2016-02-12 Babak Shafiei <bshafiei@apple.com> Merge r196401. 2016-02-10 Eric Carlson <eric.carlson@apple.com> Update "manual" caption track logic https://bugs.webkit.org/show_bug.cgi?id=154084 <rdar://problem/24530516> Reviewed by Dean Jackson. No new tests, media/track/track-manual-mode.html was updated. * English.lproj/Localizable.strings: Add new string. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::addTextTrack): track.setManualSelectionMode is no more. (WebCore::HTMLMediaElement::configureTextTrackGroup): Never enable a track automatically when in manual selection mode. (WebCore::HTMLMediaElement::captionPreferencesChanged): track.setManualSelectionMode is no more. * html/track/TextTrack.cpp: (WebCore::TextTrack::containsOnlyForcedSubtitles): Return true for forced tracks. (WebCore::TextTrack::kind): Deleted. * html/track/TextTrack.h: * html/track/TrackBase.h: (WebCore::TrackBase::kind): De-virtualize, nobody overrides it. * page/CaptionUserPreferencesMediaAF.cpp: (WebCore::trackDisplayName): Include "forced" in the name of forced tracks. * platform/LocalizedStrings.cpp: (WebCore::forcedTrackMenuItemText): New. * platform/LocalizedStrings.h: 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r195837. rdar://problem/24001782 2016-01-29 Brent Fulgham <bfulgham@apple.com> [WebGL] Check vertex array bounds before permitting a glDrawArrays to execute https://bugs.webkit.org/show_bug.cgi?id=153643 <rdar://problem/23424456> Reviewed by Dean Jackson. Tested by fast/canvas/webgl/webgl-drawarrays-crash.html. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::validateDrawArrays): Make sure that we have at least one buffer bound to a program if a drawArray call with a non-zero range of requested data is being made. (WebCore::WebGLRenderingContextBase::validateDrawElements): Drive-by formatting fix. 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r196096. rdar://problem/24416768 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r196010. rdar://problem/24417428 2016-02-02 Eric Carlson <eric.carlson@apple.com> Allow ports to disable automatic text track selection https://bugs.webkit.org/show_bug.cgi?id=153761 <rdar://problem/24416768> Reviewed by Darin Adler. Test: media/track/track-manual-mode.html * Modules/mediacontrols/MediaControlsHost.cpp: (WebCore::MediaControlsHost::manualKeyword): New. (WebCore::MediaControlsHost::captionDisplayMode): Support 'manual' mode. * Modules/mediacontrols/MediaControlsHost.h: * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.buildCaptionMenu): Check the 'off' item when in manual mode. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::addTextTrack): Update m_captionDisplayMode when called for the first time so it is always correct. Set the track's manual selection mode as appropriate. (WebCore::HTMLMediaElement::captionPreferencesChanged): Set each track's manual selection mode as appropriate. * html/track/TextTrack.cpp: (WebCore::TextTrack::kind): Return 'subtitles' for forced tracks when in manual mode. * html/track/TextTrack.h: * html/track/TrackBase.h: (WebCore::TrackBase::kind): Make virtual. * page/CaptionUserPreferences.cpp: (WebCore::CaptionUserPreferences::beginBlockingNotifications): New. (WebCore::CaptionUserPreferences::endBlockingNotifications): Ditto. (WebCore::CaptionUserPreferences::notify): Don't notify when blocked. * page/CaptionUserPreferences.h: * page/CaptionUserPreferencesMediaAF.cpp: (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF): Set manual mode when appropriate. (WebCore::CaptionUserPreferencesMediaAF::captionDisplayMode): Check manual mode. (WebCore::CaptionUserPreferencesMediaAF::setCaptionDisplayMode): Ditto. (WebCore::CaptionUserPreferencesMediaAF::setPreferredLanguage): Ditto. (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore): Return zero when in manual mode. (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Consider manual mode. Fix typos in logging. * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::mediaDescriptionForKind): Return 'auxiliary' when in manual mode. * testing/Internals.cpp: (WebCore::Internals::setCaptionDisplayMode): Support manual mode. 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r196095. rdar://problem/24416768 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r195912. rdar://problem/24417428 2016-01-30 Eric Carlson <eric.carlson@apple.com> More than one audio and/or text track sometimes selected in media controls menu https://bugs.webkit.org/show_bug.cgi?id=153664 Use an <img> element for the track menu item checkmark instead of a background image and the ::before selector. Reviewed by Jer Noble. Test: media/controls/track-menu.html * Modules/mediacontrols/mediaControlsApple.css: (audio::-webkit-media-controls-closed-captions-container li:hover): (audio::-webkit-media-controls-closed-captions-container li .checkmark-container): (audio::-webkit-media-controls-closed-captions-container li.selected .checkmark-container): (audio::-webkit-media-controls-closed-captions-container li.selected:hover .checkmark-container): (audio::-webkit-media-controls-closed-captions-container li.selected::before): Deleted. (audio::-webkit-media-controls-closed-captions-container li.selected:hover::before): Deleted. * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.buildCaptionMenu): (Controller.prototype.): (Controller.prototype.getCurrentControlsStatus): 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r196094. rdar://problem/24416768 2016-02-03 Matthew Hanson <matthew_hanson@apple.com> Merge r192570. rdar://problem/24417428 2015-11-18 Aaron Chu <arona.chu@gmail.com> AX: Shadow DOM video player controls menus need aria-owns on the trigger buttons https://bugs.webkit.org/show_bug.cgi?id=127065 Reviewed by Darin Adler. Test: media/accessibility-closed-captions-has-aria-owns.html * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.createControls): (Controller.prototype.buildCaptionMenu): * Modules/mediacontrols/mediaControlsBase.js: (Controller.prototype.createControls): (Controller.prototype.buildCaptionMenu): 2016-01-31 Babak Shafiei <bshafiei@apple.com> Merge r195932. 2016-01-28 Babak Shafiei <bshafiei@apple.com> Merge r195751 and r195761. 2016-01-28 Babak Shafiei <bshafiei@apple.com> Merge r195607. 2016-01-27 Dean Jackson <dino@apple.com> [iOS] Documents without an explicit width should not get fast tapping https://bugs.webkit.org/show_bug.cgi?id=153465 <rdar://problem/23962529> Reviewed by Simon Fraser (and Wenson Hseih). As the title says, documents that do not set a viewport should not get the fast click behaviour. There were complaints that we broke double-tap to scroll in ImageDocuments where the image was narrow and long. The fix is to just keep a flag that tells the UI process if the width was explicit. However, it turns out that those ImageDocuments are given an explicit device-width, which is fine for scaling but really should behave as auto for fast tapping. So we also need to tell the UIProcess if the viewport arguments came from an ImageDocument. Test: fast/events/ios/viewport-no-width-value-allows-double-tap.html * dom/ViewportArguments.cpp: (WebCore::findSizeValue): Add a parameter that toggles a flag if the size was explicitly set. (WebCore::setViewportFeature): Remember if the width was explicit. * dom/ViewportArguments.h: Add a widthWasExplicit flag. (WebCore::ViewportArguments::operator==): 2016-01-28 Babak Shafiei <bshafiei@apple.com> Follow-up fix for r195625. 2016-01-27 Babak Shafiei <bshafiei@apple.com> Merge r195625. 2016-01-26 Brady Eidson <beidson@apple.com> History.pushState causes intense memory pressure. https://bugs.webkit.org/show_bug.cgi?id=153435 Reviewed by Sam Weinig, Oliver Hunt, and Geoff Garen. Tests: fast/loader/stateobjects/pushstate-frequency-iframe.html fast/loader/stateobjects/pushstate-frequency-with-user-gesture.html fast/loader/stateobjects/pushstate-frequency.html fast/loader/stateobjects/replacestate-frequency-iframe.html fast/loader/stateobjects/replacestate-frequency-with-user-gesture.html fast/loader/stateobjects/replacestate-frequency.html loader/stateobjects/pushstate-size-iframe.html loader/stateobjects/pushstate-size.html loader/stateobjects/replacestate-size-iframe.html loader/stateobjects/replacestate-size.html Add restrictions on how frequently push/replaceState can be called, as well as how much of a cumulative payload they can deliver. * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::pushState): (WebCore::JSHistory::replaceState): * page/History.cpp: (WebCore::History::stateObjectAdded): * page/History.h: 2016-01-27 Babak Shafiei <bshafiei@apple.com> Merge r195671. 2016-01-26 Jer Noble <jer.noble@apple.com> Calling video.controls=true during a scrub operation cancels scrub. https://bugs.webkit.org/show_bug.cgi?id=153494 Reviewed by Eric Carlson. Test: media/media-controls-drag-timeline-set-controls-property.html Verify that the video.controls attribute actually changed before tearing down and re-adding the media controls to the Shadow DOM. * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.handleControlsChange): (Controller.prototype.hasControls): 2016-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r195606. rdar://problem/24243317 2016-01-25 Dave Hyatt <hyatt@apple.com> Speculative fixes for crashing in viewportChangeAffectedPicture https://bugs.webkit.org/show_bug.cgi?id=153450 Reviewed by Dean Jackson. Don't attach any conditions to the removal of a picture element from the document's HashSet. This ensures that if the condition is ever wrong for any reason, we'll still remove the picture element on destruction. Fix the media query evaluation to match the other evaluations (used by the preload scanner and HTMLImageElement). This includes using the document element's computed style instead of our own and also null checking the document element first. This is the likely cause of the crashes. * html/HTMLPictureElement.cpp: (WebCore::HTMLPictureElement::~HTMLPictureElement): (WebCore::HTMLPictureElement::didMoveToNewDocument): (WebCore::HTMLPictureElement::viewportChangeAffectedPicture): 2016-01-20 Andy Estes <aestes@apple.com> Re-enable synchronous popstate event for safari-601-branch https://bugs.webkit.org/show_bug.cgi?id=153297 rdar://problem/24154417 Reviewed by Brent Fulgham. r192369 made the popstate event dispatch asynchronously, which matches what the HTML5 spec says to do. However, due to compatibility regressions, we do not want to include this behavior change in safari-601-branch. This change reverts r192369's changes to Document.cpp, but retains the new tests. This change is intended only for safari-601-branch and its copies. The popstate event should remain asynchronous in trunk. Firing popstate synchronously makes both fast/loader/remove-iframe-during-history-navigation-different. Html and fast/loader/remove-iframe-during-history-navigation-same.html