2012-03-29 Beth Dakin <bdakin@apple.com> Reviewed by Dan Bernstein. <rdar://problem/11008998> Branch: Shadow inside text field is blurry/blocky in HiDPI This patch merges the following changes to the branch: http://trac.webkit.org/changeset/97032 http://trac.webkit.org/changeset/98520 This patch also adds branch-specific code that makes it so the regression tracked by <rdar://problem/11115221> only affects the branch in HiDPI mode. Essentially, this is a workaround for <rdar://problem/11150452>. With this workaround, when the deviceScaleFactor is 1, we have an old-school gradient bezel in text fields whether they are styled or not. This is good and matches shipping Safari. When the deviceScaleFactor is greater than 1, text fields will have newer, AppKit-matching gradients that look much more appropriate at the higher resolutions. However, if the text field is styled in any way, we'll revert to the old-school bezel, which doesn't look great in HiDPI, but it looks better than the CSS border, which is the only alternative until 11150452 is resolved. This is the merging of the changes listed above. * platform/mac/ThemeMac.mm: (WebCore::ThemeMac::ensuredView): * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintSliderThumb): isControlStyled() should treat text fields like it used to in order to avoid the regression tracked by 11115221. * rendering/RenderThemeMac.h: * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::isControlStyled): Use the old gradient always unless we are an unstyled text field in HiDPI. (WebCore::RenderThemeMac::paintTextField): (WebCore::RenderThemeMac::textField): 2012-03-16 Lucas Forschler <lforschler@apple.com> Merge 107102 2012-02-08 Anders Carlsson <andersca@apple.com> Fix assertion in svg/dom/SVGStyledElement-pendingResource-crash.html https://bugs.webkit.org/show_bug.cgi?id=78126 Reviewed by Dan Bernstein. This broke in r106977 when I tried to change an early return into an ASSERT, so let's bring back the early return. * page/FrameView.cpp: (WebCore::FrameView::notifyPageThatContentAreaWillPaint): 2012-03-16 Lucas Forschler <lforschler@apple.com> Merge 106977 2012-02-06 Anders Carlsson <andersca@apple.com> ScrollableAreaSet should be moved from Page to FrameView https://bugs.webkit.org/show_bug.cgi?id=62762 Reviewed by Beth Dakin. It makes more sense for the set of scrollable areas to be per frame view instead of per page; scrollable areas are associated with a containing frame view and their lifecycle follows the lifecycle of the frame view much more closely. This could even fix a bunch of crashes where a scrollable area outlived its containing page. * WebCore.exp.in: Replace the Page member functions with FrameView member functions instead. * page/EventHandler.cpp: (WebCore::EventHandler::mouseMoved): Check if the frame view contains the given layer. (WebCore::EventHandler::updateMouseEventTargetNode): Ditto. * page/FocusController.cpp: (WebCore::contentAreaDidShowOrHide): Add helper function. (WebCore::FocusController::setContainingWindowIsVisible): Call contentAreaDidShowOrHide for the main frame view, and for all scrollable areas inside all subframe views. * page/FrameView.cpp: (WebCore::FrameView::FrameView): Use early returns to make the code more clear. Also, don't add the scrollable area to the set here. (WebCore::FrameView::~FrameView): Don't remove the scrollable area here. (WebCore::FrameView::zoomAnimatorTransformChanged): m_page is gone so use m_frame->page() instead. (WebCore::FrameView::setAnimatorsAreActive): Call ScrollAnimator::setIsActive for all the scrollable areas in this frame view. Previously we used to do this for all scrollable areas on the page, but since setAnimatorsAreActive will be called for each document, this will be done implicitly. (WebCore::FrameView::notifyPageThatContentAreaWillPaint): Call ScrollableArea::contentDidPaint for this frame view and all its immediate scrollable areas. Previously, we used to do this for all scrollable areas on the page, but we only need to do it for this frame view. (WebCore::FrameView::scrollAnimatorEnabled): Get the page from m_frame since m_page is gone. (WebCore::FrameView::addScrollableArea): (WebCore::FrameView::removeScrollableArea): (WebCore::FrameView::containsScrollableArea): Move these member functions here from Page. (WebCore::FrameView::addChild): If we are adding a frame view, add it to the scrollable area set. (WebCore::FrameView::removeChild): If we are removing a frame view, remove it from the scrollable area set. * page/FrameView.h: Move the member function declarations and the scrollable area set member variable here from Page. * page/Page.cpp: (WebCore::Page::~Page): Don't call disconnectPage on the scrollable areas anymore. * platform/ScrollView.h: (ScrollView): Make addChild and removeChild virtual. * platform/ScrollableArea.h: Remove disconnectFromPage. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::RenderLayer): (WebCore::RenderLayer::~RenderLayer): (WebCore::RenderLayer::styleChanged): The frame view now keeps track of the scrollable areas. * rendering/RenderLayer.h: Remove the page member variable and disconnectFromPage. * rendering/RenderListBox.cpp: (WebCore::RenderListBox::RenderListBox): (WebCore::RenderListBox::~RenderListBox): The frame view now keeps track of the scrollable areas. * rendering/RenderListBox.h: Remove the page member variable and disconnectFromPage. 2012-03-14 Lucas Forschler <lforschler@apple.com> Merge 110196 2012-03-08 Dan Bernstein <mitz@apple.com> <rdar://problem/10981173> Dashboard regions should not be in device space Reviewed by John Sullivan. Test: TestWebKitAPI/Tests/mac/DeviceScaleFactorInDashboardRegions.mm * rendering/RenderInline.cpp: (WebCore::RenderInline::addDashboardRegions): Stop applying the device scale factor to Dashboard regions. * rendering/RenderObject.cpp: (WebCore::RenderObject::addDashboardRegions): Ditto. 2012-03-14 Lucas Forschler <lforschler@apple.com> Merge 110480 2012-03-12 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=80888 Clear background for NSTextFieldCell is unreliable and not necessary -and corresponding- <rdar://problem/10663710> Reviewed by Dan Bernstein. With http://trac.webkit.org/changeset/104240 I thought it was necessary to make NSTextFieldCells draw with a clear background in order to allow styled text fields. That is not actually necessary; we just had a different bug where isControlStyled() was only checking for styled borders on text fields. Text fields can also be styled with backgrounds, so they need the full check. * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::isControlStyled): (WebCore::RenderThemeMac::textField): 2012-03-14 Lucas Forschler <lforschler@apple.com> Merge 104240 2012-01-05 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=75654 Text fields should draw using NSTextFieldCell instead of WebKitSystemInterface Reviewed by John Sullivan. This change should not have any affect on tests or real web sites. It just changed the implementation under the hood to the more modern NSCell approach. * rendering/RenderThemeMac.h: * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintTextField): (WebCore::RenderThemeMac::textField): 2012-03-07 Lucas Forschler <lforschler@apple.com> Merge 109594 2012-03-02 Maciej Stachowiak <mjs@apple.com> REGRESSION(r97353): Crash when accessing location or history properties inside a navigated window https://bugs.webkit.org/show_bug.cgi?id=80133 <rdar://problem/10432233> Reviewed by Antti Koivisto. Test: fast/dom/Window/navigated-window-properties.html * bindings/js/JSDOMWindowCustom.cpp: (WebCore): Remove custom getters for window.location and window.history; they were unnecessary and did the wrong thing when DOMWindow returned null values for these. * page/DOMWindow.idl: ditto * bindings/js/JSDOMBinding.cpp: (WebCore::reportException): Remove assert about null values and update comment, since this is now an expected state for navigated inner windows. 2011-02-17 Lucas Forschler <lforschler@apple.com> Merge 107966 2012-02-15 Mark Rowe <mrowe@apple.com> NPN_GetValueForURL / NPNURLVProxy returns DIRECT when proxy configured via PAC <http://webkit.org/b/78766> / <rdar://problem/10729283> Reviewed by Anders Carlsson. * platform/network/cf/ProxyServerCFNet.cpp: (WebCore::proxyAutoConfigurationResultCallback): Stop the runloop, and then process the results that we received. (WebCore::processProxyServers): Processing of array of proxy configuration information moved from addProxyServersForURL. Handling of proxy auto-configuration URLs is now handled by calling CFNetworkExecuteProxyAutoConfigurationURL and waiting synchronously on the result callback. Doing this synchronously is not great, but it's the best we can do without a lot of restructuring of the code that calls this. We arbitrarily time out the execution after five seconds to avoid permanently hanging. (WebCore::addProxyServersForURL): Call in to our helper function. 2011-02-13 Lucas Forschler <lforschler@apple.com> Merge 106388 2012-01-31 Jon Lee <jonlee@apple.com> Hidden form elements do not save their state prior to form submission https://bugs.webkit.org/show_bug.cgi?id=77391 <rdar://problem/10563108> Reviewed by Brady Eidson. Test: fast/forms/state-restore-hidden.html * html/HiddenInputType.cpp: Teach hidden inputs to save and restore their state. (WebCore::HiddenInputType::saveFormControlState): (WebCore::HiddenInputType::restoreFormControlState): * html/HiddenInputType.h: (HiddenInputType): 2011-02-07 Lucas Forschler <lforschler@apple.com> Merge 106982 2012-02-07 Brady Eidson <beidson@apple.com> <rdar://problem/9567286> and https://bugs.webkit.org/show_bug.cgi?id=78003 WebKit associates credentials with the wrong site if the authentication challenge takes place after a redirect chain Reviewed by Alexey Proskuryakov. Test: http/tests/loading/authentication-after-redirect-stores-wrong-credentials/authentication-after-redirect-stores-wrong-credentials.html Associate the credential with the URL of the challenge itself, not the original request: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): (WebCore::ResourceHandle::receivedCredential): * platform/network/mac/ResourceHandleMac.mm: (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): (WebCore::ResourceHandle::receivedCredential): 2011-02-06 Lucas Forschler <lforschler@apple.com> Merge 106729 2012-02-03 Tim Horton <timothy_horton@apple.com> Canvas-into-canvas drawing should respect backing store scale ratio https://bugs.webkit.org/show_bug.cgi?id=77784 <rdar://problem/10549729> Reviewed by Dan Bernstein. Respect the backing store scale ratio when drawing a canvas into another canvas via ctx.drawImage(canvas, x, y). Previous behavior caused canvas drawing to differ based on the size of the backing store, which is ideally an implementation detail to authors. Also, rename the source canvas arguments to CanvasRenderingContext2D::drawImage to be more clear. No new tests. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::drawImage): 2011-02-06 Lucas Forschler <lforschler@apple.com> Merge 104356 2012-01-06 Tim Horton <timothy_horton@apple.com> [cg] userSpaceOnUse SVG Patterns have the wrong origin https://bugs.webkit.org/show_bug.cgi?id=75741 <rdar://problem/9383222> Reviewed by Simon Fraser. The transformation from pattern space to user space should use the userToBase CTM, not the current CTM. Test: svg/custom/pattern-userSpaceOnUse-userToBaseTransform.xhtml * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::GraphicsContext::applyStrokePattern): (WebCore::GraphicsContext::applyFillPattern): (WebCore::GraphicsContext::getCTM): * platform/graphics/cg/TransformationMatrixCG.cpp: (WebCore::AffineTransform::AffineTransform): Add a AffineTransform(CGAffineTransform) constructor * platform/graphics/transforms/AffineTransform.h: 2011-02-06 Lucas Forschler <lforschler@apple.com> Merge 106678 2012-02-03 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=77691 Fix PlatformScreen layering violation and PlatformScreenMac's incorrect use of device scale Reviewed by Andy Estes. Make screenAvailableRect() and screenRect() take a Widget again instead of a FrameView since taking a FrameView is a layering violation. * WebCore.exp.in: * platform/PlatformScreen.h: (WebCore): * platform/blackberry/PlatformScreenBlackBerry.cpp: (WebCore::screenAvailableRect): (WebCore::screenRect): * platform/chromium/PlatformScreenChromium.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/chromium/PlatformSupport.h: (WebCore): (PlatformSupport): * platform/efl/PlatformScreenEfl.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/gtk/PlatformScreenGtk.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/qt/PlatformScreenQt.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/win/PlatformScreenWin.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/wx/ScreenWx.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): It's wrong for the deviceScaleFactor to be taken into consideration here at all. * platform/mac/PlatformScreenMac.mm: (WebCore::screenRect): (WebCore::screenAvailableRect): (WebCore::toUserSpace): (WebCore::toDeviceSpace): 2011-02-01 Lucas Forschler <lforschler@apple.com> Merge 106286 2012-01-30 Beth Dakin <bdakin@apple.com> Speculative 32-bit build-fix. * WebCore.exp.in: 2011-02-01 Lucas Forschler <lforschler@apple.com> Merge 106271 2012-01-30 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=77263 PlatformScreenMac should not rely on NSWindow for important bits of data Reviewed by Geoff Garen. The main problem is that we cannot rely on the NSWindow for information about the deviceScaleFactor because we cannot access an NSWindow from within WebCore for WebKit2 windows. Instead, we can fetch it from WebCore::deviceScaleFactor(), but we need a Frame to call that. So screenAvailableRect and screenRect both now take a FrameView* instead of a Widget*. All existing call sites actually sent a FrameView in anyway, so this is not a big change, but it does require touching a lot of platforms. * WebCore.exp.in: * platform/PlatformScreen.h: (WebCore): * platform/blackberry/PlatformScreenBlackBerry.cpp: (WebCore::screenAvailableRect): (WebCore::screenRect): * platform/chromium/PlatformScreenChromium.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/chromium/PlatformSupport.h: (WebCore): (PlatformSupport): (): * platform/efl/PlatformScreenEfl.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/gtk/PlatformScreenGtk.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/qt/PlatformScreenQt.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/win/PlatformScreenWin.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): * platform/wx/ScreenWx.cpp: (WebCore::screenRect): (WebCore::screenAvailableRect): The Mac-only functions toUserSpace() and toDeviceSpace() were also updated to take a parameter for the deviceScaleFactor. * platform/mac/PlatformScreenMac.mm: (WebCore::screenRect): (WebCore::screenAvailableRect): (WebCore::toUserSpace): (WebCore::toDeviceSpace): 2011-01-27 Lucas Forschler <lforschler@apple.com> Merge 106130 2012-01-27 Abhishek Arya <inferno@chromium.org> Crash in DocumentLoader::detachFromFrame. https://bugs.webkit.org/show_bug.cgi?id=62764 Reviewed by Brady Eidson. r105556 didn't fix the crash because canceling the main resource loader blows away both the current document loader and frame underneath. Both protectors are also used in stopLoading() when m_mainResourceLoader->cancel() is called. Also, tested the fix under ASAN. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): 2012-01-25 Mark Rowe <mrowe@apple.com> Merge r105942. 2012-01-25 Mark Rowe <mrowe@apple.com> Build in to an alternate location when USE_STAGING_INSTALL_PATH is set. <rdar://problem/10609417> Adopt USE_STAGING_INSTALL_PATH Reviewed by David Kilzer. * Configurations/WebCore.xcconfig: Define NORMAL_WEBCORE_FRAMEWORKS_DIR, which contains the path where WebCore is normally installed. Update WEBCORE_FRAMEWORKS_DIR to point to the staged frameworks directory when USE_STAGING_INSTALL_PATH is set. Define NORMAL_PRODUCTION_FRAMEWORKS_DIR, which contains the path where our public frameworks are normally installed. Update PRODUCTION_FRAMEWORKS_DIR to point to the staged frameworks directory when USE_STAGING_INSTALL_PATH is set. Always set the framework's install name based on the normal framework location. This prevents an incorrect install name from being used when installing in to the staged frameworks directory. Look for our other frameworks in the staged frameworks directory when USE_STAGING_INSTALL_PATH is set. 2011-01-24 Lucas Forschler <lforschler@apple.com> Merge 105556 2012-01-20 Brady Eidson <beidson@apple.com> <rdar://problem/9328684> and https://bugs.webkit.org/show_bug.cgi?id=62764 Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache Reviewed by Sam Weinig. No way to reproduce without special malloc debugging and that doesn't even reproduce on all platforms. So still no test. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Protect m_frame for the duration of this method. 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 95580 2011-09-20 Jochen Eisinger <jochen@chromium.org> Invoke CachedResourceLoader::canRequest for all URLs in a redirect chain https://bugs.webkit.org/show_bug.cgi?id=68279 Reviewed by Adam Barth. * loader/cache/CachedResourceLoader.h: * loader/cache/CachedResourceRequest.cpp: (WebCore::CachedResourceRequest::willSendRequest): 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 89155 paste 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 98935 2011-10-31 Jeremy Apthorp <jeremya@google.com> Fix a crash relating to anonymous block merging in RenderFullScreen::unwrapRenderer. https://bugs.webkit.org/show_bug.cgi?id=70705 Reviewed by Simon Fraser. Test: fullscreen/anonymous-block-merge-crash.html * rendering/RenderFullScreen.cpp: (RenderFullScreen::unwrapRenderer): 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 104275 2012-01-05 Kent Tamura <tkent@chromium.org> Fix a crash by importing an element of which local name ends with ":input". https://bugs.webkit.org/show_bug.cgi?id=75103 Reviewed by Ryosuke Niwa. Test: fast/dom/importNode-confusing-localName.html * dom/Document.cpp: (WebCore::Document::importNode): Pass QualifiedName of the source elemnt to createElement() in order to avoid unnecessary serialization and parsing of the qualified name 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 97088 2011-10-10 Jeremy Apthorp <jeremya@chromium.org> Exiting fullscreen shouldn't crash if the element that was fullscreened had associated anonymous blocks. https://bugs.webkit.org/show_bug.cgi?id=68503 Reviewed by Simon Fraser. Test: fullscreen/full-screen-render-inline.html Test: fullscreen/parent-flow-inline-with-block-child.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::moveChildTo): (WebCore::RenderBlock::moveChildrenTo): * rendering/RenderBlock.h: (WebCore::RenderBlock::moveChildTo): (WebCore::RenderBlock::moveAllChildrenTo): (WebCore::RenderBlock::moveChildrenTo): * rendering/RenderFullScreen.cpp: (RenderFullScreen::unwrapRenderer): Move all children back to the parent, not just the firstChild. 2011-01-18 Lucas Forschler <lforschler@apple.com> Merge 95371 2011-09-16 Jeremy Apthorp <jeremya@chromium.org> and James Kozianski <koz@chromium.org> Don't detach elements from the render tree when entering fullscreen mode https://bugs.webkit.org/show_bug.cgi?id=66531 This prevents plugin instances from being destroyed and reinstantiated when entering fullscreen mode. Reviewed by James Robinson. Test: plugins/fullscreen-plugins-dont-reload.html * dom/Document.cpp: (WebCore::Document::webkitWillEnterFullScreenForElement): (WebCore::Document::webkitDidExitFullScreenForElement): * dom/NodeRenderingContext.cpp: (WebCore::NodeRendererFactory::createRendererIfNeeded): * rendering/RenderFullScreen.cpp: (createFullScreenStyle): (RenderFullScreen::wrapRenderer): (RenderFullScreen::unwrapRenderer): * rendering/RenderFullScreen.h: 2011-01-17 Lucas Forschler <lforschler@apple.com> Merge 103913 & 103915 2012-01-02 Sam Weinig <sam@webkit.org> Fix the build. * bindings/scripts/CodeGeneratorJS.pm: 2012-01-02 Sam Weinig <sam@webkit.org> REGRESSION(r100517): We're leaking many, many DOM objects! https://bugs.webkit.org/show_bug.cgi?id=75451 Reviewed by Mark Rowe. * bindings/scripts/CodeGeneratorJS.pm: Add a temporary workaround to the problem of handle finalizers not getting called by adding back the destructors (or rather their replacement, destroy() functions). 2011-1-17 Lucas Forschler <lforschler@apple.com> Merge 104593 2012-01-10 Brady Eidson <beidson@apple.com> <rdar://problem/9328684> and https://bugs.webkit.org/show_bug.cgi?id=62764 Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache Reviewed by Maciej Stachowiak. This is a non-reproducible high volume crash, so no test :(. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::stopLoading): Don't re-run actual "stop loading" logic if the document loader is already stopping loading. Also add an ASSERT that might catch cases where new loads may have been started while old loads were being stopped. (WebCore::DocumentLoader::detachFromFrame): Be conservative and stop loading when we detach a document loader from a frame. 2011-1-17 Lucas Forschler <lforschler@apple.com> Merge 97303 2011-10-12 Chris Fleizach <cfleizach@apple.com> AX: CrashTracer: [USER] 296 crashes in WebProcess at com.apple.WebCore: WebCore::AccessibilityScrollbar::document const + 29 https://bugs.webkit.org/show_bug.cgi?id=69936 AX Scrollbars have a weak pointer to their parent. They need to become AccessibilityMockObjects, so that they can participate in the detachFromParent() methods that happens when those parents go away. Could not reproduce the crash, but the backtrace is unequivocal. Reviewed by Darin Adler. * accessibility/AccessibilityScrollView.cpp: (WebCore::AccessibilityScrollView::removeChildScrollbar): * accessibility/AccessibilityScrollbar.cpp: (WebCore::AccessibilityScrollbar::AccessibilityScrollbar): * accessibility/AccessibilityScrollbar.h: (WebCore::AccessibilityScrollbar::scrollbar): (WebCore::AccessibilityScrollbar::isAccessibilityScrollbar): 2011-1-17 Lucas Forschler <lforschler@apple.com> Merge 96973 2011-10-07 Chris Fleizach <cfleizach@apple.com> Bug 69562 - AccessibilityImageMapLink holds onto it's parent even after it's been freed https://bugs.webkit.org/show_bug.cgi?id=69562 Some fake objects, like AXImageMapLink, have weak references to their parent's (since they are fake objects and need some connection to the parent). However, if the parent disappears before the child, then we're left with a out of date reference to that parent. The fix is to allow these elements to clear their parentage when the parent goes away. Reviewed by Darin Adler. Test: accessibility/image-map-update-parent-crash.html * accessibility/AccessibilityMenuListOption.cpp: (WebCore::AccessibilityMenuListOption::isVisible): * accessibility/AccessibilityMenuListPopup.cpp: (WebCore::AccessibilityMenuListPopup::isOffScreen): (WebCore::AccessibilityMenuListPopup::isEnabled): (WebCore::AccessibilityMenuListPopup::press): (WebCore::AccessibilityMenuListPopup::addChildren): (WebCore::AccessibilityMenuListPopup::childrenChanged): * accessibility/AccessibilityMockObject.h: (WebCore::AccessibilityMockObject::detachFromParent): * accessibility/AccessibilityObject.cpp: (WebCore::AccessibilityObject::clearChildren): * accessibility/AccessibilityObject.h: (WebCore::AccessibilityObject::detachFromParent): * accessibility/AccessibilitySlider.cpp: (WebCore::AccessibilitySliderThumb::elementRect): * accessibility/AccessibilityTableColumn.cpp: (WebCore::AccessibilityTableColumn::headerObjectForSection): 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r99649. 2011-11-08 Chris Evans <cevans@google.com> Crash accessing font fact rule parent https://bugs.webkit.org/show_bug.cgi?id=71860 Reviewed by Adam Barth. Test: fast/css/css-fontface-rule-crash.html * css/CSSFontFaceRule.cpp: (WebCore::CSSFontFaceRule::~CSSFontFaceRule): tell our child rule when we are going away. 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r99982. 2011-11-11 Gavin Peters <gavinp@chromium.org> Protect Document during error responses https://bugs.webkit.org/show_bug.cgi?id=72068 Add a Document protector to the error response code handler, just as exists for other ends of requests. Reviewed by Nate Chapin. Test: http/tests/misc/xslt-bad-import.html * loader/cache/CachedResourceRequest.cpp: (WebCore::CachedResourceRequest::didReceiveData): 2011-1-17 Lucas Forschler <lforschler@apple.com> Merge 96966 2011-10-07 Chris Fleizach <cfleizach@apple.com> AX: re-organize fake elements to use new AccessibilityMockObject https://bugs.webkit.org/show_bug.cgi?id=69588 This adds an AccessibilityMockObject for "fake" elements to descend from. Its benefit is to consolidate the various ways that these fake elements are setting and returning their parent objects. No functional change, hence no new tests. Reviewed by Jon Honeycutt. * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * accessibility/AccessibilityARIAGrid.cpp: (WebCore::AccessibilityARIAGrid::addChildren): * accessibility/AccessibilityImageMapLink.cpp: (WebCore::AccessibilityImageMapLink::AccessibilityImageMapLink): * accessibility/AccessibilityImageMapLink.h: (WebCore::AccessibilityImageMapLink::node): * accessibility/AccessibilityMenuList.cpp: (WebCore::AccessibilityMenuList::addChildren): * accessibility/AccessibilityMenuList.h: (WebCore::toAccessibilityMenuList): * accessibility/AccessibilityMenuListOption.cpp: (WebCore::AccessibilityMenuListOption::AccessibilityMenuListOption): (WebCore::AccessibilityMenuListOption::isVisible): * accessibility/AccessibilityMenuListOption.h: * accessibility/AccessibilityMenuListPopup.cpp: (WebCore::AccessibilityMenuListPopup::AccessibilityMenuListPopup): (WebCore::AccessibilityMenuListPopup::isOffScreen): (WebCore::AccessibilityMenuListPopup::isEnabled): (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject): (WebCore::AccessibilityMenuListPopup::press): (WebCore::AccessibilityMenuListPopup::addChildren): (WebCore::AccessibilityMenuListPopup::childrenChanged): (WebCore::AccessibilityMenuListPopup::didUpdateActiveOption): * accessibility/AccessibilityMenuListPopup.h: * accessibility/AccessibilityMockObject.cpp: Added. (WebCore::AccessibilityMockObject::AccessibilityMockObject): (WebCore::AccessibilityMockObject::~AccessibilityMockObject): * accessibility/AccessibilityMockObject.h: Added. (WebCore::AccessibilityMockObject::parentObject): (WebCore::AccessibilityMockObject::setParent): (WebCore::AccessibilityMockObject::detachFromParent): * accessibility/AccessibilitySlider.cpp: (WebCore::AccessibilitySlider::addChildren): (WebCore::AccessibilitySliderThumb::AccessibilitySliderThumb): (WebCore::AccessibilitySliderThumb::elementRect): * accessibility/AccessibilitySlider.h: * accessibility/AccessibilityTable.cpp: (WebCore::AccessibilityTable::addChildren): (WebCore::AccessibilityTable::headerContainer): * accessibility/AccessibilityTable.h: (WebCore::toAccessibilityTable): * accessibility/AccessibilityTableColumn.cpp: (WebCore::AccessibilityTableColumn::AccessibilityTableColumn): (WebCore::AccessibilityTableColumn::setParent): (WebCore::AccessibilityTableColumn::headerObject): (WebCore::AccessibilityTableColumn::headerObjectForSection): (WebCore::AccessibilityTableColumn::accessibilityIsIgnored): (WebCore::AccessibilityTableColumn::addChildren): * accessibility/AccessibilityTableColumn.h: * accessibility/AccessibilityTableHeaderContainer.cpp: (WebCore::AccessibilityTableHeaderContainer::AccessibilityTableHeaderContainer): (WebCore::AccessibilityTableHeaderContainer::accessibilityIsIgnored): (WebCore::AccessibilityTableHeaderContainer::addChildren): * accessibility/AccessibilityTableHeaderContainer.h: 2011-1-17 Lucas Forschler <lforschler@apple.com> Merge 91148 2011-07-16 Kulanthaivel Palanichamy <kulanthaivel@codeaurora.org> Reviewed by Nikolas Zimmermann. SVG animation API crashes on SVGAnimateTransform https://bugs.webkit.org/show_bug.cgi?id=64104 This patch ensures the update in AnimatedTransform list in SVGAnimateTransformElement.cpp is in sync with its wrapper list. Test: svg/animations/svgtransform-animation-discrete.html * svg/SVGAnimateTransformElement.cpp: (WebCore::animatedTransformListFor): (WebCore::SVGAnimateTransformElement::resetToBaseValue): (WebCore::SVGAnimateTransformElement::calculateAnimatedValue): (WebCore::SVGAnimateTransformElement::applyResultsToTarget): 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r94107. 2011-08-30 Abhishek Arya <inferno@chromium.org> Removed m_owner accessed in custom scrollbars. https://bugs.webkit.org/show_bug.cgi?id=64737 Reviewed by David Hyatt. Problem does not reproduce in DRT, even with Eventhandler tricks and gc(). So, adding a manual test. * manual-tests/custom-scrollbar-renderer-removed-crash.html: Added. * page/FrameView.cpp: (WebCore::FrameView::clearOwningRendererForCustomScrollbars): * page/FrameView.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::willBeDestroyed): when this renderbox is getting destroyed, clear the custom scrollbar in this frameview having this renderbox as its owning renderer. * rendering/RenderScrollbar.cpp: (WebCore::RenderScrollbar::getScrollbarPseudoStyle): fix the null check. 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r100408. 2011-11-15 Darin Adler <darin@apple.com> Incorrect type checks in RenderTheme media code https://bugs.webkit.org/show_bug.cgi?id=72184 Reviewed by Eric Carlson. No tests added. Ideally this patch should be revised to add tests! * accessibility/AccessibilityMediaControls.cpp: (WebCore::AccessibilityMediaControl::create): Use mediaControlElementType. (WebCore::AccessibilityMediaControl::controlType): Ditto. (WebCore::AccessibilityMediaTimeline::valueDescription): Use early return rather than an assertion to check type of input element. * html/shadow/MediaControlElements.cpp: (WebCore::mediaControlElementType): Added. A type-safe way to get the media control element type after checking isMediaControlElement but with no other assumptions. * html/shadow/MediaControlElements.h: Added mediaControlElementType. * platform/efl/RenderThemeEfl.cpp: (WebCore::RenderThemeEfl::paintMediaPlayButton): Use mediaControlElementType. (WebCore::RenderThemeEfl::paintMediaSeekBackButton): Use mediaControlElementType. (WebCore::RenderThemeEfl::paintMediaSeekForwardButton): Use mediaControlElementType. * platform/gtk/RenderThemeGtk.cpp: (WebCore::RenderThemeGtk::paintMediaPlayButton): Check isMediaControlElement and use mediaControlElementType. * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintMediaMuteButton): Ditto. Also remove uneeded redundant null check. (WebCore::RenderThemeMac::paintMediaPlayButton): Ditto. (WebCore::RenderThemeMac::paintMediaToggleClosedCaptionsButton): Ditto. 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r101543. 2011-11-30 James Simonsen <simonjam@chromium.org> Fix valgrind issue in SubresourceLoader::didFinishLoading https://bugs.webkit.org/show_bug.cgi?id=72787 Hang on to CachedResource until finish() is called. Reviewed by Nate Chapin. Test: fast/loader/subresource-load-failed-crash.html (under asan) * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::didFinishLoading): (WebCore::SubresourceLoader::didFail): 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r103118. 2011-12-16 Tim Horton <timothy_horton@apple.com> Canvas should respect backing store scale ratio when used as drawImage() source https://bugs.webkit.org/show_bug.cgi?id=74758 <rdar://problem/10350194> Reviewed by Simon Fraser. Interpret the source rectangle passed into drawImage() when using a Canvas source in the source Canvas coordinate space, instead of in the backing store coordinate space, without changing the behavior of drawImage(canvas, x, y). No new tests. * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::convertDeviceToLogical): * html/HTMLCanvasElement.h: * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::drawImage): 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r104669. 2012-01-10 Jer Noble <jer.noble@apple.com> Crash in HTMLMediaElement::shouldDisableSleep() https://bugs.webkit.org/show_bug.cgi?id=76025 Reviewed by Dan Bernstein. Check nullity of m_player before dereferencing. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::shouldDisableSleep): 2012-01-17 Mark Rowe <mrowe@apple.com> Merge r104619. 2012-01-10 Jer Noble <jer.noble@apple.com> REGRESSION (r102024): Having the Bing homepage open prevents idle sleep https://bugs.webkit.org/show_bug.cgi?id=75972 Reviewed by Oliver Hunt. No new tests; no testing infrastructure exists to test display sleep assertions. Only disable idle and display sleep when a video element is not paused, not looping, and has both a video and audio track. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaPlayerRateChanged): Factor into updateDisableSleep() and shouldDisplaySleep(). (WebCore::HTMLMediaElement::setLoop): Ditto. (WebCore::HTMLMediaElement::attributeChanged): Ditto. (WebCore::HTMLMediaElement::updateDisableSleep): (WebCore::HTMLMediaElement::shouldDisableSleep): * html/HTMLMediaElement.h: 2012-01-16 Mark Rowe <mrowe@apple.com> Merge r99591. 2011-11-08 Darin Adler <darin@apple.com> Speculative fix for crashes seen in DocumentWriter::deprecatedFrameEncoding https://bugs.webkit.org/show_bug.cgi?id=71828 Reviewed by Nate Chapin. No new tests; not sure how to reproduce this, but crash traces indicate it is an otherwise-harmless null dereference. * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::deprecatedFrameEncoding): Handle null document the same as a document without a URL. 2012-01-16 Mark Rowe <mrowe@apple.com> Merge r103860. 2011-12-31 Dan Bernstein <mitz@apple.com> WebCore change for <rdar://problem/10463059> Cannot print USPS shipping labels http://webkit.org/b/72801 Reviewed by Anders Carlsson and Alexey Proskuryakov. * WebCore.exp.in: Exported Chrome::print(). 2012-01-16 Mark Rowe <mrowe@apple.com> Merge r103858. 2011-12-31 Dan Bernstein <mitz@apple.com> WebCore changes for <rdar://problem/8750356> REGRESSION (WebKit2): Printing a subframe containing a PDF prints the on-screen view instead of the entire PDF document <http://webkit.org/b/75232> Reviewed by Alexey Proskuryakov. * WebCore.exp.in: Exported PluginDocument::pluginWidget(). * WebCore.xcodeproj/project.pbxproj: Promoted PluginDocument.h to private. * html/PluginDocument.h: Fixed a typo in a comment. 2012-01-16 Mark Rowe <mrowe@apple.com> Fix <rdar://problem/10678175>. * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::notityPositionChanged): 2012-01-04 Alexey Proskuryakov <ap@apple.com> Reviewed by John Sullivan. <rdar://problem/9593456> Many crashes at DocumentThreadableLoader::cancel No tests, because we could not reproduce this. * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::cancel): Added a null check. 2012-01-16 Mark Rowe <mrowe@apple.com> Merge r102540. 2011-12-11 Andreas Kling <kling@webkit.org> WK2/NetscapePlugin: Incorrect mouse event coordinates when frameScaleFactor != 1. <http://webkit.org/b/74209> and <rdar://problem/10438197> Reviewed by Anders Carlsson. * WebCore.exp.in: Export AffineTransform::scale(double). 2012-01-16 Mark Rowe <mrowe@apple.com> Merge r104378. 2012-01-06 Mark Rowe <mrowe@apple.com> REGRESSION (r83075): Save as PDF does not generate any links for webkit.org and others <http://webkit.org/b/75768> <rdar://problem/10659258> Use RenderObject::hasOutline when determining whether to always create line boxes so that we take in to consideration whether we'll be creating PDF link rects. Reviewed by Dan Bernstein. * rendering/RenderInline.cpp: (WebCore::RenderInline::styleDidChange): 2011-1-16 Lucas Forschler <lforschler@apple.com> Merge 91324 2011-07-19 Simon Fraser <simon.fraser@apple.com> REGRESSION (r91136-r91146): 40 tests failing on Windows 7 Release (Tests) https://bugs.webkit.org/show_bug.cgi?id=64808 Reviewed by Adam Roben. Initializing m_uncommittedChanges to a non-zero value caused the first call to noteLayerPropertyChanged() to not call m_client->notifySyncRequired(). This resulted in animations never getting committed on Windows, which broke a lot of tests. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::GraphicsLayerCA): 2011-1-13 Lucas Forschler <lforschler@apple.com> Merge 104352 2012-01-05 Simon Fraser <simon.fraser@apple.com> Avoid falling into tiled layers more often when the device scale factor is > 1 <rdar://problem/10588725> Reviewed by John Sullivan. Stop taking the device scale factor into account when deciding to make tiled layers. Test: compositing/tiled-layers-hidpi.html * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::requiresTiledLayer): 2011-1-13 Lucas Forschler <lforschler@apple.com> Merge 104269 2012-01-05 Dan Bernstein <mitz@apple.com> <rdar://problem/10633760> Update copyright strings Reviewed by Mark Rowe. * Info.plist: 2012-01-13 Lucas Forschler <lforschler@apple.com> Roll-out r99999 (which is 104249 on branch) * platform/KURL.cpp: (WebCore::KURL::init): 2011-1-12 Lucas Forschler <lforschler@apple.com> Merge 103082 2011-12-15 Alexey Proskuryakov <ap@apple.com> Poor XPath performance when evaluating an expression that returns a lot of nodes https://bugs.webkit.org/show_bug.cgi?id=74665 <rdar://problem/10517146> Reviewed by Darin Adler. No change in funcitonality. Well covered by existing tests (ran them with zero cutoff to execute the new code path). Our sorting function is optimized for small node sets in large documents, and this is the opposite of it. Added another one that traverses the whole document, adding nodes from the node set to sorted list. That doesn't grow with the number of nodes nearly as fast. Cutoff amount chosen for the document referenced in bug - this is roughly where the algorithms have the same performance on it. * xml/XPathNodeSet.cpp: (WebCore::XPath::NodeSet::sort): (WebCore::XPath::findRootNode): (WebCore::XPath::NodeSet::traversalSort): * xml/XPathNodeSet.h: 2011-1-12 Lucas Forschler <lforschler@apple.com> Merge 102024 2011-12-02 Jer Noble <jer.noble@apple.com> <video> elements should disable the system and display sleep when playing on OS X. https://bugs.webkit.org/show_bug.cgi?id=73730 <rdar://problem/9502155> Reviewed by Alexey Proskuryakov. No new tests; platform specific system behavior only. Create a new DisplaySleepDisabler object when the playback rate becomes non-zero, and destroy that object when the playback rate drops back to zero. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaPlayerRateChanged): * html/HTMLMediaElement.h: 2011-1-12 Lucas Forschler <lforschler@apple.com> Merge 94338 2011-09-01 Tim Horton <timothy_horton@apple.com> REGRESSION: Rendering artifacts on a rotated, pattern filled SVG shape https://bugs.webkit.org/show_bug.cgi?id=53055 <rdar://problem/8910917> Reviewed by Simon Fraser. Make use of wkCGPatternCreateWithImageAndTransform when tiling patterns in both directions. This helps to avoid pixel-cracking along pattern tiling boundaries. Ignore 2D rotation when computing the size of a pattern's tile image, as it artificially inflates the size of the tile, which can cause pixel-cracking. Test: svg/custom/pattern-rotate-gaps.svg * platform/graphics/cg/PatternCG.cpp: (WebCore::Pattern::createPlatformPattern): * rendering/svg/RenderSVGResourcePattern.cpp: * rendering/svg/SVGImageBufferTools.cpp: (WebCore::SVGImageBufferTools::roundedImageBufferSize): * rendering/svg/SVGImageBufferTools.h: 2011-1-12 Lucas Forschler <lforschler@apple.com> Merge 94317 2011-09-01 Tim Horton <timothy_horton@apple.com> REGRESSION: Rendering artifacts on a rotated, pattern filled shape https://bugs.webkit.org/show_bug.cgi?id=53055 <rdar://problem/8910917> Reviewed by Simon Fraser. Introduce wkCGPatternCreateWithImageAndTransform. * WebCore.exp.in: * platform/mac/WebCoreSystemInterface.h: * platform/mac/WebCoreSystemInterface.mm: 2011-1-11 Lucas Forschler <lforschler@apple.com> Merge 91777 2011-07-26 Dan Bernstein <mitz@apple.com> <rdar://problem/9842889> Add a generic pictograph font family Add a generic pictograph font family https://bugs.webkit.org/show_bug.cgi?id=65197 Reviewed by Anders Carlsson. Test: fast/css/font-family-pictograph.html * WebCore.exp.in: Export Settings::setPictographFontFamily(). * css/CSSComputedStyleDeclaration.cpp: (WebCore::identifierForFamily): Added -webkit-pictograph. * css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::addFontFaceRule): Ditto. (WebCore::fontDataForGenericFamily): Ditto. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Ditto. * css/CSSValueKeywords.in: * inspector/front-end/CSSKeywordCompletions.js: Ditto. * inspector/front-end/SourceCSSTokenizer.js: Ditto. (WebInspector.SourceCSSTokenizer): * inspector/front-end/SourceCSSTokenizer.re2js: Ditto. * page/Settings.cpp: (WebCore::Settings::pictographFontFamily): Added this getter. (WebCore::Settings::setPictographFontFamily): Added this setter. * page/Settings.h: * platform/graphics/FontDescription.h: Added PictographFamily to the GenericFamilyType enum. 2011-1-11 Lucas Forschler <lforschler@apple.com> Merge 92005 2011-07-29 Dan Bernstein <mitz@apple.com> Added the regional indicator symbols to the set of codepoints that force use of the complex text code path. Fixes <rdar://problem/9864578> Regional indicator symbols do not combine into national flags https://bugs.webkit.org/show_bug.cgi?id=65380 Reviewed by Anders Carlsson. Test: fast/text/regional-indicator-symobls.html * platform/graphics/Font.cpp: (WebCore::Font::codePath): Added handling of surrogate pairs, which returns Complex for characters in the range U+1F1E6..U+1F1FF. 2011-1-11 Lucas Forschler <lforschler@apple.com> Merge 88479 2011-06-09 Julien Chaffraix <jchaffraix@codeaurora.org> Reviewed by Antti Koivisto. REGRESSION(84329): Stylesheets on some pages do not load https://bugs.webkit.org/show_bug.cgi?id=61400 Test: fast/css/link-disabled-attr.html Fixed r84329: the change did not take into account the fact that HTMLLinkElement did already contain the disabled information and the 2 information were not linked as they should have! The new logic pushes the information to the stylesheet as this is what the spec mandates and what FF is doing. Also it keeps one bit of information (that JS enabled the stylesheet) as it is needed for the recalcStyleSelector logic. * dom/Document.cpp: (WebCore::Document::recalcStyleSelector): s/isDisabled/disabled. * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::HTMLLinkElement): Removed m_disabledState, replaced by m_isEnabledViaScript. (WebCore::HTMLLinkElement::setDisabled): Updated the logic after m_disabledState removal. It also matches the spec by forwarding the disabled state to our stylesheet if we have one. (WebCore::HTMLLinkElement::parseMappedAttribute): Removed harmful handling of the disabledAttr. (WebCore::HTMLLinkElement::process): Updated after m_disabledState removal. * html/HTMLLinkElement.h: (WebCore::HTMLLinkElement::isEnabledViaScript): Ditto. (WebCore::HTMLLinkElement::isAlternate): Ditto. 2011-1-9 Lucas Forschler <lforschler@apple.com> Merge 102263 2011-12-07 Ken Buchanan <kenrb@chromium.org> Crash from multicol spans with layers https://bugs.webkit.org/show_bug.cgi?id=68030 Reviewed by David Hyatt. The layer tree diverges from the render tree when a span is being split between columns. This patch causes the layer tree to be updated when necessary. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::splitFlow) (WebCore::RenderBlock::splitBlocks) 2011-1-9 Lucas Forschler <lforschler@apple.com> Merge 102016 2011-12-05 Steve Falkenburg <sfalken@apple.com> Reviewed by Sam Weinig. On Windows, filenames not properly preserved when copied into a file list exposed by Event.dataTransfer https://bugs.webkit.org/show_bug.cgi?id=73841 <rdar://problem/10521879> No test since repro case involves dropping a file onto the WebView. Calling characters() explicitly causes a non-terminated string buffer to get passed back to the String() constructor that expects a terminated buffer. The characters() call isn't necessary at all, since we have a String and the method we're calling expects a String. * platform/win/ClipboardWin.cpp: (WebCore::ClipboardWin::files): Remove characters() since it doesn't null terminate. 2011-1-9 Lucas Forschler <lforschler@apple.com> Merge 101584 2011-11-30 Ken Buchanan <kenrb@chromium.org> Crash from first letter text fragments having flows split https://bugs.webkit.org/show_bug.cgi?id=72759 Reviewed by David Hyatt. When an inline flow is split that contains a first letter block and its remaining text, it can prevent the remaining text fragment from getting updated if the first letter block is replaced. This patch enables the text fragment to be found and updated properly. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::updateFirstLetterBlock): 2011-1-6 Lucas Forschler <lforschler@apple.com> Merge 101091 2011-11-23 Antti Koivisto <antti@apple.com> https://bugs.webkit.org/show_bug.cgi?id=72354 Image pointer in FillLayer not cleared correctly Reviewed by Dan Bernstein. Test: fast/css/fill-layer-crash.html We should clear the image pointer too, not just the m_imageSet bit. * rendering/style/FillLayer.h: (WebCore::FillLayer::clearImage): 2011-1-9 Lucas Forschler <lforschler@apple.com> Merge 100809 2011-11-18 Beth Dakin <bdakin@apple.com> <rdar://problem/10466170> Regression: Scroll bars disappear and don't come back Reviewed by Sam Weinig. Fixing a merge issue. On TOT we use #if USE(SCROLLBAR_PAINTER), but on the branch it is still #if USE(WK_SCROLLBAR_PAINTER). Also, on the branch, all of the m_scrollbarPainterController functions go through WebKitSystemInterface instead of using forward declaration. We should consider merging those changes, but in the meantime, for this to work, we have to go back to the branch-style. * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::notityPositionChanged): 2011-1-6 Lucas Forschler <lforschler@apple.com> Merge 100677 2011-11-17 Ken Buchanan <kenrb@chromium.org> Crash from positioned generated content under run-in https://bugs.webkit.org/show_bug.cgi?id=70456 Reviewed by David Hyatt. Modified handling of run-in children to clear generated children before removing the parent from the render tree. This caused problems with absolute positioned children being not properly removed from the positioned object list of the RenderView. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::handleRunInChild): 2011-1-6 Lucas Forschler <lforschler@apple.com> Merge 100630 2011-11-17 Ken Buchanan <kenrb@chromium.org> Crash from nested tables with generated content https://bugs.webkit.org/show_bug.cgi?id=68811 Reviewed by David Hyatt. When adding a child to a table that has generated content, this change ensures that we leave alone any generated content renderers that belong to descendants in the tree. They don't need to be touched, and doing so can create confusion about who the content belongs to. This patch also simplifies some existing code for finding pseudoelement renderers. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks): * rendering/RenderObject.cpp: (WebCore::RenderObject::addChild): (WebCore::RenderObject::isBeforeAfterContentGeneratedByAncestor): Added * rendering/RenderObject.h: (WebCore::RenderObject::findAfterContentRenderer): Deleted (WebCore::RenderObject::findBeforeContentRenderer): Deleted * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::beforePseudoElementRenderer): (WebCore::RenderObjectChildList::afterPseudoElementRenderer): * rendering/RenderTable.cpp: (WebCore::RenderTable::addChild): * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::addChild): * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::addChild): 2011-1-6 Lucas Forschler <lforschler@apple.com> Merge 100343 2011-11-15 Jessie Berlin <jberlin@apple.com> NSURLRequest leak beneath ResourceRequest::setStorageSession seen on Leaks bot. https://bugs.webkit.org/show_bug.cgi?id=72419 Reviewed by Adam Roben. Adopt the copied NSURLRequest. * platform/network/mac/ResourceRequestMac.mm: (WebCore::ResourceRequest::setStorageSession): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 100203 2011-11-14 Adam Barth <abarth@webkit.org> Don't special-case "data" URLs in drag-and-drop logic https://bugs.webkit.org/show_bug.cgi?id=72322 Reviewed by Eric Seidel. See the bug for more details. Test: editing/pasteboard/drag-drop-to-data-url.html * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canReceiveDragData): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99999 2011-11-11 David Kilzer <ddkilzer@apple.com> <http://webkit.org/b/71921> Remove use of strcpy in KURL Reviewed by Antti Koivisto. * platform/KURL.cpp: (WebCore::KURL::init): Replace strcpy() with strncpy(). 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99756 2011-11-09 Ken Buchanan <kenrb@chromium.org> Indentation error in RenderObject::container https://bugs.webkit.org/show_bug.cgi?id=64780 Reviewed by Eric Seidel. A conditional block was indented too far; correcting. * rendering/RenderObject.cpp: (WebCore::RenderObject::container): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99731 2011-11-09 Ken Buchanan <kenrb@chromium.org> SVG foreignObject wrong container https://bugs.webkit.org/show_bug.cgi?id=64780 Reviewed by Simon Fraser. Resubmitting a patch originally by scottmg@chromium.org. In determining where to add to m_positionedObjects during a repaint, containingBlock is used, which adds the absolute positioned object to the containing foreignObject. But, when the contained object is dirtied, container() was used to dirty up the tree, which skipped over the foreignObject causing the wrong parent to needsLayout(). This fix makes container() and containingBlock() handle svg foreignObject's in the same way. This patch will cause svg/overflow/overflow-on-foreignObject.svg to require rebaselined results on qt and gtk ports. * rendering/RenderObject.cpp: (WebCore::RenderObject::container): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99579 2011-11-08 Justin Schuh <jschuh@chromium.org> Document::loader should use documentLoader(), not activeDocumentLoader() https://bugs.webkit.org/show_bug.cgi?id=65895 Reviewed by Brady Eidson. Test: fast/loader/stateobjects/replacestate-in-onunload.html * dom/Document.cpp: (WebCore::Document::loader): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99462 2011-11-07 Ken Buchanan <kenrb@chromium.org> Crash due to mixed direction text runs https://bugs.webkit.org/show_bug.cgi?id=66015 Reviewed by David Hyatt. Test for bug fix. * fast/text/international/bidi-neutral-in-mixed-direction-run-crash.html: Added * fast/text/international/bidi-neutral-in-mixed-direction-run-cras-expected.txt: Added 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 99439 2011-11-07 Jessie Berlin <jberlin@apple.com> Need a way to allow a scheme access to Local Storage and Databases while Private Browsing is enabled. https://bugs.webkit.org/show_bug.cgi?id=71631 Reviewed by Jon Honeycutt. Check the SchemeRegistry before preventing read/write access to Local Storage and Databases in Private Browsing. * WebCore.exp.in: Export the symbols for registering the schemes as allowing Local Storage and Database access in Private Browsing. * dom/Document.cpp: (WebCore::Document::allowDatabaseAccess): Check if the scheme allows Database access in Private Browsing. * platform/SchemeRegistry.cpp: (WebCore::schemesAllowingLocalStorageAccessInPrivateBrowsing): (WebCore::schemesAllowingDatabaseAccessInPrivateBrowsing): (WebCore::SchemeRegistry::registerURLSchemeAsAllowingLocalStorageAccessInPrivateBrowsing): (WebCore::SchemeRegistry::allowsLocalStorageAccessInPrivateBrowsing): (WebCore::SchemeRegistry::registerURLSchemeAsAllowingDatabaseAccessInPrivateBrowsing): (WebCore::SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing): * platform/SchemeRegistry.h: * storage/Storage.cpp: (WebCore::Storage::length): Ask the storage area if it is disabled by Private Browsing in the frame instead of just checking if Private Browsing is enabled for that frame because the answer might depend on what type of storage that storage area is. (WebCore::Storage::key): Ditto. (WebCore::Storage::getItem): Ditto. (WebCore::Storage::contains): Ditto. * storage/StorageArea.h: Make it possible to query a StorageArea for whether it is disabled by Private Browsing in a Frame. * storage/StorageAreaImpl.cpp: (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame): Renamed from privateBrowsingEnabled. Check not only if Private Browsing is enabled for the Frame, but also if the storage type is Local Storage and if there is an exception for the scheme of the resource currently loaded into the Frame. (WebCore::StorageAreaImpl::setItem): Renamed privateBrowsingEnabled -> disabledByPrivateBrowsingInFrame. (WebCore::StorageAreaImpl::removeItem): Ditto. (WebCore::StorageAreaImpl::clear): Ditto. * storage/StorageAreaImpl.h: 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98796 2011-10-28 Ryosuke Niwa <rniwa@webkit.org> Potential crash in ReplaceNodeWithSpanCommand https://bugs.webkit.org/show_bug.cgi?id=71145 Reviewed by Ojan Vafai. Fix a potential crash without tests because we don't have a reduction. * editing/ReplaceNodeWithSpanCommand.cpp: (WebCore::swapInNodePreservingAttributesAndChildren): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98763 2011-10-28 Ken Buchanan <kenrb@chromium.org> Crash when splitting inline flows with generated floats https://bugs.webkit.org/show_bug.cgi?id=70458 Reviewed by David Hyatt. When lineBoxes on a RenderBlock are being deleted, we now check the floating object list to ensure references to them are being cleared. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::deleteLineBoxTree): Remove references to lineBox when deleting them 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98561 2011-10-27 Ken Buchanan <kenrb@chromium.org> Crash due to nested first-letter selectors https://bugs.webkit.org/show_bug.cgi?id=70457 Now only the lowest-level first-letter pseudostyle will be applied to a given piece of text. Previously the last renderer to have layout done would have its pseudostyle applied, no matter where it was in the tree. Reviewed by David Hyatt. * renderer/RenderBlock.cpp: (WebCore::RenderBlock::updateFirstLetter): Use the pseudostyle from the lowest level node to have one 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 96294 2011-09-28 Dan Bernstein <mitz@apple.com> <rdar://problem/10196497> first-letter after list marker not updated correctly Reviewed by Simon Fraser. Test: fast/dynamic/first-letter-after-list-marker.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::updateFirstLetter): Improved the logic for continuing past list markers when trying to locate a first letter to update. 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98374 2011-10-25 Chris Evans <cevans@google.com> Manage the CSS property array length correctly https://bugs.webkit.org/show_bug.cgi?id=70783 Reviewed by Adam Barth. * css/CSSParser.cpp: (WebCore::CSSParser::addProperty): don't allow max length to get out of sync with the buffer. 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98344 2011-10-25 Justin Schuh <jschuh@chromium.org> Check for empty string in parseArcFlag https://bugs.webkit.org/show_bug.cgi?id=70763 Reviewed by Dirk Schulze. Test: svg/path-invalid.html * svg/SVGParserUtilities.cpp: (WebCore::parseArcFlag): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98033 2011-10-20 Julien Chaffraix <jchaffraix@webkit.org> RenderDeprecatedFlexibleBox does not call its children's layout method https://bugs.webkit.org/show_bug.cgi?id=64842 Reviewed by David Hyatt. Tests: fast/flexbox/021-vertical.html fast/flexbox/crash-flexbox-no-layout-child.html The FlexBoxIterator would skip any child with visibility: collapsed. However those child would need layout but their layout() function would never be called. This change refactors the way flexible box handles visibility: collapsed child and mark sure their layout() function is called but makes sure that they don't participate in the flex box dimensions. * rendering/RenderDeprecatedFlexibleBox.cpp: (WebCore::FlexBoxIterator::next): Do not skip visibility: collapsed child. (WebCore::childDoesNotAffectWidthOrFlexing): Helper function. (WebCore::RenderDeprecatedFlexibleBox::calcHorizontalPrefWidths): (WebCore::RenderDeprecatedFlexibleBox::calcVerticalPrefWidths): (WebCore::gatherFlexChildrenInfo): (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox): (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox): (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp): (WebCore::RenderDeprecatedFlexibleBox::allowedChildFlex): Updated to skip the now seen visibility: collapsed child during the iteration. 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 98010 2011-10-20 Ken Buchanan <kenrb@chromium.org> Crash in updateFirstLetter on :after generated content https://bugs.webkit.org/show_bug.cgi?id=70031 Reviewed by David Hyatt. Preventing findBeforeAfterParent() from returning a first-letter block and overwriting its style. Instead, it returns the block's parent. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::updateFirstLetter): * rendering/RenderObjectChildList.cpp: (WebCore::findBeforeAfterParent) (WebCore::RenderObjectChildList::updateBeforeAfterContent): First-letter siblings now already have style applied, so this clause is redundant 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 97927 2011-10-19 Carol Szabo <carol@webkit.org> CSS Counters have wrong values https://bugs.webkit.org/show_bug.cgi?id=69605 Reviewed by Darin Adler. Test: fast/css/counters/after-continuation.html Added a new method for getting the renderer of the "after" pseudo-element that handles continuations. Hooked up the new method with the CSS counter code. * rendering/RenderCounter.cpp: (WebCore::rendererOfAfterPseudoElement): (WebCore::previousInPreOrder): (WebCore::nextInPreOrder): * rendering/RenderObject.h: 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 97786 2011-10-18 Julien Chaffraix <jchaffraix@webkit.org> Crash in RenderDeprecatedFlexibleBox::layoutHorizontalBox https://bugs.webkit.org/show_bug.cgi?id=70183 Reviewed by David Hyatt. Test: fast/flexbox/layoutHorizontal-crash.html The deferred scroll information update logic was not updated when an object was destroy'ed. The fix is very simple. As the deferred logic was only used with deprecated flexbox, it is a pretty uncommon cases so let's optimize the new code for the common case. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::willBeDestroyed): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 97502 2011-10-14 Simon Fraser <simon.fraser@apple.com> Web Inspector: WebProcess crashes hard when inspecting elements with border-images applied https://bugs.webkit.org/show_bug.cgi?id=70105 Reviewed by Dave Hyatt. Fix three different crashes related to getting computed style for border-image. In both valueForNinePieceImageSlice() and valueForNinePieceImageQuad(), assign 'right' to 'left' because we've computed a value for 'right' already. Otherwise this would leave 'right' as null, causing later crashes in cssText(). In mapNinePieceImage(), borderImage->imageValue() can be null for a border-image shorthand that is missing the image value. Test: fast/css/getComputedStyle/computed-style-border-image.html * css/CSSComputedStyleDeclaration.cpp: (WebCore::valueForNinePieceImageSlice): (WebCore::valueForNinePieceImageQuad): * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::mapNinePieceImage): 2011-1-5 Lucas Forschler <lforschler@apple.com> Merge 97402 2011-10-12 Abhishek Arya <inferno@chromium.org> Register custom fonts at their creation time, rather than at retirement time. https://bugs.webkit.org/show_bug.cgi?id=68929 Reviewed by Dan Bernstein. Test: fast/text/custom-font-data-crash2.html * css/CSSFontFace.cpp: * css/CSSFontFace.h: remove function added in r94508, which is no longer needed. We now register custom fonts at creation time. * css/CSSFontFaceSource.cpp: (WebCore::CSSFontFaceSource::pruneTable): no longer need to delete/retire font data here, it will be handled in ~Document. (WebCore::CSSFontFaceSource::getFontData): register custom font to document's m_customFonts. * css/CSSFontSelector.cpp: * css/CSSFontSelector.h: remove function added in r94508, which is no longer needed. We now register custom fonts at creation time. * css/CSSSegmentedFontFace.cpp: (WebCore::CSSSegmentedFontFace::pruneTable): no longer need to delete/retire font data here, it will be handled in ~Document. (WebCore::CSSSegmentedFontFace::getFontData): register custom font to document's m_customFonts. * dom/Document.cpp: Change function names to registerCustomFont , deleteCustomFonts and local to m_customFont. (WebCore::Document::~Document): (WebCore::Document::recalcStyle): yanking out the comment. We no longer keep retired custom fonts. We clear all custom fonts on Document destruction. (WebCore::Document::registerCustomFont): (WebCore::Document::deleteCustomFonts): * dom/Document.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97353 2011-10-13 Adam Barth <abarth@webkit.org> DOMWindow subobjects can be re-created after navigation https://bugs.webkit.org/show_bug.cgi?id=68849 Reviewed by Sam Weinig. Test: http/tests/security/xss-DENIED-getSelection-from-inactive-domwindow.html * page/DOMWindow.cpp: (WebCore::DOMWindow::~DOMWindow): - Add ASSERTs to show that we're not recreating these objects. - Add a call to clear() as defense in depth in case we have any of these objects hanging around. (WebCore::DOMWindow::clear): - Clear out a couple of objects that weren't getting cleared. These are actually not likely to cause problems, but clearing them out is the safe thing to do. (WebCore::DOMWindow::isActive): - Add a concept of whether the DOMWindow is "active" in its frame. We had this concept in a couple places already, but centralizing it into a helper function make it easier to use and talk about. (WebCore::DOMWindow::orientation): - Whitespace nit. (WebCore::DOMWindow::screen): (WebCore::DOMWindow::history): (WebCore::DOMWindow::crypto): (WebCore::DOMWindow::locationbar): (WebCore::DOMWindow::menubar): (WebCore::DOMWindow::personalbar): (WebCore::DOMWindow::scrollbars): (WebCore::DOMWindow::statusbar): (WebCore::DOMWindow::toolbar): (WebCore::DOMWindow::console): (WebCore::DOMWindow::applicationCache): (WebCore::DOMWindow::navigator): (WebCore::DOMWindow::performance): (WebCore::DOMWindow::location): (WebCore::DOMWindow::sessionStorage): (WebCore::DOMWindow::localStorage): (WebCore::DOMWindow::webkitNotifications): (WebCore::DOMWindow::webkitIndexedDB): (WebCore::DOMWindow::getSelection): (WebCore::DOMWindow::styleMedia): (WebCore::DOMWindow::webkitURL): (WebCore::DOMWindow::webkitStorageInfo): - Avoid creating these objects when we're not active. That can only lead to sadness. (WebCore::DOMWindow::webkitRequestFileSystem): (WebCore::DOMWindow::webkitResolveLocalFileSystemURL): (WebCore::DOMWindow::openDatabase): (WebCore::DOMWindow::postMessage): - While not techincally creating subobjects, these functions also seem unwise when the DOMWindow is inactive. (WebCore::DOMWindow::find): (WebCore::DOMWindow::length): (WebCore::DOMWindow::getMatchedCSSRules): - These functions operate on the active Document. When we're not active, that's not us! (WebCore::DOMWindow::document): - Update to use the new concept of being active rather than having this function roll its own implementation. (WebCore::DOMWindow::webkitConvertPointFromNodeToPage): (WebCore::DOMWindow::webkitConvertPointFromPageToNode): (WebCore::DOMWindow::scrollBy): (WebCore::DOMWindow::scrollTo): - These functions also look unwise to run when inactive because they're reading information from the active document. - I added a RefPtr for node because the call to updateLayoutIgnorePendingStylesheets() seems likely to be able to run script somehow. (WebCore::DOMWindow::addEventListener): (WebCore::DOMWindow::removeEventListener): (WebCore::DOMWindow::dispatchLoadEvent): (WebCore::DOMWindow::dispatchEvent): - I don't think these functions worked when inactive anyway, but explicitly blocking them seems wise. (WebCore::DOMWindow::setLocation): (WebCore::DOMWindow::isInsecureScriptAccess): (WebCore::DOMWindow::open): (WebCore::DOMWindow::showModalDialog): - These already have checks for being active, but it can't hurt to be explicit at the top of the function. * page/DOMWindow.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97270 2011-10-12 Sergey Glazunov <serg.glazunov@gmail.com> ScriptController::executeIfJavaScriptURL gets confused by synchronous frame loads https://bugs.webkit.org/show_bug.cgi?id=69777 Reviewed by Adam Barth. Test: http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeIfJavaScriptURL): * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::replaceDocument): (WebCore::DocumentWriter::begin): * loader/DocumentWriter.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97180 2011-10-11 Abhishek Arya <inferno@chromium.org> Generalize r95461 change to include table-cell and allow splitting between :before, :after content. https://bugs.webkit.org/show_bug.cgi?id=69854 Reviewed by Eric Seidel. Test: fast/table/table-row-before-after-content-around-table-cell.html * rendering/RenderObject.cpp: (WebCore::RenderObject::addChild): 2012-01-04 Oliver Hunt <oliver@apple.com> Merge r94457 2011-08-30 Matthew Delaney <mdelaney@apple.com> Read out of bounds in sUnpremultiplyData_RGBA8888 / ImageBufferData::getData https://bugs.webkit.org/show_bug.cgi?id=65352 Reviewed by Simon Fraser. New test: fast/canvas/canvas-getImageData-large-crash.html This patch prevents overflows from happening in getImageData, createImageData, and canvas creation calls that specify widths and heights that end up overflowing the ints that we store those values in as well as derived values such as area and maxX / maxY of the bounding rects involved. Overflow of integer arithmetic is detected via the use of the new Checked type that was introduced in r94207. * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::convertLogicalToDevice): Removed dependency on ints, using FloatRects/Sizes instead. (WebCore::HTMLCanvasElement::createImageBuffer): Moved the check for max canvas area and dimensions here. Added in check that prevents us from having canvases of sizes that will cause overflows. (WebCore::HTMLCanvasElement::baseTransform): Updated use of convertLogicalToDevice. * html/HTMLCanvasElement.h: Updated method signatures. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::createEmptyImageData): Added in check to prevent creating ImageData objects that will cause overflow when computing their size. (WebCore::CanvasRenderingContext2D::createImageData): Avoid creating ImageData objects of size that will overflow later. (WebCore::CanvasRenderingContext2D::getImageData): Added in check to prevent trying to get ImageData objects that will cause overflow when computing their size. * platform/graphics/FloatRect.cpp: (WebCore::FloatRect::isExpressibleAsIntRect): New method that tests whether a FloatRect can become an IntRect without overflow or having to be clamped. * platform/graphics/FloatRect.h: * platform/graphics/FloatSize.cpp: (WebCore::FloatSize::isExpressibleAsIntSize): Same as FloatRect, but for FloatSize->IntSize. * platform/graphics/FloatSize.h: * platform/graphics/cg/ImageBufferCG.cpp: Added check for overflow. (WebCore::ImageBuffer::ImageBuffer): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97180 2011-10-11 Abhishek Arya <inferno@chromium.org> Generalize r95461 change to include table-cell and allow splitting between :before, :after content. https://bugs.webkit.org/show_bug.cgi?id=69854 Reviewed by Eric Seidel. Test: fast/table/table-row-before-after-content-around-table-cell.html * rendering/RenderObject.cpp: (WebCore::RenderObject::addChild): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97124 2011-10-10 Abhishek Arya <inferno@chromium.org> Style not updated on text fragment in :first-letter nested in :before table. https://bugs.webkit.org/show_bug.cgi?id=69540 Reviewed by Dan Bernstein. Test: fast/css-generated-content/first-letter-in-nested-before-table.html * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::updateBeforeAfterContent): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97114 2011-10-10 Dan Bernstein <mitz@apple.com> <rdar://problem/10246137> Duplicate ::after content when both ::before and ::after are styled as table parts Reviewed by Sam Weinig. Test: fast/css-generated-content/table-parts-before-and-after.html * rendering/RenderObject.cpp: (WebCore::RenderObject::addChild): Prevented table part childern after a ::before table from being merged into it. * rendering/RenderTable.cpp: (WebCore::RenderTable::addChild): Prevented children after a ::before table section from being merged into it. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97075 2011-10-10 Abhishek Arya <inferno@chromium.org> Style for updated due to inability to locate :before content in presence of listmarkers and runins. https://bugs.webkit.org/show_bug.cgi?id=68624 Reviewed by Dan Bernstein. Tests: fast/lists/inline-before-content-after-list-marker.html fast/runin/runin-between-list-marker-and-before-content.html fast/runin/runin-into-div-with-float-child.html fast/runin/runin-not-go-into-float.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::handleRunInChild): Fix as per spec that we should not be skipping over floating/positioned renderers to push runins into neighbouring block. This matches Opera renderings. * rendering/RenderObject.cpp: Add const to parameter variable to make call from beforePseudoElementRenderer easier. Also matches CounterNode.h definition. (WebCore::RenderObject::nextInPreOrder): (WebCore::RenderObject::nextInPreOrderAfterChildren): * rendering/RenderObject.h: Same const addition. * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::beforePseudoElementRenderer): Remove skipping of floating/positioned renderers, similar to handleRunIn. Revert code change in r94857 and add better next sibling iterator. This addresses the layouttest in r94857 where :before content is in its own anonymous rendertable. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 97074 2011-10-10 Abhishek Arya <inferno@chromium.org> Handle insertion into an anonymous table part that is followed by a non-anonymous block correctly. https://bugs.webkit.org/show_bug.cgi?id=69536 Reviewed by Dan Bernstein. Tests: fast/table/table-insert-before-non-anonymous-block.html * rendering/RenderTable.cpp: (WebCore::RenderTable::addChild): * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::addChild): * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::addChild): (WebCore::RenderTableSection::splitColumn): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96999 2011-10-07 Justin Schuh <jschuh@chromium.org> Make isXMLMIMEType regex use TLS https://bugs.webkit.org/show_bug.cgi?id=69665 Reviewed by Adam Barth. Test: fast/workers/worker-multi-startup.html * dom/DOMImplementation.cpp: (WebCore::XMLMIMETypeRegExp::XMLMIMETypeRegExp): (WebCore::XMLMIMETypeRegExp::~XMLMIMETypeRegExp): (WebCore::XMLMIMETypeRegExp::isXMLMIMEType): (WebCore::DOMImplementation::isXMLMIMEType): * dom/DOMImplementation.h: * platform/ThreadGlobalData.cpp: (WebCore::ThreadGlobalData::ThreadGlobalData): (WebCore::ThreadGlobalData::destroy): * platform/ThreadGlobalData.h: (WebCore::ThreadGlobalData::xmlTypeRegExp): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96984 2011-10-07 Sergey Glazunov <serg.glazunov@gmail.com> XSLT-generated document should inherit its SecurityOrigin from the source document https://bugs.webkit.org/show_bug.cgi?id=69661 Reviewed by Adam Barth. Test: http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml * xml/XSLTProcessor.cpp: (WebCore::XSLTProcessor::createDocumentFromSource): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96868 2011-10-06 Abhishek Arya <inferno@chromium.org> Crash in VisiblePosition::canonicalPosition. https://bugs.webkit.org/show_bug.cgi?id=69568 Reviewed by Ryosuke Niwa. Move the position's containerNode calculation after layout is complete(in updateLayoutIgnorePendingStylesheets). Test: editing/selection/selection-plugin-clear-crash.html * editing/VisiblePosition.cpp: (WebCore::VisiblePosition::canonicalPosition): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96834 2011-10-06 Dan Bernstein <mitz@apple.com> <rdar://problem/10232866> Assertion failure beneath blockSelectionGaps() when a selected node is removed Reviewed by Ryosuke Niwa. Test: editing/selection/invalid-in-RenderView.html * editing/FrameSelection.cpp: (WebCore::FrameSelection::updateAppearance): Ensure that the VisibleSelection used to set the selection in the RenderView is valid, by reconstructing it from the current selection. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96826 2011-10-06 Sergey Glazunov <serg.glazunov@gmail.com> Add check for JavaScript URLs in HTMLPlugInImageElement::allowedToLoadFrameURL https://bugs.webkit.org/show_bug.cgi?id=68813 Reviewed by Adam Barth. Test: http/tests/security/xss-DENIED-object-element.html * html/HTMLPlugInImageElement.cpp: (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96632 2011-09-21 Cris Neckar <cdn@chromium.org> Hold refptr to identified previous sibling within findPlaceForCounter. https://bugs.webkit.org/show_bug.cgi?id=68563 Reviewed by Adam Barth. Test: fast/css/counters/counter-after-style-crash.html * rendering/RenderCounter.cpp: (WebCore::findPlaceForCounter): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96427 2011-09-30 Dan Bernstein <mitz@apple.com> <rdar://problem/10208291> first-letter in generated before content with display: table is not updated Reviewed by Sam Weinig. Test: fast/css-generated-content/first-letter-in-nested-before.html * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::updateBeforeAfterContent): Preserve the style type of anonymous containers around the generated content when updating their style. This preserves the first-letter-ness of the inline wrapping the first letter, which allows updateFirstLetter() to identify it later. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 96260 2011-09-28 Sergey Glazunov <serg.glazunov@gmail.com> JavaScript generated documents don't inherit the cookie URL https://bugs.webkit.org/show_bug.cgi?id=69003 Reviewed by Adam Barth. Test: http/tests/security/cookies/cookie-theft-with-javascript-doc.html * dom/Document.h: (WebCore::Document::setCookieURL): * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::replaceDocument): (WebCore::DocumentWriter::begin): * loader/DocumentWriter.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95985 2011-09-26 Dan Bernstein <mitz@apple.com> REGRESSION (r95926) Assert firing in svg/clip-path/clip-path-on-svg.svg https://bugs.webkit.org/show_bug.cgi?id=68819 Reviewed by Dave Hyatt. * rendering/RenderObject.cpp: (WebCore::RenderObject::scheduleRelayout): Revert to using view() instead of the RenderView** parameter of isRooted, since only the former returns 0 when the document is detached. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95959 2011-09-26 Abhishek Arya <inferno@chromium.org> Delete retired custom font data only on document destruction, and not on recalc style. https://bugs.webkit.org/show_bug.cgi?id=68805 Reviewed by Dave Hyatt. Test: fast/text/custom-font-data-crash.html * dom/Document.cpp: (WebCore::Document::recalcStyle): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95926 2011-09-25 Dan Bernstein <mitz@apple.com> <rdar://problem/10156263> ASSERT in WebCore::FrameView::scheduleRelayoutOfSubtree Reviewed by Sam Weinig. Test: fast/dynamic/subtree-unrooted.html * rendering/RenderObject.cpp: (WebCore::RenderObject::scheduleRelayout): Replaced the check that the renderer is parented, which was added in r21162, with a check that it is “rooted”. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95924 2011-09-24 Abhishek Arya <inferno@chromium.org> Issues with merging block children of a ruby base with another ruby base having inline children. https://bugs.webkit.org/show_bug.cgi?id=66124 Reviewed by Dan Bernstein. Test: fast/ruby/ruby-base-merge-block-children-crash.html * rendering/RenderRubyBase.cpp: (WebCore::RenderRubyBase::moveInlineChildren): add a firstChild() check to prevent empty anonymous block addition, just like moveBlockChildren method. * rendering/RenderRubyBase.cpp: (WebCore::RenderRubyBase::moveBlockChildren): This was incorrectly doing optimizations to see if current ruby base has only inline children before beforeChild and then trying to take out them from their parent anonymous blocks. The problem is those inlines could be split and have continuations because of encountering a block inside inline flow. In those cases, we cannot take the inline out. So, we should just make children non-inline in the destination block and transfer the children as it-is. * rendering/RenderRubyBase.h: remove unncessary functions. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95857 2011-09-23 Abhishek Arya <inferno@chromium.org> Style not updated for :before, :after content in ruby text. https://bugs.webkit.org/show_bug.cgi?id=68625 Reviewed by Dave Hyatt. Test: fast/ruby/ruby-text-before-after-content.html * rendering/RenderRubyText.cpp: (WebCore::RenderRubyText::updateBeforeAfterContent): * rendering/RenderRubyText.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95728 2011-09-22 Sergey Glazunov <serg.glazunov@gmail.com> Ref protect shaders in V8WebGLRenderingContext::getAttachedShadersCallback https://bugs.webkit.org/show_bug.cgi?id=68630 Reviewed by Adam Barth. Test: fast/canvas/webgl/shader-deleted-by-accessor.html * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::getAttachedShaders): * bindings/v8/custom/V8WebGLRenderingContextCustom.cpp: (WebCore::V8WebGLRenderingContext::getAttachedShadersCallback): * html/canvas/WebGLRenderingContext.cpp: (WebCore::WebGLRenderingContext::getAttachedShaders): * html/canvas/WebGLRenderingContext.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95671 2011-09-21 Abhishek Arya <inferno@chromium.org> Not use anonymousContainer on beforeChild calculation and let later code handle it. Fix style update on block-level anonymous objects. https://bugs.webkit.org/show_bug.cgi?id=67656 Reviewed by David Hyatt. Test: fast/table/quote-text-around-iframe.html * rendering/RenderTable.cpp: (WebCore::RenderTable::addChild): * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::styleDidChange): * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::addChild): * rendering/RenderObject.cpp: (WebCore::RenderObject::propagateStyleToAnonymousChildren): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95497 2011-09-19 Jeremy Apthorp <jeremya@chromium.org> Fix a use-after-free: clear the fullscreen change event target queue at detach time, rather than at destruction time. If this isn't done, it's possible for the event target queue to be the only thing that references the document. Then when the document is popped off the queue and dereferenced in Document::fullScreenChangeDelayTimerFired, the document is destroyed and the subsequent access to m_fullScreenChangeEventTargetQueue.isEmpty() accesses free'd memory. https://bugs.webkit.org/show_bug.cgi?id=67960 Reviewed by Adam Barth. * dom/Document.cpp: (WebCore::Document::~Document): (WebCore::Document::detach): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95462 2011-09-19 Abhishek Arya <inferno@chromium.org> Issues with merging ruby bases. https://bugs.webkit.org/show_bug.cgi?id=67240 Reviewed by James Robinson. 1) Change fromBeforeChild to beforeChild to match webkit rendering naming conventions. 2) Add assert to verify ruby base is indeed emptied after collecting all children in a single base. 3) Fix condition in mergeBlockChildren to bail out only when we have no children and there is no work to merge children to toBase. Test: fast/ruby/ruby-overhang-crash.html * rendering/RenderRubyBase.cpp: (WebCore::RenderRubyBase::moveChildren): (WebCore::RenderRubyBase::moveInlineChildren): (WebCore::RenderRubyBase::moveBlockChildren): (WebCore::RenderRubyBase::mergeBlockChildren): * rendering/RenderRubyBase.h: * rendering/RenderRubyRun.cpp: (WebCore::RenderRubyRun::removeChild): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95461 2011-09-16 Abhishek Arya <inferno@chromium.org> Child not placed correctly when beforeChild (table part) has both :before, :after content. https://bugs.webkit.org/show_bug.cgi?id=67656 Reviewed by James Robinson. Tests: fast/table/table-cell-before-after-content-around-table-block.html fast/table/table-cell-before-after-content-around-table-row.html fast/table/table-cell-before-after-content-around-table.html fast/table/table-row-before-after-content-around-block.html fast/table/table-row-before-after-content-around-table.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks): 1. Use the new helper functions findAfterContentRenderer, anonymousContainer. 2. Rename anonymousChild to better name - beforeChildAnonymousContainer. * rendering/RenderObject.cpp: (WebCore::RenderObject::addChild): When adding a new child, if beforeChild is a table part( Table/TableSection/TableRow), we need to check if both :before, :after content are shoved in one of the anonymous child. If yes, we need to split the :before, :after content before adding newChild. Easiest approach is to destroy the :before content, then add the newChild and then call updateBeforeAfterContent to recreate the :before content. * rendering/RenderObject.h: (WebCore::RenderObject::findBeforeContentRenderer): same as beforePseudoElementRenderer, but ignores text childs since they are sequentially added. (WebCore::RenderObject::findAfterContentRenderer): same. (WebCore::RenderObject::anonymousContainer): (WebCore::objectIsRelayoutBoundary): * rendering/RenderTable.cpp: (WebCore::RenderTable::addChild): use the new helpers and functionally correct functions - findAfterContentRenderer, anonymousContainer. previous implementation was wrong since it would not go inside, if :after content is embedded deeper than one level. * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::addChild): same. * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::addChild): same. 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95440 2011-09-19 Jessie Berlin <jberlin@apple.com> Sites that use history pushState or replaceState are recorded in history in Private Browsing mode. https://bugs.webkit.org/show_bug.cgi?id=68208 Reviewed by Brady Eidson. Test: TestWebKitAPI/Tests/WebKit2/PrivateBrowsingPushStateNoHistoryCallback. Add the privateBrowsingEnabled check that is used in other places in HistoryController before calling addVisitedLink and FrameLoaderClient::updateGlobalHistory. * loader/HistoryController.cpp: (WebCore::HistoryController::pushState): (WebCore::HistoryController::replaceState): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95306 2011-09-16 James Simonsen <simonjam@chromium.org> Fix HTML5 parser's adoption agency algorithm to reparent correctly https://bugs.webkit.org/show_bug.cgi?id=68147 Reviewed by Eric Seidel. * html/parser/HTMLTreeBuilder.cpp: (WebCore::HTMLTreeBuilder::callTheAdoptionAgency): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95301 2011-09-16 Abhishek Arya <inferno@chromium.org> cachedFont not getting updated for inline SVG text. https://bugs.webkit.org/show_bug.cgi?id=68060 Reviewed by Nikolas Zimmermann. The cached scaledFont needs to be updated on every style set call. It is not similar to m_style which can get derived from parent's style and hence will get automatically updated on ancestor's style change. This is required, otherwise we will maintain stale font list in cached scaledFont when custom fonts are retired on Document::recalcStyle. Test: svg/text/text-style-recalc-crash.html * rendering/svg/RenderSVGInlineText.cpp: (WebCore::RenderSVGInlineText::styleDidChange): (WebCore::RenderSVGInlineText::setStyle): * rendering/svg/RenderSVGInlineText.h: 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95074 2011-09-13 Abhishek Arya <inferno@chromium.org> Crash in RenderScrollbarPart::imageChanged. https://bugs.webkit.org/show_bug.cgi?id=68009 Reviewed by Simon Fraser. When a custom scrollbar is removed from its FrameView, its destruction can be delayed because of RefPtr maintained in EventHandler class (m_lastScrollbarUnderMouse). Upon removal, we delete all the scrollbar parts so that they don't link back to scrollbar. However, because of the delay, we can have a call to updateScrollbarPart which recreates it. When scrollbar is getting destroyed, we just check to see if there are remaining scrollbar parts and if yes, we destroy them. Test: scrollbars/scrollbar-part-created-with-no-parent-crash.html * rendering/RenderScrollbar.cpp: (WebCore::RenderScrollbar::~RenderScrollbar): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95071 2011-09-13 Adam Klein <adamk@chromium.org> Fix cssText property of counter-valued CSSPrimitiveValue and avoid uninitialized read https://bugs.webkit.org/show_bug.cgi?id=68021 Reviewed by Tony Chang. Reported by valgrind in http://crbug.com/60653. Besides fixing the uninitialized read, add support for outputting the list separator for counters() calls and the list-style name. Test: fast/css/counters/counter-cssText.html * css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::cssText): 2011-1-4 Lucas Forschler <lforschler@apple.com> Merge 95059 2011-09-13 Jeremy Apthorp <jeremya@google.com> Fix crash when an iframe element is removed during a transition to fullscreen. https://bugs.webkit.org/show_bug.cgi?id=67960 Reviewed by Adam Barth. Test: fullscreen/full-screen-remove-ancestor-during-transition.html * dom/Document.cpp: (WebCore::Document::~Document): Clear the list of elements to which we need to send a fullscreenchange event. 