  <johnnyg@google.com>

        Reviewed by Dmitry Titov.

        notifications should have dir and replaceId attributes.
        Note that tests are only enabled in Chromium, skipped elsewhere
        since notifications aren't implemented.
        https://bugs.webkit.org/show_bug.cgi?id=38336

        Tests: fast/notifications/notifications-replace.html
               fast/notifications/notifications-rtl.html

        * notifications/Notification.h:
        (WebCore::Notification::dir):
        (WebCore::Notification::setDir):
        (WebCore::Notification::replaceId):
        (WebCore::Notification::setReplaceId):
        * notifications/Notification.idl:

2010-05-04  Alejandro G. Castro  <alex@igalia.com>

        Reviewed by Xan Lopez.

        Fixed error defining the float/double minimum in the object
        properties, the smallest value of a float/double is
        -G_MAXDOUBLE/-G_MAXFLOAT.

        * bindings/scripts/CodeGeneratorGObject.pm:

2010-05-03  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Dan Bernstein.

        REGRESSION: Text clipped in absolutely positioned search inputs
        https://bugs.webkit.org/show_bug.cgi?id=38468

        Previously I incorrectly added x() and y() to the tx and ty positioning.
        This clips a search input like a text input, respecting the vertically
        centered text.

        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::layout): only the Y changes, so change setLocation to setY
        (WebCore::RenderTextControlSingleLine::controlClipRect):

2010-05-04  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: REGRESSION: Up/Down, PgUp/PgDown keys do not change numeric style properties
        https://bugs.webkit.org/show_bug.cgi?id=38516

        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylePropertyTreeElement.prototype):

2010-05-04  Ben Murdoch  <benm@google.com>

        Reviewed by Simon Hausmann.

        Crash in handleTouchEvent: using dangling node ptrs in hashmap
        https://bugs.webkit.org/show_bug.cgi?id=38514

        When navigating away from a page, if you have your finger still
        pressed and then lift it on the new page we see a crash if the
        node got deleted as we still have a dangling pointer in the
        m_originatingTouchPointTargets hashmap and try to use it as the
        receiver to dispatch a touchend event.

        Test: fast/events/touch/touch-stale-node-crash.html

        * page/EventHandler.cpp:
        (WebCore::EventHandler::clear): Clear the hashmap of touch targets.

2010-05-04  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Drawer Misbehaving when Docking / Undocking in Console Panel
        https://bugs.webkit.org/show_bug.cgi?id=38510

        * inspector/front-end/inspector.js:
        (WebInspector.set attached): resize the drawer after docking/undocking

2010-05-04  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, build fix for Symbian.

        [Symbian] Build fix after r58598. 

        Use C99 integer types for the Symbian plugin
        implementation.

        No new tests, as there is no new functionality.

        * plugins/symbian/PluginPackageSymbian.cpp:
        (WebCore::PluginPackage::NPVersion):
        * plugins/symbian/PluginViewSymbian.cpp:
        (WebCore::PluginView::handlePostReadFile):

2010-05-04  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        Split SVGCharacterLayoutInfo in smaller pieces
        https://bugs.webkit.org/show_bug.cgi?id=38513

        Split SVGCharacterLayoutInfo into SVGCharacterLayoutInfo/SVGCharacterData and SVGTextChunkLayoutInfo.
        This is a preparation for more work in the text area.

        * Android.mk: Add SVGCharacterData.(cpp|h) and SVGTextChunkLayoutInfo.h to build.
        * GNUmakefile.am: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.pro: Ditto
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * rendering/SVGCharacterData.cpp: Copied from rendering/SVGCharacterLayoutInfo.cpp.
        * rendering/SVGCharacterData.h: Copied from rendering/SVGCharacterLayoutInfo.h.
        (WebCore::SVGChar::SVGChar):
        * rendering/SVGCharacterLayoutInfo.cpp:
        (WebCore::SVGCharacterLayoutInfo::isInitialLayout): Introduced new helper function to share code between addLayoutInformation/addStackContent.
        (WebCore::SVGCharacterLayoutInfo::addLayoutInformation): Use new helper function.
        (WebCore::SVGCharacterLayoutInfo::addStackContent): Ditto
        * rendering/SVGCharacterLayoutInfo.h:
        * rendering/SVGRootInlineBox.h: Include new files.
        * rendering/SVGTextChunkLayoutInfo.h: Copied from rendering/SVGCharacterLayoutInfo.h.

2010-05-04  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Holger Freyther.

        [GTK] GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=33590

        Use helper functions from CodeGenerator.pm to figure out whether a
        type is "fundamental" or not (basically whether it's anything
        other than a string or a non-pointer type).

        * bindings/scripts/CodeGeneratorGObject.pm:

2010-04-30  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: REGRESSION: Disabled style properties are absent in Styles sidebar after WebInspector is re-opened
        https://bugs.webkit.org/show_bug.cgi?id=38255

        Moved stylesheet-related mappings into a separate object stored
        in InspectorController rather than InspectorDOMAgent (which gets reset
        on every frontend [dis]connect).

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * inspector/InspectorCSSStore.cpp: Added.
        (WebCore::InspectorCSSStore::InspectorCSSStore):
        (WebCore::InspectorCSSStore::~InspectorCSSStore):
        (WebCore::InspectorCSSStore::reset):
        * inspector/InspectorCSSStore.h: Added.
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        (WebCore::InspectorController::setFrontend):
        (WebCore::InspectorController::didCommitLoad):
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::InspectorDOMAgent):
        (WebCore::InspectorDOMAgent::discardBindings):
        (WebCore::InspectorDOMAgent::applyStyleText):
        (WebCore::InspectorDOMAgent::setStyleText):
        (WebCore::InspectorDOMAgent::setStyleProperty):
        (WebCore::InspectorDOMAgent::toggleStyleEnabled):
        (WebCore::InspectorDOMAgent::setRuleSelector):
        (WebCore::InspectorDOMAgent::addRule):
        (WebCore::InspectorDOMAgent::bindStyle):
        (WebCore::InspectorDOMAgent::bindRule):
        (WebCore::InspectorDOMAgent::buildObjectForStyle):
        (WebCore::InspectorDOMAgent::buildObjectForRule):
        * inspector/InspectorDOMAgent.h:
        (WebCore::InspectorDOMAgent::create):
        (WebCore::InspectorDOMAgent::cssStore):

2010-05-04  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Pavel Feldman.

        Display "Recording..." item when recording an user-initiated CPU profile.

        https://bugs.webkit.org/show_bug.cgi?id=38043

        * English.lproj/localizedStrings.js:
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype.addProfileHeader):
        (WebInspector.ProfilesPanel.prototype.removeProfileHeader):
        (WebInspector.ProfilesPanel.prototype.showProfile):
        * inspector/front-end/inspector.js:
        (WebInspector.setRecordingProfile):

2010-05-04  Tucker Jay  <jay.tucker@nokia.com>

        Reviewed by Holger Freyther.

        Animated GIF images does not animate 10x as expected by default.
        https://bugs.webkit.org/show_bug.cgi?id=36818

        Added test case to existing manual test to test the
        fixed functionality.

        * manual-tests/qt/qt-10loop-anim.gif: Added.
        * manual-tests/qt/qt-gif-test.html:
        * platform/graphics/qt/ImageDecoderQt.cpp:
        (WebCore::ImageDecoderQt::repetitionCount):

2010-05-04  Dirk Schulze  <krit@webkit.org>

        Unreviewed sort of XCodes project file.

        * WebCore.xcodeproj/project.pbxproj:

2010-05-03  Steven Lai  <steven_lai@asia.apple.com>

        Reviewed by Brady Eidson.

        Reverted hashchange() event back to async.
        (This change does not update HashChangeEvent to its new proposed interface)
        https://bugs.webkit.org/show_bug.cgi?id=36201
        rdar://problem/7780794
        rdar://problem/7761278 (partial fix)

        Tests: fast/loader/hashchange-event-async.html

        * dom/Document.cpp: reverted hashchange() event back to async
        (WebCore::Document::enqueueHashchangeEvent):

2010-05-03  Holger Hans Peter Freyther  <zecke@selfish.org>

        Rubber-stamped by Xan Lopez.

        [Cairo,WX] Stop leaking a FontPlatformData.
        https://bugs.webkit.org/show_bug.cgi?id=37500

        Stephan Aßmus pointed out that the pango font backend
        is leaking memory and fixed it. The WX font backend
        and the Cairo/Fontconfig backend have the same snippet
        of code and are leaking memory as well. This commit is
        fixing that.

        * platform/graphics/cairo/SimpleFontDataCairo.cpp:
        (WebCore::SimpleFontData::smallCapsFontData):
        * platform/graphics/wx/SimpleFontDataWx.cpp:
        (WebCore::SimpleFontData::smallCapsFontData):

2010-05-03  James Robinson  <jamesr@chromium.org>

        Reviewed by Eric Seidel.

        Clean up a few compiler warnings
        https://bugs.webkit.org/show_bug.cgi?id=38073

        * html/TextMetrics.h:
        (WebCore::TextMetrics::width):
        * rendering/style/StyleRareInheritedData.h:
        * rendering/style/StyleRareNonInheritedData.h:

2010-05-02  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Adam Barth.

        Add the ability to auto-generate callbacks to all code generators.
        https://bugs.webkit.org/show_bug.cgi?id=38414

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/JS/JSTestCallback.cpp: Added.
        (WebCore::JSTestCallback::JSTestCallback):
        (WebCore::JSTestCallback::~JSTestCallback):
        (WebCore::JSTestCallback::callbackWithClass1Param):
        (WebCore::JSTestCallback::callbackWithClass2Param):
        * bindings/scripts/test/JS/JSTestCallback.h: Added.
        (WebCore::JSTestCallback::create):
        * bindings/scripts/test/V8/JSTestCallback.cpp: Added.
        (WebCore::V8TestCallback::V8TestCallback):
        (WebCore::V8TestCallback::~V8TestCallback):
        (WebCore::V8TestCallback::callbackWithClass1Param):
        (WebCore::V8TestCallback::callbackWithClass2Param):
        * bindings/scripts/test/V8/V8TestCallback.h: Added.
        (WebCore::V8TestCallback::create):
        * bindings/scripts/test/TestCallback.idl: Added.

2010-05-03  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Build and use Mac's ComplexTextController to support complex text in wx.
        https://bugs.webkit.org/show_bug.cgi?id=38482

        * platform/graphics/FloatSize.h:
        * platform/graphics/GlyphBuffer.h:
        (WebCore::GlyphBuffer::advanceAt):
        (WebCore::GlyphBuffer::add):
        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::getNSFont):
        * platform/graphics/mac/ComplexTextController.cpp:
        * platform/graphics/mac/ComplexTextController.h:
        * platform/graphics/wx/FontCacheWx.cpp:
        (WebCore::FontCache::getFontDataForCharacters):
        (WebCore::FontCache::getLastResortFallbackFont):
        * platform/graphics/wx/FontPlatformData.h:
        (toCTFontRef):
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::allowsLigatures):
        * platform/graphics/wx/FontPlatformDataWx.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::cgFont):
        * platform/graphics/wx/FontPlatformDataWxMac.mm: Added.
        (WebCore::FontPlatformData::nsFont):
        (WebCore::FontPlatformData::cacheNSFont):
        * platform/graphics/wx/FontWx.cpp:
        (WebCore::Font::canReturnFallbackFontsForComplexText):
        (WebCore::Font::selectionRectForComplexText):
        (WebCore::Font::drawComplexText):
        (WebCore::Font::floatWidthForComplexText):
        (WebCore::Font::offsetForPositionForComplexText):
        * platform/graphics/wx/SimpleFontDataWx.cpp:
        (WebCore::SimpleFontData::platformInit):
        (WebCore::SimpleFontData::containsCharacters):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/wx/wxcode/fontprops.h:
        * platform/wx/wxcode/mac/carbon/fontprops.mm:
        (wxFontContainsCharacters):
        (GetTextExtent):
        * platform/wx/wxcode/mac/carbon/non-kerned-drawing.cpp:
        (WebCore::drawTextWithSpacing):
        * platform/wx/wxcode/win/fontprops.cpp:
        (wxFontContainsCharacters):
        * wscript:

2010-05-03  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        Add support for controlling clipboard access from javascript.
        Clipboard access from javascript is disabled by default.
        https://bugs.webkit.org/show_bug.cgi?id=27751

        Test: editing/execCommand/clipboard-access.html

        * WebCore.base.exp:
        * editing/EditorCommand.cpp:
        (WebCore::supportedCopyCut):
        (WebCore::supportedPaste):
        (WebCore::createCommandMap):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setJavaScriptCanAccessClipboard):
        * page/Settings.h:
        (WebCore::Settings::javaScriptCanAccessClipboard):

2010-05-03  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=38285
        <rdar://problem/7903453> REGRESSION: Javascript command window.open does not work in empty tab

        Cannot be tested, because new windows created in DRT always have an opener, and thus inherit
        its security origin. Only new windows and tabs created by browser chrome had this problem.

        * loader/FrameLoader.cpp: (WebCore::FrameLoader::init): Moved updateSandboxFlags() call to
        the beginning, so that an initial document would get correct flags.

2010-05-03  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Darin Adler.

        WebGL compile issue.
        Added ExceptionCode.h to JSWebGLArrayBufferConstructor.cpp, for some reason it was missing.
        https://bugs.webkit.org/show_bug.cgi?id=38453

        No new tests: compile fix.

        * bindings/js/JSWebGLArrayBufferConstructor.cpp:

2010-05-03  Eric Seidel  <eric@webkit.org>

        Unreviewed, rolling out r58685.
        http://trac.webkit.org/changeset/58685
        https://bugs.webkit.org/show_bug.cgi?id=38461

        Broke a test on Gtk

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::updateStates):

2010-05-03  Yael Aharon  <yael.aharon@nokia.com>

        Reviewed by Darin Adler.

        Use HTML5 number parsing in HTMLProgressElement
        https://bugs.webkit.org/show_bug.cgi?id=38434

        Use parseToDoubleForNumberType instead of toDouble.
        Throw an exception when the number is NaN or Infinity.

        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::value):
        (WebCore::HTMLProgressElement::setValue):
        (WebCore::HTMLProgressElement::max):
        (WebCore::HTMLProgressElement::setMax):
        * html/HTMLProgressElement.h:
        * html/HTMLProgressElement.idl:

2010-05-03  Jens Alfke  <snej@chromium.org>

        Reviewed by Darin Fisher.

        [chromium] Add "willSendSubmitEvent" hook to WebFrameClient and FrameLoaderClient
        https://bugs.webkit.org/show_bug.cgi?id=38397

        No tests (functionality is exposed only through native WebKit API.)

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::prepareSubmit):  Call frame loader's dispatchWillSendSubmitEvent
        * loader/EmptyClients.h:
        * loader/FrameLoaderClient.h:
        (WebCore::FrameLoaderClient::dispatchWillSendSubmitEvent):  New empty method

2010-05-03  Philippe Normand  <pnormand@igalia.com>

        Reviewed by Eric Carlson.

        [GStreamer] forgotten call to durationChanged in updateStates()
        https://bugs.webkit.org/show_bug.cgi?id=38461

        Notify MediaPlayer if duration is known after playback started.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::updateStates):

2010-05-03  Ryuan Choi  <ryuan.choi@gmail.com>

        Reviewed by Darin Adler.

        fixing build break due to clearWatch() when Geolocation feature is
        disabled.

        https://bugs.webkit.org/show_bug.cgi?id=38091

        no test because this is a build fix only

        * page/Geolocation.cpp:
        (WebCore::Geolocation::clearWatch):

2010-05-03  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by Holger Freyther.

        [Gtk] Fix leaking the FontPlatformData instance used to create the the
        small caps font data.
        https://bugs.webkit.org/show_bug.cgi?id=37500

        No new tests needed.

        * platform/graphics/gtk/SimpleFontDataPango.cpp:
        (WebCore::SimpleFontData::smallCapsFontData):
            - Use a stack allocated FontPlatformData instead of a heap allocated
              one that is never freed.

2010-05-03  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>

        Reviewed by Simon Hausmann.

        [Qt] GraphicsLayer: support webGL
        https://bugs.webkit.org/show_bug.cgi?id=35388

        Added support GraphicsContext3D to GraphicsLayer.
        Added paint method to GraphicsContext3D for Qt platform that
        uses drawTexture() when QGLWidget is used as viewport of
        QGraphicsWebView.
        Fine-tuned texture and handling and image to texture conversion to
        work also when drawTexture() blitting is used.

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3DInternal::GraphicsContext3DInternal):
        (WebCore::GraphicsContext3D::beginPaint):
        (WebCore::GraphicsContext3D::paint):
        (WebCore::GraphicsContext3D::texImage2D):
        (WebCore::GraphicsContext3D::texSubImage2D):
        (WebCore::GraphicsContext3D::getImageData):
        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::GraphicsLayerQtImpl::):
        (WebCore::GraphicsLayerQtImpl::GraphicsLayerQtImpl):
        (WebCore::GraphicsLayerQtImpl::paint):
        (WebCore::GraphicsLayerQtImpl::flushChanges):
        (WebCore::GraphicsLayerQt::setContentsToGraphicsContext3D):
        (WebCore::GraphicsLayerQt::setGraphicsContext3DNeedsDisplay):
        * platform/graphics/qt/GraphicsLayerQt.h:

2010-05-03  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix qtlibraryinfix not to contain space

        List catenation with += adds whitespace cutting the infix
        from the final target.

        * WebCore.pro:

2010-05-03  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix rendering of <button> elements on Mac OS X

        The <button> element has ButtonPart appearance, not PushButton part,
        so we have to include ButtonPart when we decide if we should draw the
        button as raised on Mac OS X.

        https://bugs.webkit.org/show_bug.cgi?id=38458

        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::initializeCommonQStyleOptions):

2010-04-30  Philippe Normand  <pnormand@igalia.com>

        Reviewed by Eric Seidel.

        [GStreamer] endless loop after playback ended
        https://bugs.webkit.org/show_bug.cgi?id=38384

        At playback end ensure duration() will return a valid duration if
        we managed to calculate it based on current position.

        Test: media/video-duration-known-after-eos.html

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::didEnd):

2010-05-03  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        [Qt] Fix build break on Mac OS X

        * plugins/mac/PluginPackageMac.cpp: Use correct type
        * WebCore.pro: Remove duplicate symbol, we now have a Qt implementation

2010-05-03  Thomas Zander <t.zander@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix library infix usage when compiling inside of Qt

        Don't apply the infix when building inside Qt, as that's done through the
        inclusion of qbase.pri.

        * WebCore.pro:

2010-05-02  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        Another case of <rdar://problem/7552959> REGRESSION: Infinite recursion in Position::getInlineBoxAndOffset()
        https://bugs.webkit.org/show_bug.cgi?id=38445

        Test: editing/selection/mixed-editability-11.html

        * dom/Position.cpp:
        (WebCore::downstreamIgnoringEditingBoundaries): Added. Returns the furthest visually equivalent
        position downstream, crossing any editability boundaries.
        (WebCore::upstreamIgnoringEditingBoundaries): Similarly for upstream.
        (WebCore::Position::getInlineBoxAndOffset): Changed the logic for finding an inline box for positions
        whose node is a block flow. Instead of traversing the DOM, advance downstream or upstream as far as
        possible, crossing any editability boudaries. Infinite recursion is avoided by advancing all the way
        and checking that the new position is different from the starting position. Also replaced the specific
        test for buttons with the generic and more comprehensive canHaveChildrenForEditing().

2010-05-02  Tasuku Suzuki  <tasuku.suzuki@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix compilation with QT_NO_BEARERMANAGEMENT
        https://bugs.webkit.org/show_bug.cgi?id=38324

        * platform/network/NetworkStateNotifier.h:
        * platform/network/qt/NetworkStateNotifierQt.cpp:

2010-04-29  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        [Qt] QtWebKit versioning added
        https://bugs.webkit.org/show_bug.cgi?id=37207

        QtWebkit releases separated from Qt release cycle.

        * WebCore.pro:

2010-05-02  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Old Style trimWhitespace() should be trim()
        https://bugs.webkit.org/show_bug.cgi?id=38441

        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype._evalSelectionInCallFrame):

2010-05-02  Tasuku Suzuki  <tasuku.suzuki@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix compilation with QT_NO_LINEEDIT
        https://bugs.webkit.org/show_bug.cgi?id=38324

        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::~RenderThemeQt):
        (WebCore::RenderThemeQt::findFrameLineWidth):

2010-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Not reviewed: Touch inspector controller to kick windows tests.

        * inspector/InspectorController.cpp:

2010-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: IMG nodes are being added to the DOM tree late, sometimes hiding the revealed element.

        https://bugs.webkit.org/show_bug.cgi?id=38432

        * inspector/front-end/ElementsTreeOutline.js:
        (WebInspector.ElementsTreeOutline.prototype._onmousemove):
        (WebInspector.ElementsTreeElement.prototype._createTooltipForNode.setTooltip):
        (WebInspector.ElementsTreeElement.prototype._createTooltipForNode):
        (WebInspector.ElementsTreeElement.prototype.updateTitle):
        (WebInspector.ElementsTreeElement.prototype._attributeHTML):
        ():

2010-05-02  Dirk Schulze  <krit@webkit.org>

        Reviewed by Nikolas Zimmermann.

        SVG hkern implementation incomplete
        https://bugs.webkit.org/show_bug.cgi?id=38407

        Test: svg/text/text-hkern.svg

        The current SVG hkern implementation is incomplete and partly wrong. We pass the ACID3 test
        by accident.
        The new implementation supports all glyph and unicode combinations that are allowed by the Spec
        and fixes various of bugs. The parser moved from SVGFontElement to the general parsing code in
        SVGParserUtilities.
        Some clean-up makes the code more readable and reuseable for the upcoming vkern implementation.
        hkern support for text on path is missing and will be added by a following patch.
        Unicode strings of hkern elements are just parsed once and not on every glyph again anymore.

        * rendering/SVGRootInlineBox.cpp:
        (WebCore::calculateCSSKerning):
        (WebCore::applySVGKerning):
        (WebCore::SVGRootInlineBox::buildLayoutInformationForTextBox):
        * svg/SVGFontElement.cpp:
        (WebCore::stringMatchesUnicodeRange):
        (WebCore::stringMatchesGlyphName):
        (WebCore::matches):
        (WebCore::SVGFontElement::getHorizontalKerningPairForStringsAndGlyphs):
        * svg/SVGFontElement.h:
        * svg/SVGHKernElement.cpp:
        (WebCore::SVGHKernElement::buildHorizontalKerningPair):
        * svg/SVGHKernElement.h:
        * svg/SVGParserUtilities.cpp:
        (WebCore::parseGlyphName):
        (WebCore::parseUnicodeRange):
        (WebCore::parseKerningUnicodeString):
        * svg/SVGParserUtilities.h:

2010-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: debugger shortcuts are processed twice if source frame has focus.

        https://bugs.webkit.org/show_bug.cgi?id=38431

        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame):
        (WebInspector.SourceFrame.prototype._createViewerIfNeeded):

2010-05-02  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>

        Reviewed by Eric Seidel.

        [Qt] Build error in GraphicsContext3DQt.cpp
        https://bugs.webkit.org/show_bug.cgi?id=38382

        Removed duplicate implementation of isGLES2Compliant from
        GraphicsContext3DQt.cpp. Removed deprecated API stuff for
        texImage2D/texSubImage2D.
        * platform/graphics/qt/GraphicsContext3DQt.cpp:

2010-05-02  Garret Kelly  <gdk@chromium.org>

        Reviewed by David Levin.

        Make the Touch RuntimeEnabledFeature disabled by default.
        https://bugs.webkit.org/show_bug.cgi?id=38392

        * bindings/generic/RuntimeEnabledFeatures.cpp: Disable the Touch feature by default.

2010-05-02  Michael Nordman  <michaeln@google.com>

        Reviewed by Dmitry Titov.

        Define two new ResourceRequestBase TargetTypes for worker and shared worker
        main resources. Use the new target types where appropiate. Add logic to marshal
        the target type specified by requests initiated on a background worker thread.

        https://bugs.webkit.org/show_bug.cgi?id=38295

        No new tests. This doesn't have script visible artifacts.

        * platform/network/ResourceRequestBase.cpp: marshal the values
        (WebCore::ResourceRequestBase::adopt):
        (WebCore::ResourceRequestBase::copyData):
        * platform/network/ResourceRequestBase.h:  define the types
        (WebCore::ResourceRequestBase::):
        * workers/DefaultSharedWorkerRepository.cpp: use TargetIsSharedWorker
        (WebCore::SharedWorkerScriptLoader::load):
        * workers/Worker.cpp: use TargetIsWorker
        (WebCore::Worker::Worker):
        * workers/WorkerContext.cpp: use TargetIsScript for importScripts
        (WebCore::WorkerContext::importScripts):
        * workers/WorkerScriptLoader.cpp: add a data member for the target type
        (WebCore::WorkerScriptLoader::WorkerScriptLoader):
        (WebCore::WorkerScriptLoader::createResourceRequest):
        * workers/WorkerScriptLoader.h:

2010-05-02  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Adele Peterson.

        Webkit doesn't compile with 3D-canvas enabled and video disabled
        https://bugs.webkit.org/show_bug.cgi?id=38297

        Added a #ifdef ENABLE(VIDEO) to WebGL code

        No new tests: compile fix.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::JSWebGLRenderingContext::texImage2D):
        (WebCore::JSWebGLRenderingContext::texSubImage2D):

2010-05-01  Evan Stade  <estade@chromium.org>

        Reviewed by David Levin.

        [chromium] Skia needs to fade DragImages
        https://bugs.webkit.org/show_bug.cgi?id=38008

        tested by DragImageTest

        * platform/chromium/DragImageChromiumSkia.cpp:
        (WebCore::dissolveDragImageToFraction):implement
        (WebCore::createDragImageFromImage):deep copy instead of shallow

2010-05-01  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Sam Weinig.

        REGRESSION (r58273): Visited links do not change color immediately when Cmd-clicked
        https://bugs.webkit.org/show_bug.cgi?id=38422
        <rdar://problem/7921778>

        Tests:
            manual-tests/visited-link-new-window.html

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::initElement): Only cache the visited link state
        when invoked as part of a helper call to styleForElement or pseudoStyleForElement,
        to avoid caching the visited link state beyond the scope of a single style lookup.
        (WebCore::CSSStyleSelector::styleForElement): Adjust for above change.
        (WebCore::CSSStyleSelector::pseudoStyleForElement): Adjust for above change.
        * css/CSSStyleSelector.h:
        (WebCore::CSSStyleSelector::styleForElement): Change so "visited link helper mode"
        can't accidentally be called from outside CSSStyleSelector itself.
        (WebCore::CSSStyleSelector::pseudoStyleForElement): ditto
        * manual-tests/visited-link-new-window.html: Added. I could not figure out any way
        to make an automated test that supports visited link coloring.

2010-05-01  Yael Aharon  <yael.aharon@nokia.com>

        Reviewed by Darin Adler.

        Move number parsing code out of HTMLInputElement.
        https://bugs.webkit.org/show_bug.cgi?id=38203

        The numebr parsing code follows HTML5 parsing rules and should be available outside of HTMLInputElement.
        No new tests as no new functionality was introduced.

        * html/HTMLInputElement.cpp:
        * html/HTMLInputElement.h:
        * html/HTMLParser.cpp:
        (WebCore::serializeForNumberType):
        (WebCore::parseToDoubleForNumberType):
        * html/HTMLParser.h:
        * html/StepRange.cpp:
        (WebCore::StepRange::clampValue):
        (WebCore::StepRange::valueFromElement):
        * html/ValidityState.cpp:
        (WebCore::ValidityState::typeMismatch):
        * rendering/RenderSlider.cpp:
        (WebCore::RenderSlider::setValueForPosition):

2010-05-01  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Oliver Hunt.

        [GTK] GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=33590

        Unify more logic to skip functions into SkipFunction, and
        whitelist the two [Custom] methods in HTMLCollection.idl.

        * bindings/scripts/CodeGeneratorGObject.pm:

2010-05-01  Robert Hogan  <robert@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Add smart paste support

        https://bugs.webkit.org/show_bug.cgi?id=38136

        * WebCore.pro:
        * editing/qt/SmartReplaceQt.cpp: Added.
        (WebCore::isCharacterSmartReplaceExempt):
        * platform/qt/PasteboardQt.cpp:
        (WebCore::Pasteboard::writeSelection):
        (WebCore::Pasteboard::canSmartReplace):

2010-04-30  Yoshiki Hayashi  <yhayashi@google.com>

        Reviewed by Shinichiro Hamaji.

        https://bugs.webkit.org/show_bug.cgi?id=38249
        
        Fixes an issue where border height and padding height are ignored when computing vertically shrinking flexbox's height.

        Test: fast/flexbox/child-flexing.html

        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::allowedChildFlex):

2010-04-30  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler.

        Add layoutTestController.setPrinting()
        https://bugs.webkit.org/show_bug.cgi?id=37203

        Use the renderer's width insteead of screen's width as the width of
        a screen depends on machines.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::externalRepresentation):

2010-04-30  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Missing INSPECTOR Guard in Console::lastWMLErrorMessage
        https://bugs.webkit.org/show_bug.cgi?id=38366

        Console::lastWMLErrorMessage is only available if WML is enabled, however
        its implementation only makes sense as long as INSPECTOR is enabled
        as well. So this adds the ENABLE(INSPECTOR) guard in the function. A
        browser without ENABLE(INSPECTOR) will always get an empty result.

        * page/Console.cpp:

2010-04-28  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Oliver Hunt.

        REGRESSION(r58313): Regression evident in pixel tests: the search icon is always clipped at the bottom.
        https://bugs.webkit.org/show_bug.cgi?id=38253

        Test: fast/css/input-search-padding.html

        An <input type="search"> contains an inner block, which is explicitly
        centered in RenderTextControlSingleLine based on the height of the element.
        However, the clipping rect was not using the set location, and instead
        calculated off of the top border and padding alone. This also vertically
        centers the Caps Lock indicator.

        * rendering/RenderTextControl.cpp: moved controlClipRect implementation to RenderTextControlSingleLine
        * rendering/RenderTextControl.h: allow a subclass implementation of controlClipRect, removed redundant hasControlClip implementation, and moved controlClipRect
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::paint): vertically center the Caps Lock indicator
        (WebCore::RenderTextControlSingleLine::controlClipRect): use the set location of the anonymous inner block instead
        * rendering/RenderTextControlSingleLine.h: allow for an implementation of controlClipRect for <input type="search">

2010-04-30  Jon Honeycutt  <jhoneycutt@apple.com>

        Caret may fail to blink if a focus handler brings up a modal dialog 
        https://bugs.webkit.org/show_bug.cgi?id=38372

        Reviewed by Darin Adler.

        * manual-tests/onfocus-alert-blinking-caret.html: Added.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMousePressEvent):
        Moved the call to setCaretBlinkingSuspended() from here...
        (WebCore::EventHandler::handleMousePressEvent):
        ... to here. This makes us suspend caret blinking before dispatching the
        mouse down event. If dispatching the mouse down event allows the message
        loop to run, we want mouse up events received in that message loop to be
        able to resume caret blinking.
        (WebCore::EventHandler::lostMouseCapture):
        We've lost mouse capture and won't be notified of mouse up events;
        resume caret blinking.

        * page/EventHandler.h:
        Declare lostMouseCapture().

2010-04-30  Dimitri Glazkov  <dglazkov@chromium.org>

        Unreviewed, build fix.

        [Chromium] Added a simple IdentifierRep struct and removed dependency on
        IdentifierRep.h.

        * bindings/v8/V8NPObject.cpp: Added simple IdentifierRep struct.

2010-04-30  Dimitri Glazkov  <dglazkov@chromium.org>

        Unreviewed, build fix.

        [Chromium] Remove bridge/ from include paths.

        * WebCore.gyp/WebCore.gyp: Removed bridge/ from include path.

2010-04-30  Abhishek Arya  <inferno@chromium.org>

        Reviewed by David Kilzer.

        Convert m_documentUnderMouse, m_dragInitiator to RefPtr.
        Eliminated unused m_dragInitiator accessor to prevent dereferencing.
        https://bugs.webkit.org/show_bug.cgi?id=37618

        Test: editing/pasteboard/drag-drop-iframe-refresh-crash.html

        * page/DragController.cpp:
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):
        * page/DragController.h:
        (WebCore::DragController::draggingImageURL):
        (WebCore::DragController::documentUnderMouse):

2010-04-29  James Robinson  <jamesr@chromium.org>

        Reviewed by Simon Fraser.

        Calls FrameView::scrollPositionChanged whenever a ScrollView is scrolled
        https://bugs.webkit.org/show_bug.cgi?id=38286

        When a ScrollView's  scroll position is changed, we have to call
        FrameView::scrollPositionChanged to generate repaint invalidation for
        fixed position elements.  This ends up getting called indirectly when
        the ScrollView has a platformWidget through the port layer
        (see WebHTMLView.mm's _frameOrBoundsChanged method for how the mac
        port does it) but not when there is no platformWidget.

        This is tested by the fast/repaint/fixed-* tests when run in pixel
        mode.

        Test: fast/repaint/fixed-move-after-keyboard-scroll.html

        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::valueChanged):
        * platform/ScrollView.h:
        (WebCore::ScrollView::scrollPositionChanged):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Reviewed by Darin Adler.

        Use C99 integer types in more places.

        * manual-tests/NPN_Invoke/main.c:
        (NPP_New):
        (NPP_NewStream):
        (NPP_WriteReady):
        (NPP_Write):
        (NPP_HandleEvent):
        (functionPointerForTVector):
        * plugins/mac/PluginViewMac.cpp:
        (WebCore::PluginView::platformGetValueStatic):
        (WebCore::PluginView::handlePostReadFile):

2010-04-30  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt.

        Remove unused scrollRectIntoViewRecursively function
        https://bugs.webkit.org/show_bug.cgi?id=38403

        * page/Chrome.cpp:
        (WebCore::Chrome::scrollRectIntoView): Moved comment here that was previously
        in the scrollRectIntoViewRecursively function.

        * platform/ScrollView.cpp: Get rid scrollRectIntoViewRecursively.
        * platform/ScrollView.h: Ditto. Fix comment that refers to the two functions.
        Also correct all uses of the term "method" to use the C++ term "function" and
        got rid of double spaces after periods.

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Another Qt build fix.

        * plugins/qt/PluginViewQt.cpp:
        (WebCore::PluginView::platformGetValueStatic):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Add back TRUE, FALSE and NULL macros. They were not meant to be removed!

        * bridge/npapi.h:

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Try to fix the Qt build this time.

        * plugins/qt/PluginPackageQt.cpp:
        (WebCore::staticPluginQuirkRequiresGtkToolKit_NPN_GetValue):
        (WebCore::PluginPackage::NPVersion):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Yet another build fix.

        * plugins/gtk/PluginPackageGtk.cpp:
        (WebCore::PluginPackage::NPVersion):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Fix build.

        * bridge/npapi.h:

2010-04-30  Jian Li  <jianli@chromium.org>

        Reviewed by Darin Fisher.

        [chromium] Add WebFileSystem interface and hook up with all FileSystem methods.
        https://bugs.webkit.org/show_bug.cgi?id=38228

        * platform/chromium/ChromiumBridge.h:
        * platform/chromium/FileSystemChromium.cpp:
        (WebCore::openFile):
        (WebCore::closeFile):
        (WebCore::seekFile):
        (WebCore::truncateFile):
        (WebCore::readFromFile):
        (WebCore::writeToFile):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Reviewed by Dan Bernstein.

        Final part of 
        
        https://bugs.webkit.org/show_bug.cgi?id=20784
        move npapi.h to C99 integer types

        * bridge/npapi.h:
        Remove the old types.

2010-04-30  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r58569.
        http://trac.webkit.org/changeset/58569
        https://bugs.webkit.org/show_bug.cgi?id=38399

        This broke the GTK bots due to bad GC behavior (Requested by
        ericu on #webkit).

        * bindings/js/JSWorkerContextCustom.cpp:
        * bindings/v8/custom/V8WorkerContextCustom.cpp:
        * storage/Database.idl:
        * storage/SQLError.idl:
        * storage/SQLResultSet.idl:
        * storage/SQLResultSetRowList.idl:
        * storage/SQLTransaction.idl:
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::openDatabase):
        * workers/WorkerContext.h:
        (WebCore::WorkerContext::databaseExceededQuota):
        * workers/WorkerContext.idl:

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Fix GTK+ build.

        * plugins/gtk/PluginViewGtk.cpp:
        (WebCore::PluginView::handlePostReadFile):
        (WebCore::PluginView::platformGetValueStatic):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Fix Qt build.

        * plugins/qt/PluginViewQt.cpp:
        (WebCore::PluginView::handlePostReadFile):
        (WebCore::PluginView::platformGetValue):

2010-04-30  Anders Carlsson  <andersca@apple.com>

        Reviewed by Timothy Hatcher.

        Next step towards fixing
        
        https://bugs.webkit.org/show_bug.cgi?id=20784
        move npapi.h to C99 integer types

        Use the C99 types everywhere. The "old" types are still around but will be removed
        in a subsequent commit.

        * bridge/npapi.h:
        (_NPCocoaEvent::):
        * plugins/PluginPackage.h:
        * plugins/PluginStream.cpp:
        (WebCore::PluginStream::deliverData):
        * plugins/PluginStream.h:
        * plugins/PluginView.cpp:
        (WebCore::PluginView::postURLNotify):
        (WebCore::PluginView::postURL):
        (WebCore::PluginView::write):
        (WebCore::PluginView::handlePost):
        * plugins/PluginView.h:
        * plugins/PluginViewNone.cpp:
        (WebCore::PluginView::handlePostReadFile):
        * plugins/npapi.cpp:
        (NPN_MemAlloc):
        (NPN_MemFlush):
        (NPN_PostURLNotify):
        (NPN_PostURL):
        (NPN_Write):
        * plugins/npfunctions.h:
        * plugins/win/PluginPackageWin.cpp:
        (WebCore::PluginPackage::NPVersion):
        * plugins/win/PluginViewWin.cpp:
        (WebCore::PluginView::handlePostReadFile):

2010-04-30  Peter Kasting  <pkasting@google.com>

        Reviewed by David Levin.

        Make all image decoders set the "failed" bit if an image could not be
        completely decoded, but no more data is coming.  The ICO and BMP
        decoders already did this.
        https://bugs.webkit.org/show_bug.cgi?id=35411

        "Failed" does not cause the image to not be displayed, it simply causes
        us to not bother to try to decode again if future requests are made, and
        for some decoders, lets the decoder clean up some of its temporary
        objects.

        No layout tests because this does not change the visible output of decoding in any way.

        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::frameComplete): Return whether the frame could be marked as complete.
        (WebCore::GIFImageDecoder::decode): Fail if read() needs more data (and thus returns false) and no more is coming.
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/gif/GIFImageReader.cpp:
        (GIFImageReader::do_lzw): Instead of returning true for buffer underrun and false for failure, return false for both and set the failure flag on failure.
        (GIFImageReader::read): Ditto.
        * platform/image-decoders/gif/GIFImageReader.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::):
        (WebCore::JPEGImageReader::decode): See do_lzw() comment above.
        (WebCore::JPEGImageDecoder::decode): Fail if decode() needs more data (and thus returns false) and no more is coming.
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::decode): Return true for decode success, false for buffer underrun or decode failure, and set the failure flag on decode failure.
        (WebCore::PNGImageDecoder::decode): See JPEGImageDecoder::decode() comment above.
        * platform/image-decoders/png/PNGImageDecoder.h:

2010-04-30  Brady Eidson  <beidson@apple.com>

        Reviewed by Eric Carlson.

        <rdar://problem/7902467> - Audio plays upon loading of npr.org but shouldn't

        No new tests. (Currently no way to test such site specific hack behavior)

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::asyncEventTimerFired): If the event to be dispatched is the canplay
          event, wrap the dispatch with m_dispatchingCanPlayEvent set.
        (WebCore::HTMLMediaElement::play): If m_dispatchingCanPlayEvent is true and the site is npr.org, 
          don't perform the play().
        * html/HTMLMediaElement.h: Add m_dispatchingCanPlayEvent member.

2010-04-30  Dan Bernstein  <mitz@apple.com>

        Reviewed by Adele Peterson.

        Part of <rdar://problem/6649734> Text repainting does not account for glyphs which draw outside the typographic bounds of the font
        https://bugs.webkit.org/show_bug.cgi?id=6274

        Account for glyph overflow of characters in the range U+1E00..U+2000, but without sending them
        through the complex text code path. Instead, introduce a variant of the fast path that tracks
        glyph overflow.

        * platform/graphics/Font.cpp:
        (WebCore::Font::drawText): Use codePath().
        (WebCore::Font::floatWidth): Use codePath(). Pass the GlyphOverflow pointer through to
        floatWidthForSimpleText() if the code path is SimpleWithGlyphOverflow.
        (WebCore::Font::selectionRectForText): Use codePath().
        (WebCore::Font::offsetForPosition): Ditto.
        * platform/graphics/Font.h: Replaced canUseGlyphCache() with codePath(). Added a GlyphOverflow
        parameter to floatWidthForSimpleText().
        * platform/graphics/FontFastPath.cpp:
        Removed ROMAN_AND_GREEK_DIACRITICS_CAN_USE_GLYPH_CACHE.
        (WebCore::Font::codePath): Renamed canUseGlyphCache() to this. Where it used to return false,
        it now returns Complex. Where it used to return true, it now returns Simple, except for
        the range U+1E00..U+2000, where it now returns SimpleWithGlyphOverflow.
        (WebCore::Font::floatWidthForSimpleText): Added a GlyphOverflow parameter. If not 0, have the
        width iterator account for glyph bounds, then update the GlyphOverflow accordingly.
        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::WidthIterator): Added boolean parameter telling the width iterator
        whether to account for glyph bounds. Initialize m_accountForGlyphBounds accordingly. Initialize
        m_maxGlyphBoundingBoxY, m_minGlyphBoundingBoxY, m_firstGlyphOverflow and m_lastGlyphOverflow.
        (WebCore::WidthIterator::advance): If accounting for glyph bounds, update the above member variables.
        * platform/graphics/WidthIterator.h:
        (WebCore::WidthIterator::maxGlyphBoundingBoxY): Added this accessor.
        (WebCore::WidthIterator::minGlyphBoundingBoxY): Ditto.
        (WebCore::WidthIterator::firstGlyphOverflow): Ditto.
        (WebCore::WidthIterator::lastGlyphOverflow): Ditto.

2010-04-30  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Reversed the order of the CSSMatrix.multiply method
        https://bugs.webkit.org/show_bug.cgi?id=38337

        Test: transforms/svg-vs-css.xhtml

        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::multiply):
        * platform/graphics/transforms/TransformationMatrix.cpp:

2010-04-30  Kevin Ollivier  <kevino@theolliviers.com>

        Unreviewed. Attempt to fix the Chromium Mac build after the last commit.

        * WebCore.gypi:

2010-04-30  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Dan Bernstein.

        Allow other ports to compile ATSUI and CoreText functions in SimpleFontData for Mac.
        https://bugs.webkit.org/show_bug.cgi?id=38334

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/mac/SimpleFontDataATSUI.mm: Copied from WebCore/platform/graphics/mac/SimpleFontDataMac.mm.
        * platform/graphics/mac/SimpleFontDataCoreText.cpp: Copied from WebCore/platform/graphics/mac/SimpleFontDataMac.mm.
        * platform/graphics/mac/SimpleFontDataMac.mm:

2010-04-30  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Simon Fraser.

        SHOULD NEVER BE REACHED assertion loading forbes.com
        https://bugs.webkit.org/show_bug.cgi?id=38272

        Ignore page media related pseudo classes.

        Test: printing/pseudo-class-outside-page.html

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector):

2010-04-30  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, build fix.

        Fix compiler warning "suggest parentheses around"

        No new tests as there is no new functionality.

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateFromAndToValues):

2010-04-30  Kent Tamura  <tkent@chromium.org>

        Unreviewed. Regression fix.

        Revert a part of r58564 to be compatible with prior behavior
        https://bugs.webkit.org/show_bug.cgi?id=38383

        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::forwardEvent):
         r58564 made a region check for the cancel button stricter, but it
         made some tests failing on Chromium. So, relax the check again.

2010-04-29  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Darin Fisher.

        Change StorageEvent.uri to StorageEvent.url to match the spec
        https://bugs.webkit.org/show_bug.cgi?id=38331

        As I mentioned in http://www.mail-archive.com/public-webapps@w3.org/msg08495.html
        WebKit is the only one who places the document's URL in a 'uri' property
        rather than a 'url' property.  Even though we've shipped several versions of
        browsers with the old name, we probably should change this to comply with the
        spec.

        This stuff is covered by existing tests.

        * storage/StorageEvent.cpp:
        (WebCore::StorageEvent::create):
        (WebCore::StorageEvent::StorageEvent):
        (WebCore::StorageEvent::initStorageEvent):
        * storage/StorageEvent.h:
        (WebCore::StorageEvent::url):
        * storage/StorageEvent.idl:

2010-04-30  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        REGRESSION: RenderPath does not handle repaints correctly anymore if bounds changed
        https://bugs.webkit.org/show_bug.cgi?id=38385

        The last SVG performance patch broke repainting if bounds of a RenderPath get smaller.
        It would only repaint the smaller part, not the original larger bounds.

        Remove all lazy calculation of the repaint rects, instead calculate object/strokeBoundingBox and repaintRectInLocalCoordinates
        once in layout - after LayoutRepainter grabbed the initial bounds, before calling repaintAfterLayout(). We can now inline
        all these functions, and save a lot of m_path.isEmpty() checks, which are expensive. No need to store a seperated markerBoundingBox(),
        combine with strokeBoundingBox() -> save one FloatRect per RenderPath. Move strokeBoundingBox() from SVGRenderBase to RenderObject,
        right next to objectBoundingBox() - to save unnecessary toSVGRenderBase() calls. Completly remove this method.

        Overall this is a regression fix, a performance improvement and saves memory. Something for everyone.

        Tests: svg/custom/repaint-stroke-width-changes.svg

        * rendering/RenderObject.cpp: Added strokeBoundingBox() here, to avoid the toSVGRenderBase() dance.
        (WebCore::RenderObject::strokeBoundingBox):
        * rendering/RenderObject.h: Ditto.
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::RenderPath):
        (WebCore::RenderPath::layout): Fix regression, do repainting correctly, by recalculating the boundaries, if needed, instead of nulling them.
        (WebCore::RenderPath::paint): Cache SVGRenderStyle in local variable, remove no longer valid FIXME.
        (WebCore::RenderPath::calculateMarkerBoundsIfNeeded): Return a FloatRect, to avoid having to store the marker bounding box seperated.
        (WebCore::RenderPath::styleWillChange): Mark boundaries as dirty.
        (WebCore::RenderPath::updateCachedBoundaries): New function to (re-)calculate all cached boundaries, only called from layout().
        * rendering/RenderPath.h: Rename cached rect variables to have more sensible names.
        (WebCore::RenderPath::objectBoundingBox): Inlined, just returns the cached value - no more lazy creation. Huge speedup as this is hot code.
        (WebCore::RenderPath::strokeBoundingBox): Ditto.
        (WebCore::RenderPath::repaintRectInLocalCoordinates): Ditto.
        * rendering/RenderSVGBlock.h: Remove toSVGRenderBase() method.
        * rendering/RenderSVGImage.h: Ditto.
        * rendering/RenderSVGInline.cpp: No need to call toSVGRenderBase() just to get the strokeBoundingBox(). Unifies code to retrieve bounding boxes.
        (WebCore::RenderSVGInline::strokeBoundingBox):
        * rendering/RenderSVGInline.h: Remove toSVGRenderBase() method.
        * rendering/RenderSVGModelObject.h: Ditto.
        * rendering/RenderSVGResourceFilter.cpp: No need to call toSVGRenderBase() anymore, just grab the strokeBoundingBox() from the RenderObject.
        (WebCore::RenderSVGResourceFilter::applyResource):
        * rendering/RenderSVGText.h: Remove toSVGRenderBase() method.
        * rendering/SVGRenderSupport.h: Ditto. Remove markerBoundingBox() method, now combined with strokeBoundingBox().
        (WebCore::SVGRenderBase::strokeBoundingBox):
        * rendering/SVGRootInlineBox.h: Remove toSVGRenderBase() method.
        * rendering/style/SVGRenderStyle.h: Add hasMarkers() helper method, to avoid doing unnecessary work in RenderPath.
        (WebCore::SVGRenderStyle::hasMarkers):

2010-04-30  Eric Uhrhane  <ericu@chromium.org>

        Reviewed by Dmitry Titov.

        Add bindings for async DB API in Workers.
        https://bugs.webkit.org/show_bug.cgi?id=34992

        Tests: storage/change-version-handle-reuse-worker.html
               storage/execute-sql-args-worker.html

        * bindings/js/JSWorkerContextCustom.cpp: Add openDatabase binding.
        (WebCore::JSWorkerContext::openDatabase):

        * bindings/v8/custom/V8WorkerContextCustom.cpp: Add openDatabase stub; Chromium will need work both in V8 and in the browser process before we can turn this on there.
        (WebCore::V8WorkerContext::openDatabaseCallback):

        Add NoStaticTables flags to all objects now shared with workers.
        * storage/Database.idl:
        * storage/SQLError.idl:
        * storage/SQLResultSet.idl:
        * storage/SQLResultSetRowList.idl:
        * storage/SQLTransaction.idl:
        
        * workers/WorkerContext.h: Add databaseExceededQuota.
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::databaseExceededQuota): Add stub implementation for testing; you just get 5MB for now.
        (WebCore::WorkerContext::openDatabase): Remove invalid assertion.

        Add the IDL for the call to openDatabase.
        * workers/WorkerContext.idl:

2010-04-30  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler.

        Unnecessary PrintContext::end() calls
        https://bugs.webkit.org/show_bug.cgi?id=38247

        Refactoring only, so no new tests.

        * page/PrintContext.cpp:
        (WebCore::PrintContext::pageNumberForElement):
        (WebCore::PrintContext::numberOfPages):

2010-04-30  Kent Tamura  <tkent@chromium.org>

        Reviewed by Adele Peterson.

        Implement interactive behavior of spin buttons.
        https://bugs.webkit.org/show_bug.cgi?id=35686

        Introduce SpinButtonElement. It is a shadow element class for
        spin buttons. If the upper side of the element is clicked, calls
        HTMLInputElement::stepUpFromRenderer(1). If the lower button is
        clicked, calls HTMLInputElement::stepUpFromRenderer(-1).

        SpinButtonElement tracks the mouse pointer position, and
        RenderTheme sets ControlStates::SpinUpState if the pointer is on
        the upper side.

        Test: platform/mac/fast/forms/input-number-click.html

        * dom/Element.h:
        (WebCore::Element::isSpinButtonElement):
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::adjustSelectionToAvoidCrossingEditingBoundaries):
         Remove an assertion. lastEditablePositionBeforePositionInRoot() can
         return null in a case that m_end is at a shadow element (a spin button)
         and baseRoot is another shadow element (inner text block) in the same
         node (an INPUT element).
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::stepUpFromRenderer):
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::hasSpinButton):
         Add types supporting step attribute except RANGE.
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::nodeAtPoint):
        (WebCore::RenderTextControlSingleLine::forwardEvent):
        (WebCore::RenderTextControlSingleLine::preferredContentWidth):
        (WebCore::RenderTextControlSingleLine::createSubtreeIfNeeded):
        * rendering/RenderTextControlSingleLine.h:
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::controlStatesForRenderer):
        (WebCore::RenderTheme::isSpinUpButtonPartPressed):
        (WebCore::RenderTheme::isSpinUpButtonPartHovered):
        * rendering/RenderTheme.h:
        * rendering/TextControlInnerElements.cpp:
        (WebCore::SpinButtonElement::SpinButtonElement):
        (WebCore::SpinButtonElement::defaultEventHandler):
        * rendering/TextControlInnerElements.h:
        (WebCore::SpinButtonElement::isSpinButtonElement):
        (WebCore::SpinButtonElement::isEnabledFormControl):
        (WebCore::SpinButtonElement::onUpButton):

2010-04-30  Yael Aharon  <yael.aharon@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Enable DOMWindow constructor for HTMLProgressElement
        https://bugs.webkit.org/show_bug.cgi?id=38333

        Add ENABLE_PROGRESS_TAG to FEATURES_DEFINES_JAVASCRIPT.

        * WebCore.pri:

2010-04-30  Kent Tamura  <tkent@chromium.org>

        Reviewed by Adele Peterson.

        Mac implementation of outer-spin-button appearance, and anonymous
        element generation for <input type=number>.
        https://bugs.webkit.org/show_bug.cgi?id=32813

        The implementation uses NSStepperCell. Like the other Mac
        controls, it has only three candidates for sizes.

        The editable block of an input element is shrunk, and the
        anonymous block for a spin button is put on the right of the
        editable block.

        Tests: platform/mac/fast/forms/input-appearance-spinbutton-size.html
               platform/mac/fast/forms/input-appearance-spinbutton.html

        * dom/Element.cpp:
        (WebCore::Element::pseudoStyleCacheIsInvalid):
        * dom/InputElement.h:
        (WebCore::InputElement::hasSpinButton):
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::hasSpinButton): Return true for NUMBER type.
        * platform/mac/ThemeMac.mm:
        (WebCore::sizeFromNSControlSize): Split the main part of sizeFromFont()
          to this in order to use stepperControlSizeForFont() instead of
          controlSizeForFont().
        (WebCore::sizeFromFont): Just calls sizeFromNSControlSize() with
          sizeFromFont(). No behavior changes.
        (WebCore::stepperSizes): Returns sizes for mini, small, and regular.
        (WebCore::stepperControlSizeForFont):
          Dedicated version of controlSizeForFont().
        (WebCore::stepper): Returns NSStepperCell object with specified settings.
        (WebCore::paintStepper):
        (WebCore::ThemeMac::controlSize): Support for OuterSpinButton.
        (WebCore::ThemeMac::minimumControlSize): ditto.
        (WebCore::ThemeMac::inflateControlPaintRect): ditto.
        (WebCore::ThemeMac::paint): ditto.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintBoxDecorations):
          Move the content to paintBoxDecorationsWithSize().
        (WebCore::RenderBox::paintBoxDecorationsWithSize):
        * rendering/RenderBox.h: Declare paintBoxDecorationsWithSize().
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::~RenderTextControlSingleLine):
        (WebCore::RenderTextControlSingleLine::paintBoxDecorations):
          Call paintBoxDecorationsWithSize() with smaller width by decorationWidthRight().
        (WebCore::RenderTextControlSingleLine::addFocusRingRects):
          Add a rectangle of which width is smaller by decorationWidthRight().
        (WebCore::RenderTextControlSingleLine::layout):
          Adjust m_outerSpinButton position.
        (WebCore::RenderTextControlSingleLine::styleDidChange):
        (WebCore::RenderTextControlSingleLine::textBlockWidth):
        (WebCore::RenderTextControlSingleLine::decorationWidthRight):
        (WebCore::RenderTextControlSingleLine::preferredDecorationWidthRight):
        (WebCore::RenderTextControlSingleLine::createSubtreeIfNeeded):
          Creates an element for m_outerSpinButton if it is needed.
        (WebCore::RenderTextControlSingleLine::createInnerTextStyle):
        (WebCore::RenderTextControlSingleLine::createOuterSpinButtonStyle):
        * rendering/RenderTextControlSingleLine.h: Declare new methods and m_outerSpinButton.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::adjustRepaintRect): Support for OuterSpinButton.

2010-04-29  Adam Barth  <abarth@webkit.org>

        Unreviewed.  Update JSC CodeGenerator baseline.  Not sure how I missed
        this one earlier.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionSerializedValue):

2010-04-29  Justin Garcia  <justin.garcia@apple.com>

        Reviewed by Adele Peterson.

        Need to updateLayout after typing commands too
        https://bugs.webkit.org/show_bug.cgi?id=38352

        Replaced !m_parent checks in EditCommand.cpp by the more descriptive isTopLevelCommand().
        Move the post editing operation updateLayout() call to {un,re}appliedEditing so that text insertions,
        which don't go through EditCommand::{un,re}apply() can benefit from it too.  No test case possible
        since most platforms have a layout performed as a side effect of post operation selection code.

        * editing/EditCommand.cpp:
        (WebCore::EditCommand::apply):
        (WebCore::EditCommand::unapply):
        (WebCore::EditCommand::reapply):
        * editing/EditCommand.h:
        (WebCore::EditCommand::isTopLevelCommand):
        * editing/Editor.cpp:
        (WebCore::Editor::appliedEditing):
        (WebCore::Editor::unappliedEditing):
        (WebCore::Editor::reappliedEditing):

2010-04-29  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/7918086> REGRESSION (r57820): Controller is not displayed in window when opening a MP3 file in browser window
        https://bugs.webkit.org/show_bug.cgi?id=38350

        Tests: media/audio-only-video-intrinsic-size.html
               media/media-document-audio-size.html

        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::RenderVideo): Until metadata is available, ignore the natural size
        reported by the player.
        (WebCore::RenderVideo::videoSizeChanged): Respect a natural size of zero if reported by the
        player, except in standalone media documents.

2010-04-29  Anders Carlsson  <andersca@apple.com>

        Reviewed by Dan Bernstein.

        First part of
        https://bugs.webkit.org/show_bug.cgi?id=20784
        move npapi.h to C99 integer types.

        Add nptypes.h to the build.

        * WebCore.xcodeproj/project.pbxproj:
        * bridge/npapi.h:
        * bridge/npruntime.h:
        * bridge/nptypes.h: Added.

2010-04-29  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Adam Barth.

        Update GObject bindings test results. We are actually moving
        backwards here, but we'll update them again when we figure out
        what broke.

        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_set_property):
        (webkit_dom_test_obj_get_property):

2010-04-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38277
        MiniBrowser: -[WebCoreFlippedView currentEditor]: unrecognized selector

        * platform/mac/ThemeMac.mm:
        (-[WebCoreFlippedView currentEditor]): Added currentEditor nil implementation.

2010-04-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        CodeGeneratorJS.pm should be consistent about castedThis versus castedThisObj
        https://bugs.webkit.org/show_bug.cgi?id=38338

        Currently CodeGeneratorJS.pm uses castThis for methods and
        castedThisObj for attributes.  This inconsistency makes it difficult to
        factor common code genereration code into methods shared by both kinds
        of bindings.  This match aligns the names so that a future patch (e.g.,
        in https://bugs.webkit.org/show_bug.cgi?id=38313) can reduce copy/paste
        code.

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::setJSTestObjIntAttr):
        (WebCore::setJSTestObjLongLongAttr):
        (WebCore::setJSTestObjUnsignedLongLongAttr):
        (WebCore::setJSTestObjStringAttr):
        (WebCore::setJSTestObjTestObjAttr):
        (WebCore::setJSTestObjAttrWithException):
        (WebCore::setJSTestObjAttrWithSetterException):
        (WebCore::setJSTestObjAttrWithGetterException):
        (WebCore::jsTestObjPrototypeFunctionVoidMethod):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionIntMethod):
        (WebCore::jsTestObjPrototypeFunctionIntMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionObjMethod):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithException):
        (WebCore::jsTestObjPrototypeFunctionCustomMethod):
        (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionCustomArgsAndException):
        (WebCore::jsTestObjPrototypeFunctionAddEventListener):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrame):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndArg):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndUserGesture):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndUserGestureASAD):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoid):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateObj):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):

2010-04-29  Gustavo Noronha Silva  <gustavo.noronhaollabora.co.uk>

        Reviewed by Xan Lopez.

        [GTK] pointerCursor should use the default cursor set for the window, not GDK_LEFT_PTR
        https://bugs.webkit.org/show_bug.cgi?id=36963

        Use the default cursor instead of hard-coding left pointer.

        * platform/gtk/CursorGtk.cpp:
        (WebCore::Cursor::Cursor):
        (WebCore::pointerCursor):

2010-04-29  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        WebInspector: If Timeline panel is in recording mode and is not visible and has received
        new events then these events do not appear in the panel when the panel becomes visible.
        Timeline popup may appear in the upper left window corner when you switch to another panel.
        https://bugs.webkit.org/show_bug.cgi?id=38322

        * inspector/front-end/Popover.js:
        (WebInspector.PopoverHelper.prototype._mouseMove.doHide):
        (WebInspector.PopoverHelper.prototype._mouseMove):
        (WebInspector.PopoverHelper.prototype.hidePopup):
        (WebInspector.PopoverHelper.prototype._hidePopup):
        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype.show):
        (WebInspector.TimelinePanel.prototype._scheduleRefresh):
        (WebInspector.TimelinePanel.prototype._refresh):

2010-04-29  Anton Muhin  <antonm@chromium.org>

        Reviewed by Darin Adler.