crash, because their onpopstate handlers remove frames from the document that will later be accessed by HistoryController::recursiveGoToItem(). To prevent the crashes, this change does two things: 1. Keep a reference to the current frame inside FrameLoader::loadSameDocumentItem(), since calling loadInSameDocument() might otherwise delete it. 2. Handle a null frame when iterating a HistoryItem's child frames in HistoryController::recursiveGoToItem(), since calling goToItem() on one frame might cause another frame to be deleted. Covered by existing tests. fast/loader/stateobjects/popstate-is-asynchronous-expected.txt was updated to expect popstate to be synchronous. * dom/Document.cpp: (WebCore::Document::enqueuePopstateEvent): * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadSameDocumentItem): * loader/HistoryController.cpp: (WebCore::HistoryController::recursiveGoToItem): 2016-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r195477. rdar://problem/24001780 2016-01-21 Sam Weinig <sam@webkit.org> Treat non-https actions on secure pages as mixed content <rdar://problem/23144492> https://bugs.webkit.org/show_bug.cgi?id=153322 Reviewed by Alexey Proskuryakov. Tests: http/tests/security/mixedContent/insecure-form-in-iframe.html http/tests/security/mixedContent/insecure-form-in-main-frame.html http/tests/security/mixedContent/javascript-url-form-in-main-frame.html * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::parseAttribute): Check form actions for mixed content. * loader/MixedContentChecker.cpp: (WebCore::MixedContentChecker::checkFormForMixedContent): * loader/MixedContentChecker.h: Add new function to check and warn if a form's action is mixed content. 2016-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r195393. rdar://problem/24042909 2016-01-20 David Kilzer <ddkilzer@apple.com> ResourceHandleCFURLConnectionDelegateWithOperationQueue delegate methods don't NULL-check m_handle->client() <https://webkit.org/b/152675> <rdar://problem/24034044> Reviewed by Brent Fulgham. * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp: (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFinishLoading): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFail): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveDataArray): - Add NULL check for m_handle->client() as is done in the WebCoreResourceHandleAsOperationQueueDelegate class in WebCoreResourceHandleAsOperationQueueDelegate.mm. (The NULL check for -connection:didReceiveResponse: is currently missing, but there are crashes there, too, that are covered by Bug 152673.) 2016-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r195150. rdar://problem/24208162 2016-01-15 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] Font features are not applied to the system font https://bugs.webkit.org/show_bug.cgi?id=153053 Reviewed by Dean Jackson. We simply need to call preparePlatformFont() on it. Test: fast/text/system-font-features.html * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::fontWithFamily): 2016-01-20 Babak Shafiei <bshafiei@apple.com> Merge r195132. 2016-01-15 Dave Hyatt <hyatt@apple.com> Avoid downloading the wrong image for <picture> elements. https://bugs.webkit.org/show_bug.cgi?id=153027 Reviewed by Dean Jackson. No tests, since they are always flaky. * html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::HTMLImageElement): (WebCore::HTMLImageElement::~HTMLImageElement): (WebCore::HTMLImageElement::createForJSConstructor): (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): (WebCore::HTMLImageElement::insertedInto): (WebCore::HTMLImageElement::removedFrom): (WebCore::HTMLImageElement::pictureElement): (WebCore::HTMLImageElement::setPictureElement): (WebCore::HTMLImageElement::width): * html/HTMLImageElement.h: (WebCore::HTMLImageElement::hasShadowControls): * html/HTMLPictureElement.h: * html/parser/HTMLConstructionSite.cpp: (WebCore::HTMLConstructionSite::createHTMLElement): * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Images that are built underneath a <picture> element are now connected to that picture element via a setPictureNode call from the parser. This ensures that the correct <source> elements are examined before checking the image. This connection between images and their picture owners is handled using a static HashMap in HTMLImageElement. This connection is made both from the parser and from DOM insertions, and the map is queried now instead of looking directly at the image's parentNode(). 2016-01-20 Babak Shafiei <bshafiei@apple.com> Merge r195075. 2016-01-14 Daniel Bates <dabates@apple.com> Disallow use of Geolocation service from unique origins https://bugs.webkit.org/show_bug.cgi?id=153102 <rdar://problem/23055645> Reviewed by Alexey Proskuryakov. Tests: fast/dom/Geolocation/dataURL-getCurrentPosition.html fast/dom/Geolocation/dataURL-watchPosition.html fast/dom/Geolocation/srcdoc-getCurrentPosition.html fast/dom/Geolocation/srcdoc-watchPosition.html http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html http/tests/security/sandboxed-iframe-geolocation-watchPosition.html * Modules/geolocation/Geolocation.cpp: (WebCore::Geolocation::securityOrigin): Convenience function to get the SecurityOrigin object associated with this script execution context. (WebCore::Geolocation::startRequest): Notify requester POSITION_UNAVAILABLE when requested from a document with a unique origin. * Modules/geolocation/Geolocation.h: * page/SecurityOrigin.h: (WebCore::SecurityOrigin::canRequestGeolocation): Added. 2016-01-20 Babak Shafiei <bshafiei@apple.com> Merge r195162. 2016-01-15 Jiewen Tan <jiewen_tan@apple.com> FrameLoaderClient::didReceiveServerRedirectForProvisionalLoadForFrame() is never called when loading a main resource from the memory cache https://bugs.webkit.org/show_bug.cgi?id=152520 <rdar://problem/23305737> Reviewed by Andy Estes. Test: http/tests/loading/server-redirect-for-provisional-load-caching.html * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::responseReceived): Dispatch message to notify client that a cached resource was redirected. So, client can make proper actions to treat server side redirection. * loader/cache/CachedRawResource.h: Add a method to tell whether the cached resource was redirected. 2016-01-20 Timothy Hatcher <timothy@apple.com> <rdar://problem/24242600> CrashTracer: com.apple.WebKit.WebContent at …pector::CSSFrontendDispatcher::mediaQueryResultChanged + 316 Reviewed by Joseph Pecoraro. * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::willDestroyFrontendAndBackend): Call disable(). (WebCore::InspectorCSSAgent::mediaQueryResultChanged): Add null check. 2016-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r195088. rdar://problem/24101168 2016-01-14 Myles C. Maxfield <mmaxfield@apple.com> Mixing Content Blocking of fonts and display:none rules causes battery drain https://bugs.webkit.org/show_bug.cgi?id=153051 <rdar://problem/23187709> Reviewed by Alex Christensen. If we have applied a rule before and we are not applying it again, don't resolve the style again. Test: http/tests/contentextensions/font-display-none-repeated-layout.html * contentextensions/ContentExtensionStyleSheet.cpp: (WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector): * contentextensions/ContentExtensionStyleSheet.h: * dom/ExtensionStyleSheets.cpp: (WebCore::ExtensionStyleSheets::addDisplayNoneSelector): 2016-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r195082. rdar://problem/23633319 2016-01-14 Simon Fraser <simon.fraser@apple.com> Remove workaround for rdar://problem/23623670 https://bugs.webkit.org/show_bug.cgi?id=153107 rdar://problem/23633319 Reviewed by Tim Horton. Remove the code that uses IOSurfaceAcceleratorTransformSurface() when copying from back-to-front buffer, now that CGIOSurfaceContextCreate()-code path works correctly. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::ensurePlatformContext): (IOSurface::copyToSurface): Deleted. 2016-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r188377. rdar://problem/24208161 2015-08-12 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] [CJK-configured device] System font has vertical punctuation https://bugs.webkit.org/show_bug.cgi?id=147964 <rdar://problem/22256660> Reviewed by Dean Jackson. GlyphPage::fill() has multiple code paths to accomplish its goal. It uses the shouldUseCoreText() helper function to determine which one of the paths should be taken. However, not all of the code paths in GlyphPage::fill() are able of handling all situations. Indeed, the CoreText code paths in GlyphPage::fill() are only able to handle the situations which shouldUseCoreText() returns true for. This happens in the following cases: 1. If the font is a composite font 2. If the font is used for text-combine 3. If the font has vertical glyphs In r187693, I added one more case to this list: If the font is the system font. However, I failed to add the necessary support to GlyphPage::fill() for this case. Becasue of this, we just happened to fall into the case of vertical fonts (just by coincidence), which causes us to use CTFontGetVerticalGlyphsForCharacters() instead of CTFontGetGlyphsForCharacters(). The solution is to adopt the same behavior we were using before r187693. Back then, we were using CGFontGetGlyphsForUnichars(), which always returned horizontal glyphs. We should simply adopt this same behavior, except in the Core Text case. Therefore, this patch is just a simple check to see if we are using the system font when determining which Core Text function to use. Test: fast/text/system-font-punctuation.html * platform/graphics/FontDescription.h: (WebCore::FontDescription::setWidthVariant): * platform/graphics/FontPlatformData.h: (WebCore::FontPlatformData::isForTextCombine): * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::shouldUseCoreText): (WebCore::GlyphPage::fill): * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::combineText): 2016-01-19 Matthew Hanson <matthew_hanson@apple.com> Merge r188263. rdar://problem/24208161 2015-08-11 Myles C. Maxfield <mmaxfield@apple.com> [iOS] Arabic letter Yeh is drawn in LastResort https://bugs.webkit.org/show_bug.cgi?id=147862 <rdar://problem/22202935> Reviewed by Darin Adler. In order to perform font fallback, we must know which fonts support which characters. We perform this check by asking each font to map a sequence of codepoints to glyphs, and any glyphs which end up with a 0 value are unsupported by the font. One of the mechanisms that we use to do this is to combine the code points into a string, and tell Core Text to lay out the string. However, this is fundamentally a different operation than the one we are trying to perform. Strings combine adjacent codepoints into grapheme clusters, and CoreText operates on these. However, we are trying to gain information regarding codepoints, not grapheme