2011-12-21 Oliver Hunt <oliver@apple.com> Merged JavaScriptCore and related changes from r99898-r102985 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 95054 2011-08-11 Cris Neckar <cdn@chromium.org> Fixes several bugs when adding CounterNodes to a tree which can cause asymetrical relationships. https://bugs.webkit.org/show_bug.cgi?id=65996 Reviewed by Eric Seidel. Test: fast/css/counters/counter-reparent-table-children-crash.html * rendering/CounterNode.cpp: (WebCore::CounterNode::insertAfter): * rendering/RenderCounter.cpp: (WebCore::findPlaceForCounter): (WebCore::makeCounterNode): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 95010 2011-09-12 Adam Klein <adamk@chromium.org> Fix out-of-bounds access in Gradient::sortStopsIfNecessary https://bugs.webkit.org/show_bug.cgi?id=67958 Reviewed by Darin Adler. Reported by Valgrind in http://crbug.com/77049. The errant code was added as an optimization in r67804. This patch reverts that one, as all parties agree that the optimization doesn't seem worthwhile, and there clearly aren't any tests covering the special case. No new tests, as existing tests should cover the remaining call to |std::stable_sort|. * platform/graphics/Gradient.cpp: (WebCore::Gradient::sortStopsIfNecessary): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94991 2011-09-12 Dan Bernstein <mitz@apple.com> <rdar://problem/10054615> Floats in ruby text intrude into the base Reviewed by Darin Adler. Test: fast/ruby/float-overhang-from-ruby-text.html * rendering/RenderRubyText.cpp: (WebCore::RenderRubyText::avoidsFloats): Added. Returns true. This ensures that RenderBlock::clearFloats() will not consider ruby text as having intruding floats. * rendering/RenderRubyText.h: 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94905 2011-09-10 Ken Buchanan <kenrb@chromium.org> Crash due to bad data in SVGDocumentExtensions m_pendingResources https://bugs.webkit.org/show_bug.cgi?id=67488 Reviewed by Nikolas Zimmermann. Resolving a crash condition caused by the deletion of elements while pending resource entries for those elements are still recorded. * rendering/svg/RenderSVGResourceContainer.cpp: (WebCore::RenderSVGResourceContainer::registerResource) * svg/SVGDocumentExtensions.h: (WebCore::SVGDocumentExtensions::isElementInPendingResources) * svg/SVGDocumentExtensions.cpp: (WebCore::SVGDocumentExtensions::addPendingResource) (WebCore::SVGDocumentExtensions::isElementInPendingResources) (WebCore::SVGDocumentExtensions::removeElementFromPendingResources) * svg/SVGStyledElement.h: (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible) * svg/SVGStyledElement.cpp: (WebCore::SVGStyledElement::buildPendingResourcesIfNeeded) (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible) * svg/SVGUseElement.cpp: (WebCore::SVGUseElement::svgAttributeChanged) 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94892 2011-09-09 Jessie Berlin <jberlin@apple.com> Cookies are not available after turning off Private Browsing after the last window has been closed. https://bugs.webkit.org/show_bug.cgi?id=67874 Reviewed by Darin Adler. The private browsing storage session is a global setting that is being incorrectly set on a per-page basis (see http://webkit.org/b/67870). In this case, the global value was getting out of sync with the per-page setting: 1. The global value was getting set to true when setPrivateBrowsingEnabled(true) was called. 2. All Pages were then closed, destroying their Settings objects. 3. When a new Page was created, a new Settings object was created and its m_privateBrowsingEnabled value was getting set to false. 4. The WebPage settings were then applied to the new Settings object, resulting in setPrivateBrowsingEnabled(false) to be called. 5. An if (m_privateBrowsingEnabled == privateBrowsingEnabled) early return prevented the global value for the storage session from being destroyed. * page/Settings.cpp: (WebCore::Settings::setPrivateBrowsingEnabled): Move the early return to be after setting the global private browsing values, and add a clearer comment + FIXME. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94857 2011-09-08 Abhishek Arya <inferno@chromium.org> :before content rendering issues with list markers and run-ins. https://bugs.webkit.org/show_bug.cgi?id=67735 1) Remove the isAnonymous checks for run-in detection since the run-in can belong to a node. 2) When the parent has block children, then the list marker will be enclosed in an anonymous block. In that case, for going to the next list marker, we need to traverse one level up. We don't need this check when searching for generated run-in (loop 2), since we know parent will have inline children, so the list marker wont be enclosed in an anonymous block. Reviewed by Dave Hyatt. Tests: fast/lists/list-marker-before-content-table.html fast/runin/runin-generated-before-content.html * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::beforePseudoElementRenderer): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94582 2011-09-06 Abhishek Arya <inferno@chromium.org> Style not propagated to anonymous boxes and anonymous inline-blocks. https://bugs.webkit.org/show_bug.cgi?id=67364 Reviewed by James Robinson. Share propagateStyleToAnonymousChildren with RenderBlock::styleDidChange. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::styleDidChange): * rendering/RenderObject.cpp: (WebCore::RenderObject::propagateStyleToAnonymousChildren): * rendering/RenderObject.h: 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94543 2011-09-04 Abhishek Arya <inferno@chromium.org> Style not propagated to anonymous boxes and anonymous inline-blocks. https://bugs.webkit.org/show_bug.cgi?id=67364 Reviewed by James Robinson. Tests: fast/ruby/ruby-block-style-not-updated-with-before-after-content.html fast/ruby/ruby-block-style-not-updated.html fast/ruby/ruby-inline-style-not-updated-with-before-after-content.html fast/ruby/ruby-inline-style-not-updated.html fast/table/table-row-style-not-updated-with-after-content.html fast/table/table-row-style-not-updated-with-before-content.html fast/table/table-row-style-not-updated.html fast/table/table-style-not-updated.html * rendering/RenderObject.cpp: (WebCore::RenderObject::propagateStyleToAnonymousChildren): * rendering/RenderObject.h: (WebCore::RenderObject::isBeforeAfterContent): * rendering/RenderRuby.cpp: (WebCore::RenderRubyAsInline::styleDidChange): (WebCore::RenderRubyAsBlock::styleDidChange): * rendering/RenderRuby.h: * rendering/RenderTable.cpp: (WebCore::RenderTable::styleDidChange): * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::styleDidChange): (WebCore::RenderTableRow::addChild): * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::styleDidChange): (WebCore::RenderTableSection::addChild): * rendering/RenderTableSection.h: 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94541 2011-09-05 Abhishek Arya <inferno@chromium.org> Crash in RenderObjectChildList::destroyLeftOverChildren() https://bugs.webkit.org/show_bug.cgi?id=64753 Reviewed by James Robinson. If any of the ancestors between column span element and containing column's block is a continuation, then don't attempt to render the column span by splitting the block into continuations. Test: fast/multicol/column-span-parent-continuation-crash.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::columnsBlockForSpanningElement): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94512 2011-09-04 Abhishek Arya <inferno@chromium.org> Unreviewed. Compile fix for r94511. * dom/Range.cpp: (WebCore::Range::processContents): (WebCore::Range::processAncestorsAndTheirSiblings): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94511 2011-09-04 Abhishek Arya <inferno@chromium.org> Crash in Range::processAncestorsAndTheirSiblings. https://bugs.webkit.org/show_bug.cgi?id=67556 Reviewed by Ryosuke Niwa. Create a temporary RefPtr Node vector to keep all the ancestor's childs so that we don't access removed child nodes. Test: fast/dom/Range/range-delete-contents-event-fire-crash.html * dom/Range.cpp: (WebCore::Range::processContents): (WebCore::Range::processAncestorsAndTheirSiblings): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94508 2011-09-04 Dan Bernstein <mitz@apple.com> <rdar://problem/10071256> Retain retired custom fonts until the next style recalc Reviewed by Darin Adler. Test: fast/css/font-face-used-after-retired.html During style recalc, existing renderers may reference their old style, including font data. Allow them to do so safely by keeping retired custom font data around until after style recalc. * css/CSSFontFace.cpp: (WebCore::CSSFontFace::retireCustomFont): Added. Calls through to CSSFontSelector, if the font face is still part of any segmented font face. Otherwise, deletes the custom font data. * css/CSSFontFace.h: * css/CSSFontFaceSource.cpp: (WebCore::CSSFontFaceSource::pruneTable): Changed to call retireCustomFont() instead of deleting retired font data. * css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::retireCustomFont): Added. Calls through to the Document, if this is still the active font selector for a document. Otherwise, deletes the custom font data. * css/CSSFontSelector.h: * css/CSSSegmentedFontFace.cpp: (WebCore::CSSSegmentedFontFace::pruneTable): Changed to call retireCustomFont() instead of deleting retired font data. * dom/Document.cpp: (WebCore::Document::~Document): Added a call to deleteRetiredCustomFonts(), in case the Document is destroyed before getting a chance to recalc style after custom fonts have been retired. (WebCore::Document::recalcStyle): Added a call to deleteRetiredCustomFonts() after style recalc. (WebCore::Document::deleteRetiredCustomFonts): Added. Deletes all previously-retired custom font data. * dom/Document.h: (WebCore::Document::retireCustomFont): Added. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94455 2011-09-02 Dan Bernstein <mitz@apple.com> <rdar://problem/9755843> anonymous RenderMathMLOperator sets itself as the renderer of its parent mfenced node Reviewed by Darin Adler. Test: mathml/operator-hijacks-fenced-node.xhtml * rendering/mathml/RenderMathMLOperator.cpp: (WebCore::RenderMathMLOperator::updateFromElement): Rather than unconditionally setting the node’s renderer to this, just restore it to whatever it was before calling destroyLeftoverChildren(). 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94112 2011-08-30 Adam Barth <abarth@webkit.org> Flaky crash with JavaScript URLs https://bugs.webkit.org/show_bug.cgi?id=66360 Reviewed by Nate Chapin. This patch teaches DocumentWriter::begin to make a copy of the URL before beginning a new document to avoid a crash. Test: fast/loader/javascript-url-iframe-crash.html * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::begin): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94109 2011-08-30 Abhishek Arya <inferno@chromium.org> Style not updated for table parts in :before, :after content. https://bugs.webkit.org/show_bug.cgi?id=66141 Reviewed by Dave Hyatt. Tests: fast/table/table-before-child-style-update.html fast/table/table-row-before-child-style-update.html * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::updateBeforeAfterContent): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94095 2011-08-29 Oliver Hunt <oliver@apple.com> TypedArrays don't ensure that denormalised values are normalised https://bugs.webkit.org/show_bug.cgi?id=67178 Reviewed by Gavin Barraclough. Ensure that we convert singaling nans to silent nans when loading from a typed array. * bindings/scripts/CodeGeneratorJS.pm: (GenerateImplementation): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 94001 2011-08-29 Abhishek Arya <inferno@chromium.org> Crash in InlineBox::deleteLine due to accessing removed renderer. https://bugs.webkit.org/show_bug.cgi?id=66015 Reviewed by Simon Fraser. Test: fast/block/line-layout/inline-box-wrapper-crash.html * rendering/RenderBox.cpp: (WebCore::RenderBox::positionLineBox): Make sure that the previous inline box wrapper is destroyed properly, before setting a new one. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93943 2011-08-27 Anders Carlsson <andersca@apple.com> iChat: Receiving a message containing only a single-quote (') causes bubble to fail https://bugs.webkit.org/show_bug.cgi?id=67076 <rdar://problem/10026089> Reviewed by Dan Bernstein. Test: fast/borders/border-fit-2.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::borderFitAdjust): Make sure that the resulting rect isn't smaller than the border + padding. (WebCore::RenderBlock::clearTruncation): Fix blatant coding style violations. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93794 2011-08-25 Abhishek Arya <inferno@chromium.org> Incorrect layout of :before and :after content, with display table, table-row and table-cell. https://bugs.webkit.org/show_bug.cgi?id=66699 Reviewed by David Hyatt. Tests: fast/table/table-after-child-in-table.html fast/table/table-before-child-in-table.html fast/table/table-cell-after-child-in-block.html fast/table/table-cell-after-child-in-table.html fast/table/table-cell-before-child-in-block.html fast/table/table-cell-before-child-in-table.html fast/table/table-row-after-child-in-block.html fast/table/table-row-after-child-in-table.html fast/table/table-row-before-child-in-block.html fast/table/table-row-before-child-in-table.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks): Fix the looping condition to detect :after child correctly. isAnonymousBlock() does not apply to tables, instead using isAnonymous(). * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::addChild): Don't add the new child in the generatedContainer with :before, :after content. * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::addChild): Don't add the new child in the generatedContainer with :before, :after content. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93521 2011-08-22 Nate Chapin <japhet@chromium.org> Unload events can crash us when they blank out a parent frame. https://bugs.webkit.org/show_bug.cgi?id=64741 Reviewed by Adam Barth. Test: fast/loader/document-destruction-within-unload.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::stopLoading): Prevent unload events from going into infinite recursion. (WebCore::FrameLoader::setDocumentLoader): Ensure we don't let set m_documentLoader to a DocumentLoader with a null Frame*. (WebCore::FrameLoader::detachChildren): Save off a vector of children to detach, rather than doing it inline. 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93514 2011-08-22 Abhishek Arya <inferno@chromium.org> Crash in FocusController::advanceFocusInDocumentOrder https://bugs.webkit.org/show_bug.cgi?id=66678 RefPtr the focusable node to prevent getting deleted by mutation event. Reviewed by Dave Hyatt. Test: fast/frames/focus-controller-crash-change-event.html * page/FocusController.cpp: (WebCore::FocusController::advanceFocusInDocumentOrder): 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93347 2011-08-18 Ryosuke Niwa <rniwa@webkit.org> SimplifiedBackwardsTextIterator returns incorrect offset with first-letter rule https://bugs.webkit.org/show_bug.cgi?id=66086 Reviewed by Darin Adler. The bug was caused by SimplifiedBackwardsTextIterator's not taking care of first-letter at all. Fixing the bug by detecting RenderTextFragment in handleTextNode. Also added m_shouldHandleFirstLetter to SimplifiedBackwardsTextIterator to keep track of whether or not the next call to handleTextNode needs to process the first-letter part of the text fragment. Test: editing/text-iterator/backward-textiterator-first-letter-crash.html * editing/TextIterator.cpp: (WebCore::firstRenderTextInFirstLetter): Extracted from handleTextNodeFirstLetter. (WebCore::TextIterator::handleTextNodeFirstLetter): Calls firstRenderTextInFirstLetter. (WebCore::SimplifiedBackwardsTextIterator::SimplifiedBackwardsTextIterator): (WebCore::SimplifiedBackwardsTextIterator::handleTextNode): (WebCore::SimplifiedBackwardsTextIterator::handleFirstLetter): Added. * editing/TextIterator.h: 2011-12-21 Lucas Forschler <lforschler@apple.com> Merge 93227 2011-08-17 Abhishek Arya <inferno@chromium.org> Crash in Document::recalcStyleSelector https://bugs.webkit.org/show_bug.cgi?id=66335 Reviewed by Simon Fraser. When node is getting destroyed and its removedFromDocument is not called due to entire document structure torn down(using removeAllChildren), make sure to clear out the stylesheet candidate node from document's structures in its destructor. Test: svg/dom/stylesheet-candidate-node-crash-main.html * dom/ProcessingInstruction.cpp: (WebCore::ProcessingInstruction::~ProcessingInstruction): * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::~HTMLLinkElement): * html/HTMLStyleElement.cpp: (WebCore::HTMLStyleElement::~HTMLStyleElement): * svg/SVGStyleElement.cpp: (WebCore::SVGStyleElement::~SVGStyleElement): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 93032 2011-08-13 Abhishek Arya <inferno@chromium.org> Crash in HTMLTreeBuilder::processAnyOtherEndTagForInBody https://bugs.webkit.org/show_bug.cgi?id=66187 Reviewed by Adam Barth. RefPtr a few ContainerNodes to prevent premature deletion. Test: fast/html/process-end-tag-for-inbody-crash.html * html/parser/HTMLTreeBuilder.cpp: (WebCore::HTMLTreeBuilder::processCloseWhenNestedTag): (WebCore::HTMLTreeBuilder::processAnyOtherEndTagForInBody): (WebCore::HTMLTreeBuilder::callTheAdoptionAgency): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92966 2011-08-12 Abhishek Arya <inferno@chromium.org> Crash in WebCore::editingIgnoresContent https://bugs.webkit.org/show_bug.cgi?id=66125 Reviewed by Ryosuke Niwa. RefPtr a few nodes in case they get blown away in dispatchEvent calls. Test: editing/selection/select-start-remove-root-crash.html * editing/FrameSelection.cpp: (WebCore::FrameSelection::selectAll): * editing/ReplaceSelectionCommand.cpp: (WebCore::ReplacementFragment::ReplacementFragment): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92798 2011-08-10 Abhishek Arya <inferno@chromium.org> Check that we do not need layout before trying to dirty m_originatingLine for our floats. https://bugs.webkit.org/show_bug.cgi?id=65938 Reviewed by Dave Hyatt. Test: fast/block/float/float-originating-line-deleted-crash.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::removeFloatingObject): (WebCore::RenderBlock::clearFloats): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92744 2011-08-09 Abhishek Arya <inferno@chromium.org> Style change not propagating for before, after content for table parts. https://bugs.webkit.org/show_bug.cgi?id=51862 Fix by Chris Evans (cevans@chromium.org). In the table case, make sure to return the before / after parent rather then the before / after node itself. Reviewed by Simon Fraser. * rendering/RenderObjectChildList.cpp: (WebCore::findBeforeAfterParent): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92630 2011-08-08 Cris Neckar <cdn@chromium.org> Remove counter nodes from the tree and fix-up children when they are removed from the counter map. https://bugs.webkit.org/show_bug.cgi?id=65346 Reviewed by Adam Barth. Covered by existing CSS counter tests. * rendering/CounterNode.cpp: (WebCore::CounterNode::~CounterNode): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92347 2011-08-03 Kent Tamura <tkent@chromium.org> Fix incorrect checks for HTMLMediaElement https://bugs.webkit.org/show_bug.cgi?id=65590 Reviewed by Dimitri Glazkov. <video> and <audio> can be an HTMLElement instance instead of HTMLMediaElement if MediaPlayer::isAvailable() returns false or the media feature is disabled at runtime. * html/HTMLSourceElement.cpp: (WebCore::HTMLSourceElement::insertedIntoTree): (WebCore::HTMLSourceElement::willRemove): * html/HTMLTrackElement.cpp: (WebCore::HTMLTrackElement::insertedIntoTree): (WebCore::HTMLTrackElement::willRemove): * html/shadow/MediaControlElements.cpp: (WebCore::toParentMediaElement): * page/FrameView.cpp: (WebCore::FrameView::updateWidget): * platform/efl/RenderThemeEfl.cpp: (WebCore::RenderThemeEfl::paintMediaMuteButton): * platform/gtk/RenderThemeGtk.cpp: (WebCore::getMediaElementFromRenderObject): * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintMediaSliderTrack): * rendering/RenderThemeWinCE.cpp: (WebCore::mediaElementParent): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 92142 2011-08-01 Jochen Eisinger <jochen@chromium.org> Never override the policy URL on form submissions. https://bugs.webkit.org/show_bug.cgi?id=61809 Reviewed by Adam Barth. Tests: http/tests/security/cookies/third-party-cookie-blocking-main-frame.html http/tests/security/cookies/third-party-cookie-blocking-user-action.html http/tests/security/cookies/third-party-cookie-blocking.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadURL): (WebCore::FrameLoader::addExtraFieldsToSubresourceRequest): (WebCore::FrameLoader::addExtraFieldsToMainResourceRequest): (WebCore::FrameLoader::addExtraFieldsToRequest): (WebCore::FrameLoader::loadPostRequest): (WebCore::FrameLoader::loadDifferentDocumentItem): * loader/FrameLoader.h: 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 91957 2011-07-28 Adam Barth <abarth@webkit.org> Old code about empty security origins could use a bath https://bugs.webkit.org/show_bug.cgi?id=64735 Reviewed by Dimitri Glazkov. This patch cleans up some old code related to empty security origins. It also removes some dodgy code that seems wrong. Test: http/tests/security/inactive-document-with-empty-security-origin.html * bindings/generic/BindingSecurityBase.cpp: (WebCore::BindingSecurityBase::canAccess): * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::isEmpty): (WebCore::SecurityOrigin::isSecureTransitionTo): (WebCore::SecurityOrigin::toString): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 90980 2011-07-13 Ilya Tikhonovsky <loislo@chromium.org> Web Inspector: if you rename an element into the INPUT element the browser will crash. https://bugs.webkit.org/show_bug.cgi?id=64292 Reviewed by Joseph Pecoraro. * inspector/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::setNodeName): Unnecessary function call copyNonAttributeProperties was removed. 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 90164 2011-06-30 Sreeram Ramachandran <sreeram@chromium.org> Reviewed by Adam Barth. Suppress modal JavaScript/HTML dialogs during unload events https://bugs.webkit.org/show_bug.cgi?id=56397 Allows clients to specify whether to show alerts during unload handlers. When checking for whether a page dismissal event is being dispatched, it's important to check all frames on the page (otherwise it becomes a loophole easily exploited). Test: fast/loader/page-dismissal-modal-dialogs.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::FrameLoader): (WebCore::FrameLoader::stopLoading): (WebCore::FrameLoader::loadURL): (WebCore::FrameLoader::loadWithDocumentLoader): (WebCore::FrameLoader::stopAllLoaders): (WebCore::FrameLoader::fireBeforeUnloadEvent): * loader/FrameLoader.h: (WebCore::FrameLoader::pageDismissalEventBeingDispatched): * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::requestImage): * page/Chrome.cpp: (WebCore::canRunModalIfDuringPageDismissal): (WebCore::Chrome::canRunModalNow): (WebCore::Chrome::runJavaScriptAlert): (WebCore::Chrome::runJavaScriptConfirm): (WebCore::Chrome::runJavaScriptPrompt): * page/Chrome.h: * page/ChromeClient.h: (WebCore::ChromeClient::shouldRunModalDialogDuringPageDismissal): * page/DOMWindow.cpp: (WebCore::DOMWindow::showModalDialog): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 89982 2011-06-28 Adam Langley <agl@chromium.org> Reviewed by Adam Barth. Skip cache validation on back with HTTPS. https://bugs.webkit.org/show_bug.cgi?id=63537 For back navigations over HTTP, WebKit sets a flag to use cached data irrespective of whether it has expired. However, this isn't currently done for HTTPS. The logic in question was added in https://bugs.webkit.org/show_bug.cgi?id=33993 and appears to have been precautionary. However, both Firefox and IE will use this back navigation trick for HTTPS as well and so we should probably behave likewise. Test: http/tests/cache/history-only-cached-subresource-loads-max-age-https.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::addExtraFieldsToRequest): 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 88398 2011-06-08 Tim Horton <timothy_horton@apple.com> Reviewed by Ryosuke Niwa. Use correct CFURLStorageSessionRef definition on Leopard, as we created an inconsistency in const-ness between WebCoreSystemInterface.h and these two files in the case of Leopard only. https://bugs.webkit.org/show_bug.cgi?id=62223 * platform/network/ResourceHandle.h: * platform/network/cf/ResourceRequest.h: 2011-12-20 Lucas Forschler <lforschler@apple.com> Merge 88316 2011-06-07 Tim Horton <timothy_horton@apple.com> Reviewed by Alexey Proskuryakov. Use correct CFURLStorageSessionRef definition on Snow Leopard https://bugs.webkit.org/show_bug.cgi?id=62223 * platform/mac/WebCoreSystemInterface.h: * platform/network/ResourceHandle.h: * platform/network/cf/ResourceRequest.h: 2011-12-08 Lucas Forschler <lforschler@apple.com> Merge 96777 2011-10-05 Darin Adler <darin@apple.com> [Mac] Use four more named cursors if present https://bugs.webkit.org/show_bug.cgi?id=69488 Reviewed by Dan Bernstein. * platform/mac/CursorMac.mm: (WebCore::Cursor::ensurePlatformCursor): Use the names "Help", "Cell", "ZoomIn", and "ZoomOut" to get those cursors. Structure the code so it falls back if the cursors are not present. 2011-12-08 Lucas Forschler <lforschler@apple.com> Merge 101290 2011-11-28 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=72551 When the recommended scrollbar style changes, WKView's tracking options should adjust accordingly -and corresponding- <rdar://problem/10409328> Reviewed by Darin Adler. This new ChromeClient function is called when the recommended scrollbar style changes. This way, WebKit can respond to the change by adjusting its mouse tracking. * page/ChromeClient.h: (WebCore::ChromeClient::recommendedScrollbarStyleDidChange): Existing ScrollableArea function scrollbarStyleChanged() now takes an int indicating the new scrollbar style and a bool indicating whether it is necessary to force an update. It used to be the case that this function was ONLY used to force an update (and only called when an updated was needed), but now that it must also call into the ChromeClient, it is necessary to include a bool tracking whether we need to force an update. New implementation on FrameView is responsible for calling ChromeClient, and then that calls into the pre-existing ScrollView function for the forceUpdate part. * page/FrameView.cpp: (WebCore::FrameView::scrollbarStyleChanged): * page/FrameView.h: * platform/ScrollView.cpp: (WebCore::ScrollView:: scrollbarStyleChanged): * platform/ScrollView.h: * platform/ScrollableArea.h: (WebCore::ScrollableArea::scrollbarStyleChanged): * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::updateScrollerStyle): 2011-12-08 Lucas Forschler <lforschler@apple.com> Merge 100483 2011-11-16 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=72400 Scrollbar uiStateTransitionProgress requires tracking the mouse all the time -and corresponding- <rdar://problem/10409328> Reviewed by Darin Adler. This patch makes it so we track the mouse all the time when we have legacy scrollbars (rather than only tracking the mouse when the window is key). When we're in that mode, we want to do as little work as possible when handling the mouseMoved event so that this extra tracking has little to no performance impact. Also, we don't want to change basic behaviors by having normal web content hover effects start happening when a window is in the background. So this patch also introduces a way to handle a mouseMoved event that will only affect scrollbars. EventHandler::mouseMoved() and EventHandler::handleMouseEvent() both now take a boolean parameter that indicates if we are only updating scrollbars. If that is the case, then we make our HitTestRequest ReadOnly, and we return early once updateLastScrollbarUnderMouse() is called. * WebCore.exp.in: * page/EventHandler.cpp: (WebCore::EventHandler::mouseMoved): (WebCore::EventHandler::handleMouseMoveEvent): In addition to calling Scrollbar::mouseExited() when appropriate, this function now calls a new function, Scrollbar::mouseEntered() when appropriate. (WebCore::EventHandler::updateLastScrollbarUnderMouse): * page/EventHandler.h: Scrollbar::mouseMoved() used to be responsible for calling ScrollAnimator::mouseEnteredScrollbar(), but now Scrollbar::mouseEntered() takes care of that instead, much like how Scrollbar::mouseExited() takes care of calling the animator's exit function. * platform/Scrollbar.cpp: (WebCore::Scrollbar::mouseMoved): (WebCore::Scrollbar::mouseEntered): * platform/Scrollbar.h: 2011-12-07 Lucas Forschler <lforschler@apple.com> Fix a compiler error about implicit conversion from 64 to 32bit int. Reviewed by Beth Dakin. * platform/mac/ScrollAnimatorMac.mm: (-[ScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]): 2011-12-07 Lucas Forschler <lforschler@apple.com> Merge 99493 2011-11-07 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=71490 Support uiStateTransitionProgress for scrollbars -and corresponding- <rdar://problem/9849612> Reviewed by Sam Weinig. Step 1 of supporting uiStateTransitionProgress is knowing when the mouse has entered or exited a scrollbar. These changes to Scrollbar pass that information on to the ScrollAnimator. Also, Scrollbar::mouseUp() now takes a PlatformMouseEvent as a parameter. This is necessary because m_hoveredNode is not always up to date on a mouseUp, so mouseUp must hitTest the scrollbar to see if the mouse has exited the scrollbar. * platform/Scrollbar.cpp: (WebCore::Scrollbar::mouseMoved): (WebCore::Scrollbar::mouseExited): (WebCore::Scrollbar::mouseUp): * platform/Scrollbar.h: These changes are required now that Scrollbar::mouseUp() takes a parameter. * WebCore.exp.in: * page/EventHandler.cpp: (WebCore::EventHandler::handleMouseDoubleClickEvent): (WebCore::EventHandler::handleMouseReleaseEvent): * platform/chromium/PopupListBox.cpp: (WebCore::PopupListBox::handleMouseReleaseEvent): * platform/win/PopupMenuWin.cpp: (WebCore::PopupMenuWin::wndProc): ScrollAnimator passes the information on to AppKit. * platform/ScrollAnimator.h: (WebCore::ScrollAnimator::mouseEnteredScrollbar): (WebCore::ScrollAnimator::mouseExitedScrollbar): * platform/mac/ScrollAnimatorMac.h: (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar): (WebCore::ScrollAnimatorMac::mouseExitedScrollbar): There are several new pieces of AppKit api we must call into. * platform/mac/NSScrollerImpDetails.h: This is a temporary function that is needed for the time being since there is new AppKit api required for this to work. * platform/mac/ScrollAnimatorMac.mm: (supportsUIStateTransitionProgress): I refactored WebScrollbarPartAnimation so that it can handle the uiStateTransitionProgress animation as well as the alpha animations it already handled. This mostly involved re-naming things and making use of a new enum called FeatureToAnimate which keeps track of what the instance of WebScrollbarPartAnimation is animating. (-[WebScrollbarPartAnimation initWithScrollbarPainter:animate:scrollAnimator:animateFrom:animateTo:duration:]): (-[WebScrollbarPartAnimation setScrollbarPainter:]): (-[WebScrollbarPartAnimation setStartValue:]): (-[WebScrollbarPartAnimation setEndValue:]): (-[WebScrollbarPartAnimation setCurrentProgress:]): WebScrollbarPainterDelegate has two new animations, _verticalUIStateTransitionAnimation, and _horizontalUIStateTransitionAnimation. It also responds to a few new delegate calls. (-[WebScrollbarPainterDelegate cancelAnimations]): This is a new delegate call needed for uiStateTransitionProgress. (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]): I re-named setUpAnimation to setUpAlphaAnimation since it does a lot of things that are specific to the alpha animation and I chose not to re-use it for uiStateTransition. (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:WebCore::animateAlphaTo:duration:]): (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): New delegate call for the uiStateTransition animation that sets up that animation and kicks it off. (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]): (-[WebScrollbarPainterDelegate scrollAnimatorDestroyed]): 2011-12-07 Lucas Forschler <lforschler@apple.com> Merge 98892 2011-10-31 Anders Carlsson <andersca@apple.com> More work on making plug-ins work better with transforms https://bugs.webkit.org/show_bug.cgi?id=71241 Reviewed by Darin Adler. Export symbols used by WebKit2. * WebCore.exp.in: 2011-12-07 Lucas Forschler <lforschler@apple.com> Merge 98664 2011-10-27 Anders Carlsson <andersca@apple.com> Add a Plugin::geometryDidChange that will work with transforms https://bugs.webkit.org/show_bug.cgi?id=71072 Reviewed by Simon Fraser. Export symbols needed by WebKit2. * WebCore.exp.in: 2011-12-07 Lucas Forschler <lforschler@apple.com> Merge 97514 2011-10-14 Jeff Miller <jeffm@apple.com> InjectedBundleHitTestResult::imageRect() should return rect in WKView coordinates https://bugs.webkit.org/show_bug.cgi?id=69963 Add infrastructure to convert from any frame view's coordinate system to the root view's coordinate system. Reviewed by Simon Fraser. No new tests (yet), this is covered by <https://bugs.webkit.org/show_bug.cgi?id=70136>. * WebCore.exp.in: Exported WebCore::ScrollView::contentsToRootView(), used by InjectedBundleHitTestResult.cpp. * platform/ScrollView.cpp: (WebCore::ScrollView::rootViewToContents): Added (both point and rect versions). (WebCore::ScrollView::contentsToRootView): Ditto. * platform/ScrollView.h: Added member functions to convert to/from root view coordinates. * platform/Widget.cpp: (WebCore::Widget::convertFromRootView): Added (both point and rect versions). (WebCore::Widget::convertToRootView): Ditto. * platform/Widget.h: Added member functions to convert to/from root view coordinates. 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 98406 2011-10-25 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=70852 Setting up a HiDPI base-level GraphicsContext should be more straightforward for WebKit2 Reviewed by Dan Bernstein. This patch removes the old cg-only GraphicsContext::setBaseCTM() api, and adds platform-independent GraphicsContext::applyDeviceScaleFactor(). * WebCore.exp.in: * platform/graphics/GraphicsContext.cpp: (WebCore::GraphicsContext::platformApplyDeviceScaleFactor): (WebCore::GraphicsContext::applyDeviceScaleFactor): * platform/graphics/GraphicsContext.h: * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::GraphicsContext::platformApplyDeviceScaleFactor): Since this patch removes GraphicsContext::setBaseCTM(), this code has been reverted to do what it used to do before that was added; it just calls into WebCoreSystemInterface directly. * platform/graphics/cg/ImageCG.cpp: (WebCore::Image::drawPattern): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 98403 2011-10-25 Anders Carlsson <andersca@apple.com> Plug-ins have to use JavaScript to find out the current device scale factor https://bugs.webkit.org/show_bug.cgi?id=67225 Reviewed by Darin Adler. Test: platform/mac-wk2/plugins/contents-scale-factor.html Add NPNVcontentsScaleFactor, as per https://wiki.mozilla.org/NPAPI:ContentsScaleFactor. * plugins/npapi.h: 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 94598 2011-09-06 Anders Carlsson <andersca@apple.com> Move NPAPI headers in bridge to plugins https://bugs.webkit.org/show_bug.cgi?id=67661 Reviewed by Darin Adler. * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: Update build systems. * bridge/npapi.h: Removed. * bridge/npruntime.h: Removed. * bridge/nptypes.h: Removed. * plugins/npapi.h: Copied from Source/WebCore/bridge/npapi.h. * plugins/npruntime.h: Copied from Source/WebCore/bridge/npruntime.h. * plugins/nptypes.h: Copied from Source/WebCore/bridge/nptypes.h. 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 97886 2011-10-19 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=70396 Focus rings are too thin in HiDPI in WebKit2 -and corresponding- <rdar://problem/10086876> Reviewed by Dan Bernstein. Rename wkSetPatternBaseCTM to wkSetBaseCTM * WebCore.exp.in: * platform/mac/WebCoreSystemInterface.h: * platform/mac/WebCoreSystemInterface.mm: New CG-only function calls into wkSetBaseCTM. * platform/graphics/GraphicsContext.h: * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::GraphicsContext::setBaseCTM): Call GraphicsContext::setBaseCTM() rather than calling into WebKitSystemInterface directly. * platform/graphics/cg/ImageCG.cpp: (WebCore::Image::drawPattern): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 97517 2011-10-14 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=70148 Should switch to CoreUI version of CorrectionDot, GrammarDot, and SpellingDot -and corresponding- <rdar://problem/10208281> Reviewed by Anders Carlsson. Use NS*Dot whenever it's available, and fallback to *Dot only when it is not. * platform/graphics/mac/GraphicsContextMac.mm: (WebCore::createPatternColor): (WebCore::GraphicsContext::drawLineForTextChecking): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95697 2011-09-21 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67415 Text drawn via -webkit-background-clip:text is blurry at device scale factors >1.0 -and corresponding- <rdar://problem/10060379> Reviewed by Darin Adler. New helper function RenderBoxModelObject scales the mask image by the deviceScaleFactor to get an image of the appropriate resolution. It also scales the image's GraphicsContext so that the clip is set up on the same scale. Back in paintFillLayerExtended() we still clip the image to the original maskRect to get everything scaled back to the appropriate size. * rendering/RenderBoxModelObject.cpp: (WebCore::createDeviceScaledImageBuffer): (WebCore::RenderBoxModelObject::paintFillLayerExtended): Make the deviceScaleFactor convenience function just a namespace-level function in Page rather than a static member or Page. * page/Page.cpp: (WebCore::deviceScaleFactor): * page/Page.h: Pre-existing callers of Page::deviceScaleFactor(Frame*) must now use WebCore::deviceScaleFactor(Frame*) * editing/DeleteButtonController.cpp: (WebCore::DeleteButtonController::createDeletionUI): * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): (WebCore::RenderImage::paintReplaced): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::drawPlatformResizerImage): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95386 2011-09-17 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68307 Crash in border image cssText. Make sure to null check all the components, since they're all optional now. Reviewed by Sam Weinig. Added fast/borders/border-image-slice-omission.html * css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::cssText): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95244 2011-09-15 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67884 Delete button icon does not properly update when the device resolution changes dynamically -and corresponding- <rdar://problem/10104632> Reviewed by Darin Adler. In DeleteButtonController::deviceScaleFactorChanged(), if the delete button is currently showing, hide it and re-show it, forcing it to re-create the deletion UI. * editing/DeleteButtonController.cpp: (WebCore::DeleteButtonController::deviceScaleFactorChanged): * editing/DeleteButtonController.h: * editing/Editor.cpp: (WebCore::Editor::deviceScaleFactorChanged): * editing/Editor.h: Iterate through all of the frames and propagate the deviceScaleFactorChange() message to Editor. * page/Page.cpp: (WebCore::Page::setDeviceScaleFactor): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95129 2011-09-14 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=52736 Tiles were not being properly centered within border image sides for the "repeat" keyword. This patch fixes the buggy math behind the pattern tiling to actually get the initial phases correct. Reviewed by Sam Weinig. Added new tests in fast/borders and updated broken existing tests. * platform/graphics/Image.cpp: (WebCore::Image::drawTiled): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95121 2011-09-14 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68103 Centered portions of border images don't render correctly. Make the tile scale factor have to be explicitly passed in and modify paintNinePieceImage to compute it for all sides. The attempts to implicitly compute the scale for the pattern based off the source and destination rects just don't work, since the center image rects don't provide the right information to be able to infer the scale factor. Reviewed by Sam Weinig. Reset all the existing fast/borders pixel results to Lion for these changes. * platform/graphics/GraphicsContext.cpp: (WebCore::GraphicsContext::drawTiledImage): * platform/graphics/GraphicsContext.h: * platform/graphics/Image.cpp: (WebCore::Image::drawTiled): * platform/graphics/Image.h: * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintNinePieceImage): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95103 2011-09-14 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68054 Return an image scale factor as well as an Image* from CachedImage::brokenImage() Reviewed by Darin Adler. CachedImage::brokenImage() now returns a pair<Image*, float> where the float represents the image's scale factor. This is important because currently, the broken image will either be only 1x or 2x, but a deviceScaleFactor could theoretically be something different (1.5, 3, etc). So it is not safe to assume that the image's scale factor is equivalent to the deviceScaleFactor, and hardcoding 2 for now is lame. * loader/cache/CachedImage.cpp: (WebCore::CachedImage::brokenImage): (WebCore::CachedImage::image): * loader/cache/CachedImage.h: * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): (WebCore::RenderImage::paintReplaced): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95099 2011-09-14 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68040 Make sure border image sub-properties can be specified in any order. Reviewed by Beth Dakin. New tests in fast/borders. * css/CSSParser.cpp: (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::canAdvance): (WebCore::BorderImageParseContext::setCanAdvance): (WebCore::BorderImageParseContext::allowCommit): (WebCore::BorderImageParseContext::allowImage): (WebCore::BorderImageParseContext::allowImageSlice): (WebCore::BorderImageParseContext::allowSlash): (WebCore::BorderImageParseContext::requireWidth): (WebCore::BorderImageParseContext::requireOutset): (WebCore::BorderImageParseContext::commitImage): (WebCore::BorderImageParseContext::commitImageSlice): (WebCore::BorderImageParseContext::commitSlash): (WebCore::BorderImageParseContext::commitBorderWidth): (WebCore::BorderImageParseContext::commitBorderOutset): (WebCore::BorderImageParseContext::commitRepeat): (WebCore::CSSParser::parseBorderImage): (WebCore::CSSParser::parseBorderImageRepeat): (WebCore::CSSParser::parseBorderImageSlice): (WebCore::CSSParser::parseBorderImageQuad): * css/CSSParserValues.h: (WebCore::CSSParserValueList::previous): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95096 2011-09-13 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68050 Regressions in some layout tests from making border/mask/reflection nine-piece-image parsing match the spec, which allows any of the pieces to be omitted and to also be specifiable in any order. When the higher level code suddenly allowed the image slices to be omitted, the fixup for legacy compatibility for reflections and masks in the parseBorderImageSlice function no longer happened because that function no longer got called. The fix is to properly set the defaults to include the "fill" keyword, so the fixup is applied to the NinePieceImages you create before you ever map anything in from the rules. This also has the side effect of fixing -webkit-max-box-image-slice to actually dump as "0 fill" instead of just "0", which is the correct initial value for this property. Reviewed by Adam Roben. * css/CSSParser.cpp: (WebCore::CSSParser::parseBorderImageSlice): * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): * rendering/style/StyleRareNonInheritedData.cpp: (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): * rendering/style/StyleReflection.h: (WebCore::StyleReflection::StyleReflection): 2011-12-06 Lucas Forschler <lforschler@apple.com> Merge 95058 2011-09-13 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=68040 Make sure border image sub-properties can be specified in any order. Reviewed by Beth Dakin. New tests in fast/borders. * css/CSSParser.cpp: (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::canAdvance): (WebCore::BorderImageParseContext::setCanAdvance): (WebCore::BorderImageParseContext::allowCommit): (WebCore::BorderImageParseContext::allowImage): (WebCore::BorderImageParseContext::allowImageSlice): (WebCore::BorderImageParseContext::allowSlash): (WebCore::BorderImageParseContext::requireWidth): (WebCore::BorderImageParseContext::requireOutset): (WebCore::BorderImageParseContext::commitImage): (WebCore::BorderImageParseContext::commitImageSlice): (WebCore::BorderImageParseContext::commitSlash): (WebCore::BorderImageParseContext::commitBorderWidth): (WebCore::BorderImageParseContext::commitBorderOutset): (WebCore::BorderImageParseContext::commitRepeat): (WebCore::CSSParser::parseBorderImage): (WebCore::CSSParser::parseBorderImageRepeat): (WebCore::CSSParser::parseBorderImageSlice): (WebCore::CSSParser::parseBorderImageQuad): * css/CSSParserValues.h: (WebCore::CSSParserValueList::previous): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 95053 2011-09-13 Beth Dakin <bdakin@apple.com> Adding a comment I forgot to add before. * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 95051. This restored a broken Changelog, which isn't necessary for the branch anyway. 2011-09-13 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67885 Outline for the high-resolution broken image icon draws at 2x -and corresponding- <rdar://problem/10104637> Reviewed by Dan Bernstein. Scaled the image size to account for the deviceScaleFactor. * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 95048 2011-09-13 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67885 Outline for the high-resolution broken image icon draws at 2x -and corresponding- <rdar://problem/10104637> Reviewed by Dan Bernstein. Scaled the image size to account for the deviceScaleFactor. * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 94980 2011-09-12 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67898 REGRESSION(r94900): fast/images/support-broken-image-delegate.html fails on Mac Reviewed by Simon Fraser. New function willPaintBrokenImage() returns true when there has been an error loading the image and the broken image icon will be used in its place. This is necessary since it is possible to have an error loading an image and to NOT use the broken image icon. * loader/cache/CachedImage.cpp: (WebCore::CachedImage::willPaintBrokenImage): * loader/cache/CachedImage.h: * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 94912 2011-09-09 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67861 Implement border-image-outset (and the mask equivalents). Reviewed by Beth Dakin. Added new tests in fast/borders and fast/reflections. * css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::CSSBorderImageValue): (WebCore::CSSBorderImageValue::cssText): * css/CSSBorderImageValue.h: (WebCore::CSSBorderImageValue::create): Add m_outset field to CSSBorderImageValue and teach it how to dump the field as part of cssText(). * css/CSSComputedStyleDeclaration.cpp: (WebCore::valueForNinePieceImageQuad): (WebCore::valueForNinePieceImage): (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Add support for border-image-outset and -webkit-mask-box-image-outset. Refactor the code so that border-image-width and border-image-outset use a common function. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::allowOutset): (WebCore::BorderImageParseContext::commitSlash): (WebCore::BorderImageParseContext::commitBorderWidth): (WebCore::BorderImageParseContext::commitBorderOutset): (WebCore::BorderImageParseContext::commitRepeat): (WebCore::BorderImageParseContext::commitBorderImage): (WebCore::CSSParser::parseBorderImage): Teach the border image parsing code about outsets. This code will soon be replaced by true shorthand parsing code, but for now keep it working and add outset support to it. (WebCore::BorderImageQuadParseContext::BorderImageQuadParseContext): (WebCore::BorderImageQuadParseContext::commitBorderImageQuad): (WebCore::CSSParser::parseBorderImageQuad): (WebCore::CSSParser::parseBorderImageWidth): (WebCore::CSSParser::parseBorderImageOutset): * css/CSSParser.h: Refactor the border-image-width code so that it can be shared by border-image-outset, since they are extremely similar. * css/CSSPropertyNames.in: Add the new properties. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): (WebCore::CSSStyleSelector::mapNinePieceImage): (WebCore::CSSStyleSelector::mapNinePieceImageQuad): (WebCore::CSSStyleSelector::loadPendingImages): * css/CSSStyleSelector.h: Refactor the code so that width/outset share common mapping functions. Add support for outset. * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::addToLine): (WebCore::InlineFlowBox::addBoxShadowVisualOverflow): (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow): (WebCore::InlineFlowBox::computeOverflow): Add new functions for computing the visual overflow caused by border outsets. Fix bugs in the shadow overflow code as well. (WebCore::clipRectForNinePieceImageStrip): (WebCore::InlineFlowBox::paintBoxDecorations): (WebCore::InlineFlowBox::paintMask): * rendering/InlineFlowBox.h: Make sure the clip rect pushed when painting one piece of a split inline strip is expanded to include the border and mask outsets. Always include the block direction expansion, and conditionally include the inline direction expansion based off includeLogicalLeftEdge()/includeLogicalRightEdge(). clipRectForNinePieceImageStrip is a common function shared by masks and border images that does this work. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::computeOverflow): * rendering/RenderBox.cpp: (WebCore::RenderBox::maskClipRect): (WebCore::RenderBox::addBoxShadowAndBorderOverflow): * rendering/RenderBox.h: Rename addShadowOverflow to addBoxShadowAndBorderOverflow. Have it compute both shadow and border image outset overflow. Fix bugs with shadow overflow computation. * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintNinePieceImage): Change painting to apply the outsets to inflate the border image drawing area. * rendering/RenderEmbeddedObject.cpp: (WebCore::RenderEmbeddedObject::layout): * rendering/RenderIFrame.cpp: (WebCore::RenderIFrame::layout): Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::calculateRects): Patched to no longer apply box-shadow to overflow clip areas when inflating the intersection area for the layer bounds. Instead we generically apply all visual overflow so that border image outsets will also be included. This fixes https://bugs.webkit.org/show_bug.cgi?id=37467. * rendering/RenderReplaced.cpp: (WebCore::RenderReplaced::layout): Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow. * rendering/style/NinePieceImage.cpp: (WebCore::NinePieceImage::operator==): * rendering/style/NinePieceImage.h: (WebCore::NinePieceImage::NinePieceImage): (WebCore::NinePieceImage::outset): (WebCore::NinePieceImage::setOutset): (WebCore::NinePieceImage::computeOutset): (WebCore::NinePieceImage::copyOutsetFrom): Add the outset field to NinePieceImage along with some helpers for manipulating outsets. * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::getImageOutsets): (WebCore::RenderStyle::getImageHorizontalOutsets): (WebCore::RenderStyle::getImageVerticalOutsets): * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::hasBorderImageOutsets): (WebCore::InheritedFlags::getBorderImageOutsets): (WebCore::InheritedFlags::getBorderImageHorizontalOutsets): (WebCore::InheritedFlags::getBorderImageVerticalOutsets): (WebCore::InheritedFlags::getBorderImageInlineDirectionOutsets): (WebCore::InheritedFlags::getBorderImageBlockDirectionOutsets): (WebCore::InheritedFlags::getImageInlineDirectionOutsets): (WebCore::InheritedFlags::getImageBlockDirectionOutsets): Helpers for outset computation used by painting and overflow functions. 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 94901 2011-09-09 Beth Dakin <bdakin@apple.com> Attempted Leopard build fix. * rendering/RenderImage.cpp: (WebCore::RenderImage::paintReplaced): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::drawPlatformResizerImage): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 94900 2011-09-09 Beth Dakin <bdakin@apple.com> Fix for https://bugs.webkit.org/show_bug.cgi?id=67819 Use high resolution platform images when the deviceScaleFactor > 1 -and corresponding- <rdar://problem/10003098> Reviewed by Darin Adler. Add all of the new high resolution images. I also removed some tiffs from the project and replaced them with png equivalents (that are already checked into WebCore anyway). Since the high resolution images are pngs, it makes sense to use pngs for all of the images that load through Image::loadPlatformResource() * WebCore.xcodeproj/project.pbxproj: * platform/graphics/mac/ImageMac.mm: (WebCore::Image::loadPlatformResource): Load the @2x resource for deviceScaleFactors >= 2. * editing/DeleteButtonController.cpp: (WebCore::DeleteButtonController::createDeletionUI): CachedImage::brokenImage() is no longer a static helper function, but a real member function. It also now loads the @2x resource for deviceScaleFactors >= 2 and takes a parameter for the deviceScaleFactor. When CachedImage::image() returns the brokenImage(), it just returns the 1x version. brokenImage() has to be called directly to reliably return the deviceScaleFactor-appropriate resource. * loader/cache/CachedImage.cpp: (WebCore::CachedImage::brokenImage): (WebCore::CachedImage::image): * loader/cache/CachedImage.h: * rendering/RenderLayer.cpp: (WebCore::RenderLayer::drawPlatformResizerImage): (WebCore::RenderLayer::paintResizer): * rendering/RenderLayer.h: New static function to retrieve the deviceScaleFactor for callers that do not have direct access to a Page. * page/Page.cpp: (WebCore::Page::deviceScaleFactor): * page/Page.h: Call CachedImage::brokenImage() for the broken-image image at an accurate resolution. * rendering/RenderImage.cpp: (WebCore::RenderImage::imageSizeForError): (WebCore::RenderImage::paintReplaced): 2011-12-05 Lucas Forschler <lforschler@apple.com> Merge 94597 2011-09-06 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67672 Improve background-size parsing. Make it actually dump auto values properly, and also make it omit auto if it is the second value. Fix the parsing to not create a value list when only a singleton value is specified. Reviewed by Beth Dakin. Covered well by existing tests. * css/CSSComputedStyleDeclaration.cpp: (WebCore::fillSizeToCSSValue): * css/CSSParser.cpp: (WebCore::CSSParser::parseFillSize): * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::mapFillSize): 2011-12-05 Lucas Forschler <lforschler@apple.com> Fixes to the branch made by Simon to get us building again. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::mapNinePieceImageWidth): (WebCore::CSSStyleSelector::loadPendingImages): * rendering/RenderBoxModelObject.cpp: (WebCore::computeBorderImageSide): (WebCore::RenderBoxModelObject::paintNinePieceImage): 2011-12-02 Lucas Forschler <lforschler@apple.com> Merge 90959 2011-07-13 Simon Fraser <simon.fraser@apple.com> Fix non-debug builds. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::createGraphicsLayer): 2011-12-02 Lucas Forschler <lforschler@apple.com> Merge 93445 2011-08-19 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=66590 Re-name scrollbar painter types Reviewed by Sam Weinig. Names changed to remove references to WebKitSystemInterface since the implementation is now in WebCore. And the type names changed to be more Objective- Cish instead of C++ish WTF_USE_WK_SCROLLBAR_PAINTER -> WTF_USE_SCROLLBAR_PAINTER WKScrollbarPainterRef -> ScrollbarPainter WKScrollbarPainterControllerRef -> ScrollbarPainterController * platform/mac/NSScrollerImpDetails.h: * platform/mac/ScrollAnimatorMac.h: * platform/mac/ScrollAnimatorMac.mm: (-[ScrollbarPartAnimation initWithScrollbarPainter:part:WebCore::scrollAnimator:WebCore::animateAlphaTo:duration:]): (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:part:WebCore::animateAlphaTo:duration:]): (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac): (WebCore::ScrollAnimatorMac::notifyPositionChanged): (WebCore::ScrollAnimatorMac::contentAreaWillPaint): (WebCore::ScrollAnimatorMac::mouseEnteredContentArea): (WebCore::ScrollAnimatorMac::mouseExitedContentArea): (WebCore::ScrollAnimatorMac::mouseMovedInContentArea): (WebCore::ScrollAnimatorMac::willStartLiveResize): (WebCore::ScrollAnimatorMac::contentsResized): (WebCore::ScrollAnimatorMac::willEndLiveResize): (WebCore::ScrollAnimatorMac::contentAreaDidShow): (WebCore::ScrollAnimatorMac::contentAreaDidHide): (WebCore::ScrollAnimatorMac::didBeginScrollGesture): (WebCore::ScrollAnimatorMac::didEndScrollGesture): (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar): (WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar): (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar): (WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar): (WebCore::ScrollAnimatorMac::cancelAnimations): (WebCore::ScrollAnimatorMac::setIsActive): (WebCore::ScrollAnimatorMac::updateScrollerStyle): * platform/mac/ScrollViewMac.mm: (WebCore::ScrollView::platformSetScrollbarOverlayStyle): * platform/mac/ScrollbarThemeMac.h: * platform/mac/ScrollbarThemeMac.mm: (+[ScrollbarPrefsObserver appearancePrefsChanged:]): (WebCore::updateArrowPlacement): (WebCore::ScrollbarThemeMac::registerScrollbar): (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar): (WebCore::ScrollbarThemeMac::painterForScrollbar): (WebCore::ScrollbarThemeMac::scrollbarThickness): (WebCore::ScrollbarThemeMac::usesOverlayScrollbars): (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle): (WebCore::ScrollbarThemeMac::hasThumb): (WebCore::ScrollbarThemeMac::minimumThumbLength): (WebCore::ScrollbarThemeMac::updateEnabledState): (WebCore::scrollbarPainterPaint): (WebCore::ScrollbarThemeMac::paint): 2011-12-02 Lucas Forschler <lforschler@apple.com> Merge 93377 2011-08-18 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=66495 Lion-specific scroller SPIs can use forward declaration instead of WebKitSystemInterface Reviewed by Sam Weinig. * WebCore.exp.in: * WebCore.xcodeproj/project.pbxproj: * platform/mac/NSScrollerImpDetails.h: Added. * platform/mac/ScrollAnimatorMac.h: * platform/mac/ScrollAnimatorMac.mm: (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]): (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]): (-[ScrollbarPartAnimation initWithScrollbarPainter:part:WebCore::scrollAnimator:WebCore::animateAlphaTo:duration:]): (-[ScrollbarPartAnimation setCurrentProgress:]): (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:part:WebCore::animateAlphaTo:duration:]): (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]): (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]): (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac): (WebCore::ScrollAnimatorMac::notifyPositionChanged): (WebCore::ScrollAnimatorMac::contentAreaWillPaint): (WebCore::ScrollAnimatorMac::mouseEnteredContentArea): (WebCore::ScrollAnimatorMac::mouseExitedContentArea): (WebCore::ScrollAnimatorMac::mouseMovedInContentArea): (WebCore::ScrollAnimatorMac::willStartLiveResize): (WebCore::ScrollAnimatorMac::contentsResized): (WebCore::ScrollAnimatorMac::willEndLiveResize): (WebCore::ScrollAnimatorMac::contentAreaDidShow): (WebCore::ScrollAnimatorMac::contentAreaDidHide): (WebCore::ScrollAnimatorMac::didBeginScrollGesture): (WebCore::ScrollAnimatorMac::didEndScrollGesture): (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar): (WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar): (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar): (WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar): (WebCore::ScrollAnimatorMac::updateScrollerStyle): (WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired): * platform/mac/ScrollbarThemeMac.h: * platform/mac/ScrollbarThemeMac.mm: (WebCore::ScrollbarThemeMac::registerScrollbar): (WebCore::ScrollbarThemeMac::scrollbarThickness): (WebCore::ScrollbarThemeMac::usesOverlayScrollbars): (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle): (WebCore::ScrollbarThemeMac::hasThumb): (WebCore::ScrollbarThemeMac::minimumThumbLength): (WebCore::ScrollbarThemeMac::updateEnabledState): (WebCore::scrollbarPainterPaint): (WebCore::ScrollbarThemeMac::paint): * platform/mac/WebCoreSystemInterface.h: * platform/mac/WebCoreSystemInterface.mm: 2011-12-02 Lucas Forschler <lforschler@apple.com> Merge 100809 2011-11-18 Beth Dakin <bdakin@apple.com> <rdar://problem/10466170> Regression: Scroll bars disappear and don't come back Reviewed by Sam Weinig. Fixing a merge issue. On TOT we use #if USE(SCROLLBAR_PAINTER), but on the branch it is still #if USE(WK_SCROLLBAR_PAINTER). Also, on the branch, all of the m_scrollbarPainterController functions go through WebKitSystemInterface instead of using forward declaration. We should consider merging those changes, but in the meantime, for this to work, we have to go back to the branch-style. * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::notityPositionChanged): 2011-11-30 Lucas Forschler <lforschler@apple.com> Merge 94953 2011-09-06 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67657 Implement border-image-width. This patch stops short of converting -webkit-border-image to a shorthand. I'll do that in the next patch. Note that unlike the -webkit-border-image syntax, border-image-width does not actually set the border width values. It simply makes cuts into the border image drawing area (which for now is just the border box, but that will change once border-image-outset is implemented). This means we need additional storage for the slices, since they are now separate from the border widths. For backwards compatibility, -webkit-border-image will continue to set the border widths when border-image-width is specified in the -webkit-border-image shorthand. Reviewed by Beth Dakin. Added new tests in fast/borders. * css/CSSBorderImageSliceValue.cpp: (WebCore::CSSBorderImageSliceValue::CSSBorderImageSliceValue): (WebCore::CSSBorderImageSliceValue::cssText): * css/CSSBorderImageSliceValue.h: (WebCore::CSSBorderImageSliceValue::create): (WebCore::CSSBorderImageSliceValue::slices): Rename slices() to imageSlices() and add borderSlices() and m_borderSlices to hold the desired cuts for the border image drawing area. Converted the slices over to the new Quad primitive value (a RectBase subclass that is identical to Rect but dumps as a quad instead of a rect primitive). * css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::CSSBorderImageValue): (WebCore::CSSBorderImageValue::cssText): * css/CSSBorderImageValue.h: (WebCore::CSSBorderImageValue::create): Make CSSBorderImageValue take the border slices during construction now. * css/CSSComputedStyleDeclaration.cpp: (WebCore::valueForNinePieceImageSlice): (WebCore::valueForNinePieceImageWidth): (WebCore::valueForNinePieceImageRepeat): (WebCore::valueForNinePieceImage): (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Add support for computed style via valueForNinePieceImageWidth. Patch all of the border image properties to dump the most compact form possible for the property values, e.g., "stretch stretch" becomes "stretch." * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseReflect): (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::commitImageSlice): (WebCore::BorderImageParseContext::commitBorderWidth): (WebCore::BorderImageParseContext::commitBorderImage): (WebCore::CSSParser::parseBorderImage): (WebCore::isBorderImageRepeatKeyword): (WebCore::CSSParser::parseBorderImageRepeat): (WebCore::BorderImageSliceParseContext::commitBorderImageSlice): (WebCore::CSSParser::parseBorderImageSlice): (WebCore::BorderImageWidthParseContext::BorderImageWidthParseContext): (WebCore::BorderImageWidthParseContext::allowNumber): (WebCore::BorderImageWidthParseContext::allowFinalCommit): (WebCore::BorderImageWidthParseContext::top): (WebCore::BorderImageWidthParseContext::commitNumber): (WebCore::BorderImageWidthParseContext::setAllowFinalCommit): (WebCore::BorderImageWidthParseContext::setTop): (WebCore::BorderImageWidthParseContext::commitBorderImageWidth): (WebCore::CSSParser::parseBorderImageWidth): * css/CSSParser.h: Modify the border-image code to pass off border-image-width parsing to parseBorderImageWidth. * css/CSSPrimitiveValue.cpp: (WebCore::isValidCSSUnitTypeForDoubleConversion): (WebCore::CSSPrimitiveValue::init): (WebCore::CSSPrimitiveValue::cleanup): (WebCore::CSSPrimitiveValue::getQuadValue): (WebCore::CSSPrimitiveValue::cssText): * css/CSSPrimitiveValue.h: (WebCore::CSSPrimitiveValue::getQuadValue): Add the new Quad value to CSSPrimitiveValue. * css/CSSPropertyNames.in: Add the new properties for border-image-width and -webkit-mask-box-image-width. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): (WebCore::CSSStyleSelector::mapNinePieceImage): (WebCore::CSSStyleSelector::mapNinePieceImageSlice): (WebCore::CSSStyleSelector::mapNinePieceImageWidth): (WebCore::CSSStyleSelector::loadPendingImages): * css/CSSStyleSelector.h: Add the code to map the image width into border slices. * css/Rect.h: (WebCore::RectBase::top): (WebCore::RectBase::right): (WebCore::RectBase::bottom): (WebCore::RectBase::left): (WebCore::RectBase::setTop): (WebCore::RectBase::setRight): (WebCore::RectBase::setBottom): (WebCore::RectBase::setLeft): (WebCore::RectBase::RectBase): (WebCore::RectBase::~RectBase): (WebCore::Rect::create): (WebCore::Rect::Rect): (WebCore::Quad::create): (WebCore::Quad::Quad): Adding the new Quad value. * rendering/RenderBoxModelObject.cpp: (WebCore::computeBorderImageSide): (WebCore::RenderBoxModelObject::paintNinePieceImage): Modify painting to treat the border slices as separate from the border widths. * rendering/style/NinePieceImage.cpp: (WebCore::NinePieceImage::operator==): * rendering/style/NinePieceImage.h: (WebCore::NinePieceImage::NinePieceImage): (WebCore::NinePieceImage::imageSlices): (WebCore::NinePieceImage::setImageSlices): (WebCore::NinePieceImage::borderSlices): (WebCore::NinePieceImage::setBorderSlices): (WebCore::NinePieceImage::copyImageSlicesFrom): (WebCore::NinePieceImage::copyBorderSlicesFrom): * rendering/style/StyleRareNonInheritedData.cpp: Add the border slices. (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): * rendering/style/StyleReflection.h: (WebCore::StyleReflection::StyleReflection): Make sure masks and reflections default border-image-width to auto instead of 1, since that matches old behavior. 2011-11-30 Lucas Forschler <lforschler@apple.com> Merge 94420 2011-09-01 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67431 Implement border-image-repeat. Similar to how border-image-slice was implemented, the parsing of the two repeat values has been moved into separate functions. The value is represented as a Pair (similar to how we handle border radius). Reviewed by Beth Dakin. Added fast/borders/border-image-repeat.html. * css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::CSSBorderImageValue): (WebCore::CSSBorderImageValue::cssText): * css/CSSBorderImageValue.h: (WebCore::CSSBorderImageValue::create): Modified the CSSBorderImageValue (you're living on borrowed time, my friend!) to have a CSSValue that contains a Pair. * css/CSSComputedStyleDeclaration.cpp: (WebCore::valueForRepeatRule): (WebCore::valueForNinePieceImageRepeat): (WebCore::valueForNinePieceImage): (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Add support for the new properties. Break out the value retrieval for the image repeat rules into its own function, valueForNinePieceImageRepeat. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::allowRepeat): (WebCore::BorderImageParseContext::commitSlice): (WebCore::BorderImageParseContext::commitSlash): (WebCore::BorderImageParseContext::commitWidth): (WebCore::BorderImageParseContext::commitRepeat): (WebCore::BorderImageParseContext::commitBorderImage): (WebCore::CSSParser::parseBorderImage): Modified the parsing of border image to call into parseBorderImageRepeat for the repeat values. (WebCore::isBorderImageRepeatKeyword): (WebCore::CSSParser::parseBorderImageRepeat): The new parsing code for border-image-repeat is here. It will build up a CSSValue containing a Pair and return the result. * css/CSSParser.h: * css/CSSPropertyNames.in: Add the new properties. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): (WebCore::CSSStyleSelector::mapNinePieceImage): (WebCore::CSSStyleSelector::mapNinePieceImageRepeat): * css/CSSStyleSelector.h: The mapping into the front end is done the same way as border-image-slice. Factor out the image repeat rules portion into mapNinePieceImageRepeat. * platform/graphics/Image.cpp: (WebCore::Image::drawTiled): * platform/graphics/Image.h: Add the new 'space' value as a valid image tiling rule. It's not yet supported and, like the 'round' value, is just mapped to 'repeat' for now. * rendering/style/NinePieceImage.h: (WebCore::NinePieceImage::copyRepeatFrom): Helper for copying only the repeat rules from another NinePieceImage. 2011-11-30 Lucas Forschler <lforschler@apple.com> Merge 94304 2011-09-01 Csaba Osztrogonác <ossy@webkit.org> [CSS3 Backgrounds and Borders] Implement border-image-slice https://bugs.webkit.org/show_bug.cgi?id=67321 * WebCore.pro: Unreviewed buildfix after Dave "scattered" Hyatt (r94299). 2011-11-30 Lucas Forschler <lforschler@apple.com> Merge 94299 2011-08-31 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67321 Implement border-image-slice. This will eventually be a component of the new border-image shorthand property. It holds the cuts that you make into the border image along with a new optional "fill" keyword that indicates whether or not the center should be filled with the middle slice of the image. By default -webkit-border-image has always filled, but this does not match the specification. To preserve backwards compatibility, -webkit-border-image will continue to fill by default, but this does slightly affect computed style results, since the "fill" keyword will now be included in property dumps. Reviewed by Beth Dakin. Added fast/borders/border-image-slices.html. * CMakeLists.txt: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * css/CSSBorderImageSliceValue.cpp: Added. (WebCore::CSSBorderImageSliceValue::CSSBorderImageSliceValue): (WebCore::CSSBorderImageSliceValue::~CSSBorderImageSliceValue): (WebCore::CSSBorderImageSliceValue::cssText): * css/CSSBorderImageSliceValue.h: Added. (WebCore::CSSBorderImageSliceValue::create): (WebCore::CSSBorderImageSliceValue::isBorderImageSliceValue): Add a new CSSBorderImageSliceValue that holds both the four slices (as a CSS rect) and the fill keyword (as a boolean). Note that the cssText() dumping of the slices has been refined to be smarter, and it will no longer dump repeating values. * css/CSSBorderImageValue.cpp: (WebCore::CSSBorderImageValue::CSSBorderImageValue): (WebCore::CSSBorderImageValue::cssText): * css/CSSBorderImageValue.h: (WebCore::CSSBorderImageValue::create): CSSBorderImageValue now owns a CSSBorderImageSliceValue instead of just a CSS rect. * css/CSSComputedStyleDeclaration.cpp: (WebCore::valueForNinePieceImageSlice): (WebCore::valueForNinePieceImage): Add a new method, valueForNinePieceImageSlice, for getting the slices plus the fill value from the NinePieceImage and putting it into a CSSBorderImageSliceValue. This method is now used by valueForNinePieceImage to get the CSSBorderImageSliceValue that is part of the overall CSSBorderImageValue. (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Adding support for the new properties: border-image-slice and -webkit-mask-box-image-slice. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::BorderImageParseContext::BorderImageParseContext): (WebCore::BorderImageParseContext::allowBreak): (WebCore::BorderImageParseContext::commitImage): (WebCore::BorderImageParseContext::commitSlice): (WebCore::BorderImageParseContext::commitSlash): (WebCore::BorderImageParseContext::commitBorderImage): (WebCore::CSSParser::parseBorderImage): Modify parseBorderImage to no longer parse the slices itself. Instead it farms out the parsing to parseBorderImageSlice. (WebCore::BorderImageSliceParseContext::BorderImageSliceParseContext): (WebCore::BorderImageSliceParseContext::allowNumber): (WebCore::BorderImageSliceParseContext::allowFill): (WebCore::BorderImageSliceParseContext::allowFinalCommit): (WebCore::BorderImageSliceParseContext::top): (WebCore::BorderImageSliceParseContext::commitNumber): (WebCore::BorderImageSliceParseContext::commitFill): (WebCore::BorderImageSliceParseContext::setAllowFinalCommit): (WebCore::BorderImageSliceParseContext::setTop): (WebCore::BorderImageSliceParseContext::commitBorderImageSlice): (WebCore::CSSParser::parseBorderImageSlice): Slice parsing has now been broken out so that it can be parsed as a single property. In addition support for the "fill" keyword has been added to control image filling. * css/CSSParser.h: Modified to add the new parseBorderImageSlice method. * css/CSSPropertyNames.in: Add the new properties: border-image-slice and -webkit-mask-box-image-slice. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): (WebCore::CSSStyleSelector::mapNinePieceImage): Rework mapNinePieceImage to call mapNinePieceImageSlice so that the mapping can be done just for the slices. (WebCore::CSSStyleSelector::mapNinePieceImageSlice): A new method that handles mapping just the slices into the front-end NinePieceImage. (WebCore::CSSStyleSelector::loadPendingImages): Modified to ensure the fill value is preserved when box-reflect makes a new NinePieceImage. * css/CSSStyleSelector.h: Added the new mapNinePieceImageSlice method. * css/CSSValue.h: (WebCore::CSSValue::isBorderImageSliceValue): Virtual function for identifying border image slice values. * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintNinePieceImage): The painting of the nine piece image has been modified to match the specification. The "fill" keyword controls whether or not the middle is painted. * rendering/style/NinePieceImage.cpp: (WebCore::NinePieceImage::operator==): The fill keyword has to be checked now for equality. * rendering/style/NinePieceImage.h: (WebCore::NinePieceImage::NinePieceImage): (WebCore::NinePieceImage::fill): (WebCore::NinePieceImage::setFill): Added the fill keyword to the front end NinePieceImage. (WebCore::NinePieceImage::copySlicesFrom): Added a helper to copy only the slices over from another NinePieceImage. Used when inheriting the border-image-slice property from a parent style. 2011-11-30 Lucas Forschler <lforschler@apple.com> Merge 94206 2011-08-31 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=67300 Add the new border-image-source property (and its corresponding analogue for masks, mask-box-image-source). Change the border-image parsing code to no longer consider "none" to represent the entire border-image expression, but instead to just mean "none" for the image component of the expression. Change the pending image code for border-image and mask-box-image to use the new *-source properties when loading the image so that they're considered the same. This is the first step towards eliminating the border-image parsing code in favor of just parsing it as a shorthand instead, but for now I'm implementing each property one by one, and once they're all there, we can cut over to border-image as a true shorthand. Reviewed by Beth Dakin. Added fast/borders/border-image-source.html. * css/CSSComputedStyleDeclaration.cpp: (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseBorderImage): * css/CSSPropertyNames.in: * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): (WebCore::CSSStyleSelector::mapNinePieceImage): (WebCore::CSSStyleSelector::loadPendingImages): * rendering/style/NinePieceImage.h: (WebCore::NinePieceImage::setImage): * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::borderImageSource): (WebCore::InheritedFlags::maskBoxImageSource): (WebCore::InheritedFlags::setBorderImageSource): (WebCore::InheritedFlags::setMaskBoxImageSource): (WebCore::InheritedFlags::initialBorderImageSource): (WebCore::InheritedFlags::initialMaskBoxImageSource): 2011-11-16 Lucas Forschler <lforschler@apple.com> Merge 93669 2011-08-23 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=66244 Cached pages don't fully update when going back after changing the display scale factor -and corresponding- <rdar://problem/9955656> Reviewed by Darin Adler. This patch adds a generalized concept of needing a full style recalc to the BackForwardController. So when the display scale factor is changed, the BackForwardController can be informed that all pages will need a full style recalc when they come out of the cache. This same mechanism is also used to fix a long- standing bug with full-page/text zoom. Iterate through the HistoryItems and mark all CachedPages as needing a full style recalc. * history/BackForwardController.cpp: (WebCore::BackForwardController::markPagesForFullStyleRecalc): * history/BackForwardController.h: ChachedPage has a new bool -- m_needsFullStyleRecalc -- to track whether a full style recalc is needed when the CachedPage is restored. * history/CachedPage.cpp: (WebCore::CachedPage::CachedPage): (WebCore::CachedPage::restore): (WebCore::CachedPage::clear): * history/CachedPage.h: (WebCore::CachedPage::markForFullStyleRecalc): HistoryItem actually takes care of calling into CachedPage. * history/HistoryItem.cpp: (WebCore::HistoryItem::markForFullStyleRecalc): * history/HistoryItem.h: Fix style recalc issues for full-page/text zoom by calling our new function on PageCache. * page/Frame.cpp: (WebCore::Frame::setPageAndTextZoomFactors): Fix style recalc issues for display scale factor changes by calling our new function on PageCache. * page/Page.cpp: (WebCore::Page::setDeviceScaleFactor): 2011-11-16 Lucas Forschler <lforschler@apple.com> Merge 93303 2011-08-17 Adam Roben <aroben@apple.com> Make WebCore keep track of the current device scale factor Fixes <http://webkit.org/b/66413> WebCore requires every WebKit port to keep track of the device scale factor Reviewed by Darin Adler. * WebCore.exp.in: Removed Frame::deviceScaleFactorChanged, added Page::setDeviceScaleFactor. * css/MediaQueryEvaluator.cpp: (WebCore::device_pixel_ratioMediaFeatureEval): * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::HTMLCanvasElement): * page/DOMWindow.cpp: (WebCore::DOMWindow::devicePixelRatio): * rendering/RenderInline.cpp: (WebCore::RenderInline::addDashboardRegions): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::deviceScaleFactor): * rendering/RenderObject.cpp: (WebCore::RenderObject::addDashboardRegions): Changed to get the device scale factor from Page. * loader/EmptyClients.h: * page/Chrome.cpp: * page/Chrome.h: * page/ChromeClient.h: Removed Chrome[Client]::deviceScaleFactor. * page/Frame.cpp: * page/Frame.h: Removed deviceScaleFactorChanged. Made deviceOrPageScaleFactorChanged public. * page/Page.cpp: (WebCore::Page::Page): Initialize m_deviceScaleFactor. (WebCore::Page::setDeviceScaleFactor): Added. Code came from Frame::deviceScaleFactorChanged. * page/Page.h: Added m_deviceScaleFactor. (WebCore::Page::deviceScaleFactor): Added simple getter. 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 93058 2011-08-15 Adam Roben <aroben@apple.com> Update pages' style and content scale when the window's backing scale factor changes Unfortunately, I couldn't think of a way to test this in an automated fashion. Fixes <http://webkit.org/b/66229> <rdar://problem/9906269> WebKit doesn't react to device scale factor changes Reviewed by Simon Fraser. * WebCore.exp.in: Export Frame::deviceOrScaleFactorChanged. * page/Frame.cpp: (WebCore::Frame::deviceScaleFactorChanged): * page/Frame.h: Added this new function. We recalc style so that, e.g., device-scale-factor-dependent media queries will be reevaluated, and we tell compositing layers about the new scale factor so they can rerender at the new resolution. 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 93043 2011-08-15 Adam Roben <aroben@apple.com> Rename an instance of pageScaleFactorChanged I missed in r93040 I tried to make a test for this but failed. It would probably have been easier if we dumped layers' content scales in layerTreeAsText output. Followup to <http://webkit.org/b/55787> WebKit uses multiple conflicting names to refer to the device scale factor * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::deviceOrPageScaleFactorChanged): * platform/graphics/ca/GraphicsLayerCA.h: Renamed from pageScaleFactorChanged to match the base class. 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 93040 2011-08-10 Adam Roben <aroben@apple.com> Clear up scale factor terminology WebKit by and large deals with two scale factors: one intrinsic to the device on which the software is running, and one that is per-Page and can be controlled via API calls. This patch names the former "deviceScaleFactor" and the latter "pageScaleFactor", and makes the code use those names. It should introduce no behavior changes. Fixes <http://webkit.org/b/55787> WebKit uses multiple conflicting names to refer to the device scale factor Reviewed by Simon Fraser. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: Removed an unused member. This is unrelated to this patch. * css/MediaQueryEvaluator.cpp: * html/HTMLCanvasElement.cpp: * html/HTMLCanvasElement.h: * loader/EmptyClients.h: * page/Chrome.cpp: * page/Chrome.h: * page/ChromeClient.h: * page/DOMWindow.cpp: * page/Frame.cpp: * page/Frame.h: * platform/graphics/GraphicsLayer.cpp: * platform/graphics/GraphicsLayer.h: * platform/graphics/GraphicsLayerClient.h: * platform/graphics/ca/GraphicsLayerCA.cpp: * rendering/RenderInline.cpp: * rendering/RenderLayerBacking.cpp: * rendering/RenderLayerBacking.h: * rendering/RenderLayerCompositor.cpp: * rendering/RenderLayerCompositor.h: * rendering/RenderObject.cpp: 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 91161 2011-07-16 Simon Fraser <simon.fraser@apple.com> Add code to attempt to align compositing layers to pixel boundaries when page scale changes https://bugs.webkit.org/show_bug.cgi?id=64658 Reviewed by Dan Bernstein. Implemented a new behavior on GraphicsLayerCA which attempts to keep layers pixel aligned as page scale changes. This requires denoting which layer has the page scale on it (it is assumed to be already aligned), via setAppliesPageScale(). We also now pass a scale and offset down through the GraphicsLayer commits, which are used to map layer bounds to display coordinates for rounding. * platform/graphics/GraphicsLayer.h: New flags and getters/setters for pixel alignment, and the layer that is the applier of the scale. (WebCore::GraphicsLayer::setMaintainsPixelAlignment): (WebCore::GraphicsLayer::maintainsPixelAlignment): (WebCore::GraphicsLayer::setAppliesPageScale): (WebCore::GraphicsLayer::appliesPageScale): * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::GraphicsLayer): Initialize the new flags. (WebCore::GraphicsLayer::backingScaleFactor): Utility method that calls the client if there is one. (WebCore::GraphicsLayer::pageScaleFactor): Ditto. * platform/graphics/GraphicsLayerClient.h: (WebCore::GraphicsLayerClient::backingScaleFactor): Provide default implementation. (WebCore::GraphicsLayerClient::pageScaleFactor): Ditto. * platform/graphics/ca/GraphicsLayerCA.h: Pass scale and base-relative offset around to methods that need to update geometry during commit. Some new methods related to pixel alignment. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::computePositionRelativeToBase): For single-layer commits, we have to compute the base-relative offset, and whether we're under the layer applying the scale by walking up the tree. (WebCore::GraphicsLayerCA::syncCompositingStateForThisLayerOnly): Call computePositionRelativeToBase() to get scaling parameters for the target layer. (WebCore::GraphicsLayerCA::recursiveCommitChanges): Pass flags related to scaling. positionRelativeToBase is an offset relative to the ancestor layer known to be pixel aligned. affectedByPageScale is true for layers which are descendants of the layer which applies the scale. (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Pass scale and offset. (WebCore::GraphicsLayerCA::updateGeometry): Call computePixelAlignment() to get pixel-aligned geometry. This only needs to be applied to layers which render content, so re-organize the code to use the unchanged layer geometry for the structural layer, but to apply the adjusted geometry to the m_layer. (WebCore::GraphicsLayerCA::updateStructuralLayer): Pass scale and offset. (WebCore::GraphicsLayerCA::ensureStructuralLayer): Ditto. (WebCore::GraphicsLayerCA::updateLayerDrawsContent): Ditto. (WebCore::GraphicsLayerCA::updateContentsScale): Ditto. (WebCore::GraphicsLayerCA::requiresTiledLayer): Ditto. (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer): Ditto. (WebCore::GraphicsLayerCA::setKeepPixelAligned): When set, dirties flags for properties that need to be recomputed. (WebCore::GraphicsLayerCA::noteChangesForScaleSensitiveProperties): (WebCore::isIntegral): (WebCore::GraphicsLayerCA::computePixelAlignment): Map our bounds to screen scale, round out to an integral rect, then map it back, adding a fudge factor so that CA backing stores don't end up being smaller than we expect because of integer truncation. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::createGraphicsLayer): Turn on pixel alignment if the compositor says so. (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Set the RenderView's layer as the one applying the scale, for the main frame. * rendering/RenderLayerCompositor.h: New method. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::keepLayersPixelAligned): Master switch for pixel alignment. Default to on. (WebCore::RenderLayerCompositor::ensureRootLayer): Give the two root-ish layers a client so they can ask for page scale if necessary. 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 89441 2011-06-22 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. Update position, bounds and anchor point in GraphicsLayerCA all at once https://bugs.webkit.org/show_bug.cgi?id=63148 Since position, bounds and anchor point are inter-dependent, avoid redundant work by simply updating them all at the same time. No behavior changes, so no new tests. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::setPosition): (WebCore::GraphicsLayerCA::setAnchorPoint): (WebCore::GraphicsLayerCA::setSize): (WebCore::GraphicsLayerCA::setBoundsOrigin): (WebCore::GraphicsLayerCA::setAllowTiledLayer): (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): (WebCore::GraphicsLayerCA::updateGeometry): (WebCore::GraphicsLayerCA::ensureStructuralLayer): (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer): * platform/graphics/ca/GraphicsLayerCA.h: 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 91140 2011-07-15 Simon Fraser <simon.fraser@apple.com> Another Windows build fix; make this method non-pure virtual. * platform/graphics/GraphicsLayerClient.h: (WebCore::GraphicsLayerClient::didCommitChangesForLayer): 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 91138 2011-07-15 Simon Fraser <simon.fraser@apple.com> Fix Windows build. * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h: (WebCore::MediaPlayerPrivate::backingScaleFactor): (WebCore::MediaPlayerPrivate::pageScaleFactor): 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 91137 2011-07-15 Simon Fraser <simon.fraser@apple.com> Have GraphicsLayer pull their contentsScale, rather than pushing it onto them https://bugs.webkit.org/show_bug.cgi?id=64643 Reviewed by Darin Adler. RenderLayerBacking would set the contentsScale on GraphicsLayers on creation, and update it when the pageScaleFactor changed. However, RenderLayerBacking doesn't really know what contentsScale is best for a layer, so instead, have GraphicsLayers call back through the GraphicsLayerClient to get the two relevant scale factors, and do their own computation of contentsScale. No testable behavior changes. * page/Frame.cpp: (WebCore::Frame::pageScaleFactorChanged): No need to pass the scale. * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::notePageScaleFactorChangedIncludingDescendants): Recurse through the GraphicsLayer tree, calling pageScaleFactorChanged() on each layer. * platform/graphics/GraphicsLayer.h: (WebCore::GraphicsLayer::pageScaleFactorChanged): Remove contentsScale/setContentsScale * platform/graphics/GraphicsLayerClient.h: Add methods to fetch the backingScaleFactor() and pageScaleFactor(). * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::GraphicsLayerCA): m_uncommittedChanges defaults to ContentsScaleChanged so we update contentsScale on the first flush. (WebCore::GraphicsLayerCA::setContentsToBackgroundColor): This was the wrong time to call updateContentsRect() and setupContentsLayer(); those should be done at commit time, so moved to updateLayerBackgroundColor(). (WebCore::GraphicsLayerCA::recursiveCommitChanges): Note whether we have any changes, and call didCommitChangesForLayer() on the client. (WebCore::GraphicsLayerCA::updateLayerBackgroundColor): Code moved to here. (WebCore::clampedContentsScaleForScale): No longer has any hysteresis on the scale, and now just clamps. (WebCore::GraphicsLayerCA::updateContentsScale): Fetch the scales from the client, and multiply them, then clamp. (WebCore::GraphicsLayerCA::requiresTiledLayer): This now takes contentsScale into account when deciding to use tiled layer, so that zooming in will cause layers to start tiling. (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer): Don't call setContentsScale(), but rather updateContentsScale(). (WebCore::GraphicsLayerCA::pageScaleFactorChanged): Set the bits for properties that depend on the scale. (WebCore::GraphicsLayerCA::noteChangesForScaleSensitiveProperties): Note that contentsScale needs to be updated. At some point we might also need to dirty other properties. * platform/graphics/ca/GraphicsLayerCA.h: Moved the m_allowTiledLayer bool for better packing. No need for a m_contentsScale member now. * rendering/RenderLayer.cpp: Removed pageScaleFactorChanged(). * rendering/RenderLayer.h: Ditto. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): No need to push the contents scale. (WebCore::RenderLayerBacking::updateForegroundLayer): Ditto. (WebCore::RenderLayerBacking::updateMaskLayer): Ditto. (WebCore::RenderLayerBacking::pageScaleFactor): GraphicsLayerClient method. (WebCore::RenderLayerBacking::backingScaleFactor): GraphicsLayerClient method. (WebCore::RenderLayerBacking::didCommitChangesForLayer): Send through to the compositor. * rendering/RenderLayerBacking.h: GraphicsLayerClient methods. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::didFlushChangesForLayer): We'll use this later. (WebCore::RenderLayerCompositor::backingScaleFactor): GraphicsLayerClient method. (WebCore::RenderLayerCompositor::pageScaleFactor): Ditto. (WebCore::RenderLayerCompositor::didCommitChangesForLayer): Ditto. (WebCore::RenderLayerCompositor::ensureRootLayer): No need to push the contents scale. (WebCore::RenderLayerCompositor::pageScaleFactorChanged): Just call notePageScaleFactorChangedIncludingDescendants() on the root GraphicsLayer. * rendering/RenderLayerCompositor.h: Added GraphicsLayerClient methods. 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 90954 2011-07-13 Simon Fraser <simon.fraser@apple.com> Factor some GraphicsLayer creation code in RenderLayerBacking https://bugs.webkit.org/show_bug.cgi?id=64487 Reviewed by Sam Weinig. Move the GraphicsLayer::create() calls into once place so that we don't have lots of #ifndef NDEBUG in various places, and can share more code in future. No behavior change, so no new tests. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::RenderLayerBacking): (WebCore::RenderLayerBacking::~RenderLayerBacking): (WebCore::RenderLayerBacking::createGraphicsLayer): (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): (WebCore::RenderLayerBacking::destroyGraphicsLayers): (WebCore::RenderLayerBacking::updateLayerTransform): (WebCore::RenderLayerBacking::updateClippingLayers): (WebCore::RenderLayerBacking::updateOverflowControlsLayers): (WebCore::RenderLayerBacking::updateForegroundLayer): (WebCore::RenderLayerBacking::updateMaskLayer): * rendering/RenderLayerBacking.h: 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 90925 2011-07-12 Simon Fraser <simon.fraser@apple.com> Rename compositing-related updateContentsScale() methods https://bugs.webkit.org/show_bug.cgi?id=64430 Reviewed by Joseph Pecoraro. Rename updateContentsScale() to something less presumptuous; layers may choose to do something other than update their contents scale when the page scale factor changes. pageScaleFactorChanged() is a better name. * page/Frame.cpp: (WebCore::Frame::pageScaleFactorChanged): (WebCore::Frame::scalePage): * page/Frame.h: * rendering/RenderLayer.cpp: (WebCore::RenderLayer::pageScaleFactorChanged): * rendering/RenderLayer.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::pageScaleFactorChanged): * rendering/RenderLayerBacking.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::pageScaleFactorChanged): * rendering/RenderLayerCompositor.h: 2011-11-15 Lucas Forschler <lforschler@apple.com> Merge 100022 2011-11-11 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=72167 REGRESSION: Scroll position not restored on back after scroll -and corresponding- <rdar://problem/10410684> Reviewed by Simon Fraser. We can't just return early if we are not on an active page. notifyPositionChanged() is called when a page is going into the page cache (and therefore when not on an active page). We should not notify AppKit that the page has scrolled in that case, but we still need to call ScrollAnimator::notifyPositionChanged();. So this patch removes the early return, and replaces it with a conditional around the relevant code. * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::notifyPositionChanged): 2011-11-08 Lucas Forschler <lforschler@apple.com> Merge 99508 2011-11-07 Dan Bernstein <mitz@apple.com> <rdar://problem/10405215> REGRESSION (r98178): World of Warcraft Launcher crashes in FrameView::isOnActivePage() https://bugs.webkit.org/show_bug.cgi?id=71743 Reviewed by Beth Dakin. * page/FrameView.cpp: (WebCore::FrameView::isOnActivePage): Added a check for a null m_frame. 2011-11-15 Oliver Hunt <oliver@apple.com> Merged JavaScriptCore up to r99898, and took all changes to WebCore required by those changes. 2011-10-31 Lucas Forschler <lforschler@apple.com> Merge 98936 2011-10-31 Andy Estes <aestes@apple.com> Document pointer not null-checked in FrameView::isOnActivePage() https://bugs.webkit.org/show_bug.cgi?id=71265 <rdar://problem/10374427> Reviewed by Dan Bernstein. Return false in FrameView::isOnActivePage() if m_frame->document() is null. Other calls to m_frame->document() in FrameView also have a null check. The frame can have a null document if the FrameLoader is loading the initial empty document. No test possible without triggering assertions in debug builds. This is tracked by <http://webkit.org/b/71264>. * page/FrameView.cpp: (WebCore::FrameView::isOnActivePage): 2011-10-31 Matthew Delaney <mdelaney@apple.com> Updating patch for revision 98470 to include proper flag name. Reviewed by Mark Rowe. * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::ImageBuffer::context): Updated flag name. 2011-10-31 Lucas Forschler <lforschler@apple.com> Merge 98389 2011-10-25 Anders Carlsson <andersca@apple.com> REGRESSION(97821): HistoryController::itemsAreClones crashes a lot https://bugs.webkit.org/show_bug.cgi?id=70827 <rdar://problem/10342925> Reviewed by Adam Barth. Check that m_currentItem is non-null before passing it to itemsAreClones. While I wasn't able to make a test case that would reproduce this crash, we do check m_currentItem for null everywhere else, and the crash log indicates that this would fix the crash. * loader/HistoryController.cpp: (WebCore::HistoryController::recursiveUpdateForCommit): 2011-10-27 Lucas Forschler <lforschler@apple.com> Merge 98503 2011-10-25 Alexey Proskuryakov <ap@apple.com> Embedded PDFs should be known to DocumentLoader https://bugs.webkit.org/show_bug.cgi?id=70864 Reviewed by Darin Adler. * WebCore.exp.in: Added exports. 2011-10-27 Lucas Forschler <lforschler@apple.com> Merge 98304 2011-10-24 Anders Carlsson <andersca@apple.com> It should be possible for Widget subclasses to control whether transforms affect the frame rect https://bugs.webkit.org/show_bug.cgi?id=70787 Reviewed by Sam Weinig. Currently RenderWidget sets the frame rect of it's hosted widget to the bounding box of the transformed content box rect (unless the Widget is a frame view). It should be possible for Widget subclasses to override this behavior and have the frame rect set to the absolute content box without any transforms applied. * platform/Widget.h: (WebCore::Widget::transformsAffectFrameRect): Add new member function. * rendering/RenderWidget.cpp: (WebCore::RenderWidget::updateWidgetGeometry): Move shared code from setWidget and updateWidgetPosition out into a new function. If transformsAffectFrameRect returns false, just set the frame rect to the absolute content box. (WebCore::RenderWidget::setWidget): (WebCore::RenderWidget::updateWidgetPosition): Call updateWidgetGeometry. * rendering/RenderWidget.h: 2011-10-26 Lucas Forschler <lforschler@apple.com> Merge 98178 2011-10-21 Beth Dakin <bdakin@apple.com> https://bugs.webkit.org/show_bug.cgi?id=70647 Common but unreproducible crash under [ScrollbarPartAnimation setCurrentProgress:] -and corresponding- <rdar://problem/9542018> Reviewed by Sam Weinig. This patch implements two speculative fixes for this crash. First, block exceptions around all of the code responsible for calling stopAnimation. If that code throws any exceptions, we want to make sure the other animations are still stopped. * platform/mac/ScrollAnimatorMac.mm: (-[WebScrollbarPartAnimation scrollAnimatorDestroyed]): (-[WebScrollbarPainterDelegate scrollAnimatorDestroyed]): (WebCore::ScrollAnimatorMac::~ScrollAnimatorMac): Only send AppKit these notifications for active pages. I originally made these assertions, and I found that they were hit a surprising number of times. If we only send notifications for active pages, then we should greatly reduce and possibly eliminate our chances of hitting this crash. (WebCore::ScrollAnimatorMac::notifyPositionChanged): (WebCore::ScrollAnimatorMac::contentAreaWillPaint): (WebCore::ScrollAnimatorMac::mouseEnteredContentArea): (WebCore::ScrollAnimatorMac::mouseExitedContentArea): (WebCore::ScrollAnimatorMac::mouseMovedInContentArea): (WebCore::ScrollAnimatorMac::willStartLiveResize): (WebCore::ScrollAnimatorMac::contentsResized): (WebCore::ScrollAnimatorMac::willEndLiveResize): (WebCore::ScrollAnimatorMac::contentAreaDidShow): (WebCore::ScrollAnimatorMac::contentAreaDidHide): (WebCore::ScrollAnimatorMac::didBeginScrollGesture): (WebCore::ScrollAnimatorMac::didEndScrollGesture): 2011-10-26 Lucas Forschler <lforschler@apple.com> Merge 98171 2011-10-21 Matthew Delaney <mdelaney@apple.com> Ensure periodic flushing of canvas drawing context https://bugs.webkit.org/show_bug.cgi?id=70646 Reviewed by Simon Fraser. No new tests. No current way to track tests that cause hangs or non-deterministic drops in performance. * platform/graphics/cg/ImageBufferDataCG.h: Adds a timestamp of last tracked flush. * platform/graphics/cg/ImageBufferCG.cpp: Ensures periodic flushes on the drawing context. (WebCore::ImageBuffer::ImageBuffer): (WebCore::ImageBuffer::context): Flushes context if we're beyond flush interval. (WebCore::ImageBuffer::copyNativeImage): Updates last flush timestamp. (WebCore::ImageBuffer::getUnmultipliedImageData): Updates last flush timestamp. (WebCore::ImageBuffer::getPremultipliedImageData): Updates last flush timestamp. (WebCore::ImageBuffer::putUnmultipliedImageData): Updates last flush timestamp. (WebCore::ImageBuffer::putPremultipliedImageData): Updates last flush timestamp. 2011-10-24 Lucas Forschler <lforschler@apple.com> Update Localizable strings. * English.lproj/Localizable.strings: 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 98112 2011-10-21 Simon Fraser <simon.fraser@apple.com> Fix Windows build. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::hasAnyAdditionalCompositedLayers): 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 98027 2011-10-20 Alexey Proskuryakov <ap@apple.com> REGRESSION (r96823): Contextual menu closes immediately when control-clicking in Flash plug-in https://bugs.webkit.org/show_bug.cgi?id=70534 <rdar://problem/10308827> Reviewed by Darin Adler. * plugins/PluginView.cpp: (WebCore::PluginView::handleEvent): Return true for contextmenu event, so that plug-ins won't get a default WebKit context menu. We can't know if the plug-in is handling mousedown (or even mouseup) by displaying a menu. 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 97810 & 97813 2011-10-18 Sam Weinig <sam@webkit.org> Fix the build. * rendering/HitTestResult.cpp: (WebCore::HitTestResult::absolutePDFURL): Fix typo. 2011-10-18 Alexey Proskuryakov <ap@apple.com> Expose PDF information in hit test result https://bugs.webkit.org/show_bug.cgi?id=70353 Reviewed by Sam Weinig. * WebCore.exp.in: * rendering/HitTestResult.cpp: (WebCore::HitTestResult::absolutePDFURL): * rendering/HitTestResult.h: Added HitTestResult::absolutePDFURL(). It will contain a URL when over a PDF object or embed; not sure if we want this for PDFImageDocuments. 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge <rdar://problem/10310999> 2011-10-21 Alexey Proskuryakov <ap@apple.com> <rdar://problem/8750378> Support PDF viewing in subframes in WebKit2 Includes patches landed up to 10/14. * platform/graphics/IntPoint.h: (WebCore::operator-): * platform/graphics/IntRect.h: (WebCore::IntRect::move): (WebCore::IntRect::moveBy): (WebCore::IntRect::expand): (WebCore::IntRect::contract): Merge earlier added functions that are used by BuiltInPDFView. * platform/mac/ScrollbarThemeMac.mm: (WebCore::ScrollbarThemeMac::backButtonRect): Merge an unrelated clang build fix, so that one can actually build and test locally. * English.lproj/Localizable.strings: * WebCore.exp.in: * WebCore.xcodeproj/project.pbxproj: * html/HTMLPlugInElement.cpp: (WebCore::HTMLPlugInElement::defaultEventHandler): * platform/DefaultLocalizationStrategy.cpp: (WebCore::DefaultLocalizationStrategy::builtInPDFPluginName): (WebCore::DefaultLocalizationStrategy::pdfDocumentTypeDescription): * platform/DefaultLocalizationStrategy.h: * platform/LocalizationStrategy.h: * platform/LocalizedStrings.cpp: (WebCore::builtInPDFPluginName): (WebCore::pdfDocumentTypeDescription): * platform/LocalizedStrings.h: * platform/ScrollbarThemeComposite.cpp: (WebCore::pageForScrollView): (WebCore::ScrollbarThemeComposite::paintScrollCorner): * platform/chromium/FramelessScrollView.cpp: * platform/chromium/FramelessScrollView.h: * platform/gtk/ScrollbarThemeGtk.cpp: * platform/gtk/ScrollbarThemeGtk.h: * platform/qt/ScrollbarThemeQt.cpp: (WebCore::ScrollbarThemeQt::paintScrollCorner): * platform/wx/ScrollbarThemeWx.cpp: * platform/wx/ScrollbarThemeWx.h: * plugins/PluginViewBase.h: (WebCore::PluginViewBase::scroll): (WebCore::PluginViewBase::horizontalScrollbar): (WebCore::PluginViewBase::verticalScrollbar): * rendering/RenderEmbeddedObject.cpp: (WebCore::RenderEmbeddedObject::nodeAtPoint): (WebCore::RenderEmbeddedObject::scroll): (WebCore::RenderEmbeddedObject::logicalScroll): * rendering/RenderEmbeddedObject.h: * rendering/RenderWidget.h: 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 98060 2011-10-20 Simon Fraser <simon.fraser@apple.com> Hidden composited iframes cause infinite loop https://bugs.webkit.org/show_bug.cgi?id=52655 Reviewed by Darin Adler. visibility:hidden is problematic for compositing, because it causes RenderLayers to be removed from the z-order layer tree. This confuses RenderLayerCompositor in several ways; it never sees these layers when traversing the tree as it computes compositing requirements, or rebuilds the layer tree. This is a particular problem with composited iframes. When an iframe becomes composited, scheduleSetNeedsStyleRecalc() is called on that iframe's ownerElement in the parent document. If this happens inside Document::updateStyleForAllDocuments(), we get into an infinite loop because notifyIFramesOfCompositingChange() queues up style update as we bounce in and out of compositing mode, so documentsThatNeedStyleRecalc never empties out. This is an initial, conservative fix that doesn't attempt to fix all the issues with visibility. It changes RenderLayerCompositor to count the number of compositing RenderLayers, and to not leave compositing mode if there are any (even if they are hidden, so not hit while traversing the z-order tree). This avoids the infinite loop. Test: compositing/visibility/hidden-iframe.html * rendering/RenderLayer.cpp: (WebCore::RenderLayer::ensureBacking): (WebCore::RenderLayer::clearBacking): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::RenderLayerCompositor): (WebCore::RenderLayerCompositor::hasAnyAdditionalCompositedLayers): (WebCore::RenderLayerCompositor::updateCompositingLayers): (WebCore::RenderLayerCompositor::computeCompositingRequirements): * rendering/RenderLayerCompositor.h: (WebCore::RenderLayerCompositor::layerBecameComposited): (WebCore::RenderLayerCompositor::layerBecameNonComposited): 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 97821 2011-10-18 Anders Carlsson <andersca@apple.com> Assertion failure when going back in page with navigated subframes https://bugs.webkit.org/show_bug.cgi?id=70389 <rdar://problem/8988444> Reviewed by Darin Adler. Test: fast/history/history-back-twice-with-subframes-assert.html If a single navigation ends up loading multiple frame, the first committed frame will end up calling recursiveUpdateForCommit on the main frame which will null out the provisional item for all frames on the page. This means that it can null out the provisional item for any frames that are still yet to be committed which causes the aforementioned assertion failure. Fix this by only nulling out the provisional history item (and saving/restoring the scroll position and some other things) for frames that already contain the URL that the item requested. If a frame is being loaded, it will null out its provisional history item when it's committed. * loader/HistoryController.cpp: (WebCore::HistoryController::recursiveUpdateForCommit): 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 97433 2011-10-13 Michael Saboff <msaboff@apple.com> REGRESSION: High frequency memory warnings cause Safari to hog the CPU doing useless garbage collection https://bugs.webkit.org/show_bug.cgi?id=69774 Throttle the processing of memory pressure events to no more often than once every 5 seconds. Reviewed by Geoffrey Garen. No new tests. * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::MemoryPressureHandler): * platform/MemoryPressureHandler.h: * platform/mac/MemoryPressureHandlerMac.mm: (WebCore::MemoryPressureHandler::respondToMemoryPressure): 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 96874 2011-10-06 Dan Bernstein <mitz@apple.com> <rdar://problem/9717490> Flash of white when navigating daringfireball.net https://bugs.webkit.org/show_bug.cgi?id=69581 Reviewed by Darin Adler. * platform/ScrollView.cpp: (WebCore::ScrollView::updateScrollbars): Moved the calls to Scrollbar::setEnabled() into the code section where invalidation is suppressed if necessary, so that they do not trigger premature invalidation. 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 95226 2011-09-15 Jon Lee <jonlee@apple.com> Submitting a form with target=_blank works only once https://bugs.webkit.org/show_bug.cgi?id=28633 <rdar://problem/7357787> Reviewed by Andy Estes. Test: fast/forms/submit-to-blank-multiple-times.html The call to reset the multiple form submission bool is pushed down from the mouseDown handler to handleMousePressEvent(), to include WK2 coverage, similar to keyEvent. * page/EventHandler.cpp: (WebCore::EventHandler::handleMousePressEvent): (WebCore::EventHandler::keyEvent): clarified old FIXME comment. Both key events and mouse events may submit a form multiple times, but the call to reset the handler should probably be in another abstraction layer. * page/mac/EventHandlerMac.mm: (WebCore::EventHandler::mouseDown): 2011-10-21 Lucas Forschler <lforschler@apple.com> Merge 94371 2011-09-01 Ada Chan <adachan@apple.com> Cleanup refactoring for https://bugs.webkit.org/show_bug.cgi?id=67160 Don't ifdef out the data member xslStyleSheets in MemoryCache::Statistics to cut down the ifdefs in getWebCoreMemoryCacheStatistics() in WebKit2/WebProcess/WebProcess.cpp. Reviewed by Darin Adler. No new tests required. Just small code refactoring. * loader/cache/MemoryCache.h: 2011-09-26 Mark Rowe <mrowe@apple.com> Merge r95863. 2011-09-23 James Robinson <jamesr@chromium.org> Avoid updating compositing state during paint https://bugs.webkit.org/show_bug.cgi?id=68727 Reviewed by Simon Fraser. We shouldn't update our compositing state in the middle of a paint. The call to updateCompositingAndLayerListsIfNeeded() was added to RenderLayer::paintLayer in r45715, which was intended to fix this exact issue. Based off the ChangeLog entries, I think that this was just a typo. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintLayer): (WebCore::RenderLayer::updateCompositingAndLayerListsIfNeeded): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::updateCompositingLayers): * rendering/RenderLayerCompositor.h: 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r89705. 2011-06-24 Abhishek Arya <inferno@chromium.org> Reviewed by Darin Adler. Add clamping for CSSPrimitiveValues and SVGInlineText font size. https://bugs.webkit.org/show_bug.cgi?id=53449 Test: svg/text/svg-zoom-large-value.xhtml * css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): add asserts to detect if the number created is valid. * css/CSSPrimitiveValue.h: add clamping checks to prevent overflows. (WebCore::CSSPrimitiveValue::getFloatValue): (WebCore::CSSPrimitiveValue::getIntValue): * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::getComputedSizeFromSpecifiedSize): split into two static functions, one specific to CSSStyleSelector and other generic to help in clamping font size for other callers like svg text, etc. * css/CSSStyleSelector.h: * platform/graphics/FontDescription.h: add asserts to detect if the new font size is valid. (WebCore::FontDescription::setComputedSize): (WebCore::FontDescription::setSpecifiedSize): * rendering/svg/RenderSVGInlineText.cpp: (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle): use the new helper from CSSStyleSelector to help in clamping new scaled font size. do not use "smart minimum" since svg allows really small unreadable fonts (tested by existing layout tests). Document's minimum font size clamp (0 in my case) and harmless epsilon check in CSSStyleSelector function should still hold for svg. 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r91386. 2011-07-20 Tony Chang <tony@chromium.org> Stale pointer due to floats not removed (flexible box display) https://bugs.webkit.org/show_bug.cgi?id=64603 Reviewed by David Hyatt. Flexbox items should avoid floats. Test: fast/flexbox/horizontal-box-float-crash.html * rendering/RenderBox.cpp: (WebCore::RenderBox::avoidsFloats): * rendering/RenderBox.h: (WebCore::RenderBox::isDeprecatedFlexItem): 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r88139. 2011-06-04 Abhishek Arya <inferno@chromium.org> Reviewed by Kent Tamura. Add some asserts for array boundary checks in TextRun. Fix an integer issue in linux text controller code. https://bugs.webkit.org/show_bug.cgi?id=62085 Testing ComplexTextControllerLinux change requires a testcase > 32 kb which is not feasible. All other changes are tested by existing layouttests. * platform/graphics/TextRun.h: (WebCore::TextRun::operator[]): add assert. (WebCore::TextRun::data): add assert. * platform/graphics/WidthIterator.cpp: (WebCore::WidthIterator::advance): bail early and prevent access to one byte across the text run boundary. * platform/graphics/chromium/ComplexTextControllerLinux.cpp: (WebCore::ComplexTextController::getNormalizedTextRun): wrong int16 vs int comparison. * rendering/svg/SVGTextRunRenderingContext.cpp: (WebCore::SVGTextRunWalker::walk): bail early when from and to is outside the text run boundary. this hit easily after adding the assert when from = to = end and read in run.data(from). 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r90568. 2011-07-07 Julien Chaffraix <jchaffraix@webkit.org> Reviewed by David Hyatt. Partial layout when a flex-box has visibility: collapse https://bugs.webkit.org/show_bug.cgi?id=63776 Tests: fast/flexbox/crash-button-input-autofocus.html fast/flexbox/crash-button-keygen.html fast/flexbox/crash-button-relayout.html The issue is that FlexBoxIterator would skip any child if it has visibility: collapsed. However if one of the child is anonymous, it may wrap some other child that would be skipped. Now FlexBoxIterator is called during the layout phase and thus some nodes would not relayouted as expected. * rendering/RenderDeprecatedFlexibleBox.cpp: (WebCore::FlexBoxIterator::next): When iterating, don't skip anonymous content as there may be real content hiding below. 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r95057. 2011-09-13 Jeff Miller <jeffm@apple.com> WebCore::Cursor::ensurePlatformCursor() should always set a valid platform cursor on Windows https://bugs.webkit.org/show_bug.cgi?id=68043 Make sure we set a valid platform cursor in the Cursor::NoDrop case, and add a default clause that uses the arrow cursor in case another cursor type is added in the future and we forget to update ensurePlatformCursor(). Reviewed by Anders Carlsson. * platform/win/CursorWin.cpp: (WebCore::Cursor::ensurePlatformCursor): Always set a valid platform cursor. 2011-09-15 Mark Rowe <mrowe@apple.com> Merge r95056. 2011-09-12 Jon Honeycutt <jhoneycutt@apple.com> MSAA: WebKit reports the document state as disabled https://bugs.webkit.org/show_bug.cgi?id=67974 <rdar://problem/10095898> Reviewed by Brian Weinstein. Test: platform/win/accessibility/document-enabled-state.html * accessibility/AccessibilityScrollView.h: (WebCore::AccessibilityScrollView::isEnabled): This object backs the AccessibleDocument on Windows - always return true for its enabled state. 2011-09-06 Mark Rowe <mrowe@apple.com> Merge r94251. 2011-08-31 Jeff Miller <jeffm@apple.com> REGRESSION(92210): AVFoundation media engine is disabled on OS X https://bugs.webkit.org/show_bug.cgi?id=67316 Move the definition of WTF_USE_AVFOUNDATION on the Mac back to JavaScriptCore/wtf/Platform.h, since WebKit2 doesn't have access to WebCore/config.h on this platform. This reverts the changes that were made in r92210. Reviewed by Darin Adler. No new tests, covered by existing media tests. * config.h: Removed definition of WTF_USE_AVFOUNDATION on the Mac, add a comment about fixing this on Windows in the future. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 92982 2011-08-12 Andy Estes <aestes@apple.com> Cancel in onbeforeunload dialog sometime causes a button to stop working. https://bugs.webkit.org/show_bug.cgi?id=26211 Reviewed by Alexey Proskuryakov. Test: fast/loader/form-submission-after-beforeunload-cancel.html If an onbeforeunload handler cancels a navigation that was triggered by a form submission, WebCore's multiple form submission protection prevents the form from being submitted a second time even though no first submission actually took place. Fix this by clearing m_submittedFormURL if the onbeforeunload handler cancels the load. This allows the submission to be retried. * loader/FrameLoader.cpp: (WebCore::FrameLoader::shouldClose): Set m_submittedFormURL to KURL() if shouldClose() will return false. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 93459 2011-08-19 Jeff Miller <jeffm@apple.com> MediaPlayerPrivateAVFoundationCF should use AVCFURLAssetCopyAudiovisualMIMETypes() to get list of supported MIME types https://bugs.webkit.org/show_bug.cgi?id=66612 Reviewed by Darin Adler. No new tests, should be covered by existing media tests. * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h: Added AVCFURLAssetCopyAudiovisualMIMETypes(). * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: (WebCore::mimeTypeCache): Use AVCFURLAssetCopyAudiovisualMIMETypes() to build the cache of supported MIME types. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 93900 2011-08-26 Darin Adler <darin@apple.com> [Mac] Use the progress cursor instead of the wristwatch for CSS "wait" cursor https://bugs.webkit.org/show_bug.cgi?id=67049 Reviewed by Beth Dakin. * platform/mac/CursorMac.mm: (WebCore::Cursor::ensurePlatformCursor): Use BusyButClickable cursor for wait as well as for Progress. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 93878 2011-08-26 Eric Carlson <eric.carlson@apple.com> <video> playlist can not advance when playing in background tab https://bugs.webkit.org/show_bug.cgi?id=66978 Reviewed by Darin Adler. No new tests added because it isn't possible to simulate a background tab in DRT. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::HTMLMediaElement): Set RequirePageConsentToLoadMedia restriction. (WebCore::HTMLMediaElement::loadInternal): Don't consider page->canStartMedia if it has ever allowed a file to load. * html/HTMLMediaElement.h: (WebCore::HTMLMediaElement::requirePageConsentToLoadMedia): New. (WebCore::HTMLMediaElement::removeBehaviorRestriction): New. 2011-08-30 Lucas Forschler <lforschler@apple.com> Reverted 93664. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 93793 2011-08-25 Sam Weinig <sam@webkit.org> JSHTMLImageElement (and associated Node) is abandoned when image load is canceled via beforeload <rdar://problem/9925630> https://bugs.webkit.org/show_bug.cgi?id=66906 Reviewed by Darin Adler. * loader/ImageLoader.cpp: (WebCore::ImageLoader::dispatchPendingBeforeLoadEvent): Very similar fix to the one in r93717 except this patches the case where the image load was canceled via beforeload. 2011-08-29 Lucas Forschler <lforschler@apple.com> Merged 93717 2011-08-24 Sam Weinig <sam@webkit.org> JSHTMLImageElement (and associated Node) is abandoned when image load is canceled <rdar://problem/9925630> https://bugs.webkit.org/show_bug.cgi?id=66864 Reviewed by Anders Carlsson. In the JSC bindings, we use HTMLImageElement::hasPendingActivity() (which in turn calls HTMLImageLoader::haveFiredLoadEvent()) to reason about the liveness of JSHTMLImageElements. In the case that an image load is canceled, the haveFiredLoadEvent never true, so the JSHTMLImageElement is kept alive forever (and since it references the global object, it keeps the entire graph alive as well). * loader/ImageLoader.cpp: (WebCore::ImageLoader::notifyFinished): Set m_firedLoad to true in the case of a canceled load, to reset the state back to its initial values. 2011-08-24 Mark Rowe <mrowe@apple.com> Merge r93376. 2011-08-18 Dan Bernstein <mitz@apple.com> <rdar://problem/9973194> Fonts that specify a positive descender value are treated as having descenders ending above the baseline https://bugs.webkit.org/show_bug.cgi?id=66515 Reviewed by Darin Adler. No test because none of the system fonts and test fonts have an incorrectly-specified descender value. * platform/graphics/mac/SimpleFontDataMac.mm: (WebCore::SimpleFontData::platformInit): If the font specifies a positive descender, assume that it meant the same amount, but negative. This is consistent with what Core Text does. 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r90691. 2011-07-10 Dan Bernstein <mitz@apple.com> <rdar://problem/9750062> REGRESSION: Button text missing in many iTunes Store pages https://bugs.webkit.org/show_bug.cgi?id=64236 Reviewed by Maciej Stachowiak. Test: fast/css/empty-display-none.html When an :empty selector caused an element to not have a renderer, the check for empty style change when finishing parsing the elemenet did nothing, because it could not check if the element’s current style was affected by :empty. The fix is to record the fact that the style was affected by :empty in ElementRareData in the no-renderer case. * dom/Element.cpp: (WebCore::Element::recalcStyle): Clear the m_styleAffectedByEmpty flag. (WebCore::checkForEmptyStyleChange): If the style is null (meaning there is no renderer), check Element::styleAffectedByEmpty(). (WebCore::Element::setStyleAffectedByEmpty): Added. Sets the flag in rare data. (WebCore::Element::styleAffectedByEmpty): Added. Checks for the flag in rare data. * dom/Element.h: * dom/ElementRareData.h: (WebCore::ElementRareData::ElementRareData): Added m_styleAffectedByEmpty and initialized it to false. * dom/NodeRenderingContext.cpp: (WebCore::NodeRendererFactory::createRendererAndStyle): If an element doesn’t need a renderer and its style is affected by :empty, record this fact in the element by calling setStyleAffectedByEmpty(). 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r93287. 2011-08-18 Fady Samuel <fsamuel@chromium.org> iframe and frameset scaling is broken https://bugs.webkit.org/show_bug.cgi?id=57785 Reviewed by Simon Fraser. Fixed two iframe and frameset scaling bugs: #1 iframes and frameset backgrounds and scroll areas are doubly scaled when they are styled with -webkit-transform. #2 frameset does not respect -webkit-transform-origin when scaled Tests: fast/frames/frame-set-scaling-3d.html fast/frames/frame-set-scaling-centered.html fast/frames/frame-set-scaling-rotate.html fast/frames/frame-set-scaling-skew.html fast/frames/frame-set-scaling.html fast/frames/iframe-scaling-with-scroll.html * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::layout): Update the FrameSet's layer transform after we've computed size to correctly account for the transform origin. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::childrenClipRect): The dirty rect should be the document's unscaled size. * rendering/RenderWidget.cpp: (WebCore::RenderWidget::setWidget): (WebCore::RenderWidget::updateWidgetPosition): Don't scale the FrameView rect here. Scaling is done within the FrameView. 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r92417. 2011-08-04 Fady Samuel <fsamuel@chromium.org> Background Does Not Scale Correctly with Page https://bugs.webkit.org/show_bug.cgi?id=65690 Reviewed by Simon Fraser. Test: fast/repaint/background-scaling.html * rendering/RenderBox.cpp: (WebCore::RenderBox::paintRootBoxFillLayers): * rendering/RenderView.cpp: (WebCore::RenderView::unscaledDocumentRect): (WebCore::RenderView::documentRect): * rendering/RenderView.h: 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r92894. 2011-08-11 Jeff Miller <jeffm@apple.com> WebCore::AVFWrapper fails to remove observer for kCACFContextNeedsFlushNotification https://bugs.webkit.org/show_bug.cgi?id=66116 We need to pass 0 as the object parameter to CFNotificationCenterRemoveObserver() when removing kCACFContextNeedsFlushNotification to match what we do when we registered for the same notification with CFNotificationCenterAddObserver(). Reviewed by John Sullivan. No new tests, uses existing media tests. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp: (WebCore::AVFWrapper::disconnectAndDeleteAVFWrapper): Pass 0 as the object parameter to CFNotificationCenterRemoveObserver(). (WebCore::AVFWrapper::notificationCallback): Remove obsolete FIXME comment. 2011-08-23 Jessie Berlin <jberlin@apple.com> Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache. https://bugs.webkit.org/show_bug.cgi?id=62764 Reviewed by Alexey Proskuryakov. It is still unclear in what scenario the ResourceLoader could have a non-null DocumentLoader without a Frame, since all loads should be stopped before the DocumentLoader is detached from its Frame. Until a reproducible case is found, bail early to prevent crashes. * loader/ResourceLoader.cpp: (WebCore::ResourceLoader::didFail): Add an early return if the DocumentLoader does not have a Frame. 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r92788. 2011-08-10 Oliver Hunt <oliver@apple.com> Make GC checks more aggressive in release builds https://bugs.webkit.org/show_bug.cgi?id=66001 Reviewed by Gavin Barraclough. Fix GC bugs found while testing increased validation logic * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::JSDOMWindowShell): * bindings/js/JSDOMWindowShell.h: * bindings/js/ScriptController.cpp: (WebCore::ScriptController::createWindowShell): * bridge/objc/ObjCRuntimeObject.h: (JSC::Bindings::ObjCRuntimeObject::create): * bridge/objc/ObjCRuntimeObject.mm: (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject): * bridge/objc/objc_instance.mm: 2011-08-23 Mark Rowe <mrowe@apple.com> Merge r93264. 2011-08-17 Oliver Hunt <oliver@apple.com> Move towards supporting user controlled prototypes on CanvasPixelArray https://bugs.webkit.org/show_bug.cgi?id=66429 Reviewed by Gavin Barraclough. Start using a per-global object structure for canvas pixel array. * bindings/js/JSImageDataCustom.cpp: (WebCore::toJS): 2011-08-23 Lucas Forschler <lforschler@apple.com> Merged 93363 2011-08-18 Jeff Miller <jeffm@apple.com> Soft link against AVFoundationCF and CoreMedia https://bugs.webkit.org/show_bug.cgi?id=65725 Add new macros to SoftLinking.h to support soft-linking to functions and variables decorated with __declspec(dllimport), and use them to soft-link to AVFoundationCF and CoreMedia. I verified that the WebProcess doesn't load these DLLs until a media element is used. Reviewed by Eric Carlson. No new tests as no change in functionality. * WebCore.vcproj/WebCore.vcproj: Added AVFoundationCFSoftLinking.h and CoreMediaSoftLinking.h. * WebCore.vcproj/WebCoreMediaQT.vsprops: Removed DelayLoadDLLs linker option which is no longer needed. * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h: Added. * platform/graphics/avfoundation/cf/CoreMediaSoftLinking.h: Added. * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: Stop linking against AVFoundationCF.lib and CoreMedia.lib and include AVFoundationCFSoftLinking.h and CoreMediaSoftLinking.h. * platform/win/SoftLinking.h: Added SOFT_LINK_DLL_IMPORT() and SOFT_LINK_VARIABLE_DLL_IMPORT() macros. 2011-08-23 Lucas Forschler <lforschler@apple.com> Merged 93260 2011-08-17 Jeff Miller <jeffm@apple.com> Work-in-progress on Soft link against AVFoundationCF and CoreMedia https://bugs.webkit.org/show_bug.cgi?id=65725 Don't bother with SOFT_LINK_LIBRARY(libdispatch), we're going to continue to statically link to it since the DLL will have already been loaded by other parts of AAS and is guaranteed to be available if AVFoundation is enabled. Reviewed by Anders Carlsson. No new tests; no functional change. * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: Removed SOFT_LINK_DEBUG_LIBRARY(libdispatch) and SOFT_LINK_LIBRARY(libdispatch). (WebCore::MediaPlayerPrivateAVFoundationCF::isAvailable): Don't check for libdispatch. 2011-08-18 Lucas Forschler <lforschler@apple.com> Merged 93219 2011-08-17 Jeff Miller <jeffm@apple.com> Some AVFoundation source files should be in platform-specific directories https://bugs.webkit.org/show_bug.cgi?id=66352 Moved platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.* files to platform/graphics/avfoundation/cf, and moved platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.* files to platform/graphics/avfoundation/objc/. While I was at it, added svn:eol-style property to the MediaPlayerPrivateAVFoundationObjC.* files. Also, for some reason, Visual Studio decided to re-sort a couple files in \inspector\front-end\ in WebCore.vcproj, even though I just re-sorted the project in r93215. Reviewed by Eric Carlson. No new tests; no functional change. * WebCore.vcproj/WebCore.vcproj: Moved platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.* files to platform/graphics/avfoundation/cf. * WebCore.vcproj/WebCoreMediaQT.vsprops: Added $(ProjectDir)..\platform\graphics\avfoundation\cf to include paths. * WebCore.xcodeproj/project.pbxproj: Moved platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.* files to platform/graphics/avfoundation/objc/. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp: Removed. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.h: Removed. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: Removed. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: Removed. * platform/graphics/avfoundation/cf: Added. * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: Copied from Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp. * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h: Copied from Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.h. * platform/graphics/avfoundation/objc: Added. * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: Copied from Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h. * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: Copied from Source/WebCore/platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm. Property svn:eol-style set to native 2011-08-23 Lucas Forschler <lforschler@apple.com> Merged patch for: https://bugs.webkit.org/attachment.cgi?id=98041 2011-06-21 Jer Noble <jer.noble@apple.com> Playing video from the manifest crashes on Windows https://bugs.webkit.org/show_bug.cgi?id=62901 No new tests. This will be covered by existing App Cache tests. Two related fixes. 1) Null-check the CFStringRef and CFURLRef created in QTMovie::load() before passing them to CFRelease(). 2) Call QTMovie::loadPath() instead of QTMovie::load() when loading from the app cache. * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: (WebCore::MediaPlayerPrivateQuickTimeVisualContext::loadInternal): * platform/graphics/win/QTMovie.cpp: (QTMovie::loadPath): (QTMovie::load): 2011-08-18 Lucas Forschler <lforschler@apple.com> <rdar://problem/9750868> Manual fix of previous merge mistake. 2011-08-18 Lucas Forschler <lforschler@apple.com> Merged 91998 2011-07-29 Anders Carlsson <andersca@apple.com> Pass the HTTP referrer header for URLs loaded by plug-ins https://bugs.webkit.org/show_bug.cgi?id=65379 <rdar://problem/9822116> Reviewed by Sam Weinig. Export a symbol needed by WebKit2. * WebCore.exp.in: 2011-08-16 Lucas Forschler <lforschler@apple.com> Merged 93047 2011-08-12 Jeff Miller <jeffm@apple.com> MediaPlayerPrivateAVFoundationCF::playerItemStatus() should return MediaPlayerAVPlayerItemStatusDoesNotExist if there is no AVPlayerItem https://bugs.webkit.org/show_bug.cgi?id=66171 MediaPlayerPrivateAVFoundationCF::playerItemStatus() should return MediaPlayerAVPlayerItemStatusDoesNotExist if there is no AVPlayerItem to match the Mac implementation in MediaPlayerPrivateAVFoundationObjC. I also added better logging to notificationCallback(). Reviewed by Jon Honeycutt. No new tests, uses existing media tests. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp: (WebCore::MediaPlayerPrivateAVFoundationCF::playerItemStatus): Return MediaPlayerAVPlayerItemStatusDoesNotExist if no AVPlayerItem. (WebCore::AVFWrapper::notificationCallback): Log the name of the received notification. 2011-08-16 Lucas Forschler <lforschler@apple.com> Merged 92977 2011-08-12 Jeff Miller <jeffm@apple.com> Need to handle kCACFContextNeedsFlushNotification notifications that arrive after the AVFWrapper has been disposed https://bugs.webkit.org/show_bug.cgi?id=65724 Instead of using a pointer to the AVFWrapper object as the context for various callbacks, assign each object an ID and use that instead. Keep track of the mapping between object IDs and AVFWrapper objects in a HashMap, and manage access to this map using a Mutex since it can be accessed from multiple threads. This allows us to actually delete AVFWrapper objects instead of leaking them (which we were doing before to prevent crashes). Reviewed by Eric Carlson. No new tests, uses existing media tests. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp: (WebCore::AVFWrapper::callbackContext): Added. (WebCore::AVFWrapper::AVFWrapper): Initialize m_objectID and add it to the HashMap. (WebCore::AVFWrapper::~AVFWrapper): Log object ID and remove obsolete assert. (WebCore::AVFWrapper::mapLock): Added. (WebCore::AVFWrapper::map): Added. (WebCore::AVFWrapper::addToMap): Added. (WebCore::AVFWrapper::removeFromMap): Added. (WebCore::AVFWrapper::avfWrapperForCallbackContext): Added. (WebCore::AVFWrapper::scheduleDisconnectAndDelete): Remove AVFWrapper from HashMap instead of zeroing m_owner. (WebCore::AVFWrapper::disconnectAndDeleteAVFWrapper): Use callbackContext(), delete the AVFWrapper here. (WebCore::AVFWrapper::createPlayer): Use callbackContext(). (WebCore::AVFWrapper::createPlayerItem): Use callbackContext(). (WebCore::AVFWrapper::periodicTimeObserverCallback): Retrieve AVFWrapper using the HashMap. (WebCore::AVFWrapper::notificationCallback): Retrieve AVFWrapper using the HashMap. (WebCore::AVFWrapper::loadPlayableCompletionCallback): Retrieve AVFWrapper using the HashMap. (WebCore::AVFWrapper::checkPlayability): Use callbackContext(). (WebCore::AVFWrapper::loadMetadataCompletionCallback): Retrieve AVFWrapper using the HashMap. (WebCore::AVFWrapper::beginLoadingMetadata): Use callbackContext(). (WebCore::AVFWrapper::seekCompletedCallback): Retrieve AVFWrapper using the HashMap. (WebCore::AVFWrapper::seekToTime): Use callbackContext(). (WebCore::AVFWrapper::platformLayer): Remove overly noisy LOG(). 2011-08-16 Lucas Forschler <lforschler@apple.com> Merged 88444 2011-06-08 Mikołaj Małecki <m.malecki@samsung.com> Reviewed by Pavel Feldman. Web Inspector: Crash by buffer overrun crash when serializing inspector object tree. https://bugs.webkit.org/show_bug.cgi?id=52791 No new tests. The problem can be reproduced by trying to create InspectorValue from 1.0e-100 and call ->toJSONString() on this. * inspector/InspectorValues.cpp: (WebCore::InspectorBasicValue::writeJSON): Added checking the predicted buffer size and choosing exponential format, or eventually "NaN" if the buffer is too small for decimal format. 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 92692 2011-08-09 Abhishek Arya <inferno@chromium.org> Regression(83075): Fix updateAlwaysCreateLineBoxes on information about full layout which is needed when dirtying lineboxes. https://bugs.webkit.org/show_bug.cgi?id=65924 Reviewed by Dave Hyatt. Test: fast/inline/update-always-create-line-boxes-full-layout-crash.html * rendering/RenderBlockLineLayout.cpp: (WebCore::RenderBlock::layoutInlineChildren): * rendering/RenderInline.cpp: (WebCore::RenderInline::updateAlwaysCreateLineBoxes): * rendering/RenderInline.h: 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 92389 2011-08-03 Adam Roben <aroben@apple.com> Detect and handle overflow in PlatformCALayerWinInternal::constrainedSize Google Maps sometimes requests very large (i.e., 2^50 pixels or greater) layers when zooming. PlatformCALayerWinInternal has code to limit tiled layers to 2^27 pixels, but it was not correctly handling overflow. In some cases, this would lead to creating a tiled layer with 0 tiles, which was the cause of this crash. Fixes <http://webkit.org/b/65637> <rdar://problem/9784849> Crash beneath PlatformCALayerWinInternal::updateTiles when zooming on Google Maps Reviewed by Sam Weinig. Test: compositing/tiling/crash-huge-layer.html * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp: (PlatformCALayerWinInternal::constrainedSize): Check for overflow before seeing if the number of required tiles is larger than the maximum number of allowed tiles. (PlatformCALayerWinInternal::updateTiles): Added an assertion to catch cases where we have a non-empty tiled layer that contains 0 tiles, which would cause the crash in this bug report. 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 92384 2011-08-01 Brian Weinstein <bweinstein@apple.com> WebKit2: Web Inspector always starts in undocked mode https://bugs.webkit.org/show_bug.cgi?id=65493 <rdar://problem/9353114> Reviewed by Adam Roben. Expose some methods on InspectorFrontendClient through the InspectorController so WebKit2 can request the inspector be docked, or ask whether or not it can be docked. * WebCore.exp.in: Export needed methods. * inspector/InspectorController.cpp: (WebCore::InspectorController::requestAttachWindow): Call through to InspectorFrontendClient. (WebCore::InspectorController::canAttachWindow): Ditto. * inspector/InspectorController.h: * inspector/InspectorFrontendClient.h: * inspector/InspectorFrontendClientLocal.h: 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 92231 2011-08-01 Michael Saboff <msaboff@apple.com> Virtual copying of FastMalloc allocated memory causes madvise MADV_FREE_REUSABLE errors https://bugs.webkit.org/show_bug.cgi?id=65502 Reviewed by Anders Carlsson. Change the vm_copy in PurgeableBuffer::create to be a memcpy. The vm_copy causes the process to have additional references to the same memory region. These additional reference caused madvise(MADV_FREE_REUSABLE) to fail when it encountered such pages. No tests added this is a resource defect and not a functional issue. * platform/mac/PurgeableBufferMac.cpp: (WebCore::PurgeableBuffer::create): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 92132 2011-07-28 Abhishek Arya <inferno@chromium.org> Regression(82144): Crash in TrailingObjects::updateMidpointsForTrailingBoxes https://bugs.webkit.org/show_bug.cgi?id=65137 Fix the looping condition to prevent trailingSpaceMidpoint from becoming negative. Reviewed by Dave Hyatt. Test: fast/block/update-midpoints-for-trailing-boxes-crash.html * rendering/RenderBlockLineLayout.cpp: (WebCore::TrailingObjects::updateMidpointsForTrailingBoxes): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91965 2011-07-28 Anders Carlsson <andersca@apple.com> Unreviewed, rolling out r88601. (Requested by Sam Weinig). http://trac.webkit.org/changeset/88601 https://bugs.webkit.org/show_bug.cgi?id=62230 Caused a regression, see https://bugs.webkit.org/show_bug.cgi?id=64378 * dom/StyledElement.cpp: * dom/StyledElement.h: * html/HTMLBodyElement.cpp: (WebCore::HTMLBodyElement::parseMappedAttribute): (WebCore::HTMLBodyElement::insertedIntoDocument): (WebCore::HTMLBodyElement::didMoveToNewOwnerDocument): * html/HTMLBodyElement.h: 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91908 2011-07-27 Ryosuke Niwa <rniwa@webkit.org> Calling window.find immediately after mutating the document crashes WebKit. https://bugs.webkit.org/show_bug.cgi?id=65296 Reviewed by Darin Adler. Don't forget to layout first. Test: editing/text-iterator/find-after-mutation.html * editing/TextIterator.cpp: (WebCore::findPlainText): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91781 2011-07-26 David Hyatt <hyatt@apple.com> https://bugs.webkit.org/show_bug.cgi?id=60778 Use after free because of line box culling optimization regression. In the case of a child with no line box being removed (typically a <br> in quirks mode), if there is no previous sibling with a line box, then we have a potential problem with the culling optimization. The culled inline may still have other leaf line box children, but they may follow the removed <br>. In this case we can't rely on them, since we need a line box that comes before the <br>. The fix is to simply recur up to the parent if we are a culled inline and could not find a previous line box. Reviewed by Dan Bernstein. Added editing/execCommand/crash-line-break-after-outdent.html * rendering/RenderLineBoxList.cpp: (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91689 2011-07-25 Daniel Bates <dbates@rim.com> REGRESSION (r85964): Improper relayout of some nested positioned elements https://bugs.webkit.org/show_bug.cgi?id=64286 Reviewed by David Hyatt. Fixes an issue when traversing up the containing block hierarchy after skipping relatively positioned inlines. When processing a positioned element we skip any intermediate inlines to get to to enclosing block B, but don't use the containing block for B (call this P_B) to properly continue traversing up the containing block hierarchy. So, B may be considered again instead of looking at P_B. Hence, we don't set the correct dirty bits for P_B and may not schedule a relayout with respect to the correct layout node. Test: fast/block/positioning/relayout-nested-positioned-elements-crash.html * rendering/RenderObject.h: (WebCore::RenderObject::markContainingBlocksForLayout): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91611 2011-07-22 Sergey Glazunov <serg.glazunov@gmail.com> Perform the JavaScript navigation check on a complete URL https://bugs.webkit.org/show_bug.cgi?id=65038 Reviewed by Adam Barth. Test: http/tests/security/xss-DENIED-document-baseURI-javascript.html * page/DOMWindow.cpp: (WebCore::DOMWindow::setLocation): (WebCore::DOMWindow::createWindow): (WebCore::DOMWindow::open): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91559 2011-07-22 Jia Pu <jpu@apple.com> Reviewed by Darin Adler. [Mac] Need to make sure autocorrection panel is dismissed in Document::setFocusNode(). https://bugs.webkit.org/show_bug.cgi?id=64824 <rdar://problem/9624232> * editing/Editor.cpp: (WebCore::Editor::textFieldDidEndEditing): Dismiss autocorrection panel when current node losing focus. 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91531 2011-07-21 Gavin Peters <gavinp@chromium.org> Extend the protector of a CSS style sheet. Because checkLoaded() can recursively delete parent style elements, the protector should be extended to include the parent call. https://bugs.webkit.org/show_bug.cgi?id=64736 Reviewed by Simon Fraser. Test: fast/css/css-imports-2.html * css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::checkLoaded): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91474 2011-07-21 Sam Weinig <sam@webkit.org> CSS top margin collapses when paginating https://bugs.webkit.org/show_bug.cgi?id=64906 Reviewed by David Hyatt. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::collapseMargins): (WebCore::RenderBlock::estimateLogicalTopPosition): Update to only go down paginated path when we actually have a page height (so not in the case that we are just gathering breaks) and to call the version of of nextPageLogicalTop that actually returns the next page, even if we are at the boundary point. (WebCore::RenderBlock::nextPageLogicalTopExcludingBoundaryPoint): (WebCore::RenderBlock::nextPageLogicalTopIncludingBoundaryPoint): Split into two functions which differ in how they deal with the boundary condition. (WebCore::RenderBlock::applyBeforeBreak): (WebCore::RenderBlock::applyAfterBreak): Switch to call nextPageLogicalTopIncludingBoundaryPoint. * rendering/RenderBlock.h: Add new functions declarations and comment them. 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91270 2011-07-19 Abhishek Arya <inferno@chromium.org> Crash when removing unrenderered nodes in replacement fragment. https://bugs.webkit.org/show_bug.cgi?id=64801 Reviewed by Ryosuke Niwa. Test: editing/pasteboard/replacement-fragment-remove-unrendered-node-crash.html * editing/ReplaceSelectionCommand.cpp: (WebCore::ReplacementFragment::removeUnrenderedNodes): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91152 2011-07-16 Sergey Glazunov <serg.glazunov@gmail.com> DOMWindow::open performs a security check on a wrong window https://bugs.webkit.org/show_bug.cgi?id=64651 Reviewed by Adam Barth. Test: http/tests/security/xss-DENIED-window-open-parent.html * page/DOMWindow.cpp: (WebCore::DOMWindow::open): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91097 2011-07-15 Dan Bernstein <mitz@apple.com> REGRESSION: Mouse cursor doesn’t hide when full screen video HUD hides https://bugs.webkit.org/show_bug.cgi?id=64615 Reviewed by Anders Carlsson. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::enteredFullscreen): Hide the mouse cursor immediately when entering full screen. (WebCore::MediaControlRootElement::hideFullscreenControlsTimerFired): Hide the mouse cursor when hiding the HUD. * loader/EmptyClients.h: (WebCore::EmptyChromeClient::setCursorHiddenUntilMouseMoves): Added empty implementation. * page/Chrome.cpp: (WebCore::Chrome::setCursorHiddenUntilMouseMoves): Added. Calls through to the client. * page/Chrome.h: * page/ChromeClient.h: * platform/HostWindow.h: 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91044 2011-07-14 Adam Barth <abarth@webkit.org> The beforeload event allows tracking URI changes in a frame https://bugs.webkit.org/show_bug.cgi?id=64482 Reviewed by Nate Chapin. Tests: http/tests/security/beforeload-iframe-client-redirect.html http/tests/security/beforeload-iframe-server-redirect.html Only dispatch the beforeload event for a frame if we haven't yet committed our first real load. The URL that we send to our parent will be the same URL the parent seens in the src attribute. * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadWithDocumentLoader): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 91040 2011-07-14 Darin Adler <darin@apple.com> [Mac] Use [NSCursor operationNotAllowedCursor] for CSS no-drop as well as CSS not-allowed https://bugs.webkit.org/show_bug.cgi?id=64570 Reviewed by Alexey Proskuryakov. Mac OS X documentation and usage makes it clear that this cursor is usually used for no-drop, and that it's also reasonable to use it for not-allowed. * platform/mac/CursorMac.mm: (WebCore::Cursor::ensurePlatformCursor): Use [NSCursor operationNotAllowedCursor] for Cursor::NoDrop. 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 90595 2011-07-07 Gavin Peters <gavinp@chromium.org> Reviewed by Alexey Proskuryakov. fast/dom/HTMLLinkElement/link-and-subresource-test.html is flaky on chromium debug bots https://bugs.webkit.org/show_bug.cgi?id=60097 The culprit was that CachedResource:stopLoading() was using *this after a call to checkNotify(), which isn't kosher. This patch uses a CachedResourceHandle to keep the CachedResource alive. The test is a very close copy of the eponymous link-and-subresource-test.html, only substituting invalid resources for the valid ones in that test. The reproduction is timing related, and happens much more consistantly with an invalid resource for whatever reason. Test: fast/dom/HTMLLinkElement/link-and-subresource-test-nonexistent.html * loader/cache/CachedResource.cpp: (WebCore::CachedResource::stopLoading): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 89987 2011-06-28 Roland Steiner <rolandsteiner@chromium.org> Reviewed by Eric Seidel. Bug 55930 - (CVE-2011-1440) Incorrect handling of 'display:' property within nested <ruby> tags https://bugs.webkit.org/show_bug.cgi?id=55930 Don't set style type BEFORE/AFTER on anonymous wrapper block. Rather, check style type on generated wrapped child. Tests: fast/ruby/generated-after-counter-doesnt-crash.html fast/ruby/generated-before-and-after-counter-doesnt-crash.html fast/ruby/generated-before-counter-doesnt-crash.html * rendering/RenderRuby.cpp: (WebCore::isAnonymousRubyInlineBlock): (WebCore::isRubyBeforeBlock): (WebCore::isRubyAfterBlock): (WebCore::rubyBeforeBlock): (WebCore::rubyAfterBlock): (WebCore::createAnonymousRubyInlineBlock): (WebCore::RenderRubyAsInline::addChild): (WebCore::RenderRubyAsBlock::addChild): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 89214 2011-06-19 Michael Saboff <msaboff@apple.com> Reviewed by Darin Adler. Add notify handler to trigger MemoryPressureHandler in all builds https://bugs.webkit.org/show_bug.cgi?id=62679 Removed SIGUSR2 trigger and added a notify trigger for the MemoryPressureHandler. The notify trigger is enabled for all builds. No test added as only added new memory pressure trigger. * platform/mac/MemoryPressureHandlerMac.mm: (WebCore::MemoryPressureHandler::install): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 88434 2011-06-09 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Running script from attach can remove elements from the stack of open elements https://bugs.webkit.org/show_bug.cgi?id=62160 When the tree build runs script synchronously, that script can remove arbitrary elements from the stack of open elements. We need to hold a reference to |parent| in attach instead of rely upon the reference in the stack of open elements. Test: fast/parser/document-write-onload-clear.html * html/parser/HTMLConstructionSite.cpp: (WebCore::HTMLConstructionSite::attach): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 87875 2011-06-01 Abhishek Arya <inferno@chromium.org> Unreviewed. Coding style nit. Move ec=0 initialization, change recommended by Alexey in bug. https://bugs.webkit.org/show_bug.cgi?id=60831 * dom/Document.cpp: (WebCore::Document::setBody): 2011-08-11 Lucas Forschler <lforschler@apple.com> Merged 87863 2011-06-01 Abhishek Arya <inferno@chromium.org> Reviewed by Alexey Proskuryakov. Fix setting of document.body https://bugs.webkit.org/show_bug.cgi?id=60831 1. Only allowing setting to an element if it has a body tag. 2. If element is from another document, import it. Test: fast/dom/document-set-body.html * dom/Document.cpp: (WebCore::Document::setBody): 2011-08-09 Gavin Barraclough <barraclough@apple.com> Reviewed by nobody. Merged JavaScriptCore & JavaScriptGlue from 86722 to 92405. EXCEPT, Did not merge patches: 86837, 89283, 90643, 92068, 92254. ALSO, Did merge full patch (including non-JSC/JSG changes) for: 87346, 88587, 89069, 90383, 91095, 91194, 91195, 91790, 91903, 92224. 2011-08-05 Lucas Forschler <lforschler@apple.com> Another speculative Windows build fix, since r88958 never made it into the branch. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: Initialize a variable. 2011-08-05 Lucas Forschler <lforschler@apple.com> Windows build fix, since r88958 never made it into the branch. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.h: Add stub for createAVAssetForCacheResource(). 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92404. 2011-08-04 Jeff Miller <jeffm@apple.com> Adopt AVCF media back end on Windows https://bugs.webkit.org/show_bug.cgi?id=65400 <rdar://problem/9894105> First cut at implementation in MediaPlayerPrivateAVFoundationCF.cpp/.h, based on work by Eric Carlson. Note that use of AVFoundation is determined at runtime, and defaults to off. Reviewed by Darin Adler. No new tests, uses existing media tests. * config.h: Turn on WTF_USE_AVFOUNDATION on Windows if AVFoundationCF is available. * platform/graphics/MediaPlayer.cpp: (WebCore::installedMediaEngines): Register MediaPlayerPrivateAVFoundationCF on Windows. * platform/graphics/MediaPlayer.h: Add support for an AVCFPlayer. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::setPreload): Workaround an AVCF limitation that prevents an AVCFPlayer from being created without an AVCFItem. (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): Added support for ContentsNeedsDisplay notification. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: (WebCore::MediaPlayerPrivateAVFoundation::contentsNeedsDisplay): Added support for ContentsNeedsDisplay notification. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.cpp: Added implementation. (WebCore::AVFWrapper::caVideoLayer): (WebCore::AVFWrapper::videoLayerWrapper): (WebCore::AVFWrapper::videoLayer): (WebCore::AVFWrapper::avPlayer): (WebCore::AVFWrapper::avAsset): (WebCore::AVFWrapper::avPlayerItem): (WebCore::AVFWrapper::timeObserver): (WebCore::AVFWrapper::imageGenerator): (WebCore::AVFWrapper::dispatchQueue): (WebCore::LayerClient::LayerClient): (WebCore::LayerClient::~LayerClient): (WebCore::LayerClient::platformCALayerRespondsToLayoutChanges): (WebCore::LayerClient::platformCALayerAnimationStarted): (WebCore::LayerClient::platformCALayerContentsOrientation): (WebCore::LayerClient::platformCALayerPaintContents): (WebCore::LayerClient::platformCALayerShowDebugBorders): (WebCore::LayerClient::platformCALayerShowRepaintCounter): (WebCore::LayerClient::platformCALayerIncrementRepaintCount): (WebCore::LayerClient::platformCALayerContentsOpaque): (WebCore::LayerClient::platformCALayerDrawsContent): (WebCore::LayerClient::platformCALayerLayerDidDisplay): (WebCore::boolString): (WebCore::metadataKeyNames): (WebCore::CMTimeRangeStartKey): (WebCore::CMTimeRangeDurationKey): (WebCore::CACFContextNeedsFlushNotification): (WebCore::videoLayer): (WebCore::avPlayer): (WebCore::avAsset): (WebCore::avPlayerItem): (WebCore::imageGenerator): (WebCore::MediaPlayerPrivateAVFoundationCF::create): (WebCore::MediaPlayerPrivateAVFoundationCF::registerMediaEngine): (WebCore::MediaPlayerPrivateAVFoundationCF::MediaPlayerPrivateAVFoundationCF): (WebCore::MediaPlayerPrivateAVFoundationCF::~MediaPlayerPrivateAVFoundationCF): (WebCore::MediaPlayerPrivateAVFoundationCF::cancelLoad): (WebCore::MediaPlayerPrivateAVFoundationCF::hasLayerRenderer): (WebCore::MediaPlayerPrivateAVFoundationCF::hasContextRenderer): (WebCore::MediaPlayerPrivateAVFoundationCF::createContextVideoRenderer): (WebCore::MediaPlayerPrivateAVFoundationCF::destroyContextVideoRenderer): (WebCore::MediaPlayerPrivateAVFoundationCF::createVideoLayer): (WebCore::MediaPlayerPrivateAVFoundationCF::destroyVideoLayer): (WebCore::MediaPlayerPrivateAVFoundationCF::hasAvailableVideoFrame): (WebCore::MediaPlayerPrivateAVFoundationCF::createAVPlayer): (WebCore::MediaPlayerPrivateAVFoundationCF::createAVPlayerItem): (WebCore::MediaPlayerPrivateAVFoundationCF::createAVAssetForURL): (WebCore::MediaPlayerPrivateAVFoundationCF::checkPlayability): (WebCore::MediaPlayerPrivateAVFoundationCF::beginLoadingMetadata): (WebCore::MediaPlayerPrivateAVFoundationCF::playerItemStatus): (WebCore::MediaPlayerPrivateAVFoundationCF::platformMedia): (WebCore::MediaPlayerPrivateAVFoundationCF::platformLayer): (WebCore::MediaPlayerPrivateAVFoundationCF::platformSetVisible): (WebCore::MediaPlayerPrivateAVFoundationCF::platformPlay): (WebCore::MediaPlayerPrivateAVFoundationCF::platformPause): (WebCore::MediaPlayerPrivateAVFoundationCF::updateRate): (WebCore::MediaPlayerPrivateAVFoundationCF::platformDuration): (WebCore::MediaPlayerPrivateAVFoundationCF::currentTime): (WebCore::MediaPlayerPrivateAVFoundationCF::seekToTime): (WebCore::MediaPlayerPrivateAVFoundationCF::setVolume): (WebCore::MediaPlayerPrivateAVFoundationCF::setClosedCaptionsVisible): (WebCore::MediaPlayerPrivateAVFoundationCF::rate): (WebCore::timeRangeIsValidAndNotEmpty): (WebCore::MediaPlayerPrivateAVFoundationCF::platformBufferedTimeRanges): (WebCore::MediaPlayerPrivateAVFoundationCF::platformMaxTimeSeekable): (WebCore::MediaPlayerPrivateAVFoundationCF::platformMaxTimeLoaded): (WebCore::MediaPlayerPrivateAVFoundationCF::totalBytes): (WebCore::MediaPlayerPrivateAVFoundationCF::assetStatus): (WebCore::MediaPlayerPrivateAVFoundationCF::paintCurrentFrameInContext): (WebCore::MediaPlayerPrivateAVFoundationCF::paint): (WebCore::mimeTypeCache): (WebCore::MediaPlayerPrivateAVFoundationCF::getSupportedTypes): (WebCore::MediaPlayerPrivateAVFoundationCF::supportsType): (WebCore::MediaPlayerPrivateAVFoundationCF::isAvailable): (WebCore::MediaPlayerPrivateAVFoundationCF::mediaTimeForTimeValue): (WebCore::MediaPlayerPrivateAVFoundationCF::tracksChanged): (WebCore::MediaPlayerPrivateAVFoundationCF::sizeChanged): (WebCore::MediaPlayerPrivateAVFoundationCF::contentsNeedsDisplay): (WebCore::AVFWrapper::AVFWrapper): (WebCore::AVFWrapper::~AVFWrapper): (WebCore::AVFWrapper::scheduleDisconnectAndDelete): (WebCore::AVFWrapper::disconnectAndDeleteAVFWrapper): (WebCore::AVFWrapper::deleteAVFWrapper): (WebCore::AVFWrapper::createAssetForURL): (WebCore::AVFWrapper::createPlayer): (WebCore::AVFWrapper::createPlayerItem): (WebCore::AVFWrapper::periodicTimeObserverCallback): (WebCore::AVFWrapper::notificationCallback): (WebCore::AVFWrapper::loadPlayableCompletionCallback): (WebCore::AVFWrapper::checkPlayability): (WebCore::AVFWrapper::loadMetadataCompletionCallback): (WebCore::AVFWrapper::beginLoadingMetadata): (WebCore::AVFWrapper::seekCompletedCallback): (WebCore::AVFWrapper::seekToTime): (WebCore::AVFWrapper::setAsset): (WebCore::AVFWrapper::platformLayer): (WebCore::AVFWrapper::createAVCFVideoLayer): (WebCore::AVFWrapper::destroyVideoLayer): (WebCore::AVFWrapper::setVideoLayerNeedsCommit): (WebCore::AVFWrapper::setVideoLayerHidden): (WebCore::AVFWrapper::createImageGenerator): (WebCore::AVFWrapper::destroyImageGenerator): (WebCore::AVFWrapper::createImageForTimeInRect): (WebCore::LayerClient::platformCALayerLayoutSublayersOfLayer): * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationCF.h: Added implementation. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92398. 2011-08-04 Jeff Miller <jeffm@apple.com> Fix WinCE build after r92308. * config.h: Don't try to include WebCoreHeaderDetection.h for WinCE. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92309. 2011-08-03 Jeff Miller <jeffm@apple.com> Fix Chromimum and Qt builds after r92308. * config.h: Don't try to include WebCoreHeaderDetection.h for Chromimum and Qt. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92308. 2011-08-03 Jeff Miller <jeffm@apple.com> Generate WebCoreHeaderDetection.h on Windows to define HAVE_AVCF https://bugs.webkit.org/show_bug.cgi?id=65634 AVFoundation support on Windows will (eventually) be predicated on the availability of AVFoundationCF headers and libraries in the WebKit Support Libraries, so we test for the existence of one of the header files (AVCFBase.h) to determine whether to AVCF is available. For now, even if AVFoundationCF is available, leave WTF_USE_AVFOUNDATION off, since it's not ready to be turned on yet (which is covered by http://webkit.org/b/65400). Ideally, we would generate WebCoreHeaderDetection.h on all platforms so we could include it unconditionally in WebCore's config.h, but unfortunately the Mac-only file ExportFileGenerator.cpp depends on WTF_USE_AVFOUNDATION being set correctly, and since this .cpp file is also generated it doesn't have access to WebCoreHeaderDetection.h. Reviewed by Adam Roben. No change in functionality, so new tests. * DerivedSources.make: Add rule to generate WebCoreHeaderDetection.h to set HAVE_AVCF on Windows. * config.h: Include WebCoreHeaderDetection.h on Windows, check for HAVE(AVCF) but always leave WTF_USE_AVFOUNDATION off on Windows for now. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92210. 2011-08-02 Jeff Miller <jeffm@apple.com> Move WTF_USE_AVFOUNDATION from JavaScriptCore/wtf/platform.h to WebCore/config.h https://bugs.webkit.org/show_bug.cgi?id=65552 Since this is a WebCore feature, there's no need to define it in JavaScriptCore/wtf/platform.h. Reviewed by Adam Roben. No change in functionality, so new tests. * config.h: Added WTF_USE_AVFOUNDATION. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92035. 2011-08-05 Lucas Forschler <lforschler@apple.com> Merged 92034. 2011-07-29 Jeff Miller <jeffm@apple.com> Work-in-progress on Adopt AVCF media back end on Windows https://bugs.webkit.org/show_bug.cgi?id=65400 <rdar://problem/9083559> Make MediaPlayerPrivateAVFoundation::setDelayCallbacks() const and make the ivars it references mutable so other const member functions can call it. Reviewed by Darin Adler. No changes to functionality so no new tests. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::setDelayCallbacks): * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: 2011-08-04 Tim Horton <timothy_horton@apple.com> Reviewed by Nikolas Zimmerman. Errors encountered within SVG documents should be reported to the console https://bugs.webkit.org/show_bug.cgi?id=62599 <rdar://problem/9727074> Make use of SVGLength::construct when parsing Length attributes; we will now propagate errors which occur while parsing SVGLength attributes to the Web Inspector console. * svg/SVGCircleElement.cpp: (WebCore::SVGCircleElement::parseMappedAttribute): * svg/SVGCursorElement.cpp: (WebCore::SVGCursorElement::parseMappedAttribute): * svg/SVGEllipseElement.cpp: (WebCore::SVGEllipseElement::parseMappedAttribute): * svg/SVGFilterElement.cpp: (WebCore::SVGFilterElement::parseMappedAttribute): * svg/SVGFilterPrimitiveStandardAttributes.cpp: (WebCore::SVGFilterPrimitiveStandardAttributes::parseMappedAttribute): * svg/SVGForeignObjectElement.cpp: (WebCore::SVGForeignObjectElement::parseMappedAttribute): * svg/SVGImageElement.cpp: (WebCore::SVGImageElement::parseMappedAttribute): * svg/SVGLineElement.cpp: (WebCore::SVGLineElement::parseMappedAttribute): * svg/SVGLinearGradientElement.cpp: (WebCore::SVGLinearGradientElement::parseMappedAttribute): * svg/SVGMarkerElement.cpp: (WebCore::SVGMarkerElement::parseMappedAttribute): * svg/SVGMaskElement.cpp: (WebCore::SVGMaskElement::parseMappedAttribute): * svg/SVGPatternElement.cpp: (WebCore::SVGPatternElement::parseMappedAttribute): * svg/SVGRadialGradientElement.cpp: (WebCore::SVGRadialGradientElement::parseMappedAttribute): * svg/SVGRectElement.cpp: (WebCore::SVGRectElement::parseMappedAttribute): * svg/SVGSVGElement.cpp: (WebCore::SVGSVGElement::parseMappedAttribute): * svg/SVGTextContentElement.cpp: (WebCore::SVGTextContentElement::parseMappedAttribute): * svg/SVGTextPathElement.cpp: (WebCore::SVGTextPathElement::parseMappedAttribute): * svg/SVGUseElement.cpp: (WebCore::SVGUseElement::parseMappedAttribute): 2011-08-03 Lucas Forschler <lforschler@apple.com> Merged 91447. 2011-07-20 Ryosuke Niwa <rniwa@webkit.org> Fix a Valgrind failure caused by r91435. * platform/ScrollableArea.cpp: (WebCore::ScrollableArea::ScrollableArea): 2011-08-03 Lucas Forschler <lforschler@apple.com> Merged 91438. 2011-07-20 Ryosuke Niwa <rniwa@webkit.org> Build fix after r91435. * platform/mac/ScrollViewMac.mm: (WebCore::ScrollView::platformSetScrollbarOverlayStyle): 2011-08-03 Lucas Forschler <lforschler@apple.com> Merged 91435. 2011-07-20 Tim Horton <timothy_horton@apple.com> Scrollbar color heuristic needs to be hooked up in WebKit1 https://bugs.webkit.org/show_bug.cgi?id=64220 <rdar://problem/9589140> Reviewed by Darin Adler. Store the scroller style on ScrollableArea, and recompute it whenever the document or body element background color changes or the base background color of the scrollview changes. Also, make sure to repaint the scrollbars whenever the style changes. No new tests, since this code is only enabled on future versions of Mac OS X. * WebCore.exp.in: * page/Frame.cpp: (WebCore::Frame::getDocumentBackgroundColor): * page/Frame.h: * page/FrameView.cpp: (WebCore::FrameView::recalculateScrollbarOverlayStyle): (WebCore::FrameView::setBaseBackgroundColor): (WebCore::FrameView::documentBackgroundColor): Renamed. * page/FrameView.h: * platform/ScrollView.cpp: (WebCore::ScrollView::setScrollbarOverlayStyle): * platform/ScrollView.h: * platform/ScrollableArea.cpp: (WebCore::ScrollableArea::setScrollbarOverlayStyle): * platform/ScrollableArea.h: (WebCore::ScrollableArea::scrollbarOverlayStyle): * platform/ScrollbarTheme.h: (WebCore::ScrollbarTheme::updateScrollbarOverlayStyle): * platform/mac/ScrollViewMac.mm: (WebCore::toNSScrollerKnobStyle): (WebCore::ScrollView::platformSetScrollbarOverlayStyle): * platform/mac/ScrollbarThemeMac.h: * platform/mac/ScrollbarThemeMac.mm: (WebCore::toScrollbarPainterKnobStyle): (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle): (WebCore::ScrollbarThemeMac::paint): * rendering/RenderBox.cpp: (WebCore::RenderBox::styleDidChange): 2011-08-03 Lucas Forschler <lforschler@apple.com> Merged 90705. 2011-07-10 Anders Carlsson <andersca@apple.com> WebKit2 is leaking NSCursors created by leakNamedCursor https://bugs.webkit.org/show_bug.cgi?id=64241 <rdar://problem/9507151> Reviewed by Oliver Hunt. * platform/mac/CursorMac.mm: (WebCore::createNamedCursor): Rename this from leakNamedCursor to createNamedCursor and make it return a RetainPtr<NSCursor> instead of a raw pointer. (WebCore::Cursor::ensurePlatformCursor): Don't leak cursors here. We still won't deallocate cursors during shutdown (which leakNamedCursor was said to prevent) because the cursor singletons are all allocated from the heap and are never destroyed anyway. 2011-08-02 Lucas Forschler <lforschler@apple.com> Merged 91616. 2011-07-22 Jessie Berlin <jberlin@apple.com> [WebKit2] Changing the cookie accept policy in Private Browsing doesn’t work https://bugs.webkit.org/show_bug.cgi?id=64997 Reviewed by Ada Chan. * WebCore.exp.in: * platform/mac/WebCoreSystemInterface.h: * platform/mac/WebCoreSystemInterface.mm: 2011-07-29 Lucas Forschler <lforschler@apple.com> Merged 91222. 2011-07-18 Brian Weinstein <bweinstein@apple.com> Prep work for: Crash under WebPage::platformDragEnded when dragging on Mac https://bugs.webkit.org/show_bug.cgi?id=64766 <rdar://problem/9548174> Reviewed by Darin Adler. Add a DragClient function that is called when a drag is ended, and call it from DragController::dragEnded. This isn't used yet, but will be used by WebKit2 on Mac. This patch also cleans up style in DragClient.h. No change in behavior, no tests needed. * page/DragClient.h: (WebCore::DragClient::dragEnded): Stub virtual implementation for now, this will be used by WebKit2 on Mac. * page/DragController.cpp: (WebCore::DragController::dragEnded): Call DragClient::dragEnded. 2011-07-29 Lucas Forschler <lforschler@apple.com> Merged 91219. 2011-07-18 Jon Honeycutt <jhoneycutt@apple.com> Focus and selection events are not fired when a <select>'s selection changes https://bugs.webkit.org/show_bug.cgi?id=64504 <rdar://problem/9319881> Reviewed by Alice Liu. Test: platform/win/accessibility/option-element-selection-and-focus-events.html * accessibility/chromium/AXObjectCacheChromium.cpp: (WebCore::AXObjectCache::postPlatformNotification): Add new notification type to the section of unhandled notifications. * accessibility/AXObjectCache.h: Declare a new notification, AXMenuListItemSelected. * accessibility/AccessibilityMenuList.cpp: (WebCore::AccessibilityMenuList::didUpdateActiveOption): Tell our child popup that the active option changed, and post a notification that our value changed. * accessibility/AccessibilityMenuList.h: Declare didUpdateActiveOption(). * accessibility/AccessibilityMenuListPopup.cpp: (WebCore::AccessibilityMenuListPopup::didUpdateActiveOption): Get the child <option> element that is selected, and fire focus and selection events for it. * accessibility/AccessibilityMenuListPopup.h: Declare didUpdateActiveOption(). * accessibility/win/AXObjectCacheWin.cpp: (WebCore::AXObjectCache::postPlatformNotification): Map AXMenuListItemSelected -> EVENT_OBJECT_SELECTION. * dom/SelectElement.cpp: (WebCore::SelectElement::setSelectedIndex): Pass the newly-selected index. * rendering/RenderMenuList.cpp: (WebCore::RenderMenuList::RenderMenuList): Update the initialization list for the renamed m_lastActiveIndex. (WebCore::RenderMenuList::setTextFromOption): A new selection has been made in the popup; call didUpdateActiveOption(). (WebCore::RenderMenuList::didSetSelectedIndex): Call didUpdateActiveOption(), passing the index of the newly-selected <option>. (WebCore::RenderMenuList::didUpdateActiveOption): If accessibility is disabled, or if the active option has not changed, return early. Check whether the option index is in the range of list items, and assert that the item at that index is an <option> element. Tell the AccessibilityMenuList for this element that we updated the active option. * rendering/RenderMenuList.h: Updated the declaration of didSetSelectedIndex() to take the selected index. Declared didUpdateActiveOption(). Renamed m_lastSelectedIndex to m_lastActiveIndex. 2011-07-29 Lucas Forschler <lforschler@apple.com> Merged 90295. 2011-07-01 Darin Adler <darin@apple.com> Add change accidentally left out of last commit. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateContentsScale): Multiply in the backing scale. 2011-07-29 Lucas Forschler <lforschler@apple.com> Merged 90293. 2011-07-01 Darin Adler <darin@apple.com> Consider backing scale when setting up graphics layers https://bugs.webkit.org/show_bug.cgi?id=63848 Reviewed by Simon Fraser. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::clampedContentsScaleForScale): Increased the maximum scale since scale factor can now include both page contents scale and backing scale. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::createGraphicsLayer): Multiply in the backing scale as well as the page contents scale. (WebCore::RenderLayerBacking::updateForegroundLayer): Ditto. (WebCore::RenderLayerBacking::updateMaskLayer): Ditto. (WebCore::RenderLayerBacking::pageContentsScale): Added. (WebCore::RenderLayerBacking::backingScale): Added. * rendering/RenderLayerBacking.h: Added new private functions. 2011-07-25 Lucas Forschler <lforschler@apple.com> Merged 91147. 2011-07-22 Lucas Forschler <lforschler@apple.com> Fix the build. * platform/mac/ScrollbarThemeMac.mm: (WebCore::ScrollbarThemeMac::updateEnabledState): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 87171. 2011-05-24 Matthew Delaney <mdelaney@apple.com> Reviewed by Simon Fraser. Clamp coordinates to integers for canvas create/getImageData routines https://bugs.webkit.org/show_bug.cgi?id=61135 Test: fast/canvas/canvas-getImageData-largeNonintegralDimensions.html * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::convertLogicalToDevice): clamp to ints * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::createImageData): (WebCore::CanvasRenderingContext2D::getImageData): * platform/graphics/cg/ImageBufferDataCG.cpp: (WebCore::ImageBufferData::getData): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 87103. 2011-05-23 Matthew Delaney <mdelaney@apple.com> Reviewed by Simon Fraser. Remove safeFloatToInt() in FloatRect.cpp and replace with working version of clampToInteger() https://bugs.webkit.org/show_bug.cgi?id=58216 No new tests. The SVG tests mask-excessive-malloc.svg and pattern-excessive-malloc.svg exercise this code path. * platform/graphics/FloatRect.cpp: (WebCore::enclosingIntRect): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 91066. 2011-07-15 Jeff Miller <jeffm@apple.com> Fullscreen content doesn't use fullscreen controller on Windows https://bugs.webkit.org/show_bug.cgi?id=64540 <rdar://problem/9510455> Reviewed by Darin Adler. RenderThemeWin needs to override extraFullScreenStyleSheet() to return the fullscreenQuickTime stylesheet. Test added to fullscreen/video-controls-override.html. * rendering/RenderThemeWin.cpp: (WebCore::RenderThemeWin::extraFullScreenStyleSheet): Added. * rendering/RenderThemeWin.h: Override extraFullScreenStyleSheet(). 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 91005. 2011-07-14 Tim Horton <timothy_horton@apple.com> Clear SVGElementInstance's children immediately upon detachment https://bugs.webkit.org/show_bug.cgi?id=63739 <rdar://problem/9705708> Reviewed by Nikolas Zimmermann. In addition to clearing the instance's children in the destructor, clear them when the instance is detached from its <use>. This way, we won't attempt to use them after we're detached but before the destructor has been called. Test: svg/custom/use-crash-using-children-before-destroy.svg * svg/SVGElementInstance.cpp: (WebCore::SVGElementInstance::~SVGElementInstance): (WebCore::SVGElementInstance::clearChildren): * svg/SVGElementInstance.h: * svg/SVGUseElement.cpp: (WebCore::SVGUseElement::detachInstance): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 90936. 2011-07-13 Abhishek Arya <inferno@chromium.org> Reviewed by Adam Barth. Issue with Frame lifetime due to deletion in beforeload event. https://bugs.webkit.org/show_bug.cgi?id=64457 Copy the Frame protector higher in the stack from loadWithDocumentLoader to loadFrameRequest since any of loadPostRequest or loadURL can call loadWithDocumentLoader, thereby dispatching the beforeload event and blowing away the frame. This deleted frame will be later accessed in the loadFrameRequest function causing a crash. Test: fast/events/form-iframe-target-before-load-crash2.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadFrameRequest): (WebCore::FrameLoader::loadWithDocumentLoader): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 90914. 