        Let's cache nodelists instead of DynamicNodeList::Caches
        https://bugs.webkit.org/show_bug.cgi?id=33696

        Test: fast/dom/Element/node-list-identity.html

        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::markChildren): Mark all cached node lists as well
        * dom/ClassNodeList.cpp:
        (WebCore::ClassNodeList::ClassNodeList): Don't need DynamicNodeList::Caches argument any more
        (WebCore::ClassNodeList::~ClassNodeList): Remove from the cache
        * dom/ClassNodeList.h: Added a field with original class names to be used as a key for removal from the cache
        (WebCore::ClassNodeList::create): Don't need DynamicNodeList::Caches argument any more
        * dom/NameNodeList.cpp:
        (WebCore::NameNodeList::NameNodeList): Don't need DynamicNodeList::Caches argument any more
        (WebCore::NameNodeList::~NameNodeList): Remove from the cache
        * dom/NameNodeList.h:
        (WebCore::NameNodeList::create): Don't need DynamicNodeList::Caches argument any more
        * dom/Node.cpp:
        (WebCore::Node::removeCachedClassNodeList): Remove ClassNodeList from the cache
        (WebCore::Node::removeCachedNameNodeList): Remove NameNodeList from the cache
        (WebCore::Node::removeCachedTagNodeList): Remove TagNodeList from the cache
        (WebCore::Node::getElementsByTagNameNS): Switch to caching node lists themselves, not the data
        (WebCore::Node::getElementsByName): Switch to caching node lists themselves, not the data
        (WebCore::Node::getElementsByClassName): Switch to caching node lists themselves, not the data
        (WebCore::NodeListsNodeData::invalidateCaches): Switch to caching node lists themselves, not the data
        (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes): Switch to caching node lists themselves, not the data
        (WebCore::NodeListsNodeData::isEmpty): Switch to caching node lists themselves, not the data
        (WebCore::markNodeLists): Helper to mark all the node lists in the cache
        (WebCore::Node::markCachedNodeListsSlow): Mark all the cached node lists if any could be present
        * dom/Node.h:
        (WebCore::Node::markCachedNodeLists): Fast-path marking of cached node lists---bails out if there is no rare data
        * dom/NodeRareData.h: Changed type of caches to hold raw pointers to node lists, not RefPtr's to data
        * dom/TagNodeList.cpp:
        (WebCore::TagNodeList::TagNodeList): Don't need DynamicNodeList::Caches argument any more
        (WebCore::TagNodeList::~TagNodeList): Remove from the cache
        * dom/TagNodeList.h:
        (WebCore::TagNodeList::create): Don't need DynamicNodeList::Caches argument any more

2010-04-29  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Yury Semikhatsky.

        [Chromium] Update ScriptProfileNode to retrieve execution time in milliseconds.

        https://bugs.webkit.org/show_bug.cgi?id=38330

        * bindings/v8/ScriptProfileNode.cpp:
        (WebCore::ScriptProfileNode::totalTime):
        (WebCore::ScriptProfileNode::selfTime):

2010-04-28  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Adler.

        A form without a submit button unexpectedly performs its action when Return is pressed
        https://bugs.webkit.org/show_bug.cgi?id=9756

        Implemented implicit form submission algorithm as defined in HTML5 spec:
        http://www.whatwg.org/specs/web-apps/current-work/multipage/association-of-controls-and-forms.html#implicit-submission,
        falling back to match IE's behavior in the edge cases.

        The underlying rules are:

        * If the form has no enabled submit buttons, submit if Enter/Return is pressed on the only single-line text field.

        * Otherwise, submit form using first enabled submit button if Enter/Return is pressed on a field
          that's not a textarea or a select.

        Test: fast/forms/implicit-submission.html

        * dom/SelectElement.cpp:
        (WebCore::SelectElement::menuListDefaultEventHandler): Ripped out implicit submission for select elements.
        (WebCore::SelectElement::listBoxDefaultEventHandler): Ditto.
        (WebCore::SelectElement::defaultEventHandler): Ditto.
        * dom/SelectElement.h: Ditto.
        (WebCore::HTMLFormElement::submitImplicitly): Renamed submitClick to submitImplicitly to better match HTML5 spec
            language, changed the logic to match the rules above.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::defaultEventHandler): Reamed clickDefaultButton to implicitSubmission to better match
            HTML5 spec language, made radio element to trigger implicit submission.
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::defaultEventHandler): Removed passing of form() as parameter, because it's no longer
            necessary.

2010-04-29  Paweł Hajdan, Jr.  <phajdan.jr@chromium.org>

        Reviewed by Jeremy Orlow.

        Fix building with libpng-1.4.
        https://bugs.webkit.org/show_bug.cgi?id=33287

        No new tests (no behavior change).

        Original patch by John Bowler <jbowler@acm.org>

        * platform/image-encoders/skia/PNGImageEncoder.cpp:
        (WebCore::PNGImageEncoder::encode):

2010-04-29  Adam Langley  <agl@chromium.org>

        Reviewed by David Levin.

        This patch adds support for WOFF in Chromium. Since Chromium
        already transcodes all OpenType files for security reasons we
        are adding WOFF support into the transcoder.

        https://bugs.webkit.org/show_bug.cgi?id=38217

        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::isSupportedFormat):
          Recognise "woff" as a font-face format value (guarded by
          ENABLE(OPENTYPE_SANITIZER) at this point)
        * platform/graphics/opentype/OpenTypeSanitizer.cpp:
        (WebCore::OpenTypeSanitizer::sanitize):
          Change so that the transcoded font can be larger than the original.
          (WOFF files are compressed, so the transcoded TTF is typically
          larger.)

2010-04-29  Alex Milowski  <alex@milowski.com>

        Reviewed by Kenneth Rohde Christiansen.

        Updates to the Qt build to enable building MathML support.

        * WebCore.pri:
        * WebCore.pro:

2010-04-29  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        [GTK] GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=33590

        Do not generate unneeded boilerplate in {get,set}_property methods
        when there are no properties to generate code for. This gets rid
        of lots of compiler warnings.

        * bindings/scripts/CodeGeneratorGObject.pm:

2010-04-29  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Speed up text layouting
        https://bugs.webkit.org/show_bug.cgi?id=31719

        Use QFontMetrics::width() for the text width calculation instead
        of QTextLayout. This avoids expensive bearing calculations and the
        line breaking code.

        * platform/graphics/qt/FontQt.cpp:
        (WebCore::Font::floatWidthForComplexText):

2010-04-29  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Export g_stackBase with JS_EXPORTDATA
        https://bugs.webkit.org/show_bug.cgi?id=37437

        Declare g_stackBase with JS_EXPORTDATA as it is imported from JavaScriptCore.

        * platform/wince/SharedTimerWince.cpp:

2010-04-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Maciej Stachowiak.

        Remove custom bindings for PopStateEvent.initPopStateEvent
        https://bugs.webkit.org/show_bug.cgi?id=38311

        Our code generation of SerializedScriptValue was slightly buggy, but
        it's easy to fix.  Notice that the conversion to an atomic string is
        handled by the C++ type system and doesn't require logic in the code
        generator.

        * bindings/js/JSPopStateEventCustom.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_serialized_value):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::):
        (WebCore::jsTestObjPrototypeFunctionSerializedValue):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj serializedValue:]):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::serializedValueCallback):
        (WebCore::ConfigureV8TestObjTemplate):
        * bindings/v8/custom/V8PopStateEventCustom.cpp:
        * dom/PopStateEvent.idl:

2010-04-29  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Fix a bug that selection drag-and-drop doesn't work for input/textarea.
        https://bugs.webkit.org/show_bug.cgi?id=38175

        The code supposed the selected region was in the destination text
        field. It is not true in a case of drag-and-drop.

        Test: editing/pasteboard/drag-drop-input-textarea.html

        * dom/InputElement.cpp:
        (WebCore::InputElement::handleBeforeTextInsertedEvent):
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::handleBeforeTextInsertedEvent):

2010-04-29  Adam Barth  <abarth@webkit.org>

        Reviewed by Maciej Stachowiak.

        Remove custom bindings for NodeFilter.acceptNode
        https://bugs.webkit.org/show_bug.cgi?id=38309

        This "custom" code was just an instance of the CallWith=ScriptState
        pattern.  Also, it looks like V8 just had a garbage implemenation that
        did nothing.

        * WebCore.gypi:
        * bindings/js/JSNodeFilterCustom.cpp:
        * bindings/v8/custom/V8NodeFilterCustom.cpp: Removed.
        * dom/NodeFilter.idl:

2010-04-29  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] QtWebkit doesn't link with 3D canvas
        https://bugs.webkit.org/show_bug.cgi?id=38299

        Added implementation for GraphicsContext3D::isGLES2Compliant, which returns the correct value based on a Qt #define.

        No new tests: build fix

        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3D::isGLES2Compliant):

2010-04-29  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] REGRESSION(r57638): tst_qwebframe::objectDeleted() fails
        https://bugs.webkit.org/show_bug.cgi?id=38316

        Accessing properties of a deleted objects doesn't throw an exception
        anymore.

        Continue to expose the QObject class wrapper for objects that
        previously existed but don't exist anymore. QtClass is safe to
        use with a deleted QObject.

        * bridge/qt/qt_instance.cpp:
        (JSC::Bindings::QtInstance::getClass): Return null only if m_class
        doesn't exist yet and there's no m_object.

2010-04-29  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Simon Hausmann.

        Reverse animations don't work in some use cases        
        https://bugs.webkit.org/show_bug.cgi?id=38075

        This was due to a code path special-casing reverse animations, that became obselete when we aligned our animation code
        with the CA implementation. That special case code path is now a bug - and this patch removes it.

        http://staff.washington.edu/fmf/2009/03/25/iphone-3d-css-transformations/ now runs the reverse
        animation correctly.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::TransformAnimationQt::applyFrame):

2010-04-29  Jan Hanssen  <jhanssen@codeaurora.org>

        Reviewed by Adam Barth.

        HTMLOptionElement::ownerSelectElement() needs to consider keygen elements
        https://bugs.webkit.org/show_bug.cgi?id=26016

        Patch written by Grace Kloba <klobag@gmail.com>, test fixed by me.

        Test: fast/dom/HTMLKeygenElement/keygen-option-select.html

        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::ownerSelectElement):
        Make HTMLOptionElement::ownerSelectElement() consider the keygen element in addition to the current select element.

2010-04-29  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Eric Seidel.

        Add EFL-specific code to Widget.h and move the empty
        frameRectsChanged() definition to Widget.cpp, since the EFL port
        needs to override that.
        http://webkit.org/b/36317

        No new tests required.

        * WebCore.base.exp:
        * platform/Widget.cpp:
        (WebCore::Widget::frameRectsChanged):
        * platform/Widget.h:

2010-04-29  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>

        Reviewed by Simon Hausmann.

        [Qt] GraphicsContext3DQt.cpp does not implement isGLES2Compliant() 
        https://bugs.webkit.org/show_bug.cgi?id=38216

        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3D::isGLES2Compliant):

2010-04-29  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Remove the unnecessary texImage2D function with Image as input in GraphicsContext3D
        https://bugs.webkit.org/show_bug.cgi?id=38235

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::texImage2D): Add extractImageData; add a common entry point for texImage2D with image input.
        (WebCore::WebGLRenderingContext::texImage2DBase): Add this function as the common entry point for texImage2D.
        (WebCore::WebGLRenderingContext::texSubImage2D): Add extractImageData; add a common entry point for texSubImage2D with image input.
        (WebCore::WebGLRenderingContext::texSubImage2DBase): Add this function as the common entry point for texSubImage2D.
        * html/canvas/WebGLRenderingContext.h: Add tex*Image{Base/Image} function declaration.
        * platform/graphics/GraphicsContext3D.h: Remove tex*Image declaration with Image input.
        * platform/graphics/mac/GraphicsContext3DMac.cpp: Remove tex*Image implementation with Image input.
        (WebCore::GraphicsContext3D::texImage2D):
        (WebCore::GraphicsContext3D::texSubImage2D):

2010-04-29  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] GraphicsLayer: flicker when starting an animation before the previous one ended.
        https://bugs.webkit.org/show_bug.cgi?id=38076

        This was due to the cude in the removeAnimations functions, which called deleteLater() without stopping the
        animation synchronously. The delay between the call to that function and the actual call to the animation's destructor
        is when the flicker occured. We fix this by calling stop() synchronously, and making sure that the value is reverted
        upon stop (updateState) and not upon the object's destruction.

        http://staff.washington.edu/fmf/2009/03/25/iphone-3d-css-transformations/ now doesn't flicker when
        the animation is toggled frequently.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::TransformAnimationQt::~TransformAnimationQt):
        (WebCore::TransformAnimationQt::applyFrame):
        (WebCore::TransformAnimationQt::updateState):
        (WebCore::OpacityAnimationQt::~OpacityAnimationQt):
        (WebCore::OpacityAnimationQt::updateState):
        (WebCore::GraphicsLayerQt::removeAnimationsForProperty):
        (WebCore::GraphicsLayerQt::removeAnimationsForKeyframes):

2010-04-28  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Simon Fraser.

        Media queries empty values
        https://bugs.webkit.org/show_bug.cgi?id=38116

        Adding isValid() method to MediaQueryExp to make it possible to differentiate
        between queries with empty values and queries with invalid values.

        Test: fast/media/media-query-invalid-value.html

        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::eval):
        * css/MediaQueryExp.cpp:
        (WebCore::MediaQueryExp::MediaQueryExp):
        * css/MediaQueryExp.h:
        (WebCore::MediaQueryExp::isValid):

2010-04-28  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: Allow editing script resources when resource tracking is enabled.

        https://bugs.webkit.org/show_bug.cgi?id=38269

        * inspector/front-end/ScriptView.js:
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.canEditScripts):
        (WebInspector.ScriptsPanel.prototype.editScriptSource):
        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype.get textModel):
        * inspector/front-end/SourceView.js:
        (WebInspector.SourceView):
        (WebInspector.SourceView.prototype._addBreakpoint):
        (WebInspector.SourceView.prototype._editLine):
        (WebInspector.SourceView.prototype._editLineComplete):
        (WebInspector.SourceView.prototype._sourceIDForLine):

2010-04-25  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Darin Adler.

        Clicking a scrollbar blurs the currently focused element
        https://bugs.webkit.org/show_bug.cgi?id=16809

        WebKit ports that do not use native (platform) widgets for rendering the scrollbars
        are currently mismatching a common behaviour of other browser vendors (including
        Firefox and Opera): clicking on a frame scrollbar *should not* steal focus from content.
        WebKit browsers based ports that do use WebCore for handling scrollbars, like QtWebKit for
        instance, can observe the opposite behaviour.

        Patch fixes this behaviour by checking if current MouseDown event targets a frame scrollbar.
        If that is the case, it bails out and do not change focus behavior at all.

        It is important to note that the given way this is implemented by this patch, non-frame
        scrollbars (e.g. a vertical scrollbar of an overflowed textareas or divs) will keep working
        in the same way as it works currently.

        Tests: scrollbars/scrollbar-click-does-not-blur-content.html
               scrollbars/scrollbar-iframe-click-does-not-blur-content.html

        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchMouseEvent):

2010-04-28  Dan Bernstein  <mitz@apple.com>

        Rubber-stamped by Maciej Stachowiak.

        Try to fix test failures seen on the Leopard build bot after r58467

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::platformGlyphInit): Initialize m_zeroWidthSpaceGlyph before
        calling widthForGlyph(), as the latter uses the former.

2010-04-28  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Make ClipboardGtk a "live" DataTransfer object, able to modify
        the clipboard when setData(...) is called.

        * platform/gtk/ClipboardGtk.cpp:
        (WebCore::Editor::newGeneralClipboard): Pass the GtkClipboard into the factory method.
        (WebCore::ClipboardGtk::ClipboardGtk): Create two separate constructors, one for DnD data and one for clipboard data.
        (WebCore::dataObjectTypeFromHTMLClipboardType): Added.
        (WebCore::ClipboardGtk::clearData): Clear the member DataObject, optionally write the clipboard.
        (WebCore::ClipboardGtk::clearAllData): Ditto.
        (WebCore::joinURIList): Added.
        (WebCore::ClipboardGtk::getData): Get the data from the clipboard, if possible.
        (WebCore::ClipboardGtk::setData): Write data to the DataObject and maybe the clipboard.
        (WebCore::ClipboardGtk::types): Read the clipboard/DataObject to find applicable types.
        (WebCore::ClipboardGtk::files): Read the clipboard/DataObject to find the files.
        (WebCore::ClipboardGtk::writeURL): Write to the DataObject and maybe the clipboard.
        (WebCore::ClipboardGtk::writeRange): Ditto.
        (WebCore::ClipboardGtk::writePlainText): Ditto.
        (WebCore::ClipboardGtk::hasData): Query the clipboard/DataObject.
        * platform/gtk/ClipboardGtk.h: 
        (WebCore::ClipboardGtk::create): Added one factory for pasteboard-backed DataObjects and one for DnD-backed objects.
        * platform/gtk/DataObjectGtk.cpp:
        (WebCore::replaceNonBreakingSpaceWithSpace): Added this helper function to clean &nbsp; from plain text.
        (WebCore::DataObjectGtk::markup): Actually return the range if it's set.
        (WebCore::DataObjectGtk::setText): Clean &nbsp; from plain text.
        (WebCore::DataObjectGtk::clearText): Added.
        (WebCore::DataObjectGtk::clearMarkup): Added.
        * platform/gtk/DataObjectGtk.h:
        (WebCore::DataObjectGtk::clearURIList): Added.
        (WebCore::DataObjectGtk::clearImage): Added.
        * platform/gtk/PasteboardHelper.cpp:
        (WebCore::PasteboardHelper::initializeTargetList): Added target ID's for URI list and Netscape URL targets.
        (WebCore::urisToKURLVector): Added.
        (WebCore::PasteboardHelper::getClipboardContents): Added.
        (WebCore::PasteboardHelper::fillSelectionData): Added logic for URI lists and Netscape URLs.
        (WebCore::PasteboardHelper::targetListForDataObject): Ditto.
        * platform/gtk/PasteboardHelper.h: Added default argument to writeClipboardContents and new method.

2010-04-28  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Use the length of the UTF-8 markup data in bytes when filling GtkSelectionData.

        No new tests, because pasteboard DataTransfer tests will be enabled
        with the completion of the GTK+ DataTransfer object.

        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::clipboard_get_contents_cb): Use strlen here instead of g_utf8_strlen.

2010-04-28  Dan Bernstein  <mitz@apple.com>

        Reviewed by Adele Peterson.

        More of <rdar://problem/7855777> REGRESSION: Memory usage increase caused by storing glyph bounds in GlyphMetricsMap
        https://bugs.webkit.org/show_bug.cgi?id=37936

        Assigning zero width and empty bounds to the ZERO WIDTH SPACE glyph often allocates a width map
        page and a bounds map page for the glyph, each of which pages contains 255 unused entries. Save
        this space by not storing the zero width and empty bounds in the metrics maps.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::SimpleFontData): Initialize m_zeroWidthSpaceGlyph.
        (WebCore::SimpleFontData::platformGlyphInit): Set m_zeroWidthSpaceGlyph. Don’t create entries
        for the ZERO WIDTH SPACE glyph in the width map and in the bounds map.
        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::boundsForGlyph): Return empty bounds for the ZERO WIDTH SPACE glyph
        without consulting the bounds map.
        (WebCore::SimpleFontData::widthForGlyph): Return zero for the ZERO WIDTH SPACE glyph without
        consulting the width map.

2010-04-28  Mark Rowe  <mrowe@apple.com>

        Reviewed by Adele Peterson.

        <rdar://problem/7847573> Safari welcome page logs JavaScript exception during page load

        The Safari welcome page runs afoul of the same-origin restriction on access to stylesheet rules
        that was added to address <https://bugs.webkit.org/show_bug.cgi?id=20527>. To work around this we're
        adding a temporary site-specific quirk that relaxes this restriction for the particular cross-origin
        access that occurs on the Safari welcome page.

        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::cssRules):

2010-04-28  Mike Thole  <mthole@apple.com>

        Reviewed by Mark Rowe.

        Add separate exports file for symbols dependent on WTF_USE_PROTECTION_SPACE_AUTH_CALLBACK.

        * DerivedSources.make: Updated for WebCore.ProtectionSpaceAuthCallback.exp.
        * WebCore.ProtectionSpaceAuthCallback.exp: Added.
        * WebCore.xcodeproj/project.pbxproj:

2010-04-28  Evan Martin  <evan@chromium.org>

        Reviewed by David Levin.

        [chromium] revert getFontDataForCharacters change in r58341
        https://bugs.webkit.org/show_bug.cgi?id=38288

        It caused a performance regression.

        * platform/chromium/ChromiumBridge.h:
        * platform/graphics/chromium/FontCacheLinux.cpp:
        (WebCore::FontCache::getFontDataForCharacters):

2010-04-28  Eric Seidel  <eric@webkit.org>

        Unreviewed, rolling out r58441.
        http://trac.webkit.org/changeset/58441
        https://bugs.webkit.org/show_bug.cgi?id=37618

        Broke 3 test on Qt.

        * page/DragController.cpp:
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):
        * page/DragController.h:
        (WebCore::DragController::setDragInitiator):
        (WebCore::DragController::dragInitiator):
        (WebCore::DragController::documentUnderMouse):

2010-04-28  Darin Adler  <darin@apple.com>

        Reviewed by Dan Bernstein.

        Remove some obsolete scrolling code
        https://bugs.webkit.org/show_bug.cgi?id=38293

        * page/Chrome.cpp:
        (WebCore::Chrome::scrollRectIntoView): Removed ScrollView* argument.
        * page/Chrome.h: Made scrollRectIntoView non-virtual, and removed ScrollView* argument.

        * page/FrameView.cpp: Removed scrollRectIntoViewRecursively.
        * page/FrameView.h: Removed scrollRectIntoViewRecursively and made
        setScrollPosition non-virtual, since there is no class derived from
        this class, and ScrollView's setScrollPosition is non-virtual.

        * platform/HostWindow.h: Removed scrollRectIntoView.

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollRectIntoViewRecursively): Updated comment
        since I was able to do most of the tasks listed here.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollRectToVisible): Removed 0 passed for
        ScrollView* argument to Chrome::scrollRectIntoView.

2010-04-28  Mike Thole  <mthole@apple.com>

        Reviewed by David Kilzer.

        Add canAuthenticateAgainstProtectionSpace() to frame loader so that a protection space 
        can be inspected before attempting to authenticate against it
        https://bugs.webkit.org/show_bug.cgi?id=38271

        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::canAuthenticateAgainstProtectionSpace): Added.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::canAuthenticateAgainstProtectionSpace): Added.
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::canAuthenticateAgainstProtectionSpace): Added.
        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::canAuthenticateAgainstProtectionSpace): Added.
        * platform/network/ProtectionSpace.h:
        (WebCore::):
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::canAuthenticateAgainstProtectionSpace): Added.
        * platform/network/mac/AuthenticationMac.mm:
        (WebCore::mac):
        Add cases for case ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested and
        ProtectionSpaceAuthenticationSchemeClientCertificateRequested.  Guarded with the
        #if USE(PROTECTION_SPACE_AUTH_CALLBACK) as the new NSURLProtectionSpace constants don't
        exist prior to Mac OS X 10.6.
        (WebCore::core): Ditto.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::canAuthenticateAgainstProtectionSpace): Added.
        (-[WebCoreResourceHandleAsDelegate connection:canAuthenticateAgainstProtectionSpace:]): Added.

2010-04-28  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Eric Seidel.

        Convert m_documentUnderMouse, m_dragInitiator to RefPtr.
        Eliminated unused m_dragInitiator accessor to prevent dereferencing.
        https://bugs.webkit.org/show_bug.cgi?id=37618

        Test: editing/pasteboard/drag-drop-iframe-refresh-crash.html

        * page/DragController.cpp:
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):
        * page/DragController.h:
        (WebCore::DragController::draggingImageURL):
        (WebCore::DragController::documentUnderMouse):

2010-04-28  Dumitru Daniliuc  <dumi@chromium.org>

        Unreviewed, fixing a build problem introduced by the previous patch.

        * storage/DatabaseSync.cpp:
        (WebCore::DatabaseSync::openDatabaseSync):

2010-04-23  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Jeremy Orlow.

        Adding some required classes for the sync WebSQLDatabases API.
        https://bugs.webkit.org/show_bug.cgi?id=34994

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * storage/DatabaseSync.cpp: Added.
        (WebCore::DatabaseSync::databaseInfoTableName):
        (WebCore::DatabaseSync::setIsAvailable):
        (WebCore::DatabaseSync::isAvailable):
        (WebCore::DatabaseSync::openDatabaseSync):
        (WebCore::DatabaseSync::DatabaseSync):
        (WebCore::DatabaseSync::~DatabaseSync):
        (WebCore::DatabaseSync::version):
        (WebCore::DatabaseSync::changeVersion):
        (WebCore::DatabaseSync::transaction):
        * storage/DatabaseSync.h: Added.
        (WebCore::DatabaseSync::databaseDebugName):
        * storage/SQLTransactionSync.cpp: Added.
        (WebCore::SQLTransactionSync::create):
        (WebCore::SQLTransactionSync::SQLTransactionSync):
        (WebCore::SQLTransactionSync::~SQLTransactionSync):
        (WebCore::SQLTransactionSync::executeSQL):
        * storage/SQLTransactionSync.h: Added.
        (WebCore::SQLTransactionSync::database):
        (WebCore::SQLTransactionSync::isReadOnly):
        * storage/SQLTransactionSyncCallback.h: Added.
        (WebCore::SQLTransactionSyncCallback::~SQLTransactionSyncCallback):

2010-04-28  İsmail Dönmez  <ismail@namtrac.org>

        Reviewed by Simon Hausmann.

        Fix compilation with QT_NO_CURSOR defined.

        * platform/qt/QWebPageClient.h:
        (QWebPageClient::resetCursor):
        (QWebPageClient::setCursor):

2010-04-28  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Added a check to make sure that resources from a different https origin are not cached.
        https://bugs.webkit.org/show_bug.cgi?id=33456

        Test: http/tests/appcache/different-https-origin-resource-main.html

        * loader/appcache/ManifestParser.cpp:
        (WebCore::parseManifest):

2010-04-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Only set -allowable_client WebKit2 for engineering builds on SnowLeopard
        and later.

        * Configurations/WebCore.xcconfig:

2010-04-28  Darin Adler  <darin@apple.com>

        Reviewed by Adele Peterson.

        REGRESSION: Autoscroll does not work in Mail messages
        https://bugs.webkit.org/show_bug.cgi?id=38267
        rdar://problem/7559799

        Still haven't figured out a good way to test this with DumpRenderTree
        or with Safari. Testing has to be done with Mail for now.

        The machinery to make autoscrolling work on Mac OS X when a WebView is embedded in another
        view had gotten broken in multiple ways. For some reason, a combination of bugs made it
        partly work until around r48064. This brings it back.

        There were three problems:

            1) Code in EventHandler decided there was nothing to scroll, so didn't start
               the autoscroll timer.
            2) The wrong rectangle was passed to Chrome::scrollRectIntoView.
            3) The Mac WebKit implementation of ChromeClient::scrollRectIntoView did incorrect
               coordinate conversion.

        I verified that none of these have any effect on regression tests, or behavior in
        web browsers, or behavior on platforms other than Mac.

        * page/EventHandler.cpp:
        (WebCore::canAutoscroll): Added. Returns true for boxes that can scroll directly
        and for the top level box of the top frame.
        (WebCore::EventHandler::handleMouseDraggedEvent): Use canAutoscroll.
        (WebCore::EventHandler::updateAutoscrollRenderer): Ditto.

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollToAnchor): Fixed comment.

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollRectIntoViewRecursively): Put ASSERT_NOT_REACHED into this
        now-unused function along with some comments about removing some obsolete code.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollRectToVisible): Removed call to scrollRectIntoViewRecursively
        since from the WebKit point of view this is the topmost scroll view anyway. Instead call
        setScrollPosition. Moved the code to call Chrome::scrollRectIntoView here since it needs
        to use a different rectangle anyway.

2010-04-21  Ojan Vafai  <ojan@chromium.org>

        Reviewed by Adele Peterson.

        http://trac.webkit.org/changeset/57215 caused perf/memory regressions
        https://bugs.webkit.org/show_bug.cgi?id=37292

        #if out the canUseGlyphCache Changes from r57215 as they caused a 
        8% perf regression on Chromium's international page load tests so that
        the perf regression can be fixed properly without being left in the tree.

        * platform/graphics/FontFastPath.cpp:
        (WebCore::Font::canUseGlyphCache):

2010-04-28  Beth Dakin  <bdakin@apple.com>

        Reviewed by Darin Adler.

        Fix for <rdar://problem/7474349>

        Add a synchronous display mechanism for WKCACFLayerRenderer. 

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::setRootContentsAndDisplay): This is 
        just like setRootContents(), but it calls paint() instead of 
        renderSoon().
        * platform/graphics/win/WKCACFLayerRenderer.h:

2010-04-28  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Geoffrey Garen.

        REGRESSION: fast/workers/wrapper-map-gc.html crashes on Snow Leopard Release Bot
        https://bugs.webkit.org/show_bug.cgi?id=37554

        The flaky fast/workers/wrapper-map-gc.html will stop being flaky.

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        check if JS execution was terminated, as in cases of Worker.terminate() or WorkerGlobalScope.close().
        * bindings/js/JSWorkerContextBase.cpp:
        (WebCore::toJS): ASSERT the value of workerContextWrapper, it should never be 0.
        * bindings/js/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerContextWrapper): remove returning 0 if JS execution was forbidden.
        (WebCore::WorkerScriptController::isExecutionForbidden):
        * bindings/v8/WorkerScriptController.h:
        (WebCore::WorkerScriptController::isExecutionForbidden):

        Add ScriptExecutionContext::isJSExecutionTerminated(), it is always 'false' for Document
        and 'true' for WorkerContext when script is terminated.
        * dom/ScriptExecutionContext.h:
        * dom/Document.h:
        (WebCore::Document::isJSExecutionTerminated):
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::isJSExecutionTerminated):
        * workers/WorkerContext.h:

2010-04-28  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        WebInspector: Multiple Main Resource Content Loaded marks appear in Resource panel.
        https://bugs.webkit.org/show_bug.cgi?id=38270

        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.updateGraphDividersIfNeeded):

2010-04-28  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        WebInspector: Timeline: We can have precise urls in the EvaluateScript records.
        https://bugs.webkit.org/show_bug.cgi?id=38264

        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.FormattedRecord.prototype._generatePopupContent):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._getRecordDetails):

2010-04-28  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Linkify node and function in the event listeners panel.

        https://bugs.webkit.org/show_bug.cgi?id=38251

        * bindings/js/ScriptEventListener.cpp:
        (WebCore::eventListenerHandlerBody):
        (WebCore::eventListenerHandlerLocation):
        * bindings/js/ScriptEventListener.h:
        * bindings/v8/ScriptEventListener.cpp:
        (WebCore::eventListenerHandlerBody):
        (WebCore::eventListenerHandlerLocation):
        * bindings/v8/ScriptEventListener.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):
        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.prototype.linkifyNodeReference):
        (WebInspector.ElementsPanel.prototype.linkifyNodeReference.preventDefault):
        * inspector/front-end/EventListenersSidebarPane.js:
        (WebInspector.EventListenersSidebarPane.prototype.update.callback):
        (WebInspector.EventListenersSidebarPane.prototype.update):
        ():
        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylesSidebarPane.prototype._rebuildSectionsForStyleRules):
        * inspector/front-end/inspector.css:
        (.node-link):

2010-04-28  Julien Chaffraix  <jchaffraix@webkit.org>

        Reviewed by Alexey Proskuryakov.

        [XHR] Cross-Origin synchronous request with credential raises NETWORK_ERR
        https://bugs.webkit.org/show_bug.cgi?id=37781
        <rdar://problem/7905150>

        Tests: http/tests/xmlhttprequest/access-control-preflight-credential-async.html
               http/tests/xmlhttprequest/access-control-preflight-credential-sync.html

        Rolling the patch in as I could not reproduce Qt results locally.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Now we remove the
        credential from the request here to avoid forgetting to do so in the different code path.
        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest): Just add the
        "Origin" header.
        (WebCore::DocumentThreadableLoader::loadRequest): Check here the the credential have
        been removed so that we don't leak them. Also tweaked a comment to make it clear that
        the URL check has issue when credential is involved.

2010-04-28  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] GraphicsLayer: preserves-3d and backface visibility
        https://bugs.webkit.org/show_bug.cgi?id=35312

        Implement preserves-3d by maintaining the 3D transformation heirarchy inside GraphicsLayerQt, and extrapolating
        the relative QTransform. When the extrapolation fails (un-invertible matrix) we ignore the transformation change.

        WebKitSite/blog-files/3d-transforms test now work with Qt.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::GraphicsLayerQtImpl::updateTransform):
        (WebCore::GraphicsLayerQtImpl::opaqueArea):
        (WebCore::GraphicsLayerQtImpl::boundingRect):
        (WebCore::GraphicsLayerQtImpl::paint):
        (WebCore::GraphicsLayerQtImpl::flushChanges):

2010-04-28  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: View frame selector for Timeline overview panel is redesigned a bit.
        Now it is possible to adjust view frame by resizer bars and by click-n-drag in overview pane.
        https://bugs.webkit.org/show_bug.cgi?id=38251

        * inspector/front-end/TimelineOverviewPane.js:
        (WebInspector.TimelineOverviewPane):
        (WebInspector.TimelineOverviewPane.prototype.reset):
        (WebInspector.TimelineOverviewPane.prototype._dragWindow):
        (WebInspector.TimelineOverviewPane.prototype._windowSelectorDragging):
        (WebInspector.TimelineOverviewPane.prototype._endWindowSelectorDragging):
        (WebInspector.TimelineOverviewPane.prototype._resizeWindowLeft):
        (WebInspector.TimelineOverviewPane.prototype._resizeWindowRight):
        (WebInspector.TimelineOverviewPane.prototype._setWindowPosition):
        (WebInspector.TimelinePanel.WindowSelector):
        (WebInspector.TimelinePanel.WindowSelector.prototype._createSelectorElement):
        (WebInspector.TimelinePanel.WindowSelector.prototype._close):
        (WebInspector.TimelinePanel.WindowSelector.prototype._updatePosition):
        * inspector/front-end/inspector.css:
        (#timeline-overview-grid):
        (.timeline-window-selector):
        (#timeline-overview-window):
        (.timeline-overview-dividers-background):
        (.timeline-overview-window-rulers):
        (.timeline-window-resizer):

2010-04-28  Marcus Bulach  <bulach@chromium.org>

        Reviewed by Jeremy Orlow.

        Reverts 58340 (https://bugs.webkit.org/show_bug.cgi?id=38158) due to regression on fast/text/international/khmer-selection.html
        https://bugs.webkit.org/show_bug.cgi?id=38254

        * platform/graphics/chromium/FontLinux.cpp:
        (WebCore::adjustTextRenderMode):
        (WebCore::TextRunWalker::getTextRun):
        (WebCore::TextRunWalker::getNormalizedTextRun):
        (WebCore::TextRunWalker::setGlyphXPositions):
        (WebCore::glyphIndexForXPositionInScriptRun):
        (WebCore::Font::offsetForPositionForComplexText):
        (WebCore::Font::selectionRectForComplexText):
        * platform/graphics/chromium/FontPlatformDataLinux.cpp:
        (WebCore::FontPlatformData::setupPaint):
        * platform/graphics/chromium/HarfbuzzSkia.cpp:
        (WebCore::getOutlinePoint):
        * platform/graphics/skia/GraphicsContext3DSkia.cpp:
        (WebCore::GraphicsContext3D::getImageData):
        * platform/graphics/skia/GraphicsContextSkia.cpp:
        (WebCore::isCoordinateSkiaSafe):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::strokeRect):

2010-04-28  Andrey Kosyakov  <caseq@chromium.org>

        Reviewed by Yury Semikhatsky.

        Log error message to inspector console if a resource fails to load.
        Disable checking of mime-type consistency for failed resources.
        https://bugs.webkit.org/show_bug.cgi?id=37215

        Test: http/tests/inspector/console-resource-errors.html

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didReceiveResponse):
        (WebCore::InspectorController::didFailLoading):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.recreateViewForResourceIfNeeded):

2010-04-28  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Support pause on exceptions in v8 implementation of ScriptDebugServer.

        https://bugs.webkit.org/show_bug.cgi?id=38205        

        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::addListener):
        (WebCore::ScriptDebugServer::pauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setPauseOnExceptionsState):
        (WebCore::ScriptDebugServer::currentCallFrame):
        (WebCore::ScriptDebugServer::handleV8DebugMessage):
        (WebCore::ScriptDebugServer::dispatchDidParseSource):
        * bindings/v8/ScriptDebugServer.h:

2010-04-28  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r58313.
        http://trac.webkit.org/changeset/58313
        https://bugs.webkit.org/show_bug.cgi?id=38253

        Regression evident in pixel tests: the search icon is always
        clipped at the bottom. (Requested by jorlow on #webkit).

        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::controlClipRect):
        * rendering/RenderTextControl.h:
        (WebCore::RenderTextControl::hasControlClip):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::paint):
        * rendering/RenderTextControlSingleLine.h:

2010-04-28  Justin McPherson <justin.mcpherson@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix detection of Qt 4.7's multimedia libraries

        QtMultimedia has been split into an additional media services library, which
        we're using. mediaservices depends on multimedia.

        * WebCore.pro:

2010-04-28  Shinichiro Hamaji  <hamaji@chromium.org>

        Unreviewed attempt to fix the chromium build.

        Add layoutTestController.setPrinting()
        https://bugs.webkit.org/show_bug.cgi?id=37203

        * rendering/RenderTreeAsText.cpp:

2010-04-27  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler and Eric Seidel.

        Add layoutTestController.setPrinting()
        https://bugs.webkit.org/show_bug.cgi?id=37203

        Added RenderAsTextPrintingMode as a behavior of externalRepresentation.

        Now ~PrintContext() calls end() automatically.

        * page/PrintContext.cpp:
        (WebCore::PrintContext::~PrintContext):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::externalRepresentation):
        * rendering/RenderTreeAsText.h:
        (WebCore::):

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Eric Seidel.

        Enhance CSS parser for Paged Media (Iteration 4)
        Implement page property parsing as specified at http://dev.w3.org/csswg/css3-page/#using-named-pages.
        https://bugs.webkit.org/show_bug.cgi?id=35853

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parsePage):
        * css/CSSParser.h:

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Dimitri Glazkov.

        Enhance CSS parser for Paged Media (Iteration 3)
        Implement size parameter parsing for Paged Media.
        https://bugs.webkit.org/show_bug.cgi?id=35851

        I believe size property hasn't been used so far because (1) it hasn't been properly parsed and
        (2) a comment in CSSComputedStyleDeclaration::getPropertyCSSValue says so.
        Changing the way of parsing it should not cause any regressions -- no existing tests fail because of this change.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseSize):
        (WebCore::CSSParser::parseSizeParameter):
        * css/CSSParser.h:
        (WebCore::CSSParser::):
        * css/CSSValueKeywords.in:

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Eric Seidel.

        Enhance CSS parser for Paged Media (Iteration 2)
        Parse and hold paged media rules in CSSStyleSelector.

        https://bugs.webkit.org/show_bug.cgi?id=35782

        Test: printing/page-rule-css-text.html

        * css/CSSGrammar.y:
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::CSSPageRule):
        (WebCore::CSSPageRule::selectorText):
        * css/CSSPageRule.h:
        (WebCore::CSSPageRule::create):
        (WebCore::CSSPageRule::isPageRule):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::createPageRule):
        * css/CSSStyleRule.h:
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSRuleSet::getPageRules):
        (WebCore::CSSRuleSet::CSSRuleSet):
        (WebCore::CSSRuleSet::~CSSRuleSet):
        (WebCore::CSSRuleSet::addPageRule):
        (WebCore::CSSRuleSet::addRulesFromSheet):
        * css/CSSStyleSelector.h:
        * css/StyleBase.h:
        (WebCore::StyleBase::isPageRule):

2010-04-27  Daniel Bates  <dbates@rim.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37686

        Fixes an issue where the canvas method strokeRect will stroke a
        rectangle whose dimensions are 0 when lineWidth > 1.

        As per the definition of strokeRect in the HTML Canvas 2D Context
        spec. <http://www.w3.org/TR/2dcontext/#dom-context-2d-strokerect>,
        this method should have no effect when both the height and width
        are zero.

        Tests: fast/canvas/canvas-clearRect.html
               fast/canvas/canvas-fillRect.html

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::validateRectForCanvas): Return false if height, width == 0.

2010-04-27  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Remove obsolete custom bindings file
        https://bugs.webkit.org/show_bug.cgi?id=38223

        We don't need these files anymore because they are empty.

        * Android.jscbindings.mk:
        * GNUmakefile.am:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSAbstractWorkerCustom.cpp: Removed.
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDocumentFragmentCustom.cpp: Removed.
        * bindings/js/JSEventSourceCustom.cpp: Removed.

2010-04-27  Daniel Cheng  <dcheng@chromium.org>

        Reviewed by Jian Li.

        [Chromium] Filter out URLs with a file scheme from text/uri-list when dragging.
        https://bugs.webkit.org/show_bug.cgi?id=38227

        Unfortunately, the simple fix of not populating the drag data with file URLs doesn't work
        since the default drop handling uses the drag data URL to navigate to dropped files/URLs.
        For now, we hack around the problem in the Chromium platform, but the proper long term
        solution is to change DragController::performDrag to check dragData::asFilenames().

        No new tests.

        * platform/chromium/ClipboardChromium.cpp:
        (WebCore::ClipboardChromium::getData):
        (WebCore::ClipboardChromium::types):

2010-04-27  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by the inimitable Dan Bernstein.

        SVG as background image renders incorrectly after zooming
        https://bugs.webkit.org/show_bug.cgi?id=38215
        
        When doing a partial redraw of an SVGImage used as a CSS background
        image, we're limited to drawing the entire Frame, clipped to the dirty rect.
        Because of this, we need to fix up the CTM so that the origin is at the
        top left of the unclipped image, rather than the top left of the
        portion being redrawn.

        Test: fast/images/svg-background-partial-redraw.html

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw):

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by David Hyatt.

        Retry of: Enhance CSS parser for Paged Media (Iteration 1)

        In this change, the grammar is extended and skeletal methods for creating page rules and margin at-rules are defined.
        The contents of the methods should be implemented by other changes.

        https://bugs.webkit.org/show_bug.cgi?id=35329

        Test: fast/css/parsing-page-rule.html

        * css/CSSGrammar.y:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::clearProperties):
        (WebCore::CSSParser::createPageRule):
        (WebCore::CSSParser::createMarginAtRule):
        (WebCore::CSSParser::startDeclarationsForMarginBox):
        (WebCore::CSSParser::endDeclarationsForMarginBox):
        * css/CSSParser.h:
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::pseudoId):
        (WebCore::nameToPseudoTypeMap):
        (WebCore::CSSSelector::extractPseudoType):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::):
        * css/tokenizer.flex:

2010-04-27  Julien Chaffraix  <jchaffraix@webkit.org>

        Unreviewed, rolling out my changes as it rendered the Qt bot unreliable.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
        (WebCore::DocumentThreadableLoader::loadRequest):

2010-04-27  Julien Chaffraix  <jchaffraix@webkit.org>

        Reviewed by Alexey Proskuryakov.

        [XHR] Cross-Origin synchronous request with credential raises NETWORK_ERR
        https://bugs.webkit.org/show_bug.cgi?id=37781
        <rdar://problem/7905150>

        Tests: http/tests/xmlhttprequest/access-control-preflight-credential-async.html
               http/tests/xmlhttprequest/access-control-preflight-credential-sync.html

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Now we remove the
        credential from the request here to avoid forgetting to do so in the different code path.
        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest): Just add the
        "Origin" header.
        (WebCore::DocumentThreadableLoader::loadRequest): Check here the the credential have
        been removed so that we don't leak them. Also tweaked a comment to make it clear that
        the URL check has issue when credential is involved.

2010-04-27  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38238
        Allow both WebKit and WebKit2 to link to the same WebCore.framework

        * Configurations/WebCore.xcconfig: Use -allowable_client WebKit2 to add
        WebKit2 to the list of frameworks that can link directly to WebCore. It
        is not necessary for it to be an umbrella since we don't need to reexport
        any symbols.

2010-04-27  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by David Levin.

        Turn on AUTO_VACUUM = INCREMENTAL for all HTML5 databases.
        https://bugs.webkit.org/show_bug.cgi?id=38191

        Vacuum all databases when the number of free pages is at least 10%
        of the number of total pages. Also, add a guard against a bug that
        was fixed in SQLite only starting with version 3.6.16.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::maximumSize):
        (WebCore::SQLiteDatabase::freeSpaceSize):
        (WebCore::SQLiteDatabase::totalSize):
        (WebCore::SQLiteDatabase::runIncrementalVacuumCommand):
        (WebCore::SQLiteDatabase::turnOnIncrementalAutoVacuum):
        * platform/sql/SQLiteDatabase.h:
        (WebCore::SQLiteDatabase::):
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        (WebCore::SQLiteStatement::step):
        * storage/Database.cpp:
        (WebCore::Database::performOpenAndVerify):
        (WebCore::Database::incrementalVacuumIfNeeded):
        * storage/Database.h:
        * storage/SQLTransaction.cpp:
        (WebCore::SQLTransaction::postflightAndCommit):

2010-04-27  Garret Kelly  <gdk@chromium.org>

        Reviewed by Darin Fisher.

        Turn all of the touch event handlers into RuntimeEnabledFeatures, and
        modify the createEvent methond on Document so that it won't create a
        TouchEvent if the feature is disabled.
        https://bugs.webkit.org/show_bug.cgi?id=37485

        * bindings/generic/RuntimeEnabledFeatures.cpp:
        * bindings/generic/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::touchEnabled):
        (WebCore::RuntimeEnabledFeatures::setTouchEnabled):
        (WebCore::RuntimeEnabledFeatures::ontouchstartEnabled):
        (WebCore::RuntimeEnabledFeatures::ontouchmoveEnabled):
        (WebCore::RuntimeEnabledFeatures::ontouchendEnabled):
        (WebCore::RuntimeEnabledFeatures::ontouchcancelEnabled):
        * dom/Document.cpp:
        (WebCore::Document::createEvent):
        * dom/Document.idl:
        * dom/Element.idl:
        * page/DOMWindow.idl:

2010-04-27  Jens Alfke  <snej@chromium.org>

        Reviewed by Darin Fisher.

        [Chromium] Add some notifications and an accessor to WebKit API
        https://bugs.webkit.org/show_bug.cgi?id=37625

        * dom/Node.cpp:
        (WebCore::Node::hasNonEmptyBoundingBox): New method.
        * dom/Node.h:
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::isKeyboardFocusable): Moved part of method into new Node method

2010-04-27  Jochen Eisinger  <jochen@chromium.org>

        Reviewed by Shinichiro Hamaji.

        Fix gyp build on Mac OS X with enable_svg=0.
        https://bugs.webkit.org/show_bug.cgi?id=38192

        * WebCore.gyp/WebCore.gyp: Only generate SVG symbols if enable_svg!=0.
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Add missing unimplemented CSS properties to switch statement.

2010-04-27  Kinuko Yasuda  <kinuko@chromium.org>

        Reviewed by Jian Li.

        [V8] Handle OR ('|') conditional in action_derivedsourcesallinone.py
        https://bugs.webkit.org/show_bug.cgi?id=38207

        No new tests.

        * WebCore.gyp/scripts/action_derivedsourcesallinone.py:

2010-04-27  François Sausset  <sausset@gmail.com>

        Reviewed by Kenneth Rohde Christiansen.

        Implementation of the MathML mroot & msqrt elements.
        https://bugs.webkit.org/show_bug.cgi?id=37044

        Test: mathml/presentation/roots.xhtml

        * WebCore.xcodeproj/project.pbxproj:
        * css/mathml.css:
        (mroot):
        (mroot > * + *):
        (mroot > * + mrow, mroot > * + mfenced):
        * mathml/MathMLInlineContainerElement.cpp:
        (WebCore::MathMLInlineContainerElement::createRenderer):
        * mathml/RenderMathMLRoot.cpp: Added.
        (WebCore::RenderMathMLRoot::RenderMathMLRoot):
        (WebCore::RenderMathMLRoot::addChild):
        (WebCore::RenderMathMLRoot::paint):
        (WebCore::RenderMathMLRoot::layout):
        * mathml/RenderMathMLRoot.h: Added.
        * mathml/RenderMathMLSquareRoot.cpp: Added.
        (WebCore::RenderMathMLSquareRoot::RenderMathMLSquareRoot):
        (WebCore::RenderMathMLSquareRoot::paint):
        (WebCore::RenderMathMLSquareRoot::layout):
        * mathml/RenderMathMLSquareRoot.h: Added.

2010-04-27  Darin Adler  <darin@apple.com>

        Reviewed by Maciej Stachowiak.

        I noticed an unused forwarding header.

        * ForwardingHeaders/runtime/PropertyMap.h: Removed.

2010-04-27  James Robinson  <jamesr@chromium.org>

        Reviewed by Adam Barth.

        Fix gcc 4.4.1 warnings on Linux in the chromium V8 bindings code.
        https://bugs.webkit.org/show_bug.cgi?id=38153

        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::callFunction):

2010-04-27  Eric Seidel  <eric@webkit.org>

        Unreviewed, rolling out r58318.
        http://trac.webkit.org/changeset/58318
        https://bugs.webkit.org/show_bug.cgi?id=37215

        Broke test on Tiger.  Might just need updated results,
        unclear.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didReceiveResponse):
        (WebCore::InspectorController::didFailLoading):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.recreateViewForResourceIfNeeded):

2010-04-27  Evan Martin  <evan@chromium.org>

        Reviewed by David Levin.

        [chromium] bold bengali text not rendered properly on Linux
        https://bugs.webkit.org/show_bug.cgi?id=37904

        We must let Skia do font fallback, rather than picking a font name
        then handing that to Skia.  For example, if we have Bengali text and
        choose FreeSans + fake bold, and then later reuse the name, Skia will
        helpfully use FreeSansBold (which doesn't cover Bengali).

        Test: fast/text/international/bold-bengali.html

        * platform/graphics/chromium/FontCacheLinux.cpp:
        (WebCore::FontCache::getFontDataForCharacters):

2010-04-27  James Robinson  <jamesr@chromium.org>

        Reviewed by Darin Adler.

        Fix warnings emitted by gcc 4.4.1 on linux in chromium-specific platform graphics files.
        https://bugs.webkit.org/show_bug.cgi?id=38158

        Most of the issues are signed/unsigned mismatches, but there are a few unusued variables
        and functions mixed in.

        * platform/graphics/chromium/FontLinux.cpp:
        (WebCore::adjustTextRenderMode):
        (WebCore::TextRunWalker::getTextRun):
        (WebCore::TextRunWalker::getNormalizedTextRun):
        (WebCore::TextRunWalker::setGlyphXPositions):
        (WebCore::glyphIndexForXPositionInScriptRun):
        (WebCore::Font::offsetForPositionForComplexText):
        (WebCore::Font::selectionRectForComplexText):
        * platform/graphics/chromium/FontPlatformDataLinux.cpp:
        (WebCore::FontPlatformData::setupPaint):
        * platform/graphics/chromium/HarfbuzzSkia.cpp:
        (WebCore::getOutlinePoint):
        * platform/graphics/skia/GraphicsContext3DSkia.cpp:
        (WebCore::GraphicsContext3D::getImageData):
        * platform/graphics/skia/GraphicsContextSkia.cpp:
        (WebCore::isCoordinateSkiaSafe):
        (WebCore::GraphicsContext::fillRect):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::strokeRect):

2010-04-27  Jian Li  <jianli@chromium.org>

        Reviewed by Darin Adler.

        Sending a package file using FormData crashes WebKit on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=37882

        Can't add a layout test because DRT does not support generating the file name.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::submitForm):
        (WebCore::FrameLoader::navigateToDifferentDocument):
        * platform/network/FormData.cpp:
        (WebCore::FormData::appendDOMFormData):
        * platform/network/FormData.h:
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::send):

2010-04-27  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Remove custom NodeIterator bindings
        https://bugs.webkit.org/show_bug.cgi?id=38188

        Another example of CallWith=ScriptState.  This case shows us the right
        way to handle the interaction with exception codes.

        In my previous patch, I put the exception code handling after the
        ScriptState exception handling.  It turns out this was a mistake
        (although a harmless one at the time because no IDL caused us to
        generate that code).  Now that we're generating both kinds of exception
        handling, we need to generate them in the right order.

        * WebCore.gypi:
        * bindings/js/JSNodeIteratorCustom.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_with_script_state_void_exception):
        (webkit_dom_test_obj_with_script_state_obj_exception):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException):
        (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj withScriptStateVoidException]):
        (-[DOMTestObj withScriptStateObjException]):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::withScriptStateVoidCallback):
        (WebCore::TestObjInternal::withScriptStateObjCallback):
        (WebCore::TestObjInternal::withScriptStateVoidExceptionCallback):
        (WebCore::TestObjInternal::withScriptStateObjExceptionCallback):
        (WebCore::):
        * bindings/v8/custom/V8NodeIteratorCustom.cpp: Removed.
        * dom/NodeIterator.idl:

2010-04-27  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Adler.

        Remove copy/paste addEventListener "custom" bindings via code generation
        https://bugs.webkit.org/show_bug.cgi?id=38210

        It's somewhat lame to special case addEventListener and
        removeEventListener in the code generator, but it saves a large amount
        of boilerplate "custom" bindings code.

        Idea shamelessly stolen from the V8 code generator.

        This patch points to some good refactoring opportunities in
        CodeGeneratorJS.pm, but I'm going to hold off on those for a future
        patch.  By generating test coverage for the code generator, we make
        these future refactorings easier.

        * bindings/js/JSAbstractWorkerCustom.cpp:
        * bindings/js/JSDOMApplicationCacheCustom.cpp:
        * bindings/js/JSDesktopNotificationsCustom.cpp:
        * bindings/js/JSEventSourceCustom.cpp:
        * bindings/js/JSMessagePortCustom.cpp:
        * bindings/js/JSNodeCustom.cpp:
        * bindings/js/JSSVGElementInstanceCustom.cpp:
        * bindings/js/JSWebSocketCustom.cpp:
        * bindings/js/JSWorkerContextCustom.cpp:
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::):
        (WebCore::jsTestObjPrototypeFunctionAddEventListener):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj addEventListener:listener:useCapture:]):
        (-[DOMTestObj removeEventListener:listener:useCapture:]):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::addEventListenerCallback):
        (WebCore::TestObjInternal::removeEventListenerCallback):
        (WebCore::):
        * dom/MessagePort.idl:
        * dom/Node.idl:
        * loader/appcache/DOMApplicationCache.idl:
        * notifications/Notification.idl:
        * page/EventSource.idl:
        * svg/SVGElementInstance.idl:
        * websockets/WebSocket.idl:
        * workers/AbstractWorker.idl:
        * workers/WorkerContext.idl:
        * xml/XMLHttpRequest.idl:
        * xml/XMLHttpRequestUpload.idl:

2010-04-27  Sam Weinig  <sam@webkit.org>

        Rubber-stamped by Beth Dakin.

        Remove now unnecessary EXPERIMENTAL_SINGLE_VIEW_MODE #define.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::clearDragState):
        * page/EventHandler.h:
        * page/mac/DragControllerMac.mm:
        * page/mac/EventHandlerMac.mm:
        * platform/mac/PopupMenuMac.mm:

2010-04-27  Ben Murdoch  <benm@google.com>

        Reviewed by Simon Hausmann.

        The TouchStationary state of WebCore::PlatformTouchPoint is not handled inside the touch event handler.
        https://bugs.webkit.org/show_bug.cgi?id=37609

        No new tests required, only updating documentation.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleTouchEvent): Improve the documentation for handling
            the TouchStationary state as a result of discussions in bug 37609.

2010-04-27  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler, Maciej Stachowiak.

        REGRESSION (r57919): Some pages opened in background tabs don't render the first time you activate their tab
        https://bugs.webkit.org/show_bug.cgi?id=38183

        Rather than sprinkle PLATFORM #ifdefs around, add a new method,
        RenderLayerCompositor::shouldPropagateCompositingToIFrameParent(), that indicates whether
        an iframe with composited content should trigger compositing mode in the enclosing document
        (a behavior that differs between platforms).
        
        Use this new method to determine whether to trigger a style recalc in the parent document
        when an iframe becomes composited.
        
        Move the code formerly in RenderView::compositingStateChanged() into RenderLayerCompositor().

        * manual-tests/compositing/accel-comp-iframe-tab-repaint.html: Added.
        * manual-tests/compositing/resources/flash-frame.html: Added.
        * manual-tests/compositing/resources/tab-repaint-part-2.html: Added.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::enableCompositingMode):
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToIFrameParent):
        (WebCore::RenderLayerCompositor::requiresCompositingForIFrame):
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderView.cpp:
        * rendering/RenderView.h:

2010-04-27  Andrey Kosyakov  <caseq@chromium.org>

        Reviewed by Yury Semikhatsky.

        Log error message to inspector console if a resource fails to load.
        Disable checking of mime-type consistency for failed resources.
        https://bugs.webkit.org/show_bug.cgi?id=37215

        Test: http/tests/inspector/console-resource-errors.html

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didReceiveResponse):
        (WebCore::InspectorController::didFailLoading):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.recreateViewForResourceIfNeeded):

2010-04-27  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by Nate Chapin.

        [V8] Fix XHR memory leak in GC controller.
        https://bugs.webkit.org/show_bug.cgi?id=38202

        http://trac.webkit.org/changeset/55798 simplified processing of
        active DOM objects but introduced a subtle bug in garbage
        collection of XHRs. ActiveDOMObject is not a direct base class of
        XHR and so upcasting changes pointer identity and breaks DOM
        maps. This leads to forever live persistent handles to XHR that
        had pending activity while V8 GC happened.

        * bindings/v8/V8GCController.cpp:
        (WebCore::GCEpilogueVisitor::visitDOMWrapper):

2010-04-27  Adam Barth  <abarth@webkit.org>

        Unreviewed.  Regenerate reference bindings code generator output.

        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::withScriptStateVoidCallback):
        (WebCore::TestObjInternal::withScriptStateObjCallback):

2010-04-27  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Dan Bernstein.

        <input type="search"> with uneven padding causes text clipping
        https://bugs.webkit.org/show_bug.cgi?id=38160

        Test: fast/css/input-search-padding.html

        An <input type="search"> contains an inner block, which is explicitly
        centered in RenderTextControlSingleLine based on the height of the element.
        However, the clipping rect was not using the set location, and instead
        calculated off of the top border and padding alone. This also vertically
        centers the Caps Lock indicator.

        * rendering/RenderTextControl.cpp: moved controlClipRect implementation to RenderTextControlSingleLine
        * rendering/RenderTextControl.h: allow a subclass implementation of controlClipRect, removed redundant hasControlClip implementation, and moved controlClipRect
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::paint): vertically center the Caps Lock indicator
        (WebCore::RenderTextControlSingleLine::controlClipRect): use the set location of the anonymous inner block instead
        * rendering/RenderTextControlSingleLine.h: allow for an implementation of controlClipRect for <input type="search">

2010-04-27  Thomas Zander <t.zander@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix linking on Symbian on Linux using the Makefile based mkspec.

        Disable thumb mode due to library size limitations, just like it's done
        for the sbs/sbsv2 based build system.

        * WebCore.pro:

2010-04-21  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Make sure WebKit is not compiled using C++0x.
        https://bugs.webkit.org/show_bug.cgi?id=37867

        As the rest of Qt compiles in the C++0x mode, people might start
        compiling it in this mode. WebKit don't support this yet.

        Patch by Thiago Macieira <thiago.macieira@nokia.com>

        * WebCore.pro:

2010-04-27  Jeremy Orlow  <jorlow@chromium.org>

        Unreviewed build fix.

        Revert 58274 and 58269 (WebSQLDatabase changes)
        https://bugs.webkit.org/show_bug.cgi?id=38191

        Chromium bots are hitting ASSERTS when running layout tests.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::maximumSize):
        (WebCore::SQLiteDatabase::freeSpaceSize):
        * platform/sql/SQLiteDatabase.h:
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        * storage/Database.cpp:
        (WebCore::Database::performOpenAndVerify):
        * storage/Database.h:
        * storage/SQLTransaction.cpp:
        (WebCore::SQLTransaction::postflightAndCommit):

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Unreviewed, fix build breakage by reverting r58299.

        * css/CSSGrammar.y:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::clearProperties):
        * css/CSSParser.h:
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::pseudoId):
        (WebCore::nameToPseudoTypeMap):
        (WebCore::CSSSelector::extractPseudoType):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::):
        * css/tokenizer.flex:

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Shinichiro Hamaji.

        WebCore::CSSSelector::RareData::parseNth doesn't check whether the search for '-' in the argument was successful.
        This results in incorrect parsing.
        For example, '3n' is parsed as if it were '3n-3'. The code has been working OK just accidentally.

        https://bugs.webkit.org/show_bug.cgi?id=37787

        No new tests are added because the original behavior is accidentally OK.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::RareData::parseNth):

2010-04-27  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by David Hyatt.

        Enhance CSS parser for Paged Media (Iteration 1)

        In this change, the grammar is extended and skeletal methods for creating page rules and margin at-rules are defined.
        The contents of the methods should be implemented by other changes.

        https://bugs.webkit.org/show_bug.cgi?id=35329

        Test: fast/css/parsing-page-rule.html

        * css/CSSGrammar.y:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::clearProperties):
        (WebCore::CSSParser::lex):
        (WebCore::CSSParser::text):
        (WebCore::CSSParser::createPageRule):
        (WebCore::CSSParser::createMarginAtRule):
        (WebCore::CSSParser::startDeclarationsForMarginBox):
        (WebCore::CSSParser::endDeclarationsForMarginBox):
        * css/CSSParser.h:
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::extractPseudoType):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::):
        * css/tokenizer.flex:

2010-04-27  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Remove custom bindings for TreeWalker
        https://bugs.webkit.org/show_bug.cgi?id=38182

        This custom code is just CallWith=ScriptState.

        * WebCore.gypi:
        * bindings/js/JSTreeWalkerCustom.cpp:
        (WebCore::JSTreeWalker::markChildren):
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/TestObj.idl:
        * bindings/v8/custom/V8TreeWalkerCustom.cpp: Removed.
        * dom/TreeWalker.idl:

2010-04-27  Eric Seidel  <eric@webkit.org>

        Reviewed by Adam Barth.

        Move code out of GenerateImplementation to make it more smaller
        https://bugs.webkit.org/show_bug.cgi?id=38176

        * bindings/scripts/CodeGeneratorJS.pm:
         - Move some code into a new GenerateAttributesHashTable method.

2010-04-26  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Add CallWith=DynamicFrame to CodeGenerator
        https://bugs.webkit.org/show_bug.cgi?id=38174

        I've only used this in one instance, but this is infrastructure that I
        think will help remove a bunch of custom bindings code.  Also, added a
        few tests of tricky argument cases.