clusters. Instead of taking this string-based approach, we should try harder to use Core Text functions which operate on ordered collections of characters, rather than strings. In particular, CTFontGetGlyphsForCharacters() and CTFontGetVerticalGlyphsForCharacters() have the behavior we want where any unmapped characters end up with a 0 value glyph. Previously, we were only using the result of those functions if they were successfully able to map their entire input. However, given the fact that we can degrade gracefully in the case of a partial mapping, we shouldn't need to bail completely to the string-based approach should a partial mapping occur. At some point we should delete the string-based approach entirely. However, this path is still explicitly used for composite fonts. Fixing that use case is out of scope for this patch. Test: fast/text/arabic-glyph-cache-fill-combine.html * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::GlyphPage::fill): 2016-01-19 Matthew Hanson <matthew_hanson@apple.com> Merge r187693. rdar://problem/24208161 2015-07-31 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] Latin quotes are used with the system font on Chinese devices https://bugs.webkit.org/show_bug.cgi?id=147504 Reviewed by Dean Jackson. The system font has some fancy logic regarding character selection which requires using Core Text for glyph selection. No new tests because tests can't change the system language of the device. * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::shouldUseCoreText): 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r194950. rdar://problem/23270886 2016-01-08 Andy Estes <aestes@apple.com> [Content Filtering] Lazily load platform frameworks https://bugs.webkit.org/show_bug.cgi?id=152881 rdar://problem/23270886 Reviewed by Brady Eidson. On Cocoa platforms, ContentFilter soft-links two frameworks that perform the underlying filtering operations. There is a one-time cost associated with the soft-linking, and the current design requires all clients to pay this cost whether or not they ever load a resource that is subject to filtering. Addressed this by deferring the loading of frameworks until it is known that a resource will require filtering. It is rather simple to defer the soft-linking at the PlatformContentFilter level, but doing this alone would mean that every CachedRawResourceClient callback would be routed through ContentFilter, even in the very common case where both platform content filters are disabled. This is because checking if a platform content filter is enabled involves loading its framework, so creating a ContentFilter (which DocumentLoader will add as the CachedRawResource client in place of itself) cannot be avoided by checking that all its platform content filters are disabled. Resolved this by inverting the relationship between ContentFilter and DocumentLoader. Instead of ContentFilter being the CachedRawResource's client and forwarding callbacks to DocumentLoader when one or more platform filters are enabled, DocumentLoader is now always the client and it forwards callbacks to ContentFilter. ContentFilter then returns a boolean value indicating whether or not DocumentLoader should proceed with each callback. New API test: ContentFiltering.LazilyLoadPlatformFrameworks * loader/ContentFilter.cpp: (WebCore::ContentFilter::create): Renamed from createIfEnabled(). Since the enabled check causes frameworks to be loaded, the check is skipped here and all types are always created. (WebCore::ContentFilter::continueAfterWillSendRequest): Renamed from willSendRequest(). Renamed requestCopy to originalRequest, and only created it for logging purposes. Since the copy was only used for logging purposes, request is now modified directly. Returned false if request is null. (WebCore::ContentFilter::continueAfterResponseReceived): Renamed from responseReceived(). Stopped asserting that resource is non-null, since it will be null in the case of substitute data loads. Stopped asserting that m_state is not Initialized, since that state was removed and the function can now be called in all states. Only logged if m_state is Filtering. Returned false if m_state is Blocked. (WebCore::ContentFilter::continueAfterDataReceived): Renamed from dataReceived(). Stopped asserting that resource is non-null and that m_state is Initialized, and moved the logging, for the same reasons as above. Returned false if m_state is Filtering or Blocked. (WebCore::ContentFilter::continueAfterNotifyFinished): Renamed from notifyFinished(). Stopped asserting that resource is non-null and that m_state is not Initialized, and moved the logging, for the same reasons as above. If m_state is not Blocked at this point, set m_state to Allowed in order for deliverResourceData() to not get caught in continueAfterDataReceived(). Returned false if m_state is Blocked or Stopped after delivering data. (WebCore::ContentFilter::createIfEnabled): Renamed to create(). (WebCore::ContentFilter::~ContentFilter): Stopped removing ourself as m_mainResource's client. (WebCore::ContentFilter::willSendRequest): Renamed to continueAfterWillSendRequest(). (WebCore::ContentFilter::startFilteringMainResource): Stopped adding ourself as m_mainResource's client. Stopped asserting that m_state is not Initialized and instead returned early if m_state is not Stopped. (WebCore::ContentFilter::stopFilteringMainResource): Stopped removing ourself as m_mainResource's client. (WebCore::ContentFilter::responseReceived): Renamed to continueAfterResponseReceived(). (WebCore::ContentFilter::dataReceived): Renamed to continueAfterDataReceived(). (WebCore::ContentFilter::redirectReceived): Removed. DocumentLoader now calls continueAfterWillSendRequest() directly on redirects. (WebCore::ContentFilter::notifyFinished): Renamed to continueAfterNotifyFinished(). (WebCore::ContentFilter::didDecide): Instead of calling DocumentLoader::contentFilterDidDecide(), called DocumentLoader::contentFilterDidBlock() when m_state is Blocked. (WebCore::ContentFilter::deliverResourceData): Asserted that m_state is Allowed. * loader/ContentFilter.h: Stopped inheriting from CachedRawResourceClient. Redeclared the CachedRawResourceClient virtual functions as the continue* functions mentioned above. Made State enum private and removed Initialized. Initialized m_state to Stopped and removed its getter. (WebCore::ContentFilter::type): Returned a ContentFilter::Type that does not include an enabled function. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::notifyFinished): Returned early if ContentFilter::continueAfterNotifyFinished() returned false. (WebCore::DocumentLoader::willSendRequest): Called ContentFilter::continueAfterWillSendRequest() even for redirects, since ContentFilter is no longer a CachedRawResourceClient and so will no longer receive redirectReceived(). Returned early if continueAfterWillSendRequest() returns false. (WebCore::DocumentLoader::responseReceived): Returned early if ContentFilter::continueAfterResponseReceived() returned false. (WebCore::DocumentLoader::dataReceived): Ditto for ContentFilter::continueAfterDataReceived(). (WebCore::DocumentLoader::startLoadingMainResource): Called ContentFilter::create(), not createIfEnabled(). (WebCore::DocumentLoader::becomeMainResourceClient): Called ContentFilter::startFilteringMainResource() even if m_state is not Initialized. Added ourself as a client of m_mainResource unconditionally. (WebCore::DocumentLoader::contentFilterDidBlock): Renamed from contentFilterDidDecide. Removed assertions and the early return when m_state is Allowed, since the state is guaranteed to be Blocked. (WebCore::DocumentLoader::contentFilterDidDecide): Renamed to contentFilterDidBlock. * platform/cocoa/NetworkExtensionContentFilter.h: Moved definition of HAVE_NETWORK_EXTENSION to Platform.h so that this file doesn't need to become a Private header. Made enabled() private, and declared initialize(). * platform/cocoa/NetworkExtensionContentFilter.mm: (WebCore::NetworkExtensionContentFilter::initialize): Added a function to lazily initialize the object. (WebCore::NetworkExtensionContentFilter::willSendRequest): For the modern NEFilterSource, checked if it is enabled only after checking if the request is HTTP(S). If both checks pass, then called initialize(). (WebCore::NetworkExtensionContentFilter::responseReceived): Ditto for the legacy NEFilterSource. * platform/cocoa/ParentalControlsContentFilter.h: Made enabled() private. * platform/cocoa/ParentalControlsContentFilter.mm: (WebCore::ParentalControlsContentFilter::responseReceived): Checked if WebFilterEvaluator is enabled only after checking if the response is from a protocol that can be handled. * testing/MockContentFilter.cpp: (WebCore::MockContentFilter::willSendRequest): Immediately set m_status to Status::Allowed if !enabled(). * testing/MockContentFilter.h: Made enabled() private. 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r194927. rdar://problem/24101173 2016-01-12 Daniel Bates <dabates@apple.com> XSS Auditor should navigate to empty substitute data on full page block https://bugs.webkit.org/show_bug.cgi?id=152868 <rdar://problem/18658448> Reviewed by David Kilzer and Andy Estes. Derived from Blink patch (by Tom Sepez <tsepez@chromium.org>): <https://src.chromium.org/viewvc/blink?view=rev&revision=179240> Test: http/tests/security/xssAuditor/block-does-not-leak-that-page-was-blocked-using-empty-data-url.html * html/parser/XSSAuditorDelegate.cpp: (WebCore::XSSAuditorDelegate::didBlockScript): Modified to call NavigationScheduler::schedulePageBlock(). * loader/NavigationScheduler.cpp: (WebCore::ScheduledPageBlock::ScheduledPageBlock): Added. (WebCore::NavigationScheduler::schedulePageBlock): Navigate to empty substitute data with the same URL as the originating document. * loader/NavigationScheduler.h: 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r194898. rdar://problem/24154420 2016-01-12 Antti Koivisto <antti@apple.com> Don't reuse memory cache entries with different charset https://bugs.webkit.org/show_bug.cgi?id=110031 rdar://problem/13666418 Reviewed by Andreas Kling. Test: fast/loader/cache-encoding.html * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::requestResource): (WebCore::logResourceRevalidationDecision): (WebCore::CachedResourceLoader::determineRevalidationPolicy): Pass full CachedResourceRequest to the function. If charset differs don't reuse the cache entry. * loader/cache/CachedResourceLoader.h: 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r194865. rdar://problem/24154421 2016-01-11 Dave Hyatt <hyatt@apple.com> Picture element needs to work with the preload scanner and select the correct source element instead of loading the image. https://bugs.webkit.org/show_bug.cgi?id=152983 Reviewed by Dean Jackson. Added new tests in