2011-07-13 John Knottenbelt <jknotten@chromium.org> Reference Geolocation object from GeoNotifier and Geolocation::setIsAllowed. https://bugs.webkit.org/show_bug.cgi?id=64363 Reviewed by Tony Gentilcore. Test: fast/dom/Geolocation/remove-remote-context-in-error-callback-crash.html * page/Geolocation.cpp: (WebCore::Geolocation::setIsAllowed): * page/Geolocation.h: 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 90797. 2011-07-11 Jer Noble <jer.noble@apple.com> HTML5 video controller in fullscreen is partly off-screen (at least on youtube) using ClickToFlash https://bugs.webkit.org/show_bug.cgi?id=64327 Reviewed by Darin Adler. No new tests; no change in functionality, so covered by existing tests. Make the rules from fullscreenQuickTime.css !important so they are not overridden by page authors. * css/fullscreenQuickTime.css: (video:-webkit-full-screen::-webkit-media-controls-panel): 2011-07-22 Lucas Forschler <lforschler@apple.com> Merged 90573. 2011-07-07 Dan Bernstein <mitz@apple.com> <rdar://problem/9737435> Re-enable -webkit-column-break-inside: avoid https://bugs.webkit.org/show_bug.cgi?id=64102 Reviewed by Simon Fraser. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::adjustForUnsplittableChild): Treat the child as unsplittable if '-webkit-column-break-inside: avoid' was specified. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90486. 2011-07-06 John Sullivan <sullivan@apple.com> IconDatabase::synchronousIconForPageURL() has inconsistent API when no custom icon is available <https://bugs.webkit.org/show_bug.cgi?id=64015> <rdar://problem/9706277> For some URLs it would return a particular size of default icon; for other URLs it would return 0. Reviewed by Ada Chan. * loader/icon/IconDatabase.cpp: (WebCore::IconDatabase::synchronousIconForPageURL): Return 0 in all cases where there is no custom icon. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90166. 2011-06-30 Julien Chaffraix <jchaffraix@webkit.org> Reviewed by Nikolas Zimmermann. Update SVG position values on SVG DOM updates https://bugs.webkit.org/show_bug.cgi?id=62439 Test: svg/custom/crash-textPath-attributes.html * rendering/svg/RenderSVGInline.cpp: (WebCore::RenderSVGInline::destroy): Notify our containing RenderSVGText that it needs to update its positioning information. * rendering/svg/SVGInlineFlowBox.cpp: (WebCore::SVGInlineFlowBox::calculateBoundaries): Check the type of the InlineBox like the rest of the code (fixes an ASSERT_NOT_REACHED in InlineBox::calculateBoudaries). * rendering/svg/SVGTextLayoutAttributesBuilder.cpp: (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForTextSubtree): Clear our cached layout attributes every time we invalidate them. This avoids keeping stale attribute that have a backpointer to a RenderObject. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90156. 2011-06-30 Julien Chaffraix <jchaffraix@webkit.org> Reviewed by Nikolas Zimmermann. Assertion failure in RenderSVGInlineText::characterStartsNewTextChunk https://bugs.webkit.org/show_bug.cgi?id=63076 Tests: svg/custom/crash-text-in-textpath.svg svg/custom/text-node-in-text-invalidated.svg The problem was that we did not call setNeedsPositionUpdate on RenderSVGText. When doing our layout, we would not update the attributes on our SVGRenderInlineText as we would not lay it out. This was caused by childrenChanged being overridden on SVGTextPositioningElement but not on SVGTextPathElement. As both classes shared the same mother class, it made sense to move the logic here. There should be no other side effects as SVGTextPathElement and SVGTextPositioningElement are the only classes deriving from SVGTextContentElement. * svg/SVGTextContentElement.cpp: (WebCore::SVGTextContentElement::childrenChanged): Moved this method from SVGTextPositioningElement. * svg/SVGTextContentElement.h: * svg/SVGTextPositioningElement.cpp: (WebCore::SVGTextPositioningElement::svgAttributeChanged): Updated after updatePositioningValuesInRenderer removal, replaced by RenderSVGText::locateRenderSVGTextAncestor. * svg/SVGTextPositioningElement.h: 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90130. 2011-06-30 Abhishek Arya <inferno@chromium.org> Reviewed by Ryosuke Niwa. Crash when calling DOMSubtreeModified event when extracting range contents. https://bugs.webkit.org/show_bug.cgi?id=63650 Convert a few nodes to RefPtrs and add commonRoot verification checks for Range::processContents. Tests: fast/dom/Range/range-extract-contents-event-fire-crash.html fast/dom/Range/range-extract-contents-event-fire-crash2.html * dom/Range.cpp: (WebCore::childOfCommonRootBeforeOffset): (WebCore::Range::processContents): (WebCore::Range::processContentsBetweenOffsets): (WebCore::Range::processAncestorsAndTheirSiblings): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90087. 2011-06-29 Darin Adler <darin@apple.com> Reviewed by Dan Bernstein. [Mac] Use system cursors instead of custom bitmaps where possible https://bugs.webkit.org/show_bug.cgi?id=63679 * Resources/crossHairCursor.png: Removed. * Resources/notAllowedCursor.png: Removed. * WebCore.exp.in: Added wkCursor. * WebCore/WebCore.gyp/WebCore.gyp: Removed the two now-unused PNG files. * WebCore.xcodeproj/project.pbxproj: Ditto. * platform/mac/CursorMac.mm: (WebCore::Cursor::ensurePlatformCursor): Use NSCursor API for Cross, Hand, VerticalText, ContextMenu, Copy, and NotAllowed. Use wkCursor for Move, Alias, Progress, and the resize and panning cursors. * platform/mac/WebCoreSystemInterface.h: Added wkCursor. * platform/mac/WebCoreSystemInterface.mm: Ditto. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90068. 2011-06-23 Abhishek Arya <inferno@chromium.org> Reviewed by James Robinson. In RenderBlock, RenderWidget and RenderReplaced destroy functions, call dirtyLinesFromChangedChild to tell our parent that we are going away. https://bugs.webkit.org/show_bug.cgi?id=60307 Test: fast/block/child-not-removed-from-parent-lineboxes-crash.html fast/block/block-not-removed-from-parent-lineboxes-crash.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::destroy): * rendering/RenderReplaced.cpp: (WebCore::RenderReplaced::destroy): * rendering/RenderReplaced.h: * rendering/RenderWidget.cpp: (WebCore::RenderWidget::destroy): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 90038. 2011-06-29 Darin Adler <darin@apple.com> Reviewed by Anders Carlsson. [WebKit2] Crash loading page that adds/removes frame in DOMContentLoaded/loaded https://bugs.webkit.org/show_bug.cgi?id=63483 Test: fast/loader/create-frame-in-DOMContentLoaded.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::init): Added an assertion. (WebCore::FrameLoader::finishedLoadingDocument): Removed a non-helpful #if statement. The rule that we do not call the client when creating the initial empty document was nominally specific to Windows and Chromium but is needed for all platforms. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89836. 2011-06-27 Abhishek Arya <inferno@chromium.org> Reviewed by Simon Fraser. Fix removal of overhanging floats on style changes to absolute/fixed position. https://bugs.webkit.org/show_bug.cgi?id=63355 1. If we are not currently positioned. 2. And we are not floating. (If we are floating, then this will be automatically done in RenderBox::styleWillChange as part of removeFloatingOrPositionedChildFromBlockLists) 3. And we have overhanging floats from previous sibling blocks. 4. And our new new style tells that we will have absolute or fixed position. Then, we mark all our descendants with floats for layout. This will make sure that overhanging floats are removed. Also, it is important to do that since if that previous sibling block goes away, it is not able to tell us that to remove those floats thinking that being a positioned block, we should have removed them already. Tests: fast/block/float/intruding-float-add-in-sibling-block-on-static-position.html fast/block/float/intruding-float-add-in-sibling-block-on-static-position2.html fast/block/float/intruding-float-remove-from-sibling-block-on-absolute-position.html fast/block/float/intruding-float-remove-from-sibling-block-on-absolute-position2.html fast/block/float/intruding-float-remove-from-sibling-block-on-fixed-position.html fast/block/float/intruding-float-remove-from-sibling-block-on-fixed-position2.html fast/block/float/overhanging-float-add-in-static-position-block.html fast/block/float/overhanging-float-add-in-static-position-block2.html fast/block/float/overhanging-float-remove-from-absolute-position-block.html fast/block/float/overhanging-float-remove-from-absolute-position-block2.html fast/block/float/overhanging-float-remove-from-fixed-position-block.html fast/block/float/overhanging-float-remove-from-fixed-position-block2.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::styleWillChange): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89831. 2011-06-27 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Kent Tamura. Crash in TextIterator https://bugs.webkit.org/show_bug.cgi?id=63334 Fix a crash in TextIterator. Keep m_sortedTextBoxes and renderer consistent and check !m_offset when handling first letter. Also add more assertions to help detecting similar bugs. Test: editing/text-iterator/first-letter-rtl-crash.html * editing/TextIterator.cpp: (WebCore::TextIterator::handleTextNode): (WebCore::TextIterator::emitText): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89780. 2011-06-26 Adam Barth <abarth@webkit.org> Reviewed by Kent Tamura. m_formElementsWithFormAttribute doesn't ref the objects it holds https://bugs.webkit.org/show_bug.cgi?id=62956 Test: fast/forms/form-associated-element-crash3.html * dom/Document.h: 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89769. 2011-06-26 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. With word-break: break-all, words do not break correctly before a surrogate pair https://bugs.webkit.org/show_bug.cgi?id=63401 The code to check for mid-word breaks accumulates width one character at a time. It was actually measuring the two parts of the surrogate pair individually, so they appeared to have zero width. Fixed by checking for surrogate pairs and measuring the pair as one unit. Test: fast/text/midword-break-before-surrogate-pair.html * rendering/RenderBlockLineLayout.cpp: (WebCore::RenderBlock::LineBreaker::nextLineBreak): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89595. 2011-06-23 Abhishek Arya <inferno@chromium.org> Reviewed by Adam Barth. RefPtr m_style in MediaQueryEvaluator in case of callers like MediaQueryMatcher::prepareEvaluator that do not retain its reference. https://bugs.webkit.org/show_bug.cgi?id=63264 Test: fast/css/media-query-evaluator-crash.html * css/MediaQueryEvaluator.cpp: (WebCore::MediaQueryEvaluator::eval): * css/MediaQueryEvaluator.h: 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89492. 2011-06-22 Annie Sullivan <sullivan@chromium.org> Reviewed by Ryosuke Niwa. REGRESSION: Hitting enter in the middle of this span causes the cursor to go to the end of the span https://bugs.webkit.org/show_bug.cgi?id=61594 When the tree is split at the cursor in InsertParagraphSeparatorCommand, it is possible for the position split at to be at the end of a text node. The code assumes the position is at the start of the node, so pass the correct node into splitTreeToNode() in that case. Tests: editing/inserting/return-key-before-br-in-span.html editing/inserting/return-key-middle-of-span.html * editing/InsertParagraphSeparatorCommand.cpp: (WebCore::InsertParagraphSeparatorCommand::doApply): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89474. 2011-06-22 Matthew Delaney <mdelaney@apple.com> Reviewed by Oliver Hunt. Canvas in layer obscures overlapping span https://bugs.webkit.org/show_bug.cgi?id=63161 Test: compositing/layer-creation/spanOverlapsCanvas.html * rendering/RenderLayer.cpp: Added checks for canvas to be layered properly. (WebCore::RenderLayer::shouldBeNormalFlowOnly): (WebCore::RenderLayer::isSelfPaintingLayer): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89397. 2011-06-21 Matthew Delaney <mdelaney@apple.com> Reviewed by Simon Fraser. beginTransparencyLayer leaves context color out of sync, bleeds color into text https://bugs.webkit.org/show_bug.cgi?id=63093 Test: fast/css/color-leakage.html * platform/graphics/cg/GraphicsContextCG.cpp: Swap out CGContextSave/Restore with GraphicsContext::save/restore to keep the context in sync with its CG context (WebCore::GraphicsContext::beginTransparencyLayer): Added save(), removed redundant calls. (WebCore::GraphicsContext::endTransparencyLayer): Added restore(), removed redundant calls. 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89313. 2011-06-20 Tim Horton <timothy_horton@apple.com> Reviewed by Darin Adler. Incorrect clamping on SVG masks when root element is not located at (0,0) https://bugs.webkit.org/show_bug.cgi?id=63019 We should be using frameRect(), not contentBoxRect() for the rect to clamp to when creating an SVG mask image. Test: svg/custom/absolute-root-position-masking.xhtml * rendering/svg/SVGImageBufferTools.cpp: (WebCore::SVGImageBufferTools::clampedAbsoluteTargetRectForRenderer): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89165. 2011-06-17 Abhishek Arya <inferno@chromium.org> Reviewed by Dave Hyatt. When we lose ability to propagate floats, need to find topmost parent with that overhanging float, and then iterate over its sibling blocks to remove the float. https://bugs.webkit.org/show_bug.cgi?id=62875 Test: fast/block/float/float-not-removed-from-next-sibling5.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::styleDidChange): (WebCore::RenderBlock::hasOverhangingFloat): * rendering/RenderBlock.h: 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 89067. 2011-06-16 Abhishek Arya <inferno@chromium.org> Reviewed by Adam Barth. RefPtr frame since it can get removed in FrameLoader::finishedParsing. https://bugs.webkit.org/show_bug.cgi?id=62812 Tests: already tested by fast/parser/document-write-into-initial-document.html. * dom/Document.cpp: (WebCore::Document::finishedParsing): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 88987. 2011-06-15 Abhishek Arya <inferno@chromium.org> Reviewed by Antti Koivisto. Revert speculative fix in r84151. It caused some issues with stylesheet lifetimes. https://bugs.webkit.org/show_bug.cgi?id=62586 Tests: fast/dom/body-clone-link-decl-parent-crash.html fast/dom/styled-clone-inline-style-decl-parent-crash.html fast/dom/styled-not-in-document-clone-inline-style-decl-parent-crash.html * dom/Document.cpp: (WebCore::Document::removedLastRef): 2011-07-21 Lucas Forschler <lforschler@apple.com> Merged 88601. 2011-06-10 Abhishek Arya <inferno@chromium.org> Reviewed by Simon Fraser. Null parent element sheet pointers in CSSMutableStyleDeclaration consumers when removed from document, set them when reinserted into document. https://bugs.webkit.org/show_bug.cgi?id=62230 When a HTMLBodyElement, StyledElement are removed from document, we didn't clear out the parent pointers from their link, style declarations. These parent pointers pointed to the document's element sheet which will get removed when document is getting destroyed. It does make sense to clear out parent pointers when we are getting removed from document and readd them when we get inserted again. Tests: fast/dom/body-link-decl-parent-crash.html fast/dom/styled-inline-style-decl-parent-crash.html * dom/StyledElement.cpp: (WebCore::StyledElement::insertedIntoDocument): (WebCore::StyledElement::removedFromDocument): * dom/StyledElement.h: * html/HTMLBodyElement.cpp: (WebCore::HTMLBodyElement::parseMappedAttribute): (WebCore::HTMLBodyElement::insertedIntoDocument): (WebCore::HTMLBodyElement::removedFromDocument): (WebCore::HTMLBodyElement::didMoveToNewOwnerDocument): * html/HTMLBodyElement.h: 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 88549. 2011-06-10 James Simonsen <simonjam@chromium.org> Reviewed by Tony Gentilcore. Don't execute scripts in shadow SVG. https://bugs.webkit.org/show_bug.cgi?id=62225 Test: svg/dom/use-style-recalc-script-execute-crash.html * dom/ScriptElement.cpp: (WebCore::ScriptElement::prepareScript): 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 88456. 2011-06-08 Abhishek Arya <inferno@chromium.org> Reviewed by Ryosuke Niwa. Make indexForVisiblePosition and isSelectableElement static. https://bugs.webkit.org/show_bug.cgi?id=62329 This protects us when converting frame->selection->start() or end() to VisiblePosition which blows away the RenderTextControl from underneath (due to layout update). Test: fast/forms/text-control-selection-crash.html * accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::indexForVisiblePosition): * rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::selectionStart): (WebCore::RenderTextControl::selectionEnd): (WebCore::RenderTextControl::isSelectableElement): (WebCore::RenderTextControl::indexForVisiblePosition): * rendering/RenderTextControl.h: 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 88277. 2011-06-07 Abhishek Arya <inferno@chromium.org> Reviewed by Dan Bernstein. Replicate WidthIterator.cpp fix from r88139. https://bugs.webkit.org/show_bug.cgi?id=62238 No new tests. Covered by existing layout tests on XP debug bots. * platform/graphics/win/UniscribeController.cpp: (WebCore::UniscribeController::advance): 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 88137. 2011-06-05 Kent Tamura <tkent@chromium.org> Reviewed by Dimitri Glazkov. Rolling out r84528. http://trac.webkit.org/changeset/84528 https://bugs.webkit.org/show_bug.cgi?id=62100 It made several problems on elements with new shadow DOM. * dom/Element.cpp: (WebCore::Element::copyNonAttributeProperties): 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 88071. 2011-06-03 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. DOMWindow::setLocation doesn't understand that DOMWindow can be inactive https://bugs.webkit.org/show_bug.cgi?id=62057 This code gets confused when dealing with inactive DOMWindows. We should just block inactive DOMWindows because there's no compatibility reason to support them in this code path. Test: http/tests/security/xss-DENIED-contentWindow-eval.html * page/DOMWindow.cpp: (WebCore::DOMWindow::isInsecureScriptAccess): 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 87827. 2011-06-01 Abhishek Arya <inferno@chromium.org> Reviewed by Antti Koivisto. Do not use the pushed style selector if it is not equal to the parent document's style selector. It usually means that it is in a bad state, e.g. already cleared. https://bugs.webkit.org/show_bug.cgi?id=61737 * dom/Element.cpp: (WebCore::StyleSelectorParentPusher::~StyleSelectorParentPusher): 2011-07-20 Lucas Forschler <lforschler@apple.com> Merged 87743. 2011-05-31 Abhishek Arya <inferno@chromium.org> Reviewed by Dimitri Glazkov. Improve hasMediaControls logic to check that node has media controls. This can be false when cloning nodes. https://bugs.webkit.org/show_bug.cgi?id=61765 Test: media/media-controls-clone-crash.html * dom/Node.h: (WebCore::Node::isMediaControls): * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaControls): (WebCore::HTMLMediaElement::hasMediaControls): * html/shadow/MediaControls.h: (WebCore::MediaControls::isMediaControls): (WebCore::toMediaControls): 2011-07-27 Lucas Forschler <lforschler@apple.com> Merged 89748. 2011-05-20 Abhishek Arya <inferno@chromium.org> Reviewed by Kent Tamura. Make auto-focus a post attach callback in HTMLFormControlElement::attach(). https://bugs.webkit.org/show_bug.cgi?id=32882 Original patch by Darin Adler. This one uses a part of it. Test: fast/forms/input-element-attach-crash.html * dom/Document.cpp: (WebCore::Document::recalcStyle): Make sure that m_inStyleRecalc is already false by the time post-attach callbacks are done so that layout triggered inside those callbacks can work properly. * html/HTMLFormControlElement.cpp: (WebCore::shouldAutofocus): Helper function that expresses the rule for which form control elements should auto-focus. (WebCore::focusPostAttach): Called post-attach to focus an element if we discover it should be focused during attach. (WebCore::HTMLFormControlElement::attach): Refactored code for which elements need auto-focus into a separate function. Instead of focusing right away, use the focusPostAttach function to focus after attach is done. Also added calls to suspendPostAttachCallbacks and resumePostAttachCallbacks so post-attach callbacks happen late enough. Before, they could run inside the base attach function. * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::attach): Added calls to suspendPostAttachCallbacks and resumePostAttachCallbacks so post-attach callbacks happen late enough 2011-06-27 Lucas Forschler <lforschler@apple.com> Merged 89748. 2011-06-25 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. SOFT_LINK_POINTER_OPTIONAL isn't optional. https://bugs.webkit.org/show_bug.cgi?id=63378 Continuation of r89718. SOFT_LINK_POINTER_OPTIONAL should check the value returned by dlsym before dereferencing it. * platform/mac/SoftLinking.h: 2011-06-27 Lucas Forschler <lforschler@apple.com> Merged 89718. 2011-06-24 Jer Noble <jer.noble@apple.com> Reviewed by Eric Carlson. Safari will quit unexpectedly when launching Safari in the first time (crash in initQTSecurityPolicyNoLocalToRemoteSiteAttribute) https://bugs.webkit.org/show_bug.cgi?id=63332 <rdar://problem/9661650> No new tests; Only affects machines with QTKit < 7.6.3 installed. Check to see if QTSecurityPolicyNoRemoteToLocalSiteAttribute is non-NULL before passing it into -[QTMovie initWithAttributes:], as it is only defined in QTKit >= 7.6.3. If it is NULL, pass QTSecurityPolicyNoCrossSiteAttribute=YES instead, which has the same effect in earlier versions of QTKit as the NoLocalToRemote and NoRemoteToLocal keys. To avoid ASSERTs when running debug builds with earlier versions of QTKit, add a SOFT_LINK_POINTER_OPTIONAL macro to SoftLinking.h and make these keys optional. * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: (WebCore::MediaPlayerPrivateQTKit::commonMovieAttributes): * platform/mac/SoftLinking.h: Add SOFT_LINK_POINTER_OPTIONAL macro. 2011-06-24 Lucas Forschler <lforschler@apple.com> Merged 89714. 2011-06-24 Alexey Proskuryakov <ap@apple.com> Rubber-stamped by Maciej Stachowiak. REGRESSION (r88984): Infinite recursion in DocumentLoader::detachFromFrame/stopLoading No new tests, as there is no known way to reproduce this (but we'll keep investigating, as the rollout will re-introduce the older less frequent crash). * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Rollout the fix for bug 62764. 2011-06-14 Lucas Forschler <lforschler@apple.com> Rolled out 89080. 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88984. 2011-06-15 Sam Weinig <sam@webkit.org> Reviewed by Alexey Proskuryakov. Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache https://bugs.webkit.org/show_bug.cgi?id=62764 This is an non-reproducible high volume crash, so no test :(. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Be conservative and stop loading when we detach a document loader from a frame. 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88982. 2011-06-15 Beth Dakin <bdakin@apple.com> Reviewed by Simon Fraser. https://bugs.webkit.org/show_bug.cgi?id=62746 Crash possible when switching scrollbar appearance preference on Mac -and corresponding- <rdar://problem/9323983> This crash happens because the current mechanism that is intended to flag ScrollAnimators as being in the page cache or not does not work correctly. Long-term the fix for this is to move the ScrollableArea HashSet to a more appropriate place. In the meantime, this patch addresses the crash by getting rid of the m_isActive bool on ScrollAnimator that was intended to represent whether or not the ScrollableArea is in the page cache. Instead, ScrollableArea implementations now have their own functions to compute whether they are in active pages. ScrollAnimator::setIsActive() needs to be kept around even though there is no bool to flip anymore because scrollbars may need to be properly updated if the appearance was switched while the document was in the page cache. No longer call FrameView::setAnimatorsAreActive() from Document::setIsInPageCache(), instead call it in Document::documentDidBecomeActive() * dom/Document.cpp: (WebCore::Document::setInPageCache): (WebCore::Document::documentDidBecomeActive): ScrollableAreas can now assess whether or not they are on active pages (ie, not in the page cache). * platform/ScrollableArea.h: (WebCore::ScrollableArea::isOnActivePage): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::isOnActivePage): * rendering/RenderLayer.h: * rendering/RenderListBox.cpp: (WebCore::RenderListBox::isOnActivePage): * rendering/RenderListBox.h: A FrameView cannot access its Document when it's in the page cache, so it usually determines whether it's in the page cache by checking if its frame points to a FrameView other than itself. * page/FrameView.cpp: (WebCore::FrameView::isOnActivePage): Make sure ScrollableAreas are on active pages before setting them as active. This will not be necessary when the HashSet become a per-web page HashSet. (WebCore::FrameView::setAnimatorsAreActive): * page/FrameView.h: ScrollAnimator no longer tracks the m_isActive bool. * platform/ScrollAnimator.cpp: (WebCore::ScrollAnimator::ScrollAnimator): * platform/ScrollAnimator.h: (WebCore::ScrollAnimator::setIsActive): setIsActive() now exclusively calls updateScrollStyle() if there is a pending need to do so. * platform/mac/ScrollAnimatorMac.h: * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::setIsActive): Return early if the ScrollableArea is in the page cache. (WebCore::ScrollAnimatorMac::updateScrollerStyle): 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88948. 2011-06-15 Jer Noble <jer.noble@apple.com> Reviewed by Timothy Hatcher. Full-screen live streams have status text in wrong location https://bugs.webkit.org/show_bug.cgi?id=62733 Fix a misspelling in the user-agent stylesheet for full-screen mode. * css/fullscreenQuickTime.css: (video:-webkit-full-screen::-webkit-media-controls-status-display): 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88945. 2011-06-14 Jer Noble <jer.noble@apple.com> Reviewed by Eric Carlson. (AVFoundation) Apple event video appears as live stream and is not seekable https://bugs.webkit.org/show_bug.cgi?id=62694 No new tests; There are no media-player port specific tests yet. Work around a bug in apple.com live stream javascript controller library. When an AVAsset returns an indefinite time for its duration, return 0 if the asset has no tracks, and infinity otherwise. This keeps the apple.com controller from identifying the stored stream as a live stream. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration): 2011-06-16 Lucas Forschler <lforschler@apple.com> Merged 88830. 2011-06-14 Chris Fleizach <cfleizach@apple.com> Reviewed by David Kilzer. VoiceOver cannot navigate the iTunes album view table https://bugs.webkit.org/show_bug.cgi?id=62335 This is a regression from https://bugs.webkit.org/show_bug.cgi?id=57463. Part of that patch made a change so that an ARIA table will only look at it's children and grandchildren for possible rows. That however, doesn't allow arbitrary hierarchies to work with ARIA, like in iTunes album view. Test: platform/mac/accessibility/aria-grid-with-strange-hierarchy.html * accessibility/AccessibilityARIAGrid.cpp: (WebCore::AccessibilityARIAGrid::addChild): (WebCore::AccessibilityARIAGrid::addChildren): * accessibility/AccessibilityARIAGrid.h: 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88833. 2011-06-14 Stephanie Lewis <slewis@apple.com> Rubber stamped by Oliver Hunt. <rdar://problem/9511169> Update order files. Build system change, no change in functionality so no new tests. * WebCore.order: 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88591. 2011-06-09 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. REGRESSION: End of apple.com video in full-screen mode leads to unusable page. https://bugs.webkit.org/show_bug.cgi?id=62411 Test: fullscreen/full-screen-remove-ancestor-after.html The placeholder for RenderFullScreen was being created as a non-anonymous object, which led to the document's renderer being set to 0 when the placeholder was removed due to its parent being removed. Setting the placeholder to be anonymous, however, means that it will be coalesced with sibling anonymous blocks, so added the RenderFullScreenPlaceholder to the list of anonymous objects that are not considered anonymous blocks, to avoid the placeholder being so coalesced. To do so, made the placeholder object a true subclass, and add and override its destroy() function to notify the RenderFullScreen object that it has been destroyed. * rendering/RenderFullScreen.cpp: (RenderFullScreenPlaceholder::RenderFullScreenPlaceholder): Added. (RenderFullScreenPlaceholder::~RenderFullScreenPlaceholder): Added. (RenderFullScreenPlaceholder::isRenderFullScreenPlaceholder): Added. (RenderFullScreenPlaceholder::destroy): Notify the owner renderer that its placeholder has been destroyed. (RenderFullScreen::destroy): Assert that the m_placeholder ivar is 0 after destroying it. (RenderFullScreen::setPlaceholder): Added. (RenderFullScreen::createPlaceholder): Do not make the placeholder anonymous. * rendering/RenderFullScreen.h: * rendering/RenderObject.h: (WebCore::RenderObject::isRenderFullScreenPlaceholder): Added. (WebCore::RenderObject::isAnonymousBlock): Added the placeholder class to the list of objects which are not anonymous blocks. 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88685. 2011-06-13 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Dan Bernstein. REGRESSION (r81518): Crash in makeRange() when invoking the dictionary panel over a file input https://bugs.webkit.org/show_bug.cgi?id=62544 Fixed the crash by adding null pointer checks. No new tests since there's no way to open dictionary panel. * dom/Position.cpp: (WebCore::Position::parentAnchoredEquivalent): * editing/VisiblePosition.cpp: (WebCore::makeRange): * page/Frame.cpp: (WebCore::Frame::rangeForPoint): 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88654. 2011-06-11 Jer Noble <jer.noble@apple.com> Reviewed by Anders Carlsson. Avoid flashing when exiting full-screen mode. https://bugs.webkit.org/show_bug.cgi?id=62338 No new tests; covered by the existing full-screen tests. Now that we are forcing a repaint inside of setRootFullScreenLayer() instead of during the next run loop, make sure that we have disabled animation before calling setRootFullScreenLayer() so that the RenderFullScreen renderer and its contents are painted. * dom/Document.cpp: (WebCore::Document::webkitDidEnterFullScreenForElement): 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88653. 2011-06-10 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. Flash of white on left and right edges of screen when showing fullscreen controller when movie doesn't fill the entire screen https://bugs.webkit.org/show_bug.cgi?id=62491 <rdar://problem/9584427> No new tests; should be covered by existing fullscreen pixel tests. On certain displays, when a RenderFullScreen renderer is created, it is large enough to trigger the creation of a tiled CALayer (instead of a normal CALayer). Painting in these layers necessarily happens asynchronously, so the flash is occurring because of the async painting of the RenderFullScreen renderer's background color. Since we know the RenderFullScreen does not otherwise paint its contents, we can add a special case in the RenderLayerBacking to set the GraphicsLayer contents to be the renderer's background color. Fill in support for creating a contentLayer to contain the background color inside GraphicsLayerCA. * platform/graphics/GraphicsLayer.h: (WebCore::GraphicsLayer::setContentsToBackgroundColor): Renamed from setContentsBackgroundColor to match the other setContentsTo... functions. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::setContentsToBackgroundColor): Added. Creates a contentsLayer to host the background color. (WebCore::GraphicsLayerCA::updateLayerBackgroundColor): Removed a comment only. * platform/graphics/ca/GraphicsLayerCA.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateGraphicsLayerConfiguration): Special case the RenderFullScreen renderer to call updateBackgroundColor. (WebCore::RenderLayerBacking::updateBackgroundColor): Added. (WebCore::RenderLayerBacking::containsPaintedContent): Tell the backing that the RenderFullScreen renderer does not paint its contents. * rendering/RenderLayerBacking.h: 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88629. 2011-06-12 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. REGRESSION (full screen video): Watch Again button is obscured after full screen playback ends at Apple trailers page https://bugs.webkit.org/show_bug.cgi?id=62507 No new tests; DRT would have to be modified to delay between receiving exitFullScreenForElement() and calling webkitWillExitFullScreenForElement() to be able to test this. If the full-screen element is removed, and webkitWillExitFullScreenForElement() is not called before fullScreenElementRemoved() returns, then ancestors of the full-screen element will not have their containsFullScreenElement property removed. To protect against this, reset the property by calling setContainsFullScreenElementRecursively() from within fullScreenElementRemoved(). * dom/Document.cpp: (WebCore::Document::fullScreenElementRemoved): Added call to setContainsFullScreenElementRecursively. 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88564. 2011-06-10 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. Null-check the layer owner again when painting layers https://bugs.webkit.org/show_bug.cgi?id=62473 Speculative fix for a crash that occurs when the layer's owner gets destroyed during painting. * platform/graphics/mac/WebLayer.mm: (drawLayerContents): 2011-06-14 Lucas Forschler <lforschler@apple.com> Merged 88528. 2011-06-09 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. REGRESSION: Vertical scroll bar appears when taking videos into full screen at jerryseinfeld.com https://bugs.webkit.org/show_bug.cgi?id=62402 Sites are able to override the "overflow:hidden" rule for root full-screen nodes simply by adding a "html {}" rule. Make this rule !important, and also make it apply to root nodes who are merely ancestors of full-screen elements, to cover the case of a root node containing an <iframe> whose contents have gone full-screen. * css/fullscreen.css: (:root:-webkit-full-screen-document:not(:-webkit-full-screen), :root:-webkit-full-screen-ancestor): Apply the overflow rule to root elements who are full-screen ancestors, and make them !important. 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 88468. 2011-06-02 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. REGRESSION: Page layout messed up after exiting full screen after video ends at jerryseinfeld.com https://bugs.webkit.org/show_bug.cgi?id=61911 <rdar://problem/9523017> Test: fullscreen/full-screen-video-offset.html When the video element is taken full-screen in the new element full-screen API, return the offset width and height of the placeholder renderer which is filling in for the full-screen element. To do so, override offsetWidth, Height, Left, and Top from Element. These are non-virtual functions, so make them virtual. * dom/Element.cpp: (WebCore::Element::adjustForLocalZoom): Made into a class-static function. * dom/Element.h: Made offset functions virtual. * html/HTMLMediaElement.cpp: (WebCore::elementPlaceholder): Added; utility function. (WebCore::HTMLMediaElement::offsetLeft): Added; virtual override of the Element function. Will be called directly via javascript. (WebCore::HTMLMediaElement::offsetTop): Ditto. (WebCore::HTMLMediaElement::offsetWidth): Ditto. (WebCore::HTMLMediaElement::offsetHeight): Ditto. * html/HTMLMediaElement.h: 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 88475. 2011-06-09 Simon Fraser <simon.fraser@apple.com> Reviewed by Darin Adler. Crashes in RenderLayerBacking::paintingGoesToWindow https://bugs.webkit.org/show_bug.cgi?id=61159 Speculative fix for unreproducible crash that can occur when RenderObject::repaintUsingContainer() finds a repaintContainer that is not the RenderView, but that is also not composited (for unknown reasons), by checking to see if the layer is compositing before using backing(). An assertion remains to try to catch this in debug builds. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::setBackingNeedsRepaintInRect): 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 88279. 2011-06-07 Jer Noble <jer.noble@apple.com> Reviewed by Eric Carlson. Video with poster attribute will not display new frames when scrubbing. https://bugs.webkit.org/show_bug.cgi?id=62036 Remove our "detection" about the end of a scrub now that there is an explicit seek completion handler available in AVFoundation. Move what we used to do upon detection in timeChanged() into seekCompleted(). * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::timeChanged): (WebCore::MediaPlayerPrivateAVFoundation::seekCompleted): 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88261. 2011-06-07 Michael Saboff <msaboff@apple.com> Reviewed by Geoffrey Garen. Need to enable font cache purging in MemoryPressureHandler https://bugs.webkit.org/show_bug.cgi?id=62060 Improve memory usage under pressure. Added call to fontCache()->purgeInactiveFontData() in MemoryPressureHandler::respondToMemoryPressure(). Added protection to MemoryPressureHandler::install() being called multiple times. No new tests as funtionality wasn't changed. * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::MemoryPressureHandler): * platform/MemoryPressureHandler.h: * platform/mac/MemoryPressureHandlerMac.mm: (WebCore::MemoryPressureHandler::install): (WebCore::MemoryPressureHandler::respondToMemoryPressure): 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88269. 2011-06-07 Brian Weinstein <bweinstein@apple.com> Build fix after r88260. * platform/graphics/win/FontCacheWin.cpp: (WebCore::FontCache::getFontDataForCharacters): Update to use enum instead of bool. * platform/graphics/wince/FontCacheWinCE.cpp: 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88260. 2011-06-07 Michael Saboff <msaboff@apple.com> Reviewed by Geoffrey Garen. Need to enable font cache purging in MemoryPressureHandler https://bugs.webkit.org/show_bug.cgi?id=62060 Improve memory usage under pressure. Added call to fontCache()->purgeInactiveFontData() in MemoryPressureHandler::respondToMemoryPressure(). Added protection to MemoryPressureHandler::install() being called multiple times. No new tests as funtionality wasn't changed. * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::MemoryPressureHandler): * platform/MemoryPressureHandler.h: * platform/mac/MemoryPressureHandlerMac.mm: (WebCore::MemoryPressureHandler::install): (WebCore::MemoryPressureHandler::respondToMemoryPressure): 2011-06-07 Michael Saboff <msaboff@apple.com> Reviewed by Geoffrey Garen. Fonts returned by FontCache::getFontDataForCharacters() are never released https://bugs.webkit.org/show_bug.cgi?id=61875 This change allows fonts allocated as system fallback fonts to be released. Previously, the reference counts for these fonts grew without bound. This is implemented as an auto release class that wraps accesses to the cache for system fallback fonts. All such accesses are via the method FontCache::getFontDataForCharacters. The new class is called FontCachePurgePreventer. When such an object exists, it protects these fonts from deletion. Most accesses to the font cache still use the reference counting implemented by FontCache::getCacheFontData() and FontCache::releaseFontData() and that operation is not affected by this change. Added local scoped instance of FontCachePurgePreventer to wrap code that directly or indirectly accesses fonts via getFontDataForCharacters. Did a few other miscellaneous bug fixes and changes to allow system fallback fonts to be pruned from the GlyphPageTree. Changed the calls to getFontData in the platform specific versions of Fontcache::getFontDataForCharacters to not increment the reference count. Moved the purge font check outside of FontCache::getCachedFontData() into a separate method, purgeInactiveFontDataIfNeeded() since almost all calls to getCachedFontData() now happen when purging is not allowed. purgeInactiveFontDataIfNeeded is invoked in enablePurging() when m_purgePreventCount is 0. No new test as the functionality has not changed. Improved font life cycle management. * WebCore.exp.in: Added FontCache::purgeInactiveFontDataIfNeeded(). * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::measureText): (WebCore::CanvasRenderingContext2D::drawTextInternal): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in these methods. * page/FrameView.cpp: (WebCore::FrameView::layout): (WebCore::FrameView::paintContents): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in these methods. * platform/graphics/FontCache.cpp: (WebCore::FontCache::FontCache): (WebCore::FontCache::getCachedFontData): Moved purge check to new method since it likely can't happen here. (WebCore::FontCache::releaseFontData): (WebCore::FontCache::purgeInactiveFontDataIfNeeded): (WebCore::FontCache::purgeInactiveFontData): Made purging conditional on m_purgePreventCount. Now some fonts in the cache are reference counted while other can be purged outside of code wrapped by in scope FontCachePurgePreventer objects. * platform/graphics/FontCache.h: (WebCore::FontCache::disablePurging): (WebCore::FontCache::enablePurging): (WebCore::FontCachePurgePreventer::FontCachePurgePreventer): (WebCore::FontCachePurgePreventer::~FontCachePurgePreventer): Added new simple purge prevention wrapper class and methods that it calls in FontCache actually prevent purging. The simple methods inlined to reduce overhead. * platform/graphics/FontFastPath.cpp: (WebCore::Font::glyphDataForCharacter): Update level in glyph page tree for system fallback fonts so pruning works. * platform/graphics/GlyphPage.h: (WebCore::GlyphPage::clearForFontData): New method used for pruning * platform/graphics/GlyphPageTreeNode.cpp: (WebCore::GlyphPageTreeNode::pruneFontData): Now we prune system fallback fonts. * platform/graphics/chromium/FontCacheChromiumWin.cpp: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/freetype/FontCacheFreeType.cpp: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/haiku/FontCacheHaiku.cpp: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/mac/FontCacheMac.mm: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/qt/FontCacheQt.cpp: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/win/FontCacheWin.cpp: (WebCore::FontCache::getFontDataForCharacters): * platform/graphics/wince/FontCacheWinCE.cpp: * platform/graphics/wx/FontCacheWx.cpp: (WebCore::FontCache::getFontDataForCharacters): Changed the calls to getFontData() to not increment the reference count. The caller of this getFontDataForCharacters() (currently only Font::glyphDataForCharacter() in fontFastPath.cpp) and it's callers don't attempt to release the returned fonts so we use the purge protection described above. * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::selectionRect): (WebCore::InlineTextBox::offsetForPosition): (WebCore::InlineTextBox::positionForOffset): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in these methods. * rendering/RenderImage.cpp: (WebCore::RenderImage::setImageSizeForAltText): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in this method. * rendering/RenderListBox.cpp: (WebCore::RenderListBox::updateFromElement): (WebCore::RenderListBox::paintItemForeground): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in these methods * rendering/svg/SVGInlineTextBox.cpp: (WebCore::SVGInlineTextBox::selectionRectForTextFragment): Wrapped code accessing fallback fonts with local FontCachePurgePreventer in this method. 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88123. 2011-06-04 Darin Adler <darin@apple.com> Reviewed by Anders Carlsson. [Mac WebKit2] REGRESSION (r86692): Synchronous XMLHttpRequest hangs in credential shim (affects Netgear ReadyNAS admin page) https://bugs.webkit.org/show_bug.cgi?id=62094 rdar://problem/9539204 * WebCore.exp.in: Export ResourceHandle::synchronousLoadRunLoopMode. * platform/network/ResourceHandle.h: Add synchronousLoadRunLoopMode. * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::synchronousLoadRunLoopMode): Added. (WebCore::ResourceHandle::loadResourceSynchronously): Call synchronousLoadRunLoopMode. * platform/network/mac/ResourceHandleMac.mm: (WebCore::ResourceHandle::synchronousLoadRunLoopMode): Added. (WebCore::ResourceHandle::loadResourceSynchronously): Call synchronousLoadRunLoopMode. 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88121. 2011-06-04 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. WebKit2 needs to know when a scroll is happening due to the ScrollAnimator https://bugs.webkit.org/show_bug.cgi?id=62093 Add additional ChromeClient functions to indicate the beginning and end of the various ScrollAnimator animations. Change existing notification that a rubber-band has completed for the main frame to be triggered for all frames. * page/ChromeClient.h: (WebCore::ChromeClient::didStartRubberBandForFrame): (WebCore::ChromeClient::didCompleteRubberBandForFrame): (WebCore::ChromeClient::didStartAnimatedScroll): (WebCore::ChromeClient::didCompleteAnimatedScroll): * page/FrameView.cpp: (WebCore::FrameView::didStartRubberBand): (WebCore::FrameView::didCompleteRubberBand): (WebCore::FrameView::didStartAnimatedScroll): (WebCore::FrameView::didCompleteAnimatedScroll): * page/FrameView.h: * platform/ScrollableArea.h: (WebCore::ScrollableArea::didStartRubberBand): (WebCore::ScrollableArea::didStartAnimatedScroll): (WebCore::ScrollableArea::didCompleteAnimatedScroll): * platform/mac/ScrollAnimatorMac.h: * platform/mac/ScrollAnimatorMac.mm: (-[ScrollAnimationHelperDelegate _immediateScrollToPoint:]): (WebCore::ScrollAnimatorMac::scroll): (WebCore::ScrollAnimatorMac::immediateScrollToPointForScrollAnimation): (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired): 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88104. 2011-06-04 Jeffrey Pfau <jpfau@apple.com> Reviewed by Beth Dakin. Crash in WebCore::RenderMathMLSubSup::baselinePosition() https://bugs.webkit.org/show_bug.cgi?id=57897 Simple patch adding NULL checks in each function. Test: mathml/msubsup-remove-children.xhtml * rendering/mathml/RenderMathMLSubSup.cpp: (WebCore::RenderMathMLSubSup::stretchToHeight): (WebCore::RenderMathMLSubSup::baselinePosition): 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88080. 2011-06-03 Steve Falkenburg <sfalken@apple.com> Reviewed by Brian Weinstein. HistoryItem children persist across page loads https://bugs.webkit.org/show_bug.cgi?id=62071 <rdar://problem/9552129> Not testable since there's no way to check for the presence/absence of children for a HistoryItem. * history/HistoryItem.cpp: (WebCore::HistoryItem::reset): Call clearChildren when we're reusing a HistoryItem. 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 88034. Note: The original change applied to trunk was refactored from Node.cpp into NodeRenderingContext.cpp. The branch was taken before refactoring, thus this patch was manually applied to Node.cpp. 2011-06-01 Jer Noble <jer.noble@apple.com> Reviewed by Simon Fraser. Flash of broken page when exiting full screen at jerryseinfeld.com https://bugs.webkit.org/show_bug.cgi?id=61897 <rdar://problem/9522985> Test: fullscreen/full-screen-placeholder.html Entering full-screen mode is causing the page layout to change because the full-screen element is taken out of the normal flow. To counteract this effect, insert a placeholder block as a parent of the full-screen renderer with the same size and style as the full-screen element pre-full-screen. Only create a placeholder for block-level elements; the technique required for inline elements would be vastly more complicated. * dom/Document.cpp: (WebCore::Document::webkitWillEnterFullScreenForElement): Create a placeholder based on the size and style of the full-screen element. (WebCore::Document::setFullScreenRenderer): Persist the placeholder size and style across new renderers. * rendering/RenderFullScreen.cpp: (RenderFullScreen::RenderFullScreen): Added ivar. (RenderFullScreen::destroy): Make sure to safely destroy our placeholder. (RenderFullScreen::createPlaceholder): Added. * rendering/RenderFullScreen.h: (WebCore::RenderFullScreen::placeholder): Ivar accessor. 2011-06-07 Lucas Forschler <lforschler@apple.com> Merged 87959. 2011-06-02 Brady Eidson <beidson@apple.com> Reviewed by Oliver Hunt. <rdar://problem/9539920> and https://bugs.webkit.org/show_bug.cgi?id=61950 Repro crash loading certain webarchives after r87566. Test: webarchive/loading/javascript-url-iframe-crash.html * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeIfJavaScriptURL): DocumentWriter::replaceDocument can cause the DocumentLoader to be destroyed, so protect it with a Ref here. 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 87856. 2011-06-01 Chris Fleizach <cfleizach@apple.com> Reviewed by Darin Adler. Safari always crashes on http://bbc.co.uk when VoiceOver enabled https://bugs.webkit.org/show_bug.cgi?id=61886 This crash can happen on webpages that remove an element from the DOM when the element receives focus. When AppKit goes to post a notification to inform VoiceOver the focus has changed, it asks for the AXFocusedUIElement. However by posting that notification, a render tree update is performed. This causes the element to disappear, but AppKit still has a handle to it and continues to try to reference it. When the autorelease pool pops, the reference goes bad. To fix, the root element, the AccessibilityScrollView, needs to implement updateBackingStore(), otherwise this method will not be called in time. No test could be created because to cause it depends on an internal AppKit mechanism that is only triggered remotely through the accessibility runtime. * accessibility/AccessibilityObject.cpp: (WebCore::AccessibilityObject::updateBackingStore): * accessibility/AccessibilityObject.h: * accessibility/AccessibilityRenderObject.cpp: * accessibility/AccessibilityRenderObject.h: 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 87844. 2011-06-01 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. Page layout messed up after exiting full screen at Apple trailers page https://bugs.webkit.org/show_bug.cgi?id=61755 <rdar://problem/9525277> Test: fullscreen/full-screen-zIndex-after.html Fix the incomplete implementation of r87660. Make parameters to setContainsFullScreenElementRecursively() in webkitWillExitFullScreenForElement() match those in webkitWillEnterFullScreenForElement(), so the ancestors' flags do not become inconsistent.. * dom/Document.cpp: (WebCore::Document::webkitWillExitFullScreenForElement): 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 87768. 2011-05-31 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. Flash of black at the end of full screen transition at apple.com product videos https://bugs.webkit.org/show_bug.cgi?id=61756 Added two new entries to the WebCore exports list. * WebCore.exp.in: 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 87704. 2011-05-30 Eric Carlson <eric.carlson@apple.com> Reviewed by Alexey Proskuryakov. Audio and video files saved to the Application Cache should preserve the original file extension https://bugs.webkit.org/show_bug.cgi?id=61750 <rdar://9524922> No new tests, it isn't possible to check the name of the file in the cache from within DRT. Changes verified manually. * loader/appcache/ApplicationCacheStorage.cpp: (WebCore::ApplicationCacheStorage::store): Append the original file extension to the cache file name. (WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory): Add extension parameter. * loader/appcache/ApplicationCacheStorage.h: 2011-06-02 Lucas Forschler <lforschler@apple.com> Merged 87703. 2011-05-30 Jer Noble <jer.noble@apple.com> Reviewed by Dan Bernstein. Play/Pause button in wrong state when entering full screen on Vimeo https://bugs.webkit.org/show_bug.cgi?id=61754 Update the play/pause button inside reset(). This ensures the button is in the correct state when the controls are created after playback has already started. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::reset): 2011-05-30 Mark Rowe <mrowe@apple.com> Merge r87692. 2011-05-30 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler and Simon Fraser. REGRESSION (r87622): Scrubbing a Vimeo movie when in fullscreen stops playback; no way to make it start again https://bugs.webkit.org/show_bug.cgi?id=61717 rdar://problem/9522272 May be some good way to test this later. No immediate idea about the best way. When a media element is taken into full-screen mode, stop events from propagating outside the media element's shadow DOM, EventDispatcher::determineDispatchBehavior() has been changed to take a shadow root node. In our full screen media element check, we check to see if the passed shadow root is the shadow root of the full screen media element, and if so, specify events should StayInsideShadowDOM. The end result is that inside EventDispatcher::ensureEventAncestors, an ancestor chain is built up all the way from the SliderThumb to the video element's shadow root, but no further. * dom/EventDispatcher.cpp: (WebCore::EventDispatcher::determineDispatchBehavior): Restrict events to the shadow DOM when showing a full screen video. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::HTMLMediaElement): Removed code to manage full screen controls. The events telling us about activity in the shadow DOM no longer bubble out so we need to handle this inside the shadow DOM on the root element. (WebCore::HTMLMediaElement::play): Ditto. (WebCore::HTMLMediaElement::playbackProgressTimerFired): Ditto. (WebCore::HTMLMediaElement::defaultEventHandler): Ditto. (WebCore::HTMLMediaElement::enterFullscreen): Ditto. (WebCore::HTMLMediaElement::exitFullscreen): Ditto. * html/HTMLMediaElement.h: Added isPlaying function, removed things moved to the root element. * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlVolumeSliderContainerElement::defaultEventHandler): Rolled out changes that tried to make special rules for events using preDispatchEventHandler and such. This rolls out both r87622 and r87655. (WebCore::MediaControlMuteButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlPanelMuteButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlPlayButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlSeekButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlRewindButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlReturnToRealtimeButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlToggleClosedCaptionsButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlTimelineElement::defaultEventHandler): Ditto. (WebCore::MediaControlVolumeSliderElement::defaultEventHandler): Ditto. (WebCore::MediaControlFullscreenButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMinButtonElement::defaultEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMaxButtonElement::defaultEventHandler): Ditto. * html/shadow/MediaControlElements.h: Ditto. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::MediaControlRootElement): Initialize new data members. (WebCore::MediaControlRootElement::playbackStarted): Start the timer so we will consider hiding the controls later. (WebCore::MediaControlRootElement::playbackProgressed): Hide the controls if the mouse is no longer over the controls. (WebCore::MediaControlRootElement::playbackStopped): Stop the timer since we only hide automatically if we're playing. (WebCore::MediaControlRootElement::enteredFullscreen): Start the timer. (WebCore::MediaControlRootElement::exitedFullscreen): Stop the timer since we only care if we are full screen. (WebCore::MediaControlRootElement::containsRelatedTarget): Added. Helper for next function. (WebCore::MediaControlRootElement::defaultEventHandler): Do the hide/show and timer functions as the mouse is moved in and out. (WebCore::MediaControlRootElement::startHideFullscreenControlsTimer): Start the timer if needed. (WebCore::MediaControlRootElement::hideFullscreenControlsTimerFired): Hide if the conditions are met. (WebCore::MediaControlRootElement::stopHideFullscreenControlsTimer): Stop the timer. * html/shadow/MediaControlRootElement.h: Added new functions and data members. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87657. 2011-05-29 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. <rdar://problem/9515650> 30 second rewind button obscured in fullscreen controller when video uses custom inline controls https://bugs.webkit.org/show_bug.cgi?id=61714 * dom/Document.cpp: (WebCore::Document::webkitDidEnterFullScreenForElement): Call didBecomeFullscreenElement() on the new full screen element. (WebCore::Document::webkitWillExitFullScreenForElement): Call willStopBeingFullscreenElement() on the full screen element. * dom/Element.h: (WebCore::Element::didBecomeFullscreenElement): Added with a default implementation that does nothing. (WebCore::Element::willStopBeingFullscreenElement): Ditto. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::didBecomeFullscreenElement): Added this override, which calls MediaControls::enteredFullscreen(). (WebCore::HTMLMediaElement::willStopBeingFullscreenElement): Added this override, which calls MediaControls::exitedFullscreen(). * html/HTMLMediaElement.h: * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlFullscreenButtonElement::preDispatchEventHandler): Removed calls to enteredFullscreen() and exitedFullscreen() from here, since they are now called in response to changes to the fullscreen-ness of the element. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87643. 2011-05-29 Darin Adler <darin@apple.com> Reviewed by Dan Bernstein. Fix assertion seen when entering full screen mode for standalone video https://bugs.webkit.org/show_bug.cgi?id=61708 We don't currently have a way to make a regression test for this. * dom/Document.cpp: (WebCore::Document::setAnimatingFullScreen): Call scheduleForcedStyleRecalc, because scheduleStyleRecalc is intended to only be called when the style system itself detects recalc is needed. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87660. 2011-05-29 Jer Noble <jer.noble@apple.com> Reviewed by Simon Fraser. Embedded Vimeo video, when taken fullscreen, is overlapped by content from the enclosing page https://bugs.webkit.org/show_bug.cgi?id=61712 Tests: fullscreen/full-screen-iframe-zIndex.html Walk up the ancestor chain for the full-screen element, marking them as full-screen ancestors. Then, we apply a pseudo-class to those elements, which disable all their stacking-context-creating styles. Set the z-index of all full-screen elements (and the iframes which contain them) to a large value, ensuring they appear above other sibling elements. This new behavior replaces the previous "-webkit-full-screen-media-document" behavior and pesudo-class, so remove it and replace it with the new pseudo-class. * css/CSSSelector.cpp: (WebCore::nameToPseudoTypeMap): Add -webkit-full-screen-ancestor and remove -webkit-full-screen-media-document. (WebCore::CSSSelector::pseudoId): Add PseudoFullScreenAncestor and remove PseudoFullScreenMediaDocument (WebCore::CSSSelector::extractPseudoType): Ditto. * css/CSSSelector.h: Ditto. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector): Remove the PseudoFullScreenMediaDocument implementation and replace it with PseudoFullScreenAncestor. * css/fullscreen.css: (:-webkit-full-screen): Add a z-index property. (:-webkit-full-screen-ancestor:not(iframe)): Added. Reset the z-index to auto, and reset other stacking-context creating properties. * dom/Document.cpp: (WebCore::Document::setContainsFullScreenElementRecursively): Recurse up every element instead of just the iframe elements. (WebCore::Document::webkitWillEnterFullScreenForElement): Ditto. * dom/Element.cpp: (WebCore::Element::willRemove): Reset our parent's containsFullScreenElement property. (WebCore::Element::insertedIntoTree): Ditto. (WebCore::Element::containsFullScreenElement): Moved here from HTMLElementBase. (WebCore::Element::setContainsFullScreenElement): Ditto. * dom/Element.h: * dom/ElementRareData.h: (WebCore::ElementRareData::ElementRareData): Added ivar and initializer for m_containsFullScreenElement. * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::HTMLFrameElementBase): Removed ivar and initializer. (WebCore::HTMLFrameElementBase::setContainsFullScreenElement): Moved into Element. * html/HTMLFrameElementBase.h: * rendering/style/RenderStyleConstants.h: 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87655. 2011-05-29 Darin Adler <darin@apple.com> Reviewed by Kevin Decker. REGRESSION (r87622): In media documents, clicking the full screen button and the play button pauses the video https://bugs.webkit.org/show_bug.cgi?id=61713 We need to come up with a way to regression-test these changes. Nothing at the moment. The bug is that we removed calls to preventDefault, but we still do need to prevent default handling of this event. * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlElement::preDispatchEventHandler): Add back the preventDefault that was in here before r87622 as well as the stopPropagation that was added in r87622. (WebCore::MediaControlMuteButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlPlayButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlSeekButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlRewindButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlReturnToRealtimeButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlToggleClosedCaptionsButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMinButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMaxButtonElement::preDispatchEventHandler): Ditto. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87661. 2011-05-29 Brian Weinstein <bweinstein@apple.com> Reviewed by Darin Adler. Controls never hide in full screen after user stops moving mouse https://bugs.webkit.org/show_bug.cgi?id=61715 <rdar://problem/9522182> When we get a mouse move event in HTMLMediaElement::defaultEventHandler, and we are in full screen, show the media controls, and then start a timer. The timer fires 3 seconds after the user's last mouse movement (timer is restarted on every mouse move), and hides the controls. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize our new timer. (WebCore::HTMLMediaElement::play): If we are in full screen mode, start our timer to hide the full screen controls. We don't want the user to have to move the mouse to hide them when they use the spacebar to play. (WebCore::HTMLMediaElement::startHideFullscreenControlsTimer): Starts a oneshot timer 3 seconds in the future if we are in full screen. (WebCore::HTMLMediaElement::hideFullscreenControlsTimerFired): Make sure that we are currently playing, and we are in full screen, and hide the controls. We don't want to hide the controls if we are paused. (WebCore::HTMLMediaElement::stopHideFullscreenControlsTimer): Stops the timer. (WebCore::HTMLMediaElement::defaultEventHandler): If we get a mouse move event and are in full screen, show the controls and start a timer to hide them. (WebCore::HTMLMediaElement::enterFullscreen): Start a timer to hide the full screen controls. The user shouldn't have the move the mouse once they enter full screen to hide the controls. (WebCore::HTMLMediaElement::exitFullscreen): Stop the timer to hide the full screen controls. * html/HTMLMediaElement.h: * html/shadow/MediaControls.h: Added pure virtual shouldHideControls() method. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::playbackStopped): Stop the timer to hide the full screen controls. (WebCore::MediaControlRootElement::shouldHideControls): Added, only report that the caller should hide the controls if the panel is not hovered. * html/shadow/MediaControlRootElement.h: 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87633. 2011-05-28 Alexey Proskuryakov <ap@apple.com> Suggested by Simon Fraser. REGRESSION (r85375): Load event is sometimes lost when multiple image elements use the same URL https://bugs.webkit.org/show_bug.cgi?id=61692 <rdar://problem/9488628> * loader/ImageLoader.cpp: (WebCore::ImageLoader::notifyFinished): There was no need to use ASSERT_UNUSED here. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87628. 2011-05-28 Alexey Proskuryakov <ap@apple.com> Reviewed by Geoff Garen. REGRESSION (r85375): Load event is sometimes lost when multiple image elements use the same URL https://bugs.webkit.org/show_bug.cgi?id=61692 <rdar://problem/9488628> Test: fast/dom/gc-image-element-2.html Manually verified that tests from bug 59604 and from bug 40926 still pass. The problem here was that HTMLImageElement::hasPendingActivity() could return false when a load (or error) event was still expected to fire. * loader/cache/CachedResource.cpp: (WebCore::CachedResource::setRequest): * loader/cache/CachedResource.h: (WebCore::CachedResource::wasCanceled): (WebCore::CachedResource::errorOccurred): Track whether the load was canceled. We want to always notify clients of load outcome, as that's the only way they could make intelligent decisions. * dom/ScriptElement.cpp: (WebCore::ScriptElement::execute): Cached resource clients now get a notifyFinished call on cancellation. Handle this case, where we don't need the execute the script, but also don't need to fire an error event. * html/HTMLImageElement.cpp: Moved hasPendingActivity() to header, since it's just a single function call now. * html/HTMLImageElement.h: (WebCore::HTMLImageElement::hasPendingActivity): There is a large window between when CachedResource::isLoading() becomes false and events are queued. ImageLoader::haveFiredLoadEvent() is a much better indication of whether we are expecting an event to fire. * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::onloadTimerFired): Again, don't do anything on cancellation. * loader/ImageLoader.cpp: (WebCore::ImageEventSender::hasPendingEvents): Made it debug-only again, and fixed to give an accurate result while looping over the list of events to dispatch. (WebCore::ImageLoader::notifyFinished): Don't do anything when cancelled. We don't want to switch to a broken image icon, or to dispatch events. (WebCore::ImageEventSender::dispatchPendingEvents): Clear the current loader from dispatching list, as the event is no longer pending when it's being dispatched. * loader/ImageLoader.h: Removed unnecessary hasPendingLoadEvent(). We don't care whether one is already pending, we only care if one is expected at some time in the future, and !haveFiredLoadEvent() is our best idea of that. * dom/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::notifyFinished): Another place to handle cancellation. 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87634. 2011-05-28 Steve Falkenburg <sfalken@apple.com> Reviewed by Dan Bernstein. Don't add sub-frames to global history when navigating via back/forward https://bugs.webkit.org/show_bug.cgi?id=61701 <rdar://problem/9521222> Instead of just checking whether the load is the first in the frame, we also need to check to make sure we're loading in the main frame. Not testable due to lack of global history infrastructure in DRT. * loader/FrameLoader.cpp: (WebCore::FrameLoader::transitionToCommitted): 2011-05-29 Mark Rowe <mrowe@apple.com> Merge r87639. 2011-05-29 Beth Dakin <bdakin@apple.com> Reviewed by Darin Adler. https://bugs.webkit.org/show_bug.cgi?id=61700 Need WebKit2 API to get the size of the render tree -and corresponding- <rdar://problem/9512733> New member variable on RenderArena keeps track of the current amount of memory allocated in the arena. The new client function sends this piece of data to WebKit. * page/ChromeClient.h: (WebCore::ChromeClient::setRenderTreeSize): * page/FrameView.cpp: (WebCore::FrameView::performPostLayoutTasks): * rendering/RenderArena.cpp: (WebCore::RenderArena::RenderArena): (WebCore::RenderArena::allocate): (WebCore::RenderArena::free): * rendering/RenderArena.h: (WebCore::RenderArena::totalRenderArenaSize): 2011-05-28 Mark Rowe <mrowe@apple.com> Merge r87622. 2011-05-28 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. Mouse clicks propagate outside full-screen media controls. https://bugs.webkit.org/show_bug.cgi?id=61689 Mouse click events are propagating out of the media controls, so mouse click listeners registered on the video element are getting fired when the user clicks on media controller buttons. By default, block propagation of click events from MediaControlElements by overriding preDispatchEventHandler, and convert all instances of defaultEventHandler -> preDispatchEventHandler. Change all calls of event->setDefaultHandled() to event->stopPropagation(). * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlElement::preDispatchEventHandler): Added. Block propagation of all mouse click events. (WebCore::MediaControlVolumeSliderContainerElement::preDispatchEventHandler): Renamed from setDefaultHandled. (WebCore::MediaControlMuteButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlPanelMuteButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlPlayButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlSeekButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlRewindButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlReturnToRealtimeButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlToggleClosedCaptionsButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlTimelineElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlVolumeSliderElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMinButtonElement::preDispatchEventHandler): Ditto. (WebCore::MediaControlFullscreenVolumeMaxButtonElement::preDispatchEventHandler): Ditto. * html/shadow/MediaControlElements.h: 2011-05-28 Mark Rowe <mrowe@apple.com> Merge r87598. 2011-05-27 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. CG BitmapImage needs to check for valid CGImage in a couple of places https://bugs.webkit.org/show_bug.cgi?id=61684 <rdar://problem/9519348> BitmapImage::getCGImageArray() can throw an exception if frameAtIndex() returns null, which it may do if the image is corrupted or still loading. Protect against that here and in getFirstCGImageRefOfSize(). * platform/graphics/cg/ImageCG.cpp: (WebCore::BitmapImage::getFirstCGImageRefOfSize): (WebCore::BitmapImage::getCGImageArray): 2011-05-28 Mark Rowe <mrowe@apple.com> Merge r87331. 2011-05-25 Jer Noble <jer.noble@apple.com> Ureviewed; Build fix for Leopard and Snow Leopard. Move _wkQTMovieResolvedURL outside of a #if check for Leopard and SL. * WebCore.exp.in: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87578. 2011-05-27 Anders Carlsson <andersca@apple.com> Reviewed by Sam Weinig. Always use the default localization strategy https://bugs.webkit.org/show_bug.cgi?id=61670 <rdar://problem/9516130> Always use the default localization strategy when there's no platform strategy. * platform/DefaultLocalizationStrategy.cpp: (WebCore::DefaultLocalizationStrategy::shared): * platform/DefaultLocalizationStrategy.h: * platform/LocalizedStrings.cpp: (WebCore::inputElementAltText): (WebCore::resetButtonDefaultLabel): (WebCore::searchableIndexIntroduction): (WebCore::submitButtonDefaultLabel): (WebCore::fileButtonChooseFileLabel): (WebCore::fileButtonNoFileSelectedLabel): (WebCore::defaultDetailsSummaryText): (WebCore::copyImageUnknownFileLabel): (WebCore::contextMenuItemTagOpenLinkInNewWindow): (WebCore::contextMenuItemTagDownloadLinkToDisk): (WebCore::contextMenuItemTagCopyLinkToClipboard): (WebCore::contextMenuItemTagOpenImageInNewWindow): (WebCore::contextMenuItemTagDownloadImageToDisk): (WebCore::contextMenuItemTagCopyImageToClipboard): (WebCore::contextMenuItemTagCopyImageUrlToClipboard): (WebCore::contextMenuItemTagOpenFrameInNewWindow): (WebCore::contextMenuItemTagCopy): (WebCore::contextMenuItemTagGoBack): (WebCore::contextMenuItemTagGoForward): (WebCore::contextMenuItemTagStop): (WebCore::contextMenuItemTagReload): (WebCore::contextMenuItemTagCut): (WebCore::contextMenuItemTagPaste): (WebCore::contextMenuItemTagSelectAll): (WebCore::contextMenuItemTagNoGuessesFound): (WebCore::contextMenuItemTagIgnoreSpelling): (WebCore::contextMenuItemTagLearnSpelling): (WebCore::contextMenuItemTagSearchInSpotlight): (WebCore::contextMenuItemTagSearchWeb): (WebCore::contextMenuItemTagLookUpInDictionary): (WebCore::contextMenuItemTagOpenLink): (WebCore::contextMenuItemTagIgnoreGrammar): (WebCore::contextMenuItemTagSpellingMenu): (WebCore::contextMenuItemTagShowSpellingPanel): (WebCore::contextMenuItemTagCheckSpelling): (WebCore::contextMenuItemTagCheckSpellingWhileTyping): (WebCore::contextMenuItemTagCheckGrammarWithSpelling): (WebCore::contextMenuItemTagFontMenu): (WebCore::contextMenuItemTagShowFonts): (WebCore::contextMenuItemTagBold): (WebCore::contextMenuItemTagItalic): (WebCore::contextMenuItemTagUnderline): (WebCore::contextMenuItemTagOutline): (WebCore::contextMenuItemTagStyles): (WebCore::contextMenuItemTagShowColors): (WebCore::contextMenuItemTagSpeechMenu): (WebCore::contextMenuItemTagStartSpeaking): (WebCore::contextMenuItemTagStopSpeaking): (WebCore::contextMenuItemTagWritingDirectionMenu): (WebCore::contextMenuItemTagTextDirectionMenu): (WebCore::contextMenuItemTagDefaultDirection): (WebCore::contextMenuItemTagLeftToRight): (WebCore::contextMenuItemTagRightToLeft): (WebCore::contextMenuItemTagCorrectSpellingAutomatically): (WebCore::contextMenuItemTagSubstitutionsMenu): (WebCore::contextMenuItemTagShowSubstitutions): (WebCore::contextMenuItemTagSmartCopyPaste): (WebCore::contextMenuItemTagSmartQuotes): (WebCore::contextMenuItemTagSmartDashes): (WebCore::contextMenuItemTagSmartLinks): (WebCore::contextMenuItemTagTextReplacement): (WebCore::contextMenuItemTagTransformationsMenu): (WebCore::contextMenuItemTagMakeUpperCase): (WebCore::contextMenuItemTagMakeLowerCase): (WebCore::contextMenuItemTagCapitalize): (WebCore::contextMenuItemTagChangeBack): (WebCore::contextMenuItemTagOpenVideoInNewWindow): (WebCore::contextMenuItemTagOpenAudioInNewWindow): (WebCore::contextMenuItemTagCopyVideoLinkToClipboard): (WebCore::contextMenuItemTagCopyAudioLinkToClipboard): (WebCore::contextMenuItemTagToggleMediaControls): (WebCore::contextMenuItemTagToggleMediaLoop): (WebCore::contextMenuItemTagEnterVideoFullscreen): (WebCore::contextMenuItemTagMediaPlay): (WebCore::contextMenuItemTagMediaPause): (WebCore::contextMenuItemTagMediaMute): (WebCore::contextMenuItemTagInspectElement): (WebCore::searchMenuNoRecentSearchesText): (WebCore::searchMenuRecentSearchesText): (WebCore::searchMenuClearRecentSearchesText): (WebCore::AXWebAreaText): (WebCore::AXLinkText): (WebCore::AXListMarkerText): (WebCore::AXImageMapText): (WebCore::AXHeadingText): (WebCore::AXDefinitionListTermText): (WebCore::AXDefinitionListDefinitionText): (WebCore::AXARIAContentGroupText): (WebCore::AXButtonActionVerb): (WebCore::AXRadioButtonActionVerb): (WebCore::AXTextFieldActionVerb): (WebCore::AXCheckedCheckBoxActionVerb): (WebCore::AXUncheckedCheckBoxActionVerb): (WebCore::AXLinkActionVerb): (WebCore::AXMenuListPopupActionVerb): (WebCore::AXMenuListActionVerb): (WebCore::missingPluginText): (WebCore::crashedPluginText): (WebCore::multipleFileUploadText): (WebCore::unknownFileSizeText): (WebCore::uploadFileText): (WebCore::allFilesText): (WebCore::keygenMenuItem512): (WebCore::keygenMenuItem1024): (WebCore::keygenMenuItem2048): (WebCore::keygenKeychainItemName): (WebCore::imageTitle): (WebCore::mediaElementLoadingStateText): (WebCore::mediaElementLiveBroadcastStateText): (WebCore::localizedMediaControlElementString): (WebCore::localizedMediaControlElementHelpText): (WebCore::localizedMediaTimeDescription): (WebCore::validationMessageValueMissingText): (WebCore::validationMessageValueMissingForCheckboxText): (WebCore::validationMessageValueMissingForFileText): (WebCore::validationMessageValueMissingForMultipleFileText): (WebCore::validationMessageValueMissingForRadioText): (WebCore::validationMessageValueMissingForSelectText): (WebCore::validationMessageTypeMismatchText): (WebCore::validationMessageTypeMismatchForEmailText): (WebCore::validationMessageTypeMismatchForMultipleEmailText): (WebCore::validationMessageTypeMismatchForURLText): (WebCore::validationMessagePatternMismatchText): (WebCore::validationMessageTooLongText): (WebCore::validationMessageRangeUnderflowText): (WebCore::validationMessageRangeOverflowText): (WebCore::validationMessageStepMismatchText): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87580. 2011-05-27 Stephanie Lewis <slewis@apple.com> Unreviewed. Fix a typo in the order_file flag. * Configurations/Base.xcconfig: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87520. 2011-05-27 Stephanie Lewis <slewis@apple.com> Rubber Stamped by Adam Roben. Update Order Files. Use -order_file flag since it can order more of the binary. * Configurations/Base.xcconfig: * WebCore.order: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87566. 2011-05-27 Brady Eidson <beidson@apple.com> Reviewed by Darin Adler. First swipe at resolving <rdar://problem/9125145> and https://bugs.webkit.org/show_bug.cgi?id=61494 Make the Document be intelligent about returning its DocumentLoader, including the possibility that the DocumentLoader will be null. No new tests. No change in behavior. Instead of storing the DocumentLoader at construction and never changing it, always calculate it based on the FrameLoader's current DocumentLoader: * dom/Document.cpp: (WebCore::Document::Document): (WebCore::Document::suggestedMIMEType): (WebCore::Document::lastModified): (WebCore::Document::initSecurityContext): (WebCore::Document::updateURLForPushOrReplaceState): (WebCore::Document::loader): * dom/Document.h: Null-check or ASSERT that the DocumentLoader exists (or both) depending on the scenario: * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeIfJavaScriptURL): * html/MediaDocument.cpp: (WebCore::MediaDocument::replaceMediaElementTimerFired): * html/PluginDocument.cpp: (WebCore::PluginDocumentParser::createDocumentStructure): * platform/mac/HTMLConverter.mm: (fileWrapperForElement): * WebCore.exp.in: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87330. 2011-05-25 Michael Saboff <msaboff@apple.com> Reviewed by Sam Weinig. Cleanup of commented items from https://bugs.webkit.org/show_bug.cgi?id=61222 https://bugs.webkit.org/show_bug.cgi?id=61478 Cleanup of further comments after patch was landed. Changes include using /2 instead of >>1, adding a blank line after class include, making method names start with lower case and adding clarifying comments. No new tests as the changes are stylistic and not functional. * loader/cache/MemoryCache.cpp: (WebCore::MemoryCache::pruneLiveResourcesToPercentage): (WebCore::MemoryCache::pruneDeadResourcesToPercentage): * loader/cache/MemoryCache.h: (WebCore::MemoryCache::pruneToPercentage): * platform/mac/MemoryPressureHandlerMac.mm: (WebCore::MemoryPressureHandler::respondToMemoryPressure): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87228. 2011-05-24 Michael Saboff <msaboff@apple.com> Reviewed by Geoffrey Garen. Improve handling in WebCore of low memory situations https://bugs.webkit.org/show_bug.cgi?id=61222 Added new class, MemoryPressureHandler, to platform to respond to low system memory events. Added Mac specific implementation that reduces the page cache, NSURL cache, WebCore cache by half their current usage and then garbage collects. This can allow Safari to continue operating in a low memory situation with minimal paging. Split up prune operations in MemoryCache to allow for pruning to a specific actual size to support this change. No tests added as the functionality of WebKit wasn't changed. * GNUmakefile.list.am: * WebCore.exp.in: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * loader/cache/MemoryCache.cpp: (WebCore::MemoryCache::pruneLiveResources): (WebCore::MemoryCache::forcePruneLiveResources): (WebCore::MemoryCache::pruneLiveResourcesToTarget): (WebCore::MemoryCache::pruneDeadResources): (WebCore::MemoryCache::forcePruneDeadResources): (WebCore::MemoryCache::pruneDeadResourcesToTarget): * loader/cache/MemoryCache.h: (WebCore::MemoryCache::forcePrune): * platform/MemoryPressureHandler.cpp: Added. (WebCore::memoryPressureHandler): (WebCore::MemoryPressureHandler::MemoryPressureHandler): (WebCore::MemoryPressureHandler::install): (WebCore::MemoryPressureHandler::respondToMemoryPressure): * platform/MemoryPressureHandler.h: Added. * platform/mac/MemoryPressureHandler.mm: Added. (WebCore::MemoryPressureHandler::install): (WebCore::MemoryPressureHandler::respondToMemoryPressure): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87460. 2011-05-26 Stephanie Lewis <slewis@apple.com> Reviewed by Geoff Garen. https://bugs.webkit.org/show_bug.cgi?id=61345 part of <rdar://problem/8675177> Roll back in now that the Crashes are fixed. ResourceResponseBase and ResourceResponse had two different definitions for m_isNull. ResourceResponse treats m_isNull as meaning there isn't any platform ResourceResponse. ResourceResponseBase treats m_isNull as meaning no fields have been initialized. Consolidate calls into ResourceResponseBase meaning. Don't initialize ResourceResponse.m_suggestedFilename until we want to use it. Initializing it requires reading in and parsing a plist. Add new initialization state CommonAndUncommonFields to ResourceResponse. This will be for all the header fields. Move suggestedFilename initialization to AllFields so it is never initialized unless we ask for it. Add "Content-Type" to common headers since it is looked for by every CSS sheet load. No new functionality so no new tests. * platform/network/ResourceResponseBase.cpp: (WebCore::ResourceResponseBase::adopt): (WebCore::ResourceResponseBase::suggestedFilename): (WebCore::ResourceResponseBase::setSuggestedFilename): (WebCore::ResourceResponseBase::httpStatusText): (WebCore::ResourceResponseBase::setHTTPStatusText): (WebCore::ResourceResponseBase::httpHeaderField): (WebCore::ResourceResponseBase::setHTTPHeaderField): (WebCore::ResourceResponseBase::httpHeaderFields): (WebCore::ResourceResponseBase::isAttachment): (WebCore::ResourceResponseBase::setLastModifiedDate): (WebCore::ResourceResponseBase::lastModifiedDate): (WebCore::ResourceResponseBase::wasCached): (WebCore::ResourceResponseBase::connectionReused): (WebCore::ResourceResponseBase::setConnectionReused): (WebCore::ResourceResponseBase::connectionID): (WebCore::ResourceResponseBase::setConnectionID): (WebCore::ResourceResponseBase::resourceLoadTiming): (WebCore::ResourceResponseBase::setResourceLoadTiming): (WebCore::ResourceResponseBase::resourceLoadInfo): (WebCore::ResourceResponseBase::setResourceLoadInfo): * platform/network/ResourceResponseBase.h: * platform/network/cf/ResourceResponse.h: (WebCore::ResourceResponse::ResourceResponse): * platform/network/cf/ResourceResponseCFNet.cpp: (WebCore::ResourceResponse::platformLazyInit): * platform/network/mac/ResourceResponseMac.mm: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87329. 2011-05-25 Stephanie Lewis <slewis@apple.com> Reviewed by Brady Eidson. https://bugs.webkit.org/show_bug.cgi?id=61407 part of <rdar://problem/8675177> Move Quicklook quirk down into WebCore so it can be caculated when the user starts a reload. Restructure the conditions so it only called when absolutely necessary. No change in functionality so no new tests. * loader/FrameLoader.cpp: (WebCore::FrameLoader::subresourceCachePolicy): * page/Settings.cpp: (WebCore::Settings::Settings): * page/Settings.h: * platform/network/cf/ResourceRequest.h: * platform/network/mac/ResourceRequestMac.mm: (WebCore::initQuickLookResourceCachingQuirks): (WebCore::ResourceRequest::useQuickLookResourceCachingQuirks): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87557. 2011-05-27 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. 30 second rewind button obscured in fullscreen controller https://bugs.webkit.org/show_bug.cgi?id=61663 If reset() is called while in full-screen mode, make sure to show and hide the correct controls for that mode. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::reset): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87414. 2011-05-25 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. Safari Web Content crashes while entering/exiting the full screen mode of the video content https://bugs.webkit.org/show_bug.cgi?id=61498 No new tests, as DRT does not currently animate the full screen transition. To guard against m_fullScreenRenderer being called after it has been deleted, add code in RenderFullScreen which notifies the document when its full-screen renderer will be destroyed. Also, add some sanity checks when accessing the full-screen renderer's layer backing. * dom/Document.cpp: (WebCore::Document::webkitWillEnterFullScreenForElement): Guard against a missing full-screen renderer layer. (WebCore::Document::webkitWillExitFullScreenForElement): Ditto. (WebCore::Document::setFullScreenRenderer): Added ASSERT. (WebCore::Document::fullScreenRendererDestroyed): Added. (WebCore::Document::setAnimatingFullScreen): Guard against the full-screen element having been removed from the document. * dom/Document.h: * rendering/RenderFullScreen.cpp: (RenderFullScreen::destroy): Added. Tell the Document that it's full-screen renderer is about to be destroyed. * rendering/RenderFullScreen.h: 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87322. 2011-05-25 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. REGRESSION: Fullscreen button on embedded Vimeo videos does nothing https://bugs.webkit.org/show_bug.cgi?id=61461 Tests: fullscreen/full-screen-iframe-legacy.html Allow calls from the legacy full-screen API to bypass the iframe "webkitallowfullscreen" requirement by adding a parameter to Document::webkitRequestFullScreenForElement specifying the strictness of that check. Specify this new parameter everywhere that function is called, including in the default controls' full-screen button handler. * dom/Document.cpp: (WebCore::Document::webkitRequestFullScreenForElement): * dom/Document.h: * dom/Element.cpp: (WebCore::Element::requestFullScreen): Renamed from webkitRequestFullScreen. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::enterFullscreen): * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlFullscreenButtonElement::defaultEventHandler): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87363. 2011-05-25 Jer Noble <jer.noble@apple.com> Reviewed by Dan Bernstein. 30 second rewind button dysfunctional viewing trailers fullscreen. https://bugs.webkit.org/show_bug.cgi?id=61505 Add support for painting MediaReturnToRealtimeButton, as well as hide and show the correct default video control buttons when entering full-screen mode. * css/fullscreenQuickTime.css: (video:-webkit-full-screen::-webkit-media-controls-return-to-realtime-button): * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::enteredFullscreen): Show the "Back 30s" and "Return to Realtime" buttons for Live Streams in full-screen mode. (WebCore::MediaControlRootElement::exitedFullscreen): Reset the styles of all the buttons affected by enteredFullscreen(). * rendering/RenderMediaControls.cpp: (WebCore::RenderMediaControls::paintMediaControlsPart): Add support for MediaReturnToRealtimeButton. 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87328. 2011-05-24 Jer Noble <jer.noble@apple.com> Reviewed by Darin Adler. Video fails to play on Vimeo https://bugs.webkit.org/show_bug.cgi?id=61403 No new tests; Covered by media/video-canvas-source.html. Vimeo redirects their assets from player.vimeo.com to av.vimeo.com, which is rejected by AVFoundation and QTKit due to our setting a ForbidCrossSiteReference option when creating an AVAsset or QTMovie. Instead, we should just reject local->remote and remote->local and make our answer to hasSingleSecurityOrigin dynamic. When checking whether a given request has a single security origin, use a SecurityOrigin to check the host, port, and scheme. * WebCore.exp.in: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: (WebCore::MediaPlayerPrivateAVFoundation::assetURL): Added. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Exchange ForbidCrossSiteReference for ForbidRemoteReferenceToLocal and ForbidLocalReferenceToRemote (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin): Check to see that the requested and resolved URLs have the same host and port. * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: (WebCore::MediaPlayerPrivateQTKit::commonMovieAttributes): Exchange NoCrossSiteAttribute for NoRemoteToLocalSiteAttribute and NoLocalToRemoteSiteAttribute. (WebCore::MediaPlayerPrivateQTKit::hasSingleSecurityOrigin): Check to see that the requested and resolved URLs have the same host and port. * platform/mac/WebCoreSystemInterface.h: Added wkAVAssetResolvedURL. * platform/mac/WebCoreSystemInterface.mm: Ditto. 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87442. 2011-05-26 Jeff Miller <jeffm@apple.com> Reviewed by Steve Falkenburg. Fullscreen content is sometimes obscured by taskbar (which even covers up the "exit fullscreen" button) https://bugs.webkit.org/show_bug.cgi?id=61569 <rdar://problem/9454315> Normally, when the background fullscreen window is animated in, the Windows taskbar will be hidden, but this doesn't always work for some reason. Workaround this issue by setting the real fullscreen window to be a topmost window. * platform/graphics/win/FullScreenController.cpp: (FullScreenController::Private::fullscreenClientWndProc): Exit fullscreen when m_fullScreenWindow is deactivated. (FullScreenController::enterFullScreenRepaintCompleted): Make m_fullScreenWindow a topmost window before animating it in to ensure the taskbar is hidden. 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87335. 2011-05-25 Mark Rowe <mrowe@apple.com> Reviewed by Sam Weinig. <rdar://problem/9504058> Need some way to query user gesture state from injected bundle * WebCore.exp.in: Add an export that WebKit2 needs. 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87387. 2011-05-25 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. Always antialias borders, outlines and rules when scaling https://bugs.webkit.org/show_bug.cgi?id=61502 r84273 changed the behavior of drawLineForBoxSide() to never antialias by default. This actually disabled antialiasing in some circumstances where it used to be enabled, for example collapsed table border drawing. Fix by allowing antialiasing for collapsed table borders, column rules and span outlines when the context is scaled. Test: fast/borders/border-antialiasing.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::paintColumnRules): * rendering/RenderInline.cpp: (WebCore::RenderInline::paintOutline): (WebCore::RenderInline::paintOutlineForLine): * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paintCollapsedBorder): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87524. 2011-05-27 Michael Saboff <msaboff@apple.com> Reviewed by David Hyatt. https://bugs.webkit.org/show_bug.cgi?id=61646 Duplicate Fonts Put in Font Cache on Mac Due to Duplicate CGFontRefs for Same Font Change the platformIsEqual to just compare the m_font members if either is not null. No tests added - functionality unchanged, fixing memory abandonment. * platform/graphics/cocoa/FontPlatformDataCocoa.mm: (WebCore::FontPlatformData::platformIsEqual): 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87361. 2011-05-25 James Simonsen <simonjam@chromium.org> Reviewed by Adam Barth. Add site-specific hack for zipcar.com with old versions of requirejs. https://bugs.webkit.org/show_bug.cgi?id=61321 Old versions of requirejs (< 0.15.0) try to load scripts in parallel but execute them in order. This used to work in webkit by setting a bogus script type (script/cache), then changing the type to a valid one when they wanted to execute it. This hack translates the behavior into the new API (by disabling forceAsync). * html/HTMLScriptElement.cpp: (WebCore::needsOldRequirejsQuirk): Added. (WebCore::HTMLScriptElement::insertedIntoDocument): If hack is needed, set a proper script type so script loads. If script isn't async, disable forceAsync so script executes in order. 2011-05-27 Mark Rowe <mrowe@apple.com> Merge r87244. 2011-05-24 Andy Estes <aestes@apple.com> Reviewed by Geoffrey Garen. REGRESSION (r70748): WebKit cannot play QuickTime movies on Mac OS X Wiki Server pages https://bugs.webkit.org/show_bug.cgi?id=61229 This site-specific hack maintains compatibility with Mac OS X Wiki Server, which embeds QuickTime movies using an object tag containing QuickTime's ActiveX classid. Treat this classid as valid only if OS X Server's unique 'generator' meta tag is present. Only apply this quirk if there is no fallback content, which ensures the quirk will disable itself if Wiki Server is updated to generate an alternate embed tag as fallback content. * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk): Return true if site-specific quirks are enabled, the object element has no fallback content, the classid attribute matches QuickTime's classid and the document has a 'generator' meta tag matching Mac OS X Web Services Server's unique generator string. (WebCore::HTMLObjectElement::hasValidClassId): Call shouldAllowQuickTimeClassIdQuirk() * html/HTMLObjectElement.h: 2011-05-24 Sam Weinig <sam@webkit.org> Reviewed by Beth Dakin. Can't scroll scaled page that has overflow:hidden on its root <rdar://problem/9029189> https://bugs.webkit.org/show_bug.cgi?id=61339 Test: fast/events/scroll-in-scaled-page-with-overflow-hidden.html * page/FrameView.cpp: (WebCore::FrameView::applyOverflowToViewport): Scrollbars should be enabled for the viewport when scaled, even if overflow:hidden is specified. 2011-05-24 Adam Roben <aroben@apple.com> Leopard build fix * bridge/runtime_root.cpp: Added a missing #include. 2011-05-24 Jian Li <jianli@chromium.org> Merged r87179. 2011-05-24 Adam Roben <aroben@apple.com> Invalidate RuntimeObjects when they are finalized This will cause the underlying NPObject to be released at finalization time, rather than at destruction time (which is unpredictable and could occur after the plugin has been unloaded). Test: plugins/npobject-js-wrapper-destroyed-after-plugin-unload.html Fixes <http://webkit.org/b/61317> <rdar://problem/9489829> Crash in _NPN_DeallocateObject when reloading yahoo.com webarchive in WebKit1 Reviewed by Oliver Hunt. * bridge/runtime_object.cpp: (JSC::Bindings::RuntimeObject::~RuntimeObject): Assert that we've already been invalidated. * bridge/runtime_root.cpp: (JSC::Bindings::RootObject::invalidate): (JSC::Bindings::RootObject::addRuntimeObject): Updated for m_runtimeObjects type change. (JSC::Bindings::RootObject::finalize): Added. Invalidates the RuntimeObject and removes it from the map. * bridge/runtime_root.h: Now inherits from WeakHandleOwner. Changed m_runtimeObjects from a WeakGCMap to a HashMap of JSC::Weak objects so that we will be notified when the RuntimeObjects are finalized. 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r87102. 2011-05-20 Jeremy Noble <jer.noble@apple.com> Reviewed by Darin Adler. Video looks squished when animating to full screen. https://bugs.webkit.org/show_bug.cgi?id=61220 No new tests, because DumpRenderTree does not currently "animate" the full-screen transition. There are three issues animating video content to full screen which this patch is meant to address: 1) The animation scales between the client sizes of the element before and after full-screen. Because these sizes have different aspect ratios, the video appears "squished" for part of the animation. Instead, we will animate between the content box sizes before and after full screen which, in the case of video now and object-fit content in the future, will have the same aspect ratio before and after full screen. 2) Now that we are animating the full-screen video element's content box, the black letterbox bars appear above and below the video (depending on the video's aspect ratio) as soon as the animation begins. This is extremely jarring, so set the background color to clear. The full-screen renderer's background color will serve the same purpose (providing the letterbox background) once the animation completes. 3) Now that the letterbox color is gone, the full screen controls can appear to float in thin air beneath the video (again, depending on aspect ratio) during the animation, so to avoid that effect and to make the animation consistent with the old webkitenterfullscreen() animation, we will hide the controls during the animation by adding a new CSS pseudo class -webkit-animating-full-screen-transition. Added a new css pseudo-class: -webkit-animating-full-screen. During the transition animation, this pseudo-class will be applied to the current full-screen element. Styles have been added to fullscreenQuickTime.css to hide the video element's built-in controller during the full-screen animation. To accomplish this, the ivar tracking whether the full-screen animation is taking place has been moved from the RenderFullScreen renderer, to the current full-screen Document. Because changing isAnimatingFullScreen causes style changes, make sure to call recalcStyle on the full-screen element after changing. This extra transition caused assertions in HTMLFormControlElement::updateFromElementCallback. A full-screen media control's renderer is disabled during the style recalculation when exiting full screen. This assertion was exposed by the extra recalcStyle() issued during the exit transition, and has been removed. * WebCore.exp.in: * css/CSSSelector.cpp: (WebCore::CSSSelector::pseudoId): Add support for new pseudo class -webkit-animate-full-screen-transition. (WebCore::nameToPseudoTypeMap): Ditto. (WebCore::CSSSelector::extractPseudoType): Ditto. * css/CSSSelector.h: * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector): Ditto. * css/fullscreen.css: (video:-webkit-full-screen): Set full screen video background color to clear. * css/fullscreenQuickTime.css: (video:-webkit-full-screen::-webkit-media-controls-panel): Set a default opacity transition. (video:-webkit-animating-full-screen::-webkit-media-controls-panel): Set the opacity to 0 and disable the transition. * dom/Document.cpp: (WebCore::Document::Document): (WebCore::Document::webkitWillEnterFullScreenForElement): Call our new setAnimatingFullScreen function. (WebCore::Document::webkitDidEnterFullScreenForElement): Ditto. (WebCore::Document::webkitWillExitFullScreenForElement): Ditto. (WebCore::Document::webkitDidExitFullScreenForElement): Ditto. (WebCore::Document::isAnimatingFullScreen): Moved here from RenderFullScreen. (WebCore::Document::setAnimatingFullScreen): Ditto. * dom/Document.h: * html/HTMLFormControlElement.cpp: (WebCore::updateFromElementCallback): Use the Document's isAnimatingFullScreen function. * page/FrameView.cpp: (WebCore::isDocumentRunningFullScreenAnimation): Ditto. * rendering/RenderFullScreen.cpp: * rendering/RenderFullScreen.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): Ditto. (WebCore::RenderLayerCompositor::requiresCompositingForFullScreen): Ditto. * rendering/style/RenderStyleConstants.h: 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r87083. 2011-05-23 Abhishek Arya <inferno@chromium.org> Reviewed by Simon Fraser. Terminate css color parsing on integers which are not followed by a terminator. https://bugs.webkit.org/show_bug.cgi?id=61293 Test: fast/css/parse-color-int-or-percent-crash.html * css/CSSParser.cpp: (WebCore::parseColorIntOrPercentage): 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r87026. 2011-05-21 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. <rdar://problem/9479926> REGRESSION (r82144): Icon overlaps text in Twitter message dialog https://bugs.webkit.org/show_bug.cgi?id=61241 Test: fast/block/positioning/start-ignoring-before.html * rendering/RenderBlockLineLayout.cpp: (WebCore::TrailingObjects::updateMidpointsForTrailingBoxes): Added a boolean parameter saying whether to merge the first trailing space with the line break. (WebCore::RenderBlock::LineBreaker::nextLineBreak): When adding a midpoint behind the current character, account for trailing positioned objects that occurred after the midpoint by calling updateMidpointsForTrailingBoxes(), which adds midpoints for them. 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r87009. 2011-05-20 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. Allow ShadowBlur to do tiling when the context is scaled https://bugs.webkit.org/show_bug.cgi?id=61232 If the GraphicsContext is scaled or rotated by a multiple of 90deg, have ShadowBlur use the tiling code path, to avoid blurring large areas on pages like cracked.com when the context is scaled. * platform/graphics/ShadowBlur.cpp: (WebCore::ShadowBlur::drawRectShadow): Call preservesAxisAlignment() to decide when to not use tiling. (WebCore::ShadowBlur::drawInsetShadow): Ditto. (WebCore::ShadowBlur::drawLayerPieces): Round to device pixels when drawing tiles to avoid pixel cracks in scaled contexts. * platform/graphics/transforms/AffineTransform.h: (WebCore::AffineTransform::preservesAxisAlignment): Return true if there is the matrix contains a transform that results in axis alignment (no rotation or skew, or rotations which are multiples of 90deg). 2011-05-24 Steve Falkenburg <sfalken@apple.com> Reviewed by Adam Roben. Disable features on safari-534-branch. <rdar://problem/9261347> * Configurations/FeatureDefines.xcconfig: 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r86995. 2011-05-20 Andy Estes <aestes@apple.com> Reviewed by Darin Adler. WebView loses firstResponder status when entering full-screen mode. https://bugs.webkit.org/show_bug.cgi?id=61153 No test possible via DRT. Add a manual test instead. * manual-tests/full-screen-keypress.html: Added. 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r86992. 2011-05-20 Jeremy Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. WebKit2: Exit full screen mode if the WebProcess crashes. https://bugs.webkit.org/show_bug.cgi?id=61151 * platform/graphics/win/FullScreenController.h: * platform/graphics/win/FullScreenController.cpp: (FullScreenController::close): Added. Close the full-screen window without animation if called. 2011-05-24 Lucas Forschler <lforschler@apple.com> Merged r87022. 2011-05-21 Jeremy Noble <jer.noble@apple.com> Reviewed by Eric Carlson. WebKit2: fix failing fullscreen/full-screen-remove* tests. https://bugs.webkit.org/show_bug.cgi?id=61027 * dom/Document.cpp: (WebCore::Document::fullScreenChangeDelayTimerFired): dispatchEvent can be synchronous, so make sure to check whether the current element is in the DOM before dispatching. 2011-05-22 Lucas Forschler <lforschler@apple.com> Merge r86956. 2011-05-20 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. Win: non-full-screen content is briefly seen when entering full-screen mode (and vice versa) https://bugs.webkit.org/show_bug.cgi?id=61108 Instead of repainting the full- and non-full-screen windows in WebCore, delegate that responsibility to the FullScreenControllerClient. Because the repaint operation may be asynchronous, add a new method for clients to use to indicate repainting has completed. * platform/graphics/win/FullScreenController.cpp: (FullScreenController::Private::Private): Added new ivars. (FullScreenController::enterFullScreen): Split into two functions (pre-and post repaint) (FullScreenController::enterFullScreenRepaintCompleted): Ditto. (FullScreenController::exitFullScreen): Ditto. (FullScreenController::exitFullScreenRepaintCompleted): Ditto. (FullScreenController::repaintCompleted): Call the appropriated repaint completed function. * platform/graphics/win/FullScreenController.h: * platform/graphics/win/FullScreenControllerClient.h: 2011-05-22 Lucas Forschler <lforschler@apple.com> Merge r86924. 2011-05-19 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. WebKit2: Flashing when entering and exiting full screen mode https://bugs.webkit.org/show_bug.cgi?id=56957 Guard against the parameter of setAnimating() matching the ivar value it's setting, thus avoiding tearing down the renderer's layer backing. * rendering/RenderFullScreen.cpp: (RenderFullScreen::setAnimating): 2011-05-22 Lucas Forschler <lforschler@apple.com> Merge r86904. 2011-05-18 Jeremy Noble <jer.noble@apple.com> Reviewed by Darin Adler. Poster is not shown in Safari for video element with no playable source elements. https://bugs.webkit.org/show_bug.cgi?id=61109 Test: media/video-src-invalid-poster.html In the case where no video sources are playable, update the display state and renderer, allowing the poster image to display. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::waitForSourceChange): 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86852. 2011-05-19 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. REGRESSION (r83322): Many crashes in Mail.app in WebCore::Node::nodeIndex https://bugs.webkit.org/show_bug.cgi?id=61012 The crash was caused by ReplaceSelectionCommand's inserting content into a middle of the paragraph being moved when the insertion position's container node is the node to split to. Fixed the crash by not changing the insertion position in such a case. Unfortunately, this fix caused markup to bloat in some tests but we'll take this regression since it's much better than crashing. Test: editing/pasteboard/paste-after-inline-style-element.html * editing/ReplaceSelectionCommand.cpp: (WebCore::ReplaceSelectionCommand::doApply): 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86827. 2011-05-19 Emil A Eklund <eae@chromium.org> Reviewed by Alexey Proskuryakov. REGRESSION (r80808): Multiple <select> - Selection reset to first element from multiple selected ones https://bugs.webkit.org/show_bug.cgi?id=60986 * html/HTMLSelectElement.cpp: (WebCore::HTMLSelectElement::setMultiple): Don't restore selection if the multiple attribute hasn't changed. 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86785. 2011-05-18 Oliver Hunt <oliver@apple.com> Reviewed by Sam Weinig. JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption https://bugs.webkit.org/show_bug.cgi?id=61090 Rather than having Constructor objects create their structure as part of initialisation, we now pass their expected structure in as an argument. This required fixing the few custom Constructors and the code generator. * bindings/js/JSAudioConstructor.cpp: (WebCore::JSAudioConstructor::JSAudioConstructor): * bindings/js/JSAudioConstructor.h: * bindings/js/JSDOMGlobalObject.h: (WebCore::getDOMConstructor): Pass the Constructor objects structure in as an argument * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::JSImageConstructor): * bindings/js/JSImageConstructor.h: * bindings/js/JSOptionConstructor.cpp: (WebCore::JSOptionConstructor::JSOptionConstructor): * bindings/js/JSOptionConstructor.h: * bindings/scripts/CodeGeneratorJS.pm: 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86748. 2011-05-18 Abhishek Arya <inferno@chromium.org> Reviewed by Dirk Schulze. When SMIL element is getting removed, make sure to remove it from target's animation elements list. https://bugs.webkit.org/show_bug.cgi?id=60980 Test: svg/animations/smil-element-not-removed-crash.html * svg/animation/SVGSMILElement.cpp: (WebCore::SVGSMILElement::~SVGSMILElement): 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86806. 2011-05-18 Chris Fleizach <cfleizach@apple.com> Reviewed by Maciej Stachowiak. WK2: VoiceOver cannot move focus into a web area programmatically https://bugs.webkit.org/show_bug.cgi?id=60661 Accessibility code relies on the ability to bring focus to the containing widget view. In WK2, that message needs to be propagated to the UI process. * page/ChromeClient.h: (WebCore::ChromeClient::makeFirstResponder): * page/mac/ChromeMac.mm: (WebCore::Chrome::focusNSView): * platform/mac/WidgetMac.mm: (WebCore::Widget::setFocus): 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86793. 2011-05-17 Timothy Hatcher <timothy@apple.com> Update the the context menu to reflect the system search provider on Mac. <rdar://problem/9198419> Reviewed by Sam Weinig. * English.lproj/Localizable.strings: Updated. * Source/WebCore/WebCore.exp.in: Added _wkCopyDefaultSearchProviderDisplayName. * platform/DefaultLocalizationStrategy.cpp: (WebCore::DefaultLocalizationStrategy::contextMenuItemTagSearchWeb): Use wkCopyDefaultSearchProviderDisplayName to create the string. * platform/mac/WebCoreSystemInterface.h: Added wkCopyDefaultSearchProviderDisplayName. * platform/mac/WebCoreSystemInterface.mm: Ditto. 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86781. 2011-05-18 Abhishek Arya <inferno@chromium.org> Reviewed by Beth Dakin. Remove removeChild on table caption since destroy call already does that. https://bugs.webkit.org/show_bug.cgi?id=61083 Test: fast/table/table-captions-child-visible-crash.html * rendering/RenderTable.cpp: (WebCore::RenderTable::recalcCaption): 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86741. 2011-05-16 Jeremy Noble <jer.noble@apple.com> Reviewed by Darin Adler. Disable keyboard input (with exceptions) in full-screen mode. https://bugs.webkit.org/show_bug.cgi?id=60943 Tests: fullscreen/full-screen-keyboard-disabled.html fullscreen/full-screen-keyboard-enabled.html * page/EventHandler.cpp: (WebCore::EventHandler::isKeyEventAllowedInFullScreen): Added. Implements the list of allowed keyboard events in the proposed API. (WebCore::EventHandler::keyEvent): Discard events which are not allowed in full-screen mode. * page/EventHandler.h: 2011-05-19 Lucas Forschler <lforschler@apple.com Merged r86737. 2011-05-17 Jeremy Noble <jer.noble@apple.com> Reviewed by Darin Adler. Removing a full-screen element or ancestor from the DOM should trigger exiting full-screen mode. https://bugs.webkit.org/show_bug.cgi?id=60997 Tests: fullscreen/full-screen-remove-ancestor.html fullscreen/full-screen-remove-children.html fullscreen/full-screen-remove.html * dom/Document.cpp: (WebCore::Document::fullScreenChangeDelayTimerFired): If the target node was removed from the document make sure to message the documentElement() as well. (WebCore::Document::fullScreenElementRemoved): Cancel full screen mode. 2011-05-17 Cris Neckar <cdn@chromium.org> Reviewed by Adam Barth. Clear the image from ImageLoader rather than clearing the ImageLoader in HTMLObjectElement::renderFallbackContent. https://bugs.webkit.org/show_bug.cgi?id=61005 Test: http/tests/loading/nested_bad_objects.php * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::renderFallbackContent): 2011-05-17 Chris Rogers <crogers@google.com> Reviewed by Kenneth Russell. Make sure that AudioNode gets re-enabled after having been disconnected and re-connected. https://bugs.webkit.org/show_bug.cgi?id=60995 No new tests since audio API is not yet implemented. * webaudio/AudioNode.cpp: (WebCore::AudioNode::ref): 2011-05-17 Brady Eidson <beidson@apple.com> Reviewed by Darin Adler. <rdar://problem/9366728> and https://webkit.org/b/60796 Crash when code inside a ResourceLoadDelegate method calls [WebView stopLoading:] Break up ResourceLoader::didCancel() into willCancel() and didCancel(), and making them pure virtual. This change has the following benefits: - Managing ResourceLoader state can be in the base class; Subclasses no longer need to protect themselves, check these variables as often, or ASSERT them. - ResourceLoader subclasses no longer have to call the base class ::didCancel - ResourceLoader::cancel becomes more capable of handling reentrancy with the design that the cancellation is completed inside the last call. No new tests - No change in behavior for previous tests, and new test would require API usage outside the scope of DumpRenderTree. * loader/ResourceLoader.cpp: (WebCore::ResourceLoader::ResourceLoader): (WebCore::ResourceLoader::cancel): Moved from ResourceLoader::didCancel, and does all of that same work except it interposes calls to "willCancel" and "didCancel" as required to maintain the same behavior. * loader/ResourceLoader.h: Added pure virtual didCancel() and willCancel(). Split-up into willCancel() and didCancel(), based on when the base class didCancel() used to be called: * loader/MainResourceLoader.cpp: (WebCore::MainResourceLoader::willCancel): (WebCore::MainResourceLoader::didCancel): * loader/MainResourceLoader.h: Split-up into willCancel() and didCancel(), based on when the "reached terminal state" flag used to be checked: * loader/NetscapePlugInStreamLoader.cpp: (WebCore::NetscapePlugInStreamLoader::didReceiveResponse): Call the entry point cancel() instead of the old didCancel() (WebCore::NetscapePlugInStreamLoader::willCancel): (WebCore::NetscapePlugInStreamLoader::didCancel): * loader/NetscapePlugInStreamLoader.h: Split-up into willCancel() and didCancel(), based on when the "reached terminal state" flag used to be checked: * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::willCancel): (WebCore::SubresourceLoader::didCancel): * loader/SubresourceLoader.h: 2011-05-17 Nat Duca <nduca@chromium.org> Reviewed by James Robinson. [chromium] Always set layerRenderer, even on non-drawn-layers https://bugs.webkit.org/show_bug.cgi?id=60977 This is a defensive fixe for crbug.com/82799, in which a RenderLayer could not prepare itself because its owning layerImpl had no associated layerRenderer. The underlying issue is that we sometimes put renderSurfaces onto the list that won't actually render. For now, the priority is to reduce fragility so that invisible layers dont lead to crashers. We do this by being more agressive about binding CCLayerImpls to the LayerRenderer, doing it all the time rather than only when we think it will get rendered. * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::paintLayerContents): 2011-05-17 Anders Carlsson <andersca@apple.com> Fix the clang build. * rendering/RenderText.h: (WebCore::RenderText::nodeAtPoint): nodeAtPoint should take a const IntPoint reference. 2011-05-17 Erik Arvidsson <arv@chromium.org> Reviewed by Ryosuke Niwa. document.activeElement doesn't point to the focused frame https://bugs.webkit.org/show_bug.cgi?id=49509 This makes us match IE and Firefox and there is an ongoing WHATWG discussion to make the spec match this. Test: fast/dom/HTMLDocument/active-element-frames.html * html/HTMLDocument.cpp: (WebCore::HTMLDocument::activeElement): Walk up the frame tree from the focusedFrame to find the active frame if any. 2011-05-17 Emil A Eklund <eae@chromium.org> Reviewed by Eric Seidel. Change nodeAtPoint to take IntPoint instead of int x, int y https://bugs.webkit.org/show_bug.cgi?id=60663 Change nodeAtPoint to take a single const IntPoint& instead of a pair of ints for the location. Covered by existing tests. * platform/graphics/FloatPoint.h: (WebCore::flooredIntPoint): * rendering/EllipsisBox.cpp: (WebCore::EllipsisBox::nodeAtPoint): * rendering/EllipsisBox.h: * rendering/InlineBox.cpp: (WebCore::InlineBox::nodeAtPoint): * rendering/InlineBox.h: * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::nodeAtPoint): * rendering/InlineFlowBox.h: * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::nodeAtPoint): * rendering/InlineTextBox.h: * rendering/RenderBlock.cpp: (WebCore::RenderBlock::nodeAtPoint): (WebCore::RenderBlock::hitTestContents): * rendering/RenderBlock.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::nodeAtPoint): * rendering/RenderBox.h: * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::nodeAtPoint): * rendering/RenderFrameSet.h: * rendering/RenderImage.cpp: (WebCore::RenderImage::nodeAtPoint): * rendering/RenderImage.h: * rendering/RenderInline.cpp: (WebCore::RenderInline::nodeAtPoint): * rendering/RenderInline.h: * rendering/RenderLineBoxList.cpp: (WebCore::RenderLineBoxList::hitTest): * rendering/RenderListBox.cpp: (WebCore::RenderListBox::nodeAtPoint): * rendering/RenderListBox.h: * rendering/RenderObject.cpp: (WebCore::RenderObject::hitTest): (WebCore::RenderObject::nodeAtPoint): * rendering/RenderObject.h: * rendering/RenderTable.cpp: (WebCore::RenderTable::nodeAtPoint): * rendering/RenderTable.h: * rendering/RenderTableRow.cpp: (WebCore::RenderTableRow::nodeAtPoint): * rendering/RenderTableRow.h: * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::nodeAtPoint): * rendering/RenderTableSection.h: * rendering/RenderText.h: (WebCore::RenderText::nodeAtPoint): * rendering/RenderTextControlMultiLine.cpp: (WebCore::RenderTextControlMultiLine::nodeAtPoint): * rendering/RenderTextControlMultiLine.h: * rendering/RenderTextControlSingleLine.cpp: (WebCore::RenderTextControlSingleLine::nodeAtPoint): * rendering/RenderTextControlSingleLine.h: * rendering/RenderWidget.cpp: (WebCore::RenderWidget::nodeAtPoint): * rendering/RenderWidget.h: * rendering/RootInlineBox.cpp: (WebCore::RootInlineBox::nodeAtPoint): * rendering/RootInlineBox.h: * rendering/svg/RenderSVGForeignObject.cpp: (WebCore::RenderSVGForeignObject::nodeAtFloatPoint): (WebCore::RenderSVGForeignObject::nodeAtPoint): * rendering/svg/RenderSVGForeignObject.h: * rendering/svg/RenderSVGModelObject.cpp: (WebCore::RenderSVGModelObject::nodeAtPoint): * rendering/svg/RenderSVGModelObject.h: * rendering/svg/RenderSVGRoot.cpp: (WebCore::RenderSVGRoot::nodeAtPoint): * rendering/svg/RenderSVGRoot.h: * rendering/svg/RenderSVGText.cpp: (WebCore::RenderSVGText::nodeAtFloatPoint): (WebCore::RenderSVGText::nodeAtPoint): * rendering/svg/RenderSVGText.h: 2011-05-17 Andrew Wilson <atwilson@chromium.org> Unreviewed, rolling out r86647. http://trac.webkit.org/changeset/86647 https://bugs.webkit.org/show_bug.cgi?id=56814 Broke tests downstream in Chromium * dom/DocumentMarker.h: (WebCore::DocumentMarker::operator==): (WebCore::DocumentMarker::operator!=): * dom/DocumentMarkerController.cpp: (WebCore::DocumentMarkerController::addMarker): (WebCore::DocumentMarkerController::copyMarkers): (WebCore::DocumentMarkerController::removeMarkers): (WebCore::DocumentMarkerController::markerContainingPoint): (WebCore::DocumentMarkerController::markersInRange): (WebCore::DocumentMarkerController::renderedRectsForMarkers): (WebCore::DocumentMarkerController::removeMarkersFromList): (WebCore::DocumentMarkerController::repaintMarkers): (WebCore::DocumentMarkerController::shiftMarkers): (WebCore::DocumentMarkerController::setMarkersActive): (WebCore::DocumentMarkerController::hasMarkers): (WebCore::DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange): (WebCore::DocumentMarkerController::showMarkers): * dom/DocumentMarkerController.h: * editing/CompositeEditCommand.cpp: (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers): * editing/DeleteSelectionCommand.cpp: (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection): * editing/Editor.cpp: (WebCore::Editor::selectionStartHasMarkerFor): * editing/SpellingCorrectionController.cpp: (WebCore::SpellingCorrectionController::respondToChangedSelection): * editing/SpellingCorrectionController.h: (WebCore::SpellingCorrectionController::shouldStartTimerFor): * rendering/HitTestResult.cpp: (WebCore::HitTestResult::spellingToolTip): (WebCore::HitTestResult::replacedString): * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::paintSpellingOrGrammarMarker): (WebCore::InlineTextBox::paintTextMatchMarker): (WebCore::InlineTextBox::computeRectForReplacementMarker): (WebCore::InlineTextBox::paintDocumentMarkers): * rendering/svg/SVGInlineFlowBox.cpp: (WebCore::SVGInlineFlowBox::computeTextMatchMarkerRectForRenderer): 2011-05-17 Andrew Wilson <atwilson@chromium.org> Unreviewed, rolling out r86656. http://trac.webkit.org/changeset/86656 Broke tests downstream in Chromium * editing/SpellingCorrectionController.cpp: (WebCore::markersHaveIdenticalDescription): (WebCore::SpellingCorrectionController::recordSpellcheckerResponseForModifiedCorrection): (WebCore::SpellingCorrectionController::processMarkersOnTextToBeReplacedByResult): 2011-05-17 Yufeng Shen <miletus@chromium.org> Reviewed by Darin Fisher. Make WebKit expose extra touch information https://bugs.webkit.org/show_bug.cgi?id=59030 * dom/Document.cpp: (WebCore::Document::createTouch): * dom/Document.h: * dom/Document.idl: * dom/Touch.cpp: (WebCore::Touch::Touch): * dom/Touch.h: (WebCore::Touch::create): (WebCore::Touch::webkitRadiusX): (WebCore::Touch::webkitRadiusY): (WebCore::Touch::webkitRotationAngle): * dom/Touch.idl: * page/EventHandler.cpp: (WebCore::EventHandler::handleTouchEvent): * platform/PlatformTouchPoint.h: (WebCore::PlatformTouchPoint::radiusX): (WebCore::PlatformTouchPoint::radiusY): (WebCore::PlatformTouchPoint::rotationAngle): 2011-05-17 Eric Seidel <eric@webkit.org> Reviewed by Ryosuke Niwa. Add a LineLayoutState object to hold global state during line layout https://bugs.webkit.org/show_bug.cgi?id=60113 Like LayoutState for layout(), LineLayoutState keeps track of global information during an entire linebox tree layout pass (aka layoutInlineChildren). For now it just holds isFullLayout and the logicalRepaintTop/Bottom. It's possible we should hold the useRepaintBounds bool as well as the startLine and endLine RootInlineBox pointers. No change in behavior, thus no tests. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::layoutBlock): * rendering/RenderBlock.h: * rendering/RenderBlockLineLayout.cpp: (WebCore::LineLayoutState::LineLayoutState): (WebCore::LineLayoutState::markForFullLayout): (WebCore::LineLayoutState::isFullLayout): (WebCore::LineLayoutState::setRepaintRange): (WebCore::LineLayoutState::updateRepaintRangeFromBox): (WebCore::LineLayoutState::startLine): (WebCore::LineLayoutState::endLine): (WebCore::deleteLineRange): (WebCore::RenderBlock::layoutRunsAndFloats): (WebCore::RenderBlock::layoutInlineChildren): (WebCore::RenderBlock::checkFloatsInCleanLine): (WebCore::RenderBlock::determineStartPosition): (WebCore::RenderBlock::determineEndPosition): (WebCore::RenderBlock::matchedEndLine): 2011-05-17 Andreas Kling <kling@webkit.org> Reviewed by Kenneth Rohde Christiansen. Area element doesn't update region when dynamically altered. https://bugs.webkit.org/show_bug.cgi?id=54636 Recompute the clickable region after the "shape" or "coords" attribute of an area element is changed. Test: fast/images/imagemap-dynamic-area-updates.html * html/HTMLAreaElement.cpp: (WebCore::HTMLAreaElement::parseMappedAttribute): (WebCore::HTMLAreaElement::invalidateCachedRegion): * html/HTMLAreaElement.h: 2011-05-09 Luiz Agostini <luiz.agostini@openbossa.org> Reviewed by Kenneth Rohde Christiansen. [Qt] Redirection of HTTP POST (3xx) incorrectly includes original POST data https://bugs.webkit.org/show_bug.cgi?id=60440 Makes sure that the HTTP headers Content-type and Content-length are not included in the requests that do not have any content. Tests: http/tests/navigation/post-301-response.html http/tests/navigation/post-302-response.html http/tests/navigation/post-303-response.html http/tests/navigation/post-307-response.html * platform/network/qt/QNetworkReplyHandler.cpp: (WebCore::QNetworkReplyHandler::sendNetworkRequest): 2011-05-17 Andreas Kling <kling@webkit.org> Reviewed by Benjamin Poulain. [Qt] GraphicsLayerQtImpl: Remove an unused variable. * platform/graphics/qt/GraphicsLayerQt.cpp: (WebCore::GraphicsLayerQtImpl::paint): 2011-05-17 Pavel Feldman <pfeldman@google.com> Reviewed by Yury Semikhatsky. Web Inspector: navigating from elements panel does not show source view. https://bugs.webkit.org/show_bug.cgi?id=60970 * inspector/front-end/TextViewer.js: (WebInspector.TextViewer.prototype.highlightLine): (WebInspector.TextEditorChunkedPanel.prototype.makeLineAChunk): 2011-05-17 Sam Magnuson <smagnuson@netflix.com> Reviewed by Kenneth Rohde Christiansen. [Qt] Node that have both an opacity and a transform animation on them seem not to fire. https://bugs.webkit.org/show_bug.cgi?id=40841 Test: compositing/animation/busy-indicator.html * platform/graphics/qt/GraphicsLayerQt.cpp: (WebCore::GraphicsLayerQtImpl::recache): (WebCore::GraphicsLayerQtImpl::flushChanges): (WebCore::GraphicsLayerQt::setContentsToImage): (WebCore::TransformAnimationQt::getAnimatedProperty): (WebCore::OpacityAnimationQt::getAnimatedProperty): (WebCore::GraphicsLayerQt::addAnimation): 2011-05-17 Grace Kloba <klobag@chromium.org> Reviewed by Kenneth Russell. GraphicsContext3DSkia needs to honor the platform Sk_x_SHIFT value instead of assuming BGRA color https://bugs.webkit.org/show_bug.cgi?id=60965 * platform/graphics/skia/GraphicsContext3DSkia.cpp: (WebCore::GraphicsContext3D::getImageData): 2011-05-17 Alexander Pavlov <apavlov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: Enter/Tab after editing a CSS property does not invoke editor on next field https://bugs.webkit.org/show_bug.cgi?id=60962 * inspector/front-end/ElementsPanel.js: (WebInspector.ElementsPanel.prototype.updateStyles): 2011-05-17 Sheriff Bot <webkit.review.bot@gmail.com> Unreviewed, rolling out r86660. http://trac.webkit.org/changeset/86660 https://bugs.webkit.org/show_bug.cgi?id=60958 broke search in console panel (Requested by podivilov on #webkit). * inspector/front-end/ConsoleView.js: (WebInspector.ConsoleView.prototype.show): (WebInspector.ConsoleView.prototype.afterShow): (WebInspector.ConsoleView.prototype.hide): (WebInspector.ConsoleView.prototype.addMessage): (WebInspector.ConsoleView.prototype.clearMessages): * inspector/front-end/DebuggerPresentationModel.js: (WebInspector.DebuggerPresentationModel): * inspector/front-end/Drawer.js: (WebInspector.Drawer.prototype.set visibleView): (WebInspector.Drawer.prototype.show.animationFinished): (WebInspector.Drawer.prototype.show): * inspector/front-end/Panel.js: (WebInspector.Panel): * inspector/front-end/ResourceTreeModel.js: (WebInspector.ResourceTreeModel): * inspector/front-end/inspector.html: * inspector/front-end/inspector.js: (WebInspector._createPanels): 2011-05-17 Alexis Menard <alexis.menard@openbossa.org> Unreviewed warning fix introduced by r86377. * rendering/RenderFieldset.cpp: (WebCore::RenderFieldset::paintMask): 2011-05-17 Yuta Kitamura <yutak@chromium.org> Reviewed by Kent Tamura. WebSocket: Uninline methods in ThreadableWebSocketChannelClientWrapper https://bugs.webkit.org/show_bug.cgi?id=60945 Add ThreadableWebSocketChannelClientWrapper.cpp. Uninline methods in this class and move these definitions into .cpp in order to allow further modifications in this class. No new tests, as this is just refactoring. * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * websockets/ThreadableWebSocketChannelClientWrapper.cpp: Added. (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper): (WebCore::ThreadableWebSocketChannelClientWrapper::create): (WebCore::ThreadableWebSocketChannelClientWrapper::clearSyncMethodDone): (WebCore::ThreadableWebSocketChannelClientWrapper::setSyncMethodDone): (WebCore::ThreadableWebSocketChannelClientWrapper::syncMethodDone): (WebCore::ThreadableWebSocketChannelClientWrapper::sent): (WebCore::ThreadableWebSocketChannelClientWrapper::setSent): (WebCore::ThreadableWebSocketChannelClientWrapper::bufferedAmount): (WebCore::ThreadableWebSocketChannelClientWrapper::setBufferedAmount): (WebCore::ThreadableWebSocketChannelClientWrapper::clearClient): (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect): (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage): (WebCore::ThreadableWebSocketChannelClientWrapper::didClose): (WebCore::ThreadableWebSocketChannelClientWrapper::suspend): (WebCore::ThreadableWebSocketChannelClientWrapper::resume): (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingEvents): * websockets/ThreadableWebSocketChannelClientWrapper.h: 2011-05-17 Andreas Kling <andreas.kling@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Qt] Support shadowed text in fast font path. https://bugs.webkit.org/show_bug.cgi?id=60462 * platform/graphics/Font.cpp: (WebCore::Font::drawText): Remove complex path shortcut for shadowed text. * platform/graphics/qt/FontQt.cpp: (WebCore::Font::drawGlyphs): Paint shadows for simple text. 2011-05-17 Andreas Kling <kling@webkit.org> Reviewed by Kenneth Rohde Christiansen. [Qt] Construct GraphicsLayerQtImpl::State with correct values. https://bugs.webkit.org/show_bug.cgi?id=60902 The GraphicsLayerQtImpl initial state should match the initial values of the corresponding GraphicsLayer flags. * platform/graphics/qt/GraphicsLayerQt.cpp: (WebCore::GraphicsLayerQtImpl::State::State): 2011-05-12 Hans Wennborg <hans@chromium.org> Reviewed by Steve Block. IndexedDB: Index population should ignore records without key for index https://bugs.webkit.org/show_bug.cgi?id=60697 When populating a new index, records which do not have a key on the index's key path should be ignored. * storage/IDBObjectStoreBackendImpl.cpp: 2011-05-17 Young Han Lee <joybro@company100.net> Reviewed by Csaba Osztrogonác. [Texmap][Qt] Enable strict PassOwnPtr for Qt with texmap enabled. https://bugs.webkit.org/show_bug.cgi?id=60947 No new tests. Build fix. * platform/graphics/qt/TextureMapperQt.cpp: (WebCore::TextureMapper::create): * platform/graphics/qt/TextureMapperQt.h: (WebCore::TextureMapperQt::create): * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp: (WebCore::GraphicsLayer::create): 2011-05-17 Alexander Pavlov <apavlov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: Increment/decrement of very big CSS numeric values results in invalid CSS https://bugs.webkit.org/show_bug.cgi?id=60890 * inspector/front-end/MetricsSidebarPane.js: (WebInspector.MetricsSidebarPane.prototype._handleKeyDown): * inspector/front-end/StylesSidebarPane.js: (WebInspector.StylesSidebarPane.alteredFloatNumber): (WebInspector.StylePropertyTreeElement.prototype): 2011-05-17 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: merge ConsoleView into ConsolePanel. https://bugs.webkit.org/show_bug.cgi?id=54670 Console view in drawer looks exactly the same as console panel. Merging ConsoleView and ConsolePanel together will allow us to reuse panel's functionality (e.g. resizable sidebar) even when console is docked. * inspector/front-end/ConsoleView.js: (WebInspector.ConsolePanel.prototype.get toolbarItemLabel): (WebInspector.ConsolePanel.prototype.show): (WebInspector.ConsolePanel.prototype.hide): (WebInspector.ConsolePanel.prototype.showInDrawer): (WebInspector.ConsolePanel.prototype.afterShowInDrawer): (WebInspector.ConsolePanel.prototype.hideInDrawer): (WebInspector.ConsolePanel.prototype.addMessage): (WebInspector.ConsolePanel.prototype.clearMessages): * inspector/front-end/DebuggerPresentationModel.js: (WebInspector.DebuggerPresentationModel): * inspector/front-end/Drawer.js: (WebInspector.Drawer.prototype.set visibleView): (WebInspector.Drawer.prototype.show.animationFinished): (WebInspector.Drawer.prototype.show): * inspector/front-end/Panel.js: (WebInspector.Panel): * inspector/front-end/ResourceTreeModel.js: (WebInspector.ResourceTreeModel): * inspector/front-end/inspector.html: * inspector/front-end/inspector.js: (WebInspector._createPanels): 2011-05-16 Yuta Kitamura <yutak@chromium.org> Reviewed by Kent Tamura. WebSocket: WebSocketHandshake prints a carriage return to console https://bugs.webkit.org/show_bug.cgi?id=60880 * websockets/WebSocketHandshake.cpp: (WebCore::WebSocketHandshake::readStatusLine): WebSocketHandshake should not print a carriage return to console. To fix this, we first check whether the status line ends with CRLF. After that, we can print the first (lineLength - 2) characters of the status line which do not contain a carriage return. 2011-05-16 MORITA Hajime <morrita@google.com> Unreviewed build fix for r86647, which broke SUPPORT_AUTOCORRECTION_PANEL. * editing/SpellingCorrectionController.cpp: (WebCore::markersHaveIdenticalDescription): (WebCore::SpellingCorrectionController::recordSpellcheckerResponseForModifiedCorrection): (WebCore::SpellingCorrectionController::processMarkersOnTextToBeReplacedByResult): 2011-05-16 Kent Tamura <tkent@chromium.org> Fix Leopard build. * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::stepUpFromRenderer): Use double instead of int. 2011-05-16 James Robinson <jamesr@chromium.org> Reviewed by Kenneth Russell. [chromium] Decouple LayerChromium/CCLayerImpl trees https://bugs.webkit.org/show_bug.cgi?id=58830 Makes the CCLayerImpl tree self-hosting and provides an explicit step to synchronize the LayerChromium tree to the CCLayerImpl tree. Tested by compositing/ layout tests and by unit tests in WebKit/chromium. * WebCore.gypi: * platform/graphics/chromium/CanvasLayerChromium.cpp: (WebCore::CanvasLayerChromium::createCCLayerImpl): * platform/graphics/chromium/LayerChromium.cpp: (WebCore::LayerChromium::LayerChromium): (WebCore::LayerChromium::~LayerChromium): (WebCore::LayerChromium::cleanupResources): (WebCore::LayerChromium::dumpLayer): (WebCore::LayerChromium::dumpLayerProperties): (WebCore::LayerChromium::createCCLayerImpl): (WebCore::LayerChromium::ccLayerImpl): * platform/graphics/chromium/LayerChromium.h: (WebCore::LayerChromium::id): (WebCore::LayerChromium::setCCLayerImpl): * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::updateAndDrawLayers): (WebCore::LayerRendererChromium::updateLayers): (WebCore::LayerRendererChromium::updatePropertiesAndRenderSurfaces): (WebCore::LayerRendererChromium::updateCompositorResourcesRecursive): * platform/graphics/chromium/LayerRendererChromium.h: * platform/graphics/chromium/PluginLayerChromium.cpp: (WebCore::PluginLayerChromium::createCCLayerImpl): * platform/graphics/chromium/TreeSynchronizer.cpp: Added. (WebCore::TreeSynchronizer::addCCLayerImplsToMapRecursive): (WebCore::TreeSynchronizer::synchronizeTreeRecursive): (WebCore::TreeSynchronizer::synchronizeTrees): * platform/graphics/chromium/TreeSynchronizer.h: * platform/graphics/chromium/VideoLayerChromium.cpp: (WebCore::VideoLayerChromium::createCCLayerImpl): * platform/graphics/chromium/cc/CCCanvasLayerImpl.cpp: (WebCore::CCCanvasLayerImpl::CCCanvasLayerImpl): * platform/graphics/chromium/cc/CCCanvasLayerImpl.h: (WebCore::CCCanvasLayerImpl::create): * platform/graphics/chromium/cc/CCLayerImpl.cpp: (WebCore::CCLayerImpl::CCLayerImpl): (WebCore::CCLayerImpl::addChild): (WebCore::CCLayerImpl::removeFromParent): (WebCore::CCLayerImpl::removeAllChildren): (WebCore::CCLayerImpl::clearChildList): (WebCore::CCLayerImpl::descendantsDrawsContent): (WebCore::CCLayerImpl::drawsContent): (WebCore::CCLayerImpl::updateCompositorResources): * platform/graphics/chromium/cc/CCLayerImpl.h: (WebCore::CCLayerImpl::create): (WebCore::CCLayerImpl::parent): (WebCore::CCLayerImpl::children): (WebCore::CCLayerImpl::setMaskLayer): (WebCore::CCLayerImpl::maskLayer): (WebCore::CCLayerImpl::setReplicaLayer): (WebCore::CCLayerImpl::replicaLayer): (WebCore::CCLayerImpl::id): (WebCore::CCLayerImpl::owner): (WebCore::CCLayerImpl::setParent): * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp: (WebCore::CCPluginLayerImpl::CCPluginLayerImpl): * platform/graphics/chromium/cc/CCPluginLayerImpl.h: (WebCore::CCPluginLayerImpl::create): * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp: (WebCore::CCVideoLayerImpl::CCVideoLayerImpl): * platform/graphics/chromium/cc/CCVideoLayerImpl.h: (WebCore::CCVideoLayerImpl::create): 2011-05-16 Naoki Takano <takano.naoki@gmail.com> Reviewed by Kent Tamura. HTML5 Number Spinbox displays a 0 in situations where a 0 is not between the min and max. https://bugs.webkit.org/show_bug.cgi?id=60871 Test: fast/forms/input-stepup-stepdown-from-renderer.html In number input type, if the value is not a number, including empty, the currect valued is assumed 0. But we have to handle it separately from the case when the value is actuall "0". * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::stepUpFromRenderer): Added cliping for default value. 2011-05-16 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Remove bogus ASSERT in Document::setCompatibilityMode https://bugs.webkit.org/show_bug.cgi?id=60935 The ASSERT is invalid when the parser is in the initial state and the document is non-empty, which is strange but not impossible. Test: fast/parser/append-child-followed-by-document-write.html * dom/Document.cpp: (WebCore::Document::setCompatibilityMode): 2011-05-16 MORITA Hajime <morrita@google.com> Reviewed by Tony Chang. [Refactoring] Member variables of DocumentMarker should be encapsulated. https://bugs.webkit.org/show_bug.cgi?id=56814 - Moved DocumentMarker's member variables to private and added getters for them. - Added DocumentMarker setters and constructors, which contain assertions against m_type values because description and activeMatch are used with specific type of MarkerType. - Moved chromium's WebKit::WebFrameImpl::addMarker() to DocumentMarkerController because it accesses DocumentMarker internals. - Moved a version of DMC::addMarker() to private and add alternatives that hide internals of DocumentMarker. (The internal will be renewed by upcoming change.) * dom/DocumentMarker.h: (WebCore::DocumentMarker::type): (WebCore::DocumentMarker::startOffset): (WebCore::DocumentMarker::endOffset): (WebCore::DocumentMarker::description): (WebCore::DocumentMarker::hasDescription): (WebCore::DocumentMarker::activeMatch): (WebCore::DocumentMarker::clearDescription): (WebCore::DocumentMarker::setStartOffset): (WebCore::DocumentMarker::setEndOffset): (WebCore::DocumentMarker::operator==): (WebCore::DocumentMarker::DocumentMarker): (WebCore::DocumentMarker::shiftOffsets): (WebCore::DocumentMarker::setActiveMatch): * dom/DocumentMarkerController.cpp: (WebCore::DocumentMarkerController::addMarker): (WebCore::DocumentMarkerController::addTextMatchMarker): (WebCore::DocumentMarkerController::copyMarkers): (WebCore::DocumentMarkerController::removeMarkers): (WebCore::DocumentMarkerController::markerContainingPoint): (WebCore::DocumentMarkerController::markersInRange): (WebCore::DocumentMarkerController::renderedRectsForMarkers): (WebCore::DocumentMarkerController::removeMarkersFromList): (WebCore::DocumentMarkerController::repaintMarkers): (WebCore::DocumentMarkerController::shiftMarkers): (WebCore::DocumentMarkerController::setMarkersActive): (WebCore::DocumentMarkerController::hasMarkers): (WebCore::DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange): (WebCore::DocumentMarkerController::showMarkers): * dom/DocumentMarkerController.h: * editing/CompositeEditCommand.cpp: (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers): * editing/DeleteSelectionCommand.cpp: (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection): * editing/Editor.cpp: (WebCore::Editor::selectionStartHasMarkerFor): * editing/SpellingCorrectionController.cpp: (WebCore::SpellingCorrectionController::respondToChangedSelection): * editing/SpellingCorrectionController.h: (WebCore::SpellingCorrectionController::shouldStartTimerFor): * rendering/HitTestResult.cpp: (WebCore::HitTestResult::spellingToolTip): (WebCore::HitTestResult::replacedString): * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::paintSpellingOrGrammarMarker): (WebCore::InlineTextBox::paintTextMatchMarker): (WebCore::InlineTextBox::computeRectForReplacementMarker): (WebCore::InlineTextBox::paintDocumentMarkers): * rendering/svg/SVGInlineFlowBox.cpp: (WebCore::SVGInlineFlowBox::computeTextMatchMarkerRectForRenderer): 2011-05-16 Martin Robinson <mrobinson@igalia.com> Fix the Cairo build for older versions of GTK+. * platform/gtk/GtkWidgetBackingStoreX11.cpp: Include GtkVersioning.h to satisfy older versions of GTK+ 2.x. 2011-05-16 Ian Henderson <ianh@apple.com> Reviewed by Joseph Pecoraro. Page::goToItem doesn't work while loading is deferred https://bugs.webkit.org/show_bug.cgi?id=60412 If goToItem is called while loading is deferred, save the arguments and try again later instead of doing nothing. Test: loader/navigation-while-deferring-loads.html * loader/FrameLoader.cpp: (WebCore::FrameLoader::setDefersLoading): Pipe the "defersLoading" state into HistoryController. * loader/HistoryController.cpp: (WebCore::HistoryController::HistoryController): (WebCore::HistoryController::goToItem): Save the HistoryItem and FrameLoadType if loading is deferred. (WebCore::HistoryController::setDefersLoading): If we have a saved HistoryItem after resuming, try going to it. * loader/HistoryController.h: * page/Page.cpp: (WebCore::Page::goToItem): No longer bail early if loading is deferred, since HistoryController now handles this case. 2011-05-16 Andrew Wilson <atwilson@chromium.org> Unreviewed, rolling out r86625. http://trac.webkit.org/changeset/86625 https://bugs.webkit.org/show_bug.cgi?id=60719 Caused failed assertion on Chromium gpu canary bots * WebCore.gypi: * platform/chromium/TraceEvent.h: * platform/graphics/chromium/ContentLayerChromium.cpp: (WebCore::ContentLayerChromium::create): (WebCore::ContentLayerChromium::ContentLayerChromium): (WebCore::ContentLayerChromium::~ContentLayerChromium): (WebCore::ContentLayerChromium::paintContentsIfDirty): (WebCore::ContentLayerChromium::setLayerRenderer): (WebCore::ContentLayerChromium::createTilerIfNeeded): (WebCore::ContentLayerChromium::updateCompositorResources): * platform/graphics/chromium/ContentLayerChromium.h: (WebCore::ContentLayerChromium::drawsContent): * platform/graphics/chromium/ImageLayerChromium.cpp: (WebCore::ImageLayerChromium::paintContentsIfDirty): (WebCore::ImageLayerChromium::updateCompositorResources): * platform/graphics/chromium/ImageLayerChromium.h: * platform/graphics/chromium/LayerPainterChromium.h: Removed. * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::create): (WebCore::LayerRendererChromium::LayerRendererChromium): (WebCore::LayerRendererChromium::updateRootLayerContents): (WebCore::LayerRendererChromium::drawRootLayer): (WebCore::LayerRendererChromium::updateAndDrawLayers): (WebCore::LayerRendererChromium::updateLayers): * platform/graphics/chromium/LayerRendererChromium.h: * platform/graphics/chromium/LayerTextureSubImage.cpp: Removed. * platform/graphics/chromium/LayerTextureSubImage.h: Removed. * platform/graphics/chromium/LayerTextureUpdater.h: Removed. * platform/graphics/chromium/LayerTextureUpdaterCanvas.cpp: Removed. * platform/graphics/chromium/LayerTextureUpdaterCanvas.h: Removed. * platform/graphics/chromium/LayerTilerChromium.cpp: (WebCore::LayerTilerChromium::create): (WebCore::LayerTilerChromium::LayerTilerChromium): (WebCore::LayerTilerChromium::setLayerRenderer): (WebCore::LayerTilerChromium::setTileSize): (WebCore::LayerTilerChromium::update): (WebCore::LayerTilerChromium::uploadCanvas): (WebCore::LayerTilerChromium::updateFromPixels): (WebCore::LayerTilerChromium::draw): * platform/graphics/chromium/LayerTilerChromium.h: (WebCore::LayerTilerChromium::Tile::Tile): * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp: (WebCore::CCHeadsUpDisplay::draw): 2011-05-16 Antti Koivisto <antti@apple.com> Reviewed by Dave Kilzer. https://bugs.webkit.org/show_bug.cgi?id=60927 fastCheckSelector() does not inline correctly in all cases Use anonymous namespace instead of static qualifier to get internal linkage. Use functions as template arguments instead of classes. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::SelectorChecker::fastCheckSelector): 2011-05-16 Chris Rogers <crogers@google.com> Unreviewed build fix. Just return "nullptr" to fix compile errors https://bugs.webkit.org/show_bug.cgi?id=60932 * platform/audio/mac/AudioBusMac.mm: (WebCore::AudioBus::loadPlatformResource): * platform/audio/mac/AudioFileReaderMac.cpp: (WebCore::AudioFileReader::createBus): 2011-05-16 Emil A Eklund <eae@chromium.org> Reviewed by Eric Seidel. Replace docTop/Right/Bottom/Left/Width/Height with documentRect https://bugs.webkit.org/show_bug.cgi?id=60743 Change RenderView::documentRect to compute rect once rather than four times. Replace all uses of docTop/Right/Bottom/Left/Width/Height with documentRect to simplify the code and reduce complexity. Covered by existing tests. * WebCore.exp.in: * page/FrameView.cpp: (WebCore::FrameView::adjustViewSize): (WebCore::FrameView::forceLayoutForPagination): * page/PrintContext.cpp: (WebCore::PrintContext::computePageRects): * rendering/RenderBox.cpp: (WebCore::RenderBox::paintRootBoxFillLayers): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::updateRootLayerPosition): * rendering/RenderView.cpp: (WebCore::RenderView::documentRect): * rendering/RenderView.h: 2011-05-16 Tony Chang <tony@chromium.org> Reviewed by Adam Barth. [chromium] shard V8DerivedSources into 19 files https://bugs.webkit.org/show_bug.cgi?id=60926 This reduces the clobber build time by 4s on my machine. It helps by making the slowest to compile V8DerivedSources faster (and thus more parallelizable). With 8 files, the 3 slowest are 23s, 18s and 10s. With 19 files, the 3 slowest are 16s, 10s, and 10s. * WebCore.gyp/WebCore.gyp: * storage/IDBObjectStore.h: Fix a missing include that was working because a different .cpp file before it was including the header. 2011-05-16 Chris Rogers <crogers@google.com> Unreviewed build fix. Fix web audio enabled mac port compile errors https://bugs.webkit.org/show_bug.cgi?id=60930 * platform/audio/mac/AudioBusMac.mm: (WebCore::AudioBus::loadPlatformResource): * platform/audio/mac/AudioFileReaderMac.cpp: (WebCore::AudioFileReader::createBus): 2011-05-16 Eric Seidel <eric@webkit.org> Reviewed by Adam Barth. Document why RenderBlockLineLayout has its own deleteLineBoxTree implementation https://bugs.webkit.org/show_bug.cgi?id=60925 I suspect this difference is really just papering over other bugs but now that I finally understand the difference, I should at least document it for others. * rendering/RenderBlockLineLayout.cpp: (WebCore::deleteLineRange): (WebCore::RenderBlock::determineStartPosition): 2011-05-16 Alok Priyadarshi <alokp@chromium.org> Reviewed by James Robinson. [chromium] Split canvas from LayerTilerChromium https://bugs.webkit.org/show_bug.cgi?id=60719 LayerTilerChromium now just does tiling. It delegates the task of painting and updating textures to LayerTextureUpdater. Also abstracted LayerTextureSubImage to upload texture pixels. * WebCore.gypi: * platform/chromium/TraceEvent.h: * platform/graphics/chromium/ContentLayerChromium.cpp: (WebCore::ContentLayerChromium::create): (WebCore::ContentLayerChromium::ContentLayerChromium): (WebCore::ContentLayerChromium::~ContentLayerChromium): (WebCore::ContentLayerChromium::paintContentsIfDirty): (WebCore::ContentLayerChromium::cleanupResources): (WebCore::ContentLayerChromium::setLayerRenderer): (WebCore::ContentLayerChromium::createTextureUpdater): (WebCore::ContentLayerChromium::drawsContent): (WebCore::ContentLayerChromium::createTilerIfNeeded): (WebCore::ContentLayerChromium::updateCompositorResources): * platform/graphics/chromium/ContentLayerChromium.h: * platform/graphics/chromium/ImageLayerChromium.cpp: (WebCore::ImageLayerTextureUpdater::ImageLayerTextureUpdater): (WebCore::ImageLayerTextureUpdater::~ImageLayerTextureUpdater): (WebCore::ImageLayerTextureUpdater::orientation): (WebCore::ImageLayerTextureUpdater::prepareToUpdate): (WebCore::ImageLayerTextureUpdater::updateTextureRect): (WebCore::ImageLayerTextureUpdater::imageRect): (WebCore::ImageLayerChromium::paintContentsIfDirty): (WebCore::ImageLayerChromium::updateCompositorResources): (WebCore::ImageLayerChromium::createTextureUpdater): * platform/graphics/chromium/ImageLayerChromium.h: * platform/graphics/chromium/LayerPainterChromium.h: Added. * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::create): (WebCore::LayerRendererChromium::LayerRendererChromium): (WebCore::LayerRendererChromium::updateRootLayerContents): (WebCore::LayerRendererChromium::drawRootLayer): (WebCore::LayerRendererChromium::updateAndDrawLayers): (WebCore::LayerRendererChromium::updateLayers): * platform/graphics/chromium/LayerRendererChromium.h: * platform/graphics/chromium/LayerTextureSubImage.cpp: Added. (WebCore::LayerTextureSubImage::LayerTextureSubImage): (WebCore::LayerTextureSubImage::~LayerTextureSubImage): (WebCore::LayerTextureSubImage::setSubImageSize): (WebCore::LayerTextureSubImage::upload): (WebCore::LayerTextureSubImage::uploadWithTexSubImage): (WebCore::LayerTextureSubImage::uploadWithMapTexSubImage): * platform/graphics/chromium/LayerTextureSubImage.h: Added. * platform/graphics/chromium/LayerTextureUpdater.h: Added. (WebCore::LayerTextureUpdater::LayerTextureUpdater): (WebCore::LayerTextureUpdater::~LayerTextureUpdater): (WebCore::LayerTextureUpdater::context): * platform/graphics/chromium/LayerTextureUpdaterCanvas.cpp: Added. (WebCore::LayerTextureUpdaterCanvas::LayerTextureUpdaterCanvas): (WebCore::LayerTextureUpdaterCanvas::paintContents): (WebCore::LayerTextureUpdaterBitmap::LayerTextureUpdaterBitmap): (WebCore::LayerTextureUpdaterBitmap::prepareToUpdate): (WebCore::LayerTextureUpdaterBitmap::updateTextureRect): * platform/graphics/chromium/LayerTextureUpdaterCanvas.h: Added. (WebCore::LayerTextureUpdaterCanvas::~LayerTextureUpdaterCanvas): (WebCore::LayerTextureUpdaterCanvas::contentRect): (WebCore::LayerTextureUpdaterBitmap::~LayerTextureUpdaterBitmap): (WebCore::LayerTextureUpdaterBitmap::orientation): * platform/graphics/chromium/LayerTilerChromium.cpp: (WebCore::LayerTilerChromium::create): (WebCore::LayerTilerChromium::LayerTilerChromium): (WebCore::LayerTilerChromium::setTileSize): (WebCore::LayerTilerChromium::prepareToUpdate): (WebCore::LayerTilerChromium::updateRect): (WebCore::LayerTilerChromium::draw): * platform/graphics/chromium/LayerTilerChromium.h: (WebCore::LayerTilerChromium::Tile::Tile): * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp: (WebCore::CCHeadsUpDisplay::draw): 2011-05-16 Andrew Wilson <atwilson@chromium.org> Unreviewed prospective build fix/workaround for chromium ARM compiler error. * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::animationNameForTransition): 2011-05-16 Martin Robinson <mrobinson@igalia.com> Reviewed by Anders Carlsson. [GTK] [WebKit2] Provide a fast version of the backing store for X11 https://bugs.webkit.org/show_bug.cgi?id=60912 No new tests. This will be covered by WebKit2 pixel tests. * GNUmakefile.list.am: Added new GtkWidgetBackingStore source and header files. * platform/gtk/GtkWidgetBackingStore.h: Added. * platform/gtk/GtkWidgetBackingStoreCairo.cpp: Added this implementation of the backing store that uses Cairo and has the same performance characteristics as the WebKit2 implementaiton. * platform/gtk/GtkWidgetBackingStoreX11.cpp: Added this implementation of the backing store that uses X11 directly and has better performance than the Cairo version. 2011-05-16 Chris Rogers <crogers@google.com> Reviewed by senorblanco@chromium.org. Add DynamicsCompressorNode implementation https://bugs.webkit.org/show_bug.cgi?id=60682 No new tests since audio API is not yet implemented. * DerivedSources.make: * WebCore.gypi: * WebCore.xcodeproj/project.pbxproj: * platform/audio/DynamicsCompressor.cpp: Added. (WebCore::DynamicsCompressor::DynamicsCompressor): (WebCore::DynamicsCompressor::initializeParameters): (WebCore::DynamicsCompressor::parameterValue): (WebCore::DynamicsCompressor::setEmphasisStageParameters): (WebCore::DynamicsCompressor::setEmphasisParameters): (WebCore::DynamicsCompressor::process): (WebCore::DynamicsCompressor::reset): * platform/audio/DynamicsCompressor.h: Added. (WebCore::DynamicsCompressor::isStereo): (WebCore::DynamicsCompressor::sampleRate): (WebCore::DynamicsCompressor::nyquist): * platform/audio/DynamicsCompressorKernel.cpp: Added. (WebCore::saturate): (WebCore::DynamicsCompressorKernel::DynamicsCompressorKernel): (WebCore::DynamicsCompressorKernel::setPreDelayTime): (WebCore::DynamicsCompressorKernel::process): (WebCore::DynamicsCompressorKernel::reset): * platform/audio/DynamicsCompressorKernel.h: Added. (WebCore::DynamicsCompressorKernel::latencyFrames): (WebCore::DynamicsCompressorKernel::sampleRate): * platform/audio/ZeroPole.cpp: Added. (WebCore::ZeroPole::process): * platform/audio/ZeroPole.h: Added. (WebCore::ZeroPole::ZeroPole): (WebCore::ZeroPole::reset): (WebCore::ZeroPole::setZero): (WebCore::ZeroPole::setPole): (WebCore::ZeroPole::zero): (WebCore::ZeroPole::pole): * webaudio/AudioContext.cpp: (WebCore::AudioContext::createDynamicsCompressor): * webaudio/AudioContext.h: * webaudio/AudioContext.idl: * webaudio/AudioNode.h: * webaudio/DynamicsCompressorNode.cpp: Added. (WebCore::DynamicsCompressorNode::DynamicsCompressorNode): (WebCore::DynamicsCompressorNode::~DynamicsCompressorNode): (WebCore::DynamicsCompressorNode::process): (WebCore::DynamicsCompressorNode::reset): (WebCore::DynamicsCompressorNode::initialize): (WebCore::DynamicsCompressorNode::uninitialize): * webaudio/DynamicsCompressorNode.h: Added. (WebCore::DynamicsCompressorNode::create): * webaudio/DynamicsCompressorNode.idl: Added. 2011-05-16 Yuzo Fujishima <yuzo@google.com> Reviewed by Antti Koivisto. Fix for Bug 43704 - Web font is printed as blank if it is not cached https://bugs.webkit.org/show_bug.cgi?id=43704 In setting printing, we should not validate resources already cached for the document. If we do, web fonts used for screen are revalidated and possiby reloaded. Then the fonts can be shown as blank on print. This patch won't save the case where screen and print use different web fonts. Nonetheless, this is an improvement. No new tests because there seems to be no good way to test print images. * editing/Editor.cpp: (WebCore::Editor::paste): Use ResourceCacheValidationSuppressor instead of explicitly allowing/disallowing stale resources. * loader/cache/CachedResourceLoader.h: (WebCore::ResourceCacheValidationSuppressor::ResourceCacheValidationSuppressor): RAII class for allowing/disallowing stale resources. (WebCore::ResourceCacheValidationSuppressor::~ResourceCacheValidationSuppressor): * page/DragController.cpp: (WebCore::DragController::concludeEditDrag): Use ResourceCacheValidationSuppressor instead of explicitly allowing/disallowing stale resources. * page/Frame.cpp: (WebCore::Frame::setPrinting): Use ResourceCacheValidationSuppressor to allow stale resources in printing. 2011-05-16 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. <rdar://problem/9446653> REGRESSION (r84750): Moving by word stops at apostrophe mid-word https://bugs.webkit.org/show_bug.cgi?id=60915 CFStringTokenizer’s kCFStringTokenizerUnitWord considers “Here’s” as two separate tokens. Switching to CFStringTokenizer in r84750 was an attempt to address an issue with Japanese word boundaries for searches with WebFindOptionsAtWordStarts, but it turned out to be insufficient, and in r86387 the Japanese word issue was addressed independently of text boundaries, so just revert r84750. * platform/text/mac/TextBoundaries.mm: (WebCore::findNextWordFromIndex): 2011-05-16 David Kilzer <ddkilzer@apple.com> <http://webkit.org/b/60913> C++ exceptions should not be enabled when building with llvm-gcc-4.2 <rdar://problem/9446430> Reviewed by Mark Rowe. * Configurations/Base.xcconfig: Fixed typo. 2011-05-16 Jon Lee <jonlee@apple.com> Fix for broken regression tests. Adding null pointer check * page/FrameView.cpp: (WebCore::FrameView::didAddHorizontalScrollbar): (WebCore::FrameView::willRemoveHorizontalScrollbar): 2011-05-16 Adrienne Walker <enne@google.com> Reviewed by James Robinson. [chromium] Remove unused member variables from LayerRendererChromium https://bugs.webkit.org/show_bug.cgi?id=60899 These should have been removed when tiling was enabled for root layers. * platform/graphics/chromium/LayerRendererChromium.h: 2011-05-16 Andrew Wilson <atwilson@chromium.org> Unreviewed, rolling out r86589. http://trac.webkit.org/changeset/86589 https://bugs.webkit.org/show_bug.cgi?id=54670 Broke chromium inspector tests. * inspector/front-end/ConsoleView.js: (WebInspector.ConsoleView.prototype.show): (WebInspector.ConsoleView.prototype.afterShow): (WebInspector.ConsoleView.prototype.hide): (WebInspector.ConsoleView.prototype.addMessage): (WebInspector.ConsoleView.prototype.clearMessages): * inspector/front-end/DebuggerPresentationModel.js: (WebInspector.DebuggerPresentationModel): * inspector/front-end/Drawer.js: (WebInspector.Drawer.prototype.set visibleView): (WebInspector.Drawer.prototype.show.animationFinished): (WebInspector.Drawer.prototype.show): * inspector/front-end/Panel.js: (WebInspector.Panel): * inspector/front-end/ResourceTreeModel.js: (WebInspector.ResourceTreeModel): * inspector/front-end/inspector.html: * inspector/front-end/inspector.js: (WebInspector._createPanels): 2011-05-16 Brian Weinstein <bweinstein@apple.com> Reviewed by Enrica Casucci. REGRESSION (r86542): Dropping URL onto Desktop creates broken Internet Shortcut file. r86477 fixed this bug by using latin1 as the CString's encoding instead of ascii, but r86542 undid this change. Change it back to latin1 to fix the bug. * platform/win/ClipboardWin.cpp: (WebCore::ClipboardWin::writeURL): 2011-05-16 Jeremy Noble <jer.noble@apple.com> Unreviewed; build fix for non-SnowLeopard builds. * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: Wrap definition of layerIsDescendentOf in a #if check. 2011-05-16 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: merge ConsoleView into ConsolePanel. https://bugs.webkit.org/show_bug.cgi?id=54670 Console view in drawer looks exactly the same as console panel. Merging ConsoleView and ConsolePanel together will allow us to reuse panel's functionality (e.g. resizable sidebar) even when console is docked. * inspector/front-end/ConsoleView.js: (WebInspector.ConsolePanel.prototype.get toolbarItemLabel): (WebInspector.ConsolePanel.prototype.show): (WebInspector.ConsolePanel.prototype.hide): (WebInspector.ConsolePanel.prototype.showInDrawer): (WebInspector.ConsolePanel.prototype.afterShowInDrawer): (WebInspector.ConsolePanel.prototype.hideInDrawer): (WebInspector.ConsolePanel.prototype.addMessage): (WebInspector.ConsolePanel.prototype.clearMessages): * inspector/front-end/DebuggerPresentationModel.js: (WebInspector.DebuggerPresentationModel): * inspector/front-end/Drawer.js: (WebInspector.Drawer.prototype.set visibleView): (WebInspector.Drawer.prototype.show.animationFinished): (WebInspector.Drawer.prototype.show): * inspector/front-end/Panel.js: (WebInspector.Panel): * inspector/front-end/ResourceTreeModel.js: (WebInspector.ResourceTreeModel): * inspector/front-end/inspector.html: * inspector/front-end/inspector.js: (WebInspector._createPanels): 2011-05-13 Jer Noble <jer.noble@apple.com> Reviewed by Simon Fraser. Video is blank, controller is misplaced on trailers.apple.com movie in fullscreen (with two screens) https://bugs.webkit.org/show_bug.cgi?id=60826 Listen for a WebKitLayerHostChanged notification and, if the affected layer is an ancestor layer of the qtMovieLayer, tear down the layer and recreate it the next time setVisible(true) is called. * dom/Document.cpp: (WebCore::Document::webkitDidEnterFullScreenForElement): Call setFullScreenRootLayer(0) before disabling animation on the full screen renderer. * platform/graphics/mac/MediaPlayerPrivateQTKit.h: * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: (WebCore::MediaPlayerPrivateQTKit::createQTMovie): Register an observer for the new WebKitLayerHostChanged notification. (WebCore::layerIsDescendentOf): Added. (WebCore::MediaPlayerPrivateQTKit::layerHostChanged): Added. If the changed layer is an ancestor of the movie layer, tear down rendering and re- create the next time setVisible(true) is called. (-[WebCoreMovieObserver layerHostChanged:]): Added ObjC listener wrapper. 2011-05-16 Adam Barth <abarth@webkit.org> Reviewed by Darin Adler. Remove disable-javascript-urls CSP directive https://bugs.webkit.org/show_bug.cgi?id=60874 After talking this out with various folks in the CSP working group, we decided that this syntax isn't the right way to approach this issue. If we want to address the use case of enabling JavaScript URLs separately from inline script, we'll probably just make script-src javascript: work that way. * page/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): (WebCore::ContentSecurityPolicy::addDirective): * page/ContentSecurityPolicy.h: 2011-05-16 Jon Lee <jonlee@apple.com> Reviewed by Simon Fraser. Can't horizontally scroll iframes and overflow because wheel events are always accepted https://bugs.webkit.org/show_bug.cgi?id=60779 * dom/Document.cpp: (WebCore::Document::Document): Initialize wheel event handler count (WebCore::Document::didAddWheelEventHandler): Increment count, and tell the main frame to recalculate the total number of wheel event handlers in all of its frames' documents (WebCore::Document::didRemoveWheelEventHandler): Reverse of previous method * dom/Document.h: (WebCore::Document::wheelEventHandlerCount): Access the count * dom/Node.cpp: (WebCore::tryAddEventListener): If the event listener is a mouse wheel event, then tell the document to increment its count (WebCore::tryRemoveEventListener): Reverse of previous method * page/ChromeClient.h: Two new methods: numWheelEventHandlersChanged: WebProcess tells UIProcess to update its cached count of total wheel event handlers, which in this case only include horizontal scrollbars and mouse wheel JS handlers shouldRubberBandInDirection: allow the UIProcess to provide some control over whether rubber banding is allowed when scrolling in a particular direction * loader/EmptyClients.h: (WebCore::EmptyChromeClient::numWheelEventHandlersChanged): Default empty impl (WebCore::EmptyChromeClient::shouldRubberBandInDirection): Default empty impl * page/EventHandler.cpp: (WebCore::EventHandler::handleWheelEvent): Remove a redundant pointer check * page/Frame.cpp: (WebCore::Frame::setDocument): When the frame's document changes, calculate that document's total wheel event handlers, and notify the UIProcess (WebCore::Frame::notifyChromeClientWheelEventHandlerCountChanged): Performs a crawl of the frame tree to aggregate the count * page/Frame.h: * platform/ScrollableArea.h: Virtualize didAddHorizontalScrollbar and willRemoveHorizontalScrollbar for overriding in RenderLayer and FrameView (WebCore::ScrollableArea::isHorizontalScrollerPinnedToMinimumPosition): Returns true if there is no scrollbar or the scroller position is in the minimum scroll position. (WebCore::ScrollableArea::isHorizontalScrollerPinnedToMaximumPosition): Converse of the above. (WebCore::ScrollableArea::shouldRubberBandInDirection): Default impl * page/FrameView.cpp: (WebCore::FrameView::didAddHorizontalScrollbar): Updates the frame's document's count (WebCore::FrameView::willRemoveHorizontalScrollbar): Updates the frame's document's count (WebCore::FrameView::shouldRubberBandInDirection): Connective glue * page/FrameView.h: Adding overriding methods from ScrollableArea * rendering/RenderLayer.cpp: Similar functionality to FrameView (WebCore::RenderLayer::didAddHorizontalScrollbar): (WebCore::RenderLayer::willRemoveHorizontalScrollbar): * rendering/RenderLayer.h: * platform/mac/ScrollAnimatorMac.h: Fix typo of "momentum" * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): Fix typo of "momentum" (WebCore::ScrollAnimatorMac::smoothScrollWithEvent): Fix typo of "coalesced" (WebCore::ScrollAnimatorMac::beginScrollGesture): Fix typo of "coalesced" (WebCore::ScrollAnimatorMac::snapRubberBand): Fix typo of "momentum" (WebCore::ScrollAnimatorMac::handleWheelEvent): New logic for determining whether to allow rubber-banding based on the area's scroll position and the wheel event. Could prevent accepting the wheel event. Also, fix typo of "momentum" (WebCore::isScrollingLeftAndShouldNotRubberBand): Inline helper function for logic (WebCore::isScrollingRightAndShouldNotRubberBand): Inline helper function for logic 2011-05-16 Leandro Gracia Gil <leandrogracia@chromium.org> Reviewed by Tony Gentilcore. Media Stream API: add local stream requests. https://bugs.webkit.org/show_bug.cgi?id=60177 Add the code and messages for requesting the generation of local streams and getting the reply back. Tests for the Media Stream API will be provided by the bug 56587. One test is re-enabled with this patch. Test: fast/dom/MediaStream/argument-types.html * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * page/CallbackTask.h: Added. (WebCore::CallbackTask1::create): (WebCore::CallbackTask1::performTask): (WebCore::CallbackTask1::Scheduler::scheduleCallback): (WebCore::CallbackTask1::CallbackTask1): * page/MediaStreamClient.h: * page/MediaStreamController.cpp: (WebCore::MediaStreamController::isClientAvailable): (WebCore::MediaStreamController::unregisterFrameController): (WebCore::MediaStreamController::registerRequest): (WebCore::MediaStreamController::registerStream): (WebCore::MediaStreamController::generateStream): (WebCore::MediaStreamController::streamGenerated): (WebCore::MediaStreamController::streamGenerationFailed): * page/MediaStreamController.h: * page/MediaStreamFrameController.cpp: (WebCore::MediaStreamFrameController::GenerateStreamRequest::GenerateStreamRequest): (WebCore::MediaStreamFrameController::GenerateStreamRequest::~GenerateStreamRequest): (WebCore::MediaStreamFrameController::GenerateStreamRequest::isGenerateStreamRequest): (WebCore::MediaStreamFrameController::GenerateStreamRequest::abort): (WebCore::MediaStreamFrameController::GenerateStreamRequest::successCallback): (WebCore::MediaStreamFrameController::GenerateStreamRequest::errorCallback): (WebCore::::unregisterAll): (WebCore::::detachEmbedder): (WebCore::MediaStreamFrameController::MediaStreamFrameController): (WebCore::MediaStreamFrameController::pageController): (WebCore::MediaStreamFrameController::unregister): (WebCore::MediaStreamFrameController::enterDetachedState): (WebCore::MediaStreamFrameController::isClientAvailable): (WebCore::MediaStreamFrameController::disconnectFrame): (WebCore::MediaStreamFrameController::parseGenerateStreamOptions): (WebCore::MediaStreamFrameController::generateStream): (WebCore::MediaStreamFrameController::streamGenerated): (WebCore::MediaStreamFrameController::streamGenerationFailed): * page/MediaStreamFrameController.h: (WebCore::MediaStreamFrameController::ClientBase::ClientBase): (WebCore::MediaStreamFrameController::ClientBase::~ClientBase): (WebCore::MediaStreamFrameController::ClientBase::mediaStreamFrameController): (WebCore::MediaStreamFrameController::ClientBase::clientId): (WebCore::MediaStreamFrameController::ClientBase::isStream): (WebCore::MediaStreamFrameController::ClientBase::isGeneratedStream): (WebCore::MediaStreamFrameController::ClientBase::detachEmbedder): (WebCore::MediaStreamFrameController::ClientBase::associateFrameController): (WebCore::MediaStreamFrameController::ClientBase::unregisterClient): (WebCore::MediaStreamFrameController::StreamClient::StreamClient): (WebCore::MediaStreamFrameController::StreamClient::~StreamClient): (WebCore::MediaStreamFrameController::StreamClient::isStream): (WebCore::MediaStreamFrameController::StreamClient::unregister): (WebCore::MediaStreamFrameController::IdGenerator::IdGenerator): (WebCore::MediaStreamFrameController::IdGenerator::getNextId): (WebCore::MediaStreamFrameController::ClientMapBase::ClientMapBase): * page/Navigator.cpp: (WebCore::Navigator::webkitGetUserMedia): * page/NavigatorUserMediaErrorCallback.h: 2011-05-16 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: debuggerWasEnabled notification should not be send to front-end on navigation. https://bugs.webkit.org/show_bug.cgi?id=60888 * inspector/InspectorController.cpp: (WebCore::InspectorController::disableDebugger): * inspector/InspectorDebuggerAgent.cpp: (WebCore::InspectorDebuggerAgent::enable): (WebCore::InspectorDebuggerAgent::disable): (WebCore::InspectorDebuggerAgent::restore): (WebCore::InspectorDebuggerAgent::clearFrontend): * inspector/InspectorDebuggerAgent.h: 2011-05-16 Yury Semikhatsky <yurys@chromium.org> Unreviewed. Windows build fix. * inspector/InspectorConsoleInstrumentation.h: (WebCore::InspectorInstrumentation::consoleMarkTimeline): 2011-05-16 Yury Semikhatsky <yurys@chromium.org> Unreviewed. Build fix. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::willStartWorkerContext): 2011-05-11 Yury Semikhatsky <yurys@chromium.org> Reviewed by Pavel Feldman. Web Inspector: use InstrumentingAgents to access agents from InspectorInstrumentation https://bugs.webkit.org/show_bug.cgi?id=60624 InspectorInstrumentation retrieves inspector agents from corresponding InstrumentingAgents instance. Each agent notifies InstrumentingAgents whenever it wants to receive notifications about changes in WebCore. * inspector/InspectorAgent.cpp: (WebCore::InspectorAgent::InspectorAgent): (WebCore::InspectorAgent::inspectedPageDestroyed): * inspector/InspectorAgent.h: * inspector/InspectorConsoleInstrumentation.h: (WebCore::InspectorInstrumentation::addMessageToConsole): (WebCore::InspectorInstrumentation::consoleCount): (WebCore::InspectorInstrumentation::startConsoleTiming): (WebCore::InspectorInstrumentation::stopConsoleTiming): (WebCore::InspectorInstrumentation::consoleMarkTimeline): (WebCore::InspectorInstrumentation::addStartProfilingMessageToConsole): (WebCore::InspectorInstrumentation::addProfile): (WebCore::InspectorInstrumentation::profilerEnabled): (WebCore::InspectorInstrumentation::getCurrentUserInitiatedProfileName): * inspector/InspectorController.cpp: (WebCore::InspectorController::InspectorController): (WebCore::InspectorController::inspectedPageDestroyed): (WebCore::InspectorController::didClearWindowObjectInWorld): (WebCore::InspectorController::inspectedPage): * inspector/InspectorController.h: * inspector/InspectorDatabaseInstrumentation.h: FAST_RETURN_IF_NO_FRONTENDS macros is used for early return in common case when inspector is not opened. In this case inspector instrumentation costs one additional check of a static field. (WebCore::InspectorInstrumentation::didOpenDatabase): * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::instrumentingAgents): (WebCore::InspectorInstrumentation::didClearWindowObjectInWorldImpl): (WebCore::InspectorInstrumentation::inspectedPageDestroyedImpl): (WebCore::InspectorInstrumentation::willInsertDOMNodeImpl): (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl): (WebCore::InspectorInstrumentation::willRemoveDOMNodeImpl): (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl): (WebCore::InspectorInstrumentation::willModifyDOMAttrImpl): (WebCore::InspectorInstrumentation::didModifyDOMAttrImpl): (WebCore::InspectorInstrumentation::didInvalidateStyleAttrImpl): (WebCore::InspectorInstrumentation::mouseDidMoveOverElementImpl): (WebCore::InspectorInstrumentation::handleMousePressImpl): (WebCore::InspectorInstrumentation::characterDataModifiedImpl): (WebCore::InspectorInstrumentation::willSendXMLHttpRequestImpl): (WebCore::InspectorInstrumentation::didScheduleResourceRequestImpl): (WebCore::InspectorInstrumentation::didInstallTimerImpl): (WebCore::InspectorInstrumentation::didRemoveTimerImpl): (WebCore::InspectorInstrumentation::willCallFunctionImpl): (WebCore::InspectorInstrumentation::willChangeXHRReadyStateImpl): (WebCore::InspectorInstrumentation::willDispatchEventImpl): (WebCore::InspectorInstrumentation::willDispatchEventOnWindowImpl): (WebCore::InspectorInstrumentation::willEvaluateScriptImpl): (WebCore::InspectorInstrumentation::willFireTimerImpl): (WebCore::InspectorInstrumentation::willLayoutImpl): (WebCore::InspectorInstrumentation::willLoadXHRImpl): (WebCore::InspectorInstrumentation::willPaintImpl): (WebCore::InspectorInstrumentation::willRecalculateStyleImpl): (WebCore::InspectorInstrumentation::applyUserAgentOverrideImpl): (WebCore::InspectorInstrumentation::willSendRequestImpl): (WebCore::InspectorInstrumentation::continueAfterPingLoaderImpl): (WebCore::InspectorInstrumentation::markResourceAsCachedImpl): (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl): (WebCore::InspectorInstrumentation::willReceiveResourceDataImpl): (WebCore::InspectorInstrumentation::willReceiveResourceResponseImpl): (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl): (WebCore::InspectorInstrumentation::didReceiveContentLengthImpl): (WebCore::InspectorInstrumentation::didFinishLoadingImpl): (WebCore::InspectorInstrumentation::didFailLoadingImpl): (WebCore::InspectorInstrumentation::resourceRetrievedByXMLHttpRequestImpl): (WebCore::InspectorInstrumentation::scriptImportedImpl): (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl): (WebCore::InspectorInstrumentation::loadEventFiredImpl): (WebCore::InspectorInstrumentation::frameDetachedFromParentImpl): (WebCore::InspectorInstrumentation::didCommitLoadImpl): (WebCore::InspectorInstrumentation::willWriteHTMLImpl): (WebCore::InspectorInstrumentation::addMessageToConsoleImpl): (WebCore::InspectorInstrumentation::consoleCountImpl): (WebCore::InspectorInstrumentation::startConsoleTimingImpl): (WebCore::InspectorInstrumentation::stopConsoleTimingImpl): (WebCore::InspectorInstrumentation::consoleMarkTimelineImpl): (WebCore::InspectorInstrumentation::addStartProfilingMessageToConsoleImpl): (WebCore::InspectorInstrumentation::addProfileImpl): (WebCore::InspectorInstrumentation::getCurrentUserInitiatedProfileNameImpl): (WebCore::InspectorInstrumentation::profilerEnabledImpl): (WebCore::InspectorInstrumentation::didOpenDatabaseImpl): (WebCore::InspectorInstrumentation::didUseDOMStorageImpl): (WebCore::InspectorInstrumentation::didStartWorkerContextImpl): (WebCore::InspectorInstrumentation::didCreateWorkerImpl): (WebCore::InspectorInstrumentation::didDestroyWorkerImpl): (WebCore::InspectorInstrumentation::didCreateWebSocketImpl): (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequestImpl): (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponseImpl): (WebCore::InspectorInstrumentation::didCloseWebSocketImpl): (WebCore::InspectorInstrumentation::networkStateChangedImpl): (WebCore::InspectorInstrumentation::updateApplicationCacheStatusImpl): (WebCore::InspectorInstrumentation::hasFrontend): (WebCore::InspectorInstrumentation::pauseOnNativeEventIfNeeded): (WebCore::InspectorInstrumentation::cancelPauseOnNativeEvent): (WebCore::InspectorInstrumentation::retrieveTimelineAgent): * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::bindInstrumentingAgents): (WebCore::InspectorInstrumentation::unbindInstrumentingAgents): (WebCore::InspectorInstrumentation::didClearWindowObjectInWorld): (WebCore::InspectorInstrumentation::inspectedPageDestroyed): (WebCore::InspectorInstrumentation::willInsertDOMNode): (WebCore::InspectorInstrumentation::didInsertDOMNode): (WebCore::InspectorInstrumentation::willRemoveDOMNode): (WebCore::InspectorInstrumentation::willModifyDOMAttr): (WebCore::InspectorInstrumentation::didModifyDOMAttr): (WebCore::InspectorInstrumentation::didInvalidateStyleAttr): (WebCore::InspectorInstrumentation::mouseDidMoveOverElement): (WebCore::InspectorInstrumentation::handleMousePress): (WebCore::InspectorInstrumentation::characterDataModified): (WebCore::InspectorInstrumentation::willSendXMLHttpRequest): (WebCore::InspectorInstrumentation::didScheduleResourceRequest): (WebCore::InspectorInstrumentation::didInstallTimer): (WebCore::InspectorInstrumentation::didRemoveTimer): (WebCore::InspectorInstrumentation::willCallFunction): (WebCore::InspectorInstrumentation::willChangeXHRReadyState): (WebCore::InspectorInstrumentation::willDispatchEvent): (WebCore::InspectorInstrumentation::willDispatchEventOnWindow): (WebCore::InspectorInstrumentation::willEvaluateScript): (WebCore::InspectorInstrumentation::willFireTimer): (WebCore::InspectorInstrumentation::willLayout): (WebCore::InspectorInstrumentation::willLoadXHR): (WebCore::InspectorInstrumentation::willPaint): (WebCore::InspectorInstrumentation::willRecalculateStyle): (WebCore::InspectorInstrumentation::applyUserAgentOverride): (WebCore::InspectorInstrumentation::willSendRequest): (WebCore::InspectorInstrumentation::continueAfterPingLoader): (WebCore::InspectorInstrumentation::markResourceAsCached): (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCache): (WebCore::InspectorInstrumentation::willReceiveResourceData): (WebCore::InspectorInstrumentation::willReceiveResourceResponse): (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied): (WebCore::InspectorInstrumentation::continueWithPolicyDownload): (WebCore::InspectorInstrumentation::continueWithPolicyIgnore): (WebCore::InspectorInstrumentation::didReceiveContentLength): (WebCore::InspectorInstrumentation::didFinishLoading): (WebCore::InspectorInstrumentation::didFailLoading): (WebCore::InspectorInstrumentation::resourceRetrievedByXMLHttpRequest): (WebCore::InspectorInstrumentation::scriptImported): (WebCore::InspectorInstrumentation::domContentLoadedEventFired): (WebCore::InspectorInstrumentation::loadEventFired): (WebCore::InspectorInstrumentation::frameDetachedFromParent): (WebCore::InspectorInstrumentation::didCommitLoad): (WebCore::InspectorInstrumentation::willWriteHTML): (WebCore::InspectorInstrumentation::didUseDOMStorage): (WebCore::InspectorInstrumentation::willStartWorkerContext): (WebCore::InspectorInstrumentation::didStartWorkerContext): (WebCore::InspectorInstrumentation::didCreateWorker): (WebCore::InspectorInstrumentation::didDestroyWorker): (WebCore::InspectorInstrumentation::didCreateWebSocket): (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequest): (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponse): (WebCore::InspectorInstrumentation::didCloseWebSocket): (WebCore::InspectorInstrumentation::networkStateChanged): (WebCore::InspectorInstrumentation::updateApplicationCacheStatus): (WebCore::InspectorInstrumentation::hasFrontend): (WebCore::InspectorInstrumentation::instrumentingAgentsForContext): (WebCore::InspectorInstrumentation::instrumentingAgentsForPage): (WebCore::InspectorInstrumentation::instrumentingAgentsForFrame): (WebCore::InspectorInstrumentation::instrumentingAgentsWithFrontendForFrame): (WebCore::InspectorInstrumentation::instrumentingAgentsWithFrontendForPage): (WebCore::InspectorInstrumentation::instrumentingAgentsWithFrontendForContext): (WebCore::InspectorInstrumentation::instrumentingAgentsWithFrontendForDocument): 2011-05-16 Vsevolod Vlasov <vsevik@chromium.org> Reviewed by Pavel Feldman. Web Inspector: Move Resources Panel search to backend https://bugs.webkit.org/show_bug.cgi?id=59596 * inspector/Inspector.json: * inspector/InspectorPageAgent.cpp: (WebCore::decodeMainResource): (WebCore::InspectorPageAgent::resourceContent): (WebCore::cachedResourcesForFrame): (WebCore::InspectorPageAgent::getCookies): (WebCore::InspectorPageAgent::deleteCookie): (WebCore::createSearchRegexSource): (WebCore::countRegularExpressionMatches): (WebCore::buildObjectForSearchMatch): (WebCore::InspectorPageAgent::searchInResources): (WebCore::InspectorPageAgent::domContentEventFired): (WebCore::InspectorPageAgent::loadEventFired): (WebCore::InspectorPageAgent::frameNavigated): (WebCore::InspectorPageAgent::frameDetached): (WebCore::InspectorPageAgent::buildObjectForFrameTree): * inspector/InspectorPageAgent.h: * inspector/front-end/ResourcesPanel.js: (WebInspector.ResourcesPanel.prototype._showResourceView): (WebInspector.ResourcesPanel.prototype.performSearch.searchInEditedResource): (WebInspector.ResourcesPanel.prototype.performSearch.callback): (WebInspector.ResourcesPanel.prototype.performSearch): (WebInspector.ResourcesPanel.prototype._ensureViewSearchPerformed): (WebInspector.ResourcesPanel.prototype._showSearchResult.callback): (WebInspector.ResourcesPanel.prototype._showSearchResult): (WebInspector.ResourcesPanel.prototype._resetSearchResults): (WebInspector.ResourcesPanel.prototype.searchCanceled): (WebInspector.ResourcesPanel.prototype.jumpToNextSearchResult): (WebInspector.ResourcesPanel.prototype.jumpToPreviousSearchResult): (WebInspector.FrameTreeElement.prototype.resourceByURL): (WebInspector.FrameResourceTreeElement.prototype._resetSearchResults): (WebInspector.FrameResourceTreeElement.prototype.get searchMatchesCount): (WebInspector.FrameResourceTreeElement.prototype.searchMatchesFound): (WebInspector.ResourcesSearchController): (WebInspector.ResourcesSearchController.prototype.nextSearchResult): (WebInspector.ResourcesSearchController.prototype.previousSearchResult): (WebInspector.ResourcesSearchController.prototype._searchResult): (WebInspector.SearchResultsTreeElementsTraverser): (WebInspector.SearchResultsTreeElementsTraverser.prototype.first): (WebInspector.SearchResultsTreeElementsTraverser.prototype.last): (WebInspector.SearchResultsTreeElementsTraverser.prototype.next): (WebInspector.SearchResultsTreeElementsTraverser.prototype.previous): (WebInspector.SearchResultsTreeElementsTraverser.prototype._traverseNext): (WebInspector.SearchResultsTreeElementsTraverser.prototype._elementHasSearchResults): (WebInspector.SearchResultsTreeElementsTraverser.prototype._traversePrevious): (WebInspector.SearchResultsTreeElementsTraverser.prototype._lastTreeElement): * inspector/front-end/SourceFrame.js: (WebInspector.SourceFrame.createSearchRegex): (WebInspector.SourceFrame.prototype.performSearch.doFindSearchMatches): (WebInspector.SourceFrame.prototype.performSearch): (WebInspector.SourceFrame.prototype.hasSearchResults): (WebInspector.SourceFrame.prototype.jumpToFirstSearchResult): (WebInspector.SourceFrame.prototype.jumpToLastSearchResult): (WebInspector.SourceFrame.prototype.jumpToNextSearchResult): (WebInspector.SourceFrame.prototype.jumpToPreviousSearchResult): (WebInspector.SourceFrame.prototype.jumpToSearchResult): (WebInspector.SourceFrame.prototype._collectRegexMatches): * inspector/front-end/utilities.js: (): 2011-05-16 Andreas Kling <kling@webkit.org> Reviewed by Darin Adler. CSS: Fast path for 'px' lengths should be case-insensitive. https://bugs.webkit.org/show_bug.cgi?id=60703 No new tests, this is an optimization that avoids creating a full CSSParser to parse the value. * css/CSSParser.cpp: (WebCore::parseSimpleLengthValue): 2011-05-16 Naiem Shaik <naiem.shaik@gmail.com> Reviewed by Adam Barth. This is for fixing build break in webgl due to https://bugs.webkit.org/show_bug.cgi?id=59861 The bug raised for fixing this is https://bugs.webkit.org/show_bug.cgi?id=60867 No new tests. This does not change any functionality. * platform/graphics/gtk/GraphicsContext3DGtk.cpp: (WebCore::GraphicsContext3D::create): * platform/graphics/gtk/GraphicsContext3DInternal.cpp: (WebCore::GraphicsContext3DInternal::create): * platform/graphics/gtk/GraphicsContext3DInternal.h: 2011-05-16 Pavel Feldman <pfeldman@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: parse edited attributes by means of InspectorDOMAgent. https://bugs.webkit.org/show_bug.cgi?id=60807 This change moves attribute parsing from the front-end to the backend. * inspector/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::setAttribute): * inspector/front-end/DOMAgent.js: (WebInspector.DOMNode.prototype.setAttribute): * inspector/front-end/ElementsTreeOutline.js: (WebInspector.ElementsTreeElement.prototype._attributeEditingCommitted.moveToNextAttributeIfNeeded): (WebInspector.ElementsTreeElement.prototype._attributeEditingCommitted): 2011-05-16 Nikolas Zimmermann <nzimmermann@rim.com> Not reviewed. Switch from Vector<UChar> to StringBuilder in dom/ https://bugs.webkit.org/show_bug.cgi?id=57843 Incorporate comment from Darin/Andreas. * dom/DatasetDOMStringMap.cpp: (WebCore::convertAttributeNameToPropertyName): Use 'character' local, instead of charaters[i]. (WebCore::convertPropertyNameToAttributeName): Ditto. 2011-05-16 Alexander Pavlov <apavlov@chromium.org> Reviewed by Pavel Feldman. Web Inspector: Fix SourceJavaScriptTokenizer keyword parsing https://bugs.webkit.org/show_bug.cgi?id=60773 * inspector/front-end/SourceJavaScriptTokenizer.js: (WebInspector.SourceJavaScriptTokenizer.prototype.nextToken): * inspector/front-end/SourceJavaScriptTokenizer.re2js: 2011-05-16 Nikolas Zimmermann <nzimmermann@rim.com> Reviewed by Darin Adler. Switch from Vector<UChar> to StringBuilder in dom/ https://bugs.webkit.org/show_bug.cgi?id=57843 * dom/DatasetDOMStringMap.cpp: (WebCore::convertAttributeNameToPropertyName): (WebCore::convertPropertyNameToAttributeName): * dom/Range.cpp: (WebCore::Range::toString): * dom/ScriptElement.cpp: (WebCore::ScriptElement::scriptContent): 2011-05-05 Pavel Podivilov <podivilov@chromium.org> Reviewed by Pavel Feldman. Web Inspector: move double click handling from TextEditor to SourceFrame. https://bugs.webkit.org/show_bug.cgi?id=60271 It is SourceFrame's responsibility to check if content is editable and to configure TextEditor component (e.g. set editable range) when user tries to initiate editing. * inspector/front-end/ResourceView.js: (WebInspector.ResourceSourceFrame.prototype.doubleClick): (WebInspector.RevisionSourceFrame.prototype.doubleClick): * inspector/front-end/SourceFrame.js: (WebInspector.SourceFrame.prototype.beforeTextChanged): (WebInspector.SourceFrame.prototype.afterTextChanged): (WebInspector.SourceFrame.prototype.doubleClick): (WebInspector.SourceFrame.prototype.commitEditing.didEditContent): (WebInspector.SourceFrame.prototype.commitEditing): (WebInspector.SourceFrame.prototype.cancelEditing): (WebInspector.SourceFrame.prototype._setReadOnly): * inspector/front-end/TextViewer.js: (WebInspector.TextViewer.prototype.set readOnly): (WebInspector.TextViewer.prototype._enterInternalTextChangeMode): (WebInspector.TextViewer.prototype._exitInternalTextChangeMode): (WebInspector.TextViewer.prototype._doubleClick): (WebInspector.TextViewer.prototype._commitEditing): (WebInspector.TextViewer.prototype._cancelEditing): (WebInspector.TextViewerDelegate.prototype.doubleClick): (WebInspector.TextViewerDelegate.prototype.beforeTextChanged): (WebInspector.TextViewerDelegate.prototype.afterTextChanged): 2011-05-15 Robert Hogan <robert@webkit.org> Reviewed by Yury Semikhatsky. [Qt] Fix crash in inspector/console/console-long-eval-crash.html https://bugs.webkit.org/show_bug.cgi?id=60858 The client may be gone when sendMessageToBackend() is called. * inspector/InspectorFrontendHost.cpp: (WebCore::InspectorFrontendHost::sendMessageToBackend): 2011-05-16 Nikolas Zimmermann <nzimmermann@rim.com> Reviewed by Dirk Schulze. Replace direct StringConcatenate usage, by using operator+ (again) https://bugs.webkit.org/show_bug.cgi?id=60700 Remove makeString() usage everywhere, instead directly use operator+. * accessibility/AccessibilityObject.cpp: (WebCore::AccessibilityObject::listMarkerTextForNodeAndPosition): * bindings/js/JSDOMWindowBase.cpp: * bindings/js/ScriptDebugServer.cpp: (WebCore::ScriptDebugServer::setBreakpoint): * bindings/v8/V8Proxy.cpp: (WebCore::V8Proxy::reportUnsafeAccessTo): * css/CSSMutableStyleDeclaration.cpp: (WebCore::CSSMutableStyleDeclaration::borderSpacingValue): * dom/ExceptionBase.cpp: (WebCore::ExceptionBase::ExceptionBase): * dom/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::handleError): * html/FTPDirectoryDocument.cpp: (WebCore::processFileDateString): * inspector/CodeGeneratorInspector.pm: * inspector/InspectorConsoleAgent.cpp: (WebCore::InspectorConsoleAgent::count): (WebCore::InspectorConsoleAgent::didReceiveResponse): * inspector/InspectorDOMAgent.cpp: * inspector/InspectorDOMDebuggerAgent.cpp: (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded): * inspector/InspectorDebuggerAgent.cpp: (WebCore::InspectorDebuggerAgent::setBreakpointByUrl): (WebCore::InspectorDebuggerAgent::setBreakpoint): * loader/FrameLoader.cpp: (WebCore::FrameLoader::checkIfDisplayInsecureContent): (WebCore::FrameLoader::checkIfRunInsecureContent): (WebCore::FrameLoader::shouldAllowNavigation): * loader/archive/cf/LegacyWebArchive.cpp: (WebCore::LegacyWebArchive::createFromSelection): * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::printAccessDeniedMessage): * page/ContentSecurityPolicy.cpp: (WebCore::CSPDirective::CSPDirective): (WebCore::ContentSecurityPolicy::checkSourceAndReportViolation): * page/DOMWindow.cpp: (WebCore::DOMWindow::postMessageTimerFired): (WebCore::DOMWindow::crossDomainAccessErrorMessage): * page/PageSerializer.cpp: (WebCore::SerializerMarkupAccumulator::SerializerMarkupAccumulator): (WebCore::SerializerMarkupAccumulator::appendElement): (WebCore::PageSerializer::urlForBlankFrame): * page/PrintContext.cpp: (WebCore::PrintContext::pageProperty): (WebCore::PrintContext::pageSizeAndMarginsInPixels): * platform/efl/PlatformKeyboardEventEfl.cpp: (WebCore::createKeyMap): (WebCore::createWindowsKeyMap): * platform/efl/RenderThemeEfl.cpp: (WebCore::RenderThemeEfl::formatMediaControlsCurrentTime): * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::animationNameForTransition): * platform/graphics/brew/ImageBrew.cpp: (WebCore::Image::loadPlatformResource): * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::animationIdentifier): * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::CGImageToDataURL): * platform/graphics/gtk/ImageBufferGtk.cpp: (WebCore::ImageBuffer::toDataURL): * platform/graphics/haiku/ImageBufferHaiku.cpp: (WebCore::ImageBuffer::toDataURL): * platform/graphics/qt/ImageBufferQt.cpp: (WebCore::ImageBuffer::toDataURL): * platform/graphics/skia/ImageBufferSkia.cpp: (WebCore::ImageToDataURL): * platform/network/CredentialStorage.cpp: (WebCore::originStringFromURL): * platform/network/cf/SocketStreamHandleCFNet.cpp: (WebCore::SocketStreamHandle::reportErrorToClient): * platform/sql/SQLiteDatabase.cpp: (WebCore::SQLiteDatabase::setSynchronous): * platform/text/wince/TextCodecWinCE.cpp: (WebCore::LanguageManager::LanguageManager): * platform/win/ClipboardUtilitiesWin.cpp: * platform/win/ClipboardWin.cpp: (WebCore::ClipboardWin::writeURL): * platform/win/FileSystemWin.cpp: (WebCore::listDirectory): * platform/win/LanguageWin.cpp: (WebCore::platformDefaultLanguage): * platform/win/PathWalker.cpp: (WebCore::PathWalker::PathWalker): * platform/win/SystemInfo.cpp: (WebCore::osVersionForUAString): (WebCore::windowsVersionForUAString): * plugins/PluginStream.cpp: (WebCore::PluginStream::startStream): * svg/SVGAngle.cpp: (WebCore::SVGAngle::valueAsString): * svg/SVGLength.cpp: (WebCore::SVGLength::valueAsString): * svg/SVGPaint.cpp: (WebCore::SVGPaint::cssText): * svg/SVGPointList.cpp: (WebCore::SVGPointList::valueAsString): * svg/SVGPreserveAspectRatio.cpp: (WebCore::SVGPreserveAspectRatio::valueAsString): * svg/SVGTransform.cpp: (WebCore::SVGTransform::valueAsString): * svg/SVGTransformList.cpp: * svg/SVGUseElement.cpp: (WebCore::dumpInstanceTree): * websockets/WebSocket.cpp: (WebCore::WebSocket::connect): * websockets/WebSocketChannel.cpp: (WebCore::WebSocketChannel::didFail): (WebCore::WebSocketChannel::appendToBuffer): * websockets/WebSocketHandshake.cpp: (WebCore::WebSocketHandshake::readServerHandshake): 2011-05-12 Yury Semikhatsky <yurys@chromium.org> Reviewed by Pavel Feldman. Web Inspector: inspector console should be searchable https://bugs.webkit.org/show_bug.cgi?id=60711 Search now works for Console panel. It shows number of matching console entries and allows to jump to the next matching console entry. Also the matches count is dynamically updated when new messages are added to the console. ResourceTreeModel and DebuggerPresentationModel now listen to console events instead of being called directly from ConsoleView. * inspector/front-end/ConsolePanel.js: (WebInspector.ConsolePanel): (WebInspector.ConsolePanel.prototype.show): (WebInspector.ConsolePanel.prototype.hide): (WebInspector.ConsolePanel.prototype.searchCanceled): (WebInspector.ConsolePanel.prototype.performSearch): (WebInspector.ConsolePanel.prototype.jumpToNextSearchResult): (WebInspector.ConsolePanel.prototype.jumpToPreviousSearchResult): (WebInspector.ConsolePanel.prototype._clearCurrentSearchResultHighlight): (WebInspector.ConsolePanel.prototype._jumpToSearchResult): (WebInspector.ConsolePanel.prototype._consoleMessageAdded): (WebInspector.ConsolePanel.prototype._consoleCleared): * inspector/front-end/ConsoleView.js: (WebInspector.ConsoleView.prototype.addMessage): (WebInspector.ConsoleView.prototype.clearMessages): (WebInspector.ConsoleMessage.prototype.clearHighlight): (WebInspector.ConsoleMessage.prototype.highlightSearchResults): (WebInspector.ConsoleMessage.prototype.matchesRegex): (WebInspector.ConsoleMessage.prototype.toMessageElement): (WebInspector.ConsoleCommand.prototype.clearHighlight): (WebInspector.ConsoleCommand.prototype.highlightSearchResults): (WebInspector.ConsoleCommand.prototype.matchesRegex): (WebInspector.ConsoleCommand.prototype.toMessageElement): (WebInspector.ConsoleCommand.prototype._formatCommand): * inspector/front-end/DebuggerPresentationModel.js: (WebInspector.DebuggerPresentationModel): (WebInspector.DebuggerPresentationModel.prototype.setFormatSourceFiles): (WebInspector.DebuggerPresentationModel.prototype._consoleMessageAdded): (WebInspector.DebuggerPresentationModel.prototype._consoleCleared): * inspector/front-end/ResourceTreeModel.js: (WebInspector.ResourceTreeModel): (WebInspector.ResourceTreeModel.prototype._consoleMessageAdded): * inspector/front-end/ScriptsPanel.js: (WebInspector.ScriptsPanel): (WebInspector.ScriptsPanel.prototype._consoleMessagesCleared): * inspector/front-end/utilities.js: (): 2011-05-16 Adam Barth <abarth@webkit.org> [Qt] QtPlatformPlugin create methods should use PassOwnPtr https://bugs.webkit.org/show_bug.cgi?id=60873 * plugins/qt/PluginViewQt.cpp: (WebCore::PluginView::platformStart): 2011-05-15 Adam Barth <abarth@webkit.org> Attempt to fix Qt build. (Strict PassOwnPtr fix.) * platform/graphics/qt/GraphicsLayerQt.cpp: (WebCore::GraphicsLayerQt::GraphicsLayerQt): (WebCore::GraphicsLayer::create): 2011-05-15 Adam Barth <abarth@webkit.org> Attempt to fix Qt build. (Strict PassOwnPtr fix.) * platform/text/qt/TextCodecQt.cpp: (WebCore::newTextCodecQt): 2011-05-15 Adam Barth <abarth@webkit.org> Attempt to fix Qt build. (Strict PassOwnPtr fix.) * platform/network/qt/QNetworkReplyHandler.cpp: (WebCore::QNetworkReplyWrapper::release): (WebCore::QNetworkReplyWrapper::receiveMetaData): (WebCore::QNetworkReplyWrapper::receiveSniffedMIMEType): (WebCore::QNetworkReplyHandler::release): (WebCore::QNetworkReplyHandler::finish): (WebCore::QNetworkReplyHandler::redirect): (WebCore::QNetworkReplyHandler::start): 2011-05-15 Adam Barth <abarth@webkit.org> Attempt to fix Qt build. (Strict PassOwnPtr fix.) * dom/XMLDocumentParserQt.cpp: (WebCore::XMLDocumentParser::doEnd): 2011-05-15 Kenichi Ishibashi <bashi@chromium.org> Reviewed by Kent Tamura. <output>, <meter> and <progress> elements with display:block can be focused if you try to tab to it https://bugs.webkit.org/show_bug.cgi?id=60602 HTMLFormControlElement::isFocusable() returns true when the element is visible as a block element. However, for output, meter, and progress elements, the function should not return true unless they have tabindex attributes. Override supportsFocus() of these elements to apply the result of Node::supportsFocus() because it takes care of whether the element has tabindex or not. Test: fast/forms/focus-with-display-block.html * html/HTMLFormControlElement.h: Made supportsFocus() protected. * html/HTMLMeterElement.cpp: (WebCore::HTMLMeterElement::supportsFocus): Added. * html/HTMLMeterElement.h: * html/HTMLOutputElement.cpp: (WebCore::HTMLOutputElement::supportsFocus): Added. * html/HTMLOutputElement.h: * html/HTMLProgressElement.cpp: (WebCore::HTMLProgressElement::supportsFocus): Added. * html/HTMLProgressElement.h: 2011-05-15 Jon Lee <jonlee@apple.com> Reviewed by Dan Bernstein. Missing migration from Editor::TextCheckingOptions to TextCheckingType in SpellingCorrectionController.cpp https://bugs.webkit.org/show_bug.cgi?id=60870 * editing/SpellingCorrectionController.cpp: (WebCore::SpellingCorrectionController::correctionPanelTimerFired): Migrating to using TextCheckingType 2011-05-15 Geoffrey Garen <ggaren@apple.com> Reviewed by Gavin Barraclough. https://bugs.webkit.org/show_bug.cgi?id=59699 Global object is recreated on teardown, for no good reason (Another partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~7% slower in browser than on command line (was 17%)) I'm basically rolling out http://trac.webkit.org/changeset/49786 because (a) it created this performance problem and (b) a more complete fix, which obsoletes http://trac.webkit.org/changeset/49786, was committed in http://trac.webkit.org/changeset/53439. Tested with the file attached to https://bugs.webkit.org/show_bug.cgi?id=29832. * page/Frame.cpp: (WebCore::Frame::~Frame): Don't create a new window every time we destroy a frame. 2011-05-12 MORITA Hajime <morrita@google.com> ShadowContentElement should affect the order of renderer children https://bugs.webkit.org/show_bug.cgi?id=59157 Introduced ShadowContentSelector to collect and forward content children for each ShadowContentElement. ShadowRoot collects child nodes of its host (we call these children "content children"), and the descendant ShadowContentElement pulls that these content children and put it under its child during ShadowContentElement::attach(). Content children no longer create its renderer during its normal attach() phase (called "light" phase). And they create it during attach() as a content children instead (called "forwarded phase"). These phases are detected by NodeRendererFactory and represented as NodeRendererFactory::AttachPhase value AttachContentLight and AttachContentForwarded. Tests: fast/html/details-add-details-child-1.html fast/html/details-add-details-child-2.html fast/html/details-nested-1.html fast/html/details-nested-2.html * dom/Element.cpp: (WebCore::Element::attach): (WebCore::Element::childrenChanged): * dom/Node.cpp: (WebCore::NodeRendererFactory::NodeRendererFactory): (WebCore::NodeRendererFactory::shouldCreateRenderer): (WebCore::NodeRendererFactory::nextRenderer): (WebCore::NodeRendererFactory::createRendererIfNeeded): * dom/ShadowRoot.cpp: (WebCore::forceReattach): (WebCore::ShadowContentSelector::shadowRoot): (WebCore::ShadowContentSelector::activeElement): (WebCore::ShadowContentSelector::currentInstance): (WebCore::ShadowContentSelector::ShadowContentSelector): (WebCore::ShadowContentSelector::~ShadowContentSelector): (WebCore::ShadowContentSelector::attachChildrenFor): (WebCore::ShadowContentElement::attach): (WebCore::ShadowRoot::recalcStyle): (WebCore::ShadowRoot::activeContentContainer): (WebCore::ShadowRoot::hostChildrenChanged): (WebCore::ShadowRoot::attach): * dom/ShadowRoot.h: * html/shadow/ShadowContentElement.h: (WebCore::ShadowContentElement::rendererIsNeeded): * rendering/RenderDetails.cpp: * rendering/RenderDetails.h: 2011-05-13 MORITA Hajime <morrita@google.com> Reviewed by Ryosuke Niwa. Refactoring: Editor::TextCheckingOptions should be replaced with TextCheckingType https://bugs.webkit.org/show_bug.cgi?id=57088 Removed Editor::TextCheckingOptions and replaced it with TextCheckingTypeMask No new tests, no behavior change. * editing/Editor.cpp: (WebCore::Editor::replaceSelectionWithFragment): (WebCore::Editor::markMisspellingsAfterTypingToWord): (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges): (WebCore::Editor::markMisspellingsAndBadGrammar): (WebCore::Editor::resolveTextCheckingTypeMask): * editing/Editor.h: * platform/text/TextChecking.h: Added TextCheckingTypeShowCorrectionPanel 2011-05-15 Ilya Tikhonovsky <loislo@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: chromium renderer crash at eval in console. https://bugs.webkit.org/show_bug.cgi?id=60616 Renderer of inspected page is crashing when modal dialog has been opened via console eval and page is reloaded. Test: inspector/console/console-long-eval-crash.html * inspector/CodeGeneratorInspector.pm: * inspector/InspectorController.cpp: (WebCore::InspectorController::connectFrontend): (WebCore::InspectorController::dispatchMessageFromFrontend): * inspector/InspectorController.h: 2011-05-15 Eric Carlson <eric.carlson@apple.com> Reviewed by Maciej Stachowiak. Use new AVAssetReferenceRestrictions to prevent cross site media references https://bugs.webkit.org/show_bug.cgi?id=60791 <rdar://problem/9374202> Test: http/tests/media/video-cross-site.html * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Set restriction to prevent cross-domain references from being followed. 2011-05-15 Arno Renevier <arno@renevier.net> Reviewed by Darin Adler. remove unecessary includes from Source/WebCore/html/HTMLFrameElementBase.cpp https://bugs.webkit.org/show_bug.cgi?id=60775 No new tests. This change only impacts compilation. * html/HTMLFrameElementBase.cpp: 2011-05-14 Malcolm MacLeod <malcolm.macleod@tshwanedje.com> Reviewed by Kevin Ollivier. [wx] Fix strokeArc and fillRoundedRect drawing, and add clipPath support. https://bugs.webkit.org/show_bug.cgi?id=60847 * platform/graphics/wx/GraphicsContextWx.cpp: (WebCore::GraphicsContext::strokeArc): (WebCore::GraphicsContext::clipConvexPolygon): (WebCore::GraphicsContext::fillRoundedRect): (WebCore::GraphicsContext::drawFocusRing): (WebCore::GraphicsContext::clipOut): (WebCore::GraphicsContext::clipPath): (WebCore::GraphicsContext::clip): (WebCore::GraphicsContext::addInnerRoundedRectClip): 2011-05-14 Eric Carlson <eric.carlson@apple.com> Reviewed by Dan Bernstein. HTTP video-on-demand streams frequently have live stream UI https://bugs.webkit.org/show_bug.cgi?id=60849 <rdar://problem/9440502> No new tests, we don't currently have tests for http live streams. Changes verified manually. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaPlayerDurationChanged): Reset the media controls so a duration change which identifies a format will be picked up. (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): New, reset media controls so they can be reconfigured for the media file characteristics. * html/HTMLMediaElement.h: * platform/graphics/MediaPlayer.cpp: (WebCore::MediaPlayer::characteristicChanged): New, pass through to the element. * platform/graphics/MediaPlayer.h: (WebCore::MediaPlayerClient::mediaPlayerCharacteristicChanged): * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::setHasVideo): Call characteristicChanged when setting changes. (WebCore::MediaPlayerPrivateAVFoundation::setHasAudio): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::setHasClosedCaptions): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::loadedTimeRangesChanged): Move the duration change notification logic to invalidateCachedDuration. (WebCore::MediaPlayerPrivateAVFoundation::invalidateCachedDuration): New, invalidate the cached duration and notify the element when it changes. (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): Call invalidateCachedDuration for the DurationChanged notification. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: Define DurationChanged. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration): Don't check asset or item duration until they have been loaded. (WebCore::itemKVOProperties): Listen for duration change. (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): Deal with duration change notification. 2011-05-14 Abhishek Arya <inferno@chromium.org> Reviewed by Dan Bernstein. As per spec, only allow one font family name in a font face rule. Other things like initial value, inherited value or multiple names are discarded. https://bugs.webkit.org/show_bug.cgi?id=60837 Test: fast/css/invalid-font-family-in-font-face-crash.html * css/CSSParser.cpp: (WebCore::CSSParser::createFontFaceRule): 2011-05-13 Oliver Hunt <oliver@apple.com> Reviewed by Geoffrey Garen. Make GC validation more aggressive https://bugs.webkit.org/show_bug.cgi?id=60802 This makes GC_VALIDATION much more aggressive in webcore, adding logic to every visitChildren method to ensure that the structure still has correct flags. Additionally every function generated for the dom bindings makes use of the new GC_VALIDATION object assertions to further ensure that the object appears to be sensible. * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioContextCustom.cpp: (WebCore::JSAudioContext::visitChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildren): (WebCore::JSDOMGlobalObject::setInjectedScript): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::visitChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::JSEventListener): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::jsFunction): * bindings/js/JSJavaScriptAudioNodeCustom.cpp: (WebCore::JSJavaScriptAudioNode::visitChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNamedNodeMapCustom.cpp: (WebCore::JSNamedNodeMap::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): * bindings/js/JSWorkerContextCustom.cpp: (WebCore::JSWorkerContext::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/scripts/CodeGeneratorJS.pm: 2011-05-13 Oliver Hunt <oliver@apple.com> Reviewed by Geoffrey Garen. Make GC validation more aggressive https://bugs.webkit.org/show_bug.cgi?id=60802 This makes GC_VALIDATION much more aggressive in webcore, adding logic to every visitChildren method to ensure that the structure still has correct flags. Additionally every function generated for the dom bindings makes use of the new GC_VALIDATION object assertions to further ensure that the object appears to be sensible. * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioContextCustom.cpp: (WebCore::JSAudioContext::visitChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildren): (WebCore::JSDOMGlobalObject::setInjectedScript): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::visitChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::JSEventListener): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::jsFunction): * bindings/js/JSJavaScriptAudioNodeCustom.cpp: (WebCore::JSJavaScriptAudioNode::visitChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNamedNodeMapCustom.cpp: (WebCore::JSNamedNodeMap::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): * bindings/js/JSWorkerContextCustom.cpp: (WebCore::JSWorkerContext::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/scripts/CodeGeneratorJS.pm: 2011-05-14 Oliver Hunt <oliver@apple.com> Reviewed by Anders Carlsson. Make Qt bindings GC safe https://bugs.webkit.org/show_bug.cgi?id=60841 Trying to do cache management by using "this" as a key from a GC object's destructor leads to a violation of GC semantics. Make the qt bindings use a Weak<> handle for finalization. * bridge/qt/qt_runtime.cpp: (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod): (JSC::Bindings::QtRuntimeMethod::~QtRuntimeMethod): * bridge/qt/qt_runtime.h: (JSC::Bindings::QtRuntimeMethodData::finalize): 2011-05-14 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Eric Seidel. Make canHaveChildrenForEditing more efficient https://bugs.webkit.org/show_bug.cgi?id=53564 Improved the performance (1-2% in release and 20% in debug) by adding virtual member function canContainRangeEndPoint to Node. It returns true whenever the associated node can have be a container node for a position. As of this revision, canContainRangeEndPoint returns true on Document, DocumentFragment, Text nodes and any elements except: HTML: applet, br, embed, frame, frameset, hr (unless has children), img, input, keygen, meter, object (unless uses fallback content), output, progress, select, and textarea. No new tests are added since this change cannot be tested directly. * dom/Document.h: (WebCore::Document::canContainRangeEndPoint): Added; returns false. * dom/DocumentFragment.h: (WebCore::DocumentFragment::canContainRangeEndPoint): Added; returns true. * dom/Element.h: (WebCore::Element::canContainRangeEndPoint): Ditto. * dom/Node.h: (WebCore::Node::canContainRangeEndPoint): Added; returns false. * dom/Text.h: (WebCore::Text::canContainRangeEndPoint): Added; returns true. * editing/htmlediting.cpp: Removed editingIgnoresContent and canHaveChildrenForEditing. * editing/htmlediting.h: (WebCore::editingIgnoresContent): Moved from htmlediting.cpp; made it inline. (WebCore::canHaveChildrenForEditing): Ditto. * html/HTMLBRElement.h: (WebCore::HTMLBRElement::canContainRangeEndPoint): Added; returns false. * html/HTMLButtonElement.h: (WebCore::HTMLDataGridElement::canContainRangeEndPoint): Ditto. * html/HTMLFormControlElement.h: (WebCore::HTMLFormControlElementWithState::canContainRangeEndPoint): Ditto. * html/HTMLFrameElementBase.h: (WebCore::HTMLFrameElementBase::canContainRangeEndPoint): Ditto. * html/HTMLImageElement.h: (WebCore::HTMLImageElement::canContainRangeEndPoint): Ditto. * html/HTMLMeterElement.h: (WebCore::HTMLMeterElement::canContainRangeEndPoint): Ditto. * html/HTMLOutputElement.h: (WebCore::HTMLOutputElement::canContainRangeEndPoint): Ditto. * html/HTMLPlugInElement.h: (WebCore::HTMLPlugInElement::canContainRangeEndPoint): Ditto. * html/HTMLProgressElement.h: (WebCore::HTMLProgressElement::canContainRangeEndPoint): Ditto. * html/HTMLHRElement.h: (WebCore::HTMLHRElement::canContainRangeEndPoint): Added; returns true iff it has children. * html/HTMLObjectElement.h: (WebCore::HTMLObjectElement::canContainRangeEndPoint): Added; returns true iff it uses fallback content. 2011-05-14 Jeremy Noble <jer.noble@apple.com> Reviewed by Darin Adler. Exiting full screen causes <video> element inline controls to become visible https://bugs.webkit.org/show_bug.cgi?id=60142 Create a queue of elements who must be targeted with webkitfullscreenchange events. Instead of dispatching a single event with whatever the current value of m_fullScreenElement is (which may have been cleared, or changed since the timer was asked to fire), dispatch one event for each entry in the queue. Test: fullscreen/video-controls-override.html * dom/Document.cpp: (WebCore::Document::webkitDidEnterFullScreenForElement): Push current full screen element onto the webkitfullscreenchange event delay queue. (WebCore::Document::webkitDidExitFullScreenForElement): Ditto. (WebCore::Document::fullScreenElementRemoved): Ditto. (WebCore::Document::fullScreenChangeDelayTimerFired): Empty the queue, dispatching a webkitfullscreenchange event for each entry. * dom/Document.h: 2011-05-14 Patrick Gansterer <paroga@webkit.org> Reviewed by Andreas Kling. Buildfix for SharedTimerWx.cpp https://bugs.webkit.org/show_bug.cgi?id=60829 * platform/wx/SharedTimerWx.cpp: (WebCore::WebKitTimer::WebKitTimer): We can't call the constructor of a base class in the body of the constructor. 2011-05-14 Patrick Gansterer <paroga@webkit.org> Unreviewed WinCE build fix for r86477. Remove the global namespace prefix from GlobalLock/GlobalUnlock. * platform/win/ClipboardUtilitiesWin.cpp: 2011-05-14 Csaba Osztrogonác <ossy@webkit.org> Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt. Make GC validation more aggressive https://bugs.webkit.org/show_bug.cgi?id=60802 * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioContextCustom.cpp: (WebCore::JSAudioContext::visitChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildren): (WebCore::JSDOMGlobalObject::setInjectedScript): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::visitChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::JSEventListener): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::jsFunction): * bindings/js/JSJavaScriptAudioNodeCustom.cpp: (WebCore::JSJavaScriptAudioNode::visitChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNamedNodeMapCustom.cpp: (WebCore::JSNamedNodeMap::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): * bindings/js/JSWorkerContextCustom.cpp: (WebCore::JSWorkerContext::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/scripts/CodeGeneratorJS.pm: 2011-05-13 Alexey Proskuryakov <ap@apple.com> Reviewed by Darin Adler. HTML5 Application Cache Update Failures on Page Refresh https://bugs.webkit.org/show_bug.cgi?id=60598 <rdar://problem/9418639> Test: http/tests/appcache/interrupted-update.html The reason was two-fold: 1) Cache group state wasn't fully reset after a failed cache update (or an initial load). 2) The cache group is not deleted until after after the navigation (from autorelease pool), so the failed and sorry old version was picked up by cache selection algorithm. The latter is more of a surprising behavior than a problem in itself. Keeping an appcache in memory for reload is generally a good thing for performance. * loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::stopLoading): Added a FIXME about half-baked state resetting code that sent me looking for a wrong fix originally. (WebCore::ApplicationCacheGroup::stopLoadingInFrame): Stopped load is an update failure like any other, so we should call cacheUpdateFailed(), which knows how to reset state. 2011-05-13 Enrica Casucci <enrica@apple.com> Reviewed by Darin Adler and Brian Weinstein. REGRESSION (WK2): Can't drag and drop a link or image from Safari to Desktop https://bugs.webkit.org/show_bug.cgi?id=60819 <rdar://problem/9370689> To support drag-and-drop to the desktop and other windows applications, we need to support the fileDescriptor and fileContentZero clipboard formats. This patch adds the support for serializing these types across the process boundary. It also fixes a regression introduced by r70914, that was causing the content of the shortcut files to be corrupted. Using ascii() to convert from String to CString was causing '\n' and '\r' to be replaced with '?'. * platform/DragData.h: * platform/win/ClipboardUtilitiesWin.cpp: (WebCore::fileDescriptorFormat): Moved from ClipboardWin.cpp. (WebCore::fileContentFormatZero): Moved from ClipboardWin.cpp. (WebCore::getFileDescriptorData): Serialize FileDescriptor type. (WebCore::getFileContentData): Serialize FileContent type. (WebCore::setFileDescriptorData): Deserialize FileDescriptor type. (WebCore::setFileContentData): Deserialize FileContent type. (WebCore::setCFData): Added missing initialization of the tymed field that was causing the cfHDrop format not to be deserialized correctly. * platform/win/ClipboardUtilitiesWin.h: * platform/win/ClipboardWin.cpp: (WebCore::createGlobalHDropContent): Changed ascii() to latin1(). (WebCore::ClipboardWin::writeURL): * platform/win/DragDataWin.cpp: (WebCore::DragData::getDragFileDescriptorData): (WebCore::DragData::getDragFileContentData): 2011-05-13 Daniel Cheng <dcheng@chromium.org> Fix the build. Add includes that the builders are suddenly complaining about... * page/DragState.h: 2011-05-13 Daniel Cheng <dcheng@chromium.org> Reviewed by Tony Chang. Improve drag start logic https://bugs.webkit.org/show_bug.cgi?id=59409 Rewrite and simplify the dragging logic to better match IE, Firefox, and the behavior defined in the spec. Among other things: - draggableNode() no longer returns text nodes when dragging anchors. - When starting a drag over an image in a selection, prefer to drag the selection. - Several redundant hit tests have been removed. - Minor refactoring to make the logic easier to follow. Test: platform/mac/editing/pasteboard/drag-selections-to-contenteditable.html * WebCore.xcodeproj/project.pbxproj: * page/DragController.cpp: (WebCore::DragController::draggableNode): (WebCore::DragController::startDrag): * page/DragController.h: * page/DragState.h: (WebCore::DragState::shouldDispatchEvents): * page/EventHandler.cpp: (WebCore::EventHandler::EventHandler): (WebCore::EventHandler::eventMayStartDrag): (WebCore::EventHandler::updateDragSourceActionsAllowed): (WebCore::EventHandler::updateDragAndDrop): (WebCore::EventHandler::cancelDragAndDrop): (WebCore::EventHandler::dragHysteresisExceeded): (WebCore::EventHandler::dragSourceEndedAt): (WebCore::ExactlyOneBitSet): (WebCore::EventHandler::handleDrag): * page/EventHandler.h: 2011-05-13 Oliver Hunt <oliver@apple.com> Reviewed by Geoffrey Garen. Make GC validation more aggressive https://bugs.webkit.org/show_bug.cgi?id=60802 This makes GC_VALIDATION much more aggressive in webcore, adding logic to every visitChildren method to ensure that the structure still has correct flags. Additionally every function generated for the dom bindings makes use of the new GC_VALIDATION object assertions to further ensure that the object appears to be sensible. * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioContextCustom.cpp: (WebCore::JSAudioContext::visitChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildren): (WebCore::JSDOMGlobalObject::setInjectedScript): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::visitChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::JSEventListener): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::jsFunction): * bindings/js/JSJavaScriptAudioNodeCustom.cpp: (WebCore::JSJavaScriptAudioNode::visitChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNamedNodeMapCustom.cpp: (WebCore::JSNamedNodeMap::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): * bindings/js/JSWorkerContextCustom.cpp: (WebCore::JSWorkerContext::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/scripts/CodeGeneratorJS.pm: 2011-05-13 Mikhail Naganov <mnaganov@chromium.org> Web Inspector: Unreviewed image glyph position fix in CSS after r85588. * inspector/front-end/heapProfiler.css: (.heapshot-help-status-bar-item .glyph): 2011-05-13 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. iframe sandbox doesn't properly block popups https://bugs.webkit.org/show_bug.cgi?id=60784 Previously, we weren't implementing this requirement from the spec: "This flag also prevents content from creating new auxiliary browsing contexts, e.g. using the target attribute or the window.open() method." Tests: http/tests/security/no-popup-from-sandbox-top.html http/tests/security/no-popup-from-sandbox.html * loader/PolicyChecker.cpp: (WebCore::PolicyChecker::checkNewWindowPolicy): 2011-05-13 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. click event shouldn't fire when the target is ever removed in mouseup https://bugs.webkit.org/show_bug.cgi?id=60600 Fixed the bug by invalidating m_clickNode when it or one of its ancestors has been removed from the document. New behavior matches Internet Explorer and Firefox. Tests: fast/events/remove-target-in-mouseup-deep.html fast/events/remove-target-in-mouseup-insertback.html fast/events/remove-target-in-mouseup-twice.html fast/events/remove-target-in-mouseup.html * dom/Document.cpp: (WebCore::Document::nodeChildrenWillBeRemoved): Calls EventHandler::nodeWillBeRemoved. (WebCore::Document::nodeWillBeRemoved): Calls EventHandler::nodeWillBeRemoved. * page/EventHandler.cpp: (WebCore::EventHandler::nodeWillBeRemoved): Added; invalidates m_clickNode when m_clickNode or one of its ancestor is removed from the document. * page/EventHandler.h: 2011-05-13 Alexey Proskuryakov <ap@apple.com> Reviewed by Joseph Pecoraro. Hide appcache status bar items https://bugs.webkit.org/show_bug.cgi?id=60799 We have a number of non-trivial bugs that make these more misleading than helpful to developers. * inspector/front-end/ApplicationCacheItemsView.js: (WebInspector.ApplicationCacheItemsView): Just hide the items for now. Removing all support code would be complicated, and not helpful. 2011-05-13 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. indexedDB is visible inside iframe sandbox https://bugs.webkit.org/show_bug.cgi?id=60785 We're supposed to return a null indexedDB factory when inside an iframe sandbox. Test: http/tests/security/no-indexeddb-from-sandbox.html * page/DOMWindow.cpp: (WebCore::DOMWindow::webkitIndexedDB): 2011-05-13 Adam Roben <aroben@apple.com> Fix manual tests that got broken by the move of WebCore into Source * manual-tests/plugins/object-clipping.html: * manual-tests/pointer-events.html: * manual-tests/video-waiting-seeking.html: Updated some paths. 2011-05-13 Nat Duca <nduca@chromium.org> Reviewed by James Robinson. [chromium] compositing tests are failing https://bugs.webkit.org/show_bug.cgi?id=60738 Bind texture before setting its filtering state. * platform/graphics/chromium/LayerTilerChromium.cpp: (WebCore::LayerTilerChromium::updateFromPixels): 2011-05-13 Alexey Proskuryakov <ap@apple.com> Reviewed by Dan Bernstein. https://bugs.webkit.org/show_bug.cgi?id=60787 Add some assertions to ApplicationCacheGroup * loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::finishedLoadingMainResource): Check that count doesn't underflow. (WebCore::ApplicationCacheGroup::failedLoadingMainResource): Ditto. (WebCore::ApplicationCacheGroup::stopLoading): Check that we are the handle's client before resetting it. (WebCore::ApplicationCacheGroup::update): Check that there isn't a stale current handle or resource hanging around. (WebCore::ApplicationCacheGroup::didFail): Check that the handle is either manifest or current one. 2011-05-13 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. Prune #includes from FrameView.h (Part 2) https://bugs.webkit.org/show_bug.cgi?id=60748 - Replace #includes in FrameView.h of Frame.h and Page.h with Color.h, wtf/text/WTFString.h, and the new AdjustViewSizeOrNot.h - Update files that were depending on FrameView.h #including Frame.h or Page.h. * GNUmakefile.list.am: * WebCore.exp.in: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * accessibility/AccessibilityRenderObject.cpp: * accessibility/AccessibilityScrollView.cpp: * accessibility/chromium/AXObjectCacheChromium.cpp: * accessibility/mac/AccessibilityObjectWrapper.mm: * css/MediaQueryMatcher.cpp: * dom/Range.cpp: * editing/SpellingCorrectionController.cpp: * history/CachedFrame.cpp: * html/HTMLBodyElement.cpp: * html/canvas/WebGLRenderingContext.cpp: * html/parser/HTMLParserScheduler.cpp: * page/AdjustViewSizeOrNot.h: Added. * page/EditorClient.h: * page/Frame.h: * page/FrameView.cpp: (WebCore::FrameView::forceLayoutForPagination): * page/FrameView.h: * page/PrintContext.cpp: (WebCore::PrintContext::begin): (WebCore::PrintContext::end): * page/chromium/FrameChromium.cpp: * page/win/FrameCGWin.cpp: * page/win/FrameWin.cpp: * platform/efl/PopupMenuEfl.cpp: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: * platform/graphics/qt/MediaPlayerPrivateQt.cpp: * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp: * platform/gtk/WidgetGtk.cpp: * plugins/IFrameShimSupport.cpp: * rendering/RenderBlock.cpp: * rendering/RenderBoxModelObject.cpp: * rendering/RenderFrameBase.cpp: * rendering/RenderIFrame.cpp: * rendering/RenderMenuList.cpp: * rendering/RenderTextControlSingleLine.cpp: * rendering/RenderWidget.cpp: * svg/SVGSVGElement.cpp: 2011-05-13 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch paintCollapsedBorder to use IntRect https://bugs.webkit.org/show_bug.cgi?id=60739 Updating the last offending paint function that takes four ints instead of an IntRect. No new tests as this is simple refactoring. * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paint): (WebCore::RenderTableCell::paintCollapsedBorder): * rendering/RenderTableCell.h: 2011-05-13 Abhishek Arya <inferno@chromium.org> Reviewed by Dave Hyatt. Regression(r75823): Revert initialization back to the first RenderBlock in the parent chain. https://bugs.webkit.org/show_bug.cgi?id=60780 Test: fast/block/float/float-not-removed-crash.html * rendering/RenderBox.cpp: (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists): In r75823, I forgot to initialize parentBlock, when the original code did and Hyatt did mention in c#5. Now, initializing parentBlock to the first RenderBlock in the parent chain. 2011-05-05 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: TextEditor should support editing a range. https://bugs.webkit.org/show_bug.cgi?id=59688 * inspector/front-end/TextViewer.js: (WebInspector.TextEditorChunkedPanel.prototype.makeLineAChunk): (WebInspector.TextEditorChunkedPanel.prototype._splitChunkOnALine): (WebInspector.TextEditorMainPanel.prototype.setEditableRange): (WebInspector.TextEditorMainPanel.prototype.clearEditableRange): (WebInspector.TextEditorMainPanel.prototype._splitChunkOnALine): (WebInspector.TextEditorMainPanel.prototype._applyDomUpdates): (WebInspector.TextEditorMainChunk): (WebInspector.TextEditorMainChunk.prototype.set expanded): (WebInspector.TextEditorMainChunk.prototype.set readOnly): (WebInspector.TextEditorMainChunk.prototype.get readOnly): (WebInspector.TextEditorMainChunk.prototype._updateElementReadOnlyState): * inspector/front-end/textViewer.css: (.text-editor-read-only): 2011-05-05 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: fix source mapping for formatted scripts. https://bugs.webkit.org/show_bug.cgi?id=60263 Source mapping is broken for script chunks that are already formatted at the beginning and at the end of the script (see script-formatter.html). * inspector/front-end/ScriptFormatter.js: (WebInspector.ScriptFormatter.prototype._didFormatContent): (WebInspector.FormattedSourceMapping): (WebInspector.FormattedSourceMapping.prototype.originalToFormatted): (WebInspector.FormattedSourceMapping.prototype.formattedToOriginal): (WebInspector.FormattedSourceMapping.prototype._convertPosition): * inspector/front-end/ScriptFormatterWorker.js: (onmessage): (HTMLScriptFormatter.prototype.format): * inspector/front-end/SourceFile.js: (WebInspector.FormattedSourceFile.prototype._didRequestContent): (WebInspector.SourceMappingForFormattedSourceFile): (WebInspector.SourceMappingForFormattedSourceFile.prototype.scriptLocationToSourceLine): (WebInspector.SourceMappingForFormattedSourceFile.prototype.sourceLineToScriptLocation): 2011-05-13 Adam Roben <aroben@apple.com> Tell ScrollView's child Widgets that their frame rects have changed when its own frame rect changes r79167 moved some code from setFrameRect to setBoundsSize, including a call to frameRectsChanged. This was done because positionScrollbarLayers, which is called by frameRectsChanged, only needs to be called when the bounds change, not when the frame rect changes. But the recursive calls inside frameRectsChanged *do* need to be called when the frame rect changes. This patch moves the positionScrollbarLayers call out of frameRectsChanged, since it needs to be called at different times from frameRectsChanged. Then it restores the frameRectsChanged call to setFrameRect, which fixes the bug. Test: platform/win/plugins/iframe-inside-overflow.html Fixes <http://webkit.org/b/60194> <rdar://problem/9383760> REGRESSION (r79167): Windowed plugins in Google Reader don't move when the article list is scrolled Reviewed by Dan Bernstein. * platform/ScrollView.cpp: (WebCore::ScrollView::updateScrollbars): Added a positionScrollbarLayers call here now that frameRectsChanged doesn't call it for us. Also added a FIXME because it seems strange to call frameRectsChanged here when our frame rect hasn't changed. (WebCore::ScrollView::setFrameRect): Added back the frameRectsChanged call that was removed in r79167. (WebCore::ScrollView::setBoundsSize): Replaced a frameRectsChanged call with a call to positionScrollbarLayers. We were only calling frameRectsChanged here in order to get positionScrollbarLayers to be called. (WebCore::ScrollView::frameRectsChanged): Removed the call to positionScrollbarLayers. All callers of frameRectsChanged have been updated to call positionScrollbarLayers if needed. 2011-05-13 Martin Robinson <mrobinson@igalia.com> Reviewed by Eric Seidel. [GTK] Share the GTK+ key binding code between WebKit1 and WebKit2 https://bugs.webkit.org/show_bug.cgi?id=59765 Move the keybinding code form WebKit1/WebKit2 to this utility class. This code is almost directly moved from the WebKit layer. No new tests. This is covered by the editing tests. * GNUmakefile.list.am: * platform/gtk/KeyBindingTranslator.cpp: Added. (WebCore::backspaceCallback):Added. (WebCore::selectAllCallback):Added. (WebCore::cutClipboardCallback):Added. (WebCore::copyClipboardCallback):Added. (WebCore::pasteClipboardCallback):Added. (WebCore::toggleOverwriteCallback):Added. (WebCore::popupMenuCallback):Added. (WebCore::showHelpCallback):Added. (WebCore::deleteFromCursorCallback):Added. (WebCore::moveCursorCallback):Added. (WebCore::KeyBindingTranslator::KeyBindingTranslator):Added. (WebCore::KeyBindingTranslator::getEditorCommandsForKeyEvent):Added. * platform/gtk/KeyBindingTranslator.h: Added. (WebCore::KeyBindingTranslator::addPendingEditorCommand):Added. 2011-05-01 Holger Hans Peter Freyther <holger@moiji-mobile.com> Reviewed by Adam Barth. [android] Forward declare types for PlatformWidget and DragImage https://bugs.webkit.org/show_bug.cgi?id=59890 This is a simple build fix. * platform/DragImage.h: * platform/Widget.h: 2011-05-06 Pavel Podivilov <podivilov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: fix incremental html highlight. https://bugs.webkit.org/show_bug.cgi?id=60163 SourceTokenizers for html, js, and css are declared to be stateless. However they store some state in various ways (like using _internalJavaScriptTokenizer field in html tokenizer, or modifying "static" initialCondition object via condition link). This all worked because of another bug in tokenizers registry that always returned new tokenizer object. For incremental highlighting, we need to be able to stringify tokenizers state and then restore the state from string. That's why we need tokenizers to be truly stateless. * inspector/front-end/DOMSyntaxHighlighter.js: (WebInspector.DOMSyntaxHighlighter.prototype.syntaxHighlightNode): * inspector/front-end/SourceCSSTokenizer.js: (WebInspector.SourceCSSTokenizer): (WebInspector.SourceCSSTokenizer.prototype.createInitialCondition): * inspector/front-end/SourceCSSTokenizer.re2js: * inspector/front-end/SourceHTMLTokenizer.js: (WebInspector.SourceHTMLTokenizer): (WebInspector.SourceHTMLTokenizer.prototype.createInitialCondition): (WebInspector.SourceHTMLTokenizer.prototype.set line): (WebInspector.SourceHTMLTokenizer.prototype.get _internalJavaScriptTokenizer): (WebInspector.SourceHTMLTokenizer.prototype.get _internalCSSTokenizer): (WebInspector.SourceHTMLTokenizer.prototype.scriptStarted): (WebInspector.SourceHTMLTokenizer.prototype.styleSheetStarted): (WebInspector.SourceHTMLTokenizer.prototype.nextToken): * inspector/front-end/SourceHTMLTokenizer.re2js: * inspector/front-end/SourceJavaScriptTokenizer.js: (WebInspector.SourceJavaScriptTokenizer): (WebInspector.SourceJavaScriptTokenizer.prototype.createInitialCondition): * inspector/front-end/SourceJavaScriptTokenizer.re2js: * inspector/front-end/SourceTokenizer.js: (WebInspector.SourceTokenizer.Registry.prototype.getTokenizer): * inspector/front-end/TextEditorHighlighter.js: (WebInspector.TextEditorHighlighter.prototype._highlightLines): 2011-05-13 Adam Roben <aroben@apple.com> Build fix after r86418 * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: Made the destructor public so that this class can be used with [Pass]OwnPtr. 2011-05-11 Hans Wennborg <hans@chromium.org> Reviewed by Tony Gentilcore. IndexedDB: Fix integer comparison bug in LevelDB coding routines https://bugs.webkit.org/show_bug.cgi?id=60623 Fix the code for comparing two int64_t variables. Also remove faulty line in ObjectStoreNamesKey::encode which was uncovered by the unit test in this patch. Very hard to cover with layout tests; covered by unit test. * storage/IDBLevelDBCoding.cpp: (WebCore::IDBLevelDBCoding::compareInts): (WebCore::IDBLevelDBCoding::KeyPrefix::compare): (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::compare): (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::compare): (WebCore::IDBLevelDBCoding::IndexMetaDataKey::compare): (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::compare): (WebCore::IDBLevelDBCoding::IndexFreeListKey::compare): (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::encode): (WebCore::IDBLevelDBCoding::IndexNamesKey::compare): (WebCore::IDBLevelDBCoding::IndexDataKey::compare): 2011-05-13 Andrew Wason <rectalogic@rectalogic.com> Reviewed by Darin Adler. GraphicsContext3DQt.cpp fails to compile https://bugs.webkit.org/show_bug.cgi?id=60740 * platform/graphics/qt/GraphicsContext3DQt.cpp: (WebCore::GraphicsContext3D::GraphicsContext3D): Change order of initializers. 2011-05-05 Hans Wennborg <hans@chromium.org> Reviewed by Steve Block. IndexedDB: Transaction rollback prevented by open SQLite statement https://bugs.webkit.org/show_bug.cgi?id=60032 Let the IDBTransactionbackendImpl keep track of all open cursors, and "close" them (i.e. finalizing the underlying SQLiteStatement) before committing or rolling back the transaction. This fixes the problem with opened cursors preventing transaction rollback. Test: storage/indexeddb/transaction-rollback.html * storage/IDBBackingStore.h: * storage/IDBCursorBackendImpl.cpp: (WebCore::IDBCursorBackendImpl::IDBCursorBackendImpl): (WebCore::IDBCursorBackendImpl::~IDBCursorBackendImpl): (WebCore::IDBCursorBackendImpl::close): * storage/IDBCursorBackendImpl.h: * storage/IDBLevelDBBackingStore.cpp: * storage/IDBSQLiteBackingStore.cpp: * storage/IDBTransactionBackendImpl.cpp: (WebCore::IDBTransactionBackendImpl::abort): (WebCore::IDBTransactionBackendImpl::registerOpenCursor): (WebCore::IDBTransactionBackendImpl::unregisterOpenCursor): (WebCore::IDBTransactionBackendImpl::commit): (WebCore::IDBTransactionBackendImpl::closeOpenCursors): * storage/IDBTransactionBackendImpl.h: * storage/IDBTransactionBackendInterface.h: (WebCore::IDBTransactionBackendInterface::registerOpenCursor): (WebCore::IDBTransactionBackendInterface::unregisterOpenCursor): 2011-05-13 Patrick Gansterer <paroga@webkit.org> Reviewed by Adam Barth. Enable OwnPtr strict mode in MediaPlayer https://bugs.webkit.org/show_bug.cgi?id=59466 Let the CreateMediaEnginePlayer function return a PassOwnPtr instead of a raw pointer. Also fix the templete argument of OwnPtr for the m_private member variable. * platform/graphics/MediaPlayer.cpp: (WebCore::MediaPlayer::MediaPlayer): (WebCore::MediaPlayer::loadWithNextMediaEngine): * platform/graphics/MediaPlayer.h: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::create): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp: (WebCore::MediaPlayerPrivateGStreamer::create): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: * platform/graphics/mac/MediaPlayerPrivateQTKit.h: * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: (WebCore::MediaPlayerPrivateQTKit::create): * platform/graphics/qt/MediaPlayerPrivatePhonon.cpp: (WebCore::MediaPlayerPrivatePhonon::create): * platform/graphics/qt/MediaPlayerPrivatePhonon.h: * platform/graphics/qt/MediaPlayerPrivateQt.cpp: (WebCore::MediaPlayerPrivateQt::create): * platform/graphics/qt/MediaPlayerPrivateQt.h: * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.cpp: (WebCore::MediaPlayerPrivateQuickTimeVisualContext::create): * platform/graphics/win/MediaPlayerPrivateQuickTimeVisualContext.h: * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp: (WebCore::MediaPlayerPrivate::create): * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.h: * platform/graphics/wince/MediaPlayerPrivateWinCE.h: 2011-05-13 Alexey Proskuryakov <ap@apple.com> Reviewed by Pavel Feldman. Web Inspector: Show Error Messages for Application Cache Errors https://bugs.webkit.org/show_bug.cgi?id=41642 * loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::didReceiveResponse): (WebCore::ApplicationCacheGroup::didFail): (WebCore::ApplicationCacheGroup::didReceiveManifestResponse): (WebCore::ApplicationCacheGroup::didFinishLoadingManifest): (WebCore::ApplicationCacheGroup::cacheUpdateFailedDueToOriginQuota): Added console error logging. 2011-05-12 Pratik Solanki <psolanki@apple.com> Reviewed by Antti Koivisto. Part of WebCore should use CFNetwork-based loader on Mac https://bugs.webkit.org/show_bug.cgi?id=51836 Fixes for warnings and other minor cleanups when we enable USE_CFNETWORK on Mac. * platform/network/cf/ResourceErrorCF.cpp: (WebCore::ResourceError::cfStreamError): * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::allowsAnyHTTPSCertificateHosts): (WebCore::clientCerts): (WebCore::willSendRequest): (WebCore::didReceiveResponse): (WebCore::didReceiveData): (WebCore::didSendBodyData): (WebCore::shouldUseCredentialStorageCallback): (WebCore::didFinishLoading): (WebCore::didFail): (WebCore::didReceiveChallenge): (WebCore::makeFinalRequest): (WebCore::ResourceHandle::willLoadFromCache): 2011-05-12 Pratik Solanki <psolanki@apple.com> Reviewed by Antti Koivisto. Part of WebCore should use CFNetwork-based loader on Mac https://bugs.webkit.org/show_bug.cgi?id=51836 Implement ResourceHandle::schedule()/unschedule() based on CF for Mac. * WebCore.exp.in: * platform/cf/SchedulePair.h: * platform/mac/SchedulePairMac.mm: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::schedule): (WebCore::ResourceHandle::unschedule): 2011-05-12 Pratik Solanki <psolanki@apple.com> Reviewed by Antti Koivisto. Part of WebCore should use CFNetwork-based loader on Mac https://bugs.webkit.org/show_bug.cgi?id=51836 Implement mac specific Authentication functions when using CFNetwork. * WebCore.exp.in: * WebCore.xcodeproj/project.pbxproj: * platform/network/ResourceHandle.h: * platform/network/cf/AuthenticationCF.cpp: (WebCore::AuthenticationChallenge::authenticationClient): (WebCore::createCF): (WebCore::core): * platform/network/cf/AuthenticationCF.h: * platform/network/cf/AuthenticationChallenge.h: * platform/network/mac/AuthenticationMac.mm: (WebCore::core): (WebCore::mac): * platform/network/mac/CredentialStorageMac.mm: 2011-05-12 Ben Wells <benwells@chromium.org> Reviewed by Simon Fraser. RGBA colors in outlines show overpainting at the corners https://bugs.webkit.org/show_bug.cgi?id=58999 Added FIXMEs near temporary $if !USE(SKIA)s, referencing bug 60342. * rendering/RenderInline.cpp: (WebCore::RenderInline::paintOutline): * rendering/RenderObject.cpp: (WebCore::RenderObject::paintOutline): 2011-05-12 Adele Peterson <adele@apple.com> Reviewed by Darin Adler and Adam Barth. Fix for <rdar://problem/9253454> Solar Walk For Mac: Info window is blank (HTML5 parser) https://bugs.webkit.org/show_bug.cgi?id=60685 Detect the Solar Walk application so we can add targeted parser quirks. * WebCore.exp.in: * platform/RuntimeApplicationChecks.cpp: (WebCore::applicationIsSolarWalk): * platform/RuntimeApplicationChecks.h: 2011-05-12 Jia Pu <jpu@apple.com> Reviewed by Darin Adler. Regression caused by changeset 86281 https://bugs.webkit.org/show_bug.cgi?id=60712 Changed wording in some tests to reflect AppKit UI change. * manual-tests/autocorrection/delete-to-end-of-word-to-show-reversion.html: * manual-tests/autocorrection/move-to-end-of-word-to-show-reversion.html: 2011-05-12 Daniel Bates <dbates@rim.com> Attempt to fix the build after changeset 86391 <http://trac.webkit.org/changeset/86391> (https://bugs.webkit.org/show_bug.cgi?id=60681). * page/PluginHalter.cpp: (WebCore::PluginHalter::PluginHalter): Substitute m_client for client in ASSERT_ARG since client is now of type PassOwnPtr so it becomes 0 when assigned to another variable. 2011-05-12 Patrick Gansterer <paroga@webkit.org> Reviewed by Darin Adler. Rename SimpleFontData::scaledFontData to createScaledFontData https://bugs.webkit.org/show_bug.cgi?id=60723 * platform/graphics/SimpleFontData.h: * platform/graphics/chromium/SimpleFontDataChromiumWin.cpp: * platform/graphics/chromium/SimpleFontDataLinux.cpp: * platform/graphics/freetype/SimpleFontDataFreeType.cpp: * platform/graphics/haiku/SimpleFontDataHaiku.cpp: * platform/graphics/mac/SimpleFontDataMac.mm: * platform/graphics/pango/SimpleFontDataPango.cpp: * platform/graphics/qt/SimpleFontDataQt.cpp: * platform/graphics/win/SimpleFontDataWin.cpp: * platform/graphics/wince/SimpleFontDataWinCE.cpp: * platform/graphics/wx/SimpleFontDataWx.cpp: 2011-05-12 Levi Weintraub <leviw@chromium.org> Reviewed by Simon Fraser. Switch paintOutline to use IntRect https://bugs.webkit.org/show_bug.cgi?id=60718 Switching paintOutline to use an IntRect instead of 4 ints. No new tests as this is just refactoring. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::paintObject): * rendering/RenderObject.cpp: (WebCore::RenderObject::paintOutline): * rendering/RenderObject.h: * rendering/RenderReplaced.cpp: (WebCore::RenderReplaced::paint): * rendering/RenderTable.cpp: (WebCore::RenderTable::paintObject): * rendering/svg/RenderSVGContainer.cpp: (WebCore::RenderSVGContainer::paint): * rendering/svg/RenderSVGImage.cpp: (WebCore::RenderSVGImage::paint): * rendering/svg/RenderSVGPath.cpp: (WebCore::RenderSVGPath::paint): * rendering/svg/RenderSVGRoot.cpp: (WebCore::RenderSVGRoot::paint): 2011-05-12 Anders Carlsson <andersca@apple.com> Address review comment by Dan Bernstein. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::substituteResourceDeliveryTimerFired): 2011-05-12 Anders Carlsson <andersca@apple.com> Reviewed by Dan Bernstein. Crash when a plug-in tries to load a resource from the application cache https://bugs.webkit.org/show_bug.cgi?id=60735 <rdar://problem/8216142> When loading application cache resources from disk, we would never restore the HTTP status code, which means that resources would always have a 0 status code. This led to the plug-in stream loader canceling the load, something which the application cache loading machinery couldn't deal and thus would crash. Fix the reading of the HTTP status code, and make the loader more robust against application cache loads being canceled. Unfortunately, I couldn't come up with a test for this because I couldn't find a reliable way to force the application cache to be read from disk, so all resources would have valid values. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::substituteResourceDeliveryTimerFired): * loader/appcache/ApplicationCacheStorage.cpp: (WebCore::ApplicationCacheStorage::loadCache): 2011-05-12 Emil A Eklund <eae@chromium.org> Reviewed by Darin Adler. Convert RenderBox::setLocation, setLogicalLocation and setLogicalSize to IntPoint/IntSize https://bugs.webkit.org/show_bug.cgi?id=60585 Refactoring, covered by existing tests. * rendering/RenderBox.cpp: (WebCore::RenderBox::positionLineBox): * rendering/RenderBox.h: (WebCore::RenderBox::setLogicalLocation): (WebCore::RenderBox::setLogicalSize): (WebCore::RenderBox::setLocation): * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::positionFrames): (WebCore::RenderFrameSet::positionFramesWithFlattening): * rendering/RenderMedia.cpp: (WebCore::RenderMedia::layout): * rendering/RenderScrollbarPart.cpp: (WebCore::RenderScrollbarPart::paintIntoRect): * rendering/RenderTable.cpp: (WebCore::RenderTable::adjustLogicalHeightForCaption): (WebCore::RenderTable::layout): * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::layoutRows): * rendering/RenderTextControlSingleLine.cpp: (WebCore::RenderTextControlSingleLine::layout): * rendering/svg/SVGRootInlineBox.cpp: (WebCore::SVGRootInlineBox::layoutRootBox): 2011-05-12 Adrienne Walker <enne@google.com> Reviewed by James Robinson. [chromium] show-composited-layer-tree crashes on null ptr deref https://bugs.webkit.org/show_bug.cgi?id=60734 The tiler is created lazily, so it won't not be around for the first dumpLayerProperties call. * platform/graphics/chromium/ContentLayerChromium.cpp: (WebCore::ContentLayerChromium::dumpLayerProperties): 2011-05-12 Patrick Gansterer <paroga@webkit.org> Reviewed by Adam Barth. Enable OwnPtr strict mode in PluginHalter https://bugs.webkit.org/show_bug.cgi?id=60681 Pass PluginHalterClient as (Pass)OwnPtr to Page and PluginHalter. * WebCore.exp.in: * page/Page.cpp: (WebCore::Page::Page): (WebCore::Page::PageClients::PageClients): * page/Page.h: * page/PluginHalter.cpp: (WebCore::PluginHalter::PluginHalter): * page/PluginHalter.h: 2011-05-12 Daniel Bates <dbates@rim.com> Reviewed by Adele Peterson. Frame's noResize attribute can not be set by JavaScript https://bugs.webkit.org/show_bug.cgi?id=14845 Tests: fast/frames/frame-inherit-noresize-from-frameset.html fast/frames/frame-programmatic-noresize.html fast/frames/frame-with-noresize-can-be-resized-after-removal-of-noresize.html fast/frames/frame-with-noresize-can-be-resized-after-setting-noResize-to-false.html Implements support to programmatically allow and disallow frame resizing. Currently, HTMLFrameElement::parseMappedAttribute() is hardcoded to disallow frame resize (i.e. m_noResize = true) when either the noresize DOM attribute is specified (or existed at some point in time) or the value of the noResize attribute is modified. Instead we should allow/disallow frame resize depending on the presence of the noresize DOM attribute/the value of the noResize attribute. * html/HTMLFrameElement.cpp: (WebCore::HTMLFrameElement::HTMLFrameElement): (WebCore::HTMLFrameElement::noResize): Made this a non-inline function since this code path isn't performance critical. (WebCore::HTMLFrameElement::attach): Removed code to inherit noresize attribute from parent <frameset> since this functionality is part of RenderFrameSet::computeEdgeInfo(). (WebCore::HTMLFrameElement::parseMappedAttribute): * html/HTMLFrameElement.h: * rendering/RenderFrame.cpp: (WebCore::RenderFrame::updateFromElement): Added. * rendering/RenderFrame.h: * rendering/RenderFrameSet.cpp: (WebCore::RenderFrameSet::notifyFrameEdgeInfoChanged): Added. * rendering/RenderFrameSet.h: 2011-05-12 Emil A Eklund <eae@chromium.org> Reviewed by Darin Adler. Replace IntPoint with const IntPoint& in RenderFlexibleBox::placeChild https://bugs.webkit.org/show_bug.cgi?id=60640 Pass by const reference instead of by value for consistency reasons. Refactoring, covered by existing tests. * rendering/RenderFlexibleBox.cpp: (WebCore::RenderFlexibleBox::placeChild): * rendering/RenderFlexibleBox.h: Use const IntPoint& instead of just IntPoint to avoid extra constructor overhead 2011-05-12 Dan Bernstein <mitz@apple.com> Reviewed by Sam Weinig. <rdar://problem/9427336> WebFindOptionsAtWordStarts still fails with some Japanese words https://bugs.webkit.org/show_bug.cgi?id=60730 * editing/TextIterator.cpp: (WebCore::SearchBuffer::isWordStartMatch): Consider all positions before a CJK ideograph as word starts. 2011-05-12 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch paintBoxDecorationWithSize to IntRect https://bugs.webkit.org/show_bug.cgi?id=60679 Switching paintBoxDecorationWithSize to take an IntRect instead of 4 ints. No new tests as this is simple refactoring. * rendering/RenderBox.cpp: (WebCore::RenderBox::paintBoxDecorations): Cleaning up amazingly confusing logic. (WebCore::RenderBox::paintBoxDecorationsWithSize): * rendering/RenderBox.h: * rendering/RenderTextControlSingleLine.cpp: (WebCore::RenderTextControlSingleLine::paintBoxDecorations): 2011-05-12 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch paintBoxShadow to use IntRect https://bugs.webkit.org/show_bug.cgi?id=60713 Switching paintBoxShadow from taking four ints to taking an IntRect. No new tests since this is refactoring. * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::paintBoxShadow): (WebCore::InlineFlowBox::paintBoxDecorations): * rendering/InlineFlowBox.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::paintBoxDecorationsWithSize): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintBoxShadow): * rendering/RenderBoxModelObject.h: * rendering/RenderFieldset.cpp: (WebCore::RenderFieldset::paintBoxDecorations): * rendering/RenderTable.cpp: (WebCore::RenderTable::paintBoxDecorations): * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paintBoxDecorations): 2011-05-12 Maciej Stachowiak <mjs@apple.com> Reviewed by Darin Adler. XMLDocumentParserLibxml2 should play nice with strict OwnPtrs https://bugs.webkit.org/show_bug.cgi?id=59394 Properly fix this (formerly rolled out for breaking the build). I think the original failure had nothing to do with Deque<OwnPtr>, which in fact appears to work fine. * dom/XMLDocumentParserLibxml2.cpp: (WebCore::PendingCallbacks::~PendingCallbacks): (WebCore::PendingCallbacks::create): (WebCore::PendingCallbacks::appendStartElementNSCallback): (WebCore::PendingCallbacks::appendEndElementNSCallback): (WebCore::PendingCallbacks::appendCharactersCallback): (WebCore::PendingCallbacks::appendProcessingInstructionCallback): (WebCore::PendingCallbacks::appendCDATABlockCallback): (WebCore::PendingCallbacks::appendCommentCallback): (WebCore::PendingCallbacks::appendInternalSubsetCallback): (WebCore::PendingCallbacks::appendErrorCallback): (WebCore::PendingCallbacks::PendingCallbacks): (WebCore::XMLDocumentParser::XMLDocumentParser): 2011-05-12 Daniel Bates <dbates@rim.com> Reviewed by Kenneth Rohde Christiansen. [Qt] fast/events/fire-mousedown-while-pressing-mouse-button.html failing https://bugs.webkit.org/show_bug.cgi?id=58863 Fixes an issue where a platform mouse event corresponding to mouse button A may be associated with the wrong WebCore mouse button when the event occurs while pressing and holding a mouse button B, where A != B. For example, a person clicks the middle mouse button while pressing and holding the left mouse button. Then we dispatch the following DOM events: mouse down for left button, mouse down for left button, mouse up for left button. But, we should have dispatched: mouse down for left button, mouse down for middle button, mouse up for middle button. * platform/qt/PlatformMouseEventQt.cpp: (WebCore::mouseEventTypeAndMouseButtonFromQEvent): Added. (WebCore::PlatformMouseEvent::PlatformMouseEvent): Modified to call mouseEventTypeAndMouseButtonFromQEvent() to determine the WebCore mouse event type and button from the platform-specific event. 2011-05-12 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch paintMask and paintMaskImages off of ints https://bugs.webkit.org/show_bug.cgi?id=60578 Primarily switching paintMask and paintMaskImages to use IntSize and IntRect respectively. In the process of that: - added an "expand" function to IntRect that allows you to add an IntSize or pair of integers to the size portion of an IntRect. - changed borderFitAdjust to take an IntRect. It modifies only the x and width attributes. No new tests since this refactoring. * platform/graphics/IntRect.h: (WebCore::IntRect::expand): Added for convenience. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::paintObject): (WebCore::RenderBlock::borderFitAdjust): * rendering/RenderBlock.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::paintBoxDecorationsWithSize): (WebCore::RenderBox::paintMask): (WebCore::RenderBox::paintMaskImages): * rendering/RenderBox.h: (WebCore::RenderBox::borderFitAdjust): * rendering/RenderFieldset.cpp: (WebCore::RenderFieldset::paintMask): * rendering/RenderFieldset.h: * rendering/RenderReplaced.cpp: (WebCore::RenderReplaced::paint): * rendering/RenderReplica.cpp: (WebCore::RenderReplica::paint): * rendering/RenderTable.cpp: (WebCore::RenderTable::paintObject): (WebCore::RenderTable::paintMask): * rendering/RenderTable.h: * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paintMask): * rendering/RenderTableCell.h: * rendering/RenderWidget.cpp: (WebCore::RenderWidget::paint): 2011-05-12 Patrick Gansterer <paroga@webkit.org> Reviewed by Eric Seidel. SimpleFontData::scaledFontData should return a PassOwnPtr https://bugs.webkit.org/show_bug.cgi?id=60657 Let scaledFontData return a PassOwnPtr instead of a raw pointer to make SimpleFontData build without LOOSE_PASS_OWN_PTR. * platform/graphics/SimpleFontData.h: * platform/graphics/chromium/SimpleFontDataChromiumWin.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/chromium/SimpleFontDataLinux.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/freetype/SimpleFontDataFreeType.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/haiku/SimpleFontDataHaiku.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/mac/SimpleFontDataMac.mm: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/pango/SimpleFontDataPango.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/qt/SimpleFontDataQt.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/win/SimpleFontDataWin.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/wince/SimpleFontDataWinCE.cpp: (WebCore::SimpleFontData::scaledFontData): * platform/graphics/wx/SimpleFontDataWx.cpp: (WebCore::SimpleFontData::scaledFontData): 2011-05-12 Jessie Berlin <jberlin@apple.com> Reviewed by Darin Adler. Assertion failure when requesting that storage be deleted for an origin without storage. https://bugs.webkit.org/show_bug.cgi?id=60709 * storage/StorageTracker.cpp: (WebCore::StorageTracker::syncDeleteOrigin): If the path to the storage location for the givin origin is empty, return early instead of asserting. 2011-05-12 Jessie Berlin <jberlin@apple.com> Reviewed by Darin Adler. [Windows WebKit2] Use cookies set in WebKit1 https://bugs.webkit.org/show_bug.cgi?id=60274 Make sure any Private Browsing session is based off the default session. * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::createPrivateBrowsingStorageSession): 2011-05-12 Rob Buis <rbuis@rim.com> Reviewed by Eric Seidel. SVGStyledElement::resolveStyle(RenderStyle*) must be removed/fixed! https://bugs.webkit.org/show_bug.cgi?id=15479 Finally remove resolveStyle, it is not used anymore. * svg/SVGStyledElement.cpp: (WebCore::SVGStyledElement::childrenChanged): * svg/SVGStyledElement.h: 2011-05-12 Adam Barth <abarth@webkit.org> Reviewed by Darin Adler. REGRESSION (r65868): createContextualFragment does not work with <style> https://bugs.webkit.org/show_bug.cgi?id=60155 createContextualFragment doesn't have a spec, so it's hard to tell what we're supposed to do exactly. This patch appears to make our behavior more like Firefox and should fix the compat issue with this site. Tests: fast/parser/style-in-create-contextual-fragment-head.html fast/parser/style-in-create-contextual-fragment.html * dom/Element.cpp: (WebCore::Element::deprecatedCreateContextualFragment): 2011-05-12 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. WebKit inserts base, link, meta, style, and title elements into an editable region when pasting table cells from Excel https://bugs.webkit.org/show_bug.cgi?id=60644 Strip base, link, meta, style, and tile elements from the fragment to be pasted prior to the merge. We don't have to strip these elements in performTrivialReplace because the function only handles a fragment that consists of exactly one text node. Test: editing/pasteboard/paste-head-contents.html * editing/ReplaceSelectionCommand.cpp: (WebCore::removeHeadContents): Added. (WebCore::ReplaceSelectionCommand::doApply): Calls removeHeadContents before handing style spans. 2011-05-12 Levi Weintraub <leviw@chromium.org> Reviewed by Simon Fraser. Switch calculateBackgroundImageGeometry to use IntRect https://bugs.webkit.org/show_bug.cgi?id=60671 Replacing the four ints passed into calculateBackgroundImageGeometry with an IntRect. No new tests since this is just refactoring. * rendering/RenderBox.cpp: (WebCore::RenderBox::maskClipRect): (WebCore::RenderBox::repaintLayerRectsForImage): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintFillLayerExtended): (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry): * rendering/RenderBoxModelObject.h: 2011-05-12 Carol Szabo <carol@webkit.org> Reviewed by David Hyatt. Fix reparenting and destruction of counter nodes. https://bugs.webkit.org/show_bug.cgi?id=57929 Fixed several issues related to not met assertions. See below in the per file description. Test: fast/css/counters/element-removal-crash.xhtml * dom/ContainerNode.cpp: (WebCore::ContainerNode::removeChildren): Fixed the fact that Node::detach() used to be called while the DOM tree was in an inconsistent state. * rendering/RenderCounter.cpp: (WebCore::RenderCounter::rendererRemovedFromTree): Introduced this function to remove counters from descendents of renderers removed from the renderer tree not only from the removed renderers themselves. * rendering/RenderCounter.h: * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::removeChildNode): Changed to call RenderCounter::rendererRemovedFromTree instead of RenderCounter::destroyCounters. 2011-05-12 Luke Macpherson <macpherson@chromium.org> Reviewed by Dimitri Glazkov. Merge ApplyPropertyExpanding and ApplyPropertyExpandingSuppressValue classes using template. https://bugs.webkit.org/show_bug.cgi?id=60691 No new tests - refactoring only. * css/CSSStyleApplyProperty.cpp: (WebCore::ApplyPropertyExpanding::applyValue): Use new template parameter to early exit if needed. (WebCore::CSSStyleApplyProperty::CSSStyleApplyProperty): Specify template parameters for ApplyPropertyExpanding. 2011-05-12 Simon Fraser <simon.fraser@apple.com> Followup to r86351; give the vectors some inline capacity to avoid heap allocations in most cases. * page/animation/AnimationBase.cpp: (WebCore::PropertyWrapperShadow::blendMismatchedShadowLists): 2011-05-12 Simon Fraser <simon.fraser@apple.com> Reviewed by Dan Bernstein. Mismatched multiple box-shadows do not transition as expected https://bugs.webkit.org/show_bug.cgi?id=60137 When animating between two sets of shadows of different lengths, we need to walk the ShadowData list backwards, since it stores the shadows in reverse order relative to the CSS (so that painting is back-to-front). This progresses the behavior of the transitions/multiple-shadow-transitions.html test, which is given new expected results. Test: transitions/mismatched-shadow-transitions.html * page/animation/AnimationBase.cpp: (WebCore::shadowListLength): Utility to walk the list of ShadowData and count the number of shadows. (WebCore::shadowForBlending): Return a ShadowData* that is useful as a blending target, based on the shadow type, and whether it's a -webkit-box-shadow. (WebCore::PropertyWrapperShadow::blend): Call one of the specialized blend methods. (WebCore::PropertyWrapperShadow::blendSimpleOrMatchedShadowLists): Fast path for shadow blending, when the list lengths match, or both are single or null shadows. (WebCore::PropertyWrapperShadow::blendMismatchedShadowLists): Slower path that builds vectors for each list to reverse them. 2011-05-12 Adam Roben <aroben@apple.com> Attempted WinCairo build fix after r86169, part II * platform/network/curl/CredentialStorageCurl.cpp: Added a missing #include. 2011-05-12 Adam Roben <aroben@apple.com> Fix linker warnings in Production builds * WebCore.vcproj/WebCore.vcproj: Exclude JSSVGFEDropShadowElement.cpp from the build in the Production configuration, just like in the other configurations. Let VS resort some files (again). 2011-05-12 Philippe Normand <pnormand@igalia.com> Reviewed by Adam Roben. Autocorrection persists after deleting and retyping the same word at same location. https://bugs.webkit.org/show_bug.cgi?id=60555 Follow-up fix for the 3 editing/deleting tests crashing on GTK, Leopard and Windows XP. Don't create the Range if the start of the selection has no next position. * editing/DeleteSelectionCommand.cpp: (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection): 2011-05-12 Adam Roben <aroben@apple.com> Attempted WinCairo build fix after r86169 * WebCore.vcproj/WebCore.vcproj: Added CredentialStorageCurl.cpp. Also let VS do what it wants. * platform/network/curl/CredentialStorageCurl.cpp: Added. (WebCore::CredentialStorage::getFromPersistentStorage): Stubbed out. 2011-05-12 Adam Roben <aroben@apple.com> Build fixes after r86325 * editing/SpellingCorrectionController.cpp: * editing/SpellingCorrectionController.h: Added missing declarations/#includes. 