        * bindings/js/JSHTMLFormElementCustom.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_with_dynamic_frame):
        (webkit_dom_test_obj_with_dynamic_frame_and_arg):
        (webkit_dom_test_obj_with_dynamic_frame_and_optional_arg):
        (webkit_dom_test_obj_with_dynamic_frame_and_user_gesture):
        (webkit_dom_test_obj_with_dynamic_frame_and_user_gesture_asad):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrame):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndArg):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndUserGesture):
        (WebCore::jsTestObjPrototypeFunctionWithDynamicFrameAndUserGestureASAD):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj withDynamicFrame]):
        (-[DOMTestObj withDynamicFrameAndArg:]):
        (-[DOMTestObj withDynamicFrameAndOptionalArg:optionalArg:]):
        (-[DOMTestObj withDynamicFrameAndUserGesture:]):
        (-[DOMTestObj withDynamicFrameAndUserGestureASAD:optionalArg:]):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjInternal::withDynamicFrameCallback):
        (WebCore::TestObjInternal::withDynamicFrameAndArgCallback):
        (WebCore::TestObjInternal::withDynamicFrameAndOptionalArgCallback):
        (WebCore::TestObjInternal::withDynamicFrameAndUserGestureCallback):
        (WebCore::TestObjInternal::withDynamicFrameAndUserGestureASADCallback):
        (WebCore::):
        * bindings/v8/custom/V8HTMLFormElementCustom.cpp:
        * html/HTMLFormElement.idl:

2010-04-26  Adam Barth  <abarth@webkit.org>

        Unreviewed.  Update comment to better reflect reality.

        * bindings/scripts/test/TestObj.idl:

2010-04-26  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Add ObjC and GObject to run-bindings-test
        https://bugs.webkit.org/show_bug.cgi?id=38168

        Added expected results.

        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp: Added.
        (WebKit::kit):
        (webkit_dom_test_obj_void_method):
        (webkit_dom_test_obj_void_method_with_args):
        (webkit_dom_test_obj_int_method):
        (webkit_dom_test_obj_int_method_with_args):
        (webkit_dom_test_obj_obj_method):
        (webkit_dom_test_obj_obj_method_with_args):
        (webkit_dom_test_obj_method_with_exception):
        (webkit_dom_test_obj_method_with_optional_arg):
        (webkit_dom_test_obj_method_with_non_optional_arg_and_optional_arg):
        (webkit_dom_test_obj_method_with_non_optional_arg_and_two_optional_args):
        (webkit_dom_test_obj_get_read_only_int_attr):
        (webkit_dom_test_obj_get_read_only_string_attr):
        (webkit_dom_test_obj_get_read_only_test_obj_attr):
        (webkit_dom_test_obj_get_int_attr):
        (webkit_dom_test_obj_set_int_attr):
        (webkit_dom_test_obj_get_string_attr):
        (webkit_dom_test_obj_set_string_attr):
        (webkit_dom_test_obj_get_test_obj_attr):
        (webkit_dom_test_obj_set_test_obj_attr):
        (webkit_dom_test_obj_get_attr_with_exception):
        (webkit_dom_test_obj_set_attr_with_exception):
        (webkit_dom_test_obj_get_attr_with_setter_exception):
        (webkit_dom_test_obj_set_attr_with_setter_exception):
        (webkit_dom_test_obj_get_attr_with_getter_exception):
        (webkit_dom_test_obj_set_attr_with_getter_exception):
        (WebKit::wrapTestObj):
        (WebKit::core):
        (webkit_dom_test_obj_finalize):
        (webkit_dom_test_obj_set_property):
        (webkit_dom_test_obj_get_property):
        (webkit_dom_test_obj_class_init):
        (webkit_dom_test_obj_init):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestObjPrivate.h: Added.
        * bindings/scripts/test/ObjC/DOMTestObj.h: Added.
        * bindings/scripts/test/ObjC/DOMTestObj.mm: Added.
        (-[DOMTestObj dealloc]):
        (-[DOMTestObj finalize]):
        (-[DOMTestObj readOnlyIntAttr]):
        (-[DOMTestObj readOnlyStringAttr]):
        (-[DOMTestObj readOnlyTestObjAttr]):
        (-[DOMTestObj intAttr]):
        (-[DOMTestObj setIntAttr:]):
        (-[DOMTestObj stringAttr]):
        (-[DOMTestObj setStringAttr:]):
        (-[DOMTestObj testObjAttr]):
        (-[DOMTestObj setTestObjAttr:]):
        (-[DOMTestObj attrWithException]):
        (-[DOMTestObj setAttrWithException:]):
        (-[DOMTestObj attrWithSetterException]):
        (-[DOMTestObj setAttrWithSetterException:]):
        (-[DOMTestObj attrWithGetterException]):
        (-[DOMTestObj setAttrWithGetterException:]):
        (-[DOMTestObj customAttr]):
        (-[DOMTestObj setCustomAttr:]):
        (-[DOMTestObj voidMethod]):
        (-[DOMTestObj voidMethodWithArgs:strArg:objArg:]):
        (-[DOMTestObj intMethod]):
        (-[DOMTestObj intMethodWithArgs:strArg:objArg:]):
        (-[DOMTestObj objMethod]):
        (-[DOMTestObj objMethodWithArgs:strArg:objArg:]):
        (-[DOMTestObj methodWithException]):
        (-[DOMTestObj customMethod]):
        (-[DOMTestObj customMethodWithArgs:strArg:objArg:]):
        (-[DOMTestObj methodWithOptionalArg:]):
        (-[DOMTestObj methodWithNonOptionalArgAndOptionalArg:opt:]):
        (-[DOMTestObj methodWithNonOptionalArgAndTwoOptionalArgs:opt1:opt2:]):
        (core):
        (kit):
        * bindings/scripts/test/ObjC/DOMTestObjInternal.h: Added.

2010-04-26  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Add testing infrastructure for JSC bindings generator
        https://bugs.webkit.org/show_bug.cgi?id=38167

        This required moving the test files around a bit more.

        * bindings/scripts/test/JS/JSTestObj.cpp: Added.
        (WebCore::):
        (WebCore::JSTestObjConstructor::JSTestObjConstructor):
        (WebCore::JSTestObjConstructor::classInfo):
        (WebCore::JSTestObjConstructor::createStructure):
        (WebCore::JSTestObjConstructor::getOwnPropertySlot):
        (WebCore::JSTestObjConstructor::getOwnPropertyDescriptor):
        (WebCore::JSTestObjPrototype::self):
        (WebCore::JSTestObjPrototype::getOwnPropertySlot):
        (WebCore::JSTestObjPrototype::getOwnPropertyDescriptor):
        (WebCore::JSTestObj::JSTestObj):
        (WebCore::JSTestObj::~JSTestObj):
        (WebCore::JSTestObj::createPrototype):
        (WebCore::JSTestObj::getOwnPropertySlot):
        (WebCore::JSTestObj::getOwnPropertyDescriptor):
        (WebCore::jsTestObjReadOnlyIntAttr):
        (WebCore::jsTestObjReadOnlyStringAttr):
        (WebCore::jsTestObjReadOnlyTestObjAttr):
        (WebCore::jsTestObjIntAttr):
        (WebCore::jsTestObjStringAttr):
        (WebCore::jsTestObjTestObjAttr):
        (WebCore::jsTestObjAttrWithException):
        (WebCore::jsTestObjAttrWithSetterException):
        (WebCore::jsTestObjAttrWithGetterException):
        (WebCore::jsTestObjCustomAttr):
        (WebCore::jsTestObjConstructor):
        (WebCore::JSTestObj::put):
        (WebCore::setJSTestObjIntAttr):
        (WebCore::setJSTestObjStringAttr):
        (WebCore::setJSTestObjTestObjAttr):
        (WebCore::setJSTestObjAttrWithException):
        (WebCore::setJSTestObjAttrWithSetterException):
        (WebCore::setJSTestObjAttrWithGetterException):
        (WebCore::setJSTestObjCustomAttr):
        (WebCore::JSTestObj::getConstructor):
        (WebCore::jsTestObjPrototypeFunctionVoidMethod):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionIntMethod):
        (WebCore::jsTestObjPrototypeFunctionIntMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionObjMethod):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithException):
        (WebCore::jsTestObjPrototypeFunctionCustomMethod):
        (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):
        (WebCore::toJS):
        (WebCore::toTestObj):
        * bindings/scripts/test/JS/JSTestObj.h: Added.
        (WebCore::JSTestObj::classInfo):
        (WebCore::JSTestObj::createStructure):
        (WebCore::JSTestObj::impl):
        (WebCore::JSTestObjPrototype::classInfo):
        (WebCore::JSTestObjPrototype::createStructure):
        (WebCore::JSTestObjPrototype::JSTestObjPrototype):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp: Renamed from WebCore/bindings/scripts/test/V8TestObj.cpp.
        (WebCore::):
        (WebCore::TestObjInternal::V8_USE):
        (WebCore::TestObjInternal::readOnlyIntAttrAttrGetter):
        (WebCore::TestObjInternal::readOnlyStringAttrAttrGetter):
        (WebCore::TestObjInternal::readOnlyTestObjAttrAttrGetter):
        (WebCore::TestObjInternal::intAttrAttrGetter):
        (WebCore::TestObjInternal::intAttrAttrSetter):
        (WebCore::TestObjInternal::stringAttrAttrGetter):
        (WebCore::TestObjInternal::stringAttrAttrSetter):
        (WebCore::TestObjInternal::testObjAttrAttrGetter):
        (WebCore::TestObjInternal::testObjAttrAttrSetter):
        (WebCore::TestObjInternal::attrWithExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithExceptionAttrSetter):
        (WebCore::TestObjInternal::attrWithSetterExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithSetterExceptionAttrSetter):
        (WebCore::TestObjInternal::attrWithGetterExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithGetterExceptionAttrSetter):
        (WebCore::TestObjInternal::voidMethodCallback):
        (WebCore::TestObjInternal::voidMethodWithArgsCallback):
        (WebCore::TestObjInternal::intMethodCallback):
        (WebCore::TestObjInternal::intMethodWithArgsCallback):
        (WebCore::TestObjInternal::objMethodCallback):
        (WebCore::TestObjInternal::objMethodWithArgsCallback):
        (WebCore::TestObjInternal::methodWithExceptionCallback):
        (WebCore::TestObjInternal::methodWithOptionalArgCallback):
        (WebCore::TestObjInternal::methodWithNonOptionalArgAndOptionalArgCallback):
        (WebCore::TestObjInternal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
        (WebCore::TestObjInternal::overloadedMethod1Callback):
        (WebCore::TestObjInternal::overloadedMethod2Callback):
        (WebCore::TestObjInternal::overloadedMethod3Callback):
        (WebCore::TestObjInternal::overloadedMethod4Callback):
        (WebCore::TestObjInternal::overloadedMethodCallback):
        (WebCore::ConfigureV8TestObjTemplate):
        (WebCore::V8TestObj::GetRawTemplate):
        (WebCore::V8TestObj::GetTemplate):
        (WebCore::V8TestObj::toNative):
        (WebCore::V8TestObj::HasInstance):
        (WebCore::V8TestObj::wrap):
        (WebCore::toV8):
        (WebCore::V8TestObj::derefObject):
        * bindings/scripts/test/V8/V8TestObj.h: Renamed from WebCore/bindings/scripts/test/V8TestObj.h.

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Need to support more efficient dispatch of lightweight builtins
        https://bugs.webkit.org/show_bug.cgi?id=38155

        Update bindings generation to include new thunk generator field
        in the property map hash tables.

        * bindings/scripts/CodeGeneratorJS.pm:

2010-04-26  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Move bindings test directory into the scripts directory
        https://bugs.webkit.org/show_bug.cgi?id=38161

        This test is really of the bindings scripts not of the bindings
        themselves.  By moving the files into the scripts directory, we'll be
        able to test JSC as well.

        * bindings/scripts/test/TestObj.idl: Renamed from WebCore/bindings/v8/test/TestObj.idl.
        * bindings/scripts/test/V8TestObj.cpp: Renamed from WebCore/bindings/v8/test/V8TestObj.cpp.
        (WebCore::):
        (WebCore::TestObjInternal::V8_USE):
        (WebCore::TestObjInternal::readOnlyIntAttrAttrGetter):
        (WebCore::TestObjInternal::readOnlyStringAttrAttrGetter):
        (WebCore::TestObjInternal::readOnlyTestObjAttrAttrGetter):
        (WebCore::TestObjInternal::intAttrAttrGetter):
        (WebCore::TestObjInternal::intAttrAttrSetter):
        (WebCore::TestObjInternal::stringAttrAttrGetter):
        (WebCore::TestObjInternal::stringAttrAttrSetter):
        (WebCore::TestObjInternal::testObjAttrAttrGetter):
        (WebCore::TestObjInternal::testObjAttrAttrSetter):
        (WebCore::TestObjInternal::attrWithExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithExceptionAttrSetter):
        (WebCore::TestObjInternal::attrWithSetterExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithSetterExceptionAttrSetter):
        (WebCore::TestObjInternal::attrWithGetterExceptionAttrGetter):
        (WebCore::TestObjInternal::attrWithGetterExceptionAttrSetter):
        (WebCore::TestObjInternal::voidMethodCallback):
        (WebCore::TestObjInternal::voidMethodWithArgsCallback):
        (WebCore::TestObjInternal::intMethodCallback):
        (WebCore::TestObjInternal::intMethodWithArgsCallback):
        (WebCore::TestObjInternal::objMethodCallback):
        (WebCore::TestObjInternal::objMethodWithArgsCallback):
        (WebCore::TestObjInternal::methodWithExceptionCallback):
        (WebCore::TestObjInternal::methodWithOptionalArgCallback):
        (WebCore::TestObjInternal::methodWithNonOptionalArgAndOptionalArgCallback):
        (WebCore::TestObjInternal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
        (WebCore::TestObjInternal::overloadedMethod1Callback):
        (WebCore::TestObjInternal::overloadedMethod2Callback):
        (WebCore::TestObjInternal::overloadedMethod3Callback):
        (WebCore::TestObjInternal::overloadedMethod4Callback):
        (WebCore::TestObjInternal::overloadedMethodCallback):
        (WebCore::ConfigureV8TestObjTemplate):
        (WebCore::V8TestObj::GetRawTemplate):
        (WebCore::V8TestObj::GetTemplate):
        (WebCore::V8TestObj::toNative):
        (WebCore::V8TestObj::HasInstance):
        (WebCore::V8TestObj::wrap):
        (WebCore::toV8):
        (WebCore::V8TestObj::derefObject):
        * bindings/scripts/test/V8TestObj.h: Renamed from WebCore/bindings/v8/test/V8TestObj.h.

2010-04-26  Daniel Cheng  <dcheng@chromium.org>

        Reviewed by Jian Li.

        [chromium] Fix ChromiumDataObject::setURL to not populate its internal URL list with empty URLs.
        https://bugs.webkit.org/show_bug.cgi?id=38159

        No new tests.

        * platform/chromium/ChromiumDataObject.h:
        (WebCore::ChromiumDataObject::setURL):

2010-04-26  Daniel Cheng  <dcheng@chromium.org>

        Reviewed by Jian Li.

        [Chromium] Don't make file paths available in text/uri-list when dragging files.
        https://bugs.webkit.org/show_bug.cgi?id=25882

        Test will be checked in with WebCore/platform/mac fix.

        * platform/chromium/ClipboardChromium.cpp:
        (WebCore::ClipboardChromium::getData):
        (WebCore::ClipboardChromium::types):

2010-04-26  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        REGRESSION (r57292): 1.5% page load speed regression from visited link information leak fix
        https://bugs.webkit.org/show_bug.cgi?id=38131

        I did a number of separate optimizations which speed up style
        resolution enough to more than make up for the regression. This
        measures as a total PLT speedup of somewhere between 1.5% and
        3.7%.
       
        Optimizations done:
        - Cache determineLinkState results, to avoid the need to repeatedly compute
        the visited link hash for the same element. This directly addresses much
        of the slowdown, since all elements get their style computed twice now.
        - Added a fast way to get the length of a CSSMutableStyleDeclaration, and use
        in CSSStyleSelector::matchRulesForList, since it was hot there.
        - Hoist some loop invariant code that's not detected by the compiler out of the
        main loop in matchRulesForList
        - inline CSSStyleSelector::initElement and locateSharedStyle,
        since there is only one call site in each case
        - Inline the common non-line fast case of determineLinkState, and split the rest into
        out-of-line determineLinkStateSlowCase.
        - Added inline versions of the functions called by
        visitedLinkHash (the version called by determineLinkState).

        * css/CSSMutableStyleDeclaration.cpp:
        (WebCore::CSSMutableStyleDeclaration::length): Implemented in terms of new
        inline nonvirtual mutableLength().
        * css/CSSMutableStyleDeclaration.h:
        (WebCore::CSSMutableStyleDeclaration::mutableLength): Added new nonvirtual
        inline way to get the length if you know you have a mutable style decl.
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::init): Clear cached link state.
        (WebCore::CSSStyleSelector::matchRulesForList): hoist some code out of the main
        loop and get style decl length more efficiently.
        (WebCore::CSSStyleSelector::initElement): inline (only one call site)
        (WebCore::CSSStyleSelector::SelectorChecker::determineLinkState): Inline fast
        case, call slow case.
        (WebCore::CSSStyleSelector::SelectorChecker::determineLinkStateSlowCase): Split
        most of the above function into this slow case helper.
        (WebCore::CSSStyleSelector::canShareStyleWithElement): Use the cache-enabled
        way to get the current link state.
        (WebCore::CSSStyleSelector::locateSharedStyle): inline
        (WebCore::CSSStyleSelector::styleForElement): Use the cache-enabled way
        to get the current link state.
        * css/CSSStyleSelector.h:
        (WebCore::CSSStyleSelector::currentElementLinkState): inline way to
        get link state for the current element; manages the cache
        * platform/LinkHash.cpp:
        (WebCore::visitedLinkHashInline): inline version of below function
        (WebCore::visitedLinkHash): call the inline version
        (WebCore::visitedURLInline): inline version of below function
        (WebCore::visitedURL): call the inline version
        (WebCore::visitedURL): call inline versions of above two functions

2010-04-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Alexey Proskuryakov.

        Remove last use of WEB_THREAD.

        * platform/mac/WebCoreObjCExtras.mm:
        (WebCoreObjCScheduleDeallocateOnMainThread): This can always use
        isMainThread().

2010-04-26  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Dimitri Glazkov.

        Turn on AUTO_VACUUM = INCREMENTAL for all HTML5 databases, and
        vacuum all databases when the number of free pages is at least 10%
        of the number of total pages. Also, adding a guard against a bug
        that was fixed in SQLite only starting with version 3.6.16.

        https://bugs.webkit.org/show_bug.cgi?id=36251

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::totalSize):
        (WebCore::SQLiteDatabase::runIncrementalVacuumCommand):
        (WebCore::SQLiteDatabase::turnOnIncrementalAutoVacuum):
        * platform/sql/SQLiteDatabase.h:
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        * storage/Database.cpp:
        (WebCore::Database::performOpenAndVerify):
        (WebCore::Database::incrementalVacuumIfNeeded):
        * storage/Database.h:
        * storage/SQLTransaction.cpp:
        (WebCore::SQLTransaction::postflightAndCommit):

2010-04-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7766413>
        
        Fixed a crash seen when using the JavaScriptCore API with WebKit.
        
        No layout test because DumpRenderTree doesn't use the JavaScriptCore API
        in this way.

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener): Don't assign 0 to a WeakGCPtr.
        JavaScriptCore no longer allows this.

        * bindings/js/ScriptWrappable.h:
        (WebCore::ScriptWrappable::setWrapper): No need to initialize a WeakGCPtr
        to 0, or ASSERT a non-0 value before assigning to a WeakGCPtr -- both are
        default behaviors.

2010-04-25  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38097
        Disentangle initializing the main thread from initializing threading

        * WebCore.xcodeproj/project.pbxproj: Sort files.

        * accessibility/mac/AccessibilityObjectWrapper.mm: Remove unnessary
        +initialize method. The AccessibilityObjectWrapper has no data members
        that need to be derefed, so it does not need to be finalized on the main
        thread.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::initializeThreading): Add call to initializeMainThread.
        * bindings/objc/WebScriptObject.mm:
        (+[WebScriptObject initialize]): Add call to initializeMainThreadToProcessMainThread.
        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::initializeThreading): Add call to initializeMainThread.
        * platform/mac/SharedBufferMac.mm:
        (+[WebCoreSharedBufferData initialize]): Add call to initializeMainThreadToProcessMainThread.

2010-04-26  Yongjun Zhang  <yongjun_zhang@apple.com>

        Reviewed by Alexey Proskuryakov.
        
        https://bugs.webkit.org/show_bug.cgi?id=38128
        Don't add empty credential to CredentialStorage.
        
        An empty credential is currently regarded as a invalid login because it means a missing value in 
        protectionSpaceToCredentialMap.  This change makes it consistent with current WebCore's behavior
        by ignoring empty credentials.
        
        No new tests added since this only affects credential entered by user from credential dialog,
        which is not testable in DRT.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::receivedCredential):

2010-04-26  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Clean-up WebCore.pro after now that JavaScriptCore is built separately
        https://bugs.webkit.org/show_bug.cgi?id=38123

        HAVE_STDINT_H, and HAVE_PTHREAD_NP_H no longer needs to be defined
        for QtWebKit  as JavaScriptCore is built separately. These defines are only 
        used  by JavaScriptCore and for JavaScriptCore these are already
        properly defined in JavaScriptCore/config.h.

        No new tests, no new functionality.

        * WebCore.pro:

2010-04-26  Roman Gershman  <romange@google.com>

        Reviewed by Adam Barth.

        [Chromium] Font size in suggestions popup menu should be correlated with the font size of its text field.
        The following manual test checks for desired behavior.

        https://bugs.webkit.org/show_bug.cgi?id=37977

        * manual-tests/chromium/suggestions-popup-font-change.html: Added.

2010-04-26  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Kenneth Rohde Christiansen.

        View modes names in CSSValueKeywords.in
        https://bugs.webkit.org/show_bug.cgi?id=38125

        View mode names has changed in previous patch but CSSValueKeywords.in file was
        not updated.

        * css/CSSValueKeywords.in:

2010-04-26  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Fix compilation with RVCT 4
        https://bugs.webkit.org/show_bug.cgi?id=37727

        Swap extern and declspec to fix visibility of symbol imported from QtGui.

        * page/qt/EventHandlerQt.cpp:

2010-04-26  Ruben Van Boxem  <vanboxem.ruben@gmail.com>

        Reviewed by Adam Roben.

        Fixes for Win64 compilation under gcc (mingw-w64)

        *  WebCore/bridge/npapi.h: for win64 compatibility, mirroring mozilla-central, see Mozilla bug 560298
        *  WebCore/platform/Arena.h: uword is used to cast from pointers here. unsigned long is 32-bit on Windows (but 64-bit on mac), and too small to hold a pointer. uintptr_t is 32-bit on 32-bit systems (mac, linux and windows) and 64-bit on all 64-bit systems
        *  WebCore/platform/graphics/transforms/TransformationMatrix.h: let mingw-w64/w32 use MSVC codepath
        *  WebCore/platform/text/TextStream.cpp: let mingw-w64 use MSVC codepath
        *  WebCore/platform/text/TextStream.h: let mingw-w64 use MSVC codepath
        *  WebCore/plugins/PluginView.cpp: fix pointer casts on WIN64 and let mingw-w64 use MSVC codepath
        *  WebCore/plugins/win/PluginViewWin.cpp: fix pointer casts on WIN64

2010-04-26  Markus Goetz  <Markus.Goetz@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] HTTP pipelining efficiency increase
        https://bugs.webkit.org/show_bug.cgi?id=38062

        Increase number of network requests that are fed into
        QNetworkAccessManager.

        * platform/network/qt/ResourceRequestQt.cpp:
        (WebCore::initializeMaximumHTTPConnectionCountPerHost):

2010-04-26  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: undefined shows up on inspector.
        https://bugs.webkit.org/show_bug.cgi?id=38120

        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.hide):
        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype.set visible):

2010-04-26  Bruno Schmidt  <bruno.schmidt@gmail.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Exposing an QVariantMap containing QObjectStar to Javascript
        causes Segmentation Fault
        https://bugs.webkit.org/show_bug.cgi?id=34729

        If an QVariantMap containing QObjectStar is added to the to QtWebkit
        Javascript, it's use causes Segmentation Fault.
        It happens because, in the case QMetaType::QVariantMap, the "root"
        object that is inside of a PassRefPtr is passed recursively inside a
        loop to recover the content of the map, but the PassRefPtr semantics
        prohibit its use inside a loop, so the "root" object mus be passed
        using the method "PassRefPtr::get" in order to keep the current
        reference.

        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::convertValueToQVariant):
        (JSC::Bindings::convertQVariantToValue): change to root.get()

2010-04-26  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: Render clip in summary bar using "arc", not "quadraticCurveTo".

        https://bugs.webkit.org/show_bug.cgi?id=38107

        * inspector/front-end/SummaryBar.js:
        (WebInspector.SummaryBar.prototype._drawSummaryGraph.drawPill):
        (WebInspector.SummaryBar.prototype._drawSummaryGraph):

2010-04-26  Andreas Kling  <andreas.kling@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Fix compilation against Qt 4.7

        Some QtMultimedia things have been moved into QtMediaServices
        https://bugs.webkit.org/show_bug.cgi?id=38111

        * WebCore.pro:
        * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
        (WebCore::MediaPlayerPrivate::supportsType):
        (WebCore::MediaPlayerPrivate::totalBytes):

2010-04-26  Zoltan Herczeg  <zherczeg@webkit.org>

        Reviewed by Dirk Schulze.

        Call setStrokeStyle in applyStrokeStyleToContext
        https://bugs.webkit.org/show_bug.cgi?id=37849

        Not all platforms set the stroke style to solid if they
        get an empty line dash array. Some just ignore the operation.

        * rendering/SVGRenderSupport.cpp:
        (WebCore::applyStrokeStyleToContext):

2010-04-23  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Pavel Feldman.

        WebInspector: Aggregated stats of time spent in children records should be visible
        in the popup panel of parent record. Crash in pushGCEventRecord also was fixed.
        https://bugs.webkit.org/show_bug.cgi?id=37820

        * English.lproj/localizedStrings.js:
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::pushGCEventRecords):
        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype._innerAddRecordToTimeline):
        (WebInspector.TimelinePanel.prototype._createRootRecord):
        (WebInspector.TimelinePanel.prototype._showPopover):
        (WebInspector.TimelineCalculator.prototype.computeBarGraphPercentages):
        (WebInspector.TimelineCalculator.prototype.computeBarGraphWindowPosition):
        (WebInspector.TimelineRecordGraphRow):
        (WebInspector.TimelineRecordGraphRow.prototype.update):
        (WebInspector.TimelinePanel.FormattedRecord):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._generateAggregatedInfo):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._generatePopupContent):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._getRecordDetails):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._calculateAggregatedStats):
        * inspector/front-end/inspector.css:
        (.timeline-graph-bar.with-children):
        (.timeline-graph-bar.cpu):
        (.timeline-aggregated-category):
        (.timeline-loading):
        (.timeline-scripting):
        (.timeline-rendering):
        (.popover .timeline-aggregated-category.timeline-loading):
        (.timeline-details-title):

2010-04-25  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        WebKit crashes with deeply nested divs
        https://bugs.webkit.org/show_bug.cgi?id=18282

        The HTML parser caps a tree depth by MAX_DOM_TREE_DEPTH defined in
        TreeDepthLimit.h. This is performance-efficient, but does not work for
        DOM operations such as Node.appendChild().

        Test: fast/parser/element-nesting-cap.html

        * dom/Node.h:
        * dom/XMLTokenizer.cpp:
        (WebCore::XMLTokenizer::pushCurrentNode):
        * html/HTMLParser.cpp:

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/TreeDepthLimit.h:
          Added. Define MAX_DOM_TREE_DEPTH. The default value is 5000.
        * dom/XMLTokenizer.cpp: Use maxDOMTreeDepth.
        (WebCore::XMLTokenizer::pushCurrentNode):
        * html/HTMLParser.cpp:
          Introduce m_treeDepth, which counts the depth of the tree.
          Unlike m_blocksInStack, it contains the number of non-block nodes.
        (WebCore::HTMLParser::HTMLParser):
        (WebCore::HTMLParser::reset):
        (WebCore::HTMLParser::limitDepth):
          Renamed from limitBlockDepth. Add check for m_nodeDepth.
        (WebCore::HTMLParser::insertNodeAfterLimitDepth):
          Renamed from insertNodeAfterLimitBlockDepth.
        (WebCore::HTMLParser::parseToken):
        (WebCore::HTMLParser::handleResidualStyleCloseTagAcrossBlocks):
        (WebCore::HTMLParser::pushBlock):
        (WebCore::HTMLParser::popOneBlockCommon):
        (WebCore::HTMLParser::freeBlock):
        * html/HTMLParser.h:

2010-04-25  Andrey Kosyakov  <caseq@chromium.org>

        Reviewed by Adam Barth.

        Get context properly when event handler was created on
        the main world.
        https://bugs.webkit.org/show_bug.cgi?id=37947

        Test: http/tests/security/isolatedWorld/dispatchEvent.html

        * bindings/v8/WorldContextHandle.cpp:
        (WebCore::WorldContextHandle::adjustedContext):

2010-04-25  yael aharon  <yael.aharon@nokia.com>

        Reviewed by Adele Peterson.

        Allow styling of HTMLProgressElement.
        https://bugs.webkit.org/show_bug.cgi?id=37901

        Added a new pseudo element to represent the value portion of the progress element.
        Web developers can style this pseudo element separate from the rest of the progress element.

        Test: fast/dom/HTMLProgressElement/progress-bar-value-pseudo-element.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::pseudoId):
        (WebCore::nameToPseudoTypeMap):
        (WebCore::CSSSelector::extractPseudoType):
        * css/CSSSelector.h:
        * css/CSSValueKeywords.in:
        * platform/ThemeTypes.h:
        * rendering/RenderProgress.cpp:
        (WebCore::ProgressValueElement::isShadowNode):
        (WebCore::ProgressValueElement::shadowParentNode):
        (WebCore::ProgressValueElement::ProgressValueElement):
        (WebCore::RenderProgress::RenderProgress):
        (WebCore::RenderProgress::~RenderProgress):
        (WebCore::RenderProgress::layout):
        (WebCore::RenderProgress::styleDidChange):
        (WebCore::RenderProgress::updateFromElement):
        (WebCore::RenderProgress::updateValuePartState):
        (WebCore::RenderProgress::createStyleForValuePart):
        (WebCore::RenderProgress::updateAnimationState):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::isControlStyled):
        * rendering/RenderProgress.h:
        * rendering/style/RenderStyleConstants.h:

2010-04-24  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Don't propagate compositing out of iframes on Mac
        https://bugs.webkit.org/show_bug.cgi?id=38072

        Propagating compositing out of iframes caused too many regressions on Mac,
        so only do it for other platforms that may need to hook compositing layers
        together across iframe boundaries.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForIFrame):

2010-04-24  Anton Muhin  <antonm@chromium.org>

        Reviewed by Darin Adler.

        Allow to construct HashTraits<WebCore::QualifiedName>::constructDeletedValue

        Former implementation attempted to use AtomicString(HashTableDeletedValue)
        however those values cannot be used that way: one cannot construct
        QualifiedNameImpl out of such AtomicString as we'll try to lookup this string
        in the table, for example.
        https://bugs.webkit.org/show_bug.cgi?id=37722

        * dom/QualifiedName.cpp:
        (WebCore::QualifiedName::deref): check that hash table deleted values never derefed
        * dom/QualifiedName.h:
        (WebCore::QualifiedName::QualifiedName): add a constructor to create hash table deleted values
        (WebCore::QualifiedName::isHashTableDeletedValue): add a check if given instance is hash table deleted value
        (WTF::):

2010-04-24  Julien Chaffraix  <jchaffraix@webkit.org>

        Reviewed by Alexey Proskuryakov.

        protocolHostAndPortEquals host check makes a wrong assumption
        https://bugs.webkit.org/show_bug.cgi?id=37777

        The host check assumed that both host started at the same position. This is true
        if both URL are the same but sometimes one has credential and the other does not.
        In this case, the method would compare invalid positions.

        Test: http/tests/appcache/credential-url.html

        * platform/KURL.cpp:
        (WebCore::protocolHostAndPortAreEqual):
        * platform/KURLGoogle.cpp:
        (WebCore::protocolHostAndPortAreEqual):
        Fix the host check to take both URL's credential into account.

2010-04-24  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Fix linkage on several bots (no idea, why it worked in a from-scratch rebuild on Leopard on my machine!) -> include NodeRenderStyle.h
        Having to include NodeRenderStyle.h just to pull in the renderStyle() is a crazy concept, but I see what it tries to avoid (including RenderObject.h in Node.h)

        * rendering/SVGRenderSupport.cpp:

2010-04-24  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Fix release builds, wrap resourceMode assertion in NDEBUG blocks, use UNUSED_PARAM() otherwhise.

        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyResource):
        * rendering/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::applyResource):
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        * rendering/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):

2010-04-24  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        SVGPaintServer needs to be converted to the new RenderSVGResource* system
        https://bugs.webkit.org/show_bug.cgi?id=37986

        Huge speedup for SVG painting using paint servers (gradient/patterns). Cache underlying
        WebCore::Gradient/Pattern datastructures, do not rebuild them on every painting. This marks
        the finish of the SVGResource -> RenderSVGResource transition.

        Outline of same key changes:
        - RenderSVGResource is an abstract base class now, and the previous class is now named RenderSVGResourceContainer
          All resources except RenderSVGResourceSolidColor now inherit from RenderSVGResourceContainer, as they are all
          associated with a SVG*Element class. RenderSVGResourceSolidColor inherits from RenderSVGResource, and is not
          associated with any SVG*Element class. RenderSVGResourceSolidColor is not a render tree object, despite its name.
          The reason for that is consistency with all other painting resources.
        - RenderSVGResourceSolidColor does not live in the render tree, and exists only as static object, which is shared
          and always used when filling/stroking with solid colors - just like the old SVGPaintServerSolid.
        - RenderSVGResourceGradient/RenderSVGResourcePattern now store the underlying WebCore::Gradient/Pattern object
          instead of rebuilding it everytime we're asked to paint -> this is the main difference with the old concept, leading
          to much faster speed.
        - SVGResource has vanished. All resources (clipper/filter/marker/masker/gradient/pattern) now share the same codepaths
          to handle updates and client invalidation - which is a huge benefit, and makes the code easier to understand.

        * Android.mk: Remove svg/graphics/SVGResource*, svg/graphics/SVGPaintServer.h from build.
        * GNUmakefile.am: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.pro: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * platform/graphics/Gradient.cpp: Add addColorStop() method taking a ColorStop const-reference.
        (WebCore::Gradient::addColorStop):
        * platform/graphics/Gradient.h: Ditto.
        * platform/graphics/TextRun.h: Rename SVGPaintServer to RenderSVGResource
        (WebCore::TextRun::TextRun):
        (WebCore::TextRun::activePaintingResource): Renamed from activePaintServer.
        (WebCore::TextRun::setActivePaintingResource): Renamed from setActivePaintServer.
        * platform/graphics/win/GraphicsContextWin.cpp: Remove references to SVGResourceImage, which was removed a long time ago.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::toRenderSVGResourceContainer): Renamed from toRenderSVGResource().
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isSVGGradientStop): Added.
        (WebCore::RenderObject::isSVGResourceContainer): Renamed from isSVGResource().
        * rendering/RenderPath.cpp: Utilize RenderSVGResource::fill/strokePaintingResource to request paint servers, instead of SVGPaintServer.
        (WebCore::RenderPath::fillContains): Adapt to new concept.
        (WebCore::RenderPath::strokeContains): Ditto.
        (WebCore::fillAndStrokePath): Ditto.
        (WebCore::RenderPath::paint): Ditto.
        * rendering/RenderSVGGradientStop.cpp:
        (WebCore::RenderSVGGradientStop::styleDidChange): Ditto.
        * rendering/RenderSVGGradientStop.h: Fixed indention.
        * rendering/RenderSVGResource.cpp: Refactored old SVGPaintServer code to request fill/stroke painting resources, splitted up in several methods to aid readability. 
        (WebCore::registerPendingResource):
        (WebCore::adjustColorForPseudoRules):
        (WebCore::RenderSVGResource::fillPaintingResource):
        (WebCore::RenderSVGResource::strokePaintingResource):
        (WebCore::RenderSVGResource::sharedSolidPaintingResource):
        (WebCore::RenderSVGResource::markForLayoutAndResourceInvalidation):
        * rendering/RenderSVGResource.h: Make RenderSVGResource an abstract base class, see above for the reasoning.
        (WebCore::RenderSVGResource::RenderSVGResource):
        (WebCore::RenderSVGResource::~RenderSVGResource):
        (WebCore::RenderSVGResource::postApplyResource):
        * rendering/RenderSVGResourceClipper.cpp: Inherit from RenderSVGResourceContainer instead of RenderSVGResource.
        (WebCore::RenderSVGResourceClipper::RenderSVGResourceClipper):
        (WebCore::RenderSVGResourceClipper::invalidateClient):
        (WebCore::RenderSVGResourceClipper::applyResource): Adapt to signature changes (add RenderStyle* and resource mode parameters)
        (WebCore::RenderSVGResourceClipper::applyClippingToContext):
        * rendering/RenderSVGResourceClipper.h:
        * rendering/RenderSVGResourceContainer.h: Added. Renamed from RenderSVGResource. Now inherits from RenderSVGHiddenContainer and RenderSVGResource.
        (WebCore::RenderSVGResourceContainer::RenderSVGResourceContainer):
        (WebCore::RenderSVGResourceContainer::~RenderSVGResourceContainer):
        (WebCore::RenderSVGResourceContainer::idChanged):
        (WebCore::RenderSVGResourceContainer::isSVGResourceContainer):
        (WebCore::RenderSVGResourceContainer::drawsContents):
        (WebCore::RenderSVGResourceContainer::toRenderSVGResourceContainer):
        (WebCore::getRenderSVGResourceContainerById):
        (WebCore::getRenderSVGResourceById):
        * rendering/RenderSVGResourceFilter.cpp: Inherit from RenderSVGResourceContainer instead of RenderSVGResource.
        (WebCore::RenderSVGResourceFilter::RenderSVGResourceFilter):
        (WebCore::RenderSVGResourceFilter::invalidateClient):
        (WebCore::RenderSVGResourceFilter::applyResource): Adapt to signature changes (add RenderStyle* and resource mode parameters)
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        * rendering/RenderSVGResourceFilter.h:
        * rendering/RenderSVGResourceGradient.cpp: Moved from SVGPaintServerGradient, cleaned up and refactored.
        (WebCore::RenderSVGResourceGradient::RenderSVGResourceGradient):
        (WebCore::RenderSVGResourceGradient::~RenderSVGResourceGradient):
        (WebCore::RenderSVGResourceGradient::invalidateClients):
        (WebCore::RenderSVGResourceGradient::invalidateClient):
        (WebCore::createMaskAndSwapContextForTextGradient):
        (WebCore::clipToTextMask):
        (WebCore::RenderSVGResourceGradient::applyResource):
        * rendering/RenderSVGResourceGradient.h:
        (WebCore::RenderSVGResourceGradient::resourceBoundingBox):
        * rendering/RenderSVGResourceLinearGradient.cpp: Moved from SVGPaintServerLinearGradient, cleaned up and refactored.
        (WebCore::RenderSVGResourceLinearGradient::RenderSVGResourceLinearGradient):
        (WebCore::RenderSVGResourceLinearGradient::~RenderSVGResourceLinearGradient):
        (WebCore::RenderSVGResourceLinearGradient::buildGradient):
        * rendering/RenderSVGResourceLinearGradient.h:
        (WebCore::RenderSVGResourceLinearGradient::renderName):
        (WebCore::RenderSVGResourceLinearGradient::resourceType):
        * rendering/RenderSVGResourceMarker.cpp: Inherit from RenderSVGResourceContainer instead of RenderSVGResource.
        (WebCore::RenderSVGResourceMarker::RenderSVGResourceMarker):
        (WebCore::RenderSVGResourceMarker::invalidateClient):
        * rendering/RenderSVGResourceMarker.h:
        (WebCore::RenderSVGResourceMarker::applyResource):
        * rendering/RenderSVGResourceMasker.cpp: Inherit from RenderSVGResourceContainer instead of RenderSVGResource.
        (WebCore::RenderSVGResourceMasker::RenderSVGResourceMasker):
        (WebCore::RenderSVGResourceMasker::invalidateClient):
        (WebCore::RenderSVGResourceMasker::applyResource):
        * rendering/RenderSVGResourceMasker.h:
        (WebCore::MaskerData::MaskerData):
        * rendering/RenderSVGResourcePattern.cpp: Moved from SVGPaintServerPattern, cleaned up and refactored.
        (WebCore::RenderSVGResourcePattern::RenderSVGResourcePattern):
        (WebCore::RenderSVGResourcePattern::~RenderSVGResourcePattern):
        (WebCore::RenderSVGResourcePattern::invalidateClients):
        (WebCore::RenderSVGResourcePattern::invalidateClient):
        (WebCore::RenderSVGResourcePattern::applyResource):
        (WebCore::RenderSVGResourcePattern::postApplyResource):
        (WebCore::calculatePatternBoundaries):
        (WebCore::RenderSVGResourcePattern::calculatePatternBoundariesIncludingOverflow):
        (WebCore::RenderSVGResourcePattern::createTileImage):
        (WebCore::RenderSVGResourcePattern::buildPattern):
        * rendering/RenderSVGResourcePattern.h:
        (WebCore::RenderSVGResourcePattern::renderName):
        (WebCore::RenderSVGResourcePattern::resourceBoundingBox):
        (WebCore::RenderSVGResourcePattern::resourceType):
        * rendering/RenderSVGResourceRadialGradient.cpp: Moved from SVGPaintServerRadialGradient, cleaned up and refactored.
        (WebCore::RenderSVGResourceRadialGradient::RenderSVGResourceRadialGradient):
        (WebCore::RenderSVGResourceRadialGradient::~RenderSVGResourceRadialGradient):
        (WebCore::RenderSVGResourceRadialGradient::buildGradient):
        * rendering/RenderSVGResourceRadialGradient.h:
        (WebCore::RenderSVGResourceRadialGradient::renderName):
        (WebCore::RenderSVGResourceRadialGradient::resourceType):
        * rendering/RenderSVGResourceSolidColor.cpp: Moved from SVGPaintServerSolid, cleaned up and refactored.
        (WebCore::RenderSVGResourceSolidColor::RenderSVGResourceSolidColor):
        (WebCore::RenderSVGResourceSolidColor::~RenderSVGResourceSolidColor):
        (WebCore::RenderSVGResourceSolidColor::applyResource):
        (WebCore::RenderSVGResourceSolidColor::postApplyResource):
        * rendering/RenderSVGResourceSolidColor.h:
        (WebCore::RenderSVGResourceSolidColor::invalidateClients):
        (WebCore::RenderSVGResourceSolidColor::invalidateClient):
        (WebCore::RenderSVGResourceSolidColor::resourceBoundingBox):
        (WebCore::RenderSVGResourceSolidColor::resourceType):
        (WebCore::RenderSVGResourceSolidColor::color):
        (WebCore::RenderSVGResourceSolidColor::setColor):
        * rendering/RenderSVGText.cpp:
        (WebCore::RenderSVGText::paint): Early exit if painting is disabled.
        * rendering/RenderTreeAsText.cpp:
        (WebCore::write): Add RenderSVGGradientStop dumping.
        (WebCore::externalRepresentation): Remove SVGResource dumping.
        * rendering/SVGInlineTextBox.cpp: Adapt to SVGPaintServer changes (paint server request).
        (WebCore::SVGInlineTextBox::paintCharacters):
        (WebCore::SVGInlineTextBox::paintDecoration):
        * rendering/SVGInlineTextBox.h: Ditto.
        (WebCore::SVGTextPaintInfo::SVGTextPaintInfo):
        * rendering/SVGRenderSupport.cpp: Ditto.
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        (WebCore::SVGRenderBase::finishRenderSVGContent):
        (WebCore::invalidatePaintingResource):
        (WebCore::deregisterFromResources):
        (WebCore::dashArrayFromRenderingStyle): Moved here from SVGPaintServer.
        (WebCore::applyStrokeStyleToContext): Ditto.
        * rendering/SVGRenderSupport.h:
        * rendering/SVGRenderTreeAsText.cpp: Add new gradient/pattern dumping code. Stops are now properly dumped as well!
        (WebCore::operator<<):
        (WebCore::writeSVGPaintingResource):
        (WebCore::writeStyle):
        (WebCore::boundingBoxModeString):
        (WebCore::writeCommonGradientProperties):
        (WebCore::writeSVGResourceContainer):
        (WebCore::writeSVGGradientStop):
        * rendering/SVGRenderTreeAsText.h:
        * rendering/SVGRootInlineBox.cpp: Adapt to SVGPaintServer changes (paint server request).
        (WebCore::SVGRootInlineBoxPaintWalker::SVGRootInlineBoxPaintWalker):
        (WebCore::SVGRootInlineBoxPaintWalker::~SVGRootInlineBoxPaintWalker):
        (WebCore::SVGRootInlineBoxPaintWalker::teardownFillPaintServer):
        (WebCore::SVGRootInlineBoxPaintWalker::teardownStrokePaintServer):
        (WebCore::SVGRootInlineBoxPaintWalker::setupBackground):
        (WebCore::SVGRootInlineBoxPaintWalker::setupFill):
        (WebCore::SVGRootInlineBoxPaintWalker::setupFillSelection):
        (WebCore::SVGRootInlineBoxPaintWalker::setupStroke):
        (WebCore::SVGRootInlineBoxPaintWalker::setupStrokeSelection):
        (WebCore::SVGRootInlineBoxPaintWalker::setupForeground):
        (WebCore::SVGRootInlineBoxPaintWalker::activePaintingResource):
        (WebCore::SVGRootInlineBoxPaintWalker::paintChunk):
        * svg/GradientAttributes.h: Remove SVGGradientStop, use Gradient::ColorStop vector. Cleanup.
        (WebCore::GradientAttributes::stops):
        (WebCore::GradientAttributes::setStops):
        * svg/LinearGradientAttributes.h: Move ENABLE(SVG) guard to correct location.
        * svg/PatternAttributes.h: Add missing includes and class forwards.
        * svg/RadialGradientAttributes.h: Move ENABLE(SVG) guard to correct location.
        * svg/SVGClipPathElement.cpp: Rename invalidateCanvasResources() to invalidateResourceClients().
        (WebCore::SVGClipPathElement::svgAttributeChanged):
        (WebCore::SVGClipPathElement::childrenChanged): Only call invalidateResourceClients() when !changedByParser is set.
        * svg/SVGClipPathElement.h:
        * svg/SVGDocumentExtensions.cpp: Change HashMaps to hash AtomicStrings instead of Strings. Rename RenderSVGResource to RenderSVGResourceContainer.
        (WebCore::SVGDocumentExtensions::addResource):
        (WebCore::SVGDocumentExtensions::removeResource):
        (WebCore::SVGDocumentExtensions::resourceById):
        (WebCore::SVGDocumentExtensions::addPendingResource):
        * svg/SVGDocumentExtensions.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::insertedIntoDocument): Remove reference to SVGResource::invalidateClients(), handled differently now.
        (WebCore::SVGElement::updateAnimatedSVGAttribute): Change assertion, that is incorrect now.
        * svg/SVGElement.h: Make updateAnimatedSVGAttribute() public.
        * svg/SVGFont.cpp: Adapt to SVGPaintServer changes (paint server request).
        (WebCore::Font::drawTextUsingSVGFont):
        * svg/SVGGElement.cpp: If style()->display() is NONE, create a RenderSVGHiddenContainer, removing hacks in SVGStopElement for pservers-grad-19-b.svg (yes, SVG is crazy.)
        (WebCore::SVGGElement::createRenderer):
        * svg/SVGGElement.h: Remove childrenChanged() method which _always_ called renderer->setNeedsLayout(true), which is completly wrong and unnecessary.
        (WebCore::SVGGElement::rendererIsNeeded): Always return true.
        * svg/SVGGradientElement.cpp: Adapt to new RenderSVGResourceGradient code.
        (WebCore::SVGGradientElement::svgAttributeChanged):
        (WebCore::SVGGradientElement::childrenChanged): Only call invalidateResourceClients() when !changedByParser is set.
        (WebCore::SVGGradientElement::buildStops):
        * svg/SVGGradientElement.h:
        * svg/SVGLinearGradientElement.cpp: Adapt to new RenderSVGResourceLinearGradient code.
        (WebCore::SVGLinearGradientElement::svgAttributeChanged):
        (WebCore::SVGLinearGradientElement::createRenderer):
        (WebCore::SVGLinearGradientElement::collectGradientProperties):
        (WebCore::SVGLinearGradientElement::calculateStartEndPoints):
        * svg/SVGLinearGradientElement.h:
        * svg/SVGMarkerElement.cpp: Rename invalidateCanvasResources() to invalidateResourceClients().
        (WebCore::SVGMarkerElement::svgAttributeChanged):
        (WebCore::SVGMarkerElement::childrenChanged): Only call invalidateResourceClients() when !changedByParser is set.
        (WebCore::SVGMarkerElement::setOrientToAuto):
        (WebCore::SVGMarkerElement::setOrientToAngle):
        * svg/SVGMaskElement.cpp: Rename invalidateCanvasResources() to invalidateResourceClients().
        (WebCore::SVGMaskElement::svgAttributeChanged):
        (WebCore::SVGMaskElement::childrenChanged): Only call invalidateResourceClients() when !changedByParser is set.
        * svg/SVGPatternElement.cpp: Rename invalidateCanvasResources() to invalidateResourceClients().
        (WebCore::SVGPatternElement::svgAttributeChanged):
        (WebCore::SVGPatternElement::childrenChanged): Only call invalidateResourceClients() when !changedByParser is set.
        (WebCore::SVGPatternElement::createRenderer):
        * svg/SVGPatternElement.h:
        * svg/SVGPolyElement.h: Remove unneded rendererIsNeeded() override.
        * svg/SVGRadialGradientElement.cpp: Adapt to new RenderSVGResourceRadialGradient code.
        (WebCore::SVGRadialGradientElement::svgAttributeChanged):
        (WebCore::SVGRadialGradientElement::createRenderer):
        (WebCore::SVGRadialGradientElement::collectGradientProperties):
        (WebCore::SVGRadialGradientElement::calculateFocalCenterPointsAndRadius):
        * svg/SVGRadialGradientElement.h:
        * svg/SVGStopElement.cpp: Clean up code, moved stop color calculation from SVGGradientElement to here, where it belongs.
        (WebCore::SVGStopElement::parseMappedAttribute):
        (WebCore::SVGStopElement::stopColorIncludingOpacity):
        * svg/SVGStopElement.h:
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::~SVGStyledElement):
        (WebCore::SVGStyledElement::svgAttributeChanged): Only invalidateResourcesInAncestorChain()/deregisterFromResources() when we're not parsing.
        (WebCore::SVGStyledElement::invalidateResourcesInAncestorChain): Early exit if we find a parent resources, there is no resource nesting.
        (WebCore::SVGStyledElement::invalidateResourceClients): Renamed from invalidateCanvasResources()
        (WebCore::SVGStyledElement::childrenChanged): Only invalidate SVGElementInstances when !changedByParser is set.
        * svg/SVGStyledElement.h: Remove canvasResource() logic, remove detach() method.
        * svg/SVGTextPathElement.h:
        * svg/graphics/SVGPaintServer.h: Removed.
        * svg/graphics/SVGResource.cpp: Removed.
        * svg/graphics/SVGResource.h: Removed.

2010-04-23  Zhenyao Mo  <zmo@google.com>

        Reviewed by Darin Fisher.

        Add isGLES2Compliant to GraphicsContext3D: make the method const.
        https://bugs.webkit.org/show_bug.cgi?id=37872

        * platform/graphics/GraphicsContext3D.h: Make isGLES2Compliant() const.
        * platform/graphics/mac/GraphicsContext3DMac.cpp: Ditto.
        (WebCore::GraphicsContext3D::isGLES2Compliant):

2010-04-23  Qi Zhang  <qi.2.zhang@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] LayoutTests/fast/canvas/pointInPath.html passed, actually it failed
        https://bugs.webkit.org/show_bug.cgi?id=37276

        QPainterPath::contains doesn't count the point on the bound.

        * platform/graphics/qt/PathQt.cpp:
        (WebCore::isPointOnPathBorder):
        (WebCore::Path::contains):

2010-04-23  Sam Weinig  <sam@webkit.org>

        Reviewed by David Levin.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38060
        Split up Threading.h

        Add necessary forwarding headers.

        * ForwardingHeaders/wtf/Atomics.h: Added.
        * ForwardingHeaders/wtf/ThreadSafeShared.h: Added.
        * ForwardingHeaders/wtf/ThreadingPrimitives.h: Added.

2010-04-23  Rafael Weinstein  <rafaelw@grafaelw.sfo.corp.google.com>

        Reviewed by Darin Fisher.

        This patch adds a vector of additionalFeatures to WindowFeatures
        and populates it with any feature strings that evaluate to "yes"
        and aren't directly observed in WindowFeatures. This allows
        clients to capture experimental window features.

        https://bugs.webkit.org/show_bug.cgi?id=38013

        * page/WindowFeatures.cpp:
        (WebCore::WindowFeatures::setWindowFeature):
        * page/WindowFeatures.h:

2010-04-23  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/7898436> :after content is duplicated

        Test: fast/css-generated-content/after-duplicated-after-split.html

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::splitInlines): Pass the correct owner of the child list.

2010-04-23  Adele Peterson  <adele@apple.com>

        Fixing the Tiger build for real.

        * platform/graphics/mac/SimpleFontDataMac.mm:

2010-04-23  Adele Peterson  <adele@apple.com>

        Fixing the Tiger build.

        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformBoundsForGlyph):

2010-04-23  Jian Li  <jianli@chromium.org>

        Reviewed by Dmitry Titov.

        Add FileError for File API.
        https://bugs.webkit.org/show_bug.cgi?id=37840

        The test will be added when implementing FileReader and FilerWriter.

        * Android.derived.jscbindings.mk:
        * Android.derived.v8bindings.mk:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pri:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/ExceptionCode.h:
        (WebCore::):
        * html/FileError.h: Added.
        * html/FileError.idl: Added.
        * page/DOMWindow.idl:

2010-04-23  Jian Li  <jianli@chromium.org>

        Reviewed by Adam Barth.

        Improve code generator scripts to handle OR ('|') condition in the
        extended attributes.
        https://bugs.webkit.org/show_bug.cgi?id=37998

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorObjC.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/scripts/IDLStructure.pm:

2010-04-23  Adele Peterson  <adele@apple.com>

        Reviewed by Dan Bernstein.

        Fix for <rdar://problem/7855777> REGRESSION: Memory usage increase caused by storing glyph bounds in GlyphMetricsMap
        https://bugs.webkit.org/show_bug.cgi?id=37936

        This change breaks the GlyphMetricsMap into two maps - one for width and one for bounds, so that we don't store
        a FloatRect for the glyph bounds unless we need to.

        Covered by existing tests.  This should not cause any change in functionality.

        Updated for removal of GlyphMetricsMap.cpp
        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:

        Made GlyphMetricsMap a template, so it can be used for separate width and bounds maps.
        * platform/graphics/GlyphMetricsMap.cpp: Removed.
        * platform/graphics/GlyphMetricsMap.h:
        (WebCore::GlyphMetricsMap::metricsForGlyph):
        (WebCore::GlyphMetricsMap::setMetricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::metricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForIndex):
        (WebCore::::unknownMetrics):
        (WebCore::::locatePageSlowCase):

        * platform/graphics/mac/ComplexTextController.cpp: (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        Call boundsForGlyph instead of metricsForGlyph.
        * platform/graphics/win/UniscribeController.cpp: (WebCore::UniscribeController::shapeAndPlaceItem):
        ditto.
        * platform/graphics/SimpleFontData.cpp: (WebCore::SimpleFontData::platformGlyphInit):
        Call setMetricsForGlyph for both glyph maps.

        Break getters and setters for metricsForGlyph into widthForGlyph and boundsForGlyph, maintaining present behavior.
        * platform/graphics/SimpleFontData.h:
        (WebCore::):
        (WebCore::SimpleFontData::boundsForGlyph):
        (WebCore::SimpleFontData::widthForGlyph):
        * platform/graphics/cairo/SimpleFontDataCairo.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/chromium/SimpleFontDataChromiumWin.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/chromium/SimpleFontDataLinux.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/gtk/SimpleFontDataPango.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):
        * platform/graphics/win/SimpleFontDataCairoWin.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::SimpleFontData::boundsForGDIGlyph):
        (WebCore::SimpleFontData::widthForGDIGlyph):
        * platform/graphics/wince/SimpleFontDataWince.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        * platform/graphics/wx/SimpleFontDataWx.cpp:
        (WebCore::SimpleFontData::platformBoundsForGlyph):
        (WebCore::SimpleFontData::platformWidthForGlyph):

2010-04-23  Xiaomei Ji  <xji@chromium.org>

        Reviewed by Dan Bernstein and Darin Adler

        Fix issue "caret does not paint after type in characters in right
        aligned div or after delete all characters in RTL div or 
        0px right padding RTL textarea"
        https://bugs.webkit.org/show_bug.cgi?id=25319

        Test: editing/inserting/caret-position.html

        * rendering/RenderText.cpp:
        (WebCore::RenderText::localCaretRect):

2010-04-23  No'am Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] [Performance] GraphicsLayer: constructing the layers takes too long
        https://bugs.webkit.org/show_bug.cgi?id=36365

        The issue came from using QGraphicsView's cache as is. The problem is that
        several code-paths require re-rendering of the item, but not re-rendering
        of the web content into the cache.

        The way to solve it is by having GraphicsLayerQt manage the cache directly
        via QPixmapCache, instead of using QGraphicsItem cache modes.

        FPS measurement shows significant improvement (20FPS before, 40FPS after)
        on several use-cases, including blog-files/leaves on a desktop environment.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::GraphicsLayerQtImpl::GraphicsLayerQtImpl):
        (WebCore::GraphicsLayerQtImpl::recache):
        (WebCore::GraphicsLayerQtImpl::paint):
        (WebCore::GraphicsLayerQtImpl::flushChanges):

2010-04-23  James Robinson  <jamesr@chromium.org>

        Reviewed by Dimitri Glazkov.

        Avoid marking symbols as dllexport in chromium win builds
        https://bugs.webkit.org/show_bug.cgi?id=38058

        No new tests.

        * config.h:

2010-04-23  MORITA Hajime  <morrita@google.com>

        Reviewed by Nikolas Zimmermann.

        https://bugs.webkit.org/show_bug.cgi?id=37187
        SVG <use href="foo"> is interpreted as <use href="#foo">

        getTarget() did return url parameter as is if doesn't have
        fragment identifier. So fixed to return empty string in such case
        because we need to distinguish "yyy.html" from "xxx.svg#yyy.html".
        
        Test: svg/custom/broken-internal-references.svg

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::insertedIntoDocument):
        * svg/SVGURIReference.cpp:
        (WebCore::SVGURIReference::getTarget):

2010-04-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        ASSERT(willBeComposited == needsToBeComposited(layer)); on gmail.com
        https://bugs.webkit.org/show_bug.cgi?id=38066
        
        When a layer goes into compositing mode because it has a negative z-index child that is going
        into compositing mode, then set willBeComposited to true. Also add another assertion to catch
        any other cases where the state of willBeComposited is mismanaged.

        Test: compositing/composited-negative-zindex-child.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):

2010-04-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        When webkitAnimationEnd event fires, on-screen rendering should show the last frame of animation
        https://bugs.webkit.org/show_bug.cgi?id=37955

        After r37484, animation and transition end events were fired on a timer, after the animation/transition
        ended. This opened up one event loop cycle in which the non-animating state of the element was visible
        before the event fired, resulting in flashes in content that reset style from the event handler.
        
        Fix by firing these events in the same event cycle as the animation end, once all animations
        have been updated. This also required moving the place that start animations are fixed until
        a later state in the state machine, so that animations have their start time set at the point
        the event is fired (to avoid an assertion when using the freeze API in DRT).
        
        Not testable, since the flash is very transitory and cannot be captured in a pixel test.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine): Move the firing of 'start' events into the state
        where the start time is known.
        * page/animation/AnimationControllerPrivate.h:
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired): Call the new fireEventsAndUpdateStyle()
        method.
        (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle): New method to share code that used to be in
        updateStyleIfNeededDispatcherFired().
        (WebCore::AnimationControllerPrivate::animationTimerFired): Call fireEventsAndUpdateStyle() once we've
        processed all animations.

2010-04-23  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        CompositeAnimation::updateKeyframeAnimations() can make a KeyframeAnimation for animation "none"
        https://bugs.webkit.org/show_bug.cgi?id=38017

        Check to see if the animation name is "none", and don't fire off a keyframe animation in
        that case.

        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateKeyframeAnimations):

2010-04-23  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Disable Netscape plugin support for minimal configuration
        https://bugs.webkit.org/show_bug.cgi?id=38026

        No new tests, as there is no new functionality.

        * WebCore.pri:

2010-04-23  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler.

        Need borderAndPadding(Width|Height)
        https://bugs.webkit.org/show_bug.cgi?id=38046

        Refactoring only, so no new tests.