http/tests/loading. * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::tagIdFor): (WebCore::TokenPreloadScanner::initiatorFor): (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner): (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes): (WebCore::TokenPreloadScanner::StartTagScanner::processImageAndScriptAttribute): (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): (WebCore::TokenPreloadScanner::StartTagScanner::resourceType): (WebCore::TokenPreloadScanner::scan): * html/parser/HTMLPreloadScanner.h: (WebCore::TokenPreloadScanner::setPredictedBaseElementURL): (WebCore::TokenPreloadScanner::inPicture): 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r191180. rdar://problem/24154421 2015-10-16 Chris Dumez <cdumez@apple.com> HTMLPreloadScanner should preload iframes https://bugs.webkit.org/show_bug.cgi?id=150097 <rdar://problem/23094475> Reviewed by Antti Koivisto. HTMLPreloadScanner should preload iframes to decrease page load time. Tests: - fast/preloader/frame-src.html - http/tests/loading/preload-no-store-frame-src.html * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::tagIdFor): (WebCore::TokenPreloadScanner::initiatorFor): (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): (WebCore::TokenPreloadScanner::StartTagScanner::resourceType): (WebCore::TokenPreloadScanner::StartTagScanner::setUrlToLoad): Deleted. (WebCore::TokenPreloadScanner::StartTagScanner::charset): Deleted. * html/parser/HTMLPreloadScanner.h: 2016-01-13 Matthew Hanson <matthew_hanson@apple.com> Merge r190641. rdar://problem/24154421 2015-10-06 Chris Dumez <cdumez@apple.com> Refactor TokenPreloadScanner::StartTagScanner::processAttribute() https://bugs.webkit.org/show_bug.cgi?id=149847 Reviewed by Antti Koivisto. Refactor TokenPreloadScanner::StartTagScanner::processAttribute() to only process attributes that make sense given the current tagId. In particular, - We only process the charset parameter if the tag is a link or a script. - We only process the sizes / srcset attributes if the tag is an img. * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): (WebCore::TokenPreloadScanner::StartTagScanner::setUrlToLoad): Deleted. 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r194751. rdar://problem/24042915 2016-01-07 Brent Fulgham <bfulgham@apple.com> Correct missing EXT_sRGB Format Handling https://bugs.webkit.org/show_bug.cgi?id=152876 <rdar://problem/23284389> Reviewed by Alex Christensen. Tested by WebGL 1.0.4 suite. * platform/graphics/GraphicsContext3D.cpp: (getDataFormat): Handle missing SRGB and SRGB_ALPHA cases. * platform/graphics/GraphicsContext3D.h: Add missing SRGB_ALPHA value from the Khronos standard. * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp: (WebCore::GraphicsContext3D::texImage2D): Add an assertion that we are not being handed an internal format to a method that works with normal formats. 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r194750. rdar://problem/24074335 2016-01-07 Simon Fraser <simon.fraser@apple.com> Use an appropriate buffer format for swipe snapshots https://bugs.webkit.org/show_bug.cgi?id=152880 rdar://problem/23728299 Reviewed by Tim Horton. Choose an appropriate buffer format for swipe snapshots, and avoid converting them to YUV422. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::allowConversionFromFormatToFormat): 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r194667. rdar://problem/24074334 2016-01-06 Simon Fraser <simon.fraser@apple.com> [iOS] Revert overflow:hidden on the body affecting viewport scale (r186786) https://bugs.webkit.org/show_bug.cgi?id=152803 rdar://problem/22242515 Reviewed by Tim Horton. You can't assume that if an author uses overflow:hidden on the body, they have no content outside the body that is important. Sites like Google Translate put abspos elements outside the body. So revert the change. * page/FrameView.cpp: (WebCore::FrameView::contentsSizeRespectingOverflow): Deleted. * page/FrameView.h: 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r194666. rdar://problem/24101185 2016-01-06 Brent Fulgham <bfulgham@apple.com> Port blocking bypass issue using 307 redirect https://bugs.webkit.org/show_bug.cgi?id=152801 <rdar://problem/24048554> Reviewed by Anders Carlsson. Tested by http/tests/security/blocked-on-redirect.html. Make sure that 307 redirects check the requested URL via 'portAllowed'. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): Confirm that the requested port is valid, and block load if it is not. * loader/FrameLoader.cpp: (WebCore::FrameLoader::reportBlockedPortFailed): Added. (WebCore::FrameLoader::blockedError): Added. * loader/FrameLoader.h: 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r194038. rdar://problem/24101170 2015-12-14 Daniel Bates <dabates@apple.com> [iOS] DOM click event may not be dispatched when page has :active style and <input type="search"> https://bugs.webkit.org/show_bug.cgi?id=144451 <rdar://problem/23099482> Reviewed by Simon Fraser. Fixes an issue where a DOM click event is not dispatched to an element in a subframe on a page that has a <input type="search"> and defines a CSS :active pseudo-class for the HTML body element. On iOS we only dispatch a DOM click event if the content of the page does not change as part of dispatching a DOM mousemove event at the tapped element as a means of providing a good user experience on web pages that reveal or hide content based on mouse hover. Currently we consider the content of the page to have changed if the visibility of any element on the page changes. In particular we consider the content of the page to have changed if the visibility of a user agent shadow DOM element changes (e.g. the search field cancel button). Instead we should only consider visibility changes to the actual web page content and ignore visibility changes to user agent shadow DOM elements. Tests: fast/events/can-click-element-on-page-with-active-pseudo-class-and-search-field.html fast/forms/search/search-cancel-button-visible-when-input-becomes-disabled.html fast/forms/search/search-cancel-button-visible-when-input-becomes-readonly.html fast/forms/search/search-cancel-in-formerly-invisible-element.html fast/forms/search/search-cancel-toggle-visibility-initially-hidden.html fast/forms/search/search-cancel-toggle-visibility-initially-visible.html * style/StyleResolveTree.cpp: (WebCore::Style::CheckForVisibilityChangeOnRecalcStyle::~CheckForVisibilityChangeOnRecalcStyle): Ignore visibility changes to user agent shadow DOM elements. 2016-01-11 Matthew Hanson <matthew_hanson@apple.com> Merge r192186. rdar://problem/24101174 2015-11-09 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: $0 stops working after navigating to a different domain https://bugs.webkit.org/show_bug.cgi?id=147962 Reviewed by Brian Burg. Test: http/tests/inspector/console/cross-domain-inspected-node-access.html The inspector backend injects the CommandLineAPI Source with a corresponding CommandLineAPIHost into each execution context created by the page (main frame, sub frames, etc). When creating the JSValue wrapper for the CommandLineAPIHost using the generated toJS(...) DOM bindings, we were using the cached CommandLineAPIHost wrapper values in the single DOMWrapperWorld shared across all frames. This meant that the first time the wrapper was needed it was created in context A. But when needed for context B it was using the wrapper created in context A. Using this wrapper in context B was producing unexpected cross-origin warnings. The solution taken here, is to create a new JSValue wrapper for the CommandLineAPIHost per execution context. This way each time the CommandLineAPIHost wrapper is used in a frame, it is using the one created for that frame. The C++ host object being wrapped has a lifetime equivalent to the Page. It does not change in this patch. The wrapper values are cleared on page navigation or when the page is closed, and will be garbage collected. * WebCore.vcxproj/WebCore.vcxproj: * WebCore.vcxproj/WebCore.vcxproj.filters: * ForwardingHeaders/inspector/PerGlobalObjectWrapperWorld.h: Added. New forwarding header. * inspector/CommandLineAPIHost.h: * inspector/CommandLineAPIHost.cpp: (WebCore::CommandLineAPIHost::CommandLineAPIHost): (WebCore::CommandLineAPIHost::wrapper): Cached JSValue wrappers per GlobalObject. (WebCore::CommandLineAPIHost::clearAllWrappers): Clear any wrappers we have, including the $0 value itself which we weren't explicitly clearing previously. * inspector/CommandLineAPIModule.cpp: (WebCore::CommandLineAPIModule::host): Simplify creating the wrapper. * inspector/WebInjectedScriptManager.h: * inspector/WebInjectedScriptManager.cpp: (WebCore::WebInjectedScriptManager::discardInjectedScripts): When the main frame window object clears, also clear the CommandLineAPI wrappers we may have created. Also take this opportunity to clear any $0 value that may have pointed to a value in the previous page. 2016-01-08 Timothy Hatcher <timothy@apple.com> <rdar://problem/24094651> REGRESSION (193350): CrashTracer: [USER] com.apple.WebKit.WebContent at …: Inspector::CSSFrontendDispatcher::styleSheetRemoved + 768 Reviewed by Joseph Pecoraro. * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::setActiveStyleSheetsForDocument): Add null check before using m_frontendDispatcher. 2016-01-06 Matthew Hanson <matthew_hanson@apple.com> Merge r194485. rdar://problem/23978916 2015-12-22 Brent Fulgham <bfulgham@apple.com> [WebGL] Blacklisted OpenGL contexts are not safe to use https://bugs.webkit.org/show_bug.cgi?id=152513 <rdar://problem/23127838> Reviewed by Zalan Bujtas. When the GPU has blacklisted an OpenGL context, it is not safe to use -- even to attempt to release GL resources. Instead, our only correct behavior is to terminate the WebProcess. * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): If the context was lost because the GPU blacklisted it, terminate the process. 2016-01-06 Matthew Hanson <matthew_hanson@apple.com> Merge r194662. rdar://problem/24043055 2016-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge for rdar://problem/24043055. * dom/EventDispatcher.cpp: (WebCore::EventPath::EventPath): Set the isMouseOrFocusEvent boolean flag to True if the event is a wheelEvent. 2015-12-21 Babak Shafiei <bshafiei@apple.com> Merge r194114. 2015-12-15 Myles C. Maxfield <mmaxfield@apple.com> [Font Features] TrueType fonts trigger real features even when synthesis is applied https://bugs.webkit.org/show_bug.cgi?id=152287 Reviewed by Darin Adler. When using a font feature that is synthesizable, and synthesis is triggered, we should make sure to turn off the original font feature. Otherwise, the feature will be applied twice on top of itself. This worked for OpenType fonts, but not for TrueType fonts. Tests: css3/font-variant-petite-caps-synthesis.html css3/font-variant-small-caps-synthesis.html css3/font-variant-petite-caps-synthesis-coverage.html css3/font-variant-small-caps-synthesis-coverage.html * platform/graphics/cocoa/FontCocoa.mm: (WebCore::defaultSelectorForTrueTypeFeature): (WebCore::removedFeature): (WebCore::createCTFontWithoutSynthesizableFeatures): 2015-12-21 Babak Shafiei <bshafiei@apple.com> Merge r188802. 2015-08-21 Myles C. Maxfield <mmaxfield@apple.com> [OS X] Remove dead code from FontCache::systemFallbackForCharacters() https://bugs.webkit.org/show_bug.cgi?id=148218 Reviewed by Daniel Bates. lookupCTFont() in FontCacheMac.mm will always return the best font (because CTFontCreateForCharactersWithLanguage() does so). Also, all fonts that will be created on WebKit's behalf are already printer fonts. No new tests because there is no behavior change. * platform/graphics/mac/FontCacheMac.mm: (WebCore::FontCache::systemFallbackForCharacters): Deleted. 2015-12-18 Matthew Hanson <matthew_hanson@apple.com> Merge r194206. rdar://problem/23824469 2015-12-16 Simon Fraser <simon.fraser@apple.com> ViewportConfiguration functions should return a bool to say if anything changed https://bugs.webkit.org/show_bug.cgi?id=152353 Reviewed by Tim Horton. Rather than callers all checking whether setting ViewportConfiguration values changes state, have its functions return a bool if the values change. * page/ViewportConfiguration.cpp: (WebCore::ViewportConfiguration::setContentsSize): (WebCore::ViewportConfiguration::setMinimumLayoutSize): (WebCore::ViewportConfiguration::setViewportArguments): (WebCore::ViewportConfiguration::setCanIgnoreScalingConstraints): * page/ViewportConfiguration.h: (WebCore::ViewportConfiguration::setCanIgnoreScalingConstraints): Deleted. 2015-12-18 Babak Shafiei <bshafiei@apple.com> Merge r192582. 2015-11-18 Chris Dumez <cdumez@apple.com> Null dereference in Performance::Performance(WebCore::Frame*) https://bugs.webkit.org/show_bug.cgi?id=151390 Reviewed by Brady Eidson. Based on the stack trace, it appears the DocumentLoader can be null when constructing the Performance object. This patch thus adds a null check before trying to dereference it. No new tests, was not able to reproduce. * page/DOMWindow.cpp: (WebCore::DOMWindow::navigator): (WebCore::DOMWindow::performance): * page/Performance.cpp: (WebCore::Performance::Performance): (WebCore::Performance::scriptExecutionContext): * page/Performance.h: 2015-12-17 Matthew Hanson <matthew_hanson@apple.com> Merge r191076. rdar://problem/23941411 2015-10-14 Andy Estes <aestes@apple.com> [iOS] QuickLook documents loaded over https do not load their subresources https://bugs.webkit.org/show_bug.cgi?id=150145 <rdar://problem/22884521> Reviewed by Alexey Proskuryakov. When QuickLook generates an HTML preview of a document, subresources are referenced using the x-apple-ql-id scheme, for which QuickLook installs an NSURLProtocol. If a document is loaded over https, then this scheme needs to be considered secure in order to avoid mixed content errors. Test: http/tests/quicklook/secure-document-with-subresources.html * platform/SchemeRegistry.cpp: (WebCore::secureSchemes): Registered QLPreviewProtocol() as a secure scheme. 2015-12-17 Matthew Hanson <matthew_hanson@apple.com> Merge r193932. rdar://problem/23903295 2015-12-10 Myles C. Maxfield <mmaxfield@apple.com> [Font Features] r193894 introduces leaks https://bugs.webkit.org/show_bug.cgi?id=152154 Reviewed by Joe Pecoraro. * platform/graphics/cocoa/FontCocoa.mm: (WebCore::smallCapsTrueTypeDictionary): (WebCore::createCTFontWithoutSynthesizableFeatures): 2015-12-17 Matthew Hanson <matthew_hanson@apple.com> Merge r193894. rdar://problem/23769696 2015-12-10 Myles C. Maxfield <mmaxfield@apple.com> font-variant-caps does not work if the font does not support font features https://bugs.webkit.org/show_bug.cgi?id=149774 Reviewed by Antti Koivisto. This test implements synthesis for small-caps and all-small-caps. It does so by moving font variant selection into a higher level (ComplexTextController). In general, the approach is to use the pure font feature until we encounter a character which needs to be uppercased, and which the font feature does not support uppercasing. In this situation, we try again with synthesis. In this case, synthesis means artificially uppercasing letters and rendering them with a smaller font. We require system support to know which glyphs a particular font feature supports. Therefore, on operating systems which do not include this support, we will simply say that the font feature does not support any glyphs. Test: css3/font-variant-small-caps-synthesis.html css3/font-variant-petite-caps-synthesis.html * platform/graphics/Font.cpp: (WebCore::Font::noSmallCapsFont): Return the same font, but without smcp or c2sc. This function utilizes a cache. * platform/graphics/Font.h: (WebCore::Font::variantFont): Small caps should never go through this function anymore. * platform/graphics/FontCascade.h: Because we're moving variant selection into a higher level, we remove the FontVariant argument from the lower-level call. * platform/graphics/FontCascadeFonts.cpp: (WebCore::FontCascadeFonts::glyphDataForVariant): Use early-return style. (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Ditto. * platform/graphics/cocoa/FontCascadeCocoa.mm: (WebCore::FontCascade::fontForCombiningCharacterSequence): Because we're moving variant selection into a higher level, we remove the FontVariant argument from the lower-level call. * platform/graphics/cocoa/FontCocoa.mm: (WebCore::Font::smallCapsSupportsCharacter): (WebCore::Font::allSmallCapsSupportsCharacter): (WebCore::smallCapsOpenTypeDictionary): Helper function for smallCapsSupportsCharacter(). (WebCore::smallCapsTrueTypeDictionary): Ditto. (WebCore::unionBitVectors): (WebCore::Font::glyphsSupportedBySmallCaps): Compute a bit vector of supported glyphs. (WebCore::Font::glyphsSupportedByAllSmallCaps): Ditto. (WebCore::createDerivativeFont): Moving common code into its own helper function. (WebCore::Font::createFontWithoutSmallCaps): (WebCore::Font::platformCreateScaledFont): Use the common code. * platform/graphics/mac/ComplexTextController.cpp: (WebCore::capitalized): What is the capitalized form of a character? (WebCore::ComplexTextController::collectComplexTextRuns): Implement the core logic of this patch. This includes the retry when we encounter a character which is not supported by the font feature. * platform/spi/cocoa/CoreTextSPI.h: 2015-12-17 Babak Shafiei <bshafiei@apple.com> Merge r194209. 2015-12-16 Andy Estes <aestes@apple.com> [iOS] Block loading external stylesheets in the Content-Disposition: attachment sandbox https://bugs.webkit.org/show_bug.cgi?id=152375 <rdar://problem/22020902> Reviewed by Darin Adler. Tests: http/tests/contentdispositionattachmentsandbox/at-import-stylesheets-disabled.html http/tests/contentdispositionattachmentsandbox/external-stylesheets-disabled.html http/tests/contentdispositionattachmentsandbox/xml-stylesheet-processing-instructions-disabled.html * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::canRequest): Moved handling of CachedResource::MainResource to canRequestInContentDispositionAttachmentSandbox(). (WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox): In addition to handling CachedResource::MainResource, added handling for CachedResource::CSSStyleSheet. Added a FIXME asking whether we should handle other types of resources, too. * loader/cache/CachedResourceLoader.h: 2015-12-14 Matthew Hanson <matthew_hanson@apple.com> Merge r194001. rdar://problem/23814327 2015-12-11 Jiewen Tan <jiewen_tan@apple.com> Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment" https://bugs.webkit.org/show_bug.cgi?id=152102 <rdar://problem/22124230> Reviewed by Andy Estes. Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with "Content-Disposition: attachment". Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html * dom/Document.cpp: (WebCore::Document::processReferrerPolicy): (WebCore::Document::applyContentDispositionAttachmentSandbox): 2015-12-14 Matthew Hanson <matthew_hanson@apple.com> Merge r193885. rdar://problem/23860425 2015-12-09 Daniel Bates <dabates@apple.com> [iOS] Suspend and resume device motion and device orientation updates when page is hidden and visible, respectively https://bugs.webkit.org/show_bug.cgi?id=151840 <rdar://problem/23753931> Reviewed by Simon Fraser. * dom/Document.cpp: (WebCore::Document::suspendDeviceMotionAndOrientationUpdates): Added. (WebCore::Document::resumeDeviceMotionAndOrientationUpdates): Added. (WebCore::Document::platformSuspendOrStopActiveDOMObjects): Moved logic to suspend device motion and orientation updates from here to Document::suspendDeviceMotionAndOrientationUpdates(). (WebCore::Document::suspendActiveDOMObjects): Modified to call Document::suspendDeviceMotionAndOrientationUpdates(). (WebCore::Document::resumeActiveDOMObjects): Modified to call Document::resumeDeviceMotionAndOrientationUpdates(). * dom/Document.h: * page/Page.cpp: (WebCore::Page::setIsVisibleInternal): Suspend device motion and orientation updates when the page is hidden and resume updates when the page is visible. (WebCore::Page::suspendDeviceMotionAndOrientationUpdates): Added. (WebCore::Page::resumeDeviceMotionAndOrientationUpdates): Added. * page/Page.h: 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r193876. rdar://problem/23305376 2015-12-09 Simon Fraser <simon.fraser@apple.com> Adjust layer backing store format https://bugs.webkit.org/show_bug.cgi?id=152097 rdar://problem/23305376 Reviewed by Tim Horton. Call setBackingStoreFormat() on UIWebView tile grid layers, and on compositing layers which can allocate backing store. * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: (WebCore::setBackingStoreFormat): (PlatformCALayerCocoa::commonInit): * platform/ios/LegacyTileGridTile.mm: (WebCore::setBackingStoreFormat): (WebCore::LegacyTileGridTile::LegacyTileGridTile): 2015-12-09 Matthew Hanson <matthew_hanson@apple.com> Merge r192712. rdar://problem/23814340 2015-11-20 Simon Fraser <simon.fraser@apple.com> More deviceRGB color cleanup https://bugs.webkit.org/show_bug.cgi?id=151523 <rdar://problem/23638597> Reviewed by Tim Horton. Replace calls to deviceRGBColorSpaceRef() with sRGBColorSpaceRef(), and use sRGBColorSpaceRef() in a few places that were manually creating the colorspace. Also use cachedCGColor() in a more places that were manually constructing CGColorRefs from Colors. * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect): (WebCore::createImageFromPixelBuffer): * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm: * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: (PlatformCALayerCocoa::setBackgroundColor): (PlatformCALayerCocoa::setBorderColor): * platform/graphics/ca/cocoa/WebSystemBackdropLayer.mm: (-[WebLightSystemBackdropLayer init]): (-[WebDarkSystemBackdropLayer init]): * platform/graphics/cg/GradientCG.cpp: (WebCore::Gradient::platformGradient): * platform/graphics/cg/GraphicsContext3DCG.cpp: (WebCore::GraphicsContext3D::ImageExtractor::extractImage): (WebCore::GraphicsContext3D::paintToCanvas): * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::ImageBuffer::copyImage): (WebCore::ImageBuffer::toDataURL): (WebCore::ImageDataToDataURL): * platform/graphics/mac/GraphicsContextMac.mm: (WebCore::linearRGBColorSpaceRef): * platform/graphics/mac/WebGLLayer.mm: (-[WebGLLayer copyImageSnapshotWithColorSpace:]): * platform/mediastream/mac/AVVideoCaptureSource.mm: (WebCore::AVVideoCaptureSource::currentFrameCGImage): * rendering/RenderThemeIOS.mm: (WebCore::drawRadialGradient): * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintMenuListButtonGradients): (WebCore::RenderThemeMac::paintSliderTrack): 2015-12-11 Matthew Hanson <matthew_hanson@apple.com> Merge r193859. rdar://problem/23814345 2015-12-09 David Hyatt <hyatt@apple.com> Picture element needs to respond to dynamic viewport changes. https://bugs.webkit.org/show_bug.cgi?id=152013 <rdar://problem/23766375> Reviewed by Dean Jackson. Added new tests in fast/picture. * css/MediaQueryEvaluator.cpp: (WebCore::MediaQueryEvaluator::evalCheckingViewportDependentResults): Add new evaluation method that adds viewport dependent results to a vector. A follow-up patch will refactor the style resolver code to use this function instead of the special style resolver one, in order to get rid of the code duplication. Tracked by https://bugs.webkit.org/show_bug.cgi?id=152089. * css/MediaQueryEvaluator.h: (WebCore::MediaQueryResult::MediaQueryResult): * css/StyleResolver.h: (WebCore::MediaQueryResult::MediaQueryResult): Deleted. Move MediaQueryResult into a header since it is used in multiple places now and not just by the style resolver. * dom/Document.cpp: (WebCore::Document::evaluateMediaQueryList): (WebCore::Document::checkViewportDependentPictures): (WebCore::Document::optimizedStyleSheetUpdateTimerFired): (WebCore::Document::applyContentDispositionAttachmentSandbox): (WebCore::Document::addViewportDependentPicture): (WebCore::Document::removeViewportDependentPicture): * dom/Document.h: The document now maintains a HashSet of viewport-dependent pictures, and it checks them whenever the viewport changes. If their media queries stay the same, then nothing happens. If they change, then the <picture> will go back and re-check all its <source> elements to see what the new best candidate is. * html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Revised to check for viewport dependencies and to cache viewport-dependent results on the <picture> elements. When a <picture> is found to be viewport-dependent (or not) it is also added to or removed from the document's set of tracked pictures. * html/HTMLPictureElement.cpp: (WebCore::HTMLPictureElement::HTMLPictureElement): (WebCore::HTMLPictureElement::~HTMLPictureElement): (WebCore::HTMLPictureElement::didMoveToNewDocument): (WebCore::HTMLPictureElement::create): (WebCore::HTMLPictureElement::sourcesChanged): (WebCore::HTMLPictureElement::viewportChangeAffectedPicture): * html/HTMLPictureElement.h: New caching of results and updating of the document HashSet when the picture gets destroyed or moves to a different document. * html/HTMLSourceElement.cpp: (WebCore::HTMLSourceElement::parseAttribute): * html/HTMLSourceElement.h: Cache the media attribute in a parsed form. A follow-up patch will improve the <video>/<audio> code to make use of this parsed result. Tracked by https://bugs.webkit.org/show_bug.cgi?id=152090. 2015-12-11 Matthew Hanson <matthew_hanson@apple.com> Merge r193922. rdar://problem/23716993 2015-12-10 Enrica Casucci <enrica@apple.com> Change skin tone support for two emoji. https://bugs.webkit.org/show_bug.cgi?id=152147 rdar://problem/23716993 rdar://problem/23716344 Reviewed by Darin Adler. Horse race emoji (1F3C7) should no longer have skin tone variation. Sleuth/Spy emoji (!F575) should instead have skin tone variation. * platform/text/TextBreakIterator.cpp: (WebCore::cursorMovementIterator): 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r193760. rdar://problem/23727535 2015-12-08 Jer Noble <jer.noble@apple.com> [iOS] Adopt WebFullScreenVideoRootViewController. https://bugs.webkit.org/show_bug.cgi?id=151996 Reviewed by Dan Bernstein. Adopt WebFullScreenVideoRootViewController from WebKitAdditions. If it is not available, create and use a generic UIViewController subclass. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (createFullScreenVideoRootViewControllerClass): (allocWebFullScreenVideoRootViewControllerInstance): (WebVideoFullscreenInterfaceAVKit::setupFullscreen): 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r190911. rdar://problem/23432368 2015-10-12 Simon Fraser <simon.fraser@apple.com> Fix iOS and Efl builds. * platform/graphics/NamedImageGeneratedImage.cpp: (WebCore::NamedImageGeneratedImage::drawPattern): 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r193382. rdar://problem/23814344 2015-12-03 Simon Fraser <simon.fraser@apple.com> Have layer memory use consult the backing store format https://bugs.webkit.org/show_bug.cgi?id=151827 rdar://problem/23746497 Reviewed by Dean Jackson. When computing the backing store memory size, take the pixel format into account, rather than assuming 4 bytes per pixel. * platform/graphics/ca/GraphicsLayerCA.cpp: * platform/graphics/ca/PlatformCALayer.h: 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r193286. rdar://problem/23814343 2015-12-02 Sam Weinig <sam@webkit.org> Promise callbacks should be called at microtask checkpoints https://bugs.webkit.org/show_bug.cgi?id=147933 Reviewed by Chris Dumez. - Re-names MicroTaskQueue and MicroTask to MicrotaskQueue and Microtask to match the spec language. - Re-implements MicrotaskQueue and Microtask support suspended Microtasks (via the new KeepInQueue result value a Microtask can have when running) and correct behavior when Microtasks are added to the queue during a Microtask checkpoint. - MicrotaskQueue now has a mainThreadQueue() static function, replacing the old singleton() function, which can be used for the Document (non-Worker) Microtasks. For Workers, the a MicrotaskQueue can be separately allocated for each WorkerGlobalScope (though this was not done in this change). - Adds a helper subclass of Microtask, ActiveDOMCallbackMicrotask, for Microtasks that are per-ScriptExecutationContext, and need to act as ActiveDOMCallbacks. - Re-implement Document (non-Worker) Promises on top of ActiveDOMCallbackMicrotask. - Re-implement MutationObserver delivery on top of Microtask. Layout Test: fast/dom/microtask-promise-mutation-observer-order.html * CMakeLists.txt: * WebCore.vcxproj/WebCore.vcxproj: * WebCore.xcodeproj/project.pbxproj: * dom/DOMAllInOne.cpp: Add new files. * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::queueTaskToEventLoop): Switch to using ActiveDOMCallbackMicrotask/MicrotaskQueue rather than ScriptExecutionContext's Task mechanism for JavaScriptCore tasks. * bindings/js/JSMainThreadExecState.cpp: (WebCore::JSMainThreadExecState::didLeaveScriptContext): Perform a microtask checkpoint rather than calling MutationObserver code explicitly now that mutation observers use microtasks. * dom/ActiveDOMCallbackMicrotask.cpp: Added. (WebCore::ActiveDOMCallbackMicrotask::ActiveDOMCallbackMicrotask): (WebCore::ActiveDOMCallbackMicrotask::~ActiveDOMCallbackMicrotask): (WebCore::ActiveDOMCallbackMicrotask::run): (WebCore::ActiveDOMCallbackMicrotask::contextDestroyed): * dom/ActiveDOMCallbackMicrotask.h: Added. Add a helper subclass of Microtask which behaves like a ActiveDOMCallback (e.g. supports suspension and context destruction). * dom/MicroTask.cpp: Renamed to Microtasks.cpp. * dom/MicroTask.h: Renamed to Microtasks.h. * dom/Microtasks.cpp: Renamed from Source/WebCore/dom/MicroTask.cpp. (WebCore::Microtask::removeSelfFromQueue): (WebCore::MicrotaskQueue::mainThreadQueue): (WebCore::MicrotaskQueue::append): (WebCore::MicrotaskQueue::remove): (WebCore::MicrotaskQueue::performMicrotaskCheckpoint): (WebCore::MicroTaskQueue::singleton): Deleted. (WebCore::MicroTaskQueue::queueMicroTask): Deleted. (WebCore::MicroTaskQueue::runMicroTasks): Deleted. * dom/Microtasks.h: Renamed from Source/WebCore/dom/MicroTask.h. (WebCore::Microtask::~Microtask): (WebCore::MicrotaskQueue::MicrotaskQueue): (WebCore::MicrotaskQueue::~MicrotaskQueue): (WebCore::MicroTask::~MicroTask): Deleted. (WebCore::MicroTaskQueue::~MicroTaskQueue): Deleted. (WebCore::MicroTaskQueue::MicroTaskQueue): Deleted. Re-implement MicrotaskQueue and Microtask to support Microtask suspension (via the KeepInQueue result value) and correct behavior when Microtasks are queued during checkpoints. * dom/MutationObserver.cpp: (WebCore::suspendedMutationObservers): (WebCore::MutationObserverMicrotask::MutationObserverMicrotask): (WebCore::MutationObserverMicrotask::~MutationObserverMicrotask): (WebCore::MutationObserverMicrotask::run): (WebCore::queueMutationObserverCompoundMicrotask): (WebCore::MutationObserver::enqueueMutationRecord): (WebCore::MutationObserver::setHasTransientRegistration): * dom/MutationObserver.h: Re-implement MutationObserver delivery on top of Microtasks. * dom/ScriptRunner.cpp: (WebCore::ScriptRunner::timerFired): Remove unnecessary call to runMicroTasks(). * html/parser/HTMLScriptRunner.cpp: (WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent): (WebCore::HTMLScriptRunner::runScript): Remove calls to MutationObserver::deliverAllMutations() now that the MicrotaskQueue will take care of it. (WebCore::HTMLScriptRunner::executeScriptsWaitingForParsing): Remove unnecessary call to runMicroTasks(). * testing/Internals.cpp: (WebCore::Internals::queueMicroTask): Use ActiveDOMCallbackMicrotask rather than a custom test subclass. * testing/MicroTaskTest.cpp: Removed. * testing/MicroTaskTest.h: Removed. Remove custom test subclass of Microtask, just use ActiveDOMCallbackMicrotask directly. 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r192772. rdar://problem/23797213 2015-11-18 Andy Estes <aestes@apple.com> [Content Filtering] Crash in DocumentLoader::notifyFinished() when allowing a media document to load https://bugs.webkit.org/show_bug.cgi?id=151433 rdar://problem/23506594 Reviewed by Alexey Proskuryakov. When the main resource of a media document commits, WebKit cancels its load since the plug-in or media engine will do its own loading. If content filtering is enabled, and the filter waits allow the load until the entire resource is downloaded, then ContentFilter will attempt to call DocumentLoader::notifyFinished() immediately after delivering the buffered resource data to DocumentLoader. However, delivering the data will have nulled out DocumentLoader's m_mainResource when the load was cancelled, leading to a crash in notifyFinished(). To resolve this, add a new Stopped state to ContentFilter. Set this state if DocumentLoader clears its main resource or detaches from its frame. If ContentFilter is in the Stopped state after calling DocumentLoader::dataReceived(), do not proceed to call DocumentLoader::notifyFinished(). Test: contentfiltering/allow-media-document.html * loader/ContentFilter.cpp: (WebCore::ContentFilter::stopFilteringMainResource): Set m_state to Stopped. If m_mainResource is non-null, removed ContentFilter as a client and set m_mainResource to null. (WebCore::ContentFilter::notifyFinished): Stopped calling DocumentLoader::notifyFinished() if m_state is Stopped after calling DocumentLoader::dataReceived(). * loader/ContentFilter.h: * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Called ContentFilter::stopFilteringMainResource() instead of setting m_contentFilter to null. (WebCore::DocumentLoader::clearMainResource): Ditto. 