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com> Not reviewed. String operator+ reallocates unnecessary when concatting > 2 strings https://bugs.webkit.org/show_bug.cgi?id=58420 Attempt to fix the WinCE build. WinCE/WinCairo still won't link because of unresolved symbols, hmm. If we had EWS for those, I would have caught the problem earlier. * platform/wince/FileSystemWinCE.cpp: (WebCore::listDirectory): 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com> Not reviewed. String operator+ reallocates unnecessary when concatting > 2 strings https://bugs.webkit.org/show_bug.cgi?id=58420 Fix fast/forms/input-image-submit.html regression, seens on the bots - by removing a last-minute typo: s/!!/!/ * html/ImageInputType.cpp: (WebCore::ImageInputType::appendFormData): 2011-05-12 Rob Buis <rwlbuis@gmail.com> Reviewed by Eric Seidel. REGRESSION(79985): Changes in fill-opacity should trigger repaint but don't https://bugs.webkit.org/show_bug.cgi?id=59941 Also consider fill-opacity when determining whether StyleDifferenceRepaint is needed. Test: svg/custom/fill-opacity-update.svg * rendering/style/SVGRenderStyle.cpp: (WebCore::SVGRenderStyle::diff): 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com> Reviewed by Darin Adler. String operator+ reallocates unnecessary when concatting > 2 strings https://bugs.webkit.org/show_bug.cgi?id=58420 Provide a faster String append operator. See Source/JavaScriptCore/ChangeLog for details. * dom/XMLDocumentParserLibxml2.cpp: (WebCore::handleElementAttributes): * editing/MarkupAccumulator.cpp: (WebCore::MarkupAccumulator::shouldAddNamespaceElement): * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::hash): (WebCore::HTMLAnchorElement::search): * html/ImageInputType.cpp: (WebCore::ImageInputType::appendFormData): * html/parser/HTMLTreeBuilder.cpp: * loader/CrossOriginAccessControl.cpp: (WebCore::passesAccessControlCheck): * page/Location.cpp: (WebCore::Location::search): (WebCore::Location::hash): * page/NavigatorBase.cpp: (WebCore::NavigatorBase::platform): * platform/chromium/ClipboardChromium.cpp: (WebCore::writeImageToDataObject): * platform/gtk/PasteboardHelper.cpp: (WebCore::PasteboardHelper::fillSelectionData): * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::encodeBasicAuthorization): * platform/network/cf/SocketStreamHandleCFNet.cpp: (WebCore::SocketStreamHandle::copyCFStreamDescription): * platform/network/mac/ResourceHandleMac.mm: (WebCore::encodeBasicAuthorization): * workers/WorkerLocation.cpp: (WebCore::WorkerLocation::search): (WebCore::WorkerLocation::hash): 2011-05-06 Yury Semikhatsky <yurys@chromium.org> Reviewed by Pavel Feldman. Web Inspector: move agents from InspectorAgent to InspectorController https://bugs.webkit.org/show_bug.cgi?id=60359 All inspector agents are now created and owned by InspectorController which in turned is owned by the inspected Page. InspectorInstrumentation gets access to the instrumenting agents by means of InspectorAgent::instrumentingAgents(). In addition to managing inspector agents lifetime InspectorController sets InspectorFronted on the agents when the front-end is connected. * inspector/InspectorAgent.cpp: (WebCore::InspectorAgent::InspectorAgent): (WebCore::InspectorAgent::~InspectorAgent): (WebCore::InspectorAgent::inspectedPageDestroyed): (WebCore::InspectorAgent::restore): (WebCore::InspectorAgent::setFrontend): (WebCore::InspectorAgent::clearFrontend): * inspector/InspectorAgent.h: all accessors to other agents were removed along with the agents themselves from InspectorAgent. Every agent that depends on some other agents receives pointers to them explicitely in its constructor. All access to the agents from WebCore should go through InspectorInstrumentation which retrieves corresponding agents using InstrumentingAgents structure which represents the set of active agents. (WebCore::InspectorAgent::instrumentingAgents): * inspector/InspectorController.cpp: (WebCore::InspectorController::InspectorController): (WebCore::InspectorController::~InspectorController): (WebCore::InspectorController::inspectedPageDestroyed): (WebCore::InspectorController::startTimelineProfiler): (WebCore::InspectorController::stopTimelineProfiler): (WebCore::InspectorController::connectFrontend): (WebCore::InspectorController::disconnectFrontend): (WebCore::InspectorController::restoreInspectorStateFromCookie): (WebCore::InspectorController::drawNodeHighlight): (WebCore::InspectorController::inspect): (WebCore::InspectorController::timelineProfilerEnabled): (WebCore::InspectorController::hideHighlight): (WebCore::InspectorController::highlightedNode): (WebCore::InspectorController::enableProfiler): (WebCore::InspectorController::disableProfiler): (WebCore::InspectorController::profilerEnabled): (WebCore::InspectorController::debuggerEnabled): (WebCore::InspectorController::disableDebugger): (WebCore::InspectorController::startUserInitiatedProfiling): (WebCore::InspectorController::stopUserInitiatedProfiling): (WebCore::InspectorController::isRecordingUserInitiatedProfile): (WebCore::InspectorController::resume): * inspector/InspectorController.h: * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl): (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl): (WebCore::InspectorInstrumentation::didModifyDOMAttrImpl): (WebCore::InspectorInstrumentation::didInvalidateStyleAttrImpl): (WebCore::InspectorInstrumentation::characterDataModifiedImpl): (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl): (WebCore::InspectorInstrumentation::didFailLoadingImpl): (WebCore::InspectorInstrumentation::resourceRetrievedByXMLHttpRequestImpl): (WebCore::InspectorInstrumentation::addMessageToConsoleImpl): (WebCore::InspectorInstrumentation::consoleCountImpl): (WebCore::InspectorInstrumentation::startConsoleTimingImpl): (WebCore::InspectorInstrumentation::stopConsoleTimingImpl): (WebCore::InspectorInstrumentation::addStartProfilingMessageToConsoleImpl): (WebCore::InspectorInstrumentation::addProfileImpl): (WebCore::InspectorInstrumentation::getCurrentUserInitiatedProfileNameImpl): (WebCore::InspectorInstrumentation::profilerEnabledImpl): (WebCore::InspectorInstrumentation::cancelPauseOnNativeEvent): * page/Page.cpp: (WebCore::Page::~Page): we send two notifications when inspected Page is being destroyed: one to the inspector instrumentation and another one to the InspectorController which is owned by the Page. 2011-05-12 Tony Gentilcore <tonyg@chromium.org> Build fix: include ExceptionCode.h https://bugs.webkit.org/show_bug.cgi?id=60694 * dom/Range.cpp: 2011-05-10 Tony Gentilcore <tonyg@chromium.org> Reviewed by Darin Adler. Perform some forward declarations suggested by include-what-you-use https://bugs.webkit.org/show_bug.cgi?id=60545 * accessibility/AccessibilityObject.cpp: * accessibility/AccessibilityRenderObject.cpp: * accessibility/mac/AccessibilityObjectWrapper.mm: * dom/DocumentMarkerController.cpp: * dom/Position.cpp: * dom/PositionIterator.cpp: * dom/Range.cpp: * editing/ApplyBlockElementCommand.cpp: * editing/ApplyStyleCommand.cpp: * editing/Editor.cpp: * editing/EditorCommand.cpp: * editing/FrameSelection.cpp: * editing/HTMLInterchange.cpp: * editing/IndentOutdentCommand.cpp: * editing/ReplaceSelectionCommand.cpp: * editing/SpellChecker.h: * editing/SpellingCorrectionCommand.cpp: * editing/SpellingCorrectionController.h: * editing/TextCheckingHelper.cpp: * editing/TextIterator.h: * editing/htmlediting.h: * editing/markup.cpp: * editing/visible_units.cpp: * editing/visible_units.h: * fileapi/DOMFileSystem.cpp: * fileapi/DirectoryReaderSync.cpp: * fileapi/DirectoryReaderSync.h: * fileapi/FileEntry.h: * fileapi/FileWriter.h: * fileapi/FileWriterBase.h: * fileapi/FileWriterSync.h: * history/CachedFrame.cpp: * history/CachedPage.cpp: * history/HistoryItem.cpp: * history/HistoryItem.h: * history/PageCache.h: * loader/HistoryController.h: * loader/PingLoader.h: * loader/ResourceLoader.h: * loader/appcache/DOMApplicationCache.h: * loader/cache/CachedCSSStyleSheet.h: * loader/cache/CachedFont.cpp: * loader/cache/CachedFont.h: * loader/cache/CachedResourceRequest.cpp: * loader/cache/CachedResourceRequest.h: * loader/cache/MemoryCache.h: * notifications/Notification.cpp: * notifications/Notification.h: * notifications/NotificationCenter.cpp: * notifications/NotificationCenter.h: * page/Chrome.cpp: * page/Chrome.h: * page/DOMSelection.cpp: * page/DOMTimer.h: * page/DOMWindow.cpp: * page/EventHandler.cpp: * page/FocusController.h: * page/Geolocation.cpp: * page/Geolocation.h: * page/History.cpp: * rendering/RenderListBox.cpp: * workers/WorkerContext.cpp: 2011-05-12 Yuta Kitamura <yutak@chromium.org> Unreviewed, another attempt of build fix. * websockets/CloseEvent.h: * websockets/CloseEvent.idl: 2011-05-12 Yuta Kitamura <yutak@chromium.org> Unreviewed, trying to fix Qt minimal compile. * websockets/CloseEvent.idl: 2011-05-12 ojab <ojab@ojab.ru> Reviewed by Eric Seidel. Fix build with --disable-video --enable-fullscreen-api https://bugs.webkit.org/show_bug.cgi?id=60542 * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector): 2011-05-12 Yuta Kitamura <yutak@chromium.org> Reviewed by Kent Tamura. WebSocket add new event: CloseEvent https://bugs.webkit.org/show_bug.cgi?id=35573 Original patch was written by Fumitoshi Ukai <ukai@chromium.org>. I added CloseEvent constructor to DOMWindow, so it can be referred in the new test (close-event.html). Test: http/tests/websocket/tests/close-event.html * CMakeLists.txt: * CodeGenerators.pri: * DerivedSources.cpp: * DerivedSources.make: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSEventCustom.cpp: (WebCore::toJS): * bindings/v8/custom/V8EventCustom.cpp: (WebCore::toV8): * dom/Event.cpp: (WebCore::Event::isCloseEvent): * dom/Event.h: * page/DOMWindow.idl: Add CloseEvent constructor. * websockets/CloseEvent.h: Added. (WebCore::CloseEvent::isCloseEvent): (WebCore::CloseEvent::create): (WebCore::CloseEvent::initCloseEvent): (WebCore::CloseEvent::wasClean): (WebCore::CloseEvent::CloseEvent): * websockets/CloseEvent.idl: Added. * websockets/WebSocket.cpp: (WebCore::WebSocket::didClose): 2011-05-12 Ben Wells <benwells@chromium.org> Reviewed by Simon Fraser. RGBA colors in outlines show overpainting at the corners https://bugs.webkit.org/show_bug.cgi?id=58999 Tests: fast/borders/outline-alpha-block.html fast/borders/outline-alpha-inline.html Updated baseline images for tests with rgba outlines: fast/box-shadow/box-shadow-radius.html fast/layers/self-painting-outline.html * rendering/RenderInline.cpp: (WebCore::RenderInline::paintOutline): (WebCore::RenderInline::paintOutlineForLine): * rendering/RenderInline.h: * rendering/RenderObject.cpp: (WebCore::RenderObject::paintOutline): 2011-05-11 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Rename Widget::pos() https://bugs.webkit.org/show_bug.cgi?id=60575 Renaming Widget::pos() to the more-descriptive location(). No new tests as this is a simple rename * page/FrameView.cpp: (WebCore::FrameView::create): * platform/Widget.h: (WebCore::Widget::location): (WebCore::Widget::resize): 2011-05-10 MORITA Hajime <morrita@google.com> Reviewed by Kent Tamura. Crashes if the document inside iframe is removed during pasting some text into it. https://bugs.webkit.org/show_bug.cgi?id=60534 Added missing null check. Test: editing/pasteboard/paste-removing-iframe.html * editing/Editor.cpp: (WebCore::Editor::shouldChangeSelection): 2011-05-11 Brian Salomon <bsalomon@google.com> Reviewed by Eric Seidel. Handle case when GrContext creation fails https://bugs.webkit.org/show_bug.cgi?id=60410 Exercised by all canvas tests when DRT is run with skia-gpu * platform/graphics/gpu/SharedGraphicsContext3D.cpp: (WebCore::SharedGraphicsContext3D::grContext): 2011-05-11 Pratik Solanki <psolanki@apple.com> Reviewed by Andreas Kling. Remove empty class CallbackGuard https://bugs.webkit.org/show_bug.cgi?id=60610 CallbackGuard was only ever used on Tiger and it is now an empty class. Remove all uses of it. * platform/network/mac/ResourceHandleMac.mm: (-[WebCoreResourceHandleAsDelegate connection:willSendRequest:redirectResponse:]): (-[WebCoreResourceHandleAsDelegate connectionShouldUseCredentialStorage:]): (-[WebCoreResourceHandleAsDelegate connection:didReceiveAuthenticationChallenge:]): (-[WebCoreResourceHandleAsDelegate connection:didCancelAuthenticationChallenge:]): (-[WebCoreResourceHandleAsDelegate connection:canAuthenticateAgainstProtectionSpace:]): (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]): (-[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:]): (-[WebCoreResourceHandleAsDelegate connection:willStopBufferingData:]): (-[WebCoreResourceHandleAsDelegate connection:didSendBodyData:totalBytesWritten:totalBytesExpectedToWrite:]): (-[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:]): (-[WebCoreResourceHandleAsDelegate connection:didFailWithError:]): (-[WebCoreResourceHandleAsDelegate connection:willCacheResponse:]): 2011-05-11 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Implement CSSPropertyMargin and CSSPropertyPadding in CSSStyleApplyProperty. https://bugs.webkit.org/show_bug.cgi?id=60609 No new tests - refactoring only. * css/CSSStyleApplyProperty.cpp: (WebCore::CSSStyleApplyProperty::CSSStyleApplyProperty): Initialise CSSPropertyMargin and CSSPropertyPadding handlers. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Remove unused implementations. 2011-05-11 Robin Dunn <robin@alldunn.com> Reviewed by Kevin Ollivier. [wx] Implement more clipping functions for wxWebKit. https://bugs.webkit.org/show_bug.cgi?id=60662 * platform/graphics/wx/GraphicsContextWx.cpp: (WebCore::GraphicsContext::clip): (WebCore::GraphicsContext::clipOut): 2011-05-11 Damian Kaleta <dkaleta@apple.com> Reviewed by Brady Eidson. Need a new API that will try to restore the scrollbars' position, when navigating in the back/forward history https://bugs.webkit.org/show_bug.cgi?id=60674 * WebCore.exp.in: Export restoreScrollPositionAndViewState() 2011-05-11 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch paintFillLayer and its progeny to use IntRect instead of four ints https://bugs.webkit.org/show_bug.cgi?id=60596 Changing integers passed into paintFillLayer and other derivatives to IntRects and IntSizes that reflect their function. No new tests since this is just refactoring. * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::paintFillLayers): (WebCore::InlineFlowBox::paintFillLayer): (WebCore::InlineFlowBox::paintBoxDecorations): (WebCore::InlineFlowBox::paintMask): * rendering/InlineFlowBox.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::paintRootBoxFillLayers): (WebCore::RenderBox::paintBoxDecorationsWithSize): (WebCore::RenderBox::paintMaskImages): (WebCore::RenderBox::paintFillLayers): (WebCore::RenderBox::paintFillLayer): * rendering/RenderBox.h: * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintFillLayerExtended): * rendering/RenderBoxModelObject.h: * rendering/RenderFieldset.cpp: (WebCore::RenderFieldset::paintBoxDecorations): * rendering/RenderTable.cpp: (WebCore::RenderTable::paintBoxDecorations): * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paintBackgroundsBehindCell): 2011-05-11 Nat Duca <nduca@chromium.org> Reviewed by James Robinson. [chromium] Use mapTexSubImage2D for tile uploads if available https://bugs.webkit.org/show_bug.cgi?id=60008 * platform/graphics/chromium/LayerTilerChromium.cpp: (WebCore::LayerTilerChromium::LayerTilerChromium): (WebCore::LayerTilerChromium::update): (WebCore::LayerTilerChromium::updateFromPixels): * platform/graphics/chromium/LayerTilerChromium.h: 2011-05-11 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Kenneth Rohde Christiansen. [Qt] Implements a disable appearance for Media Elements of Qt port. https://bugs.webkit.org/show_bug.cgi?id=60561 Implements a disable appearance for the media controls of the Qt port when the media is not yet available. * platform/qt/RenderThemeQt.cpp: (WebCore::mediaElementCanPlay): (WebCore::RenderThemeQt::getMediaControlForegroundColor): (WebCore::RenderThemeQt::paintMediaSliderThumb): 2011-05-11 Kent Tamura <tkent@chromium.org> Reviewed by Dimitri Glazkov. input type=email is too strict https://bugs.webkit.org/show_bug.cgi?id=55988 Follow the updated specification. * html/EmailInputType.cpp: Update the pattern to allow a domain part without periods. 2011-05-11 Jia Pu <jpu@apple.com> Reviewed by Darin Adler. Autocorrection persists after deleting and retyping the same word at same location. https://bugs.webkit.org/show_bug.cgi?id=60555 <rdar://problem/9373915> This patch intends to alleviate the issue of repetitively applying the same autocorrection when user delete and retype the same word at the same location. This scenario is especially common when autocorrection modifies the first letter of the word. This patch consists following major changes: 1. Added a new marker type, DeletedAutocorrection. This marker is added to the whitespace that precedes a deleted autocorrection. If the user later types the same original word at after this whitespace, the autocorrection will not be applied again. 2. In DeleteSelectionCommand, added code to notify SpellingCorrectionController about the autocorrection that has just been deleted. 3. In Editor and SpellingCorrectionController, added code to apply the marker and to suppress autocorrection when necessary. 4. The change in CompositeEditCommand::replaceTextInNode is necessary for preserving markers. Otherwise, we will loose the DeletedAutocorrection on the whitespace, when inserting text after the whitespace. Test: platform/mac/editing/spelling/delete-autocorrected-word-2.html * dom/DocumentMarker.h: Added new marker type DeletedAutocorrection. (WebCore::DocumentMarker::AllMarkers::AllMarkers): * dom/DocumentMarkerController.cpp: (WebCore::DocumentMarkerController::markersInRange): Support querying multiple marker types. * dom/DocumentMarkerController.h: * editing/CompositeEditCommand.cpp: (WebCore::CompositeEditCommand::replaceTextInNodeAndPreserveMarkers): (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring): (WebCore::CompositeEditCommand::prepareWhitespaceAtPositionForSplit): * editing/CompositeEditCommand.h: * editing/DeleteSelectionCommand.cpp: (WebCore::DeleteSelectionCommand::DeleteSelectionCommand): (WebCore::DeleteSelectionCommand::fixupWhitespace): (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection): Extracting the original string if we are deleting an autocorrection. (WebCore::DeleteSelectionCommand::doApply): Notify editor about the deleted autocorrection and its position. * editing/DeleteSelectionCommand.h: * editing/Editor.cpp: (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges): Moved all logic of determining when to suppress an autocorrection into SpellingCorrectionController. (WebCore::Editor::deletedAutocorrectionAtPosition): * editing/Editor.h: * editing/InsertParagraphSeparatorCommand.cpp: (WebCore::InsertParagraphSeparatorCommand::doApply): * editing/SpellingCorrectionController.cpp: (WebCore::SpellingCorrectionController::respondToAppliedEditing): (WebCore::SpellingCorrectionController::deletedAutocorrectionAtPosition): (WebCore::SpellingCorrectionController::markPrecedingWhitespaceForDeletedAutocorrectionAfterCommand): (WebCore::SpellingCorrectionController::processMarkersOnTextToBeReplacedByResult): * editing/SpellingCorrectionController.h: (WebCore::SpellingCorrectionController::UNLESS_ENABLED): * editing/visible_units.cpp: (WebCore::isStartOfWord): * editing/visible_units.h: * manual-tests/autocorrection/spell-checking-after-reversion.html: 2011-05-11 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. <rdar://problem/9414874> Layout unnecessarily interrupts smooth scrolling at msnbc.com https://bugs.webkit.org/show_bug.cgi?id=60677 * platform/ScrollView.cpp: (WebCore::ScrollView::updateScrollbars): Only perform an immediate scroll, aborting any running animation, if the new scroll offset computed here is different from the current scroll offset. 2011-05-11 Kent Tamura <tkent@chromium.org> Reviewed by Dimitri Glazkov. <input pattern="1|10" value="10"> doesn't work correctly. https://bugs.webkit.org/show_bug.cgi?id=60619 Fixes a bug that patternMismatch returns a wrong result if - a whole value matches to a pattern, - a sub-string of the value also matches to the pattern, and - the sub-string matching has priority. * html/BaseTextInputType.cpp: (WebCore::BaseTextInputType::patternMismatch): Enclose the specified pattern with ^( and )$. 2011-05-11 Zelidrag Hornung <zelidrag@chromium.org> Reviewed by David Levin. Prevented DOMFileSystemBase from imposing file naming restrictions on external file systems. https://bugs.webkit.org/show_bug.cgi?id=60583 There are no new tests for this change since it requires the presence of external file system provider which is specific to the platform host process. Chromium implementation will test this within its extension API test suite. * fileapi/DOMFileSystemBase.cpp: (WebCore::pathToAbsolutePath): (WebCore::DOMFileSystemBase::getFile): (WebCore::DOMFileSystemBase::getDirectory): 2011-05-11 Antoine Labour <piman@chromium.org> Reviewed by David Levin. Expose shouldBufferData to ThreadableLoaderOptions to be able to disable buffering of the loaded resource. https://bugs.webkit.org/show_bug.cgi?id=60656 * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::loadRequest): Pass the shouldBufferData to the resource load scheduler, forcing it to true for the preflight request. * loader/ResourceLoadScheduler.cpp: (WebCore::ResourceLoadScheduler::scheduleSubresourceLoad): Pass through shouldBufferData to SubresourceLoader::create * loader/ResourceLoadScheduler.h: * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::create): Set shouldBufferData on the newly created loader * loader/SubresourceLoader.h: * loader/ThreadableLoader.h: (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Add shouldBufferData to the options, defaulting to true. 2011-05-11 Jay Civelli <jcivelli@chromium.org> Reviewed by Adam Barth. Adding a Content-Type parser. This is needed for MHTML support. https://bugs.webkit.org/show_bug.cgi?id=60637 (WebCore::ScriptController::disableEval): * platform/network/ContentTypeParser.cpp: Added. * platform/network/ContentTypeParser.h: Added. 2011-05-11 Jessie Berlin <jberlin@apple.com> Reviewed by Steve Falkenburg. [Windows WebKit2] Use cookies set in WebKit1 https://bugs.webkit.org/show_bug.cgi?id=60274 Share the default storage session between the UI and Web Processes. * platform/network/cf/CookieStorageCFNet.cpp: (WebCore::defaultSessionCookieStorage): Keep track of the default storage session cookie storage. (WebCore::currentCookieStorage): Call defaultCookieStorage to get the default cookie storage. (WebCore::defaultCookieStorage): If there is a default storage session cookie storage, prefer that over getting the default cookie storage. In the Web Process, asking CFNetwork for the default cookie storage directly without specifying a storage session will not get the cookie storage being shared by the UI and Web Processes. * platform/network/ResourceHandle.h: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::willSendRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). (WebCore::makeFinalRequest): Ditto. (WebCore::ResourceHandle::willSendRequest): Ditto. (WebCore::ResourceHandle::currentStorageSession): If there is a Private Browsing storage session, return that. If not, on Windows return the default storage session that is being shared with the UI Process and on Mac return 0. (WebCore::defaultCFURLStorageSession): (WebCore::ResourceHandle::setDefaultStorageSession): (WebCore::ResourceHandle::defaultStorageSession): * platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::doUpdatePlatformRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). 2011-05-11 Lucas De Marchi <lucas.demarchi@profusion.mobi> Reviewed by David Kilzer. Remove wml directory from include lists https://bugs.webkit.org/show_bug.cgi?id=60646 Remove wml dir from CMake, Autotools and qmake build systems since WML was removed in r85256. No new tests since no change in functionality. * CMakeLists.txt: * GNUmakefile.am: * WebCore.pri: 2011-05-11 Lucas De Marchi <lucas.demarchi@profusion.mobi> Reviewed by Antonio Gomes. [CMAKE] Move EFL-specific file to CMakeListsEfl.txt https://bugs.webkit.org/show_bug.cgi?id=60642 Move file EFL-specific file to the CMakeListsEfl.txt file. This implies having to include CMakeLists${PORT}.txt before the ADD_CUSTOM_COMMAND calls, since they depend on lists that now may change inside a port like WebCore_USER_AGENT_STYLE_SHEETS. No new tests since no change in functionality. * CMakeLists.txt: remove css file specific to EFL port. * CMakeListsEfl.txt: move file here. 2011-05-11 Tao Bai <michaelbai@chromium.org> Reviewed by David Kilzer. Return empty Favicon URL instead of default one when the frame isn't top level one https://bugs.webkit.org/show_bug.cgi?id=60527 This issue was discovered by chromium browser test. * dom/Document.cpp: (WebCore::Document::setIconURL): Restored original logic which was inadvertently flipped by http://trac.webkit.org/changeset/85785. * loader/FrameLoader.cpp: (WebCore::FrameLoader::iconURLs): (WebCore::FrameLoader::fillIconURL): Restored original logic, the empty URL should be returned instead of default one. The client (at least chromium) may rely on the returned value to decided whether the favicon should be changed. 2011-05-11 Nat Duca <nduca@chromium.org> Reviewed by Kenneth Russell. [chromium] Make throttling of WebGL based on webgl frames, not compositor frames https://bugs.webkit.org/show_bug.cgi?id=60508 When a WebGL layer is dirtied outside of a requestAnimFrame callback, we need to prevent WebGL from running too far ahead of the GPU process. The current throttling mechanism relies on prepareTexture being called for every WebGL frame. However, in a non-requestAnimFrame application, multiple frames might get created before the compositor runs and calls prepareTexture on the surface. To address this, we post a task that calls a special rate limiting GL extension on the WebGL context after every WebGL "frame." When the compositor runs, it calls prepareTexture as usual. * platform/graphics/chromium/Extensions3DChromium.h: * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::LayerRendererChromium): * platform/graphics/chromium/LayerRendererChromium.h: (WebCore::LayerRendererChromium::setIsAnimating): (WebCore::LayerRendererChromium::isAnimating): * platform/graphics/chromium/WebGLLayerChromium.cpp: (WebCore::WebGLLayerChromiumRateLimitTask::WebGLLayerChromiumRateLimitTask): (WebCore::WebGLLayerChromiumRateLimitTask::run): (WebCore::WebGLLayerChromiumRateLimitTask::cancel): (WebCore::WebGLLayerChromium::WebGLLayerChromium): (WebCore::WebGLLayerChromium::~WebGLLayerChromium): (WebCore::WebGLLayerChromium::setTextureUpdated): (WebCore::WebGLLayerChromium::setContext): * platform/graphics/chromium/WebGLLayerChromium.h: (WebCore::WebGLLayerChromium::context): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 12/12: Enable accelerated animations in texture-mapper. The entire interpolation mechanism happens inside TextureMapper, and we interpolate right before we paint. No new tests. Tests in LayoutTests/compositing cover this. * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp: (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper): (WebCore::GraphicsLayerTextureMapper::syncCompositingState): (WebCore::GraphicsLayerTextureMapper::addAnimation): (WebCore::GraphicsLayerTextureMapper::pauseAnimation): (WebCore::GraphicsLayerTextureMapper::removeAnimation): (WebCore::GraphicsLayerTextureMapper::animationStartedTimerFired): * platform/graphics/texmap/TextureMapperNode.cpp: (WebCore::TextureMapperNode::descendantsOrSelfHaveRunningAnimations): (WebCore::normalizedAnimationValue): (WebCore::TextureMapperNode::applyOpacityAnimation): (WebCore::solveEpsilon): (WebCore::solveCubicBezierFunction): (WebCore::solveStepsFunction): (WebCore::applyTimingFunction): (WebCore::TextureMapperNode::applyTransformAnimation): (WebCore::TextureMapperNode::applyAnimationFrame): (WebCore::TextureMapperNode::applyAnimation): (WebCore::TextureMapperNode::hasRunningOpacityAnimation): (WebCore::TextureMapperNode::hasRunningTransformAnimation): (WebCore::TextureMapperNode::syncAnimations): (WebCore::copyTimingFunction): (WebCore::copyAnimationValue): (WebCore::TextureMapperAnimation::TextureMapperAnimation): * platform/graphics/texmap/TextureMapperNode.h: (WebCore::TextureMapperAnimation::create): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 11/12: Patch PluginView to build with TextureMapper on Linux. No new tests. This is a build fix. * platform/qt/QWebPageClient.h: (QWebPageClient::setRootGraphicsLayer): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 10/12: Glue the TextureMapper refactoring into Webkit(1). Pass a GraphicsLayer* instead of a PlatformLayer* to the QWebPageClient. No new tests. Tests in LayoutTests/compositing cover this. * platform/qt/QWebPageClient.h: (QWebPageClient::setRootGraphicsLayer): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 9/12: Refactor TextureMapperNode for performance, readability and accuracy. Changes include: 1. Support the new TextureMapperPlatformLayer for media & WebGL. 2. Use a pool for intermediate surfaces, to avoid constant allocating/freeing of textures. 3. Divide computation operations to different smaller functions. 4. Get rid of scissor/clip layers, use transformed clip instead. 5. Allow tiling for big layers. No new tests. Tests in LayoutTests/compositing cover this. * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp: (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper): (WebCore::GraphicsLayerTextureMapper::setNeedsDisplayInRect): (WebCore::GraphicsLayerTextureMapper::setContentsToMedia): (WebCore::GraphicsLayerTextureMapper::platformLayer): * platform/graphics/texmap/GraphicsLayerTextureMapper.h: (WebCore::GraphicsLayerTextureMapper::setContentsNeedsDisplay): (WebCore::GraphicsLayerTextureMapper::setContentsToCanvas): (WebCore::GraphicsLayerTextureMapper::node): * platform/graphics/texmap/TextureMapperNode.cpp: (WebCore::TextureMapperSurfaceManager::getIntermediateSurface): (WebCore::TextureMapperSurfaceManager::releaseIntermediateSurface): (WebCore::toTextureMapperNode): (WebCore::TextureMapperNode::rootLayer): (WebCore::TextureMapperNode::setTransform): (WebCore::TextureMapperNode::computePerspectiveTransformIfNeeded): (WebCore::TextureMapperNode::countDescendantsWithContent): (WebCore::TextureMapperNode::computeOverlapsIfNeeded): (WebCore::TextureMapperNode::computeReplicaTransformIfNeeded): (WebCore::TextureMapperNode::computeLocalTransformIfNeeded): (WebCore::TextureMapperNode::needsToComputeBoundingRect): (WebCore::TextureMapperNode::computeAllTransforms): (WebCore::TextureMapperNode::computeBoundingRectFromRootIfNeeded): (WebCore::TextureMapperNode::computeTiles): (WebCore::TextureMapperNode::computeVisibleRectIfNeeded): (WebCore::TextureMapperNode::renderContent): (WebCore::TextureMapperNode::paint): (WebCore::TextureMapperNode::targetRectForTileRect): (WebCore::TextureMapperNode::paintSelf): (WebCore::TextureMapperNode::compareGraphicsLayersZValue): (WebCore::TextureMapperNode::sortByZOrder): (WebCore::TextureMapperNode::paintSelfAndChildren): (WebCore::TextureMapperNode::paintReflection): (WebCore::TextureMapperNode::paintRecursive): (WebCore::TextureMapperNode::~TextureMapperNode): (WebCore::TextureMapperNode::resetDescendants): (WebCore::TextureMapperNode::setContentScale): (WebCore::TextureMapperNode::setVisibleRect): (WebCore::TextureMapperNode::syncCompositingState): (WebCore::TextureMapperNode::invalidateOverlaps): (WebCore::TextureMapperNode::syncCompositingStateSelf): (WebCore::TextureMapperNode::descendantsOrSelfHaveRunningAnimations): * platform/graphics/texmap/TextureMapperNode.h: (WebCore::TextureMapperPaintOptions::TextureMapperPaintOptions): (WebCore::TextureMapperAnimation::create): (WebCore::TextureMapperNode::TextureMapperNode): (WebCore::TextureMapperNode::size): (WebCore::TextureMapperNode::setOpacity): (WebCore::TextureMapperNode::setTextureMapper): (WebCore::TextureMapperNode::media): (WebCore::TextureMapperNode::texture): (WebCore::TextureMapperNode::targetRect): (WebCore::TextureMapperNode::entireRect): (WebCore::TextureMapperNode::contentSize): (WebCore::TextureMapperNode::State::State): (WebCore::deleteOwnedPtr): 2011-05-07 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 8/12: Changes to the GL backend of TextureMapper. The code for these changes is intertwined so it was hard to separate them to different patches. This is the summary of what the changes do: 1. Use stencil for clipping instead of scissors, refactor beginClip/endClip functions to accomodate that. 2. Get rid of the "Target" program which forced an intermediate framebuffer for any content. Instead, we upload the texture with BGRA from the start. Ports other than Qt can optimize this for their needs. 3. Use glGetAttribLocation instead of glBindAttribLocation; On some platforms we might be polluting the GL context otherwise. 4. Use image UIDs (cache-key in Qt) instead of image pointers. This is important for images that change their internal content. 5. Allow packing and unpacking. This is currently a stub, for future memory optimizations. 6. Put some of the initialization code here (beginPainting/endPainting). 7. Allow painting a texture via an ID instead of a BitmapTexture data type. 8. Get rid of makeContextCurrent / obtainCurrentContext. We only use texture-mapper when the context is current. No new tests. Tests in LayoutTests/compositing test this. * platform/graphics/opengl/TextureMapperGL.cpp: (WebCore::debugGLCommand): (WebCore::TextureMapperGLData::GlobalGLData::createShaderProgram): (WebCore::TextureMapperGLData::GlobalGLData::GlobalGLData): (WebCore::TextureMapperGLData::DirectlyCompositedImageRepository::findOrCreate): (WebCore::TextureMapperGLData::DirectlyCompositedImageRepository::deref): (WebCore::TextureMapperGLData::DirectlyCompositedImageRepository::~DirectlyCompositedImageRepository): (WebCore::TextureMapperGLData::TextureMapperGLData): (WebCore::BitmapTextureGL::id): (WebCore::BitmapTextureGL::isOpaque): (WebCore::BitmapTextureGL::relativeSize): (WebCore::BitmapTextureGL::setTextureMapper): (WebCore::BitmapTextureGL::pack): (WebCore::BitmapTextureGL::unpack): (WebCore::BitmapTextureGL::isPacked): (WebCore::BitmapTextureGL::BitmapTextureGL): (WebCore::TextureMapperGL::TextureMapperGL): (WebCore::TextureMapperGL::initializeShaders): (WebCore::TextureMapperGL::beginPainting): (WebCore::TextureMapperGL::endPainting): (WebCore::TextureMapperGL::drawTexture): (WebCore::BitmapTextureGL::reset): (WebCore::BitmapTextureGL::endPaint): (WebCore::BitmapTextureGL::setContentsToImage): (WebCore::createProjectionMatrix): (WebCore::BitmapTextureGL::bind): (WebCore::BitmapTextureGL::destroy): (WebCore::TextureMapperGL::~TextureMapperGL): (WebCore::TextureMapperGL::bindSurface): (WebCore::TextureMapperGL::beginClip): (WebCore::TextureMapperGL::endClip): (WebCore::TextureMapperGL::createTexture): * platform/graphics/opengl/TextureMapperGL.h: (WebCore::TextureMapperGL::allowSurfaceForRoot): (WebCore::TextureMapperGL::create): (WebCore::TextureMapperGL::setGraphicsContext): (WebCore::TextureMapperGL::graphicsContext): (WebCore::TextureMapperGL::isOpenGLBacked): * platform/graphics/qt/GraphicsContext3DQt.cpp: (WebCore::GraphicsContext3DInternal::paintToTextureMapper): (WebCore::GraphicsContext3DInternal::boundingRect): (WebCore::GraphicsContext3DInternal::paint): * platform/graphics/qt/MediaPlayerPrivateQt.cpp: (WebCore::MediaPlayerPrivateQt::repaint): (WebCore::MediaPlayerPrivateQt::paintToTextureMapper): * platform/graphics/qt/MediaPlayerPrivateQt.h: (WebCore::MediaPlayerPrivateQt::acceleratedRenderingStateChanged): (WebCore::MediaPlayerPrivateQt::platformLayer): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 7/12: Allow a 3D-context (WebGL) to paint itself into a TextureMapper. This allows using a WebGL canvas with CSS. No new tests. Tests in LayoutTests/compositing/webgl cover this. * platform/graphics/qt/GraphicsContext3DQt.cpp: (WebCore::GraphicsContext3DInternal::paintToTextureMapper): (WebCore::GraphicsContext3DInternal::boundingRect): (WebCore::GraphicsContext3DInternal::paint): * platform/graphics/qt/MediaPlayerPrivateQt.cpp: (WebCore::MediaPlayerPrivateQt::repaint): (WebCore::MediaPlayerPrivateQt::paintToTextureMapper): * platform/graphics/qt/MediaPlayerPrivateQt.h: (WebCore::MediaPlayerPrivateQt::acceleratedRenderingStateChanged): (WebCore::MediaPlayerPrivateQt::platformLayer): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 6/12: Allow the Qt media player implementation to paint into a TextureMapper, to allow videos to be composited. No new tests. Tests in LayoutTests/compositing cover this. * platform/graphics/qt/MediaPlayerPrivateQt.cpp: (WebCore::MediaPlayerPrivateQt::repaint): (WebCore::MediaPlayerPrivateQt::paintToTextureMapper): * platform/graphics/qt/MediaPlayerPrivateQt.h: (WebCore::MediaPlayerPrivateQt::acceleratedRenderingStateChanged): (WebCore::MediaPlayerPrivateQt::platformLayer): 2011-05-11 John Bauman <jbauman@chromium.org> Reviewed by Kenneth Russell. Don't send zeros in TexImage if GL implementation handles that https://bugs.webkit.org/show_bug.cgi?id=60581 Chromium already handles zeroing textures upon creation, so don't bother zeroing them in WebKit, as that causes some unnecessary memcpys of zeros. No new tests as functionality is the same. * html/canvas/WebGLRenderingContext.cpp: (WebCore::WebGLRenderingContext::texImage2DBase): * platform/graphics/GraphicsContext3D.cpp: (WebCore::GraphicsContext3D::texImage2DResourceSafe): * platform/graphics/GraphicsContext3D.h: * platform/graphics/gtk/GraphicsContext3DGtk.cpp: (WebCore::GraphicsContext3D::GraphicsContext3D): * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::GraphicsContext3D::GraphicsContext3D): * platform/graphics/qt/GraphicsContext3DQt.cpp: (WebCore::GraphicsContext3D::GraphicsContext3D): 2011-05-11 Simon Fraser <simon.fraser@apple.com> Attempt to fix Chromium Mac build. * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintSliderThumb): 2011-05-11 Daniel Bates <dbates@rim.com> Reviewed by Antonio Gomes. [Qt] Extract code to set mouse event modifiers into common function https://bugs.webkit.org/show_bug.cgi?id=60649 Consolidate code to set the keyboard modifiers for a mouse event into a common function that can be used by both PlatformMouseEvent(QGraphicsSceneMouseEvent*, int clickCount) and PlatformMouseEvent(QInputEvent*, int clickCount) so as to remove duplicate code. No functionality was changed. So, no new tests. * platform/qt/PlatformMouseEventQt.cpp: (WebCore::mouseEventModifiersFromQtKeyboardModifiers): Added. (WebCore::PlatformMouseEvent::PlatformMouseEvent): Modified to call mouseEventModifiersFromQtKeyboardModifiers(). 2011-05-11 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Switch RenderBoxModelObject::paintBorder to use IntRect instead of four ints https://bugs.webkit.org/show_bug.cgi?id=60591 Switching RenderBoxModelObject::paintBorder to use IntRect instead of four ints representing a rect. No new tests since there is no functionality change. * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::paintBoxDecorations): * rendering/RenderBox.cpp: (WebCore::RenderBox::paintBoxDecorationsWithSize): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintBorder): * rendering/RenderBoxModelObject.h: * rendering/RenderFieldset.cpp: (WebCore::RenderFieldset::paintBoxDecorations): * rendering/RenderTable.cpp: (WebCore::RenderTable::paintBoxDecorations): * rendering/RenderTableCell.cpp: (WebCore::RenderTableCell::paintBoxDecorations): 2011-05-11 Sheriff Bot <webkit.review.bot@gmail.com> Unreviewed, rolling out r86255. http://trac.webkit.org/changeset/86255 https://bugs.webkit.org/show_bug.cgi?id=60660 REGRESSION (r86255): Lots of tests crashing in CFWriteStreamCreateWithAllocatedBuffers on Windows 7 Release (WebKit2 Tests) (Requested by aroben on #webkit). * platform/network/ResourceHandle.h: * platform/network/cf/CookieStorageCFNet.cpp: (WebCore::currentCookieStorage): (WebCore::defaultCookieStorage): * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::willSendRequest): (WebCore::makeFinalRequest): (WebCore::ResourceHandle::willSendRequest): * platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::doUpdatePlatformRequest): 2011-05-11 Sam Weinig <sam@webkit.org> Reviewed by Eric Seidel. Frequent crashes beneath WebCore::ScriptElement::prepareScript https://bugs.webkit.org/show_bug.cgi?id=60559 * html/parser/HTMLScriptRunner.cpp: (WebCore::HTMLScriptRunner::runScript): Add null check and explanation that we are keeping the ASSERT to help track down the cause and produce a test. 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 5/12: Implement the new TextureMapper functions for the Qt backend. This allow non-rectangular clipping, some stub functions, and getting a unique id for an image. No new tests. Tests in LayoutTests/compositing cover this. * platform/graphics/qt/TextureMapperQt.cpp: (WebCore::TextureMapperQt::beginClip): (WebCore::TextureMapperQt::endClip): (WebCore::TextureMapperQt::viewportSize): (WebCore::TextureMapperQt::setGraphicsContext): (WebCore::TextureMapperQt::graphicsContext): (WebCore::TextureMapperQt::drawTexture): (WebCore::TextureMapperQt::beginPainting): (WebCore::TextureMapperQt::endPainting): (WebCore::RGBA32PremultimpliedBufferQt::beginPaint): (WebCore::uidForImage): * platform/graphics/qt/TextureMapperQt.h: 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 3/12: TextureMapper shouldn't depend on OpenGL, but rather only allow the GL backend when OpenGL is present. No new tests. This is a build fix. * WebCore.pri: * WebCore.pro: 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 2/12: Add a few functions to the TextureMapper API, allowing: 1. an entry/exit point for painting (beginPaint/endPaint) 2. Clipping with a matrix, since we use stencil instead of scissors 3. Draw a texture directly with an ID 4. Remove offset, since we're using real tiling 5. numberOfBytes calculation for textures, for memory management No new tests. Tests in LayoutTests/compositing test this. * platform/graphics/texmap/TextureMapper.h: (WebCore::BitmapTexture::destroy): (WebCore::BitmapTexture::allowOfflineTextureUpload): (WebCore::BitmapTexture::bpp): (WebCore::BitmapTexture::numberOfBytes): (WebCore::TextureMapper::viewportSize): (WebCore::TextureMapper::setViewportSize): (WebCore::TextureMapper::allowPartialUpdates): (WebCore::TextureMapper::isOpenGLBacked): (WebCore::TextureMapper::setTransform): (WebCore::TextureMapper::transform): (WebCore::TextureMapper::beginPainting): (WebCore::TextureMapper::endPainting): 2011-05-11 Noam Rosenthal <noam.rosenthal@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Texmap][Qt] Upstream texture-mapper changes from Qt's WebKit2 branch https://bugs.webkit.org/show_bug.cgi?id=60439 Patch 1/12: Change the TextureMapperPlatformLayer API to allow a 3D-context or a media player to decide how to paint into the TextureMapper, rather than mandate specific types of platform layers. No new tests. Tests in LayoutTests/compositing test this. * platform/graphics/GraphicsLayer.h: * platform/graphics/texmap/TextureMapperPlatformLayer.h: 2011-05-11 Simon Fraser <simon.fraser@apple.com> Reviewed by Darin Adler. Flesh out RenderLayer's ScrollableArea implementation a little more https://bugs.webkit.org/show_bug.cgi?id=60593 Override a few more ScrollableArea methods on RenderLayer as a baby-step towards animating overflow div scrolling. * platform/ScrollableArea.h: (WebCore::ScrollableArea::visibleContentRect): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::scrollPosition): (WebCore::RenderLayer::minimumScrollPosition): (WebCore::RenderLayer::maximumScrollPosition): (WebCore::RenderLayer::visibleContentRect): (WebCore::RenderLayer::overhangAmount): (WebCore::RenderLayer::didCompleteRubberBand): * rendering/RenderLayer.h: (WebCore::RenderLayer::shouldSuspendScrollAnimations): 2011-05-11 Simon Fraser <simon.fraser@apple.com> Reviewed by Dave Hyatt. <rdar://problem/9421781> Slider thumb draws upside-down in WebKit2 <rdar://problem/9418025> Slider thumb has odd appearance Fix two issues drawing the slider thumb. To fix <rdar://problem/9421781>, if we detect that we're in WebKit2 by virtual of the FrameView not having a documentView, then flip the graphics context. To fix <rdar://problem/9418025>, we call -drawInteriorWithFrame:inView: rather than -drawWithFrame:inView: so that AppKit doesn't draw a section of track behind the thumb. * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintSliderThumb): 2011-05-11 Jessie Berlin <jberlin@apple.com> Reviewed by Steve Falkenburg. [Windows WebKit2] Use cookies set in WebKit1 https://bugs.webkit.org/show_bug.cgi?id=60274 Share the default storage session between the UI and Web Processes. * platform/network/cf/CookieStorageCFNet.cpp: (WebCore::defaultSessionCookieStorage): Keep track of the default storage session cookie storage. (WebCore::currentCookieStorage): Call defaultCookieStorage to get the default cookie storage. (WebCore::defaultCookieStorage): If there is a default storage session cookie storage, prefer that over getting the default cookie storage. In the Web Process, asking CFNetwork for the default cookie storage directly without specifying a storage session will not get the cookie storage being shared by the UI and Web Processes. * platform/network/ResourceHandle.h: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::willSendRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). (WebCore::makeFinalRequest): Ditto. (WebCore::ResourceHandle::willSendRequest): Ditto. (WebCore::ResourceHandle::currentStorageSession): If there is a Private Browsing storage session, return that. If not, on Windows return the default storage session that is being shared with the UI Process and on Mac return 0. (WebCore::defaultCFURLStorageSession): (WebCore::ResourceHandle::setDefaultStorageSession): (WebCore::ResourceHandle::defaultStorageSession): * platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::doUpdatePlatformRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). 2011-05-11 Martin Robinson <mrobinson@igalia.com> Try once more to fix the WinCairo build. * platform/graphics/cairo/CairoUtilities.h: Include GraphicsTypes.h with a relative include rather than a system include. 2011-05-11 Sam Weinig <sam@webkit.org> Reviewed by Eric Seidel. Stop including Console.h just to get Console enum types https://bugs.webkit.org/show_bug.cgi?id=60607 Move MessageSource, MessageType and MessageLevel into its own header and cleanup surrounding classes. * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSCustomXPathNSResolver.cpp: * bindings/scripts/CodeGeneratorJS.pm: * bindings/v8/V8Proxy.cpp: * dom/ScriptExecutionContext.h: * html/HTMLFormElement.cpp: * html/parser/XSSFilter.cpp: * inspector/ConsoleMessage.h: * inspector/InjectedScriptHost.h: * inspector/InspectorAgent.h: * inspector/InspectorConsoleAgent.h: * inspector/InspectorFrontendHost.h: * inspector/InspectorInstrumentation.cpp: * inspector/InspectorInstrumentation.h: * loader/EmptyClients.h: * loader/FrameLoader.cpp: * loader/MainResourceLoader.cpp: * loader/appcache/ApplicationCacheGroup.cpp: * page/ChromeClient.h: * page/Console.cpp: (WebCore::Console::~Console): * page/Console.h: * page/ConsoleTypes.h: Added. * page/ContentSecurityPolicy.cpp: * page/Geolocation.h: * workers/WorkerReportingProxy.h: * xml/XMLHttpRequest.cpp: 2011-05-11 Dimitri Glazkov <dglazkov@chromium.org> Unreviewed, rolling out r85650. http://trac.webkit.org/changeset/85650 https://bugs.webkit.org/show_bug.cgi?id=59983 Triggers m_numNodeListCaches > 0 assert in gc-heavy sites. * dom/ContainerNode.cpp: (WebCore::ContainerNode::childrenChanged): * dom/Node.cpp: (WebCore::Node::~Node): (WebCore::Node::setDocument): (WebCore::Node::setTreeScopeRecursively): (WebCore::Node::childNodes): (WebCore::Node::registerDynamicNodeList): (WebCore::Node::unregisterDynamicNodeList): (WebCore::Node::notifyLocalNodeListsAttributeChanged): (WebCore::Node::notifyLocalNodeListsChildrenChanged): (WebCore::Node::getElementsByTagName): (WebCore::Node::getElementsByTagNameNS): (WebCore::Node::getElementsByName): (WebCore::Node::getElementsByClassName): * dom/Node.h: * html/HTMLFormControlElement.cpp: (WebCore::HTMLFormControlElement::labels): 2011-05-11 Eric Carlson <eric.carlson@apple.com> Reviewed by Darin Adler. Video track sometimes fails to draw. https://bugs.webkit.org/show_bug.cgi?id=60635 <rdar://problem/9281951> No new tests, covered by existing pixel tests. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::loadResource): Set display mode to "Unknown" to force a recalculation, and media engine notification, the next time the state machine runs. 2011-05-11 Adam Roben <aroben@apple.com> WinCE build fixes for strict PassOwnPtr * platform/graphics/wince/SharedBitmap.cpp: (WebCore::SharedBitmap::createHandle): (WebCore::SharedBitmap::clipBitmap): Use nullptr instead of 0. * platform/graphics/wince/SimpleFontDataWinCE.cpp: Keep LOOSE_PASS_OWN_PTR turned on for this file until SimpleFontData::scaledFontData is dealt with on all platforms. * platform/text/wince/TextCodecWinCE.cpp: (WebCore::newTextCodecWinCE): Use adoptPtr. 2011-05-11 Chang Shu <cshu@webkit.org> Reviewed by Antonio Gomes. [Qt] Tab not working in editing/inserting/typing-tab-designmode-forms.html https://bugs.webkit.org/show_bug.cgi?id=60477 PlatformKeyboardEvent.m_text should be set to "\t" instead of leaving as null. The value is checked at EventHandler.cpp:2527 (r86166). Function keyTextForKeyEvent is partially implemented and can be enhanced in a need-base. * platform/qt/PlatformKeyboardEventQt.cpp: (WebCore::keyTextForKeyEvent): (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent): 2011-05-11 Adam Roben <aroben@apple.com> Use case-insensitive comparisons when checking plugin filenames on Windows Windows paths are nearly always case-insensitive. I couldn't think of a good way to test this. Fixes <http://webkit.org/b/60633> WebKit1 loads Windows Presentation Foundation plugin, but should not Reviewed by Steve Falkenburg. * plugins/win/PluginPackageWin.cpp: (WebCore::PluginPackage::isPluginBlacklisted): Use equalIgnoringCase instead of == when checking plugin filenames. 2011-05-11 Adam Roben <aroben@apple.com> Turn on strict PassOwnPtr on Windows Fixes <http://webkit.org/b/60632> Windows should build with strict PassOwnPtr enabled Reviewed by Adam Barth. * platform/graphics/win/SimpleFontDataWin.cpp: Keep LOOSE_PASS_OWN_PTR turned on for this file until SimpleFontData::scaledFontData is dealt with on all platforms. 2011-05-11 Julien Chaffraix <jchaffraix@webkit.org> Reviewed by Geoffrey Garen. XPathResult should keep its node set's JS wrappers alive https://bugs.webkit.org/show_bug.cgi?id=34231 The change added a custom mark function for JSC. V8 was already properly marking the nodes so no change were done on the V8 side. Tests: fast/xpath/xpath-iterator-result-should-mark-its-nodeset.html fast/xpath/xpath-other-nodeset-result-should-mark-its-nodeset.html fast/xpath/xpath-result-eventlistener-crash.html fast/xpath/xpath-snapshot-result-should-mark-its-nodeset.html * Android.jscbindings.mk: * GNUmakefile.list.am: * UseJSC.cmake: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Added the new file to our build systems. * bindings/js/JSXPathResultCustom.cpp: Added. (WebCore::JSXPathResult::markChildren): Added code to mark the XPathResult snapshot's nodes. * xml/XPathResult.h: (WebCore::XPathResult::value): Exposed this getter so that we can mark our XPathValue. * xml/XPathResult.idl: Told the IDL parser that we now need a custom mark function. 2011-05-04 Philippe Normand <pnormand@igalia.com> Reviewed by Martin Robinson. [Gtk+] deadlock in gstreamer video player when exiting fullscreen https://bugs.webkit.org/show_bug.cgi?id=58548 Block data flow towards the pipeline branch to remove to avoid potential deadlocks during the PAUSED->READY transitions of the elements to remove. * platform/graphics/gstreamer/GStreamerGWorld.cpp: (WebCore::GStreamerGWorld::exitFullscreen): 2011-05-11 Kent Tamura <tkent@chromium.org> Reviewed by Hajime Morita. The position of validation message bubble is wrong for non text fields. https://bugs.webkit.org/show_bug.cgi?id=60341 Tests: fast/forms/validation-message-on-checkbox.html fast/forms/validation-message-on-listbox.html fast/forms/validation-message-on-menulist.html fast/forms/validation-message-on-radio.html fast/forms/validation-message-on-textarea.html * css/html.css: (::-webkit-validation-bubble-message): Add white-space:normal in order not to inherit white-space:pre for <select>. * html/ValidationMessage.cpp: (WebCore::adjustBubblePosition): Adjust the bubble position. - The top of the bubble should be same as the bottom of the target control. - The left of the bubble should be same as the left of the target control. But If the left+32 is larger than the center of the target control, left+32 should be at the center of the target control. But the left position should not be less than 0. (WebCore::ValidationMessage::buildBubbleTree): Call adjustBubblePosition(). 2011-05-11 Emil A Eklund <eae@chromium.org> Reviewed by Eric Seidel. Convert RenderFlexibleBox to use IntPoint/IntSize instead of x,y/w,h pairs https://bugs.webkit.org/show_bug.cgi?id=60592 Refactoring, covered by existing tests. * rendering/RenderFlexibleBox.cpp: (WebCore::RenderFlexibleBox::layoutBlock): (WebCore::RenderFlexibleBox::layoutHorizontalBox): (WebCore::RenderFlexibleBox::layoutVerticalBox): (WebCore::RenderFlexibleBox::placeChild): * rendering/RenderFlexibleBox.h: 2011-05-10 Ilya Tikhonovsky <loislo@chromium.org> Unreviewed buildfix for strict OwnPtr. * platform/audio/AudioBus.cpp: (WebCore::AudioBus::createBufferFromRange): (WebCore::AudioBus::createBySampleRateConverting): (WebCore::AudioBus::createByMixingToMono): * platform/audio/HRTFElevation.cpp: (WebCore::HRTFElevation::createForSubject): (WebCore::HRTFElevation::createByInterpolatingSlices): * platform/audio/Panner.cpp: (WebCore::Panner::create): * platform/audio/Reverb.cpp: (WebCore::Reverb::initialize): * platform/audio/chromium/AudioBusChromium.cpp: (WebCore::AudioBus::loadPlatformResource): (WebCore::createBusFromInMemoryAudioFile): 2011-05-10 Adam Barth <abarth@webkit.org> Build fix for font data madness. I've had to whitelist this on several ports. They need to all be fixed at once. * platform/graphics/chromium/SimpleFontDataChromiumWin.cpp: 2011-05-10 David Kilzer <ddkilzer@apple.com> BUILD FIX for !ENABLE(TEXT_CARET) after r86039 * editing/FrameSelection.cpp: (WebCore::DragCaretController::paintDragCaret): Added UNUSED_PARAM(frame) for !ENABLE(TEXT_CARET). 2011-05-10 James Robinson <jamesr@chromium.org> Reviewed by Kenneth Russell. [chromium] Clean up setLayerRenderer() calls in LayerRendererChromium https://bugs.webkit.org/show_bug.cgi?id=60524 This refactors the way LayerRendererChromium calls setLayerRenderer on its layers in a few ways to clean things up: *) Move the pre-paint call to setLayerRenderer from updatePropertiesAndRenderSurfaces() to paintLayerContents(). updatePropertiesAndRenderSurfaces() does too much and the layer renderer pointer only has to be up to date to do the actual paint. Longer term we won't need to call this at all in order to call paint and this call will just go away. *) Tweaks updateCompositorResourcesRecursive() to be slightly shorter and less error-prone. *) Explicitly set the LayerRendererChromium for each layer in the tree when transfering the root layer (used during lost context). LayerChromium::setLayerRenderer checks if the new LayerRendererChromium is different by comparing the pointer value to the old one. This check will be incorrect if there are multiple lost contexts between a setLayerRenderer() call and a new LayerRendererChromium happens to be allocated at the same address as the old one. An explicit call to setLayerRenderer() for every layer in the tree fixes this since when this function is called the new and old LayerRendererChromium are still live and so they cannot live at the same address. The first two changes are purely refactors and do not change behavior. The third issue can't be tested via a layout test directly as we don't have a way to induce a lost context on the compositor in a layout test. * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::paintLayerContents): (WebCore::LayerRendererChromium::clearLayerRendererRecursive): (WebCore::LayerRendererChromium::transferRootLayer): (WebCore::LayerRendererChromium::updatePropertiesAndRenderSurfaces): (WebCore::LayerRendererChromium::updateCompositorResourcesRecursive): * platform/graphics/chromium/LayerRendererChromium.h: 2011-05-10 Anton D'Auria <adauria@apple.com> Reviewed by David Levin. StorageTracker should report actual local storage usage on disk https://bugs.webkit.org/show_bug.cgi?id=60558 Tests: storage/domstorage/localstorage/storagetracker/storage-tracker-6-create.html storage/domstorage/localstorage/storagetracker/storage-tracker-7-usage.html Use SQLiteFileSystem::getDatabaseFileSize to get actual usage by an origin's local storage db. Factored out code that retrieves path of local storage db. * WebCore.exp.in: Sorted alphabetically StorageTracker's mangled function names. * storage/StorageTracker.cpp: (WebCore::StorageTracker::syncDeleteOrigin): Uses helper function to get path of origin's db (WebCore::StorageTracker::databasePathForOrigin): New helper function. that gets the path of an origin's local storage db from StorageTracker. (WebCore::StorageTracker::diskUsageForOrigin): New API. * storage/StorageTracker.h: 2011-05-10 Anton D'Auria <adauria@apple.com> Reviewed by Alexey Proskuryakov. Add ApplicationCache API to get disk usage per origin https://bugs.webkit.org/show_bug.cgi?id=57127 ApplicationCacheStorage already provides an API to get per-origin disk usage. This should be exposed through WebCore::ApplicationCache to not be dependent on storage implementation. Test: http/tests/appcache/origin-usage.html * WebCore.exp.in: * loader/appcache/ApplicationCache.cpp: (WebCore::ApplicationCache::diskUsageForOrigin): * loader/appcache/ApplicationCache.h: 2011-05-10 Pratik Solanki <psolanki@apple.com> Reviewed by Alexey Proskuryakov. Protect self in [WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:] https://bugs.webkit.org/show_bug.cgi?id=60594 <rdar://problem/9203259> No tests since we don't have any bots testing CFNETWORK_DATA_ARRAY_CALLBACK. * platform/network/mac/ResourceHandleMac.mm: (-[WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:]): The didReceiveData() callback on client can result in the load being cancelled. This results in the delegate (self) being freed. Protect self during the loop so we can check for m_handle and safely return without crashing. 2011-05-10 Chris Guillory <chris.guillory@google.com> Reviewed by James Robinson. [ChromiumWin] Font::drawComplexText calls EndPlatformPaint without calling BeginPlatformPaint. https://bugs.webkit.org/show_bug.cgi?id=59848 To test this I plan to make the non-printing device (BitmapPlatformDevice) fail when EndPlatformPaint doesn't matchup with BeginPlatformPaint. http://codereview.chromium.org/6949012/ * platform/graphics/chromium/FontChromiumWin.cpp: (WebCore::Font::drawComplexText): 2011-05-10 Sheriff Bot <webkit.review.bot@gmail.com> Unreviewed, rolling out r86195. http://trac.webkit.org/changeset/86195 https://bugs.webkit.org/show_bug.cgi?id=60597 LayerOffset is a really bad name (Requested by smfr on #webkit). * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * page/FrameView.cpp: (WebCore::FrameView::paintScrollCorner): * platform/graphics/LayerOffset.h: Removed. * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::paint): (WebCore::InlineTextBox::paintCustomHighlight): * rendering/InlineTextBox.h: * rendering/RenderBox.cpp: (WebCore::RenderBox::paintCustomHighlight): * rendering/RenderBox.h: * rendering/RenderImage.cpp: (WebCore::RenderImage::paintReplaced): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintScrollCorner): (WebCore::RenderLayer::paintResizer): * rendering/RenderListMarker.cpp: (WebCore::RenderListMarker::paint): * rendering/RenderObject.h: * rendering/RenderScrollbar.cpp: (WebCore::RenderScrollbar::paintPart): * rendering/RenderScrollbarPart.cpp: (WebCore::RenderScrollbarPart::paintIntoRect): * rendering/RenderScrollbarPart.h: * rendering/RenderTable.cpp: (WebCore::RenderTable::paintObject): (WebCore::RenderTable::paintMask): * rendering/RenderTable.h: * rendering/RenderWidget.cpp: (WebCore::RenderWidget::paint): * rendering/RootInlineBox.cpp: (WebCore::RootInlineBox::paintCustomHighlight): (WebCore::RootInlineBox::paint): * rendering/RootInlineBox.h: 2011-05-10 Emil A Eklund <eae@chromium.org> Reviewed by Eric Seidel. Convert x,y and width,height pairs to IntPoint and IntSize for RenderLayer https://bugs.webkit.org/show_bug.cgi?id=60409 Convert RenderLayer to use IntPoint for x,y pairs and IntSize for offsets and sizes. Refactoring, covered by existing tests. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::RenderLayer): (WebCore::RenderLayer::updateLayerPositions): (WebCore::RenderLayer::updateLayerPosition): (WebCore::RenderLayer::scrollTo): (WebCore::RenderLayer::visibleHeight): (WebCore::RenderLayer::visibleWidth): (WebCore::RenderLayer::scrollWidth): (WebCore::RenderLayer::scrollHeight): (WebCore::RenderLayer::computeScrollDimensions): (WebCore::RenderLayer::updateScrollInfoAfterLayout): * rendering/RenderLayer.h: (WebCore::RenderLayer::x): (WebCore::RenderLayer::y): (WebCore::RenderLayer::setLocation): (WebCore::RenderLayer::width): (WebCore::RenderLayer::height): (WebCore::RenderLayer::size): (WebCore::RenderLayer::setWidth): (WebCore::RenderLayer::setHeight): (WebCore::RenderLayer::scrolledContentOffset): (WebCore::RenderLayer::scrollXOffset): (WebCore::RenderLayer::scrollYOffset): (WebCore::RenderLayer::scrollOffset): (WebCore::RenderLayer::scrollToXOffset): (WebCore::RenderLayer::scrollToYOffset): (WebCore::RenderLayer::relativePositionOffset): 2011-05-10 Levi Weintraub <leviw@chromium.org> Reviewed by Eric Seidel. Create LayerOffset class https://bugs.webkit.org/show_bug.cgi?id=60490 Adding a LayerOffset class that will replace existing usage of tx/ty. LayerOffset is necessary since these values are commonly used as both a size and a point. Updating paintIntoRect to use this new class. No new tests since this doesn't change any behavior. * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * page/FrameView.cpp: (WebCore::FrameView::paintScrollCorner): * platform/graphics/LayerOffset.h: Added. (WebCore::LayerOffset::LayerOffset): (WebCore::LayerOffset::x): (WebCore::LayerOffset::y): (WebCore::LayerOffset::setX): (WebCore::LayerOffset::setY): (WebCore::LayerOffset::toSize): (WebCore::LayerOffset::toPoint): (WebCore::operator+=): (WebCore::operator-=): (WebCore::operator+): (WebCore::operator-): (WebCore::operator==): (WebCore::operator!=): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintScrollCorner): (WebCore::RenderLayer::paintResizer): * rendering/RenderScrollbar.cpp: (WebCore::RenderScrollbar::paintPart): * rendering/RenderScrollbarPart.cpp: (WebCore::RenderScrollbarPart::paintIntoRect): * rendering/RenderScrollbarPart.h: 2011-05-10 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. Make member variables of CaretBase private https://bugs.webkit.org/show_bug.cgi?id=60454 Moved m_absCaretBounds, m_absoluteCaretRepaintBounds, m_absCaretBoundsDirty, and m_caretPaint back from CaretBase to FrameSelection because they are only used in FrameSelection, and made the rest of member variables in CaretBase private. * editing/FrameSelection.cpp: (WebCore::CaretBase::CaretBase): Takes CaretVisibility as an argument. (WebCore::DragCaretController::DragCaretController): (WebCore::FrameSelection::FrameSelection): Initializes m_absCaretBoundsDirty and m_caretPaint now that they are part of FrameSelection again. (WebCore::DragCaretController::setCaretPosition): (WebCore::FrameSelection::setSelection): (WebCore::CaretBase::clearCaretRect): Extracted from updateCaretRect. (WebCore::CaretBase::updateCaretRect): No longer clears caret; all call sites (namely setCaretPosition and localCaretRect) that used to call updateCaretRect now need to call clearCaretRect or updateCaretRect based on some conditions. (WebCore::FrameSelection::localCaretRect): (WebCore::CaretBase::caretRepaintRect): (WebCore::FrameSelection::recomputeCaretRect): (WebCore::FrameSelection::paintCaret): Only calls CaretBase::paintCaret if m_caretPaint is true. (WebCore::CaretBase::paintCaret): Removed an early exit for when m_caretPaint is false since m_caretPaint has been moved from CaretBase to FrameSelection. (WebCore::FrameSelection::focusedOrActiveStateChanged): (WebCore::FrameSelection::updateAppearance): (WebCore::FrameSelection::setCaretVisibility): Takes CaretVisibility instead of bool. (WebCore::FrameSelection::caretBlinkTimerFired): * editing/FrameSelection.h: (WebCore::CaretBase::fastLocalCaretRect): Added; replaces localCaretRectForPainting. (WebCore::CaretBase::shouldUpdateCaretRect): Added. (WebCore::CaretBase::setCaretRectNeedsUpdate): Added. (WebCore::CaretBase::setCaretVisibility): Added. (WebCore::CaretBase::caretIsVisible): Added. (WebCore::FrameSelection::setCaretRectNeedsUpdate): Added. 2011-05-10 James Robinson <jamesr@chromium.org> Reviewed by Nate Chapin. [chromium] Use parent/child terms for compositor tree structures consistently instead of superlayer/sublayer https://bugs.webkit.org/show_bug.cgi?id=60588 GraphicsLayer uses parent/child terminology for tree structure, as does CCLayerImpl. LayerChromium was using superlayer/sublayer terms, inherited from this code's branching from the platform/graphics/win/CACF code. The mixed terminology is confusing and parent/child is more common, so this unifies everything to use parent/child. No new tests, refactor only. * platform/graphics/chromium/GraphicsLayerChromium.cpp: (WebCore::GraphicsLayerChromium::setChildren): (WebCore::GraphicsLayerChromium::addChild): (WebCore::GraphicsLayerChromium::addChildAtIndex): (WebCore::GraphicsLayerChromium::addChildBelow): (WebCore::GraphicsLayerChromium::addChildAbove): (WebCore::GraphicsLayerChromium::replaceChild): (WebCore::GraphicsLayerChromium::removeFromParent): (WebCore::GraphicsLayerChromium::setContentsToImage): (WebCore::GraphicsLayerChromium::setContentsToCanvas): (WebCore::GraphicsLayerChromium::setContentsToMedia): (WebCore::GraphicsLayerChromium::hostLayerForChildren): (WebCore::GraphicsLayerChromium::layerForParent): (WebCore::GraphicsLayerChromium::updateChildList): (WebCore::GraphicsLayerChromium::updateLayerPreserves3D): (WebCore::GraphicsLayerChromium::setupContentsLayer): * platform/graphics/chromium/GraphicsLayerChromium.h: * platform/graphics/chromium/LayerChromium.cpp: (WebCore::LayerChromium::LayerChromium): (WebCore::LayerChromium::~LayerChromium): (WebCore::LayerChromium::addChild): (WebCore::LayerChromium::insertChild): (WebCore::LayerChromium::removeFromParent): (WebCore::LayerChromium::removeChild): (WebCore::LayerChromium::replaceChild): (WebCore::LayerChromium::indexOfChild): (WebCore::LayerChromium::rootLayer): (WebCore::LayerChromium::removeAllChildren): (WebCore::LayerChromium::setChildren): (WebCore::LayerChromium::parent): (WebCore::LayerChromium::dumpLayer): * platform/graphics/chromium/LayerChromium.h: (WebCore::LayerChromium::children): (WebCore::LayerChromium::setParent): (WebCore::LayerChromium::numChildren): * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::updatePropertiesAndRenderSurfaces): (WebCore::LayerRendererChromium::updateCompositorResourcesRecursive): (WebCore::LayerRendererChromium::dumpRenderSurfaces): * platform/graphics/chromium/cc/CCLayerImpl.cpp: (WebCore::CCLayerImpl::parent): (WebCore::CCLayerImpl::descendantsDrawsContent): * platform/graphics/chromium/cc/CCLayerImpl.h: 2011-05-10 Levi Weintraub <leviw@chromium.org> Reviewed by Darin Adler. Switch RenderBoxModelObject::paintNinePieceImage to use IntRect instead of four ints https://bugs.webkit.org/show_bug.cgi?id=60586 Switch paintNinePieceImage to take an IntRect instead of four ints representing an IntRect! No new tests as this is simply refactoring. * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::paintMask): * rendering/RenderBox.cpp: (WebCore::RenderBox::paintMaskImages): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintNinePieceImage): (WebCore::RenderBoxModelObject::paintBorder): * rendering/RenderBoxModelObject.h: 2011-05-05 Jer Noble <jer.noble@apple.com> Reviewed by Maciej Stachowiak. Removing the full screen element via parent.innerHTML="" does not result in a webkitfullscreenchange event. https://bugs.webkit.org/show_bug.cgi?id=60278 Handle the removal of a full screen element from within Node::willRemove() instead of Document::nodeWillBeRemoved(). The new function Document::fullScreenElementWillBeRemoved() will be called by Node::willRemove() to handle those changes which used to occur in nodeWillBeRemoved(). Test: fullscreen/full-screen-remove-children.html * dom/Document.cpp: (WebCore::Document::nodeWillBeRemoved): Removed the code checking for the full screen element. (WebCore::Document::fullScreenElementWillBeRemoved): Added, moved from nodeWillBeRemoved. * dom/Document.h: * dom/Node.cpp: (WebCore::Node::willRemove): Check to see if this is the current full screen element. 2011-05-10 Beth Dakin <bdakin@apple.com> Reviewed by Darin Adler. https://bugs.webkit.org/show_bug.cgi?id=60582 Crash switching overlay/non-overlay scrollbar preference still possible -and corresponding- <rdar://problem/9323983> This patch prevents any work from being done on pages that are in the page cache when the preference is switched. When the Document is going into or coming out of the page cache, have the FrameView inactivate or activate the Page's ScrollAnimators as appropriate. * dom/Document.cpp: (WebCore::Document::setInPageCache): Iterate through the Page's ScrollableAreas setting the active state of the ScrollAnimators. * page/FrameView.cpp: (WebCore::FrameView::setAnimatorsAreActive): * page/FrameView.h: ScrollAnimator has a new bit -- m_isActive. Right now m_isActive is always true unless the ScrollAnimator belongs to a ScrollableArea that is in the page cache. * platform/ScrollAnimator.cpp: (WebCore::ScrollAnimator::ScrollAnimator): * platform/ScrollAnimator.h: (WebCore::ScrollAnimator::setIsActive): (WebCore::ScrollAnimator::isActive): ScrollAnimatorMac has a new bit -- m_needsScrollerStyleUpdate. This is set to true when a ScrollAnimator is inactive and has received the updateScrollerStyleForNewRecommendedScrollerStyle delegate notification. It prevents any work from being done for this delegate until the ScrollAnimator becomes active again. * platform/mac/ScrollAnimatorMac.h: (WebCore::ScrollAnimatorMac::setNeedsScrollerStyleUpdate): (WebCore::ScrollAnimatorMac::needsScrollerStyleUpdate): This delegate method has been re-factored into ScrollAnimatorMac:: updateScrollerStyle(). This way the meat of the function can be called by both the delegate and ScrollAnimatorMac::setIsActive() * platform/mac/ScrollAnimatorMac.mm: (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]): (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): This override of ScrollAnimator::setIsActive() calls the base class, and then calls updateScrollerStyle() if needsScrollerStyleUpdate() is set to true. (WebCore::ScrollAnimatorMac::setIsActive): This is mostly the same as the old delegate method. Key differences are that if the ScrollAnimator is inactive, we now setNeedsScrollerStyleUpdate(true) and return early. We also only call scrollableArea()->scrollbarStyleChanged() if needsScrollerStyleUpdate() is false since in the true case when we are restoring from the page cache, this would be duplicated work. (WebCore::ScrollAnimatorMac::updateScrollerStyle): New WKSystemInterface function is needed to retrieve the scrollbar style. * WebCore.exp.in: * platform/mac/WebCoreSystemInterface.h: * platform/mac/WebCoreSystemInterface.mm: 2011-05-10 Adam Barth <abarth@webkit.org> Reviewed by David Levin. Enable strict PassOwnPtr on Chromium https://bugs.webkit.org/show_bug.cgi?id=60502 Technically there are a few bits in here that weren't reviewed by Dave, but close enough for government work. This patch all fixes the remaining strict PassOwnPtr violations on Chromium Linux. * platform/graphics/chromium/PlatformCanvas.cpp: (WebCore::PlatformCanvas::resize): * platform/graphics/chromium/SimpleFontDataLinux.cpp: * platform/graphics/skia/ImageBufferSkia.cpp: (WebCore::ImageBuffer::ImageBuffer): * platform/graphics/skia/PlatformContextSkia.cpp: (WebCore::PlatformContextSkia::setSharedGraphicsContext3D): 2011-05-10 Brady Eidson <beidson@apple.com> Reviewed by Alice Liu. <rdar://problem/9343191> and https://bugs.webkit.org/show_bug.cgi?id=60572 REGRESSION - Canon On-screen Manual.app crashes after a search No new tests - There's no way to reproduce the truly bizarre things Canon does in their app that would reasonably fit in to our testing infrastructure. In r66577 a new behavior was added where changing the "setLoadsImagesAutomatically" setting to "true" would immediately start loading those images that had been disabled. If this happens while a WebView is being dealloc'ed, and we don't know the WebView is being dealloc'ed, these new loads can cause crashes downstream when the WebView memory has actually been free'd. One example where this can happen is in Mac apps that subclass WebView then do work in their overridden dealloc methods. And the Canon Onscreen Manual is one such app. Starting these loads synchronously is not important. By putting it on a 0-delay, properly closing the Page cancels them before they have a chance to really start. See http://webkit.org/b/60572 for more discussion. Add a timer to Settings and instead of calling setLoadsImagesAutomaticallyInAllFrames right away when this pref changes, call it on a 0-delay: * page/Settings.cpp: (WebCore::Settings::Settings): (WebCore::Settings::setLoadsImagesAutomatically): (WebCore::Settings::loadsImagesAutomaticallyTimerFired): * page/Settings.h: 2011-05-10 Martin Robinson <mrobinson@igalia.com> Reviewed by Xan Lopez. [GTK][WebKit2] GTK+ 2.x widget rendering fails after r85480 https://bugs.webkit.org/show_bug.cgi?id=59990 No new tests. This is covered by existing pixel tests. * platform/gtk/GtkVersioning.c: (getGdkDrawableSize): Added this helper method. * platform/gtk/GtkVersioning.h: Added helper method declaration. * platform/gtk/WidgetRenderingContext.cpp: (WebCore::WidgetRenderingContext::WidgetRenderingContext): Call into the helper if there is actually a GdkDrawable. If not, disable the sanity check. 2011-05-10 Martin Robinson <mrobinson@igalia.com> Fix the GTK+ WebKit2 build. Add a CredentialsStorage stub for libsoup. * GNUmakefile.list.am: Add stub to source list. * platform/network/soup/CredentialStorageSoup.cpp: Added. (WebCore::CredentialStorage::getFromPersistentStorage): Added stub. (WebCore::CredentialStorage::get): 2011-05-09 David Hyatt <hyatt@apple.com> Reviewed by Dan Bernstein. <rdar://problem/9354979> REGRESSION (r83070-r83126): This conversation takes 10 seconds to load and makes mail unresponsive Second attempts at a fix for this bug. Instead of removing the dirtying (which turned out to be needed in a few cases), make dirtyLinesFromChangedChild mark a child as needing layout when it has to recur to the parent. Because the method already aborts the recursion if selfNeedsLayout() is set on the parent, this has the effect of stopping the O(n^2) pathological behavior, since you can use the selfNeedsLayout() bit to understand that you've dirtied the lines already. * rendering/RenderLineBoxList.cpp: (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): 2011-05-05 Brent Fulgham <bfulgham@webkit.org> and Martin Robinson <mrobinson@igalia.com> Reviewed by Anders Carlsson. [Cairo][WebKit2] Add an implementation of ShareableBitmap for Cairo https://bugs.webkit.org/show_bug.cgi?id=60293 No new tests. This is covered by current pixel tests. * platform/graphics/cairo/CairoUtilities.cpp: (WebCore::copyCairoImageSurface): Abstract the code from WebCore::ImageBuffer::copyImage into this helper which creates a deep copy of a Cairo image surface. * platform/graphics/cairo/CairoUtilities.h: Added declaration. * platform/graphics/cairo/ImageBufferCairo.cpp: (WebCore::ImageBuffer::copyImage): Use the new helper. * platform/graphics/cairo/ImageCairo.cpp: Abstract some of this logic into the new drawSurfaceToContext method on PlatformContextCairo. (WebCore::BitmapImage::draw): * platform/graphics/cairo/PlatformContextCairo.cpp: (WebCore::drawPatternToCairoContext): Added. (WebCore::PlatformContextCairo::drawSurfaceToContext): Added. * platform/graphics/cairo/PlatformContextCairo.h: Added declarations. 2011-05-10 Anders Carlsson <andersca@apple.com> Attempt to fix Qt build. * platform/network/qt/CredentialStorageQt.cpp: (WebCore::CredentialStorage::get): Add stub. 2011-05-10 Kenichi Ishibashi <bashi@chromium.org> Reviewed by Tony Chang. REGRESSION(r85013): platform/chromium-linux/fast/text/international/complex-joining-using-gpos.html is failing https://bugs.webkit.org/show_bug.cgi?id=60079 Set resultingNumPoints = 0 so that harfbuzz uses the design coordinate value pair. * platform/graphics/chromium/HarfbuzzSkia.cpp: (WebCore::getOutlinePoint): Just return HB_Err_Ok with resultingNumPoints = 0. 2011-05-10 Anders Carlsson <andersca@apple.com> Reviewed by Sam Weinig. Extra sign in required to view video on MobileMe Gallery album https://bugs.webkit.org/show_bug.cgi?id=60560 <rdar://problem/9338693> Add symbols required by WebKit2. * WebCore.exp.in: 2011-05-10 Alexander Pavlov <apavlov@chromium.org> Reviewed by Pavel Feldman. Web Inspector: Styles sidebar is not updated upon changes in the Resources panel. https://bugs.webkit.org/show_bug.cgi?id=60320 * inspector/front-end/ElementsPanel.js: (WebInspector.ElementsPanel): 2011-05-06 Brett Wilson <brettw@chromium.org> Reviewed by Adam Barth. Use a File object to store the downloaded file reference rather than just the path. This keeps the file and permissions in scope (using the already-existing blob system) so the browser won't delete the file when the load is complete. Instead, the file will be cleaned up when the request objects are deleted. https://bugs.webkit.org/show_bug.cgi?id=60281 * platform/network/chromium/ResourceResponse.cpp: (WebCore::ResourceResponse::doPlatformCopyData): (WebCore::ResourceResponse::doPlatformAdopt): * platform/network/chromium/ResourceResponse.h: (WebCore::ResourceResponse::downloadedFile): (WebCore::ResourceResponse::setDownloadedFile): 2011-05-10 Eric Carlson <eric.carlson@apple.com> Reviewed by Darin Adler. Files that load quickly sometimes won't play. https://bugs.webkit.org/show_bug.cgi?id=60556 <rdar://problem/9330567> No new tests, this failure is very difficult to reproduce on some machines. The fix was verified manually. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::playabilityKnown): Move the call to updateStates to dispatchNotification so it is more obvious which state changes call it. (WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize): Correct logging typo. (WebCore::MediaPlayerPrivateAVFoundation::metadataLoaded): Move updateStates call to dispatchNotification. (WebCore::MediaPlayerPrivateAVFoundation::rateChanged): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::loadedTimeRangesChanged): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): Call updateStates after processing "size changed" notification so we detect all state changes. Consolidate calls to updateStates here. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer): Name the video layer in a debug build. 2011-05-10 Abhishek Arya <inferno@chromium.org> Reviewed by Simon Fraser. Add containsFloats call to hasOverhangingFloats. https://bugs.webkit.org/show_bug.cgi?id=60537 Test: fast/block/float/no-overhanging-float-crash.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::repaintOverhangingFloats): * rendering/RenderBlock.h: (WebCore::RenderBlock::hasOverhangingFloats): 2011-05-10 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Antonio Gomes. Warning fix on PluginPackage.cpp. https://bugs.webkit.org/show_bug.cgi?id=60371 Warning fix on conversion from time_t to unsigned on Linux with GCC 4.6.0. Let's use a struct rather than an array so we can pass everything to StringHasher. * plugins/PluginPackage.cpp: (WebCore::PluginPackage::hash): 2011-05-10 Andreas Kling <andreas.kling@nokia.com> Rubber-stamped by Csaba Osztrogonác. [Qt] Disable HAVE_QRAWFONT until Qt API stabilizes. https://bugs.webkit.org/show_bug.cgi?id=60551 * WebCore.pro: Disable the line that enables HAVE_QRAWFONT if the feature is found. Added a comment about why. 2011-05-10 Andrey Kosyakov <caseq@chromium.org> Reviewed by Sam Weinig. Web Inspector: inspector/console/console-shadow-dom-access.html crashes on mac debug https://bugs.webkit.org/show_bug.cgi?id=60266 * bindings/objc/DOM.mm: (kitClass): return DOMNode class for shadow root node 2011-05-10 Ben Murdoch <benm@google.com> Reviewed by Steve Block. Fix build in WebCore/xml/XSLTProcessorLibxslt.cpp https://bugs.webkit.org/show_bug.cgi?id=60478 No new tests), build fix only. * xml/XSLTProcessorLibxslt.cpp: Add CString.h include. 2011-05-10 Keith Kyzivat <keith.kyzivat@nokia.com> Reviewed by Kenneth Rohde Christiansen. [Qt] QtRawFont support should check based on feature, not version https://bugs.webkit.org/show_bug.cgi?id=60513 Build fix - no tests added. * WebCore.pro: 2011-05-10 Tony Gentilcore <tonyg@chromium.org> Build fix: include ExceptionCode https://bugs.webkit.org/show_bug.cgi?id=60538 * bindings/js/JSDOMBinding.cpp: 2011-05-06 Tony Gentilcore <tonyg@chromium.org> Reviewed by Darin Adler. Fix some unnecessary includes in headers https://bugs.webkit.org/show_bug.cgi?id=60388 These were all found using the include-what-you-use clang plugin. * css/CSSFontFaceSrcValue.h: * css/CSSImageGeneratorValue.h: * css/CSSParser.h: * css/CSSPrimitiveValueCache.cpp: * css/CSSPrimitiveValueCache.h: * css/CSSStyleSelector.cpp: * css/CSSStyleSelector.h: * css/RGBColor.cpp: * css/RGBColor.h: * dom/EventTarget.h: * dom/ExceptionBase.cpp: * dom/ExceptionBase.h: * dom/MessagePort.cpp: * dom/Range.cpp: * dom/Range.h: * dom/SelectElement.cpp: * dom/SelectElement.h: * dom/TextEvent.cpp: * dom/TextEvent.h: * dom/Touch.cpp: * dom/Touch.h: * dom/TouchEvent.cpp: * dom/TouchEvent.h: * dom/XMLDocumentParser.h: * dom/XMLDocumentParserScope.h: * editing/AppendNodeCommand.cpp: * editing/ApplyBlockElementCommand.h: * editing/DeleteFromTextNodeCommand.cpp: * editing/EditCommand.h: * editing/Editor.h: * editing/FormatBlockCommand.h: * editing/IndentOutdentCommand.h: * editing/InsertIntoTextNodeCommand.cpp: * editing/InsertNodeBeforeCommand.cpp: * editing/ReplaceSelectionCommand.h: * editing/SetNodeAttributeCommand.h: * html/HTMLSelectElement.h: * html/canvas/CanvasRenderingContext2D.cpp: * loader/appcache/DOMApplicationCache.cpp: * page/EventSource.cpp: * rendering/RenderListBox.cpp: * rendering/RenderMenuList.cpp: * rendering/RenderTextControlSingleLine.cpp: * rendering/svg/RenderSVGInlineText.cpp: * svg/SVGMatrix.h: * websockets/WebSocket.cpp: * workers/AbstractWorker.cpp: * xml/XMLHttpRequest.cpp: * xml/XPathExpression.cpp: 2011-05-10 MORITA Hajime <morrita@google.com> Reviewed by Ryosuke Niwa. REGRESSION(r73886): Frequent crashes in replaceSelectionWithFragment https://bugs.webkit.org/show_bug.cgi?id=60090 SpellChecker uses TextCheckerClient, which belongs Page object, which is possibly destroyed during SpellChecker's lifetime. This change added to a guard before using TextCheckerClient to ensure it being live. No new tests, this is a speculative fix for a real crash. * editing/Editor.cpp: (WebCore::Editor::Editor): * editing/SpellChecker.cpp: (WebCore::SpellChecker::SpellChecker): (WebCore::SpellChecker::client): (WebCore::SpellChecker::canCheckAsynchronously): (WebCore::SpellChecker::requestCheckingFor): * editing/SpellChecker.h: 2011-05-09 Dan Bernstein <mitz@apple.com> Try to fix the LLVM Compiler build. * page/EventHandler.h: 2011-05-09 Daniel Cheng <dcheng@chromium.org> Fix the build. Really add the file this time. * page/DragState.h: Added. (WebCore::DragState::DragState): 2011-05-09 Daniel Cheng <dcheng@chromium.org> Reviewed by Tony Chang. Refactor RenderObject::draggableNode. https://bugs.webkit.org/show_bug.cgi?id=60503 This patch lays the ground for refactoring the drag start logic. It moves draggableNode to DragController to avoid the awkward plumbing of calling DragController from RenderObject and also moves EventHandlerDragState out from EventHandler so it can be shared between EventHandler and DragController where appropriate. No new tests since there should be no behavior change. * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * page/DragController.cpp: (WebCore::DragController::draggableNode): (WebCore::DragController::mayStartDragAtEventLocation): * page/DragController.h: * page/DragState.h: Added. (WebCore::DragState::DragState): * page/EventHandler.cpp: (WebCore::EventHandler::dragState): (WebCore::EventHandler::eventMayStartDrag): (WebCore::EventHandler::handleDrag): * page/EventHandler.h: * rendering/RenderObject.cpp: * rendering/RenderObject.h: 2011-05-09 Luke Macpherson <macpherson@chromium.org> Reviewed by Darin Adler. Enable casting between CSSPrimitiveValue and FontWeight enum https://bugs.webkit.org/show_bug.cgi?id=60516 No new tests added as no functionality changed. * css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Implement cast from FontWeight to CSSPrimitiveValue. (WebCore::CSSPrimitiveValue::operator FontWeight): Implement cast from CSSPrimitiveValue to FontWeight * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Use new cast to reduce code size. Flatten switch inside if. 2011-05-09 Simon Fraser <simon.fraser@apple.com> Move IconURL.* into the dom grouping. * WebCore.xcodeproj/project.pbxproj: 2011-05-08 Jeremy Noble <jer.noble@apple.com> Reviewed by Dan Bernstein. Full-screen video disappears behind black screen with scrollbar, followed by crash at jerryseinfeld.com https://bugs.webkit.org/show_bug.cgi?id=60449 Make RenderFullScreen a non-anonymous block, so that it does not get deleted when a parent attempts to coalesce anonymous children. Test: fullscreen/full-screen-remove-sibling.html * rendering/RenderObject.h: (WebCore::RenderObject::isAnonymousBlock): 2011-05-09 Jeremy Noble <jer.noble@apple.com> Reviewed by Simon Fraser. REGRESSION (r84706): Crazy rendering of vimeo.com after exiting fullscreen video https://bugs.webkit.org/show_bug.cgi?id=60512 Initialize m_containsFullScreenElement. * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::HTMLFrameElementBase): 2011-05-09 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. REGRESSION(r86039): DragCaretController doesn't draw caret https://bugs.webkit.org/show_bug.cgi?id=60505 Removed an early exit in setCaretPosition introduced by r86039. Also replaced calls to containerNode by deprecatedNode since rendering code doesn't support container node for rendering caret. * editing/FrameSelection.cpp: (WebCore::DragCaretController::setCaretPosition): 2011-04-29 Martin Robinson <mrobinson@igalia.com> Reviewed by Gustavo Noronha Silva. [GTK] Untangle GtkAdjustments from WebCore https://bugs.webkit.org/show_bug.cgi?id=59821 Completely remove the ability for WebKit to set GtkAdjustments on ScrollViews and, consequently, Scrollbars. Handling adjustment updates can now be managed in WebKit. No new tests. This is covered by existing Scrollbar tests. * platform/ScrollView.cpp: platformInit and platformDestroy can now be shared between ScrollView.cpp and ScrollViewGtk.cpp. * platform/ScrollView.h: Remove unused methods. * platform/gtk/MainFrameScrollbarGtk.cpp: (MainFrameScrollbarGtk::create): No longer need to pass in the adjustment. (MainFrameScrollbarGtk::MainFrameScrollbarGtk): Update the comments here. * platform/gtk/MainFrameScrollbarGtk.h: Lots of code removal. * platform/gtk/ScrollViewGtk.cpp: Ditto. (WebCore::ScrollView::createScrollbar): Ditto. (WebCore::ScrollView::setScrollbarModes): Ditto. * plugins/gtk/PluginViewGtk.cpp: This file needs the GRefPtrGtk.h include now that it doesn't receive it transitively. 2011-05-09 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. CSP should block Function constructor https://bugs.webkit.org/show_bug.cgi?id=60240 Tests: http/tests/security/contentSecurityPolicy/function-constructor-allowed.html http/tests/security/contentSecurityPolicy/function-constructor-blocked.html * bindings/js/JSLazyEventListener.cpp: (WebCore::JSLazyEventListener::initializeJSFunction): - Update call site to the new entrypoint. * bindings/v8/V8LazyEventListener.cpp: (WebCore::V8LazyEventListener::prepareListenerObject): - Add some comments about the rediculousness of this implementation. 2011-05-09 Chris Rogers <crogers@google.com> Reviewed by Kenneth Russell. Add RAII-style DenormalDisabler class to disable denormals which hurt audio performance https://bugs.webkit.org/show_bug.cgi?id=60396 No new tests since audio API is not yet implemented. * WebCore.gypi: * WebCore.xcodeproj/project.pbxproj: * platform/audio/DenormalDisabler.h: Added. (WebCore::DenormalDisabler::DenormalDisabler): (WebCore::DenormalDisabler::~DenormalDisabler): (WebCore::DenormalDisabler::getCSR): (WebCore::DenormalDisabler::setCSR): * webaudio/AudioDestinationNode.cpp: (WebCore::AudioDestinationNode::provideInput): 2011-05-09 Tony Chang <tony@chromium.org> Reviewed by Eric Seidel. Style cleanups in RenderFlexibleBox.cpp https://bugs.webkit.org/show_bug.cgi?id=60504 No new tests, just refactoring. * rendering/RenderFlexibleBox.cpp: (WebCore::FlexBoxIterator::FlexBoxIterator): Use m_ for member variables, and use class initializer list. (WebCore::FlexBoxIterator::reset): (WebCore::FlexBoxIterator::next): (WebCore::RenderFlexibleBox::RenderFlexibleBox): (WebCore::marginWidthForChild): Pull out common code used in calc*PrefWidths (WebCore::RenderFlexibleBox::calcHorizontalPrefWidths): (WebCore::RenderFlexibleBox::calcVerticalPrefWidths): (WebCore::RenderFlexibleBox::computePreferredLogicalWidths): (WebCore::RenderFlexibleBox::layoutBlock): (WebCore::gatherFlexChildrenInfo): Rewrite uses of FlexBoxIterator into for statements rather than while loops. (WebCore::RenderFlexibleBox::layoutHorizontalBox): ditto (WebCore::RenderFlexibleBox::layoutVerticalBox): ditto (WebCore::RenderFlexibleBox::applyLineClamp): (WebCore::RenderFlexibleBox::allowedChildFlex): Rename variables w/h to width/height. 2011-05-09 Eric Seidel <eric@webkit.org> Reviewed by Ryosuke Niwa. Abstract line deletion code into a function https://bugs.webkit.org/show_bug.cgi?id=60501 No change in behavior, thus no testing. * rendering/RenderBlockLineLayout.cpp: (WebCore::deleteLineRange): (WebCore::RenderBlock::layoutRunsAndFloats): (WebCore::RenderBlock::determineStartPosition): (WebCore::RenderBlock::matchedEndLine): 2011-05-09 Darin Adler <darin@apple.com> Cleared some stray executable bits on source files. * bindings/js/WorkerScriptDebugServer.cpp: Removed property svn:executable. * bindings/js/WorkerScriptDebugServer.h: Removed property svn:executable. 2011-05-09 Erik Arvidsson <arv@chromium.org> Reviewed by Darin Adler. radiogroup: onchange not detected when triggered by keyboard https://bugs.webkit.org/show_bug.cgi?id=32013 Test: fast/forms/radio-group-keyboard-change-event.html * html/RadioInputType.cpp: (WebCore::RadioInputType::handleKeydownEvent): Ensure that we do not check the radio input before we simulate the click event. The simulated click event will check it for us but more importantly it will fire the "change" event as expected. 2011-05-09 Adam Barth <abarth@webkit.org> Reviewed by Daniel Bates. XSSAuditor should be more selective about the <meta http-equivs> that it blocks https://bugs.webkit.org/show_bug.cgi?id=60489 We don't need to filter most http-equiv attributes. This patch introduces a blacklist for two that we probably do want to filter. It's possible a whitelist would be more appropriate, but I'm inclined to start with a blacklist and see how it works. This patch will hopefully fix a false positive that is causing errors with copy-and-pasted text in Gmail in some configurations (due to using the <meta> tag to request UTF-8 encoding both in the pasted text and in the page itself). * html/parser/XSSFilter.cpp: (WebCore::isNonCanonicalCharacter): (WebCore::canonicalize): (WebCore::isRequiredForInjection): (WebCore::hasName): (WebCore::findAttributeWithName): (WebCore::isNameOfInlineEventHandler): (WebCore::isDangerousHTTPEquiv): - This function is new in the patch and includes a blacklist of dangerous http-equivs. Many of the other functions listed here are just being moved from an anonymous namespace to use static for internal linkage. (WebCore::containsJavaScriptURL): (WebCore::decodeURL): (WebCore::XSSFilter::eraseAttributeIfInjected): 2011-05-05 Matthew Delaney <mdelaney@apple.com> Reviewed by Simon Fraser. Remove canvas usage of roundToDevicePixels https://bugs.webkit.org/show_bug.cgi?id=60331 No new tests. This could only affect canvases at non-integral scale factors. Our tests only run in 1.0x. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::drawImage): 2011-05-09 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Andreas Kling. [Qt] Fix the build on Embedded Linux. https://bugs.webkit.org/show_bug.cgi?id=60347 qpa is the name for lighthouse but the old name for Qt for Embedded Linux should still be used in order to build properly. * WebCore.pri: 2011-05-09 Andreas Kling <kling@webkit.org> Reviewed by Kenneth Rohde Christiansen. [Qt] Simple small-caps text is displayed in uniform size. https://bugs.webkit.org/show_bug.cgi?id=60492 Covered by existing tests. * platform/graphics/qt/FontPlatformDataQt.cpp: (WebCore::FontPlatformData::FontPlatformData): In the FontPlatformData constructor used by SimpleFontData::scaledFontData(), pass the pixel size to both QFont and QRawFont to make small caps and emphasis marks have the correct size when rendered through the fast font path. 2011-05-09 Andreas Kling <kling@webkit.org> Reviewed by Tor Arne Vestbø. [Qt] Remove unused FontPlatformData functions. https://bugs.webkit.org/show_bug.cgi?id=60485 * platform/graphics/qt/FontPlatformData.h: (WebCore::FontPlatformData::bold): Removed. (WebCore::FontPlatformData::family): Removed. (WebCore::FontPlatformData::italic): Removed. (WebCore::FontPlatformData::smallCaps): Removed. 2011-05-09 Robin Dunn <robin@alldunn.com> Reviewed by Kevin Ollivier. [wx] Add invalid file handle check. https://bugs.webkit.org/show_bug.cgi?id=60483 * platform/wx/FileSystemWx.cpp: (WebCore::closeFile): 2011-05-09 Robin Dunn <robin@alldunn.com> Reviewed by Kevin Ollivier. [wx] Update the popup menu code to grab the native control and initialize the event handler properly. https://bugs.webkit.org/show_bug.cgi?id=60482 * platform/wx/PopupMenuWx.cpp: (WebCore::PopupMenuWx::PopupMenuWx): (WebCore::PopupMenuWx::~PopupMenuWx): (WebCore::PopupMenuWx::show): 2011-05-09 Robin Dunn <robin@alldunn.com> Reviewed by Kevin Ollivier. [wx] Make sure other controls adjust the rect to handle transforms, and turn off the adjustment in 2.9.2+ where it is handled internally by wx. Also add a couple drawing and focus handling fixes for text fields and menulist controls. https://bugs.webkit.org/show_bug.cgi?id=60481 * platform/wx/RenderThemeWx.cpp: (WebCore::getAdjustedRect): (WebCore::RenderThemeWx::supportsFocus): (WebCore::RenderThemeWx::paintButton): (WebCore::RenderThemeWx::adjustTextFieldStyle): (WebCore::RenderThemeWx::paintTextField): (WebCore::RenderThemeWx::adjustMenuListStyle): (WebCore::RenderThemeWx::paintMenuList): (WebCore::RenderThemeWx::paintMenuListButton): 2011-05-09 Tony Gentilcore <tonyg@chromium.org> Reviewed by Darin Adler. Style fix: Function names must begin with lowercase letter and should not use "get". https://bugs.webkit.org/show_bug.cgi?id=60475 * dom/Document.cpp: (WebCore::Document::webkitVisibilityState): * page/PageVisibilityState.cpp: (WebCore::pageVisibilityStateString): Renamed. * page/PageVisibilityState.h: 2011-05-09 Adam Barth <abarth@webkit.org> Reviewed by Tony Gentilcore. Make Chromium build with strict PassOwnPtr https://bugs.webkit.org/show_bug.cgi?id=60461 Fix many, many PassOwnPtr nits. * bindings/v8/V8Proxy.cpp: (WebCore::V8Proxy::precompileScript): * bindings/v8/custom/V8DOMWindowCustom.cpp: (WebCore::WindowSetTimeoutImpl): * bindings/v8/custom/V8MessageEventCustom.cpp: (WebCore::V8MessageEvent::initMessageEventCallback): * bindings/v8/custom/V8WorkerContextCustom.cpp: (WebCore::SetTimeoutOrInterval): * dom/Document.cpp: (WebCore::Document::removedLastRef): (WebCore::Document::detach): * fileapi/DOMFileSystem.h: (WebCore::DOMFileSystem::scheduleCallback): * fileapi/FileSystemCallbacks.cpp: (WebCore::FileSystemCallbacks::didOpenFileSystem): (WebCore::ResolveURICallbacks::didOpenFileSystem): * platform/graphics/chromium/GraphicsLayerChromium.cpp: (WebCore::GraphicsLayer::create): * platform/graphics/chromium/cc/CCLayerImpl.cpp: (WebCore::CCLayerImpl::createRenderSurface): * platform/graphics/gpu/BicubicShader.cpp: (WebCore::BicubicShader::create): * platform/graphics/gpu/ConvolutionShader.cpp: (WebCore::ConvolutionShader::create): * platform/graphics/gpu/LoopBlinnSolidFillShader.cpp: (WebCore::LoopBlinnSolidFillShader::create): * platform/graphics/gpu/SolidFillShader.cpp: (WebCore::SolidFillShader::create): * platform/graphics/gpu/TexShader.cpp: (WebCore::TexShader::create): * platform/graphics/gpu/Texture.cpp: (WebCore::Texture::create): * storage/chromium/DatabaseTrackerChromium.cpp: (WebCore::TrackerRemoveOpenDatabaseTask::create): * storage/chromium/SQLTransactionClientChromium.cpp: (WebCore::NotifyDatabaseChangedTask::create): 2011-05-07 Martin Robinson <mrobinson@igalia.com> Reviewed by Daniel Bates. [Soup] Clean up error handling in ResourceHandleSoup https://bugs.webkit.org/show_bug.cgi?id=60436 Instead of repeating the ResourceError creation twice, abstract it into a helper method. No new tests. This is a code cleanup. * platform/network/soup/ResourceHandleSoup.cpp: (WebCore::soupErrorShouldCauseLoadFailure): Added. (WebCore::convertSoupErrorToResourceError): Added. (WebCore::sendRequestCallback): Use the new helpers. (WebCore::readCallback): Ditto. 2011-05-09 Abhishek Arya <inferno@chromium.org> Reviewed by Dave Hyatt. Regression(r85869): Restore dirty line logic in RenderInline::destroy. https://bugs.webkit.org/show_bug.cgi?id=60448 Test: fast/inline/inline-destroy-dirty-lines-crash.html * rendering/RenderInline.cpp: (WebCore::RenderInline::destroy): 2011-05-09 Alejandro G. Castro <alex@igalia.com> Reviewed by Martin Robinson. [GTK] WidgetGtk setFocus can not access directly the widget in WK2 https://bugs.webkit.org/show_bug.cgi?id=60016 Added code to check the situation where we do not have direct access to the widget. We use the page to grab the focus which would send a request to the UIProcess in WK2. * platform/gtk/WidgetGtk.cpp: (WebCore::Widget::setFocus): 2011-05-09 Leandro Gracia Gil <leandrogracia@chromium.org> Reviewed by Tony Gentilcore. Media Stream API: add exception raising to the getUserMedia method. https://bugs.webkit.org/show_bug.cgi?id=60387 Perform the required changes to support rising exceptions in the navigator.getUserMedia method. This is required by the latest changes in the spec: http://www.whatwg.org/specs/web-apps/current-work/multipage/dnd.html#dom-navigator-getusermedia Test: fast/dom/MediaStream/argument-types.html * bindings/js/JSNavigatorCustom.cpp: (WebCore::JSNavigator::webkitGetUserMedia): * bindings/v8/custom/V8NavigatorCustom.cpp: (WebCore::V8Navigator::webkitGetUserMediaCallback): * page/Navigator.cpp: (WebCore::Navigator::webkitGetUserMedia): * page/Navigator.h: * page/Navigator.idl: 2011-05-09 Csaba Osztrogonác <ossy@webkit.org> Unreviewed Qt 4.8 fix. * WebCore.pro: 4.8 bots are updated with the full QRawFont APIs, so we can set HAVE_QRAWFONT now. 2011-05-09 Adam Roben <aroben@apple.com> Windows project file fix after r86047 * WebCore.vcproj/WebCore.vcproj: Added missing closing tags. 2011-05-06 Chris Marrin <cmarrin@apple.com> Reviewed by Darin Adler. Fix layer names to say "tiled" and show CALayer addresses, not PlatformCALayer addresses https://bugs.webkit.org/show_bug.cgi?id=60417 Layer name now has "Tiled" prepended if it is a TiledLayer. This is true on Mac where the layer is a CATiledLayer and on Win where the layer is actually still a CACFLayer but implements a tiled layer. I also now print the address of the CALayer or CACFLayer instead of the PlatformCALayer everywhere. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer): 2011-05-09 Rob Buis <rbuis@rim.com> Reviewed by Dirk Schulze. Elements should assert that the QualifiedName given to their constructor corresponds to the Element constructed https://bugs.webkit.org/show_bug.cgi?id=22576 Add tag name ASSERTs in SVG Element constructors. No new tests, since no change in behaviour. * svg/SVGAElement.cpp: (WebCore::SVGAElement::SVGAElement): * svg/SVGAltGlyphElement.cpp: (WebCore::SVGAltGlyphElement::SVGAltGlyphElement): * svg/SVGAnimateColorElement.cpp: (WebCore::SVGAnimateColorElement::SVGAnimateColorElement): * svg/SVGAnimateElement.cpp: (WebCore::SVGAnimateElement::SVGAnimateElement): * svg/SVGAnimateMotionElement.cpp: (WebCore::SVGAnimateMotionElement::SVGAnimateMotionElement): * svg/SVGAnimateTransformElement.cpp: (WebCore::SVGAnimateTransformElement::SVGAnimateTransformElement): * svg/SVGCircleElement.cpp: (WebCore::SVGCircleElement::SVGCircleElement): * svg/SVGClipPathElement.cpp: (WebCore::SVGClipPathElement::SVGClipPathElement): * svg/SVGCursorElement.cpp: (WebCore::SVGCursorElement::SVGCursorElement): * svg/SVGDefsElement.cpp: (WebCore::SVGDefsElement::SVGDefsElement): * svg/SVGDescElement.cpp: (WebCore::SVGDescElement::SVGDescElement): * svg/SVGEllipseElement.cpp: (WebCore::SVGEllipseElement::SVGEllipseElement): * svg/SVGFEBlendElement.cpp: (WebCore::SVGFEBlendElement::SVGFEBlendElement): * svg/SVGFEColorMatrixElement.cpp: (WebCore::SVGFEColorMatrixElement::SVGFEColorMatrixElement): * svg/SVGFEComponentTransferElement.cpp: (WebCore::SVGFEComponentTransferElement::SVGFEComponentTransferElement): * svg/SVGFECompositeElement.cpp: (WebCore::SVGFECompositeElement::SVGFECompositeElement): * svg/SVGFEConvolveMatrixElement.cpp: (WebCore::SVGFEConvolveMatrixElement::SVGFEConvolveMatrixElement): * svg/SVGFEDiffuseLightingElement.cpp: (WebCore::SVGFEDiffuseLightingElement::SVGFEDiffuseLightingElement): * svg/SVGFEDisplacementMapElement.cpp: (WebCore::SVGFEDisplacementMapElement::SVGFEDisplacementMapElement): * svg/SVGFEDistantLightElement.cpp: (WebCore::SVGFEDistantLightElement::SVGFEDistantLightElement): * svg/SVGFEDropShadowElement.cpp: (WebCore::SVGFEDropShadowElement::SVGFEDropShadowElement): * svg/SVGFEFloodElement.cpp: (WebCore::SVGFEFloodElement::SVGFEFloodElement): * svg/SVGFEFuncAElement.cpp: (WebCore::SVGFEFuncAElement::SVGFEFuncAElement): * svg/SVGFEFuncBElement.cpp: (WebCore::SVGFEFuncBElement::SVGFEFuncBElement): * svg/SVGFEFuncGElement.cpp: (WebCore::SVGFEFuncGElement::SVGFEFuncGElement): * svg/SVGFEFuncRElement.cpp: (WebCore::SVGFEFuncRElement::SVGFEFuncRElement): * svg/SVGFEGaussianBlurElement.cpp: (WebCore::SVGFEGaussianBlurElement::SVGFEGaussianBlurElement): * svg/SVGFEImageElement.cpp: (WebCore::SVGFEImageElement::SVGFEImageElement): * svg/SVGFEMergeElement.cpp: (WebCore::SVGFEMergeElement::SVGFEMergeElement): * svg/SVGFEMergeNodeElement.cpp: (WebCore::SVGFEMergeNodeElement::SVGFEMergeNodeElement): * svg/SVGFEMorphologyElement.cpp: (WebCore::SVGFEMorphologyElement::SVGFEMorphologyElement): * svg/SVGFEOffsetElement.cpp: (WebCore::SVGFEOffsetElement::SVGFEOffsetElement): * svg/SVGFEPointLightElement.cpp: (WebCore::SVGFEPointLightElement::SVGFEPointLightElement): * svg/SVGFESpecularLightingElement.cpp: (WebCore::SVGFESpecularLightingElement::SVGFESpecularLightingElement): * svg/SVGFESpotLightElement.cpp: (WebCore::SVGFESpotLightElement::SVGFESpotLightElement): * svg/SVGFETileElement.cpp: (WebCore::SVGFETileElement::SVGFETileElement): * svg/SVGFETurbulenceElement.cpp: (WebCore::SVGFETurbulenceElement::SVGFETurbulenceElement): * svg/SVGFilterElement.cpp: (WebCore::SVGFilterElement::SVGFilterElement): * svg/SVGFontElement.cpp: (WebCore::SVGFontElement::SVGFontElement): * svg/SVGFontFaceElement.cpp: (WebCore::SVGFontFaceElement::SVGFontFaceElement): * svg/SVGFontFaceFormatElement.cpp: (WebCore::SVGFontFaceFormatElement::SVGFontFaceFormatElement): * svg/SVGFontFaceNameElement.cpp: (WebCore::SVGFontFaceNameElement::SVGFontFaceNameElement): * svg/SVGFontFaceSrcElement.cpp: (WebCore::SVGFontFaceSrcElement::SVGFontFaceSrcElement): * svg/SVGFontFaceUriElement.cpp: (WebCore::SVGFontFaceUriElement::SVGFontFaceUriElement): * svg/SVGForeignObjectElement.cpp: (WebCore::SVGForeignObjectElement::SVGForeignObjectElement): * svg/SVGGElement.cpp: (WebCore::SVGGElement::SVGGElement): * svg/SVGGlyphElement.cpp: (WebCore::SVGGlyphElement::SVGGlyphElement): * svg/SVGHKernElement.cpp: (WebCore::SVGHKernElement::SVGHKernElement): * svg/SVGImageElement.cpp: (WebCore::SVGImageElement::SVGImageElement): * svg/SVGLineElement.cpp: (WebCore::SVGLineElement::SVGLineElement): * svg/SVGLinearGradientElement.cpp: (WebCore::SVGLinearGradientElement::SVGLinearGradientElement): * svg/SVGMPathElement.cpp: (WebCore::SVGMPathElement::SVGMPathElement): * svg/SVGMarkerElement.cpp: (WebCore::SVGMarkerElement::SVGMarkerElement): * svg/SVGMaskElement.cpp: (WebCore::SVGMaskElement::SVGMaskElement): * svg/SVGMetadataElement.cpp: (WebCore::SVGMetadataElement::SVGMetadataElement): * svg/SVGMissingGlyphElement.cpp: (WebCore::SVGMissingGlyphElement::SVGMissingGlyphElement): * svg/SVGPathElement.cpp: (WebCore::SVGPathElement::SVGPathElement): * svg/SVGPatternElement.cpp: (WebCore::SVGPatternElement::SVGPatternElement): * svg/SVGPolygonElement.cpp: (WebCore::SVGPolygonElement::SVGPolygonElement): * svg/SVGPolylineElement.cpp: (WebCore::SVGPolylineElement::SVGPolylineElement): * svg/SVGRadialGradientElement.cpp: (WebCore::SVGRadialGradientElement::SVGRadialGradientElement): * svg/SVGRectElement.cpp: (WebCore::SVGRectElement::SVGRectElement): * svg/SVGSVGElement.cpp: (WebCore::SVGSVGElement::SVGSVGElement): * svg/SVGScriptElement.cpp: (WebCore::SVGScriptElement::SVGScriptElement): * svg/SVGSetElement.cpp: (WebCore::SVGSetElement::SVGSetElement): * svg/SVGStopElement.cpp: (WebCore::SVGStopElement::SVGStopElement): * svg/SVGStyleElement.cpp: (WebCore::SVGStyleElement::SVGStyleElement): * svg/SVGSwitchElement.cpp: (WebCore::SVGSwitchElement::SVGSwitchElement): * svg/SVGSymbolElement.cpp: (WebCore::SVGSymbolElement::SVGSymbolElement): * svg/SVGTRefElement.cpp: (WebCore::SVGTRefElement::SVGTRefElement): * svg/SVGTSpanElement.cpp: (WebCore::SVGTSpanElement::SVGTSpanElement): * svg/SVGTextElement.cpp: (WebCore::SVGTextElement::SVGTextElement): * svg/SVGTextPathElement.cpp: (WebCore::SVGTextPathElement::SVGTextPathElement): * svg/SVGTitleElement.cpp: (WebCore::SVGTitleElement::SVGTitleElement): * svg/SVGUseElement.cpp: (WebCore::SVGUseElement::SVGUseElement): * svg/SVGVKernElement.cpp: (WebCore::SVGVKernElement::SVGVKernElement): * svg/SVGViewElement.cpp: (WebCore::SVGViewElement::SVGViewElement): 2011-05-09 Shishir Agrawal <shishir@chromium.org> Reviewed by Tony Gentilcore. Implement Page Visibility API. https://bugs.webkit.org/show_bug.cgi?id=54181 Tests: fast/events/page-visibility-iframe-delete-test.html fast/events/page-visibility-iframe-move-test.html fast/events/page-visibility-iframe-propagation-test.html fast/events/page-visibility-transition-test.html * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * dom/Document.cpp: (WebCore::Document::visibilityState): (WebCore::Document::webkitVisibilityState): (WebCore::Document::webkitIsVisible): (WebCore::Document::dispatchVisibilityStateChangeEvent): * dom/Document.h: * dom/Document.idl: * dom/EventNames.h: * page/Frame.cpp: (WebCore::Frame::dispatchVisibilityStateChangeEvent): * page/Frame.h: * page/Page.cpp: (WebCore::Page::Page): (WebCore::Page::setVisibilityState): (WebCore::Page::visibilityState): * page/Page.h: * page/PageVisibilityState.cpp: Added. (WebCore::GetPageVisibilityStateString): * page/PageVisibilityState.h: Added. 2011-05-09 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Implement expanding CSS border properties in CSSStyleApplyProperty. https://bugs.webkit.org/show_bug.cgi?id=60456 No new tests added as no functionality changed. * css/CSSStyleApplyProperty.cpp: (WebCore::CSSStyleApplyProperty::CSSStyleApplyProperty): Create CSS border expanding property handlers. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Remove property handlers that are no longer needed. 2011-05-08 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Kent Tamura. selectstart event does not fire when selection is made via select all https://bugs.webkit.org/show_bug.cgi?id=60376 Fire selectstart event when a user selects all contents (i.e. document.execCommand('SelectAll')) in document, editable region, or text control. Tests: editing/selection/selectstart-on-selectall.html editing/selection/selectstart-prevent-selectall.html * dom/Node.h: Removed canSelectAll and selectAll as they are left over from WMLSelectElement. * editing/FrameSelection.cpp: (WebCore::FrameSelection::selectAll): Dispatch selectstart event on selectStartTarget, which is input element or textarea element when the current selection is inside a shadow DOM, and the root editable element if it's inside a non-shadow editable region, and the body element otherwise. * html/HTMLSelectElement.h: Made canSelectAll and selectAll public since they are no longer declared in Node. 2011-05-08 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Make RenderStyle::setColumnBreakInside() reject unsupported enum values. https://bugs.webkit.org/show_bug.cgi?id=60249 No new tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Remove special-case code and use appropriate macro. * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::setColumnBreakInside): Assert that supported values are used. 2011-05-08 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Darin Adler. Extract a DragCaretController from FrameSelection https://bugs.webkit.org/show_bug.cgi?id=60273 Extracted CaretBase and DragCaretController from FrameSelection. CaretBase is a base class for DragCaretController and FrameSelection and provides functions to paint caret. Since DragCaretController doesn't need to store selection, it only holds one VisiblePosition. * WebCore.exp.in: * editing/FrameSelection.cpp: (WebCore::CaretBase::CaretBase): Added. (WebCore::DragCaretController::DragCaretController): Added; Set m_caretVisible true. (WebCore::DragCaretController::isContentRichlyEditable): Added. (WebCore::FrameSelection::FrameSelection): Several member variables are move to CaretBase. (WebCore::DragCaretController::setCaretPosition): Extracted from FrameSelection::setSelection. (WebCore::FrameSelection::setSelection): Removed an early exit for DragCaretController. (WebCore::clearRenderViewSelection): Extracted from FrameSelection::respondToNodeModification. (WebCore::DragCaretController::nodeWillBeRemoved): Extracted from FrameSelection::nodeWillBeRemoved and respondToNodeModification. Note that the position DragCaretController holds is equivalent to FrameSelection's base or start so when removingNodeRemovesPosition returns true for m_position, we used to execute the first if clause and cleared render tree selection and DOM tree selection. This is exactly what new DragCaretController::nodeWillBeRemoved does. (WebCore::FrameSelection::nodeWillBeRemoved): Simplified early exist conditions. (WebCore::FrameSelection::respondToNodeModification): Calls clearRenderViewSelection. (WebCore::CaretBase::updateCaretRect): Takes document, caretPosition, selection type, and boolean isOrphaned. Note that we can't obtain the document from caretPosition because VisiblePosition can be null even if FrameSelection's start was not null. (WebCore::caretRendersInsideNode): Moved; Made static local. (WebCore::CaretBase::caretRenderer): Extracted from FrameSelection::caretRenderer. (WebCore::FrameSelection::caretRenderer): Calls CaretBase::caretRenderer. (WebCore::DragCaretController::caretRenderer): Ditto. (WebCore::FrameSelection::localCaretRect): Calls updateCaretRect with extra arguments. (WebCore::CaretBase::absoluteBoundsForLocalRect): Moved from FrameSelection; Takes Node*. (WebCore::CaretBase::caretRepaintRect): Ditto. (WebCore::FrameSelection::recomputeCaretRect): Calls absoluteBoundsForLocalRect, caretRepaintRect, and shouldRepaintCaret with extra arguments. (WebCore::CaretBase::shouldRepaintCaret): Takes a boolean isContentEditable. (WebCore::FrameSelection::invalidateCaretRect): Calls CaretBase::invalidateCaretRect. (WebCore::CaretBase::invalidateCaretRect): Extracted from FrameSelection::invalidateCaretRect. (WebCore::FrameSelection::paintCaret): Calls CaretBase::paintCaret. (WebCore::CaretBase::paintCaret): Extracted from FrameSelection::paintCaret. (WebCore::FrameSelection::updateAppearance): Removed an assertion that this function is never called for DragCaretController. (WebCore::DragCaretController::paintDragCaret): Moved from FrameSelection::paintDragCaret. * editing/FrameSelection.h: (WebCore::CaretBase::localCaretRectForPainting): Added. (WebCore::DragCaretController::isContentEditable): Added. (WebCore::DragCaretController::hasCaret): Added. (WebCore::DragCaretController::caretPosition): Added. (WebCore::DragCaretController::clear): Added. * page/DragController.cpp: (WebCore::DragController::tryDocumentDrag): Uses DragCaretController. (WebCore::DragController::dispatchTextInputEventFor): Ditto. (WebCore::DragController::concludeEditDrag): Ditto. (WebCore::DragController::placeDragCaret): Ditto. * page/Page.cpp: (WebCore::Page::Page): Instantiates DragCaretController instead of FrameSelection. * page/Page.h: (WebCore::Page::dragCaretController): Returns DragCaretController* instead of FrameSelection*. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::paintCaret): Uses FrameSelection and DragCaretController. 2011-05-08 Dan Bernstein <mitz@apple.com> Reviewed by Darin Adler. <rdar://problem/9401853> REGRESSION (r78846): Insufficient expansion for justification when there are multiple inline boxes https://bugs.webkit.org/show_bug.cgi?id=60432 * rendering/InlineTextBox.h: (WebCore::InlineTextBox::setExpansion): Changed back to take a int, since the m_expansion member variable is a (truncated) int anyway. * rendering/RenderBlockLineLayout.cpp: (WebCore::computeExpansionForJustifiedText): Changed the expansion local variable into an int so that the right amount is added to the total width. Also changed to use an early return. 2011-05-08 Pavel Feldman <pfeldman@chromium.org> Not reviewed: ignore 0 responses in the inspector network instrumentation. * inspector/front-end/NetworkManager.js: 2011-05-08 Jarkko Sakkinen <jarkko.j.sakkinen@gmail.com> Reviewed by Kenneth Rohde Christiansen. [Qt] GraphicsContext3D::getImageData() does not retrieve image data correctly https://bugs.webkit.org/show_bug.cgi?id=58556 Tests: fast/canvas/webgl/gl-teximage.html * platform/graphics/qt/GraphicsContext3DQt.cpp: (WebCore::GraphicsContext3D::getImageData): 2011-05-07 Dan Bernstein <mitz@apple.com> Reviewed by Maciej Stachowiak. <rdar://problem/9403055> REGRESSION (r85499): Inline images in iChat overflow their chat bubbles https://bugs.webkit.org/show_bug.cgi?id=60443 Test: fast/replaced/table-percent-height-positioned.html * rendering/RenderBox.cpp: (WebCore::RenderBox::computeReplacedLogicalHeightUsing): Do not apply the logic to prevent precent-height replaced elements from being squeezed by table cells when the replaced element is positioned (and thus doesn’t affect the table cell’s height). 2011-05-07 Sheriff Bot <webkit.review.bot@gmail.com> Unreviewed, rolling out r86016. http://trac.webkit.org/changeset/86016 https://bugs.webkit.org/show_bug.cgi?id=60445 caused crashes on the WK2 Windows bots (Requested by jessieberlin on #webkit). * platform/network/ResourceHandle.h: * platform/network/cf/CookieStorageCFNet.cpp: (WebCore::currentCookieStorage): (WebCore::defaultCookieStorage): * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::willSendRequest): (WebCore::makeFinalRequest): (WebCore::ResourceHandle::willSendRequest): * platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::doUpdatePlatformRequest): 2011-05-07 Sheriff Bot <webkit.review.bot@gmail.com> Unreviewed, rolling out r85974. http://trac.webkit.org/changeset/85974 https://bugs.webkit.org/show_bug.cgi?id=60444 broke browser tests (Requested by inferno-sec on #webkit). * platform/network/chromium/ResourceResponse.cpp: (WebCore::ResourceResponse::doPlatformCopyData): (WebCore::ResourceResponse::doPlatformAdopt): * platform/network/chromium/ResourceResponse.h: (WebCore::ResourceResponse::downloadFilePath): (WebCore::ResourceResponse::setDownloadFilePath): 2011-05-07 Jessie Berlin <jberlin@apple.com> Reviewed by Steve Falkenburg. [Windows WebKit2] Use cookies set in WebKit1 https://bugs.webkit.org/show_bug.cgi?id=60274 Share the default storage session between the UI and Web Processes. * platform/network/cf/CookieStorageCFNet.cpp: (WebCore::defaultSessionCookieStorage): Keep track of the default storage session cookie storage. (WebCore::currentCookieStorage): Call defaultCookieStorage to get the default cookie storage. (WebCore::defaultCookieStorage): If there is a default storage session cookie storage, prefer that over getting the default cookie storage. In the Web Process, asking CFNetwork for the default cookie storage directly without specifying a storage session will not get the cookie storage being shared by the UI and Web Processes. * platform/network/ResourceHandle.h: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::willSendRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). (WebCore::makeFinalRequest): Ditto. (WebCore::ResourceHandle::willSendRequest): Ditto. (WebCore::ResourceHandle::currentStorageSession): If there is a Private Browsing storage session, return that. If not, on Windows return the default storage session that is being shared with the UI Process and on Mac return 0. (WebCore::defaultCFURLStorageSession): (WebCore::ResourceHandle::setDefaultStorageSession): (WebCore::ResourceHandle::defaultStorageSession): * platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::doUpdatePlatformRequest): Make sure to set the current storage session on any requests used by the Web Process before CFNetwork has to do anything with them, in order for CFNetwork to avoid doing anything with the Web Process's default storage session (which is not the one shared with the UI Process). 2011-05-07 Joe Mason <jmason@rim.com> Reviewed by Daniel Bates. FrameLoader::isProcessingUserGesture is wrong in dispatchWillPerformClientRedirect https://bugs.webkit.org/show_bug.cgi?id=52211 Create a UserGestureIndicator when calling the clientRedirected callback. * loader/NavigationScheduler.cpp: (WebCore::ScheduledURLNavigation::didStartTimer): (WebCore::ScheduledURLNavigation::didStopTimer): (WebCore::ScheduledFormSubmission::didStartTimer): (WebCore::ScheduledFormSubmission::didStopTimer): 2011-05-06 Jon Lee <jonlee@apple.com> Reviewed by Alice Liu. Crash when sending a wheel event to a node with no shadow ancestor node https://bugs.webkit.org/show_bug.cgi?id=60429 <rdar://problem/9389619> * page/EventHandler.cpp: (WebCore::EventHandler::handleWheelEvent):add check to see if the shadow ancestor node of the node that was under the mouse exists before trying to dispatch the wheel event to it. 2011-05-06 Kent Tamura <tkent@chromium.org> Reviewed by Ryosuke Niwa. Eliminate WebCore/dom/InputElement.{cpp,h} https://bugs.webkit.org/show_bug.cgi?id=60262 - Fold in all of the code of InputElement.{cpp,h} into HTMLInputElement and TextFieldInputType. - Change the return type of Node::toInputElement(): InputElement* -> HTMLInputElement* No new tests. This change should not change the existing behaviour. * CMakeLists.txt: Remove InpuntElement.cpp and/or InputElement.h. * GNUmakefile.list.am: ditto. * WebCore.exp.in: Add symbols of functions exposed to WebKit. * WebCore.gypi: Remove InpuntElement.cpp and/or InputElement.h. * WebCore.pro: ditto. * WebCore.vcproj/WebCore.vcproj: ditto. * WebCore.xcodeproj/project.pbxproj: ditto. * accessibility/AXObjectCache.cpp: (WebCore::AXObjectCache::textMarkerDataForVisiblePosition): Follow the return type change of Node::toInputElement(). * accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::isPasswordField): ditto. (WebCore::AccessibilityRenderObject::isIndeterminate): ditto. (WebCore::AccessibilityRenderObject::isNativeCheckboxOrRadio): ditto. (WebCore::AccessibilityRenderObject::isChecked): ditto. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::canShareStyleWithElement): ditto. (WebCore::CSSStyleSelector::SelectorChecker::checkOneSelector): ditto. * dom/CheckedRadioButtons.cpp: (WebCore::CheckedRadioButtons::removeButton): ditto. * dom/DOMAllInOne.cpp: Remove InputElement.h. * dom/InputElement.cpp: Removed. * dom/InputElement.h: Removed. * dom/Node.cpp: (WebCore::Node::toInputElement): Change the return type from InputElement* to HTMLInputElement*. * dom/Node.h: ditto. * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::HTMLInputElement): (WebCore::HTMLInputElement::formControlName): (WebCore::HTMLInputElement::tooLong): (WebCore::HTMLInputElement::updateFocusAppearance): (WebCore::HTMLInputElement::aboutToUnload): (WebCore::HTMLInputElement::handleFocusEvent): (WebCore::HTMLInputElement::handleBlurEvent): (WebCore::HTMLInputElement::updateType): (WebCore::HTMLInputElement::parseMappedAttribute): (WebCore::HTMLInputElement::size): (WebCore::HTMLInputElement::copyNonAttributeProperties): (WebCore::HTMLInputElement::value): (WebCore::HTMLInputElement::suggestedValue): (WebCore::HTMLInputElement::setSuggestedValue): (WebCore::HTMLInputElement::setValue): (WebCore::HTMLInputElement::setValueFromRenderer): (WebCore::HTMLInputElement::setFileListFromRenderer): (WebCore::HTMLInputElement::setDefaultName): (WebCore::HTMLInputElement::maxLength): (WebCore::HTMLInputElement::cacheSelection): (WebCore::formatCodes): Moved from InputElement. (WebCore::cursorPositionToMaskIndex): ditto. (WebCore::HTMLInputElement::isConformToInputMask): ditto. (WebCore::HTMLInputElement::validateInputMask): ditto. (WebCore::HTMLInputElement::setWapInputFormat): ditto. (WebCore::HTMLInputElement::notifyFormStateChanged): ditto. (WebCore::HTMLInputElement::parseMaxLengthAttribute): ditto. (WebCore::HTMLInputElement::updateValueIfNeeded):ditto. * html/HTMLInputElement.h: - Add data members which were defined in InputElementData. - Make some functions public because the public interface InputElement is removed. - Make some functions non-virtual because they don't override corresponding virtual functions of InputElement anymore. (WebCore::HTMLInputElement::toInputElement): Follow the return type change of Node::toInputElement(). (WebCore::HTMLInputElement::isIndeterminate): (WebCore::HTMLInputElement::isAutofilled): (WebCore::HTMLInputElement::supportsMaxLength): (WebCore::HTMLInputElement::cachedSelectionStart): (WebCore::HTMLInputElement::cachedSelectionEnd): * html/HTMLTextAreaElement.cpp: Remove unused InputElement.h. * html/InputType.cpp: (WebCore::InputType::handleBeforeTextInsertedEvent): Remove the code. * html/InputType.h: Update for the above. * html/TextFieldInputType.cpp: (WebCore::replaceEOLAndLimitLength): Moved from InputElement.cpp. (WebCore::TextFieldInputType::sanitizeValue): Implement with replaceEOLAndLimitLength(). (WebCore::TextFieldInputType::handleBeforeTextInsertedEvent): Move the code from InputElement::handleBeforeTextInsertedEvent(). * html/TextFieldInputType.h: Update declarations. * rendering/RenderTextControlSingleLine.cpp: - Remove ASSERT(node()->isHTMLElement()) because it is checked in the constructor. - Follow the return type change of inputElement(). (WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine): Make sure node() is an HTMLInputElement instance. (WebCore::RenderTextControlSingleLine::addSearchResult): (WebCore::RenderTextControlSingleLine::stopSearchEventTimer): (WebCore::RenderTextControlSingleLine::showPopup): (WebCore::RenderTextControlSingleLine::hidePopup): (WebCore::RenderTextControlSingleLine::subtreeHasChanged): (WebCore::RenderTextControlSingleLine::updateFromElement): (WebCore::RenderTextControlSingleLine::createInnerBlockStyle): (WebCore::RenderTextControlSingleLine::createResultsButtonStyle): (WebCore::RenderTextControlSingleLine::createCancelButtonStyle): (WebCore::RenderTextControlSingleLine::createInnerSpinButtonStyle): (WebCore::RenderTextControlSingleLine::createOuterSpinButtonStyle): (WebCore::RenderTextControlSingleLine::createSpeechButtonStyle): (WebCore::RenderTextControlSingleLine::visibilityForCancelButton): (WebCore::RenderTextControlSingleLine::startSearchEventTimer): (WebCore::RenderTextControlSingleLine::searchEventTimerFired): (WebCore::RenderTextControlSingleLine::valueChanged): (WebCore::RenderTextControlSingleLine::setTextFromItem): (WebCore::RenderTextControlSingleLine::inputElement): * rendering/RenderTextControlSingleLine.h: Change the return type of inputElement(): InputElement* -> HTMLInputElement*. * rendering/RenderTheme.cpp: (WebCore::RenderTheme::isChecked): Follow the return type change of Node::toInputElement(). (WebCore::RenderTheme::isIndeterminate): ditto. (WebCore::RenderTheme::shouldHaveSpinButton): Change the parameter type: InputElement* -> HTMLInputElement*. * rendering/RenderTheme.h: ditto. 2011-05-06 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Implement "Report-Only" mode for CSP https://bugs.webkit.org/show_bug.cgi?id=60402 This mode lets web sites try out CSP by getting violation reports (and console spam) without actually changing the behavior of their web sites. Test: http/tests/security/contentSecurityPolicy/report-only.html * dom/Document.cpp: (WebCore::Document::processHttpEquiv): * loader/FrameLoader.cpp: (WebCore::FrameLoader::didBeginDocument): * page/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): (WebCore::ContentSecurityPolicy::didReceiveHeader): (WebCore::ContentSecurityPolicy::reportViolation): (WebCore::ContentSecurityPolicy::checkInlineAndReportViolation): (WebCore::ContentSecurityPolicy::checkEvalAndReportViolation): (WebCore::ContentSecurityPolicy::checkSourceAndReportViolation): (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): * page/ContentSecurityPolicy.h: 2011-05-06 Beth Dakin <bdakin@apple.com> Reviewed by Darin Adler. https://bugs.webkit.org/show_bug.cgi?id=60421 Custom scrollbars nested inside an overlay scrollbar overflow region end up painting twice -and corresponding- <rdar://problem/9389072> Be sure not to paint custom css scrollbars during the special overlay-scrollbar painting pass. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintOverflowControls): 2011-05-06 Cary Clark <caryclark@google.com> Reviewed by Eric Seidel. Add utility for converting SkCanvas to CGContext https://bugs.webkit.org/show_bug.cgi?id=59808 Skia on Mac uses Skia to render WebKit, and CG to render UI elements. The CG elements need a transcribed graphics context that preserves the canvas matrix, and the canvas clip. The BitLockerSkia utility class sets up a CGContext from the SkCanvas, locks the bitmap's bits, and releases the lock when the class goes out of scope. Each time the CGContext is retrieved, it is rebuilt. This permits the caller to modify the same canvas between calls. This change adds utilities but does not modify any existing code. For now, there are no callers to these utilities, so there is no functional change. No new tests. * platform/graphics/skia/BitLockerSkia.cpp: Added. (WebCore::SkMatrixToCGAffineTransform): Conversion utility. (WebCore::BitLockerSkia::BitLockerSkia): Takes SkCanvas. (WebCore::BitLockerSkia::~BitLockerSkia): Unlocks, cleans up. (WebCore::BitLockerSkia::release): Internal private helper. (WebCore::BitLockerSkia::cgContext): Returns CGContextRef. * platform/graphics/skia/BitLockerSkia.h: Added. 2011-05-06 Martin Robinson <mrobinson@igalia.com> Reviewed by Xan Lopez. [GTK] [WebKit2] WebView::windowToScreen needs an implementation https://bugs.webkit.org/show_bug.cgi?id=55960 Abstract coordinate system translation code from WebKit into WebCore. This will allow the code to be shared between WebKit and WebKit2. The code now lives in a new GtkUtilities.cpp helper file. * GNUmakefile.list.am: Added GtkUtilities to the source list. * platform/gtk/GtkUtilities.cpp: Added. (WebCore::convertWidgetRectToScreenRect): * platform/gtk/GtkUtilities.h: Added. 2011-05-06 Martin Robinson <mrobinson@igalia.com> Reviewed by Xan Lopez. Remove some unnecessary static methods in ResourceHandleSoup. No new tests. This is only a small cleanup. * platform/network/soup/ResourceHandleSoup.cpp: (WebCore::restartedCallback): Call ResourceResponse::updateFromSoupMessage directly. (WebCore::gotHeadersCallback):Ditto. (WebCore::contentSniffedCallback):Ditto. (WebCore::sendRequestCallback):Ditto. (WebCore::ResourceHandle::defaultSession): Create the soup session directly. 2011-05-06 Martin Robinson <mrobinson@igalia.com> Reviewed by Xan Lopez. [Soup] ResourceHandles are leaked on 304 responses https://bugs.webkit.org/show_bug.cgi?id=60413 Always call cleanupSoupRequestOperation, even when the request was not canceled. Before the code would call didFinishLoading and then never clean up the request. No new tests. This simply fixes a memory leak. * platform/network/soup/ResourceHandleSoup.cpp: (WebCore::sendRequestCallback): 2011-05-06 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Add disable-javascript-urls CSP directive https://bugs.webkit.org/show_bug.cgi?id=60301 This CSP directive is not in the CSP spec. This patch is somewhat of an experiment to see whether this feature is useful. Based on our implementation experience, we will coordinate with folks via the W3C to see if this makes sense to add to the spec. Test: http/tests/security/contentSecurityPolicy/javascript-urls-blocked.html * page/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): (WebCore::ContentSecurityPolicy::addDirective): * page/ContentSecurityPolicy.h: 2011-05-06 Brett Wilson <brettw@chromium.org> Reviewed by Adam Barth. Use a File object to store the downloaded file reference rather than just the path. This keeps the file and permissions in scope (using the already-existing blob system) so the browser won't delete the file when the load is complete. Instead, the file will be cleaned up when the request objects are deleted. https://bugs.webkit.org/show_bug.cgi?id=60281 * platform/network/chromium/ResourceResponse.cpp: (WebCore::ResourceResponse::doPlatformCopyData): (WebCore::ResourceResponse::doPlatformAdopt): * platform/network/chromium/ResourceResponse.h: (WebCore::ResourceResponse::downloadedFile): (WebCore::ResourceResponse::setDownloadedFile): 2011-05-06 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Darin Adler. Fix two warnings of unused variables. https://bugs.webkit.org/show_bug.cgi?id=60370 Remove two unused local variable from the code. No new tests, the existing ones should cover. * rendering/RenderFlexibleBox.cpp: (WebCore::RenderFlexibleBox::layoutVerticalBox): * svg/animation/SVGSMILElement.cpp: (WebCore::SVGSMILElement::calculateNextProgressTime): 2011-05-06 Adam Barth <abarth@webkit.org> Reviewed by Eric Seidel. Wire up CSP's eval blocking to V8's new API https://bugs.webkit.org/show_bug.cgi?id=60384 * bindings/v8/ScriptController.cpp: (WebCore::ScriptController::disableEval): 2011-05-06 David Hyatt <hyatt@apple.com> Reviewed by Dan Bernstein. https://bugs.webkit.org/show_bug.cgi?id=60398 (<rdar://problem/9307696>) REGRESSION (r81684?): cox.com sign in button is missing Fix a typo in r81684 where the ascent was used in a comparison instead of boxHeight. This restores the original behavior before the refactoring messed it up. Added fast/inline/nested-top-alignment.html * rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::computeLogicalBoxHeights): 2011-05-06 David Hyatt <hyatt@apple.com> Reviewed by Dan Bernstein. https://bugs.webkit.org/show_bug.cgi?id=60390 (<rdar://problem/9364449>) REGRESSION (r81992): portions of ticketmaster site render blank Make simplified layout skip from a positioned object out to its containing block. There is no need to dirty the intermediate inlines, and in this case it's actively harmful, since the block responsible for the layout of the positioned object doesn't get m_posChildNeedsLayout set. Added fast/block/positioning/hiding-inside-relpositioned-inline.html * rendering/RenderObject.h: (WebCore::RenderObject::markContainingBlocksForLayout): 2011-05-06 Pavel Feldman <pfeldman@chromium.org> Not reviewed: move selection test into the text area branch. * inspector/front-end/TextViewer.js: (WebInspector.TextViewer.prototype._contextMenu): 2011-05-04 Adrienne Walker <enne@google.com> Reviewed by James Robinson. [chromium] Fix incorrect scissor rect for layers that render into a rendersurface https://bugs.webkit.org/show_bug.cgi?id=59020 Allow for empty scissor rects, which implies scissoring to the render surface. The previous code and previous patch on this bug both didn't take into account that the scissor rect should be the render surface and not the projection of the layer itself, because child layers aren't necessarily contained within the bounds of their superlayer. Test: compositing/flat-with-transformed-child.html * platform/graphics/chromium/LayerRendererChromium.cpp: (WebCore::LayerRendererChromium::paintLayerContents): (WebCore::LayerRendererChromium::updatePropertiesAndRenderSurfaces): (WebCore::LayerRendererChromium::drawLayer): (WebCore::LayerRendererChromium::setScissorToRect): 2011-05-06 Simon Fraser <simon.fraser@apple.com> Reviewed by Sam Weinig. Lazily allocate ScrollAnimator in ScrollableArea https://bugs.webkit.org/show_bug.cgi?id=60327 Avoid allocating the ScrollAnimator up-front, because we create lots of ScrollableAreas via RenderLayer, and we should only need the animator when scrolling. * platform/ScrollableArea.cpp: (WebCore::ScrollableArea::ScrollableArea): (WebCore::ScrollableArea::scrollAnimator): (WebCore::ScrollableArea::scroll): (WebCore::ScrollableArea::scrollToOffsetWithoutAnimation): (WebCore::ScrollableArea::scrollToXOffsetWithoutAnimation): (WebCore::ScrollableArea::scrollToYOffsetWithoutAnimation): (WebCore::ScrollableArea::handleWheelEvent): (WebCore::ScrollableArea::handleGestureEvent): * platform/ScrollableArea.h: 2011-05-06 Eric Carlson <eric.carlson@apple.com> Reviewed by Darin Adler. REGRESSION (r77954): HTTP Live Streams have incorrect controller UI https://bugs.webkit.org/show_bug.cgi?id=60304 <rdar://problem/9392609> Don't assume that the only time the media controls UI may need to change is on a network state change, readyState changes can be significant as well. Tested manually because we don't have any live streams to test in DRT. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::setNetworkState): changedNetworkState -> updateStatusDisplay. (WebCore::HTMLMediaElement::setReadyState): Call updateStatusDisplay. * html/shadow/MediaControlRootElement.cpp: (WebCore::MediaControlRootElement::reset): changedNetworkState -> updateStatusDisplay. (WebCore::MediaControlRootElement::updateStatusDisplay): Ditto. * html/shadow/MediaControlRootElement.h: * html/shadow/MediaControlRootElementChromium.cpp: (WebCore::MediaControlRootElementChromium::reset): Ditto. (WebCore::MediaControlRootElementChromium::updateStatusDisplay): Ditto. * html/shadow/MediaControlRootElementChromium.h: * html/shadow/MediaControls.h: 2011-05-06 Andreas Kling <andreas.kling@nokia.com> Unreviewed Qt 4.8 build fix. * WebCore.pro: Don't set HAVE_QRAWFONT yet. Left a FIXME so we can enable it after the 4.8 bots are updated with the full QRawFont APIs. 2011-05-06 Alexander Pavlov <apavlov@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: editing CSS in the Resources panel and not committing does not revert the change. https://bugs.webkit.org/show_bug.cgi?id=60319 * inspector/front-end/ResourceView.js: (WebInspector.ResourceSourceFrame.prototype.cancelEditing): 2011-05-06 Joe Mason <jmason@rim.com> Reviewed by Adam Barth. WebSocket urls should always be encoded as UTF-8. https://bugs.webkit.org/show_bug.cgi?id=57138 Change WebSocket::connect to take the raw URL string and parse it internally using the simple KURL constructor, which expects an absolute UTF-8 encoded URL. This ensures that all code that creates a WebSocket goes through this method instead of completeURL. Test: http/tests/websocket/tests/url-with-nonascii-query.html * bindings/js/JSWebSocketCustom.cpp: (WebCore::JSWebSocketConstructor::constructJSWebSocket): Pass String instead of KURL to WebSocket::connect(). * websockets/WebSocket.cpp: (WebCore::WebSocket::connect): Now takes a String instead of a KURL and parses it using UTF-8. * websockets/WebSocket.h: 2011-05-06 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Make CSSStyleSelector::applyProperty() CSSPropertyWebkitColorCorrection case use appropriate macro. https://bugs.webkit.org/show_bug.cgi?id=60339 No tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Use correct macro for CSSPropertySpeak. * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::initialColorSpace): Add initialColorSpace() static method. 2011-05-06 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Make RenderStyle::setPageBreakInside() reject unsupported enum values. https://bugs.webkit.org/show_bug.cgi?id=60235 No tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Remove special-case code and use appropriate macro. * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::setPageBreakInside): Assert that only supported values are used. 2011-05-06 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Move burden of checking for BJustify box alignment into RenderStyle https://bugs.webkit.org/show_bug.cgi?id=60246 No new tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Remove special-case logic checking for BJUSTIFY and use existing macro. * rendering/style/RenderStyle.h: (WebCore::InheritedFlags::setBoxAlign): Assert valid values are used. 2011-05-06 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Make CSSStyleSelector::applyProperty() CSSPropertyPointerEvents use the correct macro. https://bugs.webkit.org/show_bug.cgi?id=60338 No tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Use correct macro for CSSPropertySpeak. 2011-05-06 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Alexey Proskuryakov. Build fix with gcc 4.6 and c++0x support. https://bugs.webkit.org/show_bug.cgi?id=60284 When enabling support of c++0x the compilation fails because of an ambiguous overload error. In this code when constructing the pair we use the new c++0x rvalue reference feature (&&). It means we are calling String(const WTF::AtomicString&) which becomes ambiguous because it has an overload WTF::String::String(const WTF::String&) and usually one with the native port string type (e.g. QString). In this code we want the String version because the pair store Strings. No new tests, build fix. * loader/FormSubmission.cpp: (WebCore::FormSubmission::create): 2011-05-06 Cris Neckar <cdn@chromium.org> Reviewed by Dirk Schulze. Tests for crash when a transform is applied to certain filters. https://bugs.webkit.org/show_bug.cgi?id=59551 Test: svg/filters/filter-after-transform-crash.svg * platform/graphics/filters/FEComposite.cpp: (WebCore::FEComposite::determineAbsolutePaintRect): * platform/graphics/filters/FEConvolveMatrix.h: (WebCore::FEConvolveMatrix::determineAbsolutePaintRect): * platform/graphics/filters/FEDisplacementMap.h: (WebCore::FEDisplacementMap::determineAbsolutePaintRect): * platform/graphics/filters/FEFlood.h: (WebCore::FEFlood::determineAbsolutePaintRect): * platform/graphics/filters/FELighting.h: (WebCore::FELighting::determineAbsolutePaintRect): * platform/graphics/filters/FETile.h: (WebCore::FETile::determineAbsolutePaintRect): * platform/graphics/filters/FETurbulence.h: (WebCore::FETurbulence::determineAbsolutePaintRect): * platform/graphics/filters/FilterEffect.cpp: (WebCore::isFilterSizeValid): (WebCore::FilterEffect::determineAbsolutePaintRect): (WebCore::FilterEffect::asUnmultipliedImage): (WebCore::FilterEffect::asPremultipliedImage): (WebCore::FilterEffect::copyUnmultipliedImage): (WebCore::FilterEffect::copyPremultipliedImage): (WebCore::FilterEffect::createUnmultipliedImageResult): (WebCore::FilterEffect::createPremultipliedImageResult): * platform/graphics/filters/FilterEffect.h: (WebCore::FilterEffect::maxEffectRect): (WebCore::FilterEffect::setMaxEffectRect): * rendering/svg/RenderSVGResourceFilter.cpp: * rendering/svg/RenderSVGResourceFilterPrimitive.cpp: (WebCore::RenderSVGResourceFilterPrimitive::determineFilterPrimitiveSubregion): 2011-05-06 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Use cast to convert primitive value to FontSmoothingMode. https://bugs.webkit.org/show_bug.cgi?id=60242 No tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Use cast to convert primitive value to FontSmoothingMode. 2011-05-05 Luke Macpherson <macpherson@chromium.org> Reviewed by Eric Seidel. Make CSSPropertySpeak use the correct macro. https://bugs.webkit.org/show_bug.cgi?id=60335 No tests added as no functionality changed. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Use correct macro for CSSPropertySpeak. 2011-05-05 Eric Carlson <eric.carlson@apple.com> Reviewed by Maciej Stachowiak. <rdar://problem/9390864> https://bugs.webkit.org/show_bug.cgi?id=60343 Crash on Recovery System when trying to load page that includes media element Automated test not possible, tested manually. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::isAvailable): Only return true if AVFoundation and CoreMedia are installed. * platform/mac/SoftLinking.h: Define SOFT_LINK_FRAMEWORK_OPTIONAL, identical to SOFT_LINK_FRAMEWORK except that it doesn't ASSERT if the framework doesn't exist. 2011-05-05 Eric Carlson <eric.carlson@apple.com> Reviewed by Darin Adler. Live streams sometimes won't play with AVFoundation backend https://bugs.webkit.org/show_bug.cgi?id=58961 rdar://problem/9284748 Tested manually because we don't have any live streams to test in DRT. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Don't special case seeking, assume AVFoundation will notify us when internal states change. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: Make m_timeObserver a RetainPtr * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): Ditto. (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad): Ditto. 2011-05-05 Jay Civelli <jcivelli@chromium.org> Reviewed by Adam Barth. Adding quoted-printable encoding/decoding capabilities. This is needed for MHTML support. https://bugs.webkit.org/show_bug.cgi?id=59834 * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * platform/text/QuotedPrintable.cpp: Added. * platform/text/QuotedPrintable.h: Added. 2011-05-05 Andy Estes <aestes@apple.com> Reviewed by Eric Seidel. Implement document.innerHTML https://bugs.webkit.org/show_bug.cgi?id=60316 ASSERT that contextElement is non-0 when constructing a HTMLTreeBuilder for fragment parsing. This assertion will become invalid when document.innerHTML is implemented, which is the only case where HTML5 specifies that a fragment will not have a context element. * html/parser/HTMLTreeBuilder.cpp: (WebCore::HTMLTreeBuilder::HTMLTreeBuilder): 2011-05-05 Kevin Ollivier <kevino@theolliviers.com> [wx] Unreviewed build fix. Include ApplicationServices for wx port. * platform/graphics/GlyphBuffer.h: * platform/graphics/mac/ComplexTextControllerCoreText.cpp: 2011-05-05 Dan Bernstein <mitz@apple.com> Reviewed by Simon Fraser. WebCore part of <rdar://problem/9155590> Broken animation in iAd producer * WebCore.exp.in: Export wkExecutableWasLinkedOnOrBeforeSnowLeopard. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes): Account for the binary-compatiblity check in Core Animation. * platform/mac/WebCoreSystemInterface.h: Added wkExecutableWasLinkedOnOrBeforeSnowLeopard. * platform/mac/WebCoreSystemInterface.mm: Ditto. 2011-05-05 Sam Weinig <sam@webkit.org> Reviewed by Anders Carlsson. WebKit2 (Mac): Background tabs/windows can force themselves to the front <rdar://problem/9386346> https://bugs.webkit.org/show_bug.cgi?id=60315 * platform/mac/WidgetMac.mm: (WebCore::Widget::setFocus): It is incorrect for us to call Chrome::focus() here, which could bring a window/tab to the front. Calling focusNSView() was only necessary because in WebKit we must inform the platform widget that the focus has changed. WebKit2 Mac now matches other ports. 2011-05-05 Justin Novosad <junov@chromium.org> Reviewed by Kenneth Russell. [Chromium] Change the --accelerated-2d-canvas flag to mean Ganesh, and stop using --enable-accelerated-drawing for that purpose https://bugs.webkit.org/show_bug.cgi?id=60173 * page/Page.cpp: (WebCore::Page::sharedGraphicsContext3D): Flipping the switch to make Skia the default for the accelerated 2d canvas 2011-05-05 Tony Gentilcore <tonyg@chromium.org> Reviewed by Adam Barth. ASSERT(m_state == ParsingState) fires @ www.canalplus.fr https://bugs.webkit.org/show_bug.cgi?id=60101 Test: fast/parser/close-while-stopping.html * dom/Document.cpp: (WebCore::Document::close): According to http://www.whatwg.org/specs/web-apps/current-work/#dom-document-close, the close() steps should be aborted if there is no script-created parser associated with the document. Our parser lives throughout http://www.whatwg.org/specs/web-apps/current-work/#the-end, but it seems the spec doesn't consider the parser active any more. So to properly respect this, we need to check that the parser is still parsing. 2011-04-28 Evan Martin <evan@chromium.org> Reviewed by Ojan Vafai. REGRESSION: backspace should not go back on Linux https://bugs.webkit.org/show_bug.cgi?id=59731 Add a new EditingBehavior, shouldNavigateBackOnBackspace, which is false on Linux, and test for it in the default backspace handler. * editing/EditingBehavior.h: (WebCore::EditingBehavior::shouldNavigateBackOnBackspace): * page/EventHandler.cpp: (WebCore::EventHandler::defaultBackspaceEventHandler): 2011-05-05 Igor Oliveira <igor.oliveira@openbossa.org> Reviewed by Kenneth Russell. Framebuffer object is being created twice https://bugs.webkit.org/show_bug.cgi?id=60207 Does not create more than one opengl framebuffer * platform/graphics/gpu/mac/DrawingBufferMac.mm: (WebCore::DrawingBuffer::DrawingBuffer): * platform/graphics/gpu/qt/DrawingBufferQt.cpp: (WebCore::DrawingBuffer::DrawingBuffer): * platform/graphics/gtk/DrawingBufferGtk.cpp: (WebCore::DrawingBuffer::DrawingBuffer): 2011-05-05 Simon Fraser <simon.fraser@apple.com> Reviewed by Beth Dakin. Every RenderLayer registers itself as a ScrollableArea https://bugs.webkit.org/show_bug.cgi?id=59650 Rather than registering every RenderLayer as a ScrollableArea on layer creation, only register RenderLayers which are overflow- scrollable. Use the m_scrollableAreaPage pointer to keep track of whether we've registered to avoid excess work. * rendering/RenderLayer.cpp: (WebCore::RenderLayer::RenderLayer): (WebCore::RenderLayer::scrollsOverflow): (WebCore::RenderLayer::styleChanged): * rendering/RenderLayer.h: 2011-05-05 Jer Noble <jer.noble@apple.com> Reviewed by Steve Falkenburg. Workaround iTunes' incorrect registry entry for .m4a extensions. https://bugs.webkit.org/show_bug.cgi?id=60229 No new tests, as a test already exits for .m4a support (LayoutTests/media/audio-mpeg4-supported.html). The test failed to catch this regression because the build bots haven't installed iTunes. Add a hard-coded MIME type mapping for 'm4a' -> 'audio/x-m4a'. * platform/win/MIMETypeRegistryWin.cpp: (WebCore::MIMETypeRegistry::getMIMETypeForExtension): 2011-05-05 Abhishek Arya <inferno@chromium.org> Reviewed by Dave Hyatt. When style changes for a RenderBlock and we lose our ability to intrude into floats in the next siblings block (e.g a position change), make sure to mark our childs with floats for layout and iterate through our next sibling block chain to see which ones contain the float that also exists in our floating objects list and clear those using markAllDescendantsWithFloatsForLayout. https://bugs.webkit.org/show_bug.cgi?id=56299 Tests: fast/block/float/float-not-removed-from-next-sibling-crash.html fast/block/float/float-not-removed-from-next-sibling.html fast/block/float/float-not-removed-from-next-sibling2.html fast/block/float/float-not-removed-from-next-sibling3.html fast/block/float/float-not-removed-from-next-sibling4.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::styleWillChange): (WebCore::RenderBlock::styleDidChange): (WebCore::RenderBlock::markSiblingsWithFloatsForLayout): * rendering/RenderBlock.h: 2011-05-05 Brian Weinstein <bweinstein@apple.com> Reviewed by Timothy Hatcher. WebKit2: Docking Web Inspector doesn't respect maximum inspector size https://bugs.webkit.org/show_bug.cgi?id=60294 <rdar://problem/9388518> Make a needed function public and export it. * WebCore.exp.in: Export constrainedAttaechedWindowHeight. * inspector/InspectorFrontendClientLocal.h: Make constrainedAttaechedWindowHeight public. 2011-05-05 Tony Gentilcore <tonyg@chromium.org> Reviewed by Nate Chapin. [Navigation Timing] navigationStart should always be available https://bugs.webkit.org/show_bug.cgi?id=59448 * page/PerformanceTiming.cpp: (WebCore::PerformanceTiming::navigationStart): 2011-05-05 Eric Carlson <eric.carlson@apple.com> Reviewed by Adam Roben. Block callbacks delivered during destruction https://bugs.webkit.org/show_bug.cgi?id=60291 <rdar://problem/9382942> No new tests, tested by existing tests. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::~MediaPlayerPrivateAVFoundation): Call setIgnoreLoadStateChanges(true) to cancel all callbacks. (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Return immediately if m_ignoreLoadStateChanges is true. (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): loadStateChanged -> updateStates. Don't call updateStates after calling loadedTimeRangesChanged, it already does it. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: 2011-05-05 David Hyatt <hyatt@apple.com> Reviewed by Darin Adler. <rdar://problem/9354979> REGRESSION (r83070-r83126): Conversation takes 10 seconds to load and makes mail unresponsive Culled inlines were triggering some pathological line box tree groveling that isn't even necessary. Removed the ancient code (that used to be in RenderFlow), since it made no sense in the RenderBlock case (it was running for inline blocks, which was definitely not even the intent) or in the RenderInline case (the object being removed has no effect on any lines). Also tweaked culledInlineFirstLineBox and culledInlineLastLineBox to avoid bailing if the first replaced object that is encountered has a null inlineBoxWrapper(). Just a slight speed optimization to avoid an extra null check. * rendering/RenderBlock.cpp: (WebCore::RenderBlock::destroy): * rendering/RenderInline.cpp: (WebCore::RenderInline::destroy): (WebCore::RenderInline::culledInlineFirstLineBox): (WebCore::RenderInline::culledInlineLastLineBox): 2011-05-05 Bharathwaaj Srinivasan <bharathwaaj.s@gmail.com> Reviewed by Holger Freyther. Fix build-webkit --minimal. https://bugs.webkit.org/show_bug.cgi?id=60257 No new tests. This is just a build fix. * bindings/js/JSDOMBinding.cpp: 2011-05-05 Eric Carlson <eric.carlson@apple.com> Reviewed by Adam Roben. The preload attribute of the video tag is not completely implemented https://bugs.webkit.org/show_bug.cgi?id=43673 <rdar://problem/9369746> This change implements "preload=metadata" for the AVFoundation backend. Tested manually with manual-tests/media-elements/video-preload.html. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_havePreparedToPlay. (WebCore::HTMLMediaElement::prepareForLoad): Ditto. (WebCore::HTMLMediaElement::prepareToPlay): New, tell player to prepare to play. (WebCore::HTMLMediaElement::seek): Call prepareToPlay when preload is less than 'auto' because we need to have media data loaded to seek. (WebCore::HTMLMediaElement::updatePlayState): Call prepareToPlay. * html/HTMLMediaElement.h: * manual-tests/media-elements/video-preload.html: Make changing urls work. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation): Remove m_videoFrameHasDrawn and m_delayingLoad as they are no longer used. (WebCore::MediaPlayerPrivateAVFoundation::resumeLoad): Removed. (WebCore::MediaPlayerPrivateAVFoundation::load): Don't initialize m_videoFrameHasDrawn. Move all preload logic to setPreload, call it from here. (WebCore::MediaPlayerPrivateAVFoundation::prepareToPlay): Move all preload logic to setPreload, call it. (WebCore::MediaPlayerPrivateAVFoundation::duration): Don't cache duration = 0, it is unlikely to be correct and isn't worth caching. Use invalidTime() function. (WebCore::MediaPlayerPrivateAVFoundation::seeking): Use invalidTime() function. (WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize): Add logging. (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Update for name change AVAssetStatus to AssetStatus. Always create a AVPlayerItem for live streams because they can't be inspected without one. Set networkState to 'idle' when the playback buffer is full because that is a signal that AVFoundation won't do any more IO. Set readyState to 'HAVE_CURRENT_DATA' when the first frame is available. (WebCore::MediaPlayerPrivateAVFoundation::metadataLoaded): Call tracksChanged so we cache width, height, hasVideo, etc. (WebCore::MediaPlayerPrivateAVFoundation::loadedTimeRangesChanged): Use invalidTime() function. (WebCore::MediaPlayerPrivateAVFoundation::timeChanged): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::seekCompleted): Ditto. (WebCore::MediaPlayerPrivateAVFoundation::repaint): Don't set m_videoFrameHasDrawn, it is done in derived classes. (WebCore::MediaPlayerPrivateAVFoundation::setPreload): Centralize all logic about when to create AVAsset and AVPlayerItem here. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): Initialize m_videoFrameHasDrawn. (WebCore::MediaPlayerPrivateAVFoundationObjC::hasAvailableVideoFrame): New, renamed from videoLayerIsReadyToDisplay. Return true if we have a layer with frames available or if we have painted a frame to the context. (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): New, create the AVAsset if necessary. (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForCacheResource): Ditto. (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Restructure logic. (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): New, create AVPlayerItem. (WebCore::MediaPlayerPrivateAVFoundationObjC::beginLoadingMetadata): Correct logging. (WebCore::MediaPlayerPrivateAVFoundationObjC::playerItemStatus): Return "buffer full" when the buffer is full. (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration): Get the duration from the AVAsset when we haven't allocated the AVPlayerItem yet so that we can return duration when we only have metadata. (WebCore::MediaPlayerPrivateAVFoundationObjC::assetStatus): Update for name change. (WebCore::MediaPlayerPrivateAVFoundationObjC::paint): Set m_videoFrameHasDrawn. (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged): Get attributes from AVAsset when when we haven't allocated the AVPlayerItem yet so that we can report attributes when we only have metadata. (WebCore::MediaPlayerPrivateAVFoundationObjC::sizeChanged): Guard against being called before we have allocated the AVPlayerItem. 2011-05-05 Ryosuke Niwa <rniwa@webkit.org> Reviewed by Eric Seidel. Rename SelectionController to FrameSelection https://bugs.webkit.org/show_bug.cgi?id=60234 * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.exp.in: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * accessibility/AccessibilityObject.cpp: * accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::visiblePositionRangeForLine): * accessibility/mac/AccessibilityObjectWrapper.mm: * bindings/objc/ExceptionHandlers.h: * css/CSSStyleSelector.cpp: * dom/ContainerNode.cpp: (WebCore::ContainerNode::cloneChildNodes): * dom/Document.cpp: * dom/InputElement.cpp: * editing/DeleteButtonController.cpp: * editing/EditCommand.cpp: * editing/EditingAllInOne.cpp: * editing/EditingStyle.cpp: * editing/Editor.cpp: (WebCore::Editor::canCopy): (WebCore::Editor::canDelete): (WebCore::Editor::markMisspellingsAfterTypingToWord): (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges): (WebCore::Editor::changeSelectionAfterCommand): (WebCore::Editor::respondToChangedSelection): * editing/Editor.h: * editing/EditorCommand.cpp: (WebCore::executeDeleteToMark): (WebCore::executeMoveBackward): (WebCore::executeMoveBackwardAndModifySelection): (WebCore::executeMoveDown): (WebCore::executeMoveDownAndModifySelection): (WebCore::executeMoveForward): (WebCore::executeMoveForwardAndModifySelection): (WebCore::executeMoveLeft): (WebCore::executeMoveLeftAndModifySelection): (WebCore::executeMovePageDown): (WebCore::executeMovePageDownAndModifySelection): (WebCore::executeMovePageUp): (WebCore::executeMovePageUpAndModifySelection): (WebCore::executeMoveRight): (WebCore::executeMoveRightAndModifySelection): (WebCore::executeMoveToBeginningOfDocument): (WebCore::executeMoveToBeginningOfDocumentAndModifySelection): (WebCore::executeMoveToBeginningOfLine): (WebCore::executeMoveToBeginningOfLineAndModifySelection): (WebCore::executeMoveToBeginningOfParagraph): (WebCore::executeMoveToBeginningOfParagraphAndModifySelection): (WebCore::executeMoveToBeginningOfSentence): (WebCore::executeMoveToBeginningOfSentenceAndModifySelection): (WebCore::executeMoveToEndOfDocument): (WebCore::executeMoveToEndOfDocumentAndModifySelection): (WebCore::executeMoveToEndOfSentence): (WebCore::executeMoveToEndOfSentenceAndModifySelection): (WebCore::executeMoveToEndOfLine): (WebCore::executeMoveToEndOfLineAndModifySelection): (WebCore::executeMoveToEndOfParagraph): (WebCore::executeMoveToEndOfParagraphAndModifySelection): (WebCore::executeMoveParagraphBackwardAndModifySelection): (WebCore::executeMoveParagraphForwardAndModifySelection): (WebCore::executeMoveUp): (WebCore::executeMoveUpAndModifySelection): (WebCore::executeMoveWordBackward): (WebCore::executeMoveWordBackwardAndModifySelection): (WebCore::executeMoveWordForward): (WebCore::executeMoveWordForwardAndModifySelection): (WebCore::executeMoveWordLeft): (WebCore::executeMoveWordLeftAndModifySelection): (WebCore::executeMoveWordRight): (WebCore::executeMoveWordRightAndModifySelection): (WebCore::executeMoveToLeftEndOfLine): (WebCore::executeMoveToLeftEndOfLineAndModifySelection): (WebCore::executeMoveToRightEndOfLine): (WebCore::executeMoveToRightEndOfLineAndModifySelection): * editing/FrameSelection.cpp: Copied from Source/WebCore/editing/SelectionController.cpp. (WebCore::FrameSelection::FrameSelection): (WebCore::FrameSelection::moveTo): (WebCore::FrameSelection::setSelection): (WebCore::FrameSelection::nodeWillBeRemoved): (WebCore::FrameSelection::respondToNodeModification): (WebCore::FrameSelection::textWillBeReplaced): (WebCore::FrameSelection::setIsDirectional): (WebCore::FrameSelection::directionOfEnclosingBlock): (WebCore::FrameSelection::willBeModified): (WebCore::FrameSelection::positionForPlatform): (WebCore::FrameSelection::startForPlatform): (WebCore::FrameSelection::endForPlatform): (WebCore::FrameSelection::modifyExtendingRight): (WebCore::FrameSelection::modifyExtendingForward): (WebCore::FrameSelection::modifyMovingRight): (WebCore::FrameSelection::modifyMovingForward): (WebCore::FrameSelection::modifyExtendingLeft): (WebCore::FrameSelection::modifyExtendingBackward): (WebCore::FrameSelection::modifyMovingLeft): (WebCore::FrameSelection::modifyMovingBackward): (WebCore::FrameSelection::modify): (WebCore::FrameSelection::xPosForVerticalArrowNavigation): (WebCore::FrameSelection::clear): (WebCore::FrameSelection::setStart): (WebCore::FrameSelection::setEnd): (WebCore::FrameSelection::setBase): (WebCore::FrameSelection::setExtent): (WebCore::FrameSelection::setCaretRectNeedsUpdate): (WebCore::FrameSelection::updateCaretRect): (WebCore::FrameSelection::caretRenderer): (WebCore::FrameSelection::localCaretRect): (WebCore::FrameSelection::absoluteBoundsForLocalRect): (WebCore::FrameSelection::absoluteCaretBounds): (WebCore::FrameSelection::caretRepaintRect): (WebCore::FrameSelection::recomputeCaretRect): (WebCore::FrameSelection::shouldRepaintCaret): (WebCore::FrameSelection::invalidateCaretRect): (WebCore::FrameSelection::paintCaret): (WebCore::FrameSelection::debugRenderer): (WebCore::FrameSelection::contains): (WebCore::FrameSelection::selectFrameElementInParentIfFullySelected): (WebCore::FrameSelection::selectAll): (WebCore::FrameSelection::setSelectedRange): (WebCore::FrameSelection::isInPasswordField): (WebCore::FrameSelection::caretRendersInsideNode): (WebCore::FrameSelection::focusedOrActiveStateChanged): (WebCore::FrameSelection::pageActivationChanged): (WebCore::FrameSelection::updateSecureKeyboardEntryIfActive): (WebCore::FrameSelection::setUseSecureKeyboardEntry): (WebCore::FrameSelection::setFocused): (WebCore::FrameSelection::isFocusedAndActive): (WebCore::FrameSelection::updateAppearance): (WebCore::FrameSelection::setCaretVisible): (WebCore::FrameSelection::clearCaretRectIfNeeded): (WebCore::FrameSelection::caretBlinkTimerFired): (WebCore::FrameSelection::notifyRendererOfSelectionChange): (WebCore::FrameSelection::setFocusedNodeIfNeeded): (WebCore::FrameSelection::paintDragCaret): (WebCore::FrameSelection::copyTypingStyle): (WebCore::FrameSelection::shouldDeleteSelection): (WebCore::FrameSelection::bounds): (WebCore::FrameSelection::getClippedVisibleTextRectangles): (WebCore::FrameSelection::currentForm): (WebCore::FrameSelection::revealSelection): (WebCore::FrameSelection::setSelectionFromNone): (WebCore::FrameSelection::shouldChangeSelection): (WebCore::FrameSelection::formatForDebugger): (WebCore::FrameSelection::showTreeForThis): (showTree): * editing/FrameSelection.h: Copied from Source/WebCore/editing/SelectionController.h. (WebCore::FrameSelection::typingStyle): (WebCore::FrameSelection::clearTypingStyle): (WebCore::FrameSelection::setTypingStyle): (WebCore::FrameSelection::notifyAccessibilityForSelectionChange): * editing/ModifySelectionListLevel.cpp: * editing/RemoveFormatCommand.cpp: * editing/ReplaceSelectionCommand.cpp: * editing/SelectionController.cpp: Removed. * editing/SelectionController.h: Removed. * editing/SetSelectionCommand.cpp: (WebCore::SetSelectionCommand::SetSelectionCommand): (WebCore::SetSelectionCommand::doApply): (WebCore::SetSelectionCommand::doUnapply): * editing/SetSelectionCommand.h: (WebCore::SetSelectionCommand::create): * editing/SpellingCorrectionCommand.cpp: (WebCore::SpellingCorrectionCommand::doApply): * editing/SpellingCorrectionController.cpp: (WebCore::SpellingCorrectionController::respondToUnappliedSpellCorrection): * editing/TypingCommand.cpp: (WebCore::TypingCommand::deleteKeyPressed): (WebCore::TypingCommand::forwardDeleteKeyPressed): * editing/chromium/FrameSelectionChromium.cpp: Copied from Source/WebCore/editing/chromium/SelectionControllerChromium.cpp. (WebCore::FrameSelection::notifyAccessibilityForSelectionChange): * editing/chromium/SelectionControllerChromium.cpp: Removed. * editing/gtk/FrameSelectionGtk.cpp: Copied from Source/WebCore/editing/gtk/SelectionControllerGtk.cpp. (WebCore::FrameSelection::notifyAccessibilityForSelectionChange): * editing/gtk/SelectionControllerGtk.cpp: Removed. * editing/mac/EditorMac.mm: (WebCore::Editor::canCopyExcludingStandaloneImages): * editing/mac/FrameSelectionMac.mm: Copied from Source/WebCore/editing/mac/SelectionControllerMac.mm. (WebCore::FrameSelection::notifyAccessibilityForSelectionChange): * editing/mac/SelectionControllerMac.mm: Removed. * editing/qt/EditorQt.cpp: * loader/archive/cf/LegacyWebArchive.cpp: * page/ContextMenuController.cpp: (WebCore::ContextMenuController::populate): * page/DOMSelection.cpp: (WebCore::DOMSelection::type): (WebCore::DOMSelection::modify): (WebCore::DOMSelection::addRange): (WebCore::DOMSelection::deleteFromDocument): (WebCore::DOMSelection::containsNode): * page/DragController.cpp: (WebCore::DragController::dragIsMove): * page/DragController.h: * page/EventHandler.cpp: (WebCore::setSelectionIfNeeded): (WebCore::setNonDirectionalSelectionIfNeeded): (WebCore::EventHandler::sendContextMenuEventForKey): (WebCore::EventHandler::handleKeyboardSelectionMovement): * page/EventHandler.h: * page/FocusController.cpp: (WebCore::clearSelectionIfNeeded): * page/Frame.cpp: (WebCore::Frame::Frame): * page/Frame.h: (WebCore::Frame::selection): * page/Page.cpp: (WebCore::Page::Page): * page/Page.h: (WebCore::Page::dragCaretController): * page/chromium/DragControllerChromium.cpp: * page/chromium/EventHandlerChromium.cpp: * page/win/DragControllerWin.cpp: * page/win/EventHandlerWin.cpp: * rendering/HitTestResult.cpp: * rendering/RenderBlock.cpp: (WebCore::RenderBlock::destroy): (WebCore::RenderBlock::paintCaret): * rendering/RenderImage.cpp: * rendering/RenderInline.cpp: (WebCore::RenderInline::destroy): * rendering/RenderLayer.cpp: * rendering/RenderListBox.cpp: * rendering/RenderObjectChildList.cpp: (WebCore::RenderObjectChildList::removeChildNode): * rendering/RenderTextControl.cpp: * rendering/RenderTextControlSingleLine.cpp: * rendering/RenderTheme.cpp: * rendering/RenderTreeAsText.cpp: * svg/SVGSVGElement.cpp: * svg/SVGTextContentElement.cpp: (WebCore::SVGTextContentElement::selectSubString): 2011-05-05 Brent Fulgham <bfulgham@webkit.org> [WinCairo] unreviewed build correction. * platform/network/curl/ResourceRequest.h: Stub out the new pipelined http logic for cURL. 2011-05-05 Pavel Feldman <pfeldman@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: searching for node does not result in bringToFront call. https://bugs.webkit.org/show_bug.cgi?id=60222 * inspector/front-end/ElementsPanel.js: (WebInspector.ElementsPanel.prototype.updateFocusedNode): 2011-05-05 Andreas Kling <andreas.kling@nokia.com> Reviewed by Simon Hausmann. [Qt] Implement the fast font path for Qt. https://bugs.webkit.org/show_bug.cgi?id=51106 Use the new QRawFont and QGlyphs APIs in Qt 4.8 to implement the fast paths for rendering and measurement of simple text. Since this is still unreleased API, it's guarded by HAVE(QRAWFONT) until the new classes are fully integrated into the Qt 4.8 release branch. * WebCore.pro: Add HAVE_QRAWFONT define (for Qt >= 4.8) and new files to build. * platform/graphics/Font.cpp: (WebCore::Font::drawText): Disable fast font path for stroked text, and when painting text with a shadow. (Qt-only) (WebCore::Font::codePath): Try to use fast font path in more cases. * platform/graphics/qt/FontCacheQt.cpp: (WebCore::rawFontForCharacters): Helper function, returns a suitable QRawFont to use for rendering a given string. Goes through QTextLayout to find the best font based on the original QFont query. (WebCore::FontCache::getFontDataForCharacters): Implemented using helper above. * platform/graphics/qt/FontPlatformData.h: (WebCore::FontPlatformDataPrivate::FontPlatformDataPrivate): (WebCore::FontPlatformData::FontPlatformData): (WebCore::FontPlatformData::rawFont): * platform/graphics/qt/FontPlatformDataQt.cpp: (WebCore::FontPlatformData::FontPlatformData): Add a QRawFont member to FontPlatformData. * platform/graphics/qt/FontQt.cpp: (WebCore::fillPenForContext): (WebCore::strokePenForContext): (WebCore::drawTextCommon): Factored QPen creation out of drawTextCommon to share code between complex and simple font rendering paths. (WebCore::Font::drawGlyphs): Implemented using QPainter::drawGlyphs(). * platform/graphics/qt/GlyphPageTreeNodeQt.cpp: (WebCore::GlyphPage::fill): Implemented using QRawFont::glyphIndexesForString(). * platform/graphics/qt/SimpleFontDataQt.cpp: (WebCore::SimpleFontData::determinePitch): Return false when using QRawFont since we have no way of knowing the pitch. (WebCore::SimpleFontData::containsCharacters): Implemented using QRawFont::supportsCharacter(). (WebCore::SimpleFontData::platformWidthForGlyph): Implemented using QRawFont::advancesForGlyphIndexes(). (WebCore::SimpleFontData::scaledFontData): Added, based on other ports. (WebCore::SimpleFontData::smallCapsFontData): Ditto. (WebCore::SimpleFontData::emphasisMarkFontData): Ditto. (WebCore::SimpleFontData::platformBoundsForGlyph): Stub. (WebCore::SimpleFontData::platformInit): Use QRawFont APIs to retrieve font metrics. (WebCore::SimpleFontData::platformCharWidthInit): Ditto. 2011-05-05 Alexis Menard <alexis.menard@openbossa.org> Reviewed by Andreas Kling. [Qt] RenderThemeQt and DumpRenderTreeSupportQt should use nullptr rather than 0. https://bugs.webkit.org/show_bug.cgi?id=60224 We should use nullptr rather than 0. nullptr will be added in the new C++ standard but WebKit already has a nullptr class if there is no c++0x support. * platform/qt/RenderThemeQt.cpp: (WebCore::RenderThemeQt::adjustProgressBarStyle): (WebCore::RenderThemeQt::adjustSliderTrackStyle): (WebCore::RenderThemeQt::adjustSliderThumbStyle): 2011-05-05 Ilya Tikhonovsky <loislo@chromium.org> Reviewed by Yury Semikhatsky. Web Inspector: rename BrowserDebugger to DOMDebugger. https://bugs.webkit.org/show_bug.cgi?id=60256 InspectorBrowserDebuggerAgent => InspectorDOMDebuggerAgent browserDebugger => domDebugger * CMakeLists.txt: * GNUmakefile.list.am: * WebCore.gypi: * WebCore.pro: * WebCore.vcproj/WebCore.vcproj: * WebCore.xcodeproj/project.pbxproj: * inspector/CodeGeneratorInspector.pm: * inspector/InspectorAgent.cpp: (WebCore::InspectorAgent::InspectorAgent): (WebCore::InspectorAgent::inspectedPageDestroyed): (WebCore::InspectorAgent::disconnectFrontend): * inspector/InspectorAgent.h: (WebCore::InspectorAgent::DOMDebuggerAgent): * inspector/InspectorController.cpp: (WebCore::InspectorController::connectFrontend): * inspector/InspectorDOMDebuggerAgent.cpp: Renamed from Source/WebCore/inspector/InspectorBrowserDebuggerAgent.cpp. (WebCore::InspectorDOMDebuggerAgent::create): (WebCore::InspectorDOMDebuggerAgent::InspectorDOMDebuggerAgent): (WebCore::InspectorDOMDebuggerAgent::~InspectorDOMDebuggerAgent): (WebCore::InspectorDOMDebuggerAgent::debuggerWasEnabled): (WebCore::InspectorDOMDebuggerAgent::debuggerWasDisabled): (WebCore::InspectorDOMDebuggerAgent::disable): (WebCore::InspectorDOMDebuggerAgent::clearFrontend): (WebCore::InspectorDOMDebuggerAgent::discardBindings): (WebCore::InspectorDOMDebuggerAgent::setEventListenerBreakpoint): (WebCore::InspectorDOMDebuggerAgent::removeEventListenerBreakpoint): (WebCore::InspectorDOMDebuggerAgent::didInsertDOMNode): (WebCore::InspectorDOMDebuggerAgent::didRemoveDOMNode): (WebCore::InspectorDOMDebuggerAgent::setDOMBreakpoint): (WebCore::InspectorDOMDebuggerAgent::removeDOMBreakpoint): (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode): (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode): (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr): (WebCore::InspectorDOMDebuggerAgent::descriptionForDOMEvent): (WebCore::InspectorDOMDebuggerAgent::hasBreakpoint): (WebCore::InspectorDOMDebuggerAgent::updateSubtreeBreakpoints): (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded): (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint): (WebCore::InspectorDOMDebuggerAgent::removeXHRBreakpoint): (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest): (WebCore::InspectorDOMDebuggerAgent::clear): * inspector/InspectorDOMDebuggerAgent.h: Renamed from Source/WebCore/inspector/InspectorBrowserDebuggerAgent.h. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::willInsertDOMNodeImpl): (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl): (WebCore::InspectorInstrumentation::willRemoveDOMNodeImpl): (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl): (WebCore::InspectorInstrumentation::willModifyDOMAttrImpl): (WebCore::InspectorInstrumentation::willSendXMLHttpRequestImpl): (WebCore::InspectorInstrumentation::pauseOnNativeEventIfNeeded): * inspector/InstrumentingAgents.h: (WebCore::InstrumentingAgents::InstrumentingAgents): (WebCore::InstrumentingAgents::inspectorDOMDebuggerAgent): (WebC