        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::height):
        * rendering/RenderApplet.cpp:
        (WebCore::RenderApplet::createWidgetIfNecessary):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::isSelfCollapsingBlock):
        (WebCore::RenderBlock::calcPrefWidths):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::calcBorderBoxWidth):
        (WebCore::RenderBox::calcBorderBoxHeight):
        (WebCore::RenderBox::calcContentBoxWidth):
        (WebCore::RenderBox::calcContentBoxHeight):
        (WebCore::RenderBox::calcWidth):
        (WebCore::RenderBox::calcHeight):
        (WebCore::RenderBox::calcPercentageHeight):
        (WebCore::RenderBox::calcReplacedHeightUsing):
        (WebCore::RenderBox::availableHeightUsing):
        (WebCore::RenderBox::calcAbsoluteHorizontal):
        (WebCore::RenderBox::calcAbsoluteVertical):
        (WebCore::RenderBox::calcAbsoluteHorizontalReplaced):
        (WebCore::RenderBox::calcAbsoluteVerticalReplaced):
        (WebCore::RenderBox::positionForPoint):
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::borderAndPaddingHeight):
        (WebCore::RenderBoxModelObject::borderAndPaddingWidth):
        * rendering/RenderDataGrid.cpp:
        (WebCore::RenderDataGrid::calcPrefWidths):
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::calcPrefWidths):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::calcPrefWidths):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::calcPrefWidths):
        (WebCore::RenderFlexibleBox::allowedChildFlex):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::calcPrefWidths):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::resize):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::calcPrefWidths):
        (WebCore::RenderListBox::calcHeight):
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::calcPrefWidths):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::calcPrefWidths):
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::calcPrefWidths):
        * rendering/RenderSlider.cpp:
        (WebCore::RenderSlider::calcPrefWidths):
        (WebCore::RenderSlider::layout):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::styleOrColWidth):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::textBlockHeight):
        (WebCore::RenderTextControl::textBlockWidth):
        (WebCore::RenderTextControl::calcHeight):
        (WebCore::RenderTextControl::calcPrefWidths):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::layout):
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetPosition):

2010-04-23  David Kilzer  <ddkilzer@apple.com>

        Size mismatch between format string and argument in dumpTextEncodingNameMap()

        Reviewed by Darin Adler.

        See Bug 38030 and r58157.

        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::dumpTextEncodingNameMap): Assigned
        textEncodingNameMap->size() to an unsigned variable before using
        it in the fprintf() statement.

2010-04-23  David Kilzer  <ddkilzer@apple.com>

        BUILD FIX: Attempt to fix Windows build after Bug 36187 landed in r58168

        * DerivedSources.cpp: Changed include of JSMedia.cpp to
        JSStyleMedia.cpp.

2010-04-23  David Kilzer  <ddkilzer@apple.com>

        BUILD FIX: Fix Mac build after Bug 36187 landed in r58168

        * WebCore.xcodeproj/project.pbxproj: Renamed DOMMedia.h,
        DOMMedia.mm, DOMMediaInternal.h to DOMStyleMedia.h,
        DOMStyleMedia.mm, DOMStyleMediaInternal.h.  

2010-04-23  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Unreviewed build fix.

        Change Media to StyleMedia

        * DerivedSources.make:

2010-04-23  Xan Lopez  <xlopez@igalia.com>

        Try to fix the GTK+ bots.

        * GNUmakefile.am:

2010-04-22  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Laszlo Gombos.

        Rename window.media to window.styleMedia
        https://bugs.webkit.org/show_bug.cgi?id=36187

        Rename the interface Media to StyleMedia as required by the
        new CSSOM View spec.

        * Android.derived.jscbindings.mk:
        * Android.derived.v8bindings.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pri:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * css/Media.cpp: Removed.
        * css/Media.h: Removed.
        * css/Media.idl: Removed.
        * css/StyleMedia.cpp: Added.
        (WebCore::StyleMedia::StyleMedia):
        (WebCore::StyleMedia::type):
        (WebCore::StyleMedia::matchMedium):
        * css/StyleMedia.h: Added.
        (WebCore::StyleMedia::create):
        (WebCore::StyleMedia::disconnectFrame):
        * css/StyleMedia.idl: Added.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::styleMedia):
        * page/DOMWindow.h:
        (WebCore::DOMWindow::optionalMedia):
        * page/DOMWindow.idl:

2010-04-23  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: provide JSC implementation for scopeType method on
        call frame and use same jsvascript code for JSC and v8 when collecting
        scope chain data.

        https://bugs.webkit.org/show_bug.cgi?id=37663

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::JSInjectedScriptHost::currentCallFrame):
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::scopeType):
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::V8InjectedScriptHost::currentCallFrameCallback):
        * inspector/InjectedScriptHost.idl:
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor.):

2010-04-23  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Audits (Image Dimensions): full image URLs are prefixed with the hosting page name
        https://bugs.webkit.org/show_bug.cgi?id=37988

        * inspector/front-end/AuditRules.js:
        (WebInspector.AuditRules.ImageDimensionsRule.prototype.doRun):

2010-04-23  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        WebInspector: Flaky Inspector tests.
        https://bugs.webkit.org/show_bug.cgi?id=36217

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didCommitLoad):

2010-04-23  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Adam Barth.

        Auto-generate WebGLRenderingContext overloads in V8
        https://bugs.webkit.org/show_bug.cgi?id=37818

        * bindings/v8/custom/V8WebGLRenderingContextCustom.cpp:
        * html/canvas/WebGLRenderingContext.cpp: Added missing overloads for the following:.
        (WebCore::WebGLRenderingContext::texImage2D)
        (WebCore::WebGLRenderingContext::texSubImage2D)
        * html/canvas/WebGLRenderingContext.h: Added missing overloads.
        * html/canvas/WebGLRenderingContext.idl: IDL definition of overloads.

2010-04-23  Jeff Schiller  <codedread@gmail.com>

        Reviewed by Nikolas Zimmermann.

        Display tooltips when hovering over SVG elements, Bug 16854
        https://bugs.webkit.org/show_bug.cgi?id=16854

        Manual test added for verifying tooltips.

        * manual-tests/svg-tooltip.svg: Added.
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::title): xlink:title takes precedence, otherwise SVGStyledElement::title() is used
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::title): checks for a shadow parent and uses that title, otherwise uses the content's title
        * svg/SVGStyledElement.h: add title() method declaration

2010-04-23  David Kilzer  <ddkilzer@apple.com>

        <http://webkit.org/b/38032> No need to content sniff 304 responses
        <rdar://problem/7891726>

        Reviewed by Brady Eidson.

        * platform/network/mac/ResourceHandleMac.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
        No need to adjust the MIME type on 304 responses since they're
        only used to determine if the resource needs to be refetched.

2010-04-23  David Kilzer  <ddkilzer@apple.com>

        <http://webkit.org/b/38030> Add WebCore::dumpTextEncodingNameMap() to dump text encoding map on debug builds

        Reviewed by Alexey Proskuryakov.

        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::dumpTextEncodingNameMap): Added.
        * platform/text/TextEncodingRegistry.h:
        (WebCore::dumpTextEncodingNameMap): Added declaration.

2010-04-22  Tony Chang  <tony@chromium.org>

        Reviewed by Dan Bernstein.

        Crash in WebCore::TextIterator::handleTextNode() encountered in Google rich-text products
        https://bugs.webkit.org/show_bug.cgi?id=37950

        Test: editing/text-iterator/rtl-selection-crash.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):

2010-04-22  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Dan Bernstein and Beth Dakin.

        Links around blocks (e.g. divs) results in too many VoiceOver call outs
        https://bugs.webkit.org/show_bug.cgi?id=37079
        <rdar://problem/7234118>

        The basic change is to modify the AccessibilityRenderObject tree
        traversal methods to account for inline continuations in the
        render tree and make the accessibility tree look as if
        continuations didn't exist - the same as if CSS blocks could just
        sit in CSS inlines. This is slightly tricky code but creates a
        much saner accessibility tree.
        
        Tests: accessibility/image-link-inline-cont.html
               accessibility/image-link.html
               accessibility/inline-continuations.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::isInlineWithContinuation): Helper function for traversal functions to use in accounting for continuations.
        (WebCore::firstChildInContinuation): ditto
        (WebCore::firstChildConsideringContinuation): ditto
        (WebCore::lastChildConsideringContinuation): ditto
        (WebCore::startOfContinuations): ditto
        (WebCore::endOfContinuations): ditto
        (WebCore::childBeforeConsideringContinuations): ditto
        (WebCore::firstChildIsInlineContinuation): ditto
        (WebCore::lastChildHasContinuation): ditto
        (WebCore::AccessibilityRenderObject::firstChild): Account for inline continuations.
        (WebCore::AccessibilityRenderObject::lastChild): ditto
        (WebCore::AccessibilityRenderObject::previousSibling): Account for inline continuations
        and their anonymous block parents.
        (WebCore::AccessibilityRenderObject::nextSibling): ditto
        (WebCore::AccessibilityRenderObject::parentObjectIfExists): Account for inline continuations.
        (WebCore::AccessibilityRenderObject::parentObject): Account for inline continuations.
        * rendering/RenderInline.h: Make RenderInline::inlineContinuation public.

2010-04-22  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler.

        REGRESSION: TextIterator may use freed memory
        https://bugs.webkit.org/show_bug.cgi?id=37973

        Added TextIterator::m_text to hold the returned String.

        No new tests because there are no behavior change, but
        copy-backslash-with-euc.html on chromium-win should test this.

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::emitText):
        * editing/TextIterator.h:

2010-04-22  Michael Forney  <mforney@mforney.org>

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=37761

        Only include JSDatabase.h and JSDatabaseCallback.h when database is
        enabled. This partially fixes building with --disable-database.

        * bindings/js/JSDOMWindowCustom.cpp: Add a check for database around
        database-related headers.

2010-04-22  Ray Rischpater  <Raymond.Rischpater@Nokia.com>

        Reviewed by Darin Adler.

        In HTMLInputElement.cpp, shouldUseInputMethod does not return true for
        some text input types (TELEPHONE, NUMBER, URL, and EMAIL). Addressed
        this by changing shouldUseInputMethod to use internal methods to 
        check that the field is a text field that isn't a password field. 

        No new tests.

        Fixes <https://bugs.webkit.org/show_bug.cgi?id=37719>

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::shouldUseInputMethod):

2010-04-22  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Adam Barth.

        Integrate v8 testing utility with webkit tests
        https://bugs.webkit.org/show_bug.cgi?id=37731

        * bindings/v8/test/run_tests.py: Removed.

2010-04-22  Zhenyao Mo  <zmo@google.com>

        Reviewed by Darin Fisher.

        Add isGLES2Compliant to GraphicsContext3D
        https://bugs.webkit.org/show_bug.cgi?id=37872

        * html/canvas/WebGLRenderingContext.cpp: Add isGLES2Compliant().
        (WebCore::WebGLRenderingContext::isGLES2Compliant):
        * html/canvas/WebGLRenderingContext.h: Ditto.
        * platform/graphics/GraphicsContext3D.h: Ditto.
        * platform/graphics/mac/GraphicsContext3DMac.cpp: Ditto.
        (WebCore::GraphicsContext3D::isGLES2Compliant):

2010-04-22  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Adam Barth.

        MD5 is required for WebSocket new protocol implementation
        https://bugs.webkit.org/show_bug.cgi?id=37913

        * ForwardingHeaders/wtf/MD5.h: Added.

2010-04-22  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=38012
        REGRESSION: Ctrl- and Option- shortcuts get wrong keyCode on non-QWERTY keyboard

        * platform/mac/KeyEventMac.mm: (WebCore::windowsKeyCodeForKeyEvent): Also look at unmodified
        characters, to avoid falling through to virtual key code lookup for Roman characters.

2010-04-22  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Darin Adler.

        Fix the MSVC 64bit build.
        https://bugs.webkit.org/show_bug.cgi?id=37980

        * platform/text/TextStream.cpp:
        * platform/text/TextStream.h:
        * plugins/win/PluginViewWin.cpp:
        (WebCore::PluginView::platformStart):

2010-04-22  Dave Moore  <davemoore@chromium.org>

        Reviewed by Dimitri Glazkov.

        Added notification when the favicons for a page are changed
        from a script.
        The Document object will notify the frame loader, which will
        notify the client. Implementations of FrameLoaderClient will
        have to add one method; dispatchDidChangeIcons().

        https://bugs.webkit.org/show_bug.cgi?id=33812

        Test: fast/dom/icon-url-property.html

        * dom/Document.cpp:
        (WebCore::Document::setIconURL):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setIconURL):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::iconURL):
        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::dispatchDidChangeIcons):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setIconURL):
        (WebCore::FrameLoader::didChangeIcons):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:

2010-04-22  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        [GTK] GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=33590

        Extend the bindings to cover most of Document.idl

        * GNUmakefile.am:
        * bindings/gobject/WebKitDOMBinding.cpp:
        (WebKit::createWrapper):
        (WebKit::kit):
        * bindings/gobject/WebKitDOMBinding.h:
        * bindings/gobject/WebKitHTMLElementWrapperFactory.cpp: Added.
        (WebKit::createAnchorWrapper):
        (WebKit::createAppletWrapper):
        (WebKit::createAreaWrapper):
        (WebKit::createBaseWrapper):
        (WebKit::createBaseFontWrapper):
        (WebKit::createBlockquoteWrapper):
        (WebKit::createBodyWrapper):
        (WebKit::createBRWrapper):
        (WebKit::createButtonWrapper):
        (WebKit::createCanvasWrapper):
        (WebKit::createTableCaptionWrapper):
        (WebKit::createTableColWrapper):
        (WebKit::createModWrapper):
        (WebKit::createDirectoryWrapper):
        (WebKit::createDivWrapper):
        (WebKit::createDListWrapper):
        (WebKit::createEmbedWrapper):
        (WebKit::createFieldSetWrapper):
        (WebKit::createFontWrapper):
        (WebKit::createFormWrapper):
        (WebKit::createFrameWrapper):
        (WebKit::createFrameSetWrapper):
        (WebKit::createHeadingWrapper):
        (WebKit::createHeadWrapper):
        (WebKit::createHRWrapper):
        (WebKit::createHtmlWrapper):
        (WebKit::createIFrameWrapper):
        (WebKit::createImageWrapper):
        (WebKit::createInputWrapper):
        (WebKit::createIsIndexWrapper):
        (WebKit::createLabelWrapper):
        (WebKit::createLegendWrapper):
        (WebKit::createLIWrapper):
        (WebKit::createLinkWrapper):
        (WebKit::createMapWrapper):
        (WebKit::createMarqueeWrapper):
        (WebKit::createMenuWrapper):
        (WebKit::createMetaWrapper):
        (WebKit::createObjectWrapper):
        (WebKit::createOListWrapper):
        (WebKit::createOptGroupWrapper):
        (WebKit::createOptionWrapper):
        (WebKit::createParagraphWrapper):
        (WebKit::createParamWrapper):
        (WebKit::createPreWrapper):
        (WebKit::createQuoteWrapper):
        (WebKit::createScriptWrapper):
        (WebKit::createSelectWrapper):
        (WebKit::createStyleWrapper):
        (WebKit::createTableWrapper):
        (WebKit::createTableSectionWrapper):
        (WebKit::createTableCellWrapper):
        (WebKit::createTextAreaWrapper):
        (WebKit::createTitleWrapper):
        (WebKit::createTableRowWrapper):
        (WebKit::createUListWrapper):
        (WebKit::createHTMLElementWrapper):
        * bindings/gobject/WebKitHTMLElementWrapperFactory.h: Added.
        * bindings/scripts/CodeGeneratorGObject.pm:
        * dom/Node.idl:

2010-04-22  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Simon Fraser.

        Do not pause movie when readyState drops below HAVE_FUTURE_DATA
        https://bugs.webkit.org/show_bug.cgi?id=37991
        <rdar://problem/7893937>

        No new tests, we don't have infrastructure in DRT to test with streamed
        movies.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_readyStateMaximum.
        (WebCore::HTMLMediaElement::prepareForLoad): Reset m_readyStateMaximum.
        (WebCore::HTMLMediaElement::setReadyState): Maintain m_readyStateMaximum.
        (WebCore::HTMLMediaElement::potentiallyPlaying): Also return true if the readyState was
        previously >= HAVE_FUTURE_DATA. 
        * html/HTMLMediaElement.h:

2010-04-22  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Regression: framebufferRenderbuffer crashes with null renderBuffer
        https://bugs.webkit.org/show_bug.cgi?id=37963

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::framebufferRenderbuffer): Dealing with null renderbuffer input.

2010-04-22  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Emulate GL_IMPLEMENTATION_COLOR_READ_FORMAT/TYPE for glGet
        https://bugs.webkit.org/show_bug.cgi?id=37281

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::WebGLRenderingContext): Remove error check because two enums are supported now. 
        (WebCore::WebGLRenderingContext::getParameter): Add two enums.
        (WebCore::WebGLRenderingContext::readPixels): Fix a tiny bug.
        * platform/graphics/mac/GraphicsContext3DMac.cpp:
        (WebCore::GraphicsContext3D::getIntegerv): Emulate two enums.

2010-04-22  Diego Escalante Urrelo  <descalante@igalia.com>

        Reviewed by Xan Lopez.

        [GTK] Mute/unmute button on <video> elements are backwards
        https://bugs.webkit.org/show_bug.cgi?id=33967

        Fix mute/unmute buttons icons-action relation and explain why their
        variable names and corresponding icons seem to be misleading but are
        actually right. Original patch by Mike Hommey.

        * platform/gtk/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::initMediaStyling):

2010-04-22  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Eric Seidel.

        Fix build if NPAPI support is disabled
        https://bugs.webkit.org/show_bug.cgi?id=36621

        No new tests, this is a build fix.
        Re-submit r58043 with fix for EFL.

        * plugins/PluginViewNone.cpp:

2010-04-22  Diego Escalante Urrelo  <descalante@igalia.com>

        Reviewed by Xan Lopez.

        [Gtk] Evaluate and create tests for all the AtkRole's implemented by
        WebKitGtk
        https://bugs.webkit.org/show_bug.cgi?id=34449

        Implement ATK_ROLE_COMBO_BOX.

        * accessibility/gtk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
        (atkRole):

2010-04-22  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        SVGPaintServer needs to be converted to the new RenderSVGResource* system
        https://bugs.webkit.org/show_bug.cgi?id=37986

        No functional changes, just move the SVGPaintServer* classes from svg/graphics/ to rendering/, the new location for the RenderSVGResource* classes.
        This is a preparation for the real patch which follows soon.

        * Android.mk: Rename files and move to the right location.
        * GNUmakefile.am: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.pro: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * rendering/RenderSVGResource.cpp: Copied from svg/graphics/SVGPaintServer.cpp.
        * rendering/RenderSVGResourceGradient.cpp: Copied from svg/graphics/SVGPaintServerGradient.cpp.
        * rendering/RenderSVGResourceGradient.h: Copied from svg/graphics/SVGPaintServerGradient.h.
        * rendering/RenderSVGResourceLinearGradient.cpp: Copied from svg/graphics/SVGPaintServerLinearGradient.cpp.
        * rendering/RenderSVGResourceLinearGradient.h: Copied from svg/graphics/SVGPaintServerLinearGradient.h.
        * rendering/RenderSVGResourcePattern.cpp: Copied from svg/graphics/SVGPaintServerPattern.cpp.
        * rendering/RenderSVGResourcePattern.h: Copied from svg/graphics/SVGPaintServerPattern.h.
        * rendering/RenderSVGResourceRadialGradient.cpp: Copied from svg/graphics/SVGPaintServerRadialGradient.cpp.
        * rendering/RenderSVGResourceRadialGradient.h: Copied from svg/graphics/SVGPaintServerRadialGradient.h.
        * rendering/RenderSVGResourceSolidColor.cpp: Copied from svg/graphics/SVGPaintServerSolid.cpp.
        * rendering/RenderSVGResourceSolidColor.h: Copied from svg/graphics/SVGPaintServerSolid.h.
        * rendering/SVGRenderTreeAsText.cpp: Change include file names.
        * svg/SVGFont.cpp: Ditto.
        * svg/SVGGradientElement.cpp: Ditto.
        * svg/SVGGradientElement.h: Ditto.
        * svg/SVGLinearGradientElement.cpp: Ditto.
        * svg/SVGPatternElement.cpp: Ditto.
        * svg/SVGPatternElement.h: Ditto.
        * svg/SVGRadialGradientElement.cpp: Ditto.
        * svg/graphics/SVGPaintServer.cpp: Removed.
        * svg/graphics/SVGPaintServerGradient.cpp: Removed.
        * svg/graphics/SVGPaintServerGradient.h: Removed.
        * svg/graphics/SVGPaintServerLinearGradient.cpp: Removed.
        * svg/graphics/SVGPaintServerLinearGradient.h: Removed.
        * svg/graphics/SVGPaintServerPattern.cpp: Removed.
        * svg/graphics/SVGPaintServerPattern.h: Removed.
        * svg/graphics/SVGPaintServerRadialGradient.cpp: Removed.
        * svg/graphics/SVGPaintServerRadialGradient.h: Removed.
        * svg/graphics/SVGPaintServerSolid.cpp: Removed.
        * svg/graphics/SVGPaintServerSolid.h: Removed.
        * svg/graphics/SVGResourceListener.h: Removed.

2010-04-22  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Hide the OpenGL and QtMultimedia dependencies from syncqt.

        This prevents the dependent headers from being included by
        qt/include/QtWebKit/QtWebKit

        * WebCore.pro:

2010-04-22  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Adam Roben.

        EFL does not support PluginDatabase yet.
        http://webkit.org/b/37854

        No behavior changes, so no new tests were added.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::defaultObjectContentType):

2010-04-22  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: Timeline scrolling speed is slow if it has more than 1k timeline marks.
        https://bugs.webkit.org/show_bug.cgi?id=37924

        * inspector/front-end/TimelineGrid.js:
        (WebInspector.TimelineGrid.prototype.updateDividers):
        (WebInspector.TimelineGrid.prototype.addEventDividers):
        * inspector/front-end/TimelineOverviewPane.js:
        (WebInspector.TimelineOverviewPane.prototype.updateEventDividers):
        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype._updateEventDividers):
        (WebInspector.TimelinePanel.prototype._refresh):

2010-04-22  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Simon Fraser.

        Rename window.media to window.styleMedia
        https://bugs.webkit.org/show_bug.cgi?id=36187

        It has been defined that the AbstractView media extension
        defined in the CSSOM View spec should be renamed to styleMedia.
        This patch does that and updates the current layout tests
        making use of it.

        * page/AbstractView.idl:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::styleMedia):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2010-04-22  Anton Muhin  <antonm@chromium.org>

        Reviewed by Adam Barth.

        [v8] Do not pass empty handle into SetHiddenValue which would crash.
        https://bugs.webkit.org/show_bug.cgi?id=37801

        * bindings/v8/V8AbstractEventListener.cpp:
        (WebCore::V8AbstractEventListener::handleEvent): add couple of asserts to check for unexpected paths
        (WebCore::V8AbstractEventListener::invokeEventHandler): bail out of jsEvent is empty handle

2010-04-22  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Implement ImageBuffer support
        https://bugs.webkit.org/show_bug.cgi?id=35288

        Covered by existing tests.

        Complete implementation of ImageBuffer for Haiku. Uses StillImage
        class to export a WebCore::Image and associated GraphicsContext
        to perform arbitrary drawing in the offscreen BBitmap buffer.

        * platform/graphics/haiku/ImageBufferData.h:
        * platform/graphics/haiku/ImageBufferHaiku.cpp,
        (WebCore::ImageBufferData::ImageBufferData),
        (WebCore::ImageBufferData::~ImageBufferData),
        (WebCore::ImageBuffer::ImageBuffer),
        (WebCore::ImageBuffer::~ImageBuffer),
        (WebCore::ImageBuffer::context),
        (WebCore::ImageBuffer::image):
            Implementation uses offscreen BBitmap and BView, wraps StillImage
            around those to provide WebCore::Image interface.
        (WebCore::ImageBuffer::platformTransformColorSpace):
        (WebCore::convertFromData):
            Method just performs BGRA <-> RGBA conversion.
        (WebCore::convertFromInternalData):
            Method just performs BGRA <-> RGBA conversion and handles
            pre-multiplying the color values if requested.
        (WebCore::convertToInternalData):
            Method just performs BGRA <-> RGBA conversion and handles
            de.multiplying the color values if requested.
        (WebCore::getImageData):
            Common code for the next two methods.
        (WebCore::ImageBuffer::getUnmultipliedImageData),
        (WebCore::ImageBuffer::getPremultipliedImageData):
            Implemented.
        (WebCore::putImageData):
            Common code for the next two methods.
        (WebCore::ImageBuffer::putUnmultipliedImageData),
        (WebCore::ImageBuffer::putPremultipliedImageData):
            Implemented.
        (WebCore::ImageBuffer::toDataURL):
            Uses Haiku "Translation Kit" to convert image data to data
            of the requested mime type.

2010-04-22  Adam Barth  <abarth@webkit.org>

        Unreviewed, rolling out r58069.
        http://trac.webkit.org/changeset/58069
        https://bugs.webkit.org/show_bug.cgi?id=27751

        Broke compile on Windows.

        * WebCore.base.exp:
        * editing/EditorCommand.cpp:
        (WebCore::supportedPaste):
        (WebCore::createCommandMap):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:

2010-04-22  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        Add support for controlling clipboard access from javascript.
        Clipboard access from javascript is disabled by default.
        https://bugs.webkit.org/show_bug.cgi?id=27751

        Test: editing/execCommand/clipboard-access.html

        * WebCore.base.exp:
        * editing/EditorCommand.cpp:
        (WebCore::supportedCopyCut):
        (WebCore::supportedPaste):
        (WebCore::createCommandMap):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setJavaScriptCanAccessClipboard):
        * page/Settings.h:
        (WebCore::Settings::javaScriptCanAccessClipboard):

2010-04-22  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Improve SimpleFontDataHaiku
        https://bugs.webkit.org/show_bug.cgi?id=37411

        Covered by existing tests.

        * platform/graphics/haiku/SimpleFontDataHaiku.cpp:
            - Cleaned up includes
            - Removed prototype "charUnicodeToUTF8HACK"
        (WebCore::SimpleFontData::platformInit):
            - Use const BFont pointer
        (WebCore::SimpleFontData::smallCapsFontData):
            - "fontPlatformData" was leaked. It is only
              used as the key for the font cache lookup.
        (WebCore::SimpleFontData::platformMetricsForGlyph):
            - Use existing WebCore encoding infrastructure
              instead of adding a hack for Haiku. 

2010-04-21  Steve Block  <steveblock@google.com>

        Reviewed by Kenneth Rohde Christiansen.

        Replace Geolocation::suspend()/resume() which are required by Android.
        https://bugs.webkit.org/show_bug.cgi?id=37942

        These methods were removed in Bug 36255.

        Build fix only, no new tests.

        * page/Geolocation.cpp:
        (WebCore::Geolocation::suspend):
        (WebCore::Geolocation::resume):
        * page/Geolocation.h:

2010-04-21  Ray Rischpater  <Raymond.Rischpater@Nokia.com>

        In HTMLInputElement.cpp there are numerous style
        violations.

        This patch includes style changes to fix existing style
        deviations in this file.

        Rubber stamped by Darin Adler.

        Fixes <https://bugs.webkit.org/show_bug.cgi?id=37881>

        * html/HTMLInputElement.cpp:

2010-04-21  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Adam Roben.

        Add missing EFL WebCore file.
        http://webkit.org/b/37854

        No behavior changes, so no new tests were added.

        * bindings/js/ScriptControllerEfl.cpp: Added.
        (WebCore::ScriptController::createScriptInstanceForWidget):

2010-04-21  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Printing Core Animation-based plug-ins is broken
        https://bugs.webkit.org/show_bug.cgi?id=37967

        When we do a "flattening" paint because of printing, we need to stash
        the flattening flag in the FrameView's m_paintBehavior, because
        WebBaseNetscapePluginView needs to find it there to decide whether
        to grab a bitmap for printing, for CA plug-ins.

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):

2010-04-21  François Sausset  <sausset@gmail.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix to take into account a change made in "StringImpl".
        https://bugs.webkit.org/show_bug.cgi?id=37763

        * mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::updateFromElement):

2010-04-21  Andy Estes  <aestes@apple.com>

        Reviewed by Darin Adler.

        Create a template for creating reference-counted Windows GDI handles.
        Refactor RefCountedHFONT to use this template.

        https://bugs.webkit.org/show_bug.cgi?id=37952

        No change in behavior.

        * WebCore.vcproj/WebCore.vcproj: Add RefCountedHFONT.h
        * platform/graphics/cairo/FontPlatformData.h:
        (WebCore::FontPlatformData::hfont): Refactor to return m_hfont->handle() instead of m_hfont->hfont().
        * platform/graphics/cg/FontPlatformData.h:
        (WebCore::FontPlatformData::hfont): Same.
        * platform/graphics/win/FontPlatformDataCGWin.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Instantiate m_hfont with a RefCountedGDIHandle<HFONT>.
        * platform/graphics/win/FontPlatformDataWin.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Same.
        * platform/graphics/win/RefCountedGDIHandle.h: Added. Interface is identical to RefCountedHFONT with exception of renaming hfont() to handle().
        (WebCore::RefCountedGDIHandle::create):
        (WebCore::RefCountedGDIHandle::createDeleted):
        (WebCore::RefCountedGDIHandle::~RefCountedGDIHandle):
        (WebCore::RefCountedGDIHandle::handle): Return the GDI handle.
        (WebCore::RefCountedGDIHandle::hash):
        (WebCore::RefCountedGDIHandle::RefCountedGDIHandle):
        * platform/graphics/win/RefCountedHFONT.h: Removed.

2010-04-21  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Fix build if NPAPI support is disabled
        https://bugs.webkit.org/show_bug.cgi?id=36621

        No new tests, this is a build fix.
        Re-submit r56585 with fix for Chromium.

        * plugins/PluginView.cpp: Guard getValueStatic() with
        NETSCAPE_PLUGIN_API
        (WebCore::PluginView::getValue):
        * plugins/PluginView.h: Guard getValue() with NETSCAPE_PLUGIN_API
        * plugins/PluginViewNone.cpp: Guard platformGetValue() and
        platformGetValueStatic with NETSCAPE_PLUGIN_API;
        Guard privateBrowsingStateChanged() and setJavaScriptPaused() with
        PLATFORM(MAC) or PLATFORM(CHROMIUM)

2010-04-21  David Yonge-Mallo  <davinci@chromium.org>

        Reviewed by Dan Bernstein.

        ZWNJ - Display non-printing, invisible character
        https://bugs.webkit.org/show_bug.cgi?id=16131

        Fix the (non)display of glyphs for ZWJ and ZWNJ in simple font code path.

        Tests: fast/text/format-control.html
               fast/text/zero-width-characters.html

        * platform/graphics/Font.h:
        (WebCore::Font::operator!=):
        (WebCore::Font::treatAsZeroWidthSpace): treat ZWNJ and ZWJ as ZWSP.
        * platform/graphics/GlyphPageTreeNode.cpp:
        (WebCore::GlyphPageTreeNode::initializePage): added ZWNJ and ZWJ.
        * platform/text/CharacterNames.h: added ZWNJ and ZWJ.

2010-04-21  Charles Wei  <charles.wei@torchmobile.com.cn>

        Reviewed by George Staikos.

        Fix webkit build problem when xhtmlmp enabled, which is introduced by revision 57927, for 
        bug fix of 37175 , which seperates DocumentWriter from FrameLoader
        https://bugs.webkit.org/show_bug.cgi?id=37915

        No new tests since this only fixes the build problem.

        * dom/Document.cpp:
        (WebCore::Document::isXHTMLMPDocument):

2010-04-21  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler.

        Call sites of TextIterator constructor are difficult to read
        https://bugs.webkit.org/show_bug.cgi?id=37909

        Now we use enum parameters instead of boolean parameters and
        boolean version of constructors are eliminated.

        This change also changes the names of boolean members so they are
        now third person singular.

        No new tests because this is just a refactoring.

        * WebCore.base.exp:
        * editing/TextIterator.cpp:
        (WebCore::TextIterator::TextIterator):
        (WebCore::TextIterator::advance):
        (WebCore::TextIterator::handleReplacedElement):
        (WebCore::TextIterator::shouldRepresentNodeOffsetZero):
        (WebCore::TextIterator::shouldEmitSpaceBeforeAndAfterNode):
        (WebCore::TextIterator::handleNonTextNode):
        (WebCore::TextIterator::exitNode):
        (WebCore::TextIterator::emitCharacter):
        (WebCore::TextIterator::emitText):
        (WebCore::CharacterIterator::CharacterIterator):
        (WebCore::TextIterator::rangeLength):
        (WebCore::TextIterator::rangeFromLocationAndLength):
        (WebCore::findPlainText):
        * editing/TextIterator.h:
        (WebCore::):
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::appendTrailingWhitespace):
        * editing/visible_units.cpp:
        (WebCore::nextBoundary):

2010-04-21  Jesus Sanchez-Palencia  <jesus@webkit.org>

        Reviewed by Kenneth Rohde Christiansen.

        Add PageClientQt files.

        [Qt] PageClientQt specific implementation for QWidget
        https://bugs.webkit.org/show_bug.cgi?id=37858

        * WebCore.pro:

2010-04-21  Diego Escalante Urrelo  <descalante@igalia.com>

        Reviewed by Xan Lopez.

        [Gtk] Evaluate and create tests for all the AtkRole's implemented by
        WebKitGtk
        https://bugs.webkit.org/show_bug.cgi?id=34449

        Implement ATK_ROLE_SEPARATOR.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/gtk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

2010-04-21  David Leong  <david.leong@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Symbian apps crash on exit due to a bad qObject_cast.

        https://bugs.webkit.org/show_bug.cgi?id=37303

        Added check for NULL to avoid the crash. Reworked to fix memory leak
           
        * plugins/symbian/PluginViewSymbian.cpp:
        (WebCore::PluginView::platformDestroy):

2009-04-21  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Alexey Proskuryakov.

        aria-liveregion-notifications.html fails on leopard release bot
        https://bugs.webkit.org/show_bug.cgi?id=37112

        Change the method that DRT uses to monitor AX notifications so that its robust
        by just sending out NSNotification that can be listened to by anyone, instead
        of keeping a static function pointer around.
   
        This change is aimed to avoid flakiness seen in DRT when the notification handlers
        are not being called at the appropriate time.

        Tests: platform/mac/accessibility/aria-liveregions-addedelement.html
               platform/mac/accessibility/aria-liveregions-changedalt.html
               platform/mac/accessibility/aria-liveregions-changedtext.html
               platform/mac/accessibility/aria-liveregions-removedelement.html

        * accessibility/mac/AccessibilityObjectWrapper.h:
        * accessibility/mac/AccessibilityObjectWrapper.mm:
        (-[AccessibilityObjectWrapper accessibilitySetShouldRepostNotifications:]):
        (-[AccessibilityObjectWrapper accessibilityPostedNotification:]):

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Leopard build fix).
        Remove old exports.

        * WebCore.base.exp:

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        Bug 37949 - Do no copy strings into a shared buffer when converting UStrings to Strings
        UString and String now have the same internal representation; Just re-wrap the internal impl.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsStringSlowCase):
        * bindings/js/JSDOMBinding.h:
        (WebCore::ustringToString):
        (WebCore::stringToUString):
        (WebCore::identifierToString):
        (WebCore::ustringToAtomicString):
        (WebCore::identifierToAtomicString):

2010-04-21  Mark Rowe  <mrowe@apple.com>

        Reviewed by Eric Carlson.

        <rdar://problem/7313430> Many crashes in Safari inside Flip4Mac below -[NSAlert didEndAlert:returnCode:contextInfo:]

        A manual test case is required here as the Flip4Mac plug-in displays an alert, and some manual tweaking of the plug-in's
        preference file on disk is often required to reproduce the bug.

        * manual-tests/plugins/flip4mac-update-alert-over-navigation.html: Added.

2010-04-21  Mark Rowe  <mrowe@apple.com>

        Reviewed by Maciej Stachowiak.

        <rdar://problem/7856151> REGRESSION: NPP_Destroy is not called when page navigates when plug-in is displaying modal dialog

        This is a manual test case as I was not able to construct an automated test that reproduced the same issue without displaying
        a modal dialog on-screen.

        * manual-tests/plugins/timeout-dialog-displayed-over-navigation.html: Added.
        * manual-tests/plugins/timeout-dialog-displayed-over-navigation.swf: Added.

2010-04-21  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=37937
        Wean JavaScriptCore off calls to isMainThread()

        No change in behavior.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonJSGlobalData):
        Explicitly set a large stack type for the common JSGlobalData and
        set the currently running thread as the exclusive thread for its 
        execution.

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::WorkerScriptController):
        Explicitly set a small stack type for the workers JSGlobalData. 

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Qt build fix).

        * WebCore.gypi:
        * WebCore.pro:
        * platform/text/qt/StringQt.cpp: Removed.

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt, Darin Adler.

        Bug 37906 - Remove JSC::UStringImpl; unify with StringImpl.
        Add include for StringHash.h.

        * WebCore.xcodeproj/project.pbxproj:
        * bridge/c/c_class.cpp:

2010-04-21  Alexey Proskuryakov  <ap@apple.com>

        Tiger build fix.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::createNSURLConnection): Fixed a typo, named an argument.
        (WebCore::ResourceHandle::start): Moved shouldUseCredentialStorage out of #if, since it's
        now passed to createNSURLConneciton() on all platforms (and then ignored on Tiger).

2010-04-21  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adam Roben.

        Windows build fix.

        * platform/network/cf/ResourceHandleCFNet.cpp: Declare CFURLConnectionCreateWithProperties
        for now, as it's mistakenly missing from WebKitSupportLibrary headers.

2010-04-21  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Adler.

        REGRESSION(r57292): Safari/Win and Chromium/Win no longer pass the acid3 test.
        https://bugs.webkit.org/show_bug.cgi?id=37902

        The issue is due to MSVC creating enums as signed. The fix is to store the value
        as unsigned.

        Test: http://acid3.acidtests.org/

        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags): Changed type of _insideLink to unsigned.

2010-04-21  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Brady Eidson.

        https://bugs.webkit.org/show_bug.cgi?id=37933
        <rdar://problem/7719540> XMLHttpRequest.withCredentials should be better enforced.

        Test: http/tests/xmlhttprequest/cross-origin-authorization-with-embedder.html

        This improves integration between ResourceHandle and Apple networking libraries.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::createConnectionProperties): A new helper for creating connection properties dictionary.
        (WebCore::ResourceHandle::start): Pass connection properties.
        (WebCore::WebCoreSynchronousLoader::load): Ditto.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::createNSURLConnection): Factor out OS version dependent code for creating
        NSURLConnection. Tell NSURLConnection about credential policy upfront.
        (WebCore::ResourceHandle::start): Use the new function.
        (+[WebCoreSynchronousLoader loadRequest:allowStoredCredentials:returningResponse:error:]): Ditto.

2010-04-21  Xiaomei Ji  <xji@chromium.org>

        Reviewed by Dimitri Glazkov

        This patch fixes [chromium] RTL <select> dropdown box expands to right
        instead of left.
        https://bugs.webkit.org/show_bug.cgi?id=37232

        No automatic test is possible.

        * manual-tests/select_dropdown_box_alignment.html: Added.
        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::layout): Adjust the x-axis of dropdown box 
        for RTL.

2010-04-21  anton muhin  <antonm@google.com>

        Reviewed by Adam Barth.

        [v8] Bail out if fetching of Object.prototype fails.
        https://bugs.webkit.org/show_bug.cgi?id=37661

        If for any reason we failed to fetch Object.prototype, context cannot
        be properly initialized and we bail out.

        * bindings/v8/V8DOMWindowShell.cpp:
        (WebCore::V8DOMWindowShell::initContextIfNeeded): bail out if installHiddenObjectPrototype failed
        (WebCore::V8DOMWindowShell::installHiddenObjectPrototype): bail out if failed to fetch Object.prototype
        * bindings/v8/V8DOMWindowShell.h: return false if installHiddenObjectPrototype failed

2010-04-21  Timothy Hatcher  <timothy@apple.com>

        Make UserContentURLPattern correctly check for subdomains and the URL
        has the same suffix as the pattern. Also improve the parsing of the host.

        https://bugs.webkit.org/show_bug.cgi?id=37357

        Reviewed by Darin Adler.

        * page/UserContentURLPattern.cpp:
        (WebCore::UserContentURLPattern::parse): Simplify the subdomain pattern parsing to
        simply check for "*" only or a "*." prefix and then do a substring.
        (WebCore::UserContentURLPattern::matchesHost): Check that the host has a "." in the
        position before the suffix to ensure it a subdomain and not just a suffix match.

2010-04-21  Xan Lopez  <xlopez@igalia.com>

        Try to fix compilation on GTK+ debug bots.

        * bindings/gobject/WebKitDOMBinding.cpp:
        (WebKit::createWrapper):

2010-04-21  Jakub Wieczorek  <jwieczorek@webkit.org>

        Reviewed by Darin Adler.

        List item markers are not always updated after changes in the DOM.
        https://bugs.webkit.org/show_bug.cgi?id=37060

        In particular, they would not be updated when adding/removing an item
        that is not a direct child of the list element.

        Tests: fast/lists/ol-nested-items-dynamic-insert.html
               fast/lists/ol-nested-items-dynamic-remove.html
               fast/lists/ol-nested-items.html
               fast/lists/ol-nested-list-dynamic-insert.html
               fast/lists/ol-nested-list-dynamic-remove.html
               fast/lists/ol-nested-list.html

        * rendering/RenderListItem.cpp:
        (WebCore::updateListMarkerNumbers): Change it to traverse the whole subtree of a list, not only siblings of an item.
        * rendering/RenderListItem.h:
        * rendering/RenderObject.cpp: Move the updateListMarkerNumbers function to RenderListItem.cpp.
        (WebCore::RenderObject::addChild): Move the code updating list markers to RenderObjectChildList for consistency.
        * rendering/RenderObjectChildList.cpp: Move the updateListMarkerNumbers function to RenderListItem.cpp.
        (WebCore::RenderObjectChildList::removeChildNode): Pass the actual node being removed, not the next sibling.
        (WebCore::RenderObjectChildList::appendChildNode): Pass the actual node being added, not the next sibling.
        (WebCore::RenderObjectChildList::insertChildNode): Pass the actual node being added, not the next sibling.
        * rendering/RenderTreeAsText.cpp:
        (WebCore::markerTextForListItem):

2010-04-21  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Adam Barth.

        [GTK] GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=33590

        Initial version of the GObject DOM bindings.

        Only bindings for Node.idl and a few of its dependencies are
        provided, without public API to access them at the
        moment. References to the Document interfaces and to
        EventListeners in Node.idl are ignored for GObject to make the
        initial patch as small as possible, but will be enabled in a
        follow-up patch.

        * GNUmakefile.am:
        * bindings/gobject/ConvertToUTF8String.cpp: Added.
        (convertToUTF8String):
        * bindings/gobject/ConvertToUTF8String.h: Added.
        * bindings/gobject/WebKitDOMBinding.cpp: Added.
        (WebKit::domObjects):
        (WebKit::DOMObjectCache::get):
        (WebKit::DOMObjectCache::put):
        (WebKit::DOMObjectCache::forget):
        (WebKit::createWrapper):
        (WebKit::kit):
        * bindings/gobject/WebKitDOMBinding.h: Added.
        * bindings/gobject/WebKitDOMObject.cpp: Added.
        (webkit_dom_object_init):
        (webkit_dom_object_class_init):
        * bindings/gobject/WebKitDOMObject.h: Added.
        * bindings/scripts/CodeGeneratorGObject.pm: Added.
        * bindings/scripts/gobject-generate-headers.pl: Added.
        * dom/Node.idl:

2010-04-21  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Xan Lopez.

        Wrong header being included in FontPlatformDataCairo.cpp
        https://bugs.webkit.org/show_bug.cgi?id=37829

        No behavior changes, so no new tests were added.

        * platform/graphics/cairo/FontPlatformDataCairo.cpp:

2010-04-21  Adam Roben  <aroben@apple.com>

        Fix leaks of FilterData/SVGFilterBuilder in RenderSVGResourceFilter

        Fixes <http://webkit.org/b/37922>.

        Reviewed by Dave Hyatt.

        * rendering/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::applyResource): Use an OwnPtr to
        hold the heap-allocated FilterData object, so that we won't leak it
        when we bail out of this function on error.

2010-04-21  Zoltan Herczeg  <zherczeg@webkit.org>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] startAnimation() is not needed to preceede nativeImageForCurrentFrame()
        https://bugs.webkit.org/show_bug.cgi?id=37844

        nativeImageForCurrentFrame() resets the m_decoder parameter under Qt,
        which is required by startAnimation() to detect frame and repetition counts.
        Hence, Image::drawTiled cannot start animations under Qt:
        <html><body background="animated.gif"></body></html> does not work

        * platform/graphics/qt/ImageDecoderQt.cpp:
        (WebCore::ImageDecoderQt::internalHandleCurrentImage):

2010-04-21  Benjamin Poulain  <ikipou@gmail.com>

        Reviewed by Simon Fraser.

        Update of fixed elements is not made correctly when the page has been scrolled
        https://bugs.webkit.org/show_bug.cgi?id=36783

        When a fixed element was updated, the old geometry was not repainted correctly
        because the repaint rect was cached during the layout and not updated when 
        scrolling.

        The rect is now updated while scrolling so the region updated correspond to the
        region of the element on the screen.

        The method RenderLayer::updateRepaintRectsAfterScroll() updates
        the repaint rect of all fixed tree after scroll.

        Tests: fast/repaint/fixed-child-move-after-scroll.html
               fast/repaint/fixed-child-of-fixed-move-after-scroll.html
               fast/repaint/fixed-child-of-transformed-move-after-scroll.html
               fast/repaint/fixed-move-after-scroll.html

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollPositionChanged):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateRepaintRectsAfterScroll):
        * rendering/RenderLayer.h:

2010-04-21  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Adam Roben.

        Update EFL port to match recent API changes.
        http://webkit.org/b/37853

        No behavior changes, so no new tests were added.

        * platform/efl/FileSystemEfl.cpp:
        * platform/efl/LocalizedStringsEfl.cpp:
        (WebCore::missingPluginText):
        (WebCore::crashedPluginText):
        * platform/efl/MIMETypeRegistryEfl.cpp:
        (WebCore::MIMETypeRegistry::isApplicationPluginMIMEType):
        * platform/graphics/efl/ImageEfl.cpp:

2010-04-21  Avi Drissman  <avi@chromium.org>

        Reviewed by Simon Fraser.

        JPG images fail to print in Chromium
        https://bugs.webkit.org/show_bug.cgi?id=37796

        Image sources of JPG data with final=false fail to draw into PDF contexts even if later updated (<rdar://problem/7874035>). Therefore, destroy and re-create the image source when the final data arrives.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::setData):

2010-04-21  Marcus Bulach  <bulach@chromium.org>

        Reviewed by Nate Chapin.

        EventSource needs to be marked as an ActiveDomType.
        https://bugs.webkit.org/show_bug.cgi?id=37857
        Existing layout tests (fast/eventsource and http/tests/eventsource/) should pass when compiling with eventsource enabled.

        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/V8DOMWrapper.cpp:
        * bindings/v8/custom/V8EventSourceConstructor.cpp:
        (WebCore::V8EventSource::constructorCallback):

2010-04-21  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Nikolas Zimmermann.

        Add missing includes to platform/posix/FileSystemPOSIX.cpp
        https://bugs.webkit.org/show_bug.cgi?id=37861

        No behavior changes, so no new tests were added.

        * platform/posix/FileSystemPOSIX.cpp:

2010-04-21  No'am Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Simon Fraser.

        [Qt] Fix or remove the runtime flag for accelerated compositing.

        This adds a way for a chrome client to disallow layers from becoming composited,
        even if the settings enable accelerated compositing. This is necessary for platforms
        where different views can be applied with the same settings to the same page.

        We enable an API through ChromeClient to ask the chrome-client whether or not
        it can render composited layers, which is taken into account when the compositor
        decides whether or not to start compositing.

        https://bugs.webkit.org/show_bug.cgi?id=37313

        Pages under LayoutTests/compositing now work under QWebView, even when
        QWebSettings::AcceleratedCompositingEnabled is on.

        * page/ChromeClient.h:
        (WebCore::ChromeClient::allowsAcceleratedCompositing):
        * platform/qt/QWebPageClient.h:
        (QWebPageClient::allowsAcceleratedCompositing):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::canBeComposited):

2010-04-21  Ryosuke Niwa  <rniwa@webkit.org>

        No review. Spurious whitespace was removed from project file.

        * WebCore.xcodeproj/project.pbxproj:

2010-04-20  Ryosuke Niwa  <rniwa@webkit.org>

        Reviewed by Eric Seidel.

        [Qt] Build fix: warning on L933 of CompositeEditCommand.cpp
        https://bugs.webkit.org/show_bug.cgi?id=37912

        Replaced the ternary operator by an if statement because GCC was confused by the use of
        ternary operator and producing warnings on Qt builds.

        * WebCore.xcodeproj/project.pbxproj:
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphs):

2010-04-20  Ryosuke Niwa  <rniwa@webkit.org>

        Reviewed by Justin Garcia.

        Nested <ul>s are mishandled when converted to <ol> using execCommand('insertorderedlist')
        https://bugs.webkit.org/show_bug.cgi?id=19539

        Fixes a bug where two consecutive lists are not merged if they have been converted
        from ordered/unordered lists inside another list.

        The bug was caused by InsertListCommand::doApply where it did not merge a newly inserted
        list element and its neighbors. This patch adds code to doApply so that after inserting
        the list element, it updates previousList and nextList to the outermost list elements around
        insertionPos under the same enclosing list. Because the next and the previous list elements
        are not necessarily visually next to the newly inserted element before moveParagraph moves
        the paragraph into the new list element, doApply merges lists after moveParagraph is called.

        Test: editing/execCommand/insert-lists-inside-another-list.html

        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::doApply): Modified as described above
        * editing/htmlediting.cpp:
        (WebCore::outermostEnclosingList): Added rootNode. Returns the outermost list element,
          which is a descendent of rootNode.
        * editing/htmlediting.h:

2010-04-20  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37776
        <rdar://problem/7877716> REGRESSION: When using dvorak, keydown/keyup reports qwerty keyCodes

        * platform/cocoa/KeyEventCocoa.mm: (WebCore::windowsKeyCodeForCharCode): Re-added mapping
        for Roman letters and punctuation.

        * platform/mac/KeyEventMac.mm: (WebCore::windowsKeyCodeForKeyEvent): Improved approximation
        of IE behavior. Keyboard layouts that change location of Roman letters (like AZERTY or Dvorak)
        also switch their keycodes. Also, restored Safari 4 behavior for punctuation. It's difficult
        to match Windows for punctuation exactly, because keyboard layouts make arbitrary changes
        to their keycodes.

2010-04-20  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Adler and Alexey Proskuryakov.

        A backslash in EUC-JP becomes to a yen sign when it is copied
        https://bugs.webkit.org/show_bug.cgi?id=36419

        Tests: editing/execCommand/transpose-backslash-with-euc.html
               editing/pasteboard/copy-backslash-with-euc.html

        * editing/Editor.cpp: Remove an unnecessary displayStringModifiedByEncoding calls.
        (WebCore::Editor::addToKillRing):
        * editing/TextIterator.cpp: TextIterator can use RenderText::textWithoutTranscoding and now plainText() uses this version
        (WebCore::TextIterator::TextIterator):
        (WebCore::TextIterator::init):
        (WebCore::TextIterator::emitText):
        (WebCore::plainTextToMallocAllocatedBuffer):
        * editing/TextIterator.h:
        (WebCore::):
        * platform/mac/PasteboardMac.mm: Remove an unnecessary displayStringModifiedByEncoding call.
        (WebCore::Pasteboard::writeSelection):
        * platform/text/TextEncoding.h: Make backslashAsCurrencySymbol public.
        * rendering/RenderText.cpp: Add RenderText::textWithoutTranscoding
        (WebCore::RenderText::RenderText):
        (WebCore::RenderText::updateNeedsTranscoding):
        (WebCore::RenderText::styleDidChange):
        (WebCore::isInlineFlowOrEmptyText):
        (WebCore::RenderText::previousCharacter):
        (WebCore::RenderText::setTextInternal):
        (WebCore::RenderText::textWithoutTranscoding):
        (WebCore::RenderText::transformText):
        * rendering/RenderText.h:
        * rendering/RenderTextControl.cpp: Remove an unnecessary displayStringModifiedByEncoding call.
        (WebCore::RenderTextControl::setInnerTextValue):
        (WebCore::RenderTextControl::finishText):
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::previousCharacter):
        * rendering/RenderTextFragment.h:

2010-04-20  Nate Chapin  <japhet@chromium.org>

        Reviewed by Dimitri Glazkov.

        https://bugs.webkit.org/show_bug.cgi?id=37367

        Fix style violations in code generated by CodeGeneratorV8.pm.

        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/test/V8TestObj.cpp:
        * bindings/v8/test/V8TestObj.h:

2010-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57924.
        http://trac.webkit.org/changeset/57924
        https://bugs.webkit.org/show_bug.cgi?id=37898

        It broke 3-4 test on all bot (Requested by Ossy on #webkit).

        * page/AbstractView.idl:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::media):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 37895 - Share common code from UStringImplBase with StringImpl
        Add forwarding header.

        * ForwardingHeaders/wtf/text/StringImplBase.h: Added.

2010-04-20  Adam Barth  <abarth@webkit.org>

        Unreviewed build fix fro Chromium.

        * loader/DocumentWriter.cpp:

2010-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Support live edit while on a breakpoint, preserve breakpoints when adding new lines.

        https://bugs.webkit.org/show_bug.cgi?id=37820

        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.editScriptLine.mycallback):
        (WebInspector.ScriptsPanel.prototype.editScriptLine):
        * inspector/front-end/TextViewer.js:
        (WebInspector.TextViewer.prototype._handleDoubleClick):
        (WebInspector.TextViewer.prototype._cancelEditingLine):

2010-04-20  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Factor DocumentWriter out of FrameLoader
        https://bugs.webkit.org/show_bug.cgi?id=37175

        This patch separates the begin/write/end cycle of decoding network
        bytes and putting them into a document from the rest of the loading
        machinery.  The code and state required to write bytes into a document
        doesn't interact very much with the rest of the loading machinery.

        No tests because there is no behavior change (hopefully!).

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.base.exp:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/ScriptControllerBase.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * dom/Document.cpp:
        (WebCore::Document::close):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::checkStyleSheet):
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElementData::scriptCharset):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * loader/DocLoader.cpp:
        (WebCore::DocLoader::requestPreload):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::setupForReplaceByMIMEType):
        * loader/DocumentWriter.cpp: Added.
        * loader/DocumentWriter.h: Added.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::clear):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::setURL):
        (WebCore::FrameLoader::didBeginDocument):
        (WebCore::FrameLoader::didEndDocument):
        (WebCore::FrameLoader::willSetEncoding):
        (WebCore::FrameLoader::addData):
        (WebCore::FrameLoader::transitionToCommitted):
        (WebCore::FrameLoader::open):
        (WebCore::FrameLoader::finishedLoadingDocument):
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::writer):
        (WebCore::FrameLoader::isDisplayingInitialEmptyDocument):
        * loader/MediaDocument.cpp:
        (WebCore::MediaDocument::replaceMediaElementTimerFired):
        * loader/PluginDocument.cpp:
        (WebCore::PluginTokenizer::createDocumentStructure):
        * platform/network/FormDataBuilder.cpp:
        (WebCore::FormDataBuilder::dataEncoding):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2010-04-20  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Simon Fraser.

        Rename window.media to window.styleMedia
        https://bugs.webkit.org/show_bug.cgi?id=36187

        It has been defined that the AbstractView media extension
        defined in the CSSOM View spec should be renamed to styleMedia.
        This patch does that and updates the current layout tests
        making use of it.

        * page/AbstractView.idl:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::styleMedia):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2010-04-20  Timothy Hatcher  <timothy@apple.com>

        Fix matching of "file:///*" patterns by not trying to compare the host. The host is
        irrelevant for file URLs.

        Also fix comparisons to be case insensitive.

        https://bugs.webkit.org/show_bug.cgi?id=37889

        Reviewed by Dave Hyatt.

        * page/UserContentURLPattern.cpp:
        (WebCore::UserContentURLPattern::parse): Use equalIgnoringCase when comparing for "file" schemes.
        (WebCore::UserContentURLPattern::matches): Use equalIgnoringCase when comparing schemes. Only call
        matchesHost if the scheme isn't "file".
        (WebCore::UserContentURLPattern::matchesHost): Call equalIgnoringCase when comparing hosts. The endsWith
        was already doing a case-insensitive compare, so existing tests worked though this path.

2010-04-20  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Adam Barth.

        Invalid cast due to <video> inside <foreignObject> inside <svg> inside <img>
        https://bugs.webkit.org/show_bug.cgi?id=37331

        Added a setting to enable/disable media per-page and have the SVGImage 
        disable media for its dummy page. Also found and fixed a related bad
        cast in the V8 bindings (JSC had a custom wrapper for this already).

        Tests: media/svg-as-image-with-media-blocked.html

        * dom/make_names.pl: Added media enabled check and V8 cast wrapper
        * page/Settings.cpp: Added m_isMediaEnabled (defaults to true)
        (WebCore::Settings::Settings):
        (WebCore::Settings::setMediaEnabled):
        * page/Settings.h:
        (WebCore::Settings::isMediaEnabled):
        * svg/graphics/SVGImage.cpp: Disables media in dummy page
        (WebCore::SVGImage::dataChanged):

2010-04-19  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Simon Fraser.

        Spatial Navigation: at @updateFocusCandidateIfCloser make an assignment shortcut when FocusCandidate is null
        https://bugs.webkit.org/show_bug.cgi?id=37802

        In updateFocusCandidateIfCloser method, we do all bail out checks in the begining of
        the method body. If after those bail out checks, no "best FocusCandidate" has been taken
        yet (i.e. focusCandidate.isNull() == true), we can safely take the current candidate,
        and exit earlier.

        No behavior change, it is just a safe assignment shortcut.

        * page/FocusController.cpp:
        (WebCore::updateFocusCandidateIfCloser):

2010-04-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Hook compositing layers together across iframes
        https://bugs.webkit.org/show_bug.cgi?id=37878
        
        First step: if an iframe's document goes into compositing mode, also throw the parent
        document into compositing mode (all the way up to the root). This is required both
        to preserve layering (since parent document content can obscure iframe content),
        and so that we can eventually hook the layer trees together.

        Test: compositing/iframes/composited-iframe.html

        * rendering/RenderIFrame.h:
        * rendering/RenderIFrame.cpp:
        (WebCore::RenderIFrame::requiresLayer): In order to make an iframe composited, it also has to have
        a RenderLayer, so must return |true| from requiresLayer().
        (WebCore::RenderIFrame::requiresAcceleratedCompositing): Returns true if the content document
        is in compositing mode.
        (WebCore::RenderIFrame::isRenderIFrame): Required so that RenderLayerCompositor can check
        if a renderer is an iframe.
        (WebCore::toRenderIFrame): Required so that RenderLayerCompositor can cast to a RenderIFrame.

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::enableCompositingMode): Call out to the RenderView when
        the compositing mode changes, so that the parent document can update its compositing status.
        (WebCore::RenderLayerCompositor::requiresCompositingLayer): Call requiresCompositingForIFrame().
        (WebCore::RenderLayerCompositor::requiresCompositingForIFrame): Check to see if the iframe
        wants to be composited.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isRenderIFrame): Base class returns false.

        * rendering/RenderView.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::compositingStateChanged): New method that allows an iframe to notify
        its parent document that a recalcStyle is required, to update compositing state.

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).
        Speculative tiger build fix.

        * WebCore.NPAPI.exp:
        * WebCore.PluginHostProcess.exp:
        * WebCore.base.exp:

2010-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: add basic script editing capabilities to the front-end.

        https://bugs.webkit.org/show_bug.cgi?id=37875

        * bindings/js/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::setBreakpoint):
        (WebCore::ScriptDebugServer::removeBreakpoint):
        * inspector/front-end/ScriptView.js:
        (WebInspector.ScriptView):
        (WebInspector.ScriptView.prototype._editLine):
        (WebInspector.ScriptView.prototype._editLineComplete):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype._resourceLoadingFinished):
        (WebInspector.ScriptsPanel.prototype.canEditScripts):
        (WebInspector.ScriptsPanel.prototype.editScriptLine):
        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame):
        (WebInspector.SourceFrame.prototype.updateContent):
        (WebInspector.SourceFrame.prototype._createViewerIfNeeded):
        * inspector/front-end/TextEditorHighlighter.js:
        (WebInspector.TextEditorHighlighter):
        (WebInspector.TextEditorHighlighter.prototype.reset):
        * inspector/front-end/TextEditorModel.js:
        (WebInspector.TextEditorModel.prototype.copyRange):
        * inspector/front-end/TextViewer.js:
        (WebInspector.TextViewer):
        (WebInspector.TextViewer.prototype.set editCallback):
        (WebInspector.TextViewer.prototype._buildChunks):
        (WebInspector.TextViewer.prototype._handleKeyDown):
        (WebInspector.TextViewer.prototype._handleDoubleClick):
        (WebInspector.TextViewer.prototype._commitEditingLine):
        (WebInspector.TextViewer.prototype._cancelEditingLine):
        * inspector/front-end/inspector.js:
        (WebInspector.documentKeyDown):
        (WebInspector.log.logMessage):
        (WebInspector.log):
        (WebInspector.isEditingAnyField):
        (WebInspector.startEditing.cleanUpAfterEditing):

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Add forwarding header.

        * ForwardingHeaders/runtime/RopeImpl.h: Added.

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 37828 - Move WebCore's String classes to WTF

        Move these classes up to WTF so they are available to all clients of WTF (in
        particular JSC).

        As a first patch, making the most minimal change possible, since this patch
        could easily grow rather large since we'll have to change every class forward
        declaration ( e.g. every "namespace WebCore { class String; }" much change to
        "namespace WTF { class String; }").

        Moving the files, but leaving the classes logically in the WebCore namespace -
        which is technically a layering violation - I'll come back and fix this up in a
        subsequent patch.

        * Android.mk:
        * ForwardingHeaders/wtf/StaticConstructors.h: Added.
        * ForwardingHeaders/wtf/text/AtomicString.h: Added.
        * ForwardingHeaders/wtf/text/AtomicStringImpl.h: Added.
        * ForwardingHeaders/wtf/text/StringBuffer.h: Added.
        * ForwardingHeaders/wtf/text/StringHash.h: Added.
        * ForwardingHeaders/wtf/text/StringImpl.h: Added.
        * ForwardingHeaders/wtf/text/WTFString.h: Added.
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * css/MediaFeatureNames.cpp:
        * dom/QualifiedName.cpp:
        * dom/make_names.pl:
        * platform/StaticConstructors.h: Removed.
        * platform/text/AtomicString.cpp: Removed.
        * platform/text/AtomicString.h:
        * platform/text/AtomicStringImpl.h:
        * platform/text/PlatformString.h:
        * platform/text/String.cpp:
        * platform/text/StringHash.h:
        * platform/text/StringImpl.cpp: Removed.
        * platform/text/StringImpl.h:

2010-04-20  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Change a parameter type of chooseIconForFiles()
        https://bugs.webkit.org/show_bug.cgi?id=37504

        Change PassRefPtr<FileChooser> parameter of chooseIconForFiles()
        to FileChooser*. Though an implementation of chooseIconForFiles()
        might have ownership of the FileChooser instance, we don't need to
        use PassRefPtr<> in this case.

        * loader/EmptyClients.h:
        (WebCore::EmptyChromeClient::chooseIconForFiles):
        * page/Chrome.cpp:
        (WebCore::Chrome::chooseIconForFiles):
        * page/Chrome.h:
        * page/ChromeClient.h:

2010-04-20  Diego Escalante Urrelo  <descalante@igalia.com>

        Reviewed by Xan Lopez.

        [Gtk] Evaluate and create tests for all the AtkRole's implemented by
        WebKitGtk
        https://bugs.webkit.org/show_bug.cgi?id=34449

        Implement ATK_ROLE_FORM.

        * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
        (webkit_accessible_get_role):

2010-04-20  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha Silva.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Move most of the PasteboardHelper logic into WebCore. This helps
        prepare for WebKit2 and leads to a clearer separation of concerns
        between the WebKit and WebCore layers.

        No new tests as functionality has not changed.

        * GNUmakefile.am: Add PastboardHelper.cpp to list of sources.
        * platform/Pasteboard.h: Added a getter for the PasteboardHelper and made the member private.
        * platform/gtk/PasteboardGtk.cpp: Update PasteboardHelper method calls to use new naming.
        (WebCore::clipboard_get_contents_cb): Ditto.
        (WebCore::Pasteboard::helper): Added, member is now private.
        (WebCore::Pasteboard::writeURL): Ditto.
        (WebCore::Pasteboard::documentFragment): Update to reflect method renaming.
        (WebCore::Pasteboard::plainText): Ditto.
        * platform/gtk/PasteboardHelper.cpp: Added.
        (WebCore::PasteboardHelper::PasteboardHelper): Added.
        (WebCore::PasteboardHelper::~PasteboardHelper): Added.
        (WebCore::PasteboardHelper::initializeTargetList): Added, originally from WebKit.
        (WebCore::widgetFromFrame): Added helper function.
        (WebCore::PasteboardHelper::getCurrentClipboard): Added, originally from WebKit.
        (WebCore::PasteboardHelper::getClipboard): Ditto.
        (WebCore::PasteboardHelper::getPrimarySelectionClipboard): Ditto.
        (WebCore::PasteboardHelper::targetList): Ditto.
        (WebCore::PasteboardHelper::fillSelectionData): Ditto.
        (WebCore::PasteboardHelper::targetListForDataObject): Ditto.
        (WebCore::getClipboardContentsCallback): Ditto.
        (WebCore::clearClipboardContentsCallback): Ditto.
        (WebCore::PasteboardHelper::writeClipboardContents): Ditto.
        * platform/gtk/PasteboardHelper.h: Moved methods from WebKit to WebCore.

2010-04-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Anders Carlsson.

        backgroundColor is oddly indented in layer tree dump
        https://bugs.webkit.org/show_bug.cgi?id=37885

        The writeIndent() was mistakenly outside the LayerTreeAsTextDebug clause, causing indents
        to be written twice.
        
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties):

2010-04-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dimitri Glazkov.

        Clean up RenderPart/RenderPartObject/RenderFrame/RenderEmbeddedObject
        https://bugs.webkit.org/show_bug.cgi?id=37741

        RenderPartObject is a useless intermediate class between RenderPart and
        RenderEmbeddedObject, and we can now remove it. Its only method, viewCleared(),
        applies to objects and embeds when the content is a FrameView, so can move
        to RenderEmbeddedObject.

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        (WebCore::RenderEmbeddedObject::requiresLayer):
        (WebCore::RenderEmbeddedObject::paint):
        (WebCore::RenderEmbeddedObject::viewCleared):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFrameBase.h:
        * rendering/RenderPart.cpp:
        (WebCore::RenderPart::RenderPart):
        * rendering/RenderPart.h:
        * rendering/RenderPartObject.cpp: Removed.
        * rendering/RenderPartObject.h: Removed.

2010-04-20  Robin Cao  <robin.webkit@gmail.com>

        Reviewed by Dirk Schulze.

        SVG no AnimateColor for stroke or fill if they are set to none on target.
        https://bugs.webkit.org/show_bug.cgi?id=36718

        SVGAnimateElement::resetToBaseValue reset 'm_propertyType' in the process of animation.
        This will cause problems when attributes 'fill' and 'stroke' have the value 'none', because in this case 
        the property type determined by base value may be different from the one determined by 'fromTo' values.

        No new tests. The test suite in svg/animation is not working for target element with attribute 'fill' set to 'none'.
        Now animateColor on target element with attributes 'fill' and 'stroke' set to 'none' is possible.

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateFromAndToValues):
        (WebCore::SVGAnimateElement::resetToBaseValue):

2010-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57892.
        http://trac.webkit.org/changeset/57892
        https://bugs.webkit.org/show_bug.cgi?id=37864

        Caused an assertion in Mac builds (Requested by smfr on
        #webkit).

        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::insideVisibleArea):
        * page/Frame.cpp:
        (WebCore::Frame::ownerRenderer):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::~FrameView):
        (WebCore::FrameView::clear):
        (WebCore::FrameView::invalidateRect):
        (WebCore::FrameView::createScrollbar):
        * rendering/RenderFrameBase.h:
        * rendering/RenderObject.h:

2010-04-20  Jakub Wieczorek  <jwieczorek@webkit.org>

        Reviewed by Darin Adler.

        RenderListItem: change enclosingList() to only traverse the render tree.
        https://bugs.webkit.org/show_bug.cgi?id=37319

        This makes the function safe to use for items with nodes that are detached from
        the DOM tree and simplifies the code quite a bit.

        Covered by existing tests.

        * rendering/RenderListItem.cpp:
        (WebCore::enclosingList):
        (WebCore::previousListItem):
        (WebCore::RenderListItem::explicitValueChanged):

2010-04-20  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Clean up RenderPart/RenderPartObject/RenderFrame/RenderEmbeddedObject
        https://bugs.webkit.org/show_bug.cgi?id=37741

        Make Frame::ownerRenderer() return a RenderFrameBase* rather than a
        RenderPart*, and add the necessary toRenderFrameBase() and isRenderFrameBase().

        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::insideVisibleArea):
        * page/Frame.cpp:
        (WebCore::Frame::ownerRenderer):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::~FrameView):
        (WebCore::FrameView::clear):
        (WebCore::FrameView::invalidateRect):
        (WebCore::FrameView::createScrollbar):
        * rendering/RenderFrameBase.h:
        (WebCore::RenderFrameBase::isRenderFrameBase):
        (WebCore::toRenderFrameBase):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isRenderFrameBase):

2010-04-20  Jay Civelli  <jcivelli@chromium.org>

        Reviewed by Dimitri Glazkov.

        [chromium] Pressing tab now closes the select popup as it should.
        https://bugs.webkit.org/show_bug.cgi?id=37721

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupListBox::handleKeyEvent):

2010-04-20  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Nate Chapin.

        Null value should be legit value for wrapped types. This requires some cleanup in canvas which was missing built-in null argument checks;
        https://bugs.webkit.org/show_bug.cgi?id=37810

        * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
        (WebCore::JSCanvasRenderingContext2D::drawImage): Passes ec to drawImage(3) too
        * bindings/scripts/CodeGeneratorV8.pm: A null value is now legit value for wrapped types.
        * bindings/v8/test/V8TestObj.cpp:
        (WebCore::TestObjInternal::overloadedMethodCallback):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawImage): Added null checks.
        (WebCore::CanvasRenderingContext2D::createPattern): Added null checks.
        * html/canvas/CanvasRenderingContext2D.h: Added needed raises "DOMException".
        * html/canvas/CanvasRenderingContext2D.idl: Added needed raises "DOMException".

2010-04-20  Evan Stade  <estade@chromium.org>

        Reviewed by David Levin.

        [chromium] crash when dragging images
        https://bugs.webkit.org/show_bug.cgi?id=37715

        NULL check the return value of nativeImageForCurrentFrame(),
        and NULL check Image just for good measure.

        Tested by new DragImageTest unit test.

        * platform/chromium/DragImageChromiumSkia.cpp:
        (WebCore::createDragImageFromImage):

2010-04-20  Dirk Schulze  <krit@webkit.org>

        Reviewed by Nikolas Zimmermann.

        SVGResourceFilter needs to be moved to under Renderers
        https://bugs.webkit.org/show_bug.cgi?id=35320

        This patch adds a renderer for SVGFilterElement. SVGFilterElement is now independent
        from the SVGResources.
        A clean-up solves the dependencies between SVGFilterElement, the filter primitives
        and SVGResources. This shall make the filter code more readable and better maintable.
        The Filter primitives get dumped now, as long as they have externalRepresentation
        implemented.

        No behavior changes, so no new tests were added.

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::selfWillPaint):
        (WebCore::RenderSVGContainer::paint):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::paint):
        * rendering/RenderSVGResource.h:
        (WebCore::):
        (WebCore::RenderSVGResource::postApplyResource):
        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyResource):
        * rendering/RenderSVGResourceClipper.h:
        * rendering/RenderSVGResourceFilter.cpp: Added.
        (WebCore::RenderSVGResourceFilter::RenderSVGResourceFilter):
        (WebCore::RenderSVGResourceFilter::~RenderSVGResourceFilter):
        (WebCore::RenderSVGResourceFilter::invalidateClients):
        (WebCore::RenderSVGResourceFilter::invalidateClient):
        (WebCore::RenderSVGResourceFilter::buildPrimitives):
        (WebCore::RenderSVGResourceFilter::fitsInMaximumImageSize):
        (WebCore::RenderSVGResourceFilter::applyResource):
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        (WebCore::RenderSVGResourceFilter::resourceBoundingBox):
        * rendering/RenderSVGResourceFilter.h: Added.
        (WebCore::FilterData::FilterData):
        (WebCore::RenderSVGResourceFilter::renderName):
        (WebCore::RenderSVGResourceFilter::filterUnits):
        (WebCore::RenderSVGResourceFilter::primitiveUnits):
        (WebCore::RenderSVGResourceFilter::resourceType):
        * rendering/RenderSVGResourceMarker.h:
        (WebCore::RenderSVGResourceMarker::applyResource):
        * rendering/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):
        * rendering/RenderSVGResourceMasker.h:
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::selfWillPaint):
        (WebCore::RenderSVGRoot::paint):
        * rendering/RenderSVGText.cpp:
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        (WebCore::SVGRenderBase::finishRenderSVGContent):
        (WebCore::SVGRenderBase::filterBoundingBoxForRenderer):
        (WebCore::deregisterFromResources):
        * rendering/SVGRenderSupport.h:
        * rendering/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):
        (WebCore::writeSVGResource):
        (WebCore::writeResources):
        (WebCore::writeRenderResources):
        * rendering/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBoxPaintWalker::SVGRootInlineBoxPaintWalker):
        (WebCore::SVGRootInlineBox::paint):
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::build):
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::build):
        * svg/SVGFEColorMatrixElement.h:
        * svg/SVGFEComponentTransferElement.cpp:
        (WebCore::SVGFEComponentTransferElement::build):
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::build):
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::build):
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEFloodElement.cpp:
        (WebCore::SVGFEFloodElement::build):
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::build):
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::build):
        * svg/SVGFEImageElement.h:
        * svg/SVGFEMergeElement.cpp:
        (WebCore::SVGFEMergeElement::build):
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::build):
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::build):
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::build):
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp:
        (WebCore::SVGFETurbulenceElement::build):
        * svg/SVGFETurbulenceElement.h:
        (WebCore::):
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::createRenderer):
        * svg/SVGFilterElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::setStandardAttributes):
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        (WebCore::SVGFilterPrimitiveStandardAttributes::isFilterEffect):
        (WebCore::SVGFilterPrimitiveStandardAttributes::rendererIsNeeded):
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::invalidateResources):
        * svg/graphics/SVGResource.cpp:
        * svg/graphics/SVGResource.h:
        (WebCore::):
        (WebCore::SVGResource::isPaintServer):
        * svg/graphics/SVGResourceFilter.cpp: Removed.
        * svg/graphics/SVGResourceFilter.h: Removed.
        * svg/graphics/filters/SVGFEDisplacementMap.cpp:
        (WebCore::FEDisplacementMap::externalRepresentation):
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::namedEffects):

2010-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57880.
        http://trac.webkit.org/changeset/57880
        https://bugs.webkit.org/show_bug.cgi?id=37846

        Broke several bots, FEDisplacmentMap dumps includes pointers,
        no one noticed. Dirk will upload a new patch later. (Requested
        by WildFox on #webkit).

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::selfWillPaint):
        (WebCore::RenderSVGContainer::paint):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::paint):
        * rendering/RenderSVGResource.h:
        (WebCore::):
        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyResource):
        * rendering/RenderSVGResourceClipper.h:
        * rendering/RenderSVGResourceFilter.cpp: Removed.
        * rendering/RenderSVGResourceFilter.h: Removed.
        * rendering/RenderSVGResourceMarker.h:
        (WebCore::RenderSVGResourceMarker::applyResource):
        * rendering/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):
        * rendering/RenderSVGResourceMasker.h:
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::selfWillPaint):
        (WebCore::RenderSVGRoot::paint):
        * rendering/RenderSVGText.cpp:
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        (WebCore::SVGRenderBase::finishRenderSVGContent):
        (WebCore::SVGRenderBase::filterBoundingBoxForRenderer):
        (WebCore::deregisterFromResources):
        * rendering/SVGRenderSupport.h:
        * rendering/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):
        (WebCore::writeSVGResource):
        (WebCore::writeResources):
        (WebCore::writeRenderResources):
        * rendering/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBoxPaintWalker::SVGRootInlineBoxPaintWalker):
        (WebCore::SVGRootInlineBox::paint):
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::build):
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::build):
        * svg/SVGFEColorMatrixElement.h:
        * svg/SVGFEComponentTransferElement.cpp:
        (WebCore::SVGFEComponentTransferElement::build):
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::build):
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::build):
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEFloodElement.cpp:
        (WebCore::SVGFEFloodElement::build):
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::build):
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::build):
        * svg/SVGFEImageElement.h:
        * svg/SVGFEMergeElement.cpp:
        (WebCore::SVGFEMergeElement::build):
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::build):
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::build):
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::build):
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp:
        (WebCore::SVGFETurbulenceElement::build):
        * svg/SVGFETurbulenceElement.h:
        (WebCore::):
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::buildFilter):
        (WebCore::SVGFilterElement::canvasResource):
        * svg/SVGFilterElement.h:
        (WebCore::SVGFilterElement::rendererIsNeeded):
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::setStandardAttributes):
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        (WebCore::SVGFilterPrimitiveStandardAttributes::isFilterEffect):
        (WebCore::SVGFilterPrimitiveStandardAttributes::rendererIsNeeded):
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::invalidateResources):
        * svg/graphics/SVGResource.cpp:
        * svg/graphics/SVGResource.h:
        (WebCore::):
        (WebCore::SVGResource::isFilter):
        * svg/graphics/SVGResourceFilter.cpp: Added.
        (WebCore::SVGResourceFilter::SVGResourceFilter):
        (WebCore::SVGResourceFilter::~SVGResourceFilter):
        (WebCore::SVGResourceFilter::filterBoundingBox):
        (WebCore::shouldProcessFilter):
        (WebCore::SVGResourceFilter::addFilterEffect):
        (WebCore::SVGResourceFilter::fitsInMaximumImageSize):
        (WebCore::SVGResourceFilter::prepareFilter):
        (WebCore::SVGResourceFilter::applyFilter):
        (WebCore::SVGResourceFilter::externalRepresentation):
        (WebCore::getFilterById):
        * svg/graphics/SVGResourceFilter.h: Added.
        (WebCore::SVGResourceFilter::create):
        (WebCore::SVGResourceFilter::resourceType):
        (WebCore::SVGResourceFilter::setFilterResolution):
        (WebCore::SVGResourceFilter::setHasFilterResolution):
        (WebCore::SVGResourceFilter::filterBoundingBoxMode):
        (WebCore::SVGResourceFilter::setFilterBoundingBoxMode):
        (WebCore::SVGResourceFilter::effectBoundingBoxMode):
        (WebCore::SVGResourceFilter::setEffectBoundingBoxMode):
        (WebCore::SVGResourceFilter::filterRect):
        (WebCore::SVGResourceFilter::setFilterRect):
        (WebCore::SVGResourceFilter::scaleX):
        (WebCore::SVGResourceFilter::scaleY):
        (WebCore::SVGResourceFilter::setFilterBoundingBox):
        (WebCore::SVGResourceFilter::builder):
        * svg/graphics/filters/SVGFilterBuilder.h:

2010-04-20  Dirk Schulze  <krit@webkit.org>

        Reviewed by Nikolas Zimmermann.

        SVGResourceFilter needs to be moved to under Renderers
        https://bugs.webkit.org/show_bug.cgi?id=35320

        This patch adds a renderer for SVGFilterElement. SVGFilterElement is now independent
        from the SVGResources.
        A clean-up solves the dependencies between SVGFilterElement, the filter primitives
        and SVGResources. This shall make the filter code more readable and better maintable.
        The Filter primitives get dumped now, as long as they have externalRepresentation
        implemented.

        No behavior changes, so no new tests were added.

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::selfWillPaint):
        (WebCore::RenderSVGContainer::paint):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::paint):
        * rendering/RenderSVGResource.h:
        (WebCore::):
        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyResource):
        * rendering/RenderSVGResourceClipper.h:
        * rendering/RenderSVGResourceFilter.cpp: Added.
        (WebCore::RenderSVGResourceFilter::RenderSVGResourceFilter):
        (WebCore::RenderSVGResourceFilter::~RenderSVGResourceFilter):
        (WebCore::RenderSVGResourceFilter::invalidateClients):
        (WebCore::RenderSVGResourceFilter::invalidateClient):
        (WebCore::RenderSVGResourceFilter::buildPrimitives):
        (WebCore::RenderSVGResourceFilter::fitsInMaximumImageSize):
        (WebCore::RenderSVGResourceFilter::applyResource):
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        (WebCore::RenderSVGResourceFilter::resourceBoundingBox):
        * rendering/RenderSVGResourceFilter.h: Added.
        (WebCore::FilterData::FilterData):
        (WebCore::RenderSVGResourceFilter::renderName):
        (WebCore::RenderSVGResourceFilter::filterUnits):
        (WebCore::RenderSVGResourceFilter::primitiveUnits):
        (WebCore::RenderSVGResourceFilter::resourceType):
        * rendering/RenderSVGResourceMarker.h:
        (WebCore::RenderSVGResourceMarker::applyResource):
        * rendering/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):
        * rendering/RenderSVGResourceMasker.h:
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::selfWillPaint):
        (WebCore::RenderSVGRoot::paint):
        * rendering/RenderSVGText.cpp:
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        (WebCore::SVGRenderBase::finishRenderSVGContent):
        (WebCore::SVGRenderBase::filterBoundingBoxForRenderer):
        (WebCore::deregisterFromResources):
        * rendering/SVGRenderSupport.h:
        * rendering/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):
        (WebCore::writeSVGResource):
        (WebCore::writeResources):
        (WebCore::writeRenderResources):
        * rendering/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBoxPaintWalker::SVGRootInlineBoxPaintWalker):
        (WebCore::SVGRootInlineBox::paint):
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::build):
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::build):
        * svg/SVGFEColorMatrixElement.h:
        * svg/SVGFEComponentTransferElement.cpp:
        (WebCore::SVGFEComponentTransferElement::build):
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::build):
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::build):
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEFloodElement.cpp:
        (WebCore::SVGFEFloodElement::build):
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::build):
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::build):
        * svg/SVGFEImageElement.h:
        * svg/SVGFEMergeElement.cpp:
        (WebCore::SVGFEMergeElement::build):
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::build):
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::build):
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::build):
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp:
        (WebCore::SVGFETurbulenceElement::build):
        * svg/SVGFETurbulenceElement.h:
        (WebCore::):
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::createRenderer):
        * svg/SVGFilterElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::setStandardAttributes):
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        (WebCore::SVGFilterPrimitiveStandardAttributes::isFilterEffect):
        (WebCore::SVGFilterPrimitiveStandardAttributes::rendererIsNeeded):
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::invalidateResources):
        * svg/graphics/SVGResource.cpp:
        * svg/graphics/SVGResource.h:
        (WebCore::):
        (WebCore::SVGResource::isPaintServer):
        * svg/graphics/SVGResourceFilter.cpp: Removed.
        * svg/graphics/SVGResourceFilter.h: Removed.
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::namedEffects):

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Maciej Stachowiak (relanding r57829).
        Added missing JS_EXPORTDATA

        * ForwardingHeaders/wtf/WTFThreadData.h: Copied from WebCore/ForwardingHeaders/wtf/WTFThreadData.h.
        * platform/ThreadGlobalData.cpp:
        (WebCore::ThreadGlobalData::ThreadGlobalData):
        (WebCore::ThreadGlobalData::~ThreadGlobalData):
        * platform/ThreadGlobalData.h:
        (WebCore::ThreadGlobalData::eventNames):
        * platform/text/AtomicString.cpp:
        (WebCore::AtomicStringTable::create):
        (WebCore::AtomicStringTable::table):
        (WebCore::AtomicStringTable::destroy):
        (WebCore::stringTable):

2010-04-20  No'am Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Antti Koivisto.

        [Qt] GraphicsLayer: support fill-modes
        https://bugs.webkit.org/show_bug.cgi?id=36216
        Implement the CSS-animation "fill mode" concept in GraphicsLayerQt. The concept
        enables a key-frame animation to go to the animation's starting point before the delay,
        and/or to stay at the animation's ending point after its ended, without reverting to the default
        value.
        We do that by manually setting the value to keyframe-0 before the delay if fill-mode is backwards/both,
        and manually modifying the default value to the animated value as we animate, with fill-mode forwards/both.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::AnimationQtBase::AnimationQtBase):
        (WebCore::TransformAnimationQt::~TransformAnimationQt):
        (WebCore::TransformAnimationQt::applyFrame):
        (WebCore::GraphicsLayerQt::addAnimation):

2010-04-19  Leandro Pereira  <leandro@profusion.mobi>

        Reviewed by David Hyatt.

        Add missing dummy implementations in PluginPackageNone and PluginViewNone.
        http://webkit.org/b/37478

        * plugins/PluginPackageNone.cpp:
        (WebCore::PluginPackage::NPVersion): Add dummy implementation.
        * plugins/PluginViewNone.cpp:
        (WebCore::PluginView::handleFocusInEvent): Add dummy implementation.
        (WebCore::PluginView::handleFocusOutEvent): Add dummy implementation.

2010-04-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Geoff Garen.

        Clean up RenderPart/RenderPartObject/RenderFrame/RenderEmbeddedObject
        https://bugs.webkit.org/show_bug.cgi?id=37741

        Move m_hasFallbackContent from RenderPart to RenderEmbeddedObject,
        since it's only used for <object> fallback.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        * rendering/RenderEmbeddedObject.h:
        (WebCore::RenderEmbeddedObject::hasFallbackContent):
        * rendering/RenderPart.cpp:
        (WebCore::RenderPart::RenderPart):
        * rendering/RenderPart.h:

2010-04-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler.

        Clean up RenderPart/RenderPartObject/RenderFrame/RenderEmbeddedObject
        https://bugs.webkit.org/show_bug.cgi?id=37741

        Add a new renderer for iframes, named RenderIFrame. Add a new shared base class
        between this and RenderFrame, called RenderFrameBase (following the existing HTMLFrameElementBase),
        and move code from RenderPart and RenderPartObject into these new classes.
        
        There should be no functionality difference with this change, so no new tests.
        
        Fixing up renderer names in the layout tests will be done in a later pass.
        
        Fix build systems to include the new files.
        
        * Android.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLIFrameElement.cpp:
        (WebCore::HTMLIFrameElement::createRenderer):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFrame.cpp:
        (WebCore::RenderFrame::RenderFrame):
        * rendering/RenderFrame.h:
        * rendering/RenderFrameBase.cpp: Added.
        (WebCore::RenderFrameBase::RenderFrameBase):
        (WebCore::RenderFrameBase::layoutWithFlattening):
        * rendering/RenderFrameBase.h: Added.
        * rendering/RenderIFrame.cpp: Added.
        (WebCore::RenderIFrame::RenderIFrame):
        (WebCore::RenderIFrame::calcHeight):
        (WebCore::RenderIFrame::calcWidth):
        (WebCore::RenderIFrame::flattenFrame):
        (WebCore::RenderIFrame::layout):
        * rendering/RenderIFrame.h: Added.
        (WebCore::RenderIFrame::renderName):
        * rendering/RenderPart.cpp:
        * rendering/RenderPart.h:
        * rendering/RenderPartObject.cpp:
        * rendering/RenderPartObject.h:

2010-04-19  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Geoffrey Garen.

        Bindings clean-up.
        https://bugs.webkit.org/show_bug.cgi?id=37833

        Move some WebSQLDatabases logic out of the bindings into
        DOMWindow.cpp where it should be.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::openDatabase):
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::openDatabaseCallback):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::openDatabase):

2010-04-19  Kevin Ollivier  <kevino@theolliviers.com>

        Fix the Mac builders for now by restoring the keepAlive function.

        * plugins/PluginViewNone.cpp:
        (WebCore::PluginView::keepAlive):

2010-04-19  Kevin Ollivier  <kevino@theolliviers.com>

        [wx] Build fix, remove a method that has been moved to PluginView.cpp.

        * plugins/PluginViewNone.cpp:

2010-04-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (rolling out r57829).
        This broke windows.

        * ForwardingHeaders/wtf/WTFThreadData.h: Removed.
        * platform/ThreadGlobalData.cpp:
        (WebCore::ThreadGlobalData::ThreadGlobalData):
        (WebCore::ThreadGlobalData::~ThreadGlobalData):
        * platform/ThreadGlobalData.h:
        (WebCore::ThreadGlobalData::atomicStringTable):
        * platform/text/AtomicString.cpp:
        (WebCore::stringTable):

2010-04-19  Mark Rowe  <mrowe@apple.com>

        Build fix.

        * platform/graphics/mac/GraphicsContext3DMac.cpp:

2010-04-19  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        AX: aria-haspopup needs to be exposed
        https://bugs.webkit.org/show_bug.cgi?id=37808

        Test: platform/mac/accessibility/element-haspopup.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::ariaHasPopup):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::ariaHasPopup):
        (WebCore::AccessibilityRenderObject::determineAriaRoleAttribute):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/mac/AccessibilityObjectWrapper.mm:
        (-[AccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (-[AccessibilityObjectWrapper accessibilityAttributeValue:]):

2010-04-19  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Fix a crash when rendering <select> elements with WebKit2.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMenuList):
        Set the current NSGraphicsContext before calling out to AppKit, otherwise the current graphics context
        could point to a CGContext whose memory has been freed.

2010-04-08  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Adler.

        Manipulating document fragment members while adding it to tree may result in loss of tree integrity.
        https://bugs.webkit.org/show_bug.cgi?id=36031

        Changes the logic of appending/inserting document fragment to first stashing all of its children
        to a vector, then processing the vector. This avoids ghastliness that would be caused by mutation
        events mucking with the document fragment while it's being appended/inserted.

        Test: fast/dom/Node/fragment-mutation.html

        * dom/ContainerNode.cpp:
        (WebCore::targetNodes): Added method to populate a vector of nodes (targets) to be used in
            inserting/appending operation.
        (WebCore::ContainerNode::insertBefore): Changed to use vector-based iteration.
        (WebCore::ContainerNode::appendChild): Ditto.
        * dom/Node.cpp:
        (WebCore::Node::checkReplaceChild): Cleaned up comments.
        (WebCore::Node::checkAddChild): Ditto.

2010-04-19  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Simon Fraser.

        Fix regression introduced in r57820.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadNextSourceChild): Create a new MediaPlayer instead of
        just setting a URL on the one used for the previous <source> element. This restores
        the behavior prior to the changes for https://bugs.webkit.org/show_bug.cgi?id=37728.

2010-04-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=37745
        Move string uniquing tables to (new) WTFThreadData class.

        Remove AtomicString's dependency on ThreadGlobalData so that we can move
        WebCore's string classes up to WTF.

        * ForwardingHeaders/wtf/WTFThreadData.h: Added.
        * platform/ThreadGlobalData.cpp: Remove m_atomicStringTable, all wtfThreadData() to ensure threadsafely initialized.
        (WebCore::ThreadGlobalData::ThreadGlobalData):
        (WebCore::ThreadGlobalData::~ThreadGlobalData):
        * platform/ThreadGlobalData.h: Remove m_atomicStringTable.
        (WebCore::ThreadGlobalData::eventNames):
        * platform/text/AtomicString.cpp:
        (WebCore::AtomicStringTable::create):
        (WebCore::AtomicStringTable::table):
        (WebCore::AtomicStringTable::destroy):
        (WebCore::stringTable): Access the AtomicStringTable on wtfThreadData() rather then threadGlobalData().

2010-04-19  Ada Chan  <adachan@apple.com>

        Build fix: wrap Settings::setLocalStorageQuota() and Settings::setSessionStorageQuota()
        in #if ENABLE(DOM_STORAGE).

        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:

2010-04-19  Dave Moore  <davemoore@chromium.org>

        Reviewed by Dimitri Glazkov.

        Added notification when the favicons for a page are changed
        from a script.
        The Document object will notify the frame loader, which will
        notify the client. Implementations of FrameLoaderClient will
        have to add one method; dispatchDidChangeIcons().

        https://bugs.webkit.org/show_bug.cgi?id=33812

        Test: fast/dom/icon-url-property.html

        * dom/Document.cpp:
        (WebCore::Document::setIconURL):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setIconURL):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::iconURL):
        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::dispatchDidChangeIcons):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setIconURL):
        (WebCore::FrameLoader::didChangeIcons):
        * loader/FrameLoader.h:
        * loader/FrameLoaderClient.h:

2010-04-19  Ada Chan  <adachan@apple.com>

        Reviewed by Jeremy Orlow.

        https://bugs.webkit.org/show_bug.cgi?id=37717
        Allow clients concerned with memory consumption to set a quota on session storage
        since the memory used won't be released until the Page is destroyed.
        The default is noQuota, which matches the current behavior.

        * WebCore.base.exp: Export Settings::setSessionStorageQuota().
        * page/Page.cpp:
        (WebCore::Page::sessionStorage):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setSessionStorageQuota):
        * page/Settings.h:
        (WebCore::Settings::sessionStorageQuota):
        * storage/StorageNamespace.cpp:
        (WebCore::StorageNamespace::sessionStorageNamespace):
        * storage/StorageNamespace.h:
        * storage/StorageNamespaceImpl.cpp:
        (WebCore::StorageNamespaceImpl::sessionStorageNamespace):
        * storage/StorageNamespaceImpl.h:

2010-04-19  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Simon Fraser.

        Setting media element 'src' attribute should trigger immediate load
        https://bugs.webkit.org/show_bug.cgi?id=37728

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::attributeChanged): Schedule load every time 'src' attribute
        changes unless it is missing.
        (WebCore::HTMLMediaElement::prepareForLoad): Include steps 3 to 6 from loadInternal.
        (WebCore::HTMLMediaElement::loadInternal): Steps 3 to 6 are now in prepareForLoad.
        (WebCore::HTMLMediaElement::loadResource): MediaPlayer is now allocated in prepareForLoad
        so the previously loading file, if any, is cancelled there.

2010-04-19  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix compilation against namespaced Qt.

        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/Tile.h:
        * platform/graphics/qt/MediaPlayerPrivateQt.h:
        * platform/network/qt/NetworkStateNotifierPrivate.h:

2010-04-19  Balazs Kelemen  <kb@inf.u-szeged.hu>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Destroy SharedTimerQt before destruction of QCoreApplication.

        To avoid unsafe situations caused by running WebCore code (through firing timers) when destruction of QCoreApplication
        has been started, we should explicitly destroy the SharedTimerQt instance on application exit.
        We can achieve that through installing a self-destroying slot for the QCoreApplication::aboutToQuit() signal
        into the SharedTimerQt instance.

        https://bugs.webkit.org/show_bug.cgi?id=36832

        No functional change so no new tests.

        * platform/qt/SharedTimerQt.cpp:
        (WebCore::SharedTimerQt::SharedTimerQt):
        (WebCore::SharedTimerQt::destroy):
        (WebCore::SharedTimerQt::inst):

2010-04-19  Dan Bernstein  <mitz@apple.com>

        Reviewed by Darin Adler.

        Make the fix for <rdar://problem/7873647> from r57759 more robust.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateHoverActiveState): Use RefPtrs for the Nodes.

2010-04-19  Yury Semikhatsky  <yurys@chromium.org>

        Unreviewed. Chromium build fix.

        * bindings/v8/JavaScriptCallFrame.h:

2010-04-19  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: implement JavaScriptCallFrame that works for v8.
        Implementing this binding for v8 allows to make evaluations on
        call frames and protects access to the debugger context from
        inspected context.

        https://bugs.webkit.org/show_bug.cgi?id=37755

        * WebCore.gyp/WebCore.gyp:
        * WebCore.gypi:
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::scopeType):
        * bindings/v8/JavaScriptCallFrame.cpp: Added.
        (WebCore::JavaScriptCallFrame::JavaScriptCallFrame):
        (WebCore::JavaScriptCallFrame::~JavaScriptCallFrame):
        (WebCore::JavaScriptCallFrame::caller):
        (WebCore::JavaScriptCallFrame::sourceID):
        (WebCore::JavaScriptCallFrame::line):
        (WebCore::JavaScriptCallFrame::functionName):
        (WebCore::JavaScriptCallFrame::scopeChain):
        (WebCore::JavaScriptCallFrame::scopeType):
        (WebCore::JavaScriptCallFrame::thisObject):
        (WebCore::JavaScriptCallFrame::evaluate):
        * bindings/v8/JavaScriptCallFrame.h: Added.
        (WebCore::JavaScriptCallFrame::create):
        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::currentCallFrame):
        * bindings/v8/ScriptDebugServer.h:
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::V8InjectedScriptHost::currentCallFrameCallback):
        * bindings/v8/custom/V8JavaScriptCallFrameCustom.cpp: Added.
        (WebCore::V8JavaScriptCallFrame::evaluateCallback):
        (WebCore::V8JavaScriptCallFrame::scopeChainAccessorGetter):
        (WebCore::V8JavaScriptCallFrame::scopeTypeCallback):
        (WebCore::V8JavaScriptCallFrame::thisObjectAccessorGetter):
        (WebCore::V8JavaScriptCallFrame::typeAccessorGetter):
        * inspector/JavaScriptCallFrame.idl:
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor.):

2010-04-19  Jessie Berlin  <jberlin@webkit.org>

        Rubber Stamped by Adam Roben

        Chromium Release Build Fix.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::pseudoId):
        In the case where the DATALIST is not enabled, fall through to NOPSEUDO instead of omitting PseudoInputListButton entirely from the switch.

2010-04-19  Jessie Berlin  <jberlin@webkit.org>

        Reviewed by Dave Hyatt.

        First steps towards fixing bug 24021 - pseudo-element styles not accessible / retrievable via DOM methods.
        https://bugs.webkit.org/show_bug.cgi?id=24021

        Allows access to the computed styles for the pseudo-elements through the second argument to getComputedStyle.
        This approach does not provide the correct values for 'length' properties and does not work for the ':selection' pseudo-element and will instead return results similiar to those returned by Firefox. This approach also requires waiting until at least one iteration of a hardware accelerated composited animation to return the correct values for the "opacity" and "transform" properties of a pseudo-element associated with the element being animated.
        Those values need to be retrieved from the renderer for the pseudo-element as opposed to the cached RenderStyle for the element on which the pseudo-element is defined, which is further complicated by the fact that not all elements have renderers.

        Test: fast/css/getComputedStyle/getComputedStyle-with-pseudo-element.html

        * WebCore.base.exp:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
        Parse the and store the pseudo-element specifier from the string provided by the user.
        (WebCore::CSSComputedStyleDeclaration::getFontSizeCSSValuePreferringKeyword):
        Get the computed style for the pseudo-element if it has been specified.
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        Get the computed style for the pseudo-element if it has been specified, with a FIXME noting that the values returned for the "opacity" and "transform" properties of a pseudo-element associated with an element being animated and using hardware accelerated compositing will not be correct until after the first iteration of the animation.
        (WebCore::CSSComputedStyleDeclaration::length):
        Get the computed style for the pseudo-element if it has been specified.
        (WebCore::CSSComputedStyleDeclaration::cssPropertyMatches):
        Ditto.
        * css/CSSComputedStyleDeclaration.h:
        (WebCore::computedStyle):
        Take into consideration the pseudo-element.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::pseudoId):
        Return the PseudoId that corresponds to the given PseudoType. If there is no corresponding PseudoId, returns NOPSEUDO.
        (WebCore::nameToPseudoTypeMap):
        Create and return the mapping between string names and PseudoTypes.
        (WebCore::CSSSelector::parsePseudoType):
        Parse and the given string into a PseudoType.
        (WebCore::CSSSelector::extractPseudoType):
        Refactored to use parsePseudoType.
        * css/CSSSelector.h:

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector):
        Refactored to use pseudoId.

        * dom/Element.cpp:
        (WebCore::Element::computedStyle):
        If the pseudo-element is specified, then return the cached RenderStyle for that PseudoId. Added a FIXME to find the actual renders of the pseudo-elements instead of just the cached RenderStyle of the RenderStyle for the associated element.
        * dom/Element.h:
        (WebCore::Element::virtualComputedStyle):
        Because Element::computedStyle is used so often, don't make it virtual. Instead, provide a virtualComputedStyle method in the Node.h class andmake computedStyle non-virtual. That way the Element version and the Node version of computedStyle will have the same name and look the same at the call site, but the Element version will be more efficient.

        * dom/Node.h:
        (WebCore::Node::computedStyle):
        Ditto.
        * dom/Node.cpp:
        (WebCore::Node::virtualComputedStyle):
        Get the computed style for the pseudo-element if it has been specified.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::getComputedStyle):
        Ditto.

2010-04-18  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] Fix JavaScriptCore's include path for WinCE builds

        https://bugs.webkit.org/show_bug.cgi?id=36751

        * WebCore.pro:

2010-04-17  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=37720
        <rdar://problem/7873752> HTMLFrameSetElement-window-eventListener-attributes.html sometimes
        crashes on SnowLeopard Release

        Tests: 
        * fast/dom/Window/HTMLBodyElement-window-eventListener-attributes.html:
        * fast/dom/Window/HTMLFrameSetElement-window-eventListener-attributes.html:

        * bindings/scripts/CodeGeneratorJS.pm: Use global object as a wrapper for window event
        listeners set via document.body. The body wrapper can go away if nothing else references it.

        * html/HTMLBodyElement.idl: Override listeners that exist on Element with custom implementations,
        because we need to use window object as a wrapper, not the element. Marked all window event
        listeners as such for code generator.

        * html/HTMLFrameSetElement.idl: Ditto.

2010-04-17  Juan C. Montemayor  <jmonte03@cs.tufts.edu>

        Reviewed by Joseph Pecoraro.

        Databases pane doesn't recognize table creation/deletion
        https://bugs.webkit.org/show_bug.cgi?id=20219

        * inspector/front-end/DatabaseQueryView.js:
        (WebInspector.DatabaseQueryView.prototype._queryFinished):

2010-04-17  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Adam Barth.

        Auto-generate V8 bindings for canvas.* overloads
        https://bugs.webkit.org/show_bug.cgi?id=37453

        * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp: Deleted custom code that is now auto-generated.
        * bindings/scripts/CodeGeneratorV8.pm: Not generating custom signatures for overloaded methods and accepting Object as a string input.
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawImage): Added missing 9-arguments overloads for drawImage.
        * html/canvas/CanvasRenderingContext2D.h: 
        * html/canvas/CanvasRenderingContext2D.idl: Overloaded methods defined (V8 only).

2010-04-17  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: move JavaScriptCallFrame.{h,cpp} to WebCore/bindings/js

        https://bugs.webkit.org/show_bug.cgi?id=37740

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JavaScriptCallFrame.cpp: Renamed from WebCore/inspector/JavaScriptCallFrame.cpp.
        (WebCore::JavaScriptCallFrame::JavaScriptCallFrame):
        (WebCore::JavaScriptCallFrame::caller):
        (WebCore::JavaScriptCallFrame::scopeChain):
        (WebCore::JavaScriptCallFrame::dynamicGlobalObject):
        (WebCore::JavaScriptCallFrame::functionName):
        (WebCore::JavaScriptCallFrame::type):
        (WebCore::JavaScriptCallFrame::thisObject):
        (WebCore::JavaScriptCallFrame::evaluate):
        * bindings/js/JavaScriptCallFrame.h: Renamed from WebCore/inspector/JavaScriptCallFrame.h.
        (WebCore::JavaScriptCallFrame::create):
        (WebCore::JavaScriptCallFrame::invalidate):
        (WebCore::JavaScriptCallFrame::isValid):
        (WebCore::JavaScriptCallFrame::sourceID):
        (WebCore::JavaScriptCallFrame::line):
        (WebCore::JavaScriptCallFrame::update):
        * inspector/InjectedScriptHost.h:
        * inspector/InspectorController.h:

2010-04-17  Vangelis Kokkevis  <vangelis@chromium.org>

        Reviewed by Dimitri Glazkov.

        Adding definition of GLES2Context class.
        https://bugs.webkit.org/show_bug.cgi?id=37541

        No new functionality implemented yet, no tests.

        * WebCore.gypi: Added GLES2Context.h
        * platform/chromium/GLES2Context.h: Added.

2010-04-17  Julien Chaffraix  <jchaffraix@webkit.org>

        Reviewed by Darin Adler.

        Crash while handling SVG font in the wrong namespace imported with @font-face
        https://bugs.webkit.org/show_bug.cgi?id=18862

        Test: fast/invalid/invalidSVGFont.html

        * loader/CachedFont.cpp:
        (WebCore::CachedFont::getSVGFontById): Make sure we really get an SVGFontElement by using
        getElementsByNameNS: the element factory chooses which element to create based on both
        localName and namespace.

2010-04-16  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57770.
        http://trac.webkit.org/changeset/57770
        https://bugs.webkit.org/show_bug.cgi?id=37746

        8 test cases crashed (Requested by Ossy on #webkit).

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::AnimationQtBase::AnimationQtBase):
        (WebCore::TransformAnimationQt::~TransformAnimationQt):
        (WebCore::TransformAnimationQt::applyFrame):
        (WebCore::OpacityAnimationQt::applyFrame):
        (WebCore::GraphicsLayerQt::addAnimation):

2010-04-16  Daniel Bates  <dbates@rim.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=36312

        Adds support for the viewport meta tag. The code is largely derived in whole
        or in part from the WebCore-528.15 source published as part of the iPhone 3.1.3
        source code <http://www.opensource.apple.com/source/WebCore/WebCore-528.15/>.

        * Android.mk: Added file ViewportArguments.cpp.
        * GNUmakefile.am: Added files ViewportArguments.cpp and ViewportArguments.h.
        * WebCore.gypi: Ditto.
        * WebCore.pro: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * dom/Document.cpp:
        (WebCore::isSeparator): Added.
        (WebCore::Document::processArguments): Added.
        (WebCore::Document::processViewport): Added.
        * dom/Document.h:
        * dom/ViewportArguments.cpp: Added.
        (WebCore::setViewportFeature):
        (WebCore::viewportErrorMessageTemplate):
        (WebCore::viewportErrorMessageLevel):
        (WebCore::reportViewportWarning):
        * dom/ViewportArguments.h: Added.
        (WebCore::):
        (WebCore::ViewportArguments::):
        (WebCore::ViewportArguments::ViewportArguments):
        (WebCore::ViewportArguments::hasCustomArgument):
        * html/HTMLMetaElement.cpp:
        (WebCore::HTMLMetaElement::process): Modified to call Document::processViewport.
        * page/ChromeClient.h:
        (WebCore::ChromeClient::didReceiveViewportArguments): Added.

2010-04-16  No'am Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Antti Koivisto.

        [Qt] GraphicsLayer: support fill-modes
        https://bugs.webkit.org/show_bug.cgi?id=36216
        Implement the CSS-animation "fill mode" concept in GraphicsLayerQt. The concept
        enables a key-frame animation to go to the animation's starting point before the delay,
        and/or to stay at the animation's ending point after its ended, without reverting to the default
        value.
        We do that by manually setting the value to keyframe-0 before the delay if fill-mode is backwards/both,
        and manually modifying the default value to the animated value as we animate, with fill-mode forwards/both.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::AnimationQtBase::AnimationQtBase):
        (WebCore::TransformAnimationQt::~TransformAnimationQt):
        (WebCore::TransformAnimationQt::applyFrame):
        (WebCore::GraphicsLayerQt::addAnimation):

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (arm build fix).

        * bindings/js/JSDesktopNotificationsCustom.cpp:
        (WebCore::JSNotification::addEventListener):
        (WebCore::JSNotification::removeEventListener):

2010-04-16  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Yury Semikhatsky.

        [v8] In Workers, script errors right after close() are not delivered to the Worker.onerror.
        https://bugs.webkit.org/show_bug.cgi?id=37691

        Existing worker-close.html will now work in Chromium.

        * bindings/v8/V8Utilities.cpp:
        (WebCore::getScriptExecutionContext): Stop using proxy() to just retrieve WorkerContext which should be always available.
        * bindings/v8/WorkerContextExecutionProxy.h: removed workerContext() accessor which moved to WorkerScriptController.
        * bindings/v8/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerContext): Added, to be able to pull WorkerContext out from the controller.

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=37735
        Remove JSC specific code from WebCore::AtomicString

        Add generic constructor/add/find methods that take a UChar* & length, along
        with a known existing hash for the string.
        This removes the remaining JSC specific code from platform/text.

        * bindings/js/JSAbstractWorkerCustom.cpp:
        (WebCore::JSAbstractWorker::addEventListener):
        (WebCore::JSAbstractWorker::removeEventListener):
        * bindings/js/JSDOMApplicationCacheCustom.cpp:
        (WebCore::JSDOMApplicationCache::addEventListener):
        (WebCore::JSDOMApplicationCache::removeEventListener):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::ustringToAtomicString):
        (WebCore::identifierToAtomicString):
        (WebCore::findAtomicString):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::childFrameGetter):
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
        (WebCore::JSDOMWindow::open):
        (WebCore::JSDOMWindow::addEventListener):
        (WebCore::JSDOMWindow::removeEventListener):
        * bindings/js/JSElementCustom.cpp:
        (WebCore::JSElement::setAttribute):
        (WebCore::JSElement::setAttributeNS):
        * bindings/js/JSEventSourceCustom.cpp:
        (WebCore::JSEventSource::addEventListener):
        (WebCore::JSEventSource::removeEventListener):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::getNamedItems):
        (WebCore::JSHTMLAllCollection::canGetItemsForName):
        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        (WebCore::JSHTMLCollection::canGetItemsForName):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::canGetItemsForName):
        * bindings/js/JSHTMLFormElementCustom.cpp:
        (WebCore::JSHTMLFormElement::canGetItemsForName):
        (WebCore::JSHTMLFormElement::nameGetter):
        * bindings/js/JSHTMLFrameSetElementCustom.cpp:
        (WebCore::JSHTMLFrameSetElement::canGetItemsForName):
        (WebCore::JSHTMLFrameSetElement::nameGetter):
        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::JSMessageEvent::initMessageEvent):
        * bindings/js/JSMessagePortCustom.cpp:
        (WebCore::JSMessagePort::addEventListener):
        (WebCore::JSMessagePort::removeEventListener):
        * bindings/js/JSMimeTypeArrayCustom.cpp:
        (WebCore::JSMimeTypeArray::canGetItemsForName):
        (WebCore::JSMimeTypeArray::nameGetter):
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::addEventListener):
        (WebCore::JSNode::removeEventListener):
        * bindings/js/JSNodeListCustom.cpp:
        (WebCore::JSNodeList::canGetItemsForName):
        (WebCore::JSNodeList::nameGetter):
        * bindings/js/JSPluginArrayCustom.cpp:
        (WebCore::JSPluginArray::canGetItemsForName):
        (WebCore::JSPluginArray::nameGetter):
        * bindings/js/JSPluginCustom.cpp:
        (WebCore::JSPlugin::canGetItemsForName):
        (WebCore::JSPlugin::nameGetter):
        * bindings/js/JSPopStateEventCustom.cpp:
        (WebCore::JSPopStateEvent::initPopStateEvent):
        * bindings/js/JSSVGElementInstanceCustom.cpp:
        (WebCore::JSSVGElementInstance::addEventListener):
        (WebCore::JSSVGElementInstance::removeEventListener):
        * bindings/js/JSWebSocketCustom.cpp:
        (WebCore::JSWebSocket::addEventListener):
        (WebCore::JSWebSocket::removeEventListener):
        * bindings/js/JSWorkerContextCustom.cpp:
        (WebCore::JSWorkerContext::addEventListener):
        (WebCore::JSWorkerContext::removeEventListener):
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::setRequestHeader):
        (WebCore::JSXMLHttpRequest::getResponseHeader):
        (WebCore::JSXMLHttpRequest::addEventListener):
        (WebCore::JSXMLHttpRequest::removeEventListener):
        * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
        (WebCore::JSXMLHttpRequestUpload::addEventListener):
        (WebCore::JSXMLHttpRequestUpload::removeEventListener):
        * platform/text/AtomicString.cpp:
        (WebCore::AtomicString::add):
        (WebCore::AtomicString::find):
        * platform/text/AtomicString.h:
        (WebCore::AtomicString::AtomicString):

2010-04-16  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        WebSocket crash when it receives bad header.
        https://bugs.webkit.org/show_bug.cgi?id=37682

        If name or value is not valid UTF-8, nameStr or valueStr would be
        null string, so crashed in headers->add(nameStr, valueStr).
        Check both nameStr and valueStr are not null string.
        Otherwise handshake will fail.

        Test: websocket/tests/bad-handshake-crash.html

        * websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::readHTTPHeaders): check nameStr and valueStr are not null string.

2010-04-16  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/7873647> Crash when updating hover state

        Test: fast/dynamic/hover-style-recalc-crash.html

        Updating the hover state of an element caused the document to need style
        recalc, and then updating the hover state of a link caused style recalc,
        which changed the render tree while updateHoverActiveState() was iterating
        over it, leading to a crash.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateHoverActiveState): Collect the nodes to be
        updated into vectors, then update their active and hover states.

2010-04-16  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Make Safari correctly allocate 5MB of DB storage to all new
        origins.
        https://bugs.webkit.org/show_bug.cgi?id=36671

        Eric fixed the same problem in
        DatabaseTracker::fullPathForDatabaseNoLock() in r57128, but forgot
        to fix it in DatabaseTracker::detailsForNameAndOrigin() too.

        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::detailsForNameAndOrigin):

2010-04-16  Kinuko Yasuda  <kinuko@chromium.org>

        Reviewed by Jian Li.

        Implement FileStreamProxy that calls FileStream methods on FileThread for FileAPI
        https://bugs.webkit.org/show_bug.cgi?id=37218

        No new tests; tests will be added when we add upper layer implementations.

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * html/FileStream.cpp:
        (WebCore::FileStream::stop):
        * html/FileStream.h:
        * html/FileStreamClient.h:
        (WebCore::FileStreamClient::didStop):
        * html/FileStreamProxy.cpp: Added
        * html/FileStreamProxy.h: Added
        * html/FileThreadTask.h: Added

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 37730 - Remove JSC::UString dependencies from WebCore::StringImpl
        (Following on from bug #37675).

        Remove ustring() method, and constructor passed a UString.

        * WebCore.base.exp:
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::stringimplToUString):
        (WebCore::jsStringSlowCase):
        (WebCore::ustringToString):
        (WebCore::stringToUString):
        (WebCore::identifierToString):
        * bindings/js/JSDOMBinding.h:
        (WebCore::jsString):
        * platform/text/AtomicString.cpp:
        (WebCore::AtomicString::operator UString):
        * platform/text/StringImpl.cpp:
        (WebCore::StringImpl::create):
        * platform/text/StringImpl.h:

2010-04-16  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>
 
        Reviewed by Simon Hausmann.
 
        [Qt] WebGL is not visible when QGLWidget viewport is used
        https://bugs.webkit.org/show_bug.cgi?id=37070
 
        Added HostWindow parameter to the constructor of GraphicsContext3D.
        Shared OpenGL context is initialized with parent QGLWidget.
 
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::create):
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/mac/GraphicsContext3DMac.cpp:
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3DInternal::GraphicsContext3DInternal):
        (WebCore::GraphicsContext3DInternal::~GraphicsContext3DInternal):
        (WebCore::GraphicsContext3DInternal::getOwnerGLWidget):
        (WebCore::GraphicsContext3D::create):
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2010-04-16  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>

        Reviewed by Simon Hausmann.

        [Qt] WebKit compilation fails with --3d-canvas
        https://bugs.webkit.org/show_bug.cgi?id=37699 
        
        API for readPixels() has been changed. 

        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3D::readPixels):

2010-04-16  No'am Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Antti Koivisto.

        [Qt]QtLauncher crash on page with CSS 3D transform
        https://bugs.webkit.org/show_bug.cgi?id=36859

        Added a neccessary null-pointer check, lack of which created the crash circumstances.

        Tested by http://css-vfx.googlecode.com/svn/trunk/snowstack/snowstack.html

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::GraphicsLayerQtImpl::flushChanges):

2010-04-16  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Make sure to update the current graphics context when calling out to AppKit.

        * platform/mac/ThemeMac.mm:
        (WebCore::paintCheckbox):
        (WebCore::paintRadio):

2010-04-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig & Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37675
        Remove casts/constructors to/from JSC::UString type from WebCore::String
        
        WebCore's strings should not know about JSC::UString, this should be abstracted
        away in the bindings.  Add explicit conversion methods rather than relying on
        overloaded cast operators / constructors being implicitly called.

        This patch only changes the class String, once this has landed StringImpl, and
        hopefully AtomicString too, should follow suit.

        This patch adds:
            WebCore::identifierToString
            WebCore::ustringToString
            WebCore::stringToUString

        - to JSDOMBindings.h, and updates code to call these methods.

        * WebCore.base.exp:
        * WebCore.order:
        * bindings/js/CachedScriptSourceProvider.h:
        (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
        * bindings/js/JSAudioConstructor.cpp:
        (WebCore::constructAudio):
        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::JSCSSStyleDeclaration::nameGetter):
        * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
        (WebCore::toHTMLCanvasStyle):
        (WebCore::JSCanvasRenderingContext2D::setFillColor):
        (WebCore::JSCanvasRenderingContext2D::setStrokeColor):
        (WebCore::JSCanvasRenderingContext2D::drawImageFromRect):
        (WebCore::JSCanvasRenderingContext2D::setShadow):
        (WebCore::JSCanvasRenderingContext2D::fillText):
        (WebCore::JSCanvasRenderingContext2D::strokeText):
        * bindings/js/JSClipboardCustom.cpp:
        (WebCore::JSClipboard::types):
        (WebCore::JSClipboard::clearData):
        (WebCore::JSClipboard::getData):
        (WebCore::JSClipboard::setData):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::identifierToString):
        (WebCore::ustringToString):
        (WebCore::stringToUString):
        (WebCore::valueToStringWithNullCheck):
        (WebCore::valueToStringWithUndefinedOrNullCheck):
        (WebCore::reportException):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSDOMFormDataCustom.cpp:
        (WebCore::JSDOMFormData::append):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::namedItemGetter):
        (WebCore::JSDOMWindow::setLocation):
        (WebCore::JSDOMWindow::openDatabase):
        * bindings/js/JSDatabaseCustom.cpp:
        (WebCore::JSDatabase::changeVersion):
        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::JSDocument::setLocation):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSEventSourceConstructor.cpp:
        (WebCore::constructEventSource):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::callHTMLAllCollection):
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        (WebCore::JSHTMLCanvasElement::getContext):
        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::callHTMLCollection):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::nameGetter):
        (WebCore::documentWrite):
        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        * bindings/js/JSInspectorFrontendHostCustom.cpp:
        (WebCore::JSInspectorFrontendHost::showContextMenu):
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction):
        * bindings/js/JSLocationCustom.cpp:
        (WebCore::JSLocation::setHref):
        (WebCore::JSLocation::setProtocol):
        (WebCore::JSLocation::setHost):
        (WebCore::JSLocation::setHostname):
        (WebCore::JSLocation::setPathname):
        (WebCore::JSLocation::setSearch):
        (WebCore::JSLocation::setHash):
        (WebCore::JSLocation::replace):
        (WebCore::JSLocation::assign):
        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::JSMessageEvent::initMessageEvent):
        * bindings/js/JSNamedNodeMapCustom.cpp:
        (WebCore::JSNamedNodeMap::canGetItemsForName):
        (WebCore::JSNamedNodeMap::nameGetter):
        * bindings/js/JSOptionConstructor.cpp:
        (WebCore::constructHTMLOptionElement):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        (WebCore::JSSQLResultSetRowList::item):
        * bindings/js/JSSQLTransactionCustom.cpp:
        (WebCore::JSSQLTransaction::executeSql):
        * bindings/js/JSSharedWorkerConstructor.cpp:
        (WebCore::constructSharedWorker):
        * bindings/js/JSStorageCustom.cpp:
        (WebCore::JSStorage::canGetItemsForName):
        (WebCore::JSStorage::nameGetter):
        (WebCore::JSStorage::deleteProperty):
        (WebCore::JSStorage::getOwnPropertyNames):
        (WebCore::JSStorage::putDelegate):
        * bindings/js/JSStyleSheetListCustom.cpp:
        (WebCore::JSStyleSheetList::canGetItemsForName):
        (WebCore::JSStyleSheetList::nameGetter):
        * bindings/js/JSWebKitCSSMatrixConstructor.cpp:
        (WebCore::constructWebKitCSSMatrix):
        * bindings/js/JSWebSocketConstructor.cpp:
        (WebCore::constructWebSocket):
        * bindings/js/JSWebSocketCustom.cpp:
        (WebCore::JSWebSocket::send):
        * bindings/js/JSWorkerConstructor.cpp:
        (WebCore::constructWorker):
        * bindings/js/JSWorkerContextCustom.cpp:
        (WebCore::JSWorkerContext::importScripts):
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::open):
        (WebCore::JSXMLHttpRequest::setRequestHeader):
        (WebCore::JSXMLHttpRequest::send):
        (WebCore::JSXMLHttpRequest::overrideMimeType):
        * bindings/js/JSXSLTProcessorCustom.cpp:
        (WebCore::JSXSLTProcessor::setParameter):
        (WebCore::JSXSLTProcessor::getParameter):
        (WebCore::JSXSLTProcessor::removeParameter):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::create):
        * bindings/js/ScriptCallFrame.cpp:
        (WebCore::ScriptCallFrame::ScriptCallFrame):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        * bindings/js/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::hasBreakpoint):
        (WebCore::ScriptDebugServer::dispatchDidParseSource):
        (WebCore::ScriptDebugServer::dispatchFailedToParseSource):
        (WebCore::ScriptDebugServer::sourceParsed):
        * bindings/js/ScriptEventListener.cpp:
        (WebCore::getEventListenerHandlerBody):
        * bindings/js/ScriptFunctionCall.cpp:
        (WebCore::ScriptFunctionCall::appendArgument):
        (WebCore::ScriptFunctionCall::call):
        (WebCore::ScriptFunctionCall::construct):
        * bindings/js/ScriptObject.cpp:
        (WebCore::ScriptObject::set):
        * bindings/js/ScriptProfiler.cpp:
        (WebCore::ScriptProfiler::start):
        (WebCore::ScriptProfiler::stop):
        * bindings/js/ScriptString.h:
        (WebCore::ScriptString::operator String):
        (WebCore::ScriptString::ustring):
        (WebCore::ScriptString::operator+=):
        * bindings/js/ScriptValue.cpp:
        (WebCore::ScriptValue::getString):
        * bindings/js/ScriptValue.h:
        (WebCore::ScriptValue::toString):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedObject::set):
        (WebCore::SerializingTreeWalker::convertIfTerminal):
        (WebCore::DeserializingTreeWalker::putProperty):
        * bindings/js/StringSourceProvider.h:
        (WebCore::StringSourceProvider::StringSourceProvider):
        * bindings/objc/WebScriptObject.mm:
        (-[WebScriptObject callWebScriptMethod:withArguments:]):
        (-[WebScriptObject setValue:forKey:]):
        (-[WebScriptObject valueForKey:]):
        (-[WebScriptObject removeWebScriptKey:]):
        * bindings/scripts/CodeGeneratorJS.pm:
        * bridge/IdentifierRep.cpp:
        (WebCore::IdentifierRep::get):
        * bridge/c/c_utility.cpp:
        (JSC::Bindings::identifierFromNPIdentifier):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::scriptImported):
        (WebCore::InspectorController::addProfileFinishedMessageToConsole):
        (WebCore::InspectorController::createProfileHeader):
        * inspector/InspectorResource.cpp:
        (WebCore::InspectorResource::sourceString):
        * inspector/JavaScriptCallFrame.cpp:
        (WebCore::JavaScriptCallFrame::functionName):
        * platform/KURL.h:
        (WebCore::KURL::operator const String&):
        * platform/text/AtomicString.cpp:
        (WebCore::AtomicString::operator UString):
        * platform/text/AtomicString.h:
        * platform/text/PlatformString.h:
        * platform/text/String.cpp:

2010-04-16  Anders Carlsson  <andersca@apple.com>

        Reviewed by David Hyatt.

        Always pass a view to the AppKit drawing functions.
        https://bugs.webkit.org/show_bug.cgi?id=37724

        * platform/mac/ThemeMac.mm:
        (WebCore::paintCheckbox):
        (WebCore::paintRadio):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMenuList):
        (WebCore::RenderThemeMac::paintSliderThumb):
        (WebCore::RenderThemeMac::paintSearchField):
        (WebCore::RenderThemeMac::paintSearchFieldCancelButton):
        (WebCore::RenderThemeMac::paintSearchFieldResultsDecoration):
        (WebCore::RenderThemeMac::paintSearchFieldResultsButton):

2010-04-16  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=37718
        Safari crashes with certain JavaScript charCode events in EventHandler::needsKeyboardEventDisambiguationQuirks

        Test: fast/events/recorded-keydown-event.html

        * dom/KeyboardEvent.cpp: (WebCore::KeyboardEvent::charCode): Check if the view (window) is
        frameless.

2010-04-16  Jian Li  <jianli@chromium.org>

        Reviewed by Dmitry Titov.

        Update FormDataList to fix style violations in old code.
        https://bugs.webkit.org/show_bug.cgi?id=37689

        * html/FormDataList.h:
        (WebCore::FormDataList::appendData):
        (WebCore::FormDataList::appendBlob):

2010-04-16  Anders Carlsson  <andersca@apple.com>

        Fix WebKit2 build.

        * WebCore.base.exp:

2010-04-16  Jay Civelli  <jcivelli@chromium.org>

        Reviewed by Dimitri Glazkov.

        [chromium] Fix Mac build.
        https://bugs.webkit.org/show_bug.cgi?id=37436

        * platform/chromium/PopupMenuChromium.h:

2010-04-16  Jay Civelli  <jcivelli@chromium.org>

        Reviewed by Dimitri Glazkov.

        [chromium] Select popups would assert when destroyed.
        https://bugs.webkit.org/show_bug.cgi?id=37436


        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::PopupContainer):
        (WebCore::PopupContainer::showPopup):
        (WebCore::PopupContainer::notifyPopupHidden):
        * platform/chromium/PopupMenuChromium.h:

2010-04-16  Antonio Gomes  <tonikitoo@webkit.org>

        Unreviewed QtWebKit (with Qt 4.7) build fix.

        Bug 37683 moved code from FontQt.cpp to FontPlatformDataQt.cpp but did not
        renamed the variable used.

        * platform/graphics/qt/FontPlatformDataQt.cpp:
        (WebCore::FontPlatformData::FontPlatformData):

2010-04-16  Noam Rosenthal  <noam.rosenthal@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Make GraphicsLayerQt always use ItemCoordinateCache, and remove ItemUsesExtendedStyleOption.
        This aligns our implementation with the Safari implementation - layers are always uploaded
        to textures in item units, and WebCore is responsible for the heuristics.

        [Qt] GraphicsLayer: performance optimizations
        https://bugs.webkit.org/show_bug.cgi?id=35393

        No new tests. Still no FPS benchmarks available (on any platform)
        but animations are noticably better.

        * platform/graphics/qt/GraphicsLayerQt.cpp:
        (WebCore::GraphicsLayerQtImpl::GraphicsLayerQtImpl):
        (WebCore::GraphicsLayerQtImpl::paint):
        (WebCore::GraphicsLayerQtImpl::flushChanges):
        (WebCore::TransformAnimationQt::updateState):

2010-04-16  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] WebCore::Font::font() causes a QFont detach
        https://bugs.webkit.org/show_bug.cgi?id=37683

        Moved the setStyleStrategy call to FontPlatformData
        to avoid the detach.

        Thanks to Holger for spotting this.

        * platform/graphics/qt/FontPlatformDataQt.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        * platform/graphics/qt/FontQt.cpp:
        (WebCore::Font::font):

2010-04-15  Matt Perry  <mpcomplete@chromium.org>

        Reviewed by Adam Barth.

        Remove the check for the main frame's scheme when deciding which
        v8 extensions to add to a script context. Instead, Chromium will
        handle that check elsewhere to allow finer-grained control over
        what APIs we expose to web pages.
        https://bugs.webkit.org/show_bug.cgi?id=37681

        * bindings/v8/V8DOMWindowShell.cpp:
        (WebCore::V8DOMWindowShell::createNewContext):

2010-04-15  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Antti Koivisto.

        No default selection for <select multiple> menu lists.
        https://bugs.webkit.org/show_bug.cgi?id=37530

        Manual test: manual-tests/no-listbox-rendering.html

        For menu lists, if the selection is not indicated by the html file, the first <option> will be
        selected after loading the page or reseting the form. On the other hand listboxes may have no
        element selected after loading the page or reseting the form.

        When NO_LISTBOX_RENDERING is enabled listboxes becomes menu lists. Those <select multiple>
        that did not have selected elements, now being menu lists, will have the first <option>
        selected. That is the behavior difference that this patch corrects.

        When NO_LISTBOX_RENDERING is enabled usesMenuList() always returns true then usesMenuList() cannot
        be used to decide about initial selection of the elements. This patch replaces (usesMenuLists())
        by (!multiple && size <= 1) where initial selection is considered.

        * dom/SelectElement.cpp:
        (WebCore::SelectElement::recalcListItems):
        (WebCore::SelectElement::reset):
        * manual-tests/no-listbox-rendering.html: Added.

2010-04-15  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Index validation code validates too many vertex attributes
        https://bugs.webkit.org/show_bug.cgi?id=31892

        * html/canvas/WebGLProgram.cpp:
        (WebCore::WebGLProgram::cacheActiveAttribLocations): Cache active attribute locations for a program at linkProgram time.
        (WebCore::WebGLProgram::getActiveAttribLocation): Get the cached attribute location.
        (WebCore::WebGLProgram::numActiveAttribLocations): Get the number of cached attribute locations.
        * html/canvas/WebGLProgram.h: Add attribute locations member.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateRenderingState): Add logic not to validate those attributes that do not belong to the current program.
        (WebCore::WebGLRenderingContext::linkProgram): Call cacheActiveAttribLocations().

2010-04-16  Adam Roben  <aroben@apple.com>

        Don't assert when soft-linked libraries can't be found

        In some situations (e.g., when using SOFT_LINK_OPTIONAL), we expect soft-link libraries not
        to be able to be found in all cases. So we shouldn't assert that they're always found.

        Reviewed by Sam Weinig.

        * platform/win/SoftLinking.h:
        (SOFT_LINK): Don't assert when LoadLibrary fails.

2010-04-15  Dmitry Titov  <dimich@chromium.org>

        Unreviewed, rolling out r57688.
        http://trac.webkit.org/changeset/57688
        https://bugs.webkit.org/show_bug.cgi?id=34992

        Makes fast/workers/dedicated-worker-lifecycle.html crashing on all GTK bots

        * bindings/js/JSWorkerContextCustom.cpp:
        * bindings/v8/custom/V8WorkerContextCustom.cpp:
        * storage/Database.idl:
        * storage/SQLError.idl:
        * storage/SQLResultSet.idl:
        * storage/SQLResultSetRowList.idl:
        * storage/SQLTransaction.idl:
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::openDatabase):
        * workers/WorkerContext.h:
        (WebCore::WorkerContext::databaseExceededQuota):
        * workers/WorkerContext.idl:

2010-04-15  Yury Semikhatsky  <yurys@google.com>

        Reviewed by Pavel Feldman.
    
        Support basic debugging capabilities including step in/over/out in v8
        implementation of ScriptDebugServer.

        https://bugs.webkit.org/show_bug.cgi?id=37604

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::ScriptDebugServer):
        (WebCore::ScriptDebugServer::setDebuggerScriptSource):
        (WebCore::ScriptDebugServer::addListener):
        (WebCore::ScriptDebugServer::removeListener):
        (WebCore::ScriptDebugServer::setBreakpoint):
        (WebCore::ScriptDebugServer::removeBreakpoint):
        (WebCore::ScriptDebugServer::clearBreakpoints):
        (WebCore::ScriptDebugServer::setBreakpointsActivated):
        (WebCore::ScriptDebugServer::continueProgram):
        (WebCore::ScriptDebugServer::stepIntoStatement):
        (WebCore::ScriptDebugServer::stepOverStatement):
        (WebCore::ScriptDebugServer::stepOutOfFunction):
        (WebCore::ScriptDebugServer::currentCallFrameState):
        (WebCore::ScriptDebugServer::currentCallFrameV8):
        (WebCore::ScriptDebugServer::onV8DebugMessage):
        (WebCore::ScriptDebugServer::onV8DebugHostDispatch):
        (WebCore::ScriptDebugServer::handleV8DebugHostDispatch):
        (WebCore::ScriptDebugServer::handleV8DebugMessage):
        (WebCore::ScriptDebugServer::dispatchDidParseSource):
        (WebCore::ScriptDebugServer::ensureDebuggerScriptCompiled):
        (WebCore::ScriptDebugServer::didResume):
        * bindings/v8/ScriptDebugServer.h:
        (WebCore::ScriptDebugServer::pauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setPauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setMessageLoopDispatchHandler):
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        (WebCore::V8InjectedScriptHost::currentCallFrameCallback):
        (WebCore::V8InjectedScriptHost::isActivationCallback):
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor):
        (injectedScriptConstructor.):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel):

2010-04-15  Jian Li  <jianli@chromium.org>

        Reviewed by Dmitry Titov.

        Support using FormData to send a sliced file via XHR.
        https://bugs.webkit.org/show_bug.cgi?id=36678

        Tests: http/tests/local/formdata/send-form-data-with-sliced-file.html

        * html/Blob.h:
        (WebCore::Blob::isFile):
        * html/DOMFormData.cpp:
        (WebCore::DOMFormData::append):
        * html/File.h:
        (WebCore::File::isFile):
        * html/FormDataList.h:
        (WebCore::FormDataList::appendBlob):
        (WebCore::FormDataList::Item::Item):
        (WebCore::FormDataList::Item::blob):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::appendFormData):
        * platform/network/FormData.cpp:
        (WebCore::FormData::appendDOMFormData):
        * platform/network/mac/FormDataStreamMac.mm:
        (WebCore::closeCurrentStream):

2010-04-15  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Must enable GL_VERTEX_PROGRAM_POINT_SIZE during initialization
        https://bugs.webkit.org/show_bug.cgi?id=37178

        Test: fast/canvas/webgl/point-size.html

        * platform/graphics/mac/GraphicsContext3DMac.cpp: Enable GL_VERTEX_PROGRAM_POINT_SIZE during initialization.
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2010-04-15  Eric Uhrhane  <ericu@chromium.org>

        Reviewed by Dmitry Titov.

        Add bindings for async DB API in Workers.
        https://bugs.webkit.org/show_bug.cgi?id=34992

        Tests: storage/change-version-handle-reuse-worker.html
               storage/execute-sql-args-worker.html

        * bindings/js/JSWorkerContextCustom.cpp: Add openDatabase binding.
        (WebCore::JSWorkerContext::openDatabase):

        * bindings/v8/custom/V8WorkerContextCustom.cpp: Add openDatabase stub; Chromium will need work both in V8 and in the browser process before we can turn this on there.
        (WebCore::V8WorkerContext::openDatabaseCallback):

        Add NoStaticTables flags to all objects now shared with workers.
        * storage/Database.idl:
        * storage/SQLError.idl:
        * storage/SQLResultSet.idl:
        * storage/SQLResultSetRowList.idl:
        * storage/SQLTransaction.idl:
        
        * workers/WorkerContext.h: Add databaseExceededQuota.
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::databaseExceededQuota): Add stub implementation for testing; you just get 5MB for now.
        (WebCore::WorkerContext::openDatabase): Remove invalid assertion.

        Add the IDL for the call to openDatabase.
        * workers/WorkerContext.idl:

2010-04-15  Nicolas Weber  <thakis@chromium.org>

        Reviewed by Dimitri Glazkov.

        Fix drag image thumbnails for indexed images.
        https://bugs.webkit.org/show_bug.cgi?id=37621

        * platform/chromium/DragImageChromiumMac.cpp:
        (WebCore::scaleDragImage): Always use RGB color space.
        (WebCore::dissolveDragImageToFraction): Always use RGB color space.

2010-04-15  Adam Roben  <aroben@apple.com>

        Expose UserContentURLPattern as WebKit SPI

        Fixes <http://webkit.org/b/37354>.

        Reviewed by Tim Hatcher.

        * WebCore.base.exp: Export UserContentURLPattern::parse, and sorted
        the file.

        * WebCore.xcodeproj/project.pbxproj: Marked UserContentURLPattern.h as
        "Private".

        * page/UserContentURLPattern.h:
        (WebCore::UserContentURLPattern::UserContentURLPattern): Added a
        default constructor.
        (WebCore::UserContentURLPattern::isValid): Added this getter.

2010-04-15  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        AXHelp is being appended from ancestors incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=37659

        Test: platform/mac/accessibility/unexpected-help-text.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::helpText):

2010-04-15  David Hyatt  <hyatt@apple.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=37669, REGRESSION: visited styles don't work right when only the visited path specifies
        a pseudoelement.
        
        Rework the pseudo cache on RenderStyles to support nesting, i.e., a pseudo hanging off a pseudo.  The existing model gets
        confused by this concept, since it relies on a singly linked list of chained pseudo styles (instead of a Vector owned by a primary
        style).  I changed the style cache to be a Vector instead.
        
        Reworked both styleForElement and pseudoStyleForElement to resolve visited styles first, since in the pseudoStyleForElement case
        you need to do this in order to know to allocate an unvisited pseudo style even if one shouldn't normally exist.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::styleForElement):
        (WebCore::CSSStyleSelector::pseudoStyleForElement):
        * dom/Element.cpp:
        (WebCore::Element::pseudoStyleCacheIsInvalid):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::getCachedPseudoStyle):
        (WebCore::RenderStyle::addCachedPseudoStyle):
        * rendering/style/RenderStyle.h:
        (WebCore::):
        (WebCore::InheritedFlags::cachedPseudoStyles):

2010-04-15  Albert J. Wong  <ajwong@chromium.org>

        Unreviewed, rolling out r57660.
        http://trac.webkit.org/changeset/57660
        https://bugs.webkit.org/show_bug.cgi?id=37604

        Broke a large number of inspector layout tests in chromium.

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        * bindings/v8/ScriptDebugServer.cpp:
        * bindings/v8/ScriptDebugServer.h:
        (WebCore::ScriptDebugServer::addListener):
        (WebCore::ScriptDebugServer::removeListener):
        (WebCore::ScriptDebugServer::setBreakpoint):
        (WebCore::ScriptDebugServer::removeBreakpoint):
        (WebCore::ScriptDebugServer::clearBreakpoints):
        (WebCore::ScriptDebugServer::setBreakpointsActivated):
        (WebCore::ScriptDebugServer::pauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setPauseOnExceptionsState):
        (WebCore::ScriptDebugServer::continueProgram):
        (WebCore::ScriptDebugServer::stepIntoStatement):
        (WebCore::ScriptDebugServer::stepOverStatement):
        (WebCore::ScriptDebugServer::stepOutOfFunction):
        (WebCore::ScriptDebugServer::currentCallFrameState):
        (WebCore::ScriptDebugServer::ScriptDebugServer):
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        (WebCore::V8InjectedScriptHost::currentCallFrameCallback):
        (WebCore::V8InjectedScriptHost::isActivationCallback):
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel):

2010-04-14  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Dimitri Glazkov.

        DatabaseTracker refactoring: remove the dependency on
        OriginQuotaManager from DatabaseTracker.h
        https://bugs.webkit.org/show_bug.cgi?id=31482

        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::DatabaseTracker):
        (WebCore::DatabaseTracker::~DatabaseTracker):
        (WebCore::DatabaseTracker::canEstablishDatabase):
        (WebCore::DatabaseTracker::hasEntryForOrigin):
        (WebCore::DatabaseTracker::getMaxSizeForDatabase):
        (WebCore::DatabaseTracker::databaseChanged):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        (WebCore::DatabaseTracker::fullPathForDatabase):
        (WebCore::DatabaseTracker::populateOrigins):
        (WebCore::DatabaseTracker::origins):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::addOpenDatabase):
        (WebCore::DatabaseTracker::removeOpenDatabase):
        (WebCore::DatabaseTracker::usageForOriginNoLock):
        (WebCore::DatabaseTracker::usageForOrigin):
        (WebCore::DatabaseTracker::quotaForOrigin):
        (WebCore::DatabaseTracker::setQuota):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabase):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        * storage/DatabaseTracker.h:
        * storage/SQLTransactionClient.cpp:
        (WebCore::SQLTransactionClient::didExecuteStatement):

2010-04-15  Zhenyao Mo  <zmo@google.com>

        Reviewed by Adam Barth.

        Several tests in fast/canvas/webgl/ failed randomly on Leopard Commit Bot
        This fixes an uninitialized variable bug and restores a glFinish call that used to be present.
        https://bugs.webkit.org/show_bug.cgi?id=36908

        * platform/graphics/mac/GraphicsContext3DMac.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D): Initialize width/height to 0/0.
        (WebCore::GraphicsContext3D::prepareTexture): Restore glFinish() in every path.

2010-04-14  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Simon Fraser.

        Spatial Navigation: make hasOffscreenRect() to earlier return 'true' if absoluteClippedOverflowRect() gives an empty rect
        https://bugs.webkit.org/show_bug.cgi?id=37635

        absoluteClippedOverflowRect method of RenderObject does return an empty IntRect for offscreen nodes.
        So hasOffscreenRect method (SpatialNavigation.cpp) can safily bail out earlier in such cases.

        * page/SpatialNavigation.cpp:
        (WebCore::hasOffscreenRect):

2010-04-14  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Simon Fraser.

        Spatial Navigation: remove unnecessery assignment in updateFocusCandidateIfCloser method
        https://bugs.webkit.org/show_bug.cgi?id=37634

        This assignment line is not longer needed after r57061, bug that refactored all
        assignment logic to happen lines below in the method.

        * page/FocusController.cpp:
        (WebCore::updateFocusCandidateIfCloser):

2010-04-15  Yury Semikhatsky  <yurys@google.com>

        Reviewed by Pavel Feldman.
    
        Support basic debugging capabilities including step in/over/out in v8
        implementation of ScriptDebugServer.

        https://bugs.webkit.org/show_bug.cgi?id=37604

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::ScriptDebugServer):
        (WebCore::ScriptDebugServer::setDebuggerScriptSource):
        (WebCore::ScriptDebugServer::addListener):
        (WebCore::ScriptDebugServer::removeListener):
        (WebCore::ScriptDebugServer::setBreakpoint):
        (WebCore::ScriptDebugServer::removeBreakpoint):
        (WebCore::ScriptDebugServer::clearBreakpoints):
        (WebCore::ScriptDebugServer::setBreakpointsActivated):
        (WebCore::ScriptDebugServer::continueProgram):
        (WebCore::ScriptDebugServer::stepIntoStatement):
        (WebCore::ScriptDebugServer::stepOverStatement):
        (WebCore::ScriptDebugServer::stepOutOfFunction):
        (WebCore::ScriptDebugServer::currentCallFrameState):
        (WebCore::ScriptDebugServer::currentCallFrameV8):
        (WebCore::ScriptDebugServer::onV8DebugMessage):
        (WebCore::ScriptDebugServer::onV8DebugHostDispatch):
        (WebCore::ScriptDebugServer::handleV8DebugHostDispatch):
        (WebCore::ScriptDebugServer::handleV8DebugMessage):
        (WebCore::ScriptDebugServer::dispatchDidParseSource):
        (WebCore::ScriptDebugServer::ensureDebuggerScriptCompiled):
        (WebCore::ScriptDebugServer::didResume):
        * bindings/v8/ScriptDebugServer.h:
        (WebCore::ScriptDebugServer::pauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setPauseOnExceptionsState):
        (WebCore::ScriptDebugServer::setMessageLoopDispatchHandler):
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::InjectedScriptHost::createInjectedScript):
        (WebCore::V8InjectedScriptHost::currentCallFrameCallback):
        (WebCore::V8InjectedScriptHost::isActivationCallback):
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor):
        (injectedScriptConstructor.):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel):

2010-04-15  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Beth Dakin.

        RenderSVGResource <-> id mapping should be cached
        https://bugs.webkit.org/show_bug.cgi?id=37575

        Test: svg/custom/clip-path-id-changes.svg

        * rendering/RenderSVGResource.h:
        (WebCore::RenderSVGResource::RenderSVGResource):
        (WebCore::RenderSVGResource::~RenderSVGResource):
        (WebCore::RenderSVGResource::idChanged):
        (WebCore::getRenderSVGResourceById):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::addResource):
        (WebCore::SVGDocumentExtensions::removeResource):
        (WebCore::SVGDocumentExtensions::resourceById):
        * svg/SVGDocumentExtensions.h:
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::svgAttributeChanged):

2010-04-15  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Dimitri Glazkov.

        LayoutTest breakage in V8 bindings after r57627
        https://bugs.webkit.org/show_bug.cgi?id=37660

        Fixes breakage of the following tests due to an error in V8 bindings for
        NamedNodeMap:
        hc_namednodemapinuseattributeerr.html
        hc_namednodemapsetnameditemreturnvalue.html
        hc_namednodemapwrongdocumenterr.html
        hc_namednodemapinvalidtype1.html
        NamedNodeMap-setNamedItem-crash.html

        * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
        (WebCore::V8NamedNodeMap::setNamedItemNSCallback):
        (WebCore::V8NamedNodeMap::setNamedItemCallback):

2010-04-15  David Hyatt  <hyatt@apple.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=37567, :first-letter inside a :visited link is wrong color.  Make sure
        that the pseudo style caching allows visited link styles to hang off other pseudo styles.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::updateFirstLetter):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::getCachedPseudoStyle):

2010-04-15  Ben Murdoch  <benm@google.com>

        Unreviewed, rolling out r57652.
        http://trac.webkit.org/changeset/57652
        https://bugs.webkit.org/show_bug.cgi?id=37609

        Caused a build break on Chromium Mac and Layout Test fail on
        Qt

        * platform/PlatformTouchPoint.h:
        (WebCore::PlatformTouchPoint::):
        * platform/qt/PlatformTouchPointQt.cpp:
        (WebCore::PlatformTouchPoint::PlatformTouchPoint):

2010-04-15  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Nate Chapin.

        Overloads auto-generation in V8
        https://bugs.webkit.org/show_bug.cgi?id=37373

        This will be used by XHR.send/open, Canvas.*, WebGL.* methods that are currently custom. When more than a single overload exists for a method, the correct overload is chosen based on the total number of arguments passed as well as the values passed to non-primitive arguments.

        Overload dispatch order depends on the order the functions are defined in the IDL. Overloads must be specified from the most precise (overloads with wrapper type arguments) to the least precise (overloads with only primitive type arguments).

        * bindings/scripts/CodeGeneratorV8.pm: Identify and output overloads callbacks and dispatch code.
        * bindings/v8/test/TestObj.idl: Overloads sample.
        * bindings/v8/test/V8TestObj.cpp: Output change.

2010-04-15  Ben Murdoch  <benm@google.com>

        Reviewed by Kenneth Rohde Christiansen.

        The TouchStationary state of WebCore::PlatformTouchPoint
        is not handled inside the touch event handler.
        https://bugs.webkit.org/show_bug.cgi?id=37609

        After discussions at the WebKit contributors meeting, we decided
        that this is a currently unused state without a good future use
        case in the Touch API and thus decided to remove it. This patch
        actions that decision.

        As the TouchStationary state is not handled in the EventHandler,
        there is no change in functionality so no new tests are required.

        * platform/PlatformTouchPoint.h:
        (WebCore::PlatformTouchPoint::): Remove TouchStationary.
        * platform/qt/PlatformTouchPointQt.cpp:
        (WebCore::PlatformTouchPoint::PlatformTouchPoint): Remove TouchStationary.

2010-04-15  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Adam Roben.

        Use a lower-overhead mechanism for plug-in message throttling
        https://bugs.webkit.org/show_bug.cgi?id=37642        
        <rdar://problem/7418285> Very high CPU usage idling in gmail under Windows 7 (plug-in related)
        
        GMail has an instance of Flash that loads on the main mail page.
        This Flash content sends us a constant stream of WM_USER+1 messsages.
        
        There was already code in PluginMessageThrottlerWin to queue and process these
        excess WM_USER+1 messages from Flash. Unfortunately, there were a couple of
        problems with this code:
        
        - The timer used to process the excess messages had a very low timeout (1ms).
          Chrome uses a value of 5ms for this delay, and doesn't use excess CPU here,
          while still maintaining good Flash frame rate.
        
        - The overhead involved in generating a constant stream of 5ms timers still swamped
          the CPU, resulting in continued high CPU utilization.
          
        To fix this, I changed the throttling code to:
        
        - Process a queued WM_USER+1 message directly if none has been processed in 5ms.
          This allows us to avoid the overhead of a timer.
          
        - Process remaining delayed WM_USER+1 messages on a 16ms timer.
        
        This reduces our CPU utilization idling in GMail from ~20% to ~2-3% on my system.
        I also verified the frame rate for Flash content wasn't reduced with this change.

        * plugins/win/PluginMessageThrottlerWin.cpp:
        (WebCore::PluginMessageThrottlerWin::PluginMessageThrottlerWin): Initialize m_lastMessageTime.
        (WebCore::PluginMessageThrottlerWin::appendMessage): Process a queued message directly if >5ms have passed.
        (WebCore::PluginMessageThrottlerWin::processQueuedMessage): Split out from messageThrottleTimerFired.
        (WebCore::PluginMessageThrottlerWin::messageThrottleTimerFired): Call through to processQueuedMessage.
        * plugins/win/PluginMessageThrottlerWin.h: Add processQueuedMessage, m_lastMessageTime.

2010-04-15  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by David Levin.

        LEAK: in ThreadableWebSocketChannel::create()
        https://bugs.webkit.org/show_bug.cgi?id=37584

        No new tests because this change just fixes a leak.

        * websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::WorkerThreadableWebSocketChannel):
        * websockets/WorkerThreadableWebSocketChannel.h:
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::create):

2010-04-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Reviewed by Eric Seidel.

        Duplicated patches related to wml were pushed to trunk. So, one of
        the patches should be reverted.
        https://bugs.webkit.org/show_bug.cgi?id=37542

        * wml/WMLOptionElement.h:
        * wml/WMLSelectElement.h:

2010-04-15  Bruno Schmidt  <bruno.schmidt@gmail.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Null QObjects properties cause Segmentation Fault
        https://bugs.webkit.org/show_bug.cgi?id=34730

        QObjects exported to the QWebkit javascript with properties that are
        a null "QObject*" cause Segmentation Fault.

        If an QObject is added to the javascript context and it contains
        properties of the type QObject* with NULL value, calling the property
        causes Segmentation Fault.
        So now the code below properly checks for null pointers:

        * bridge/qt/qt_instance.cpp:
        (JSC::Bindings::QtInstance::getClass): may return NULL
        (JSC::Bindings::QtInstance::getMethod): may return jsNull()
        (JSC::Bindings::QtInstance::stringValue): may return jsNull()
        (JSC::Bindings::QtInstance::booleanValue): may return false
        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::convertValueToQVariant): 
        (JSC::Bindings::convertQVariantToValue): May return jsNull on QObjectStar

2010-04-14  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Repaint of fixed, transformed element is broken
        https://bugs.webkit.org/show_bug.cgi?id=37637

        RenderBox::computeRectForRepaint() failed to set the 'fixed' flag correctly
        for elements that had both fixed position and a transform. If the element has
        a transform, 'fixed' should only remain true if the element itself is fixed
        position.
        
        Also cache style()->position() in a local variable for performance.
        
        Test: fast/repaint/fixed-tranformed.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeRectForRepaint):

2010-04-14  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Kenneth Rohde Christiansen.

        Changing view mode names due to specification changes
        https://bugs.webkit.org/show_bug.cgi?id=37615

        test: fast/media/media-feature-wgt-view-mode.html

        specification: http://dev.w3.org/2006/waf/widgets-vmmf/

        * css/MediaQueryEvaluator.cpp:
        (WebCore::view_modeMediaFeatureEval):
        * page/ChromeClient.h:
        (WebCore::ChromeClient::isWindowed):
        (WebCore::ChromeClient::isMaximized):
        (WebCore::ChromeClient::isMinimized):

2010-04-14  Adam Barth  <abarth@webkit.org>

        Unreviewed attempt to fix Qt build.

        * bindings/js/JSNodeCustom.cpp:

2010-04-14  Justin Schuh  <jschuh@chromium.org>

        Reviewed by Adam Barth.

        Javascript URL can be set as iframe.src via multiple DOM aliases
        https://bugs.webkit.org/show_bug.cgi?id=37031

        Moved frame/iframe checks from Attr to Node on inherited members.
        Node child manipulation methods now return NOT_SUPPORTED_ERR if used
        on a frame/iframe src attribute.
        NamedNodeMap set methods now perform frame/iframe src checks.
        Moved allowSettingSrcToJavascriptURL static helper function from 
        JSElementCustom.cpp to exported function in JSDOMBinding.h.

        * bindings/js/JSAttrCustom.cpp:
        (WebCore::JSAttr::setValue):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::allowSettingSrcToJavascriptURL):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSElementCustom.cpp:
        * bindings/js/JSNamedNodeMapCustom.cpp:
        (WebCore::JSNamedNodeMap::setNamedItem):
        (WebCore::JSNamedNodeMap::setNamedItemNS):
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::isAttrFrameSrc):
        (WebCore::JSNode::setNodeValue):
        (WebCore::JSNode::setTextContent):
        (WebCore::JSNode::insertBefore):
        (WebCore::JSNode::replaceChild):
        (WebCore::JSNode::removeChild):
        (WebCore::JSNode::appendChild):
        * bindings/v8/custom/V8AttrCustom.cpp:
        * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
        (WebCore::V8NamedNodeMap::setNamedItemNSCallback):
        (WebCore::V8NamedNodeMap::setNamedItemCallback):
        (WebCore::toV8):
        * bindings/v8/custom/V8NodeCustom.cpp:
        (WebCore::isFrameSrc):
        (WebCore::V8Node::textContentAccessorSetter):
        (WebCore::V8Node::nodeValueAccessorSetter):
        (WebCore::V8Node::insertBeforeCallback):
        (WebCore::V8Node::replaceChildCallback):
        (WebCore::V8Node::removeChildCallback):
        (WebCore::V8Node::appendChildCallback):
        * dom/Attr.idl:
        * dom/NamedNodeMap.idl:
        * dom/Node.idl:

2010-04-14  Alejandro G. Castro  <alex@igalia.com>

        Reviewed by Xan Lopez.

        We have to check if the resource handler is cancelled before
        checking the client, other case it could crash.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::parseDataUrl):

2010-04-14  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57609.
        http://trac.webkit.org/changeset/57609
        https://bugs.webkit.org/show_bug.cgi?id=37614

        "Broke multiple builders.  Probably needs new test results,
        but may be an Inspector bug." (Requested by eseidel on
        #webkit).

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didReceiveResponse):
        (WebCore::InspectorController::didFailLoading):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.recreateViewForResourceIfNeeded):

2010-04-14  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Dan Bernstein.

        Don't cache SimpleFontData* in getLastResortFallbackFont. The cached entry may be invalidated.
        https://bugs.webkit.org/show_bug.cgi?id=37599

        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::fontDataFromDescriptionAndLogFont):
        (WebCore::FontCache::getLastResortFallbackFont):

2010-04-14  Andrey Kosyakov  <caseq@chromium.ru>

        Reviewed by Timothy Hatcher.

        Log error message to inspector console if a resource fails to load.
        Disable checking of mime-type consistency for failed resources.
        https://bugs.webkit.org/show_bug.cgi?id=37215

        Test: inspector/console-resource-errors.html

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didReceiveResponse):
        (WebCore::InspectorController::didFailLoading):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.recreateViewForResourceIfNeeded):

2010-04-14  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57599.
        http://trac.webkit.org/changeset/57599
        https://bugs.webkit.org/show_bug.cgi?id=37605

        "Broke Chromium build" (Requested by dglazkov on #webkit).

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::PopupContainer):
        (WebCore::PopupContainer::showPopup):
        (WebCore::PopupContainer::notifyPopupHidden):
        * platform/chromium/PopupMenuChromium.h:

2010-04-14  Aaron Boodman  <aa@chromium.org>

        Reviewed by David Levin.

        Support relative URLs for notifications on Chromium. They weren't working previously because WebCore was inserting
        the relative URL into a KURL instance, but when KURL is backed by GURL as it is on Chromium, relative URLs are
        unsupported. Fixed by resolving the relative URL first.

        https://bugs.webkit.org/show_bug.cgi?id=36623

        Adding tests for this is difficult because we don't currently have DRT support for notifications on Mac, only Windows.

        * notifications/Notification.cpp:
        (WebCore::Notification::Notification): Accept resolved KURL instead of relative string.
        * notifications/Notification.h:
        (WebCore::Notification::create): Ditto.
        (WebCore::Notification::iconURL): Return resolved KURL instead of relative string.
        * notifications/NotificationCenter.h:
        (WebCore::NotificationCenter::createHTMLNotification): Immediately resolve URL instead of passing off relative string.
        (WebCore::NotificationCenter::createNotification): Ditto.
        * notifications/NotificationContents.h:
        (WebCore::NotificationContents::NotificationContents): Accept resolved KURL instead of relative string.
        (WebCore::NotificationContents::icon): Return resolved URL.

2010-04-14  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add ThemeMac::ensuredView and get rid of a workaround in ThemeMac::paintButton.
        https://bugs.webkit.org/show_bug.cgi?id=37601

        * platform/mac/ThemeMac.h:
        * platform/mac/ThemeMac.mm:
        (-[WebCoreFlippedView isFlipped]):
        (WebCore::paintButton):
        (WebCore::ThemeMac::ensuredView):

2010-04-14  Jay Civelli  <jcivelli@chromium.org>
 
        Reviewed by Dimitri Glazkov.

        [chromium] Select popups would assert when destroyed.
        https://bugs.webkit.org/show_bug.cgi?id=37436
 
        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::PopupContainer):
        (WebCore::PopupContainer::showPopup):
        (WebCore::PopupContainer::notifyPopupHidden):
        * platform/chromium/PopupMenuChromium.h:
 

2010-04-14  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Jian Li.

        Remove an incorrect ASSERT in UniscribeHelper::draw().
        https://bugs.webkit.org/show_bug.cgi?id=37533

        * platform/graphics/chromium/UniscribeHelper.cpp:
        (WebCore::UniscribeHelper::draw):

2010-04-14  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: readline shortcuts don't work in Chromium.

        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt.prototype._onKeyDown):
        (WebInspector.TextPrompt.prototype._moveCaretToStartOfPrompt):

2010-04-14  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Timothy Hatcher.

        Web Inspector: Console: Shift-Tab does not cycle autocompletions in the reverse order
        https://bugs.webkit.org/show_bug.cgi?id=37582

        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt.prototype.complete):
        (WebInspector.TextPrompt.prototype._completionsReady):
        (WebInspector.TextPrompt.prototype._tabKeyPressed):

2010-04-14  Jeff Schiller  <codedread@gmail.com>

        Reviewed by Dirk Schulze.

        Render SVG Paths up to first error, bug 37413: https://bugs.webkit.org/show_bug.cgi?id=37413

        * svg/SVGParserUtilities.cpp:
        (WebCore::SVGPathSegListBuilder::build):

2010-04-14  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: Ctrl-L (Clear History) does nothing on Windows
        https://bugs.webkit.org/show_bug.cgi?id=37579

        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView):

2010-04-14  Anton Muhin  <antonm@chromium.org>

        Not review, build fix.

        Add <limits.h> include to bring UINT_MAX.

        * html/canvas/WebGLArray.h:

2010-04-14  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Attempt to unbreak build - NodeRenderStyle.h is an _interessting_ concept...

        * rendering/style/SVGRenderStyle.cpp: Include 'NodeRenderStyle.h'

2010-04-14  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        SVGRenderStyle/SVGRenderStyleDefs needs a cleanup
        https://bugs.webkit.org/show_bug.cgi?id=37568

        Cleanup SVGRenderStyle / SVGRenderStyleDefs:
        - use copy constructors in initialization list to initialize members, instead of assignment operators in the body
        - fix style issues (misplaced references, abbrevations)
        - merge StyleClipData/StyleMaskData to save memory, rename it StyleResourceData
        - move filter property in StyleResourceData
        - rename StyleMarkerData to StyleInheritedResourceData to highlight the difference to StyleResourceData
        - unify naming schemes for all resources (filter/clipper/masker/markers)
          - clipPath() -> clipperResource()
          - maskElement() -> maskerResource()
          - startMarker() -> markerStartResource()
          - midMarker() -> markerMidResource()
          - endMarker() -> markerEndResource()
          - filter() -> filterResource()

        Adapt all callsites to the renames above.
        No new tests, as this doesn't affect anything except memory overhead.

        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getSVGPropertyCSSValue):
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::applySVGProperty):
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::calculateMarkerBoundsIfNeeded):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::selfWillPaint):
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::selfWillPaint):
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        (WebCore::SVGRenderBase::filterBoundingBoxForRenderer):
        (WebCore::SVGRenderBase::clipperBoundingBoxForRenderer):
        (WebCore::SVGRenderBase::maskerBoundingBoxForRenderer):
        (WebCore::deregisterFromResources):
        * rendering/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):
        (WebCore::writeResources):
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::SVGRenderStyle::SVGRenderStyle):
        (WebCore::SVGRenderStyle::operator==):
        (WebCore::SVGRenderStyle::inheritedNotEqual):
        (WebCore::SVGRenderStyle::inheritFrom):
        * rendering/style/SVGRenderStyle.h:
        * rendering/style/SVGRenderStyleDefs.cpp:
        (WebCore::StyleFillData::StyleFillData):
        (WebCore::StyleFillData::operator==):
        (WebCore::StyleStrokeData::StyleStrokeData):
        (WebCore::StyleStrokeData::operator==):
        (WebCore::StyleStopData::StyleStopData):
        (WebCore::StyleStopData::operator==):
        (WebCore::StyleTextData::StyleTextData):
        (WebCore::StyleMiscData::StyleMiscData):
        (WebCore::StyleMiscData::operator==):
        (WebCore::StyleShadowSVGData::StyleShadowSVGData):
        (WebCore::StyleShadowSVGData::operator==):
        (WebCore::StyleResourceData::StyleResourceData):
        (WebCore::StyleResourceData::operator==):
        (WebCore::StyleInheritedResourceData::StyleInheritedResourceData):
        (WebCore::StyleInheritedResourceData::operator==):
        * rendering/style/SVGRenderStyleDefs.h:
        (WebCore::StyleFillData::operator!=):
        (WebCore::StyleStopData::operator!=):
        (WebCore::StyleMiscData::create):
        (WebCore::StyleMiscData::copy):
        (WebCore::StyleMiscData::operator!=):
        (WebCore::StyleShadowSVGData::create):
        (WebCore::StyleShadowSVGData::copy):
        (WebCore::StyleShadowSVGData::operator!=):
        (WebCore::StyleResourceData::create):
        (WebCore::StyleResourceData::copy):
        (WebCore::StyleResourceData::operator!=):
        (WebCore::StyleInheritedResourceData::create):
        (WebCore::StyleInheritedResourceData::copy):
        (WebCore::StyleInheritedResourceData::operator!=):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::addResource):
        (WebCore::SVGDocumentExtensions::removeResource):
        * svg/SVGDocumentExtensions.h:
        * svg/SVGStyledElement.cpp:
        (WebCore::SVGStyledElement::invalidateResources):

2010-04-14  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        readPixels must take PACK_ALIGNMENT into account
        https://bugs.webkit.org/show_bug.cgi?id=34718

        Test: fast/canvas/webgl/read-pixels.html

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::WebGLRenderingContext): Init members to support pack_alignment.
        (WebCore::WebGLRenderingContext::pixelStorei): Save pack/unpack_alignment.
        (WebCore::WebGLRenderingContext::readPixels): Validate enum and deal with pack_alignment.
        * html/canvas/WebGLRenderingContext.h: Add members to support pack_alignment.
        * platform/graphics/GraphicsContext3D.h: Refactor readPixels.
        * platform/graphics/mac/GraphicsContext3DMac.cpp:
        (WebCore::GraphicsContext3D::readPixels): Move array allocation and alpha fix to WebGLRenderingContext; flush before read pixels.

2010-04-13  Dirk Schulze  <krit@webkit.org>

        Reviewed by Eric Seidel.

        REGRESSION(r57511): many new graphics / svg related leaks
        https://bugs.webkit.org/show_bug.cgi?id=37527

        The content of a HashMap was not correctly deleted. Fixed this
        in the DTor and in invalidateClient of RenderSVGResourceClipper.

        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::~RenderSVGResourceClipper):
        (WebCore::RenderSVGResourceClipper::invalidateClient):

2010-04-13  Zhenyao Mo  <zmo@google.com>

        Reviewed by Oliver Hunt.

        Fix a potential integer overflow in WebGL*Array::slice()
        https://bugs.webkit.org/show_bug.cgi?id=37466

        * html/canvas/WebGLArray.h:
        (WebCore::WebGLArray::clampOffsetAndNumElements): Input parameter "offset"'s semantic changed from in bytes from buffer to in elements from array view; calculate offset in bytes from buffer inside the function, avoiding overflow. 
        * html/canvas/WebGLByteArray.cpp:
        (WebCore::WebGLByteArray::slice): Changed according to new semantic of WebCore::WebGLArray::clampOffsetAndNumElements.
        * html/canvas/WebGLFloatArray.cpp:
        (WebCore::WebGLFloatArray::slice): Ditto.
        * html/canvas/WebGLIntArray.cpp:
        (WebCore::WebGLIntArray::slice): Ditto.
        * html/canvas/WebGLShortArray.cpp:
        (WebCore::WebGLShortArray::slice): Ditto.
        * html/canvas/WebGLUnsignedByteArray.cpp:
        (WebCore::WebGLUnsignedByteArray::slice): Ditto.
        * html/canvas/WebGLUnsignedIntArray.cpp:
        (WebCore::WebGLUnsignedIntArray::slice): Ditto.
        * html/canvas/WebGLUnsignedShortArray.cpp:
        (WebCore::WebGLUnsignedShortArray::slice): Ditto.

2010-04-13  Darin Fisher  <darin@chromium.org>

        Reviewed by Brady Eidson.

        If the browsing context's session history contains only one Document,
        and that was the about:blank Document created when the browsing context
        was created, then the navigation must be done with replacement enabled.

        https://bugs.webkit.org/show_bug.cgi?id=37126

        Tests: fast/loader/frame-location-change-not-added-to-history.html
               fast/loader/frame-src-change-not-added-to-history.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clientRedirected):
        (WebCore::FrameLoader::findFrameForNavigation):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::currentItemShouldBeReplaced):
        * loader/HistoryController.h:

2010-04-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Separated a DOMWrapperWorld's behavior of keeping wrappers alive from
        its own lifetime, so a DOMWrapperWorld's controller can throw away
        its wrappers even before its refcount reaches 0.

        * WebCore.base.exp:
        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::DOMWrapperWorld):
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
        (WebCore::DOMWrapperWorld::registerWorld):
        (WebCore::DOMWrapperWorld::unregisterWorld):
        * bindings/js/DOMWrapperWorld.h: Factored out DOMWrapperWorld registration
        and unregistration into helper functions, so unregistering could be done manually.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::destroyWindowShell): Added an ASSERT to match
        similar code.

2010-04-13  Chang Shu  <chang.shu@nokia.com>

        Reviewed by Darin Fisher.

        https://bugs.webkit.org/show_bug.cgi?id=34653

        Based on W3C spec and Firefox behavior, while invoking XHR Send with parameter
        as String, the charset in Content-Type should be forced to set to UTF-8.

        Test: http/tests/xmlhttprequest/request-encoding2.html

        * platform/network/HTTPParsers.cpp:
        (WebCore::extractCharsetFromMediaType):
        (WebCore::findCharsetInMediaType):
        * platform/network/HTTPParsers.h:
        * xml/XMLHttpRequest.cpp:
        (WebCore::setCharsetInMediaType):
        (WebCore::XMLHttpRequest::send):

2010-04-12  Timothy Hatcher  <timothy@apple.com>

        SecurityOrigin needs a way to remove individual OriginAccessEntries
        https://bugs.webkit.org/show_bug.cgi?id=37449

        Test: http/tests/xmlhttprequest/origin-whitelisting-removal.html

        Reviewed by Dave Hyatt.

        * WebCore.base.exp: Added SecurityOrigin::removeOriginAccessWhitelistEntry.
        * page/OriginAccessEntry.h:
        (WebCore::OriginAccessEntry::protocol): Added. Returns m_protocol.
        (WebCore::OriginAccessEntry::host): Added. Returns m_host.
        (WebCore::OriginAccessEntry::subdomainSettings): Added. Returns m_subdomainSettings.
        (WebCore::operator==): Added. Compares OriginAccessEntry.
        (WebCore::operator!=): Ditto.
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::addOriginAccessWhitelistEntry): Use the add method to prevent a
        second hash lookup.
        (WebCore::SecurityOrigin::removeOriginAccessWhitelistEntry): Added. Find a matching
        OriginAccessEntry and remove it.
        * page/SecurityOrigin.h: Added removeOriginAccessWhitelistEntry.

2010-04-13  Timothy Hatcher  <timothy@apple.com>

        Rename SecurityOrigin::whiteListAccessFromOrigin to addOriginAccessWhitelistEntry.
        And SecurityOrigin::resetOriginAccessWhiteLists to resetOriginAccessWhitelists.

        SecurityOrigin needs a way to remove individual OriginAccessEntries
        https://bugs.webkit.org/show_bug.cgi?id=37449

        Reviewed by Dave Hyatt.

        * WebCore.base.exp:
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::addOriginAccessWhitelistEntry):
        (WebCore::SecurityOrigin::resetOriginAccessWhitelists):
        * page/SecurityOrigin.h:

2010-04-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        Tidied up some more DOMWrapperWorld lifetime issues.
        
        Made DOMWrapperWorld aware of its JSDOMWindowShells, so it can clear them.

        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::didCreateWindowShell):
        (WebCore::DOMWrapperWorld::didDestroyWindowShell): Functionality for
        tracking window shells that reference a given DOMWrapperWorld.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::~ScriptController):
        (WebCore::ScriptController::destroyWindowShell):
        (WebCore::ScriptController::createWindowShell):
        (WebCore::ScriptController::clearWindowShell):
        (WebCore::ScriptController::initScript):
        * bindings/js/ScriptController.h: Refactored to update a DOMWrapperWorld
        when adding or removing a JSDOMWindowShell.

        * dom/Document.cpp:
        (WebCore::Document::destroyAllWrapperCaches): Changed to use isEmpty(),
        which is slightly faster and simpler than iterator comparison.

2010-04-13  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Adam Barth.

        Make all HTML5 DB callbacks run in the correct context.
        https://bugs.webkit.org/show_bug.cgi?id=27698

        Tests: storage/statement-error-callback-isolated-world.html
               storage/statement-success-callback-isolated-world.html
               storage/transaction-callback-isolated-world.html
               storage/transaction-error-callback-isolated-world.html

        * bindings/js/JSCustomSQLStatementCallback.cpp:
        (WebCore::JSCustomSQLStatementCallback::JSCustomSQLStatementCallback):
        (WebCore::JSCustomSQLStatementCallback::handleEvent):
        * bindings/js/JSCustomSQLStatementCallback.h:
        * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
        (WebCore::JSCustomSQLStatementErrorCallback::JSCustomSQLStatementErrorCallback):
        (WebCore::JSCustomSQLStatementErrorCallback::handleEvent):
        * bindings/js/JSCustomSQLStatementErrorCallback.h:
        * bindings/js/JSCustomSQLTransactionCallback.cpp:
        (WebCore::JSCustomSQLTransactionCallback::JSCustomSQLTransactionCallback):
        (WebCore::JSCustomSQLTransactionCallback::handleEvent):
        * bindings/js/JSCustomSQLTransactionCallback.h:
        * bindings/js/JSCustomSQLTransactionErrorCallback.cpp:
        (WebCore::JSCustomSQLTransactionErrorCallback::JSCustomSQLTransactionErrorCallback):
        (WebCore::JSCustomSQLTransactionErrorCallback::handleEvent):
        * bindings/js/JSCustomSQLTransactionErrorCallback.h:
        * bindings/v8/custom/V8CustomSQLStatementCallback.cpp:
        (WebCore::V8CustomSQLStatementCallback::V8CustomSQLStatementCallback):
        (WebCore::V8CustomSQLStatementCallback::handleEvent):
        * bindings/v8/custom/V8CustomSQLStatementCallback.h:
        * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
        (WebCore::V8CustomSQLStatementErrorCallback::V8CustomSQLStatementErrorCallback):
        (WebCore::V8CustomSQLStatementErrorCallback::handleEvent):
        * bindings/v8/custom/V8CustomSQLStatementErrorCallback.h:
        * bindings/v8/custom/V8CustomSQLTransactionCallback.cpp:
        (WebCore::V8CustomSQLTransactionCallback::V8CustomSQLTransactionCallback):
        (WebCore::V8CustomSQLTransactionCallback::handleEvent):
        * bindings/v8/custom/V8CustomSQLTransactionCallback.h:
        * bindings/v8/custom/V8CustomSQLTransactionErrorCallback.cpp:
        (WebCore::V8CustomSQLTransactionErrorCallback::V8CustomSQLTransactionErrorCallback):
        (WebCore::V8CustomSQLTransactionErrorCallback::handleEvent):
        * bindings/v8/custom/V8CustomSQLTransactionErrorCallback.h:
        * storage/SQLStatement.cpp:
        (WebCore::SQLStatement::performCallback):
        * storage/SQLStatementCallback.h:
        * storage/SQLStatementErrorCallback.h:
        * storage/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverTransactionCallback):
        (WebCore::SQLTransaction::deliverTransactionErrorCallback):
        * storage/SQLTransactionCallback.h:
        * storage/SQLTransactionErrorCallback.h:
        (WebCore::SQLTransactionErrorCallback::~SQLTransactionErrorCallback):

2010-04-13  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Pavel Feldman.

        Fix search behavior in Profiles tab.

        https://bugs.webkit.org/show_bug.cgi?id=37498

        * inspector/front-end/ProfileView.js:
        (WebInspector.CPUProfileView.profileCallback):
        (WebInspector.CPUProfileView):

2010-04-13  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37513, clean up StyleBoxData and the RenderStyle variable that uses it.

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle):
        (WebCore::RenderStyle::operator==):
        (WebCore::RenderStyle::diff):
        * rendering/style/RenderStyle.h:
        (WebCore::):
        (WebCore::InheritedFlags::width):
        (WebCore::InheritedFlags::height):
        (WebCore::InheritedFlags::minWidth):
        (WebCore::InheritedFlags::maxWidth):
        (WebCore::InheritedFlags::minHeight):
        (WebCore::InheritedFlags::maxHeight):
        (WebCore::InheritedFlags::verticalAlignLength):
        (WebCore::InheritedFlags::boxSizing):
        (WebCore::InheritedFlags::setWidth):
        (WebCore::InheritedFlags::setHeight):
        (WebCore::InheritedFlags::setMinWidth):
        (WebCore::InheritedFlags::setMaxWidth):
        (WebCore::InheritedFlags::setMinHeight):
        (WebCore::InheritedFlags::setMaxHeight):
        (WebCore::InheritedFlags::setVerticalAlignLength):
        (WebCore::InheritedFlags::hasAutoZIndex):
        (WebCore::InheritedFlags::setHasAutoZIndex):
        (WebCore::InheritedFlags::zIndex):
        (WebCore::InheritedFlags::setZIndex):
        (WebCore::InheritedFlags::setBoxSizing):
        * rendering/style/StyleBoxData.cpp:
        (WebCore::StyleBoxData::StyleBoxData):
        (WebCore::StyleBoxData::operator==):
        * rendering/style/StyleBoxData.h:
        (WebCore::StyleBoxData::width):
        (WebCore::StyleBoxData::height):
        (WebCore::StyleBoxData::minWidth):
        (WebCore::StyleBoxData::minHeight):
        (WebCore::StyleBoxData::maxWidth):
        (WebCore::StyleBoxData::maxHeight):
        (WebCore::StyleBoxData::verticalAlign):
        (WebCore::StyleBoxData::zIndex):
        (WebCore::StyleBoxData::hasAutoZIndex):
        (WebCore::StyleBoxData::boxSizing):

2010-04-12  yael aharon  <yael.aharon@nokia.com>

        Reviewed by Tor Arne Vestbo.

        Minor fix to pass RenderProgress instead of RenderObject
        https://bugs.webkit.org/show_bug.cgi?id=37481

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::getOrCreate):
        * accessibility/AccessibilityProgressIndicator.cpp:
        (WebCore::AccessibilityProgressIndicator::AccessibilityProgressIndicator):
        (WebCore::AccessibilityProgressIndicator::create):
        * accessibility/AccessibilityProgressIndicator.h:

2010-04-13  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37510, clean up StyleBackgroundData

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle):
        (WebCore::RenderStyle::operator==):
        (WebCore::RenderStyle::diff):
        * rendering/style/RenderStyle.h:
        (WebCore::):
        (WebCore::InheritedFlags::hasBackground):
        (WebCore::InheritedFlags::hasBackgroundImage):
        (WebCore::InheritedFlags::hasFixedBackgroundImage):
        (WebCore::InheritedFlags::outlineWidth):
        (WebCore::InheritedFlags::outlineStyle):
        (WebCore::InheritedFlags::outlineStyleIsAuto):
        (WebCore::InheritedFlags::outlineColor):
        (WebCore::InheritedFlags::backgroundColor):
        (WebCore::InheritedFlags::backgroundImage):
        (WebCore::InheritedFlags::backgroundRepeatX):
        (WebCore::InheritedFlags::backgroundRepeatY):
        (WebCore::InheritedFlags::backgroundComposite):
        (WebCore::InheritedFlags::backgroundAttachment):
        (WebCore::InheritedFlags::backgroundClip):
        (WebCore::InheritedFlags::backgroundOrigin):
        (WebCore::InheritedFlags::backgroundXPosition):
        (WebCore::InheritedFlags::backgroundYPosition):
        (WebCore::InheritedFlags::backgroundSizeType):
        (WebCore::InheritedFlags::backgroundSizeLength):
        (WebCore::InheritedFlags::accessBackgroundLayers):
        (WebCore::InheritedFlags::backgroundLayers):
        (WebCore::InheritedFlags::outlineOffset):
        (WebCore::InheritedFlags::resetOutline):
        (WebCore::InheritedFlags::setBackgroundColor):
        (WebCore::InheritedFlags::setBackgroundXPosition):
        (WebCore::InheritedFlags::setBackgroundYPosition):
        (WebCore::InheritedFlags::setBackgroundSize):
        (WebCore::InheritedFlags::setBackgroundSizeLength):
        (WebCore::InheritedFlags::setOutlineWidth):
        (WebCore::InheritedFlags::setOutlineStyle):
        (WebCore::InheritedFlags::setOutlineColor):
        (WebCore::InheritedFlags::clearBackgroundLayers):
        (WebCore::InheritedFlags::inheritBackgroundLayers):
        (WebCore::InheritedFlags::setOutlineOffset):
        * rendering/style/StyleBackgroundData.h:
        (WebCore::StyleBackgroundData::background):
        (WebCore::StyleBackgroundData::color):
        (WebCore::StyleBackgroundData::outline):

2010-04-13  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Use the system clipboard instead of a private clipboard.
                Fix various problems in the previous implementation.

        https://bugs.webkit.org/show_bug.cgi?id=37421

        No new tests needed.

        * platform/haiku/PasteboardHaiku.cpp:
        (WebCore::Pasteboard::~Pasteboard):
        (WebCore::Pasteboard::generalPasteboard):
            - Don't leak the pasteboard at program exit.
        (WebCore::AutoClipboardLocker::AutoClipboardLocker):
        (WebCore::AutoClipboardLocker::~AutoClipboardLocker):
        (WebCore::AutoClipboardLocker::isLocked):
            - helper class for locking a BClipboard.
        (WebCore::Pasteboard::writeSelection):
            - Use AddData(B_MIME_TYPE) as required by clipboard protocol.
            - Make sure we don't end up with unwanted UTF-8 characters for
              regular line breaks.
        (WebCore::Pasteboard::writePlainText):
            - Use AddData(B_MIME_TYPE) as required by clipboard protocol.
        (WebCore::Pasteboard::plainText):
            - Use FindData(B_MIME_TYPE) as required by clipboard protocol.
        (WebCore::Pasteboard::documentFragment):
            - Implemented.
        (WebCore::Pasteboard::writeURL):
            - Needs to use AddData(B_MIME_TYPE) instead of AddString().
        (WebCore::Pasteboard::clear):

2010-04-13  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Fix bridging Widget to native top-level BView.
        https://bugs.webkit.org/show_bug.cgi?id=37419

        In the Haiku port, there is no mapping between native widgets
        and WebCore Widget instances. There is only a top-level BView
        which renders a web page into a bitmap. For certain WebCore widget
        functionality, we need to access this BView, like for setting the
        current cursor or forcing focus. On the other hand, setting a
        platform widget pointer on Widget results into completely different
        behavior, like ScrollView tries to forward everything instead of
        handling stuff itself. To make this work, the pointer to a "top-level"
        BView is stored in every Widget for the Haiku port.

        No new tests needed.

        * platform/Widget.h:
            - Added the m_topLevelPlatformWidget member for the Haiku platform.
        (WebCore::Widget::setPlatformWidget):
        (WebCore::Widget::topLevelPlatformWidget):
        (WebCore::Widget::setTopLevelPlatformWidget):
        * platform/haiku/WidgetHaiku.cpp:
        (WebCore::AutoPlatformWidgetLocker::AutoPlatformWidgetLocker):
        (WebCore::AutoPlatformWidgetLocker::~AutoPlatformWidgetLocker):
        (WebCore::AutoPlatformWidgetLocker::isLocked):
            - helper class for locking the BView looper thread with a timeout
        (WebCore::Widget::Widget):
        (WebCore::Widget::setFocus):
            - Make sure the top-level view receives keyboard input.
        (WebCore::Widget::setCursor):
            - Set the cursor on the top-level view.
        (WebCore::Widget::show):
        (WebCore::Widget::hide):
            - Don't show/hide the top-level view, but make the code correct
              for whenever we would map an individual BView per Widget.
            - Use setSelfVisible() and isParentVisible() like in other ports.

2010-04-13  Jeremy Moskovich  <jeremy@chromium.org>

        Reviewed by David Levin.

        Add some diagnostics to try to track down cause of crash in ArchiveFactory::isArchiveMimeType().

        https://bugs.webkit.org/show_bug.cgi?id=36426

        No new tests as there is no new functionality.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::finishedLoadingDocument): Make copy of mimeType string to isolate crash.

2010-04-13  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        Add a null ptr check for m_popupClient.

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupListBox::abandon): Add a null ptr check

2010-04-13  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Use the system's default font family as last fall back font.
        https://bugs.webkit.org/show_bug.cgi?id=37501

        No new tests needed.

        * platform/graphics/haiku/FontCacheHaiku.cpp:
        (WebCore::FontCache::getLastResortFallbackFont):
            - Use the system's default font family (from be_plain_font global).

2010-04-13  Eskil Blomfeldt <eblomfel@trolltech.com>, Jesus Sanchez-Palencia  <jesus.palencia@openbossa.org>

        Reviewed by Simon Hausmann.

        [Qt] Use integer pixel metric QFont API to fix rounding errors in text rendering on the Mac
        https://bugs.webkit.org/show_bug.cgi?id=36532

        * platform/graphics/qt/FontQt.cpp:
        (WebCore::Font::floatWidthForComplexText):
        (WebCore::Font::font):

2010-04-13  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Cannot effectively delete properties in the Styles sidebar pane
        https://bugs.webkit.org/show_bug.cgi?id=37499

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::applyStyleText):

2010-04-13  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        Use the Haiku MIME type data base as a fall back for unknown file extensions.
        https://bugs.webkit.org/show_bug.cgi?id=34686

        Covered by existing tests.

        * platform/haiku/MIMETypeRegistryHaiku.cpp:
        (WebCore::):
            - fixed coding style issues
        (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
            - fall back to the system MIME database for unknown types.
            - return empty String as last resort, this is used
              elsewhere as indicator for unknown types.

2010-04-13  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by David Levin.

        [Haiku] Use all the new system cursors available in recent Haiku revisions.
        <https://bugs.webkit.org/show_bug.cgi?id=37385>

        Covered by existing tests.

        * platform/haiku/CursorHaiku.cpp:
        (WebCore::Cursor::Cursor):
        (WebCore::Cursor::~Cursor):
        (WebCore::Cursor::operator=):
            - Adapted to maintain an owned BCursor instance.
        (WebCore::createCursorByID):
            - helper function to create a Cursor instance by BCursorID constant.
        (WebCore::pointerCursor):
            - NULL BCursor triggers using the system cursor.
        (WebCore::moveCursor):
        (WebCore::crossCursor):
        (WebCore::handCursor):
        (WebCore::iBeamCursor):
        (WebCore::waitCursor):
        (WebCore::helpCursor):
        (WebCore::eastResizeCursor):
        (WebCore::northResizeCursor):
        (WebCore::northEastResizeCursor):
        (WebCore::northWestResizeCursor):
        (WebCore::southResizeCursor):
        (WebCore::southEastResizeCursor):
        (WebCore::southWestResizeCursor):
        (WebCore::westResizeCursor):
        (WebCore::northSouthResizeCursor):
        (WebCore::eastWestResizeCursor):
        (WebCore::northEastSouthWestResizeCursor):
        (WebCore::northWestSouthEastResizeCursor):
        (WebCore::columnResizeCursor):
        (WebCore::rowResizeCursor):
        (WebCore::verticalTextCursor):
        (WebCore::cellCursor):
        (WebCore::contextMenuCursor):
        (WebCore::noDropCursor):
        (WebCore::copyCursor):
        (WebCore::progressCursor):
        (WebCore::aliasCursor):
        (WebCore::noneCursor):
        (WebCore::notAllowedCursor):
        (WebCore::zoomInCursor):
        (WebCore::zoomOutCursor):
        (WebCore::grabCursor):
        (WebCore::grabbingCursor):
            - Use the new system cursors.

2010-04-13  Dirk Schulze  <krit@webkit.org>

        Reviewed by Nikolas Zimmermann.

        <clipPath> doesn't correctly handle <text> elements
        https://bugs.webkit.org/show_bug.cgi?id=12571

        Adds support for text elements as clipPath, heterogenous clip rules, as well
        as clipping of clipPath.
        A fast code path let platforms clip simple shapes directly. All other variants
        are drawn to a seperate ImageBuffer, which is used as a mask. This happens the same
        way we like we do it on SVG Masking. This needs temporary changes to the RenderStyle
        of clipPath childs. Values like stroke, resources, opacity have to be ignored.

        Tests: svg/clip-path/clip-path-child-clipped.svg
               svg/clip-path/clip-path-childs-clipped.svg
               svg/clip-path/clip-path-clipped-evenodd-twice.svg
               svg/clip-path/clip-path-clipped-no-content.svg
               svg/clip-path/clip-path-clipped-nonzero.svg
               svg/clip-path/clip-path-clipped.svg
               svg/clip-path/clip-path-evenodd-nonzero.svg
               svg/clip-path/clip-path-evenodd.svg
               svg/clip-path/clip-path-nonzero-evenodd.svg
               svg/clip-path/clip-path-nonzero.svg
               svg/clip-path/clip-path-objectBoundingBox.svg
               svg/clip-path/clip-path-on-clipped-use.svg
               svg/clip-path/clip-path-on-g-and-child.svg
               svg/clip-path/clip-path-on-g.svg
               svg/clip-path/clip-path-on-svg-and-child.svg
               svg/clip-path/clip-path-on-svg.svg
               svg/clip-path/clip-path-recursive-call-by-child.svg
               svg/clip-path/clip-path-recursive-call.svg
               svg/clip-path/clip-path-text-and-shape.svg
               svg/clip-path/clip-path-text-and-stroke.svg
               svg/clip-path/clip-path-text.svg
               svg/clip-path/clip-path-use-as-child.svg
               svg/clip-path/clip-path-use-as-child2.svg
               svg/clip-path/clip-path-use-as-child3.svg
               svg/clip-path/clip-path-use-as-child4.svg
               svg/clip-path/clip-path-use-as-child5.svg
               svg/clip-path/clip-path-userSpaceOnUse.svg
               svg/clip-path/clip-path-with-container.svg
               svg/clip-path/clip-path-with-different-unittypes.svg
               svg/clip-path/clip-path-with-different-unittypes2.svg
               svg/clip-path/clip-path-with-invisibile-child.svg
               svg/clip-path/clip-path-with-text-clipped.svg

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isSVGShadowTreeRootContainer): identify use-element renderer
        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::invalidateClients):
        (WebCore::RenderSVGResourceClipper::invalidateClient):
        (WebCore::RenderSVGResourceClipper::applyResource):
        (WebCore::RenderSVGResourceClipper::pathOnlyClipping): direct clipping for simple shapes
        (WebCore::RenderSVGResourceClipper::applyClippingToContext): direct clipping or maskImage?
        (WebCore::RenderSVGResourceClipper::createClipData): creates maskImage for clipping
        (WebCore::RenderSVGResourceClipper::resourceBoundingBox):
        * rendering/RenderSVGResourceClipper.h:
        * rendering/RenderSVGShadowTreeRootContainer.h: identify use-Element by renderer
        (WebCore::RenderSVGShadowTreeRootContainer::isSVGShadowTreeRootContainer):
        * rendering/SVGRenderSupport.cpp:
        (WebCore::renderSubtreeToImage): hack to get texts working on clipping (masks and pattern)
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::rendererClipChild): get renderer of referenced object
        * svg/SVGUseElement.h:

2010-04-13  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        SVG renderers should track transform/path changes, instead of pulling every time from SVG DOM
        https://bugs.webkit.org/show_bug.cgi?id=15389

        RenderPath caches repaint rectangles (fill/stroke bbox etc.) though this caching
        was effectively useless because every layout() call caused them to be reset to empty rects.
        Furthermore RenderPath::layout() queried the SVG DOM upon every invocation to retrieve
        the Path object, instead of only doing it when necessary. Even the TransformationMatrix
        was polled everytime from the SVG DOM.

        Move the knownledge wheter we need to update path/transform into the render tree and
        only update when necessary. This should result in a huge performance increase, with
        the drawback of adding slightly more memory, because we need to add booleans indicating
        the status of path/transform (is dirty?).

        Doesn't affect any tests, only performance.

        * rendering/RenderForeignObject.cpp:
        (WebCore::RenderForeignObject::RenderForeignObject):
        (WebCore::RenderForeignObject::layout):
        * rendering/RenderForeignObject.h:
        (WebCore::RenderForeignObject::setNeedsTransformUpdate):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::setNeedsTransformUpdate):
        (WebCore::RenderObject::setNeedsBoundariesUpdate):
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::RenderPath):
        (WebCore::RenderPath::layout):
        (WebCore::RenderPath::invalidateCachedBoundaries):
        (WebCore::RenderPath::styleWillChange):
        * rendering/RenderPath.h:
        (WebCore::RenderPath::setNeedsBoundariesUpdate):
        (WebCore::RenderPath::setNeedsPathUpdate):
        (WebCore::RenderPath::setNeedsTransformUpdate):
        (WebCore::RenderPath::localToParentTransform):
        (WebCore::RenderPath::localTransform):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::RenderSVGImage):
        (WebCore::RenderSVGImage::layout):
        * rendering/RenderSVGImage.h:
        (WebCore::RenderSVGImage::setNeedsTransformUpdate):
        * rendering/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::invalidateClients):
        * rendering/RenderSVGResourceMarker.cpp:
        (WebCore::RenderSVGResourceMarker::invalidateClients):
        * rendering/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::invalidateClients):
        * rendering/RenderSVGText.cpp:
        (WebCore::RenderSVGText::RenderSVGText):
        (WebCore::RenderSVGText::layout):
        * rendering/RenderSVGText.h:
        (WebCore::RenderSVGText::setNeedsTransformUpdate):
        * rendering/RenderSVGTransformableContainer.cpp:
        (WebCore::RenderSVGTransformableContainer::RenderSVGTransformableContainer):
        (WebCore::RenderSVGTransformableContainer::calculateLocalTransform):
        * rendering/RenderSVGTransformableContainer.h:
        (WebCore::RenderSVGTransformableContainer::localToParentTransform):
        (WebCore::RenderSVGTransformableContainer::setNeedsTransformUpdate):
        (WebCore::RenderSVGTransformableContainer::localTransform):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::calculateAnimatedValue):
        (WebCore::SVGAnimateMotionElement::applyResultsToTarget):
        * svg/SVGAnimateTransformElement.cpp:
        (WebCore::SVGAnimateTransformElement::applyResultsToTarget):
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::svgAttributeChanged):
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::svgAttributeChanged):
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::svgAttributeChanged):
        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::svgAttributeChanged):
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::svgAttributeChanged):
        * svg/SVGLineElement.cpp:
        (WebCore::SVGLineElement::svgAttributeChanged):
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::svgAttributeChanged):
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::svgAttributeChanged):
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::svgAttributeChanged):
        * svg/SVGTextElement.cpp:
        (WebCore::SVGTextElement::svgAttributeChanged):
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::svgAttributeChanged):

2010-04-13  Mikhail Naganov  <mnaganov@chromium.org>

        Unreviewed Qt build fix: add new .idl files to WebCore.pri

        * WebCore.pri:

2010-04-12  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Yury Semikhatsky.

        Replace hand-written JavaScriptProfile* bindings with idl-based, and
        in Chromium port, bind them to the new V8's profiler API that is
        aligned with JSC.

        https://bugs.webkit.org/show_bug.cgi?id=37448

        * DerivedSources.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSConsoleCustom.cpp:
        * bindings/js/JSScriptProfileNodeCustom.cpp: Added.
        (WebCore::JSScriptProfileNode::callUID):
        (WebCore::JSScriptProfileNode::children):
        * bindings/js/JavaScriptProfile.cpp: Removed.
        * bindings/js/JavaScriptProfile.h: Removed.
        * bindings/js/JavaScriptProfileNode.cpp: Removed.
        * bindings/js/JavaScriptProfileNode.h: Removed.
        * bindings/js/ScriptProfileNode.h: Added.
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/ScriptProfile.cpp: Added.
        (WebCore::ScriptProfile::title):
        (WebCore::ScriptProfile::uid):
        (WebCore::ScriptProfile::head):
        * bindings/v8/ScriptProfile.h:
        (WebCore::ScriptProfile::create):
        (WebCore::ScriptProfile::ScriptProfile):
        * bindings/v8/ScriptProfileNode.cpp: Added.
        (WebCore::ScriptProfileNode::functionName):
        (WebCore::ScriptProfileNode::url):
        (WebCore::ScriptProfileNode::lineNumber):
        (WebCore::ScriptProfileNode::totalTime):
        (WebCore::ScriptProfileNode::selfTime):
        (WebCore::ScriptProfileNode::numberOfCalls):
        (WebCore::ScriptProfileNode::children):
        (WebCore::ScriptProfileNode::visible):
        (WebCore::ScriptProfileNode::callUID):
        * bindings/v8/ScriptProfileNode.h: Added.
        (WebCore::ScriptProfileNode::create):
        (WebCore::ScriptProfileNode::~ScriptProfileNode):
        (WebCore::ScriptProfileNode::ScriptProfileNode):
        * bindings/v8/ScriptProfiler.cpp:
        (WebCore::ScriptProfiler::start):
        (WebCore::ScriptProfiler::stop):
        * bindings/v8/custom/V8ConsoleCustom.cpp: Added.
        (WebCore::V8Console::profilesAccessorGetter):
        * bindings/v8/custom/V8ScriptProfileCustom.cpp: Added.
        (WebCore::toV8):
        * bindings/v8/custom/V8ScriptProfileNodeCustom.cpp: Added.
        (WebCore::V8ScriptProfileNode::childrenAccessorGetter):
        (WebCore::V8ScriptProfileNode::callUIDAccessorGetter):
        (WebCore::toV8):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::getProfile):
        * inspector/ScriptProfile.idl: Added.
        * inspector/ScriptProfileNode.idl: Added.
        * inspector/front-end/InspectorBackendStub.js:
        (.WebInspector.InspectorBackendStub.prototype.getProfile):
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype.populateInterface):
        (WebInspector.ProfilesPanel.prototype.profilerWasEnabled):
        * page/Console.idl:
        * platform/android/TemporaryLinkStubs.cpp:

2010-04-12  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Simon Fraser.

        Spatial Navigation: make renderRectRelativeToRootDocument method to fallback to getRect() of Element when needed
        https://bugs.webkit.org/show_bug.cgi?id=37461

        getRect() of Element can be used instead of absoluteClippedOverflowRect of RenderObject when
        the node is currently offscreen in an scroll overflowed content.

        Test: fast/events/spatial-navigation/snav-simple-content-overflow.html

        * page/SpatialNavigation.cpp:
        (WebCore::renderRectRelativeToRootDocument):

2010-04-12  Antonio Gomes  <tonikitoo@webkit.org>

        Unreviewed style fix.

        * page/FocusController.cpp:
        (WebCore::updateFocusCandidateIfCloser):

2010-04-08  yael aharon  <yael.aharon@nokia.com>

        Reviewed by Darin Adler.

        Accessibility support for progress element
        https://bugs.webkit.org/show_bug.cgi?id=37275

        Implement AccessibilityProgressIndicator to hook up progress element to accessibility framework.

        Test: platform/mac/accessibility/progressbar.html

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::getOrCreate):
        * accessibility/AccessibilityProgressIndicator.cpp: Added.
        (WebCore::AccessibilityProgressIndicator::AccessibilityProgressIndicator):
        (WebCore::AccessibilityProgressIndicator::create):
        (WebCore::AccessibilityProgressIndicator::accessibilityIsIgnored):
        (WebCore::AccessibilityProgressIndicator::valueForRange):
        (WebCore::AccessibilityProgressIndicator::maxValueForRange):
        (WebCore::AccessibilityProgressIndicator::minValueForRange):
        (WebCore::AccessibilityProgressIndicator::element):
        * accessibility/AccessibilityProgressIndicator.h: Added.
        (WebCore::AccessibilityProgressIndicator::roleValue):
        (WebCore::AccessibilityProgressIndicator::isProgressIndicator):
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::updateFromElement):
        (WebCore::RenderProgress::progressElement):
        * rendering/RenderProgress.h:

2010-04-12  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Dimitri Glazkov.

        Throwing a SECURITY_ERR when openDatabase() cannot open a database
        for whatever reason, as required by the spec.
        https://bugs.webkit.org/show_bug.cgi?id=33916

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::openDatabase):
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::openDatabaseCallback):

2010-04-12  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Dan Bernstein.

        WebKit should have more robust last-chance font fallback on Windows
        https://bugs.webkit.org/show_bug.cgi?id=37473
        <rdar://problem/7789438> Crash in FontFallbackList::determinePitch
        <rdar://problem/7233762> Crash in FontFallbackList::fontDataAt
        
        Look harder for a suitable last-resort font. Previously, we checked for
        "Times New Roman" followed by DEFAULT_GUI_FONT.
        
        We now look for:
        - Typically installed Unicode-capable fonts, in order of coverage
        - DEFAULT_GUI_FONT
        - SPI_GETNONCLIENTMETRICS fonts
        
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::fontDataFromDescriptionAndLogFont):
        (WebCore::FontCache::getLastResortFallbackFont):

2010-04-12  David Hyatt  <hyatt@apple.com>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=37469, clean up ShadowData to be encapsulated properly.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::valueForShadow):
        * page/animation/AnimationBase.cpp:
        (WebCore::blendFunc):
        (WebCore::PropertyWrapperShadow::PropertyWrapperShadow):
        (WebCore::PropertyWrapperShadow::equals):
        (WebCore::PropertyWrapperShadow::blend):
        * page/mac/FrameMac.mm:
        (WebCore::Frame::fontAttributesForSelectionStart):
        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::paint):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesHorizontally):
        (WebCore::InlineFlowBox::computeVerticalOverflow):
        (WebCore::InlineFlowBox::paintTextDecorations):
        * rendering/InlineTextBox.cpp:
        (WebCore::paintTextWithShadows):
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintDecoration):
        * rendering/InlineTextBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintBoxShadow):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateRects):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::adjustRectForOutlineAndShadow):
        * rendering/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paintCharacters):
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setTextShadow):
        (WebCore::RenderStyle::setBoxShadow):
        (WebCore::RenderStyle::getBoxShadowExtent):
        (WebCore::RenderStyle::getBoxShadowHorizontalExtent):
        (WebCore::RenderStyle::getBoxShadowVerticalExtent):
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::textShadow):
        (WebCore::InheritedFlags::boxShadow):
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::getSVGShadowExtent):
        * rendering/style/ShadowData.cpp:
        (WebCore::ShadowData::ShadowData):
        (WebCore::ShadowData::operator==):
        * rendering/style/ShadowData.h:
        (WebCore::ShadowData::ShadowData):
        (WebCore::ShadowData::~ShadowData):
        (WebCore::ShadowData::x):
        (WebCore::ShadowData::y):
        (WebCore::ShadowData::blur):
        (WebCore::ShadowData::spread):
        (WebCore::ShadowData::style):
        (WebCore::ShadowData::color):
        (WebCore::ShadowData::next):
        (WebCore::ShadowData::setNext):

2010-04-12  David Hyatt  <hyatt@apple.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=37463, clean up NinePieceImage.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForNinePieceImage):
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::mapNinePieceImage):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintNinePieceImage):
        * rendering/style/NinePieceImage.h:
        (WebCore::NinePieceImage::setImage):
        (WebCore::NinePieceImage::slices):
        (WebCore::NinePieceImage::setSlices):
        (WebCore::NinePieceImage::setHorizontalRule):
        (WebCore::NinePieceImage::verticalRule):
        (WebCore::NinePieceImage::setVerticalRule):

2010-04-12  David Hyatt  <hyatt@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=37455, :visited doesn't work with multiple classes/ids.

        Added fast/history/multiple-classes-visited.html.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::SelectorChecker::checkSelector):

2010-04-12  Dirk Schulze  <krit@webkit.org>

        Unreviewed build fix.

        Make comma/whitespace around arc flags optional in SVG path syntax
        https://bugs.webkit.org/show_bug.cgi?id=37431

        Fix the SL build.

        * svg/SVGParserUtilities.cpp:
        (WebCore::parseArcFlag):

2010-04-12  Jeff Schiller  <codedread@gmail.com>

        Reviewed by Dirk Schulze.

        Make comma/whitespace around arc flags optional in SVG path syntax and ensure flags are
        either 0 or 1: https://bugs.webkit.org/show_bug.cgi?id=37431

        * svg/SVGParserUtilities.cpp:
        (WebCore::parseArcFlag): function to read in a 0 or 1 for largeArcFlag and sweepFlag
        (WebCore::SVGPathParser::parseSVG): modify/simplify arc parsing by using parseArcFlag()

2010-04-11  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57468.
        http://trac.webkit.org/changeset/57468
        https://bugs.webkit.org/show_bug.cgi?id=37433

        Broke the world...  Must have applied the patch wrong
        (Requested by abarth on #webkit).

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.base.exp:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/ScriptControllerBase.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * dom/Document.cpp:
        (WebCore::Document::close):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::checkStyleSheet):
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElementData::scriptCharset):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * loader/DocLoader.cpp:
        (WebCore::DocLoader::requestPreload):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::setupForReplaceByMIMEType):
        * loader/DocumentWriter.cpp: Removed.
        * loader/DocumentWriter.h: Removed.
        * loader/FrameLoader.cpp:
        (WebCore::canReferToParentFrameEncoding):
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::replaceDocument):
        (WebCore::FrameLoader::clear):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::responseMIMEType):
        (WebCore::FrameLoader::setResponseMIMEType):
        (WebCore::FrameLoader::begin):
        (WebCore::FrameLoader::write):
        (WebCore::FrameLoader::end):
        (WebCore::FrameLoader::endIfNotLoadingMainResource):
        (WebCore::FrameLoader::encoding):
        (WebCore::FrameLoader::setEncoding):
        (WebCore::FrameLoader::addData):
        (WebCore::FrameLoader::transitionToCommitted):
        (WebCore::FrameLoader::open):
        (WebCore::FrameLoader::finishedLoadingDocument):
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/FrameLoader.h:
        * loader/MediaDocument.cpp:
        (WebCore::MediaDocument::replaceMediaElementTimerFired):
        * loader/PluginDocument.cpp:
        (WebCore::PluginTokenizer::createDocumentStructure):
        * platform/network/FormDataBuilder.cpp:
        (WebCore::FormDataBuilder::dataEncoding):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2010-04-11  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        Factor DocumentWriter out of FrameLoader
        https://bugs.webkit.org/show_bug.cgi?id=37175

        This patch separates the begin/write/end cycle of decoding network
        bytes and putting them into a document from the rest of the loading
        machinery.  The code and state required to write bytes into a document
        doesn't interact very much with the rest of the loading machinery.

        No tests because there is no behavior change (hopefully!).

        * Android.mk:
        * GNUmakefile.am:
        * WebCore.base.exp:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/ScriptControllerBase.cpp:
        (WebCore::ScriptController::executeIfJavaScriptURL):
        * dom/Document.cpp:
        (WebCore::Document::close):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::checkStyleSheet):
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElementData::scriptCharset):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * loader/DocLoader.cpp:
        (WebCore::DocLoader::requestPreload):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::setupForReplaceByMIMEType):
        * loader/DocumentWriter.cpp: Added.
        * loader/DocumentWriter.h: Added.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::clear):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::setURL):
        (WebCore::FrameLoader::didBeginDocument):
        (WebCore::FrameLoader::didEndDocument):
        (WebCore::FrameLoader::willSetEncoding):
        (WebCore::FrameLoader::addData):
        (WebCore::FrameLoader::transitionToCommitted):
        (WebCore::FrameLoader::open):
        (WebCore::FrameLoader::finishedLoadingDocument):
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::writer):
        (WebCore::FrameLoader::isDisplayingInitialEmptyDocument):
        * loader/MediaDocument.cpp:
        (WebCore::MediaDocument::replaceMediaElementTimerFired):
        * loader/PluginDocument.cpp:
        (WebCore::PluginTokenizer::createDocumentStructure):
        * platform/network/FormDataBuilder.cpp:
        (WebCore::FormDataBuilder::dataEncoding):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2010-04-07  Tony Chang  <tony@chromium.org>

        Reviewed by Eric Seidel.

        [chromium] implement getData('text/html') for paste and drop events
        https://bugs.webkit.org/show_bug.cgi?id=37193

        Tests: editing/pasteboard/onpaste-text-html.html
               fast/events/ondrop-text-html.html

        * platform/chromium/ClipboardChromium.cpp:
        (WebCore::):
        (WebCore::clipboardTypeFromMIMEType): add html type
        (WebCore::ClipboardChromium::clearData): implement clear text/html
        (WebCore::ClipboardChromium::getData): implement get text/html (similar to text/plain)
        (WebCore::ClipboardChromium::setData): implement set text/html

2010-04-10  Adam Barth  <abarth@webkit.org>

        Unreviewed.  Rename m_forceSandboxFlags to m_forcedSandoxFlags, as
        requested by Darin Adler.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::updateSandboxFlags):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::setForcedSandboxFlags):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2010-04-10  Mark Rowe  <mrowe@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/7845305> Further adoption of formal protocols for delegates.

        Move EmptyProtocolDefinitions.h down in to WebCore, and add the new protocols. Adopt the protocols in the appropriate places.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mac/EmptyProtocolDefinitions.h: Renamed from WebKit/mac/Misc/EmptyProtocolDefinitions.h.
        * platform/network/mac/ResourceHandleMac.mm:

2010-04-10  Chris Evans  <cevans@chromium.org>

        Reviewed by Adam Barth.

        Defense in depth: make sure an SVG document in the <img> context has
        a unique origin.

        https://bugs.webkit.org/show_bug.cgi?id=37392

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):
          Force the temporary rendering context into a unique origin.
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::setForceSandboxFlags):
          Support for setting sandbox flags that will always be applied.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::updateSandboxFlags):
          Always apply any forced flags.

2010-04-10  Vangelis Kokkevis  <vangelis@chromium.org>

        Reviewed by Dimitri Glazkov.

        Moving files associated with the GPU compositor from platform/graphics/skia to platform/graphics/chromium. Class
        rename was done in a previous CL, this CL does the file move and rename.
        https://bugs.webkit.org/show_bug.cgi?id=37231

        No new functionality, no new tests.

        * WebCore.gypi:
        * platform/graphics/chromium/GraphicsLayerChromium.cpp: Copied from WebCore/platform/graphics/skia/GraphicsLayerSkia.cpp.
        * platform/graphics/chromium/GraphicsLayerChromium.h: Copied from WebCore/platform/graphics/skia/GraphicsLayerSkia.h.
        * platform/graphics/chromium/LayerChromium.cpp: Copied from WebCore/platform/graphics/skia/LayerSkia.cpp.
        * platform/graphics/chromium/LayerChromium.h: Copied from WebCore/platform/graphics/skia/LayerSkia.h.
        * platform/graphics/chromium/LayerRendererChromium.cpp: Copied from WebCore/platform/graphics/skia/LayerRendererSkia.cpp.
        * platform/graphics/chromium/LayerRendererChromium.h: Copied from WebCore/platform/graphics/skia/LayerRendererSkia.h.
        * platform/graphics/skia/GraphicsLayerSkia.cpp: Removed.
        * platform/graphics/skia/GraphicsLayerSkia.h: Removed.
        * platform/graphics/skia/LayerRendererSkia.cpp: Removed.
        * platform/graphics/skia/LayerRendererSkia.h: Removed.
        * platform/graphics/skia/LayerSkia.cpp: Removed.
        * platform/graphics/skia/LayerSkia.h: Removed.

2010-04-10  Robert Hogan  <robert@webkit.org>

        Reviewed by Kenneth Rohde Christiansen.

        Refactor Qt DRT support in QtWebKit

        https://bugs.webkit.org/show_bug.cgi?id=35844

        * WebCore.pro: Add DumpRenderTreeSupportQt.cpp

2010-04-10  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by David Kilzer.

        Missing CONTEXT_MENUS Guards
        https://bugs.webkit.org/show_bug.cgi?id=37398

        Added missing ENABLE(CONTEXT_MENUS) guards.

        * bindings/js/JSInspectorFrontendHostCustom.cpp:
        (WebCore::JSInspectorFrontendHost::showContextMenu):
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::InspectorFrontendHost):
        (WebCore::InspectorFrontendHost::disconnectClient):
        * inspector/InspectorFrontendHost.h:

2010-04-10  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by Eric Seidel.

        [Haiku] Fix crash in Gradient::fill()
        https://bugs.webkit.org/show_bug.cgi?id=37386

        Covered by existing tests.

        * platform/graphics/haiku/GradientHaiku.cpp:
        (WebCore::Gradient::fill):
            - Make sure the platform gradient is already cached before
              dereferencing its pointer.

2010-04-10  Stephan Aßmus  <superstippi@gmx.de>

        Reviewed by Eric Seidel.

        [Haiku] Fix build of ImageHaiku.cpp
        <https://bugs.webkit.org/show_bug.cgi?id=37384>

        No new tests needed.

        * platform/graphics/haiku/ImageHaiku.cpp:
        (WebCore::Image::drawPattern):
            - include SharedBuffer.h
            - changed parameter name to be in line with other ports,
              the code I landed in an earlier commit was already using
              this name.

2010-04-10  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Implement Desktop Notifications API for QtWebKit
        https://bugs.webkit.org/show_bug.cgi?id=35503

        No new tests enabled as notification DRT tests are
        disabled at the moment.

        * WebCore.pri: Add files to the build system and turn
        on the feature by default.

        * WebCore.pro: Add files to the build system

        * bindings/js/JSDesktopNotificationsCustom.cpp:
        (WebCore::JSNotificationCenter::requestPermission):
        (WebCore::JSNotification::addEventListener):
        (WebCore::JSNotification::removeEventListener):
        Fix build regresssion.

2010-04-09  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Joseph Pecoraro.

        Web Inspector: Console with two recursive arrays causes infinite loop trying to display.
        https://bugs.webkit.org/show_bug.cgi?id=37133

        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView.prototype._printArray):
        (WebInspector.ConsoleView.prototype._formatAsArrayEntry):
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor):

2010-04-09  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Eric Seidel.

        [wx] Basic implementation of SVG support for wx port.

        * css/CSSFontFaceSource.cpp:
        * platform/graphics/wx/FontPlatformData.h:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::size):
        * platform/graphics/wx/FontPlatformDataWx.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        * platform/graphics/wx/GraphicsContextWx.cpp:
        (WebCore::GraphicsContext::GraphicsContext):
        (WebCore::GraphicsContext::clipPath):
        (WebCore::GraphicsContext::getCTM):
        (WebCore::GraphicsContext::beginPath):
        (WebCore::GraphicsContext::addPath):
        (WebCore::GraphicsContext::concatCTM):
        (WebCore::GraphicsContext::fillPath):
        (WebCore::GraphicsContext::strokePath):
        (WebCore::GraphicsContext::setLineDash):
        * platform/graphics/wx/ImageBufferWx.cpp:
        (WebCore::ImageBuffer::platformTransformColorSpace):
        * platform/graphics/wx/PathWx.cpp:
        (WebCore::Path::strokeContains):
        (WebCore::Path::debugString):
        (WebCore::Path::operator=):
        (WebCore::Path::isEmpty):
        * rendering/RenderSVGResourceMasker.cpp:
        * wscript:

2010-04-09  Evan Martin  <evan@chromium.org>

        Reviewed by Darin Adler.

        StorageEvent destructor should be in StorageEvent.cpp
        https://bugs.webkit.org/show_bug.cgi?id=37356

        Because Storage is forward-declared in StorageEvent.h, we need to define
        the StorageEvent destructor in the .cpp file so that the RefPtr<Storage>
        destructor has a complete type for Storage.

        * storage/StorageEvent.cpp:
        (WebCore::StorageEvent::~StorageEvent):
        * storage/StorageEvent.h:

2010-04-09  Young Han Lee  <joybro@company100.net>

        Reviewed by Eric Seidel.

        [WINCE] Add forwarding header for UnicodeWince.h
        https://bugs.webkit.org/show_bug.cgi?id=37224

        * ForwardingHeaders/wtf/unicode/wince/UnicodeWince.h: Added.

2010-04-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam "R the K!" Weinig.

        Tidied up some more DOMWrapperWorld lifetime issues.

        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld): Notify the document that
        we're going away instead of deleting its data, since deleting other
        objects' data is error-prone and, more importantly, rude.

        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::didCreateWrapperCache):
        (WebCore::DOMWrapperWorld::didDestroyWrapperCache): A few renames for
        clarity.

        * bindings/js/JSDOMBinding.cpp:
        * bindings/js/JSDOMBinding.h: Converted forgetAllDOMNodesForDocument
        to a Document member function, for the same reason.

        * dom/Document.cpp: 
        (WebCore::Document::~Document):
        (WebCore::Document::createWrapperCache):
        (WebCore::Document::destroyWrapperCache):
        (WebCore::Document::destroyAllWrapperCaches):
        * dom/Document.h: Added a destroyWrapperCache function to balance
        createWrapperCache, so it's clear who allocates and deletes these wrapper
        caches.

2010-04-09  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Fixed bug where animation time was not updated when dynamically loading a style sheet
        https://bugs.webkit.org/show_bug.cgi?id=37352

        A dynamically loaded style sheet kicks off its own styleRecalc cycle. This was not
        bracketed with a beginAnimationUpdate/endAnimationUpdate which wasn't resetting the
        animation time. In some time-dependent cases this was causing a negative elapsedTime
        to be sent to the keyframe animator. This is an invalid case which destroys the
        animation prematurely. I not only added the brackets, but I also added an assert
        and protection for when the elapsedTime comes up negative.

        Test: animations/dynamic-stylesheet-loading.html

        * dom/Document.cpp: Added brackets
        (WebCore::Document::updateStyleSelector):
        * page/animation/KeyframeAnimation.cpp: Added assert and protection
        (WebCore::KeyframeAnimation::getKeyframeAnimationInterval):

2010-04-09  Jaime Yap  <jaimeyap@google.com>

        Reviewed by Pavel Feldman.

        Web Inspector: Fixes "wrong parent" for GCEvents that come at the end of a
        timeline record node.
        https://bugs.webkit.org/show_bug.cgi?id=37340

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::didInstallTimer):
        (WebCore::InspectorTimelineAgent::didRemoveTimer):
        (WebCore::InspectorTimelineAgent::didMarkTimeline):
        (WebCore::InspectorTimelineAgent::didMarkDOMContentEvent):
        (WebCore::InspectorTimelineAgent::didMarkLoadEvent):
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        (WebCore::InspectorTimelineAgent::didCompleteCurrentRecord):

2010-04-09  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        Prevent HTTP responses served with JSON content type from being rendered as HTML. 

        Test: http/tests/security/xss-DENIED-mime-type-execute-as-html.html

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::isTextMIMEType): Render application/json as text/plain.
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedNonImageMimeTypes): Add a compile assert to prevent addition of new mime types in non-image types. 

2010-04-09  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Eric Seidel.

        Prevent wrong use of PrintContext
        https://bugs.webkit.org/show_bug.cgi?id=37194

        No new tests because this doesn't change the behavior.

        * page/PrintContext.cpp:
        (WebCore::PrintContext::PrintContext):
        (WebCore::PrintContext::~PrintContext):
        (WebCore::PrintContext::begin):
        (WebCore::PrintContext::end):
        * page/PrintContext.h:

2010-04-09  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by Darin Fisher.

        [V8] SerializedScriptValue value doesn't follow the spec for DOM objects and files
        https://bugs.webkit.org/show_bug.cgi?id=37094

        This patch adds support for file-related types.

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::):
        (WebCore::Writer::writeString):
        (WebCore::Writer::writeWebCoreString):
        (WebCore::Writer::writeBlob):
        (WebCore::Writer::writeFile):
        (WebCore::Writer::writeFileList):
        (WebCore::Writer::doWriteString):
        (WebCore::Writer::doWriteWebCoreString):
        (WebCore::Serializer::writeBlob):
        (WebCore::Serializer::writeFile):
        (WebCore::Serializer::writeFileList):
        (WebCore::Serializer::doSerialize):
        (WebCore::Reader::read):
        (WebCore::Reader::readWebCoreString):
        (WebCore::Reader::readBlob):
        (WebCore::Reader::readFile):
        (WebCore::Reader::readFileList):
        (WebCore::SerializedScriptValue::SerializedScriptValue):

2010-04-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Cameron Zwarich.
        
        Tidied up some DOMWrapperWorld lifetime issues.

        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::DOMWrapperWorld): Made DOMWrapperWorld wholly
        responsible for managing its presence in WebCoreJSClientData's world set.
        This is simpler and more encapsulated than making its clients sometimes
        responsible for managing that set and sometimes not.
        
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::create): Made isNormal default to false,
        removing one of the reasons for the IsolatedWorld class to exist, so I
        could remove that class.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonJSGlobalData): Used the work-around below.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createWorld): Nixed IsolatedWorld, which is
        now superfluous.

        * bindings/js/WebCoreJSClientData.h:
        (WebCore::initNormalWorldClientData): Added a work-around for the fact
        that WebCoreJSClientData must be set as globalData->clientData before
        the DOMWrapperWorld constructor runs. This removed the other reason
        for the IsolatedWorld class to exist, so I could remove that class.

2010-04-09  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Nate Chapin.

        Testing utility for CodeGeneratorV8.pm
        https://bugs.webkit.org/show_bug.cgi?id=37286

        * bindings/v8/test: Added.
        * bindings/v8/test/TestObj.idl: Contains basic IDL definitions for testing purposes.
        * bindings/v8/test/V8TestObj.cpp: Expected output.
        * bindings/v8/test/V8TestObj.h: Expected output.
        * bindings/v8/test/run_tests.py: Tool for generating the above h/cpp files from the idl file.

2010-04-09  Darin Adler  <darin@apple.com>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=37370
        Division by 0 in RenderBoxModelObject::calculateFillTileSize

        Test: fast/backgrounds/background-fill-zero-area-crash.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateFillTileSize): Added checks for
        zero before doing division. These come up when the area to fill is zero.

2010-04-09  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=24572
        XMLHttpRequest.statusText returns always "OK" on Mac

        Covered by existing tests, which now pass.

        * WebCore.base.exp:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        Added a WebKitSystemInterface method to fetch status line.

        * platform/network/HTTPParsers.cpp: (WebCore::extractReasonPhraseFromHTTPStatusLine):
        * platform/network/HTTPParsers.h:
        * platform/network/cf/ResourceResponseCFNet.cpp: (WebCore::ResourceResponse::platformLazyInit):
        Moved code for parsing status line to HTTPHeaders, as it's used for both Mac and CF now.

        * platform/network/mac/ResourceResponseMac.mm: (WebCore::ResourceResponse::platformLazyInit):
        Use the actual reason phrase when available, and "OK" otherwise. Synthesizing a reson when
        there isn't one is misleading, so we'll stick to our old broken behavior on Tiger, rather than
        introduce a new broken one.

2010-04-09  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37361, clean up FillLayer.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::sizeType):
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::backgroundImage):
        (WebCore::InheritedFlags::backgroundRepeatX):
        (WebCore::InheritedFlags::backgroundRepeatY):
        (WebCore::InheritedFlags::backgroundComposite):
        (WebCore::InheritedFlags::backgroundAttachment):
        (WebCore::InheritedFlags::backgroundClip):
        (WebCore::InheritedFlags::backgroundOrigin):
        (WebCore::InheritedFlags::backgroundXPosition):
        (WebCore::InheritedFlags::backgroundYPosition):
        (WebCore::InheritedFlags::backgroundSizeType):
        (WebCore::InheritedFlags::backgroundSizeLength):
        (WebCore::InheritedFlags::maskImage):
        (WebCore::InheritedFlags::maskRepeatX):
        (WebCore::InheritedFlags::maskRepeatY):
        (WebCore::InheritedFlags::maskComposite):
        (WebCore::InheritedFlags::maskAttachment):
        (WebCore::InheritedFlags::maskClip):
        (WebCore::InheritedFlags::maskOrigin):
        (WebCore::InheritedFlags::maskXPosition):
        (WebCore::InheritedFlags::maskYPosition):
        (WebCore::InheritedFlags::maskSizeType):
        (WebCore::InheritedFlags::maskSizeLength):

2010-04-09  Sam Weinig  <sam@webkit.org>

        Add another missing export to fix the build.

        * WebCore.base.exp:

2010-04-09  David Hyatt  <hyatt@apple.com>

        Reviewed by Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=37353, clean up cursors used by RenderStyles.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectCursor):
        * rendering/style/CursorData.h:
        (WebCore::CursorData::CursorData):
        (WebCore::CursorData::operator==):
        (WebCore::CursorData::image):
        (WebCore::CursorData::hotSpot):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::addCursor):

2010-04-09  David Hyatt  <hyatt@apple.com>

        Reviewed by Adam Roben.
        
        https://bugs.webkit.org/show_bug.cgi?id=37349, RenderStyle cleanup.  Working from the outside in to
        bring some style consistency to RenderStyle and its associated classes.  This patch cleans up the
        border and outline classes.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::calcBorderLeft):
        (WebCore::RenderTable::calcBorderRight):
        (WebCore::RenderTable::outerBorderTop):
        (WebCore::RenderTable::outerBorderBottom):
        (WebCore::RenderTable::outerBorderLeft):
        (WebCore::RenderTable::outerBorderRight):
        * rendering/RenderTableCell.cpp:
        (WebCore::compareBorders):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::calcOuterBorderTop):
        (WebCore::RenderTableSection::calcOuterBorderBottom):
        (WebCore::RenderTableSection::calcOuterBorderLeft):
        (WebCore::RenderTableSection::calcOuterBorderRight):
        * rendering/style/BorderData.h:
        (WebCore::BorderData::hasBorder):
        (WebCore::BorderData::hasBorderRadius):
        (WebCore::BorderData::borderLeftWidth):
        (WebCore::BorderData::borderRightWidth):
        (WebCore::BorderData::borderTopWidth):
        (WebCore::BorderData::borderBottomWidth):
        (WebCore::BorderData::operator==):
        (WebCore::BorderData::left):
        (WebCore::BorderData::right):
        (WebCore::BorderData::top):
        (WebCore::BorderData::bottom):
        (WebCore::BorderData::image):
        (WebCore::BorderData::topLeft):
        (WebCore::BorderData::topRight):
        (WebCore::BorderData::bottomLeft):
        (WebCore::BorderData::bottomRight):
        * rendering/style/BorderValue.h:
        (WebCore::BorderValue::BorderValue):
        (WebCore::BorderValue::nonZero):
        (WebCore::BorderValue::isTransparent):
        (WebCore::BorderValue::operator==):
        (WebCore::BorderValue::color):
        (WebCore::BorderValue::width):
        (WebCore::BorderValue::style):
        * rendering/style/CollapsedBorderValue.h:
        (WebCore::CollapsedBorderValue::CollapsedBorderValue):
        (WebCore::CollapsedBorderValue::width):
        (WebCore::CollapsedBorderValue::style):
        (WebCore::CollapsedBorderValue::exists):
        (WebCore::CollapsedBorderValue::color):
        (WebCore::CollapsedBorderValue::isTransparent):
        (WebCore::CollapsedBorderValue::precedence):
        (WebCore::CollapsedBorderValue::operator==):
        * rendering/style/OutlineValue.h:
        (WebCore::OutlineValue::OutlineValue):
        (WebCore::OutlineValue::operator==):
        (WebCore::OutlineValue::offset):
        (WebCore::OutlineValue::isAuto):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::getBorderRadiiForRect):
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::borderLeft):
        (WebCore::InheritedFlags::borderRight):
        (WebCore::InheritedFlags::borderTop):
        (WebCore::InheritedFlags::borderBottom):
        (WebCore::InheritedFlags::borderImage):
        (WebCore::InheritedFlags::borderTopLeftRadius):
        (WebCore::InheritedFlags::borderTopRightRadius):
        (WebCore::InheritedFlags::borderBottomLeftRadius):
        (WebCore::InheritedFlags::borderBottomRightRadius):
        (WebCore::InheritedFlags::borderLeftStyle):
        (WebCore::InheritedFlags::borderLeftColor):
        (WebCore::InheritedFlags::borderLeftIsTransparent):
        (WebCore::InheritedFlags::borderRightStyle):
        (WebCore::InheritedFlags::borderRightColor):
        (WebCore::InheritedFlags::borderRightIsTransparent):
        (WebCore::InheritedFlags::borderTopStyle):
        (WebCore::InheritedFlags::borderTopColor):
        (WebCore::InheritedFlags::borderTopIsTransparent):
        (WebCore::InheritedFlags::borderBottomStyle):
        (WebCore::InheritedFlags::borderBottomColor):
        (WebCore::InheritedFlags::borderBottomIsTransparent):
        (WebCore::InheritedFlags::outlineWidth):
        (WebCore::InheritedFlags::outlineStyleIsAuto):
        (WebCore::InheritedFlags::outlineColor):
        (WebCore::InheritedFlags::outlineOffset):
        (WebCore::InheritedFlags::columnRuleColor):
        (WebCore::InheritedFlags::resetBorderTop):
        (WebCore::InheritedFlags::resetBorderRight):
        (WebCore::InheritedFlags::resetBorderBottom):
        (WebCore::InheritedFlags::resetBorderLeft):
        (WebCore::InheritedFlags::resetBorderImage):
        (WebCore::InheritedFlags::resetBorderTopLeftRadius):
        (WebCore::InheritedFlags::resetBorderTopRightRadius):
        (WebCore::InheritedFlags::resetBorderBottomLeftRadius):
        (WebCore::InheritedFlags::resetBorderBottomRightRadius):
        (WebCore::InheritedFlags::setBorderImage):
        (WebCore::InheritedFlags::setBorderTopLeftRadius):
        (WebCore::InheritedFlags::setBorderTopRightRadius):
        (WebCore::InheritedFlags::setBorderBottomLeftRadius):
        (WebCore::InheritedFlags::setBorderBottomRightRadius):
        (WebCore::InheritedFlags::setBorderLeftWidth):
        (WebCore::InheritedFlags::setBorderLeftStyle):
        (WebCore::InheritedFlags::setBorderLeftColor):
        (WebCore::InheritedFlags::setBorderRightWidth):
        (WebCore::InheritedFlags::setBorderRightStyle):
        (WebCore::InheritedFlags::setBorderRightColor):
        (WebCore::InheritedFlags::setBorderTopWidth):
        (WebCore::InheritedFlags::setBorderTopStyle):
        (WebCore::InheritedFlags::setBorderTopColor):
        (WebCore::InheritedFlags::setBorderBottomWidth):
        (WebCore::InheritedFlags::setBorderBottomStyle):
        (WebCore::InheritedFlags::setBorderBottomColor):
        (WebCore::InheritedFlags::setOutlineWidth):
        (WebCore::InheritedFlags::setOutlineStyle):
        (WebCore::InheritedFlags::setOutlineColor):
        (WebCore::InheritedFlags::setOutlineOffset):
        (WebCore::InheritedFlags::setColumnRuleColor):
        (WebCore::InheritedFlags::setColumnRuleWidth):
        * rendering/style/StyleMultiColData.h:
        (WebCore::StyleMultiColData::ruleWidth):

2010-04-09  Andrey Kosyakov  <caseq@chromium.org>

        Reviewed by Darin Adler.

        Fixed ResourceError::failingURL() and ResourceResponse::httpStatusText()
        to return meaningful values.
        https://bugs.webkit.org/show_bug.cgi?id=37274

        * platform/network/mac/ResourceErrorMac.mm:
        (WebCore::ResourceError::platformLazyInit):
        * platform/network/mac/ResourceResponseMac.mm:
        (WebCore::ResourceResponse::platformLazyInit):

2010-04-09  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Darin Adler.

        Move the IDB::open ExceptionCode paramter to be last
        https://bugs.webkit.org/show_bug.cgi?id=37277

        Move the ExceptionCode paramter to the last position in
        IndexedDatabaseRequest::open and friends.  It should definitely
        go after the callbacks to keep the parameters that come directly
        from javascript together.  And having output parameters appear
        last is done often in the code base, so it makes sense to push
        it past the Frame* param as well.

        No functional change.

        * bindings/v8/custom/V8IndexedDatabaseRequestCustom.cpp:
        (WebCore::V8IndexedDatabaseRequest::openCallback):
        * storage/IndexedDatabase.h:
        * storage/IndexedDatabaseImpl.cpp:
        (WebCore::IndexedDatabaseImpl::open):
        * storage/IndexedDatabaseImpl.h:
        * storage/IndexedDatabaseRequest.cpp:
        (WebCore::IndexedDatabaseRequest::open):
        * storage/IndexedDatabaseRequest.h:

2010-04-09  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Darin Adler.

        WebCore: WorkerGlobalScope.close() should let the currently running script complete execution, then terminate the worker.
        https://bugs.webkit.org/show_bug.cgi?id=37053

        Test: fast/workers/worker-close-more.html

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::forbidExecution):
        (WebCore::WorkerScriptController::):
        * bindings/v8/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::forbidExecution):
        * bindings/v8/WorkerScriptController.h:
        (WebCore::WorkerScriptController::):
        Added option parameter to forbidExecution (both JCS and V8 versions) that specifies whether currently running
        script should be immediately terminated or left executed until the end.

        * bindings/js/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerContextWrapper):
        This method now can return 0 instead of context if the further execution of JS is forbidden. Since any JS execution requires
        fetching JS global object first, returning 0 here is a good way to prevent re-entry into JS once worker started termination.
        V8 version does similar thing already in WorkerScriptController::proxy().

        * workers/DedicatedWorkerContext.cpp:
        (WebCore::DedicatedWorkerContext::postMessage):
        Removed check that immediately disables postMessage from WorkerContext after close().

        * workers/WorkerContext.cpp:
        (WebCore::CloseWorkerContextTask::create):
        (WebCore::CloseWorkerContextTask::performTask):
        (WebCore::CloseWorkerContextTask::isCleanupTask):
        (WebCore::WorkerContext::close):
        Use new forbidExecution(LetRunningScriptFinish) to avoid termination of script until it executes and exits.
        Post a task to actually terminate the worker once the currently executing JS fragment exits.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::workerThread):
        (WebCore::WorkerThread::stop):
        Use new forbidExecution(TerminateRunningScript) to immediately terminate the JS.

2010-04-09  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Implement interactive validation for forms.
        https://bugs.webkit.org/show_bug.cgi?id=34930

        - HTMLFormControlElement::checkValidity() supports unhandled invalid control list
        - HTMLFormElement::validateInteractively() called from prepareSubmit()
          prevents the submission if neither noValidate nor formNoValidate is
          specified, and focuses on the first invalid control of which "invalid"
          event is not canceled.

        Tests: fast/forms/checkValidity-cancel.html
               fast/forms/interactive-validation-cancel.html
               fast/forms/interactive-validation-formnovalidate.html
               fast/forms/interactive-validation-novalidate.html
               fast/forms/interactive-validation-prevented.html
               fast/forms/interactive-validation-remove-node-in-handler.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::checkValidity):
          If the control is invalid and the "invalid" is not canceled,
          push the control to the specified vector.
        * html/HTMLFormControlElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::validateInteractively):
         The main part of the interactive validation.
        (WebCore::HTMLFormElement::prepareSubmit):
         Calls validateInteractively().
        (WebCore::HTMLFormElement::checkValidity):
         Uses collectUnhandledInvalidControls().
        (WebCore::HTMLFormElement::collectUnhandledInvalidControls):
        * html/HTMLFormElement.h:

2010-04-09  Sam Weinig  <sam@webkit.org>

        Fix the mac WebKit2 build.

        * WebCore.base.exp:

2010-04-08  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37181
        <rdar://problem/7835374> REGRESSION (r54400): Hangs when doing AJAX update with large amount of data

        Test: fast/events/gc-freeze-with-attribute-listeners.html

        The problem was that we were creating JS wrappers for nodes with attribute event listeners,
        and GC is very slow if there are nodes with wrappers in a detached tree whose root does not
        have a wrapper.

        * bindings/js/ScriptEventListener.cpp: (WebCore::createAttributeEventListener): Don't create
        wrappers for attribute event listeners - if there is a node, JSLazyEventListener::initializeJSFunction()
        will create one.

        * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::markChildren): Added a FIXME about the problem
        we are stepping around now.

2010-04-09  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        WebGtk GLib-CRITICAL Segmentation fault
        https://bugs.webkit.org/show_bug.cgi?id=34937

        Do not crash if a plugin does not return anything in
        NP_GetMIMEDescription. This can happen, and other ports gracefully
        handle the situation.

        * plugins/gtk/PluginPackageGtk.cpp:
        (WebCore::PluginPackage::fetchInfo):

2010-04-09  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: Cannot select elements within iframes with the magnifying glass.

        https://bugs.webkit.org/show_bug.cgi?id=31732

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::inspect):
        (WebCore::InspectorController::handleMousePress):
        * inspector/InspectorController.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMousePressEvent):

2010-04-09  Tasuku Suzuki  <tasuku.suzuki@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt]Fix compile error with QT_NO_PROPERTIES
        https://bugs.webkit.org/show_bug.cgi?id=36526

        Disable dynamic properties when QT_NO_PROPERTIES is defined.

        * bridge/qt/qt_class.cpp:
        (JSC::Bindings::QtClass::fieldNamed):
        * bridge/qt/qt_instance.cpp:
        (JSC::Bindings::QtInstance::getPropertyNames):
        (JSC::Bindings::QtField::name):
        (JSC::Bindings::QtField::valueFromInstance):
        (JSC::Bindings::QtField::setValueToInstance):
        * bridge/qt/qt_runtime.h:
        (JSC::Bindings::QtField::):

2010-04-09  David Leong  <david.leong@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Symbian apps crash on exit due to a bad qObject_cast.

        https://bugs.webkit.org/show_bug.cgi?id=37303

        Added check for NULL to avoid the crash.

        * plugins/symbian/PluginViewSymbian.cpp:
        (WebCore::PluginView::platformDestroy):

2010-04-09  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        <http://webkit.org/b/37326> IDL files are being copied in to the WebCore framework again

        * WebCore.xcodeproj/project.pbxproj: Wire up the script.  Remove the three inappropriate
        files from the Copy Bundle Resources build phase.

2010-04-09  Zhenyao Mo  <zmo@google.com>

        Reviewed by Darin Fisher.

        Passing null WebGLObjects should synthesize INVALID_VALUE error
        https://bugs.webkit.org/show_bug.cgi?id=37047

        * html/canvas/WebGLRenderingContext.cpp: Synthesize INVALID_VALUE error when input object is 0.
        (WebCore::WebGLRenderingContext::bindAttribLocation):
        (WebCore::WebGLRenderingContext::compileShader):
        (WebCore::WebGLRenderingContext::detachShader):
        (WebCore::WebGLRenderingContext::validateWebGLObject):
        (WebCore::WebGLRenderingContext::getActiveAttrib):
        (WebCore::WebGLRenderingContext::getActiveUniform):
        (WebCore::WebGLRenderingContext::getProgramParameter):
        (WebCore::WebGLRenderingContext::getProgramInfoLog):
        (WebCore::WebGLRenderingContext::getShaderParameter):
        (WebCore::WebGLRenderingContext::getShaderInfoLog):
        (WebCore::WebGLRenderingContext::getShaderSource):
        (WebCore::WebGLRenderingContext::getUniform):
        (WebCore::WebGLRenderingContext::getUniformLocation):
        (WebCore::WebGLRenderingContext::linkProgram):
        (WebCore::WebGLRenderingContext::shaderSource):
        * html/canvas/WebGLRenderingContext.h: Add helper function to validate webgl object input parameters.

2010-04-09  Zhenyao Mo  <zmo@google.com>

        Reviewed by Dimitri Glazkov.

        Must resolve multisampled back buffer during copyTexImage2D and copyTexSubImage2D
        https://bugs.webkit.org/show_bug.cgi?id=37174

        Test: fast/canvas/webgl/copy-tex-image-and-sub-image-2d.html

        * platform/graphics/mac/GraphicsContext3DMac.cpp: resolve multisampled back buffer during copyTexImage2D and copyTexSubImage2D.
        (WebCore::GraphicsContext3D::copyTexImage2D):
        (WebCore::GraphicsContext3D::copyTexSubImage2D):

2010-04-09  Evan Stade  <estade@chromium.org>

        Reviewed by Dimitri Glazkov.

        [chromium] <select> dropdowns don't die when an item is selected
        https://bugs.webkit.org/show_bug.cgi?id=37243

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupContainer::hidePopup):
        (WebCore::PopupContainer::notifyPopupHidden):
        (WebCore::PopupListBox::hidePopup): inform container that popup is closing
        * platform/chromium/PopupMenuChromium.h:

2010-04-09  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix crashes with package builds in release

        * WebCore.pro: Don't add NDEBUG to the defines here, add it from JavaScriptCore.pri

2010-04-09  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Simon Fraser.

        Remove "all" value from the view-mode media feature (as agreed on
        1-Apr-2010) in the Widgets voice conf.

        * css/CSSValueKeywords.in:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::view_modeMediaFeatureEval):

2010-04-09  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57286.
        http://trac.webkit.org/changeset/57286
        https://bugs.webkit.org/show_bug.cgi?id=37312

        "Caused intermittent test failures on all Mac bots."
        (Requested by eseidel on #webkit).

        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::originQuotaManagerNoLock):
        (WebCore::DatabaseTracker::originQuotaManager):
        (WebCore::DatabaseTracker::DatabaseTracker):
        (WebCore::DatabaseTracker::canEstablishDatabase):
        (WebCore::DatabaseTracker::hasEntryForOrigin):
        (WebCore::DatabaseTracker::getMaxSizeForDatabase):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        (WebCore::DatabaseTracker::fullPathForDatabase):
        (WebCore::DatabaseTracker::populateOrigins):
        (WebCore::DatabaseTracker::origins):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::addOpenDatabase):
        (WebCore::DatabaseTracker::removeOpenDatabase):
        (WebCore::DatabaseTracker::usageForOriginNoLock):
        (WebCore::DatabaseTracker::usageForOrigin):
        (WebCore::DatabaseTracker::quotaForOrigin):
        (WebCore::DatabaseTracker::setQuota):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabase):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        * storage/DatabaseTracker.h:
        * storage/SQLTransactionClient.cpp:
        (WebCore::SQLTransactionClient::didExecuteStatement):

2010-04-09  Andras Becsi  <abecsi@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] User agent style sheets are crippled by moc -E in make-css-file-arrays.pl
        https://bugs.webkit.org/show_bug.cgi?id=37296

        Do not use moc to preprocess user agent style sheets because it removes at-symbols
        and hexadecimal colours from declarations.
        Remove unneeded preprocessor usage from make-css-file-arrays.pl since the script
        processes default css files using regular expressions therefore preprocessing is redundant.

        * WebCore.pri: remove --preprocessor usage
        * css/make-css-file-arrays.pl: remove gcc dependency

2010-04-08  Chris Evans  <cevans@chromium.org>

        Reviewed by Sam Weinig.

        Use the new UserGestureIndictor for _blank POST requests.

        https://bugs.webkit.org/show_bug.cgi?id=34541

        Test: fast/events/popup-blocked-to-post-blank.html

        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::processingUserGesture):
          Use UserGestureIndicator in more cases.
        * page/EventHandler.cpp:
        (WebCore::EventHandler):
          Impact from UserGestureIndicator API change.
        (WebCore::FrameLoader::submitForm):
          Block the load immediately if popups are not allowed and it would
          open a new window.
        * loader/RedirectScheduler.cpp:
        (WebCore::ScheduledFormSubmission::ScheduledFormSubmission):
          Note the UserGestureIndicator status at the time of submission.
        (WebCore::ScheduledFormSubmission::fire):
          Use the stored UserGestureIndicator status in the asynchronous
          callback.
        * dom/UserGestureIndicator.h:
        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):
          Add ability to store a negative indication.

2010-03-29  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Simon Fraser.

        Spatial Navigation: proper handle negative x or y coordinates
        https://bugs.webkit.org/show_bug.cgi?id=36773

        In Spatial Navigation logic, during rect acquisition in renderRectRelativeToRootDocument,
        sometimes negative x() or y() values are got, and the current algorithm bails out in
        any of such cases.

        However, when a node is in a scrollable content (content overflow <div>) and
        this scrollable container scrolled up, element gets offscreen, and gets negative values
        for y(), for example. In such cases, they are still valid to be used in Spatial Navigation
        logic.

        Test: fast/events/spatial-navigation/snav-offscreen-content.html

        * page/SpatialNavigation.cpp:
        (WebCore::distanceDataForNode):
        (WebCore::checkNegativeCoordsForNode):

2010-04-08  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Geoffrey Garen.

        Create the creation callback is the current world.
        https://bugs.webkit.org/show_bug.cgi?id=37290

        * bindings/js/JSDatabaseCallback.cpp:
        (WebCore::JSDatabaseCallback::JSDatabaseCallback):

2010-04-08  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        Followup optimization to bug 24300, don't leak history info via CSS :visited.  If a Web
        site uses document colors that are the same for link and vlink in HTML and also doesn't
        specify any :link or :visited rules, then don't waste time resolving visited styles.

        There is a further optimization that could be done to detect when :link and :visited are
        used together in the same rule to specify a color, and this is how most sites turn off
        visited link colors, but this fix doesn't address that.  It just restores the optimization
        that existed prior to the patch in 24300 landing.

        * css/CSSGrammar.y:
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::styleForElement):
        * dom/Document.cpp:
        (WebCore::Document::Document):
        * dom/Document.h:
        (WebCore::Document::usesLinkRules):
        (WebCore::Document::setUsesLinkRules):

2010-04-08  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        Caught by pixel tests.  I missed patching the borderRightColor() call for fieldset border painting so the
        border stopped showing up.
        
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::paintBorderMinusLegend):

2010-04-07  David Hyatt  <hyatt@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=24300, don't leak history info via CSS :visited.

        This patch implements the policy described by David Baron here:
        
        http://dbaron.org/mozilla/visited-privacy
        
        Added new tests in fast/history.

        * WebCore.base.exp:
        Expose functions needed for the WebKit SPI used by layout tests.

        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::isVisited):
        Make sure accessibility objects still return visited information.
        
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        * css/CSSComputedStyleDeclaration.h:
        (WebCore::computedStyle):
        Add a boolean to computed style declarations that - if set - causes the computed style
        to still return :visited information.  For normal Web pages, this will be false.  It is set
        to true for the Web Inspector and by the WebKit SPI used by the layout tests.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::initElement):
        (WebCore::CSSStyleSelector::SelectorChecker::SelectorChecker):
        (WebCore::CSSStyleSelector::SelectorChecker::determineLinkState):
        (WebCore::CSSStyleSelector::SelectorChecker::checkSelector):
        (WebCore::CSSStyleSelector::canShareStyleWithElement):
        (WebCore::CSSStyleSelector::styleForElement):
        (WebCore::CSSStyleSelector::keyframeStylesForAnimation):
        (WebCore::CSSStyleSelector::pseudoStyleForElement):
        (WebCore::CSSStyleSelector::pseudoStyleRulesForElement):
        (WebCore::CSSStyleSelector::checkSelector):
        (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector):
        (WebCore::CSSStyleSelector::applyPropertyToStyle):
        (WebCore::CSSStyleSelector::getColorFromPrimitiveValue):
        * css/CSSStyleSelector.h:
        Rework the style selector to resolve two styles instead of one.  The first forces the link to
        be unvisited, and the second forces the link to be visited.  The real state of the link is 
        cached on the principal (unvisited) style.  The visited style hangs off the principal style
        as a pseudo style (VISITED_LINK).

        * dom/Element.cpp:
        (WebCore::Element::pseudoStyleCacheIsInvalid):
        Make sure to deal with the VISITED_LINK pseudo to know when only :visited style info changed.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::getStyles):
        Let the Web Inspector see :visited computed styles by default.
        
        * platform/LinkHash.cpp:
        (WebCore::visitedURL):
        Fix an issue where <a href=""> is not hashed properly to the document's base URI, so it wasn't
        correctly reported as :visited.

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::paintBoxDecorations):
        (WebCore::InlineFlowBox::paintTextDecorations):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintSelection):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintColumnRules):
        (WebCore::RenderBlock::paintObject):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintBorder):
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::paintBorderMinusLegend):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintFocusRings):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::paintOutline):
        (WebCore::RenderInline::paintOutlineForLine):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::drawLineForBoxSide):
        (WebCore::RenderObject::drawArcForBoxSide):
        (WebCore::RenderObject::paintOutline):
        (WebCore::decorationColor):
        (WebCore::RenderObject::getTextDecorationColors):
        * rendering/RenderObject.h:
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::paint):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::paint):
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::paint):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::collapsedLeftBorder):
        (WebCore::RenderTableCell::collapsedRightBorder):
        (WebCore::RenderTableCell::collapsedTopBorder):
        (WebCore::RenderTableCell::collapsedBottomBorder):
        (WebCore::RenderTableCell::paintCollapsedBorder):
        * rendering/style/CollapsedBorderValue.h:
        (WebCore::CollapsedBorderValue::CollapsedBorderValue):
        (WebCore::CollapsedBorderValue::color):
        (WebCore::CollapsedBorderValue::operator==):
        Patch painting code to fetch visitedDependentColors from the RenderStyle.  Properties that
        are honored include background-color, color, border colors, outline color, column rules,
        and fill and stroke (both SVG and our custom versions).
    
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::RenderStyle):
        (WebCore::RenderStyle::diff):
        (WebCore::borderStyleForColorProperty):
        (WebCore::colorIncludingFallback):
        (WebCore::RenderStyle::visitedDependentColor):
        * rendering/style/RenderStyle.h:
        (WebCore::):
        (WebCore::InheritedFlags::NonInheritedFlags::operator==):
        (WebCore::InheritedFlags::setBitDefaults):
        (WebCore::InheritedFlags::insideLink):
        (WebCore::InheritedFlags::isLink):
        (WebCore::InheritedFlags::setInsideLink):
        (WebCore::InheritedFlags::setIsLink):
        * rendering/style/RenderStyleConstants.h:
        Change how link information is stored.  The noninherited flags now have a bit set for if you're a link
        or not.  The inherited flags now cache whether you're inside a visited or unvisited link (or no link at
        all).

        (WebCore::):
        * svg/graphics/SVGPaintServer.cpp:
        (WebCore::SVGPaintServer::fillPaintServer):
        (WebCore::SVGPaintServer::strokePaintServer):
        Patch SVG fill/stroke painting to honor :visited.

2010-04-08  Benjamin Otte  <otte@gnome.org>

        Reviewed by Gustavo Noronha.

        Fix build with MathML enabled.

        * GNUmakefile.am:

2010-04-08  Daniel Bates  <dbates@rim.com>

        No review, rolling out 56655.
        http://trac.webkit.org/changeset/56655
        https://bugs.webkit.org/show_bug.cgi?id=9268

        Rolling out the change committed in change set 56655
        because it caused a regression in some of the mozilla
        and mozilla expected failure test cases, such as:
        tables/mozilla/marvin/backgr_simple-table-row.html, and
        tables/mozilla/marvin/backgr_simple-table-row-group.html.

        We need to look into this issue some more.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderObject.h:
        * rendering/RenderTableCell.cpp:
        * rendering/RenderTableCell.h:

2010-03-30  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Dimitri Glazkov.

        Refactor DatabaseTracker, part 1: Remove the dependency on
        OriginQuotaManager from DatabaseTracker.h.

        https://bugs.webkit.org/show_bug.cgi?id=31482

        * storage/DatabaseTracker.cpp:
        (originQuotaManager):
        (WebCore::DatabaseTracker::DatabaseTracker):
        (WebCore::DatabaseTracker::canEstablishDatabase):
        (WebCore::DatabaseTracker::hasEntryForOrigin):
        (WebCore::DatabaseTracker::getMaxSizeForDatabase):
        (WebCore::DatabaseTracker::databaseChanged):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        (WebCore::DatabaseTracker::fullPathForDatabase):
        (WebCore::DatabaseTracker::populateOrigins):
        (WebCore::DatabaseTracker::origins):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::removeOpenDatabase):
        (WebCore::DatabaseTracker::usageForOriginNoLock):
        (WebCore::DatabaseTracker::usageForOrigin):
        (WebCore::DatabaseTracker::quotaForOrigin):
        (WebCore::DatabaseTracker::setQuota):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabase):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        * storage/DatabaseTracker.h:
        * storage/SQLTransactionClient.cpp:
        (WebCore::SQLTransactionClient::didExecuteStatement):

2010-04-08  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Replace max with std::max
        https://bugs.webkit.org/show_bug.cgi?id=37201

        std::max is preferred.

        * platform/wince/FileSystemWince.cpp:
        (WebCore::makeAllDirectories):
        (WebCore::pathGetFileName):

2010-04-08  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Laszlo Gombos.

        [EFL] Move AccessibilityObjectEfl.cpp from page to accessibility
        https://bugs.webkit.org/show_bug.cgi?id=36405

        * accessibility/efl/AccessibilityObjectEfl.cpp: Renamed from WebCore/page/efl/AccessibilityObjectEfl.cpp.
        (WebCore::AccessibilityObject::accessibilityIgnoreAttachment):

2010-04-08  Pavel Feldman  <pfeldman@chromium.org>

        Reviewed by Yury Semikhatsky.

        Web Inspector: Render Load, DOM Content and MarkTimeline event dividers on Timeline panel.

        https://bugs.webkit.org/show_bug.cgi?id=37267

        * English.lproj/localizedStrings.js:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::mainResourceFiredDOMContentEvent):
        (WebCore::InspectorController::mainResourceFiredLoadEvent):
        * inspector/InspectorController.h:
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::didMarkDOMContentEvent):
        (WebCore::InspectorTimelineAgent::didMarkLoadEvent):
        * inspector/InspectorTimelineAgent.h:
        (WebCore::):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourcesPanel.prototype.updateGraphDividersIfNeeded):
        * inspector/front-end/TimelineAgent.js:
        * inspector/front-end/TimelineGrid.js:
        (WebInspector.TimelineGrid.prototype.removeEventDividers):
        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel):
        (WebInspector.TimelinePanel.prototype.get _recordStyles):
        (WebInspector.TimelinePanel.prototype._updateMarks):
        (WebInspector.TimelinePanel.prototype._innerAddRecordToTimeline):
        (WebInspector.TimelinePanel.prototype._clearPanel):
        (WebInspector.TimelinePanel.prototype._refresh):
        (WebInspector.TimelinePanel.prototype._refreshRecords):
        (WebInspector.TimelineCalculator.prototype.computeBarGraphWindowPosition):
        (WebInspector.TimelineRecordGraphRow.prototype.update):
        * inspector/front-end/inspector.css:
        (.resources-event-divider):
        (.resources-red-divider):
        (.resources-blue-divider):
        (.resources-orange-divider):

2010-04-01  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by David Hyatt.

        [Qt] REGRESSION:(r50665) QWebFrame::setScrollBarPolicy(Qt::Vertical,Qt::ScrollBarAlwaysOff) has no effect.
        https://bugs.webkit.org/show_bug.cgi?id=29431

        Test: fast/overflow/scrollbar-restored-and-then-locked.html

        Patch introduces a lock scrollbars concept to ScrollView, as in WebDynamicScrollBarsView.mm/h
        on WebKit/mac. It is needed because in QtWebKit, we have Api for setting both vertical and
        horizontal scrollbars on/off/auto. When it is set to off, for example, it should remain
        as such, unless unset.

        For the locking concept, optional 'lock' parameters were added to setScrollbarModes,
        setHorizontalScrollbarMode and setVerticalScrollbarMode methods of ScrollView. As these
        are all optional, any previous code calling them do not need modification.

        Two optional parameters were also added to Frame's createView method, for horizontal and vertical
        lock state persistence cross page loads.

        * page/Frame.cpp:
        (WebCore::Frame::createView):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::ScrollView):
        (WebCore::ScrollView::setScrollbarModes):
        (WebCore::ScrollView::setHorizontalScrollbarMode):
        (WebCore::ScrollView::setVerticalScrollbarMode):
        * platform/ScrollView.h:
        (WebCore::ScrollView::setHorizontalScrollbarLock):
        (WebCore::ScrollView::isHorizontalScrollbarLocked):
        (WebCore::ScrollView::setVerticalScrollbarLock):
        (WebCore::ScrollView::isVerticalScrollbarLocked):
        (WebCore::ScrollView::setScrollingModesLocked):

2010-04-08  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Correctly save number of properties when object being serialized
        have properties in its prorotype.

        https://bugs.webkit.org/show_bug.cgi?id=37263

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::ZigZag::Serializer::AbstractObjectState::AbstractObjectState):
        (WebCore::ZigZag::Serializer::AbstractObjectState::advance):

2010-04-08  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Yury Semikhatsky.

        IDB callbacks should fire asynchronously
        https://bugs.webkit.org/show_bug.cgi?id=37265

        Fix the firing behavior of the callbacks to not be synchronous.

        There's still a major bug that I'm trying to track down that is keeping
        us from testing this stuff.  Promise lots of tests ASAP.

        * bindings/v8/custom/V8CustomIDBCallbacks.h:
        (WebCore::V8CustomIDBCallbacks::onSuccessAsync):
        (WebCore::V8CustomIDBCallbacks::onErrorAsync):
        * storage/IDBCallbacks.h:
        (WebCore::IDBCallbacks::IDBCallbacks):
        (WebCore::IDBCallbacks::onSuccess):
        (WebCore::IDBCallbacks::onError):
        (WebCore::IDBCallbacks::timerFired):
        * storage/IndexedDatabaseRequest.cpp:

2010-04-08  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        willValidate doesn't need to check existence of a form element and a name attribute.
        https://bugs.webkit.org/show_bug.cgi?id=34733

        Remove checks against m_form and m_hasName in
        HTMLFormControlElement::willValidate(), and remove the code to
        track their updates.

        Test: fast/forms/willvalidate.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        (WebCore::HTMLFormControlElement::parseMappedAttribute):
        (WebCore::HTMLFormControlElement::insertedIntoTree):
        (WebCore::HTMLFormControlElement::removedFromTree):
        (WebCore::HTMLFormControlElement::recalcWillValidate):
        (WebCore::HTMLFormControlElement::willValidate):
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        * html/HTMLFormControlElement.h:
        (WebCore::HTMLFormControlElement::formDestroyed):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setInputType):
          setNeedsWillValidateCheck() should be called before
          setAttribute(valueAttr, ...) is called.

2010-04-08  Young Han Lee  <joybro@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Add missing headers
        https://bugs.webkit.org/show_bug.cgi?id=37199

        Include missing headers.

        * platform/graphics/wince/FontCustomPlatformData.cpp:
        * platform/graphics/wince/FontPlatformData.cpp:
        * platform/graphics/wince/GraphicsContextWince.cpp:
        * platform/graphics/wince/ImageBufferWince.cpp:
        * platform/graphics/wince/PlatformPathWince.h:
        * platform/wince/FileSystemWince.cpp:

2010-04-08  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Use WebCore::instanceHandle()
        https://bugs.webkit.org/show_bug.cgi?id=37202

        Page::instanceHandle() is moved to WebCore::instanceHandle().

        * platform/wince/PasteboardWince.cpp:
        (WebCore::Pasteboard::Pasteboard):
        * platform/wince/SharedTimerWince.cpp:
        (WebCore::initializeOffScreenTimerWindow):

2010-04-08  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by Dimitri Glazkov.

        [V8] Fix crash in NodeFilterCondition in detached iframe
        https://bugs.webkit.org/show_bug.cgi?id=37234

        Test: fast/dom/node-filter-detached-iframe-crash.html

        * bindings/v8/V8NodeFilterCondition.cpp:
        (WebCore::V8NodeFilterCondition::acceptNode): Switched to using
        callFunctionWithoutFrame.
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::callFunctionWithoutFrame): Added a function to
        call V8 with no current frame.
        * bindings/v8/V8Proxy.h:

2010-04-08  Jarkko Sakkinen  <jarkko.sakkinen@tieto.com>

        Reviewed by Simon Hausmann.

         [Qt] Remove shaderSource manipulation from GraphicsContext3DQt.cpp
         https://bugs.webkit.org/show_bug.cgi?id=37226

        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3D::shaderSource):

2010-04-08  Chris Evans  <cevans@chromium.org>

        Reviewed by Adam Barth.

        Sanity: apply a max node depth to XML parsing.

        https://bugs.webkit.org/show_bug.cgi?id=37247

        Test: fast/images/svg-nested.html

        * dom/XMLTokenizer.cpp:
        (WebCore::XMLTokenizer::pushCurrentNode):
          Error out the parse upon a really large node depth.

2010-04-07  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Jeremy Orlow.

        Fix Chromium's HTML5 DB support in --single-process mode.
        https://bugs.webkit.org/show_bug.cgi?id=37186.

        Always register and use Chromium's SQLite VFS for
        WebSQLDatabases. Keep using the default VFS in all other
        cases. This change should allow Chromium to support
        WebSQLDatabases in --single-process mode.

        Also, cleaning up a bit SQLiteFileSystemChromium and getting rid
        of the SQLITE_OPEN_FULLMUTEX flag: we use sqlite DB handles only
        on the DB thread, so we don't need multi-threaded support.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::open):
        * platform/sql/SQLiteDatabase.h:
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/sql/SQLiteFileSystem.h:
        * platform/sql/chromium/SQLiteFileSystemChromium.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/sql/chromium/SQLiteFileSystemChromiumPosix.cpp:
        (WebCore::SQLiteFileSystem::registerSQLiteVFS):
        * platform/sql/chromium/SQLiteFileSystemChromiumWin.cpp:
        (WebCore::SQLiteFileSystem::registerSQLiteVFS):
        * storage/Database.cpp:
        (WebCore::Database::performOpenAndVerify):

2010-04-07  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Steve Falkenburg.

        Remove QuartzCoreInterface from the build
        
        No longer needed since QuartzCore.dll is now included in  the latest Safari release (4.0.5).
        This gets rid of all the function shims from the clients of QuartzCore.dll.

        * platform/graphics/win/GraphicsLayerCACF.cpp:
        (WebCore::GraphicsLayerCACF::updateLayerPreserves3D):
        * platform/graphics/win/WKCACFLayer.cpp:
        (WebCore::toCACFLayerType):
        (WebCore::toCACFContentsGravityType):
        (WebCore::fromCACFContentsGravityType):
        (WebCore::toCACFFilterType):
        (WebCore::fromCACFFilterType):
        (WebCore::WKCACFLayer::isTransformLayer):
        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::createRenderer):

2010-04-07  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57178.
        http://trac.webkit.org/changeset/57178
        https://bugs.webkit.org/show_bug.cgi?id=37240

        Caused chromium browser_test and ui_test regressions
        (Requested by ojan on #webkit).

        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::processingUserGesture):

2010-04-07  Jian Li  <jianli@chromium.org>

        Reviewed by Adam Barth and Dmitry Titov.

        Add the comment and assert that we're generating version 4 random number
        based UUIDs.
        https://bugs.webkit.org/show_bug.cgi?id=36472

        * platform/UUID.cpp:
        (WebCore::createCanonicalUUIDString):
        * platform/UUID.h:

2010-04-07  Erik Arvidsson  <arv@chromium.org>

        Reviewed by Adam Barth.

        Allow white listing access from origin to local origin.
        https://bugs.webkit.org/show_bug.cgi?id=37228

        This makes it possible to load a local resource from a non local
        origin if the access has previously been white listed by calling
        SecurityOrigin::whiteListAccessFromOrigin.

        Test: http/tests/security/local-image-from-remote-whitelisted.html

        * page/OriginAccessEntry.cpp:
        (WebCore::OriginAccessEntry::OriginAccessEntry): Removed assert that only the http and https protocol are valid.
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::canRequest): Use isAccessWhiteListed
        (WebCore::SecurityOrigin::isAccessWhiteListed): Extracted code that goes through the originAccessMap to do the origin matching.
        (WebCore::SecurityOrigin::canLoad): Check if access has been white listed.
        * page/SecurityOrigin.h: Add private function isAccessWhiteListed

2010-04-07  Luiz Agostini  <luiz.agostini@openbossa.org>

        Reviewed by Darin Adler.

        Adding static method zero() to classes IntPoint and FloatPoint.
        https://bugs.webkit.org/show_bug.cgi?id=37220

        Adding static method zero() to classes IntPoint and FloatPoint as suggested by Darin Adler.

        * platform/graphics/FloatPoint.h:
        (WebCore::FloatPoint::zero):
        * platform/graphics/IntPoint.h:
        (WebCore::IntPoint::zero):
        (WebCore::IntPoint::clampNegativeToZero):

2010-04-07  Alexey Proskuryakov  <ap@apple.com>

        * platform/network/mac/AuthenticationMac.mm: Fix a typo in comment.

2010-04-07  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37230
        <rdar://problem/7813115> REGRESSION (4.0.5): Safari asks for credentials all the time when
        authenticating to Windows IIS Server

        * platform/network/ProtectionSpace.h: (WebCore::ProtectionSpaceAuthenticationScheme): Added
        a constant for ProtectionSpaceAuthenticationSchemeUnknown.

        * platform/network/cf/AuthenticationCF.cpp: (WebCore::core):
        * platform/network/cf/SocketStreamHandleCFNet.cpp: (WebCore::authenticationSchemeFromAuthenticationMethod):
        Return ProtectionSpaceAuthenticationSchemeUnknown for unknown scheme.

        * platform/network/mac/AuthenticationMac.mm:
        (WebCore::mac): Support NTLM on systems older than 10.6. We actually get this string from
        NSURLConnection, even though there was no public constant.
        (WebCore::core): Return ProtectionSpaceAuthenticationSchemeUnknown for unknown scheme.

2010-04-07  Jaime Yap  <jaimeyap@google.com>

        Reviewed by Pavel Feldman.

        Adds the ability to get the function symbol name when looking up the call location
        for records sent by the InspectorTimelineAgent.
        https://bugs.webkit.org/show_bug.cgi?id=36839

        No new tests.

        * bindings/js/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::callLocation):
        * bindings/js/ScriptCallStack.h:
        * bindings/v8/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::create):
        (WebCore::ScriptCallStack::callLocation):
        (WebCore::ScriptCallStack::ScriptCallStack):
        * bindings/v8/ScriptCallStack.h:
        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::createUtilityContext):
        (WebCore::ScriptDebugServer::topStackFrame):
        * bindings/v8/ScriptDebugServer.h:
        (WebCore::ScriptDebugServer::utilityContext):
        * bindings/v8/V8Proxy.cpp:
        * bindings/v8/V8Proxy.h:
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGenericRecord):

2010-04-07  Jay Civelli  <jcivelli@chromium.org>

        Reviewed by Jian Li.

        [chromium] Fixing a NULL pointer being dereferenced in some cases.
        https://bugs.webkit.org/show_bug.cgi?id=37141

        Test: platform/chromium/fast/forms/search-popup-crasher.html

        * platform/chromium/PopupMenuChromium.cpp:
        (WebCore::PopupMenu::~PopupMenu):

2010-04-07  Kinuko Yasuda  <kinuko@chromium.org>

        Reviewed by Jian Li.

        Add skeleton FileStream module for providing sync file operations for FileAPI
        https://bugs.webkit.org/show_bug.cgi?id=37217

        For now the module just defines an interface and is almost empty.
        Implementation will be added.

        No new tests; will be added when we have complete implementation.

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * html/FileStream.cpp: Added.
        * html/FileStream.h: Added.
        * html/FileStreamClient.h: Added.
        * html/FileThread.cpp:
        (WebCore::SameFilePredicate::SameFilePredicate):
        (WebCore::SameFilePredicate::operator()):
        (WebCore::FileThread::unscheduleTasks):
        * html/FileThread.h:
        (WebCore::FileThread::Task::stream):
        (WebCore::FileThread::Task::Task):

2010-04-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Remove some unnecessary uses of commonJSGlobalData
        https://bugs.webkit.org/show_bug.cgi?id=37229

        Pass the ExecState down to identifierFromNPIdentifier and update call sites

        * bridge/NP_jsobject.cpp:
        (_NPN_Invoke):
        (_NPN_GetProperty):
        (_NPN_SetProperty):
        (_NPN_RemoveProperty):
        (_NPN_HasProperty):
        (_NPN_HasMethod):
        * bridge/c/c_instance.cpp:
        (JSC::Bindings::CInstance::getPropertyNames):
        * bridge/c/c_utility.cpp:
        (JSC::Bindings::identifierFromNPIdentifier):
        * bridge/c/c_utility.h:

2010-04-07  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Darin Adler.

        Poor rendering on lala.com with frame flattening
        https://bugs.webkit.org/show_bug.cgi?id=37164

        Do not flatten offscreen iframes.

        Test: fast/frames/flattening/iframe-flattening-offscreen.html

        * rendering/RenderPartObject.cpp:
        (WebCore::RenderPartObject::flattenFrame):
        * rendering/RenderPartObject.h:

2010-04-07  Abhishek Arya  <inferno@chromium.org>

        Reviewed by Adam Barth.

        [V8] Add a missing check for constructor call in WebKitPointConstructor.
        https://bugs.webkit.org/show_bug.cgi?id=37210

        Test: fast/constructors/constructor-as-function-crash.html

        * bindings/v8/custom/V8WebKitPointConstructor.cpp:
        (WebCore::V8WebKitPoint::constructorCallback): Added a check for constructor call.

2010-04-07  Enrica Casucci  <enrica@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37219
        
        This change disables text caret for the iPhone platflorm.
        Added UNUSED_PARAM to build when ENABLE_TEXT_CARET is 0.

        * editing/SelectionController.cpp:
        (WebCore::SelectionController::recomputeCaretRect):
        (WebCore::SelectionController::paintCaret):
        * page/Frame.cpp:
        (WebCore::Frame::paintDragCaret):

2010-04-07  Enrica Casucci  <enrica@apple.com>

        Reviewed by Dave Hyatt.

        Text repainting does not account for glyphs which draw outside the typographic bounds of the font (6274).
        <rdar://problem/6649734>
        <https://bugs.webkit.org/show_bug.cgi?id=6274>
        
        In order to be able to handle successfully this case, it is necessary to change the glyph width cache to store
        the bounding box for the glyph instead of the simply caching the glyph width.
        Retrieving the bounding box for the glyph is expensive, therefore we do it only
        when we are rendering text using the complex text path to minimize the performance impact.
        To support characters with stacked diacritics, the method canUseGlyphCache has been modified to
        return false for the range of characters with stacked diacritics.
        The glyph cache has been also updated to allow storing the glyph bounding box together with the
        horizontal width. The bounding box is populated only for complex text.
        
        The original version of this patch has been written by Dan Bernstein.

        Test: fast/repaint/stacked-diacritics.html

        * Android.mk: File name change.
        * GNUmakefile.am: File name change.
        * WebCore.base.exp: Added parameter in exported function.
        * WebCore.gypi: File name change.
        * WebCore.vcproj/WebCore.vcproj: File name change.
        * WebCore.xcodeproj/project.pbxproj: File name change.
        * platform/graphics/Font.cpp:
        (WebCore::Font::floatWidth): Added glyphOverflow parameter.
        * platform/graphics/Font.h:
        (WebCore::GlyphOverflow::GlyphOverflow): Added.
        (WebCore::Font::width): Added glyphOverflow parameter.
        * platform/graphics/FontFastPath.cpp:
        (WebCore::Font::canUseGlyphCache): Modified to render characters with stacked diacritics with complex text path.
        * platform/graphics/GlyphMetricsMap.cpp: Copied from WebCore/platform/graphics/GlyphWidthMap.cpp.
        (WebCore::GlyphMetricsMap::locatePageSlowCase): Class name changed to reflect new semantics.
        * platform/graphics/GlyphMetricsMap.h: Copied from WebCore/platform/graphics/GlyphWidthMap.h.
        (WebCore::GlyphMetricsMap::GlyphMetricsMap):
        (WebCore::GlyphMetricsMap::~GlyphMetricsMap):
        (WebCore::GlyphMetricsMap::metricsForGlyph):
        (WebCore::GlyphMetricsMap::widthForGlyph):
        (WebCore::GlyphMetricsMap::setMetricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::metricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForGlyph):
        (WebCore::GlyphMetricsMap::GlyphMetricsPage::setMetricsForIndex):
        (WebCore::GlyphMetricsMap::locatePage):
        * platform/graphics/GlyphWidthMap.cpp: Removed.
        * platform/graphics/GlyphWidthMap.h: Removed.
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::platformGlyphInit):
        * platform/graphics/SimpleFontData.h:
        (WebCore::):
        (WebCore::SimpleFontData::widthForGlyph):
        (WebCore::SimpleFontData::metricsForGlyph):
        * platform/graphics/cairo/SimpleFontDataCairo.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/chromium/FontChromiumWin.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/chromium/FontLinux.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/chromium/SimpleFontDataChromiumWin.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/chromium/SimpleFontDataLinux.cpp:
        (WebCore::SimpleFontData::platformWidthForGlyph): Name and signature vachange
        * platform/graphics/efl/FontEfl.cpp:
        (WebCore::Font::floatWidthForComplexText): Name and signature change.
        * platform/graphics/gtk/SimpleFontDataPango.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/haiku/FontHaiku.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/haiku/SimpleFontDataHaiku.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::ComplexTextController):
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextController.h:
        (WebCore::ComplexTextController::minGlyphBoundingBoxX):
        (WebCore::ComplexTextController::maxGlyphBoundingBoxX):
        (WebCore::ComplexTextController::minGlyphBoundingBoxY):
        (WebCore::ComplexTextController::maxGlyphBoundingBoxY):
        * platform/graphics/mac/FontComplexTextMac.cpp:
        (WebCore::Font::floatWidthForComplexText): Added paramter.
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/qt/FontQt.cpp:
        (WebCore::Font::floatWidthForComplexText): Added paramter.
        * platform/graphics/win/FontWin.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::SimpleFontData::metricsForGDIGlyph):
        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::UniscribeController):
        (WebCore::UniscribeController::shapeAndPlaceItem):
        * platform/graphics/win/UniscribeController.h:
        (WebCore::UniscribeController::minGlyphBoundingBoxX):
        (WebCore::UniscribeController::maxGlyphBoundingBoxX):
        (WebCore::UniscribeController::minGlyphBoundingBoxY):
        (WebCore::UniscribeController::maxGlyphBoundingBoxY):
        * platform/graphics/wince/FontWince.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/wx/FontWx.cpp:
        (WebCore::Font::floatWidthForComplexText): Added parameter.
        * platform/graphics/wx/SimpleFontDataWx.cpp:
        (WebCore::SimpleFontData::platformMetricsForGlyph): Name and signature change.
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesHorizontally):
        (WebCore::InlineFlowBox::computeLogicalBoxHeights):
        (WebCore::InlineFlowBox::computeVerticalOverflow):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::setFallbackFonts):
        (WebCore::InlineTextBox::fallbackFonts):
        (WebCore::InlineTextBox::setGlyphOverflow):
        (WebCore::InlineTextBox::glyphOverflow):
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::clearGlyphOverflowAndFallbackFontMap): Added.
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::computeHorizontalPositionsForLine):
        (WebCore::RenderBlock::layoutInlineChildren):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::RenderText):
        (WebCore::RenderText::styleDidChange):
        (WebCore::RenderText::widthFromCache):
        (WebCore::RenderText::trimmedPrefWidths):
        (WebCore::RenderText::calcPrefWidths):
        (WebCore::RenderText::setText):
        (WebCore::RenderText::width):
        * rendering/RenderText.h:

2010-04-07  Joseph Pecoraro  <joepeck@webkit.org>

        Reviewed by Darin Adler.

        Fix incorrect white-space in WebGLRenderingContext.idl
        https://bugs.webkit.org/show_bug.cgi?id=31339

        * html/canvas/WebGLRenderingContext.idl: Remove offending extra whitespace.

2010-04-07  Rodrigo Belem  <rodrigo.belem@openbossa.org>

        Reviewed by Simon Hausmann.

        [Qt] The build system is not installing the generated headers (QGraphicsWebView, QWebDatabase, etc)
        https://bugs.webkit.org/show_bug.cgi?id=37173

        This patch sets the correct path to the classheaders.pri and then
        fixes the installation of the generated headers.

        * WebCore.pro:

2010-04-05  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Kenneth Christiansen.

        Spatial Navigation: bail out as soon as algorithm finds a focus candidate is not applicable
        https://bugs.webkit.org/show_bug.cgi?id=37135

        It happens, for example, when distanceDataForNode assigns numeric_limits<long long> to
        current focus candidate's. It means that current candidate is not in direction, or not
        a valid target node.

        * page/FocusController.cpp:
        (WebCore::FocusController::findFocusableNodeInDirection):

2010-04-07  Andrey Kosyakov  <caseq@chromium.org>

        Reviewed by Yury Semikhatsky.

        Removed inspector methods from ScriptExecutionContext and derived classes.
        Removed MessageDestination parameter from console-related calls (we now always
        log to the same destination(s)).
        Removed redundant FrameLoaderClient::dispatchDidLoadResourceByXMLHttpRequest()
        https://bugs.webkit.org/show_bug.cgi?id=36949

        * dom/Document.cpp:
        (WebCore::Document::reportException):
        (WebCore::Document::addMessage):
        * dom/Document.h:
        * dom/ScriptExecutionContext.h:
        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::dispatchDidLoadResourceFromMemoryCache):
        * loader/FrameLoaderClient.h:
        * loader/ResourceLoadNotifier.cpp:
        * loader/ResourceLoadNotifier.h:
        * websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::didOpen):
        (WebCore::WebSocketChannel::appendToBuffer):
        * websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::readServerHandshake):
        (WebCore::WebSocketHandshake::readHTTPHeaders):
        (WebCore::WebSocketHandshake::checkResponseHeaders):
        * workers/DefaultSharedWorkerRepository.cpp:
        (WebCore::postConsoleMessageTask):
        (WebCore::SharedWorkerProxy::postConsoleMessageToWorkerObject):
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::importScripts):
        (WebCore::WorkerContext::addMessage):
        * workers/WorkerContext.h:
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::postConsoleMessageTask):
        (WebCore::WorkerMessagingProxy::postConsoleMessageToWorkerObject):
        * workers/WorkerMessagingProxy.h:
        * workers/WorkerReportingProxy.h:
        * xml/XMLHttpRequest.cpp:
        (WebCore::reportUnsafeUsage):
        (WebCore::XMLHttpRequest::didFinishLoading):

2010-04-07  Dawit Alemayehu  <adawit@kde.org>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=36827

        Replaced the 'shouldTreatAsAttachment' function with a more generic 
        function that returns the content disposition type.

        See comments 39-42 in https://bugs.webkit.org/show_bug.cgi?id=36395

        * platform/network/HTTPParsers.cpp:
        (WebCore::contentDispositionType):
        * platform/network/HTTPParsers.h:
        (WebCore::):

2010-04-07  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by Yury Semikhatsky.

        [V8] Throw exception in SerializedScriptValue on input errors
        https://bugs.webkit.org/show_bug.cgi?id=37160

        When cycles are detected SerializedScriptValue should throw
        NOT_SUPPORTED_ERR. See
        http://www.whatwg.org/specs/web-apps/2009-10-27/multipage/urls.html#structured-clone

        * bindings/scripts/CodeGeneratorV8.pm: Custom processing for
        function arguments of type SerializedScriptValue.

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        * bindings/v8/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::create): Added a constructor
        function with an extra paratemer to check whether an exception was
        thrown.

        SerializedScriptValue::create callers updated to check for
        exceptions:
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::postMessageCallback):
        * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
        (WebCore::V8DedicatedWorkerContext::postMessageCallback):
        * bindings/v8/custom/V8HistoryCustom.cpp:
        (WebCore::V8History::pushStateCallback):
        (WebCore::V8History::replaceStateCallback):
        * bindings/v8/custom/V8MessagePortCustom.cpp:
        (WebCore::V8MessagePort::postMessageCallback):
        * bindings/v8/custom/V8PopStateEventCustom.cpp:
        (WebCore::V8PopStateEvent::initPopStateEventCallback):
        * bindings/v8/custom/V8WorkerCustom.cpp:
        (WebCore::V8Worker::postMessageCallback):

2010-04-07  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: Provide a placeholder for resources with no content available
        https://bugs.webkit.org/show_bug.cgi?id=37142

        * English.lproj/localizedStrings.js:
        * inspector/front-end/ImageView.js:
        (WebInspector.ImageView):
        (WebInspector.ImageView.prototype.contentTabSelected):
        * inspector/front-end/ResourceView.js:
        (WebInspector.ResourceView.prototype._innerSelectContentTab):
        (WebInspector.ResourceView.prototype.contentTabSelected):
        * inspector/front-end/inspector.css:
        (.resource-content-unavailable):

2010-04-07  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Laszlo Gombos.

        https://bugs.webkit.org/show_bug.cgi?id=36750

        [Qt] Package build without touch support is broken

        Use the conditional attribute instead of #ifdefs in the idl file for the
        touch specific properties, to make the generated files compile with and
        without the touch events enabled.

        * dom/Document.idl: Use conditional instead of #ifdef.
        * dom/Element.idl: Ditto.
        * page/DOMWindow.idl: Ditto.

2010-04-07  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Holger Freyther.

        Add the touch event related IDL files to the idl generation, so that
        they can be safely included from generated JS bindings files. The
        generated files have #ifdef feature guards.

        * DerivedSources.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:

2010-04-06  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Adam Barth.

        V8CustomIDBCallbacks<> should not hold a reference to the frame
        https://bugs.webkit.org/show_bug.cgi?id=37154

        Don't hold on to a Frame reference.
        Instead, be an ActiveDOMObject and use scriptExecutionContext()
        to get the v8 context.
        Factor the guts of onSuccess and onError out.

        Doesn't work enough to test yet.

        * bindings/v8/custom/V8CustomIDBCallbacks.h:
        (WebCore::V8CustomIDBCallbacks::create):
        (WebCore::V8CustomIDBCallbacks::onSuccess):
        (WebCore::V8CustomIDBCallbacks::onError):
        (WebCore::V8CustomIDBCallbacks::V8CustomIDBCallbacks):
        (WebCore::V8CustomIDBCallbacks::onEvent):
        * bindings/v8/custom/V8IndexedDatabaseRequestCustom.cpp:
        (WebCore::V8IndexedDatabaseRequest::openCallback):
        * storage/IDBCallbacks.h:
        (WebCore::IDBCallbacks::IDBCallbacks):

2010-04-07  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r57196.
        http://trac.webkit.org/changeset/57196
        https://bugs.webkit.org/show_bug.cgi?id=37196

        Multiple layout test failures on Chromium (Requested by yurys
        on #webkit).

        * bindings/js/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::callLocation):
        * bindings/js/ScriptCallStack.h:
        * bindings/v8/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::create):
        (WebCore::ScriptCallStack::callLocation):
        (WebCore::ScriptCallStack::ScriptCallStack):
        * bindings/v8/ScriptCallStack.h:
        * bindings/v8/ScriptDebugServer.cpp:
        * bindings/v8/ScriptDebugServer.h:
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::createUtilityContext):
        (WebCore::V8Proxy::sourceLineNumber):
        (WebCore::V8Proxy::sourceName):
        * bindings/v8/V8Proxy.h:
        (WebCore::V8Proxy::utilityContext):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGenericRecord):

2010-04-07  Simon Hausmann  <simon.hausmann@nokia.com>

        Unreviewed, rolling out r57199.
        http://trac.webkit.org/changeset/57199
        https://bugs.webkit.org/show_bug.cgi?id=36750

        Breaks non-touch enabled build

        * dom/Document.idl:
        * dom/Element.idl:
        * page/DOMWindow.idl:

2010-04-07  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Laszlo Gombos.

        https://bugs.webkit.org/show_bug.cgi?id=36750

        [Qt] Package build without touch support is broken

        Use the conditional attribute instead of #ifdefs in the idl file for the
        touch specific properties, to make the generated files compile with and
        without the touch events enabled.

        * dom/Document.idl: Use conditional instead of #ifdef.
        * dom/Element.idl: Ditto.
        * page/DOMWindow.idl: Ditto.

2010-04-07  Jaime Yap  <jaimeyap@google.com>

        Reviewed by Yury Semikhatsky.

        Adds the ability to get the function symbol name when looking up the call location
        for records sent by the InspectorTimelineAgent.
        https://bugs.webkit.org/show_bug.cgi?id=36839

        No new tests.

        * bindings/js/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::callLocation):
        * bindings/js/ScriptCallStack.h:
        * bindings/v8/ScriptCallStack.cpp:
        (WebCore::ScriptCallStack::create):
        (WebCore::ScriptCallStack::callLocation):
        (WebCore::ScriptCallStack::ScriptCallStack):
        * bindings/v8/ScriptCallStack.h:
        * bindings/v8/ScriptDebugServer.cpp:
        (WebCore::ScriptDebugServer::createUtilityContext):
        (WebCore::ScriptDebugServer::lastCallFrame):
        * bindings/v8/ScriptDebugServer.h:
        (WebCore::ScriptDebugServer::utilityContext):
        * bindings/v8/V8Proxy.cpp:
        * bindings/v8/V8Proxy.h:
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGenericRecord):

2010-04-06  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37188
        WebCore::page::Geolocation::m_shouldClearCache is not used.

        * page/Geolocation.cpp:
        (WebCore::Geolocation::Geolocation): Remove m_shouldClearCache.
        * page/Geolocation.h:
        (WebCore::Geolocation::): Ditto.

2010-04-06  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        Remove obsolete MOBILE flag
        https://bugs.webkit.org/show_bug.cgi?id=37125

        The MOBILE flag is no longer used by any of the ports.
        The flag use to control some tokenizer defaults that 
        can be changed runtime.

        No new tests as there is no new functionality.

        * config.h:
        * html/HTMLTokenizer.cpp:

2010-04-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        REGRESSION: Worker termination via JS timeout may cause worker tests like fast/workers/worker-terminate.html fail.
        https://bugs.webkit.org/show_bug.cgi?id=36646

        Cause the worker code to swallow termination exceptions because these
        need not be reported to the user because they are an implementation
        detail of how we terminate worker execution.

        Test: fast/workers/worker-terminate-forever.html

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::reportException):
            - Refuse to report termination exceptions to the user because they
              are an implementation detail.
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::forbidExecution):
            - Instead of using timeouts to stop run away workers, use our fancy
              new Terminator object.

2010-04-06  Kinuko Yasuda  <kinuko@chromium.org>

        Reviewed by Jian Li.

        Add basic FileSystem operations for FileReader/FileWriter support for POSIX (incl. Mac)
        https://bugs.webkit.org/show_bug.cgi?id=36938

        No new tests; will be added when we implement upper layers.

        * platform/FileSystem.h:
        (WebCore::):
        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::openFile):
        (WebCore::closeFile):
        (WebCore::seekFile):
        (WebCore::truncateFile):
        (WebCore::writeToFile):
        (WebCore::readFromFile):

2010-04-06  Nicolas Weber  <thakis@chromium.org>

        Reviewed by Dimitri Glazkov.

        Implement DragImage functionality for chromium/mac.
        https://bugs.webkit.org/show_bug.cgi?id=37069

        * page/chromium/DragControllerChromium.cpp:
        (WebCore::DragController::maxDragImageSize):
        Use a max size of 400x400 on OS X.
        * platform/chromium/DragImageChromiumMac.cpp:
        (WebCore::dragImageSize): Implement.
        (WebCore::deleteDragImage): Implement.
        (WebCore::scaleDragImage): Implement.
        (WebCore::dissolveDragImageToFraction): Implement.
        (WebCore::createDragImageFromImage): Implement.
        * platform/chromium/DragImageRef.h:
        Use CGImageRefs as DragImageRef on OS X.

2010-04-06  Chris Evans  <cevans@chromium.org>

        Reviewed by Adam Barth.

        Use the new UserGestureIndictor to process javascript:window.open()

        https://bugs.webkit.org/show_bug.cgi?id=37138

        * bindings/v8/ScriptController.cpp
        (WebCore::ScriptController::processingUserGesture):
          Use the new UserGestureIndicator when processing a
          javascript:window.open()

2010-04-06  Vangelis Kokkevis  <vangelis@chromium.org>

        Reviewed by Dimitri Glazkov.

        Renaming Graphics Layer related classes used by Chromium from *Skia to *Chromium and replacing wherever possible Skia-specific
        data types with WebCore equivalents. The source files will be renamed accordingly and moved out of platform/graphics/skia
        in a subsequent CL.
        https://bugs.webkit.org/show_bug.cgi?id=37116

        No new functionality so no new tests.

        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/skia/GraphicsLayerSkia.cpp:
        (WebCore::setLayerBorderColor):
        (WebCore::clearBorderColor):
        (WebCore::setLayerBackgroundColor):
        (WebCore::clearLayerBackgroundColor):
        (WebCore::GraphicsLayer::create):
        (WebCore::GraphicsLayerChromium::GraphicsLayerChromium):
        (WebCore::GraphicsLayerChromium::~GraphicsLayerChromium):
        (WebCore::GraphicsLayerChromium::setName):
        (WebCore::GraphicsLayerChromium::nativeLayer):
        (WebCore::GraphicsLayerChromium::setChildren):
        (WebCore::GraphicsLayerChromium::addChild):
        (WebCore::GraphicsLayerChromium::addChildAtIndex):
        (WebCore::GraphicsLayerChromium::addChildBelow):
        (WebCore::GraphicsLayerChromium::addChildAbove):
        (WebCore::GraphicsLayerChromium::replaceChild):
        (WebCore::GraphicsLayerChromium::removeFromParent):
        (WebCore::GraphicsLayerChromium::setPosition):
        (WebCore::GraphicsLayerChromium::setAnchorPoint):
        (WebCore::GraphicsLayerChromium::setSize):
        (WebCore::GraphicsLayerChromium::setTransform):
        (WebCore::GraphicsLayerChromium::setChildrenTransform):
        (WebCore::GraphicsLayerChromium::setPreserves3D):
        (WebCore::GraphicsLayerChromium::setMasksToBounds):
        (WebCore::GraphicsLayerChromium::setDrawsContent):
        (WebCore::GraphicsLayerChromium::setBackgroundColor):
        (WebCore::GraphicsLayerChromium::clearBackgroundColor):
        (WebCore::GraphicsLayerChromium::setContentsOpaque):
        (WebCore::GraphicsLayerChromium::setBackfaceVisibility):
        (WebCore::GraphicsLayerChromium::setOpacity):
        (WebCore::GraphicsLayerChromium::setNeedsDisplay):
        (WebCore::GraphicsLayerChromium::setNeedsDisplayInRect):
        (WebCore::GraphicsLayerChromium::setContentsRect):
        (WebCore::GraphicsLayerChromium::setContentsToImage):
        (WebCore::GraphicsLayerChromium::setContentsToVideo):
        (WebCore::GraphicsLayerChromium::setGeometryOrientation):
        (WebCore::GraphicsLayerChromium::hostLayerForSublayers):
        (WebCore::GraphicsLayerChromium::layerForSuperlayer):
        (WebCore::GraphicsLayerChromium::platformLayer):
        (WebCore::GraphicsLayerChromium::setDebugBackgroundColor):
        (WebCore::GraphicsLayerChromium::setDebugBorder):
        (WebCore::GraphicsLayerChromium::updateSublayerList):
        (WebCore::GraphicsLayerChromium::updateLayerPosition):
        (WebCore::GraphicsLayerChromium::updateLayerSize):
        (WebCore::GraphicsLayerChromium::updateAnchorPoint):
        (WebCore::GraphicsLayerChromium::updateTransform):
        (WebCore::GraphicsLayerChromium::updateChildrenTransform):
        (WebCore::GraphicsLayerChromium::updateMasksToBounds):
        (WebCore::GraphicsLayerChromium::updateContentsOpaque):
        (WebCore::GraphicsLayerChromium::updateBackfaceVisibility):
        (WebCore::GraphicsLayerChromium::updateLayerPreserves3D):
        (WebCore::GraphicsLayerChromium::updateLayerDrawsContent):
        (WebCore::GraphicsLayerChromium::updateLayerBackgroundColor):
        (WebCore::GraphicsLayerChromium::updateContentsImage):
        (WebCore::GraphicsLayerChromium::updateContentsVideo):
        (WebCore::GraphicsLayerChromium::updateContentsRect):
        (WebCore::GraphicsLayerChromium::updateGeometryOrientation):
        (WebCore::GraphicsLayerChromium::setupContentsLayer):
        (WebCore::GraphicsLayerChromium::updateOpacityOnLayer):
        * platform/graphics/skia/GraphicsLayerSkia.h:
        (WebCore::GraphicsLayerChromium::primaryLayer):
        (WebCore::GraphicsLayerChromium::contentsLayer):
        * platform/graphics/skia/LayerRendererSkia.cpp:
        (WebCore::LayerRendererChromium::create):
        (WebCore::LayerRendererChromium::LayerRendererChromium):
        (WebCore::LayerRendererChromium::~LayerRendererChromium):
        (WebCore::LayerRendererChromium::updateLayerContents):
        (WebCore::LayerRendererChromium::drawLayersInCanvas):
        (WebCore::LayerRendererChromium::drawLayerInCanvasRecursive):
        (WebCore::LayerRendererChromium::updateLayerContentsRecursive):
        * platform/graphics/skia/LayerRendererSkia.h:
        (WebCore::LayerRendererChromium::setRootLayer):
        (WebCore::LayerRendererChromium::rootLayer):
        * platform/graphics/skia/LayerSkia.cpp:
        (WebCore::LayerChromium::create):
        (WebCore::LayerChromium::LayerChromium):
        (WebCore::LayerChromium::~LayerChromium):
        (WebCore::LayerChromium::updateGraphicsContext):
        (WebCore::LayerChromium::updateContents):
        (WebCore::LayerChromium::drawDebugBorder):
        (WebCore::LayerChromium::setNeedsCommit):
        (WebCore::LayerChromium::addSublayer):
        (WebCore::LayerChromium::insertSublayer):
        (WebCore::LayerChromium::removeFromSuperlayer):
        (WebCore::LayerChromium::removeSublayer):
        (WebCore::LayerChromium::indexOfSublayer):
        (WebCore::LayerChromium::setBackingStoreRect):
        (WebCore::LayerChromium::setBounds):
        (WebCore::LayerChromium::setFrame):
        (WebCore::LayerChromium::rootLayer):
        (WebCore::LayerChromium::removeAllSublayers):
        (WebCore::LayerChromium::setSublayers):
        (WebCore::LayerChromium::setSuperlayer):
        (WebCore::LayerChromium::superlayer):
        (WebCore::LayerChromium::setNeedsDisplay):
        * platform/graphics/skia/LayerSkia.h:
        (WebCore::LayerChromium::setAnchorPoint):
        (WebCore::LayerChromium::anchorPoint):
        (WebCore::LayerChromium::borderWidth):
        (WebCore::LayerChromium::bounds):
        (WebCore::LayerChromium::frame):
        (WebCore::LayerChromium::setPosition):
        (WebCore::LayerChromium::position):
        (WebCore::LayerChromium::zPosition):
        (WebCore::LayerChromium::getSublayers):
        (WebCore::LayerChromium::setSublayerTransform):
        (WebCore::LayerChromium::sublayerTransform):
        (WebCore::LayerChromium::setTransform):
        (WebCore::LayerChromium::transform):

2010-04-06  Jarkko Sakkinen  <jarkko.j.sakkinen@gmail.com>

        Reviewed by Laszlo Gombos.

        [Qt] WebKit does not build on Windows with --3d-canvas
        https://bugs.webkit.org/show_bug.cgi?id=37026

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/qt/GraphicsContext3DQt.cpp:
        (WebCore::GraphicsContext3D::getActiveAttrib):
        (WebCore::GraphicsContext3D::getActiveUniform):

2010-04-06  Abhinav Mithal <abhinav.mithal@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] npapi header leaves XP_WIN flag defined even when __SYMBIAN32__ flag is found
        https://bugs.webkit.org/show_bug.cgi?id=34614

        Do not define XP_WIN if WebKit is compiled for Symbian.

        No new tests as there is no new functionality.

        * bridge/npapi.h:

2010-04-06  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        aria-label doesn't work on image map area
        https://bugs.webkit.org/show_bug.cgi?id=36977

        Test: platform/mac/accessibility/area-with-aria-label.html

        * accessibility/AccessibilityImageMapLink.cpp:
        (WebCore::AccessibilityImageMapLink::accessibilityDescription):

2010-04-06  James Robinson  <jamesr@chromium.org>

        Reviewed by Simon Fraser.

        Reverts the incorrect fixed position fastpath scrolling logic
        https://bugs.webkit.org/show_bug.cgi?id=33150

        This code does not properly handle overflow or transforms on fixed
        position elements, causing repaint bugs on scroll.

        No new tests.

        * page/FrameView.cpp:
        (WebCore::FrameView::addFixedObject):
        (WebCore::FrameView::removeFixedObject):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollContents):
        * platform/ScrollView.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::styleWillChange):

2010-04-06  Kevin Ollivier  <kevino@theolliviers.com>

        [wx] Build fix for wxMac / Cocoa on wx trunk.
        
        * platform/wx/wxcode/mac/carbon/fontprops.mm:
        (wxFontContainsCharacters):

2010-04-06  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Darin Adler.

        JS code generator does not support feature conditional attributes that are writable
        https://bugs.webkit.org/show_bug.cgi?id=37149

        Write out the feature #ifdef not only for the getter, but also for the setter
        function.

        * bindings/scripts/CodeGeneratorJS.pm:

2010-04-06  Evan Stade  <estade@chromium.org>

        Reviewed by Dimitri Glazkov.

        [chromium] need DragImage implementation
        https://bugs.webkit.org/show_bug.cgi?id=35811

        Use the DragImageRef that the DragController passes to us.

        This was previously committed but rolled back for breaking layout
        tests. The fix is on the WebKit/chromium side.

        * WebCore.gyp/WebCore.gyp:
        * WebCore.gypi:
        * platform/chromium/DragImageChromium.cpp: Removed.
        * platform/chromium/DragImageChromiumMac.cpp: Added.
        (WebCore::dragImageSize):
        (WebCore::deleteDragImage):
        (WebCore::scaleDragImage):
        (WebCore::dissolveDragImageToFraction):
        (WebCore::createDragImageFromImage):
        (WebCore::createDragImageIconForCachedImage):
        * platform/chromium/DragImageChromiumSkia.cpp: Added.
        (WebCore::dragImageSize):
        (WebCore::deleteDragImage):
        (WebCore::scaleDragImage):
        (WebCore::dissolveDragImageToFraction):
        (WebCore::createDragImageFromImage):
        (WebCore::createDragImageIconForCachedImage):
        * platform/chromium/DragImageRef.h:

2010-04-01  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Darin Adler.

        Fix bug: CSS3 :not selector with ID simple selector sequence test fails
        As per http://www.w3.org/TR/css3-selectors/#negation, :not(X) takes a simple selector as an argument.
        WebKit was accepting a simple selector *sequence*.
        This patch adds WebCore::CSSSelector::isSimple which judges if the selector is simple.
        The method is used in CSSGrammar.y to decide whether to accept the selector as the argument of :not().
        https://bugs.webkit.org/show_bug.cgi?id=36276

        Test: fast/css/invalid-not-with-simple-selector-sequence.html

        * css/CSSGrammar.y:
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::isSimple):
        * css/CSSSelector.h:

2010-04-06  Andy Estes  <aestes@apple.com>

        Rubber-stamped by Dan Bernstein.

        Remove non-ASCII characters from license headers to fix build errors on
        Japanese Windows.

        https://bugs.webkit.org/show_bug.cgi?id=37008

        * dom/UserGestureIndicator.cpp:
        * dom/UserGestureIndicator.h:

2010-04-06  Andrei Popescu  <andreip@google.com>

        Reviewed by Dimitri Glazkov.

        [V8][Android] PageCache crashes when JavaScript is disabled
        https://bugs.webkit.org/show_bug.cgi?id=37150

        This patch ensures that saving and restoration of the script
        state only happens when JS is enabled and each frame has a
        non-null context.

        No new tests: existing tests show the feature is working
        when JS is enabled. When JS is disabled, manual testing
        is required.

        * bindings/v8/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
        (WebCore::ScriptCachedFrameData::restore):

2010-04-06  Ilya Tikhonovsky  <loislo@chromium.org>

        Unreviewed build fix.

        Web Inspector: missed files were added.


        * GNUmakefile.am:
        * bindings/js/ScriptGCEvent.h: Added.
        (WebCore::ScriptGCEvent::addEventListener):
        (WebCore::ScriptGCEvent::removeEventListener):
        (WebCore::ScriptGCEvent::getHeapSize):
        * bindings/v8/ScriptGCEvent.cpp: Added.
        (WebCore::ScriptGCEvent::addEventListener):
        (WebCore::ScriptGCEvent::removeEventListener):
        (WebCore::ScriptGCEvent::getHeapSize):
        (WebCore::ScriptGCEvent::getUsedHeapSize):
        (WebCore::ScriptGCEvent::gcPrologueCallback):
        (WebCore::ScriptGCEvent::gcEpilogueCallback):
        * bindings/v8/ScriptGCEvent.h: Added.
        * inspector/ScriptGCEventListener.h: Added.
        (WebCore::ScriptGCEventListener::~ScriptGCEventListener):

2010-04-06  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Pavel Feldman.

        Web Inspector: The JS code can be not optimal from memory usage point of view.
        As example it can generate a lot of temp objects and GC will spend significant time to collect these objects.
        GC event will show us these moments. Also each event can show us how much memory is in use.
        https://bugs.webkit.org/show_bug.cgi?id=37025

        * WebCore.gypi:
        * WebCore.pro:
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
        (WebCore::InspectorTimelineAgent::pushGCEventRecords):
        (WebCore::InspectorTimelineAgent::didGC):
        (WebCore::InspectorTimelineAgent::~InspectorTimelineAgent):
        (WebCore::InspectorTimelineAgent::didInstallTimer):
        (WebCore::InspectorTimelineAgent::didRemoveTimer):
        (WebCore::InspectorTimelineAgent::willSendResourceRequest):
        (WebCore::InspectorTimelineAgent::didFinishLoadingResource):
        (WebCore::InspectorTimelineAgent::didMarkTimeline):
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        (WebCore::InspectorTimelineAgent::setHeapSizeStatistic):
        (WebCore::InspectorTimelineAgent::didCompleteCurrentRecord):
        (WebCore::InspectorTimelineAgent::pushCurrentRecord):
        * inspector/InspectorTimelineAgent.h:
        (WebCore::):
        (WebCore::InspectorTimelineAgent::instanceCount):
        (WebCore::InspectorTimelineAgent::TimelineRecordEntry::TimelineRecordEntry):
        (WebCore::InspectorTimelineAgent::GCEvent::GCEvent):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGCEventData):
        * inspector/TimelineRecordFactory.h:
        * inspector/front-end/Popover.js:
        (WebInspector.PopoverHelper.prototype._mouseHover):
        * inspector/front-end/TimelineAgent.js:
        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype.get _recordStyles):
        (WebInspector.TimelinePanel.FormattedRecord):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._generatePopupContent):
        (WebInspector.TimelinePanel.FormattedRecord.prototype._getRecordDetails):

2010-04-05  Antonio Gomes  <tonikitoo@webkit.org>

        Reviewed by Laszlo Gombos.

        Remove unused DIRECTIONAL_PAD_NAVIGATION
        https://bugs.webkit.org/show_bug.cgi?id=37134

        Android browser was planning to have a "directional pad navigation" available on
        trunk, guarded by a build flag named DIRECTIONAL_PAD_NAVIGATION, but according to
        https://bugs.webkit.org/show_bug.cgi?id=23145#c3 , the plan was dropped.

        However bug 23163 landed some code relying on the build flag supposedly to be added,
        and is now dead code in trunk.

        * dom/Element.cpp:
        (WebCore::Element::updateFocusAppearance):

2010-04-06  Mattias Nissler  <mnissler@chromium.org>

        Reviewed by Pavel Feldman.

        Rework inspector docking to issue a request call from the frontend
        whenever the user triggers to (un)dock the inspector window. Doing so
        enables InspectorFrontendHost implementations to asynchronously decide
        whether the window is docked or not. The old canAttachWindow() is not
        required anymore, remove it.
        https://bugs.webkit.org/show_bug.cgi?id=36944

        * inspector/InspectorFrontendClient.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::requestAttachWindow):
        * inspector/InspectorFrontendClientLocal.h:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::requestAttachWindow):
        * inspector/InspectorFrontendHost.h:
        * inspector/InspectorFrontendHost.idl:
        * inspector/front-end/inspector.js:
        (WebInspector.toggleAttach):

2010-04-06  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by Yury Semikhatsky.

        [V8] Extend the set of types supported by SerializedScriptValue
        https://bugs.webkit.org/show_bug.cgi?id=37052

        New types include sparse arrays, Uint32, Date, and ImageData.

        Serialization process became more flexible. A state can either
        directly write primitive values (instead of returning them like
        iterator) or construct a new state for serializing complex values
        that will return to the current state when done.

        Deserialization process now avoids exposing the tags using a set
        of factory functions for complex objects instead.

        Internal buffer type changed to uint8_t to be independent of
        whether char is signed or not.

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::):
        (WebCore::Writer::Writer):
        (WebCore::Writer::writeString):
        (WebCore::Writer::writeUint32):
        (WebCore::Writer::writeDate):
        (WebCore::Writer::writeNumber):
        (WebCore::Writer::writeImageData):
        (WebCore::Writer::writeArray):
        (WebCore::Writer::writeObject):
        (WebCore::Writer::writeSparseArray):
        (WebCore::Writer::doWriteUint32):
        (WebCore::Writer::doWriteNumber):
        (WebCore::Writer::append):
        (WebCore::Writer::fillHole):
        (WebCore::Writer::byteAt):
        (WebCore::Serializer::Serializer):
        (WebCore::Serializer::serialize):
        (WebCore::Serializer::writeArray):
        (WebCore::Serializer::writeObject):
        (WebCore::Serializer::writeSparseArray):
        (WebCore::Serializer::StateBase::StateBase):
        (WebCore::Serializer::ErrorState::ErrorState):
        (WebCore::Serializer::ErrorState::advance):
        (WebCore::Serializer::State::composite):
        (WebCore::Serializer::State::State):
        (WebCore::Serializer::ArrayState::ArrayState):
        (WebCore::Serializer::ArrayState::advance):
        (WebCore::Serializer::AbstractObjectState::AbstractObjectState):
        (WebCore::Serializer::AbstractObjectState::advance):
        (WebCore::Serializer::ObjectState::ObjectState):
        (WebCore::Serializer::ObjectState::objectDone):
        (WebCore::Serializer::SparseArrayState::SparseArrayState):
        (WebCore::Serializer::SparseArrayState::objectDone):
        (WebCore::Serializer::push):
        (WebCore::Serializer::pop):
        (WebCore::Serializer::handleError):
        (WebCore::Serializer::checkComposite):
        (WebCore::Serializer::writeString):
        (WebCore::Serializer::writeImageData):
        (WebCore::Serializer::newArrayState):
        (WebCore::Serializer::newObjectState):
        (WebCore::Serializer::doSerialize):
        (WebCore::Reader::Reader):
        (WebCore::Reader::read):
        (WebCore::Reader::readString):
        (WebCore::Reader::readUint32):
        (WebCore::Reader::readDate):
        (WebCore::Reader::readNumber):
        (WebCore::Reader::readImageData):
        (WebCore::Reader::doReadUint32):
        (WebCore::Reader::doReadNumber):
        (WebCore::Deserializer::Deserializer):
        (WebCore::Deserializer::createArray):
        (WebCore::Deserializer::createObject):
        (WebCore::Deserializer::createSparseArray):
        (WebCore::Deserializer::initializeObject):
        (WebCore::Deserializer::doDeserialize):
        (WebCore::Deserializer::stackDepth):
        (WebCore::SerializedScriptValue::deserialize):

2010-04-06  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed buildfix for --minimal build.
        Buildfix after r57134. Add ENABLE(WORKERS) guard.

        original bug: https://bugs.webkit.org/show_bug.cgi?id=36375

        * bindings/js/JSWorkerContextErrorHandler.cpp:

2010-04-06  Dirk Schulze  <krit@webkit.org>

        Reviewed by Oliver Hunt.

        SVG/SMIL parse failure on attribute keySplines
        https://bugs.webkit.org/show_bug.cgi?id=37071

        Test: svg/animations/animate-keySplines.html

        The String in 'keySplines' can have multiple spaces between numbers
        and delimiters. The parsing code is inspired by SVGParserUtilities
        and respects this.

        * svg/SVGAnimationElement.cpp:
        (WebCore::parseKeySplines):

2010-04-06  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Refactored error reporting mechanizm on Worker Global Objects.
        Unlike other event listeners which accept single argument(Event)
        onerror handler on worker global object should be a function
        accepting three arguments. This error reporting was implementedas
        EventListener::reportError method which had custom implementations
        for v8 and JSC. This patch removes EventListener::reportError and
        moves its functionality into custom bindings(V8WorkerContextErrorHandler
        and JSWorkerContextErrorHandler) that implement EventListener inerface
        for the onerror handler.

        This patch also makes uncaught exceptions that happen in the onerror
        listener be reported to the Worker's onerror handler.

        https://bugs.webkit.org/show_bug.cgi?id=36375

        * Android.jscbindings.mk:
        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.pro:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSEventListener.cpp:
        * bindings/js/JSEventListener.h:
        * bindings/js/JSWorkerContextErrorHandler.cpp: Added.
        (WebCore::JSWorkerContextErrorHandler::JSWorkerContextErrorHandler):
        (WebCore::JSWorkerContextErrorHandler::~JSWorkerContextErrorHandler):
        (WebCore::JSWorkerContextErrorHandler::handleEvent):
        * bindings/js/JSWorkerContextErrorHandler.h: Added.
        (WebCore::JSWorkerContextErrorHandler::create):
        (WebCore::createJSWorkerContextErrorHandler):
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/V8WorkerContextErrorHandler.cpp: Added.
        (WebCore::V8WorkerContextErrorHandler::V8WorkerContextErrorHandler):
        (WebCore::V8WorkerContextErrorHandler::callListenerFunction):
        * bindings/v8/V8WorkerContextErrorHandler.h: Added.
        (WebCore::V8WorkerContextErrorHandler::create):
        * bindings/v8/V8WorkerContextEventListener.cpp:
        * bindings/v8/V8WorkerContextEventListener.h:
        * dom/EventListener.h:
        * workers/WorkerContext.cpp:
        (WebCore::WorkerContext::WorkerContext):
        (WebCore::WorkerContext::reportException):
        * workers/WorkerContext.h:

2010-04-06  Pavel Feldman  <pfeldman@chromium.org>

        Not reviewed: reverting v8 change at r57079 for crashing Chromium layout tests.

2010-04-05  MORITA Hajime  <morrita@google.com>

        Reviewed by Darin Adler.

        RenderProgress.cpp is missing CurrentTime.h
        https://bugs.webkit.org/show_bug.cgi?id=37080

        No new tests. just fixed compilation error.

        * rendering/RenderProgress.cpp:


2010-04-05  Eric Uhrhane  <ericu@chromium.org>

        Reviewed by Brady Eidson.

        window.openDatabase() always fails for new databases when using WebKit nightly with Safari 4.0.5
        https://bugs.webkit.org/show_bug.cgi?id=36671

        The previous "fix" I mistakenly compared hashes, an improvement over comparing pointers, but still not right.

        No new tests.

        * storage/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock): Use SecurityOrigin::equal to compare instead of SecurityOriginHas