2015-12-10 Matthew Hanson <matthew_hanson@apple.com> Merge r192758. rdar://problem/23814314 2015-11-23 David Kilzer <ddkilzer@apple.com> Hardening against CSSSelector double frees <http://webkit.org/b/56124> <rdar://problem/9119036> Reviewed by Antti Koivisto. Add some security assertions to catch this issue if it ever happens in Debug builds, and make changes in CSSSelector::~CSSSelector() and CSSSelectorList::deleteSelectors() to prevent obvious issues if they're ever called twice in Release builds. No new tests because we don't know how to reproduce this. * css/CSSSelector.cpp: (WebCore::CSSSelector::CSSSelector): Initialize m_destructorHasBeenCalled. * css/CSSSelector.h: (WebCore::CSSSelector::m_destructorHasBeenCalled): Add bitfield. (WebCore::CSSSelector::CSSSelector): Initialize m_destructorHasBeenCalled. (WebCore::CSSSelector::~CSSSelector): Add security assertion that this is never called twice. Clear out any fields that would have caused us to dereference an object twice. * css/CSSSelectorList.cpp: (WebCore::CSSSelectorList::deleteSelectors): Clear m_selectorArray when freeing the memory to which it was pointing. This prevents re-entrancy issues or calling this method twice on the same thread. Also restructure the for() loop to prevent calling CSSSelector::isLastInSelectorList() after CSSSelector::~CSSSelector() has been called (via CRBug 241892). 2015-12-09 Simon Fraser <simon.fraser@apple.com> Merge r191590. rdar://problem/23432368 2015-10-26 Simon Fraser <simon.fraser@apple.com> Implement 'round' and 'space' values for border-image https://bugs.webkit.org/show_bug.cgi?id=14185 Reviewed by Tim Horton. Add support for "round" and "space" values for border-image-repeat. Following "stretch" and "repeat", the code is added to Image::drawTiled(). For "round", we compute an integral number of copies of the image that fit, and then adjust the tile scale. For "space", we also compute an integral number N of copies that will fit, and then divide the remaining space amongst N+1 gaps, adjusting the tiling phase so that with an even number of images, a gap is centered. Tests: fast/borders/border-image-round.html fast/borders/border-image-space.html * platform/graphics/Image.cpp: (WebCore::Image::drawTiled): * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::GraphicsContext::drawPattern): 2015-12-09 Simon Fraser <simon.fraser@apple.com> Merge r190914. rdar://problem/23432368 2015-10-12 Simon Fraser <simon.fraser@apple.com> Speculative Cairo build fixes after r190910. * platform/graphics/cairo/ImageBufferCairo.cpp: (WebCore::ImageBuffer::drawPattern): * platform/graphics/cairo/ImageCairo.cpp: (WebCore::Image::drawPattern): 2015-12-09 Simon Fraser <simon.fraser@apple.com> Merge r190910. rdar://problem/23432368 2015-10-12 Simon Fraser <simon.fraser@apple.com> Remove Image::spaceSize() and ImageBuffer::spaceSize() https://bugs.webkit.org/show_bug.cgi?id=150064 Reviewed by Tim Horton. Image spacing when tiled should not be a property of the image; but a description of how it's drawn, like tile size. So remove spacing from Image and ImageBuffer, and pass it in as an argument. * platform/graphics/BitmapImage.cpp: (WebCore::BitmapImage::drawPattern): * platform/graphics/BitmapImage.h: * platform/graphics/CrossfadeGeneratedImage.cpp: (WebCore::CrossfadeGeneratedImage::drawPattern): * platform/graphics/CrossfadeGeneratedImage.h: * platform/graphics/GeneratedImage.h: * platform/graphics/GradientImage.cpp: (WebCore::GradientImage::drawPattern): * platform/graphics/GradientImage.h: * platform/graphics/GraphicsContext.cpp: (WebCore::GraphicsContext::drawTiledImage): * platform/graphics/GraphicsContext.h: * platform/graphics/Image.cpp: (WebCore::Image::drawTiled): * platform/graphics/Image.h: (WebCore::Image::spaceSize): Deleted. (WebCore::Image::setSpaceSize): Deleted. * platform/graphics/ImageBuffer.h: (WebCore::ImageBuffer::spaceSize): Deleted. (WebCore::ImageBuffer::setSpaceSize): Deleted. * platform/graphics/NamedImageGeneratedImage.cpp: (WebCore::NamedImageGeneratedImage::drawPattern): * platform/graphics/NamedImageGeneratedImage.h: * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::ImageBuffer::copyImage): (WebCore::ImageBuffer::drawPattern): * platform/graphics/cg/ImageCG.cpp: (WebCore::Image::drawPattern): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::paintFillLayerExtended): * svg/graphics/SVGImage.cpp: (WebCore::SVGImage::drawPatternForContainer): * svg/graphics/SVGImage.h: * svg/graphics/SVGImageForContainer.cpp: (WebCore::SVGImageForContainer::drawPattern): * svg/graphics/SVGImageForContainer.h: 2015-12-09 Matthew Hanson <matthew_hanson@apple.com> Merge r192639. rdar://problem/23814338 2015-11-19 Myles C. Maxfield <mmaxfield@apple.com> Tatechuyoko in ruby sits too high https://bugs.webkit.org/show_bug.cgi?id=151309 <rdar://problem/23536621> Reviewed by Darin Adler. When combining text, we ask what the text's width is in order to determine if it fits in the column. However, when we do that, we were not setting the font's orientation to horizontal. This means that, for CJK text, the "width" which was returned was actually the height of the glyph, and the GlyphOverflow data was similarly garbled. We actually already were creating a corrected FontDescription, and using it in two places. However, we weren't using it in the last place, which was causing this bug. Test: fast/text/text-combine-placement.html * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::width): * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::combineText): 2015-12-09 Matthew Hanson <matthew_hanson@apple.com> Merge r192388. rdar://problem/23814336 2015-11-12 David Hyatt <hyatt@apple.com> Tatechuyoko shrink-to-fit breaks after changing color, background-color or text-decoration https://bugs.webkit.org/show_bug.cgi?id=151218 <rdar://problem/23521702> Reviewed by Myles Maxfield. Added fast/text/text-combine-shrink-on-color-change.html * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::styleDidChange): 2015-12-09 Babak Shafiei <bshafiei@apple.com> Merge r190505. 2015-10-02 Antoine Quint <graouts@apple.com> popstate is fired at the wrong time on load https://bugs.webkit.org/show_bug.cgi?id=94265 Reviewed by Darin Adler. Don't fire popstate event on initial document load According to the specification [1], a popstate event should only be fired when the document has a "last entry" and the entry being navigated to isn't it. A document is created without a "last entry" and gets one just after this check when it is first navigated to, so a popstate should be fired any time a document is navigated to except for the first time after it has been created. Patch adapted from work by jl@opera.com on Blink [2]. [1] http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#traverse-the-history (step 12-14 in particular) [2] https://src.chromium.org/viewvc/blink?revision=165221&view=revision * dom/Document.cpp: (WebCore::Document::implicitClose): 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r191748. 2015-10-29 Csaba Osztrogonác <ossy@webkit.org> One more URTBF after r191731. * rendering/svg/RenderSVGResourcePattern.cpp: 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r191746. 2015-10-29 Csaba Osztrogonác <ossy@webkit.org> URTBF after r191731. * rendering/svg/RenderSVGResourcePattern.cpp: 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r191731. 2015-10-29 Said Abou-Hallawa <sabouhallawa@apple.com> Exploitable crash happens when an SVG contains an indirect resource inheritance cycle https://bugs.webkit.org/show_bug.cgi?id=150203 Reviewed by Brent Fulgham. Detecting cycles in SVG resource references happens in two places. 1. In SVGResourcesCycleSolver::resolveCycles() which it is called from SVGResourcesCache::addResourcesFromRenderer(). When a cycle is deleted, SVGResourcesCycleSolver::breakCycle() is called to break the link. In the case of a cyclic resource inheritance, SVGResources::resetLinkedResource() is called to break this cycle. 2. SVGPatternElement::collectPatternAttributes() which is called from RenderSVGResourcePattern::buildPattern(). The purpose is to resolve the pattern attributes and to build a tile image which can be used to fill the SVG element renderer. Detecting the cyclic resource reference in this function is not sufficient and can detect simple cycles like <pattern id="a" xlink:href="#b"/> <pattern id="b" xlink:href="#a"/>. But it does not detect cycles like: <pattern id="a"> <rect fill="url(#b)"/> </pattern> <pattern id="b" xlink:href="#a"/>. The fix is to get rid of SVGPatternElement::collectPatternAttributes() which uses SVGURIReference::targetElementFromIRIString() to navigates through the referenced resource elements and tries to detect cycles. Instead we can implement RenderSVGResourcePattern::collectPatternAttributes() which calls SVGResourcesCache::cachedResourcesForRenderer() to get the SVGResources of the pattern. Then we use SVGResources::linkedResource() to navigate the resource inheritance tree. The cached SVGResources is guaranteed to be free of cycles. Tests: svg/custom/pattern-content-inheritance-cycle.svg * rendering/svg/RenderSVGResourcePattern.cpp: (WebCore::RenderSVGResourcePattern::collectPatternAttributes): Collect the pattern attributes through the cachedResourcesForRenderer(). (WebCore::RenderSVGResourcePattern::buildPattern): Direct the call to the renderer function. * rendering/svg/RenderSVGResourcePattern.h: * rendering/svg/RenderSVGRoot.cpp: (WebCore::RenderSVGRoot::layout): RenderSVGRoot needs to call SVGResourcesCache::clientStyleChanged() for all the invalidated resources. If an attribute of an SVG resource was updated dynamically, the cached SVGResources associated with the renderer of this resource was stale. * rendering/svg/SVGRenderTreeAsText.cpp: (WebCore::writeSVGResourceContainer): Direct the call to the renderer function. * svg/SVGPatternElement.cpp: (WebCore::SVGPatternElement::collectPatternAttributes): (WebCore::setPatternAttributes): Deleted. collectPatternAttributes() is a replacement of setPatternAttributes(). 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192604. 2015-11-18 Jiewen Tan <jiewen_tan@apple.com> [WK1] Crash loading Blink layout test fast/dom/Window/property-access-on-cached-window-after-frame-removed.html https://bugs.webkit.org/show_bug.cgi?id=150198 <rdar://problem/23136026> Reviewed by Brent Fulgham. Test: fast/dom/Window/property-access-on-cached-window-after-frame-removed.html Properties of a contentWindow could be accessed even if the frame who owns the window is detached. Therefore, check whether the document loader is still alive before using it. * page/PerformanceTiming.cpp: (WebCore::PerformanceTiming::monotonicTimeToIntegerMilliseconds): 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192433. 2015-11-13 Jiewen Tan <jiewen_tan@apple.com> Element::focus() should acquire the ownership of Frame. https://bugs.webkit.org/show_bug.cgi?id=150204 <rdar://problem/23136794> Reviewed by Brent Fulgham. The FrameSelection::setSelection method sometimes releases the last reference to a frame. When this happens, the Element::updateFocusAppearance would attempt to use dereferenced memory. Instead, we should ensure that the Frame lifetime is guaranteed to extend through the duration of the method call. Test: editing/selection/focus-iframe-removal-crash.html * dom/Element.cpp: (WebCore::Element::updateFocusAppearance): 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192389. 2015-11-12 Zalan Bujtas <zalan@apple.com> Ignore visited background color when deciding if the input renderer needs to be painted natively. https://bugs.webkit.org/show_bug.cgi?id=151211 rdar://problem/21449823 Reviewed by Antti Koivisto. Test: fast/css/pseudo-visited-background-color-on-input.html * rendering/RenderTheme.cpp: (WebCore::RenderTheme::isControlStyled): * rendering/style/RenderStyle.h: 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192369. 2015-11-11 Jon Honeycutt <jhoneycutt@apple.com> popstate event should be dispatched asynchronously https://bugs.webkit.org/show_bug.cgi?id=36202 <rdar://problem/7761279> Based on an original patch by Mihai Parparita <mihaip@chromium.org>. Reviewed by Brent Fulgham. Tests: fast/loader/remove-iframe-during-history-navigation-different.html fast/loader/remove-iframe-during-history-navigation-same.html fast/loader/stateobjects/popstate-is-asynchronous.html * dom/Document.cpp: (WebCore::Document::enqueuePopstateEvent): Use enqueueWindowEvent(). 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192316. 2015-11-10 Jon Honeycutt <jhoneycutt@apple.com> Crash loading Blink layout test fast/parser/strip-script-attrs-on-input.html https://bugs.webkit.org/show_bug.cgi?id=150201 <rdar://problem/23136478> Reviewed by Brent Fulgham. Test: fast/parser/strip-script-attrs-on-input.html * html/parser/HTMLTreeBuilder.cpp: (WebCore::HTMLTreeBuilder::processStartTagForInBody): Get the attribute after calling HTMLConstructionSite::insertSelfClosingHTMLElement(), as this may mutate the token's attributes. 2015-12-08 Babak Shafiei <bshafiei@apple.com> Merge r192281. 2015-11-10 Brent Fulgham <bfulgham@apple.com> Crash running webaudio/panner-loop.html https://bugs.webkit.org/show_bug.cgi?id=150200 <rdar://problem/23136282> Reviewed by Jer Noble. Test: webaudio/panner-loop.html This is based on the changes in Blink r164822: https://codereview.chromium.org/130003002 Avoid infinitely recursing on audio nodes by keeping track of which nodes we've already visited. * Modules/webaudio/PannerNode.cpp: (WebCore::PannerNode::pullInputs): Pass set of visited nodes so we don't revisit nodes we've already serviced. (WebCore::PannerNode::notifyAudioSourcesConnectedToNode): Accept visitedNodes argument so we can avoid revisiting nodes. Check if the current node has already been visited before processing it. * Modules/webaudio/PannerNode.h: 2015-12-02 Myles C. Maxfield <mmaxfield@apple.com> Unify font-variant-* with font-variant shorthand https://bugs.webkit.org/show_bug.cgi?id=149773 Reviewed by Darin Adler. This patch makes font-variant a shorthand for the following properties: font-variant-ligatures font-variant-position font-variant-caps font-variant-numeric font-variant-alternates font-variant-east-asian This is consistent with the CSS Fonts Level 3 spec. This patch also migrates the "font" longhand to use the font-variant-caps property. Test: fast/text/font-variant-shorthand.html * css/CSSComputedStyleDeclaration.cpp: (WebCore::fontVariantEastAsianPropertyValue): Rename FontVariantEastAsian values. (WebCore::fontVariantFromStyle): We must consult with the longhand properties to determine font-variant computed style. (WebCore::ComputedStyleExtractor::propertyValue): Don't put any-old font-variant-caps inside the font shorthand. * css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::addFontFaceRule): Guard against incorrect downcasts (due to inherit of the new shorthand property). * css/CSSParser.cpp: Parse font-variant as a shorthand. Also implement its "normal" and "none" values. (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseFont): (WebCore::CSSParser::parseSystemFont): (WebCore::CSSParser::parseFontVariantLigatures): (WebCore::CSSParser::parseFontVariantNumeric): (WebCore::CSSParser::parseFontVariantEastAsian): (WebCore::CSSParser::parseFontVariant): (WebCore::isValidKeywordPropertyAndValue): Deleted. (WebCore::isKeywordPropertyID): Deleted. * css/CSSParser.h: * css/CSSPropertyNames.in: Turn font-variant into a shorthand property. * css/FontVariantBuilder.h: Guard against incorrect downcasts. Also update for renamed FontVariantEastAsian type. (WebCore::applyValueFontVariantLigatures): (WebCore::applyValueFontVariantNumeric): (WebCore::applyValueFontVariantEastAsian): * css/StyleProperties.cpp: Update to use the more specific property. (WebCore::StyleProperties::appendFontLonghandValueIfExplicit): (WebCore::StyleProperties::fontValue): (WebCore::StyleProperties::asText): * css/StyleResolver.cpp: Ditto. (WebCore::StyleResolver::isValidCueStyleProperty): * editing/EditingStyle.cpp: Ditto. * editing/cocoa/HTMLConverter.mm: Ditto. (HTMLConverterCaches::propertyValueForNode): (HTMLConverter::computedAttributesForElement): * editing/ios/EditorIOS.mm: Ditto. (WebCore::Editor::removeUnchangeableStyles): * html/canvas/CanvasRenderingContext2D.cpp: Ditto. (WebCore::CanvasRenderingContext2D::font): (WebCore::CanvasRenderingContext2D::setFont): * platform/graphics/FontCache.h: Removing duplicate cache key value. (WebCore::FontDescriptionKey::makeFlagsKey): * platform/graphics/FontCascade.cpp: Migrate to the new font-variant-caps from the old member variable. (WebCore::FontCascade::glyphDataForCharacter): * platform/graphics/FontCascade.h: Ditto. (WebCore::FontCascade::isSmallCaps): * platform/graphics/FontDescription.cpp: Ditto. (WebCore::FontDescription::FontDescription): * platform/graphics/FontDescription.h: Ditto. (WebCore::FontCascadeDescription::equalForTextAutoSizing): (WebCore::FontDescription::smallCaps): Deleted. (WebCore::FontDescription::setSmallCaps): Deleted. (WebCore::FontDescription::setIsSmallCaps): Deleted. (WebCore::FontDescription::operator==): Deleted. * platform/graphics/cocoa/FontCacheCoreText.cpp: Rename FontVariantEastAsianWidth. (WebCore::computeFeatureSettingsFromVariants): * platform/text/TextFlags.h: Ditto. (WebCore::FontVariantSettings::operator==): * rendering/RenderText.cpp: Migrage to the new font-variant-caps from the old member variable. (WebCore::RenderText::widthFromCache): 2015-11-22 Myles C. Maxfield <mmaxfield@apple.com> Font selection should not consult font-variant property https://bugs.webkit.org/show_bug.cgi?id=151537 Reviewed by Simon Fraser. In section 4.7 of the CSS Fonts Level 3 spec, it says "[The font-variant and font-feature-settings] do not affect font selection." All the other browsers (Chrome, Firefox, and Edge) all obey the spec here. We are the only one who misbehaves. This patch aligns our behavior with the other browsers. Test: fast/text/font-selection-font-variant.html * css/CSSFontSelector.cpp: (WebCore::computeTraitsMask): Deleted. (WebCore::compareFontFaces): Deleted. (WebCore::CSSFontSelector::getFontFace): Deleted. * css/CSSParser.cpp: (WebCore::isValidKeywordPropertyAndValue): (WebCore::isKeywordPropertyID): (WebCore::CSSParser::createFontFaceRule): (WebCore::CSSParser::CSSParser): Deleted. (WebCore::CSSParser::parseValue): Deleted. (WebCore::CSSParser::parseDeclaration): Deleted. (WebCore::CSSParser::clearProperties): Deleted. (WebCore::CSSParser::parseFontVariant): Deleted. (WebCore::CSSParser::createStyleRule): Deleted. (WebCore::CSSParser::deleteFontFaceOnlyValues): Deleted. * css/CSSParser.h: * platform/graphics/FontDescription.cpp: (WebCore::FontDescription::traitsMask): Deleted. * platform/graphics/win/FontCacheWin.cpp: (WebCore::traitsInFamilyEnumProc): * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::toTraitsMask): * platform/text/TextFlags.h: 2015-10-18 Myles C. Maxfield <mmaxfield@apple.com> Stop honoring the user default "WebKitKerningAndLigaturesEnabledByDefault" https://bugs.webkit.org/show_bug.cgi?id=150287 Reviewed by Simon Fraser. This user default is currently on by default. Therefore, by setting the user default, users can only disable kerning / ligatures (rather than enable it). There are a few reasons why we should stop honoring it: 1. In the brave new world of font-feature-settings and font-variant-ligatures, there are many different kinds of ligatures which may be enabled at will. The simplistic statement of "turn on ligatures" no longer has any meaning. 2. If a user wants to disable kerning / ligatures, he/she can do it with a user stylesheet. 3. The default isn't able to be tested with DumpRenderTree or WebKitTestRunner. 4. I have never heard of anyone actually using this user default. * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::setDefaultKerning): Deleted. (WebCore::FontCascade::setDefaultLigatures): Deleted. * platform/graphics/FontCascade.h: (WebCore::FontCascade::advancedTextRenderingMode): 2015-10-17 Myles C. Maxfield <mmaxfield@apple.com> Delete FontPlatformData::allowsLigatures() https://bugs.webkit.org/show_bug.cgi?id=150286 Reviewed by Dan Bernstein. This function is only used to force ligatures on for complex fonts (where "complex" means "does not support the letter 'a'"). However, ligatures are turned on for all fonts by default, which means that this function is unnecessary. Required ligatures, such as those which make these complex scripts legible, are always enabled, no matter what. Test: fast/text/required-ligatures.html * platform/graphics/FontPlatformData.h: * platform/graphics/cocoa/FontPlatformDataCocoa.mm: (WebCore::FontPlatformData::allowsLigatures): Deleted. * platform/graphics/mac/SimpleFontDataCoreText.cpp: (WebCore::Font::getCFStringAttributes): 2015-10-12 Myles C. Maxfield <mmaxfield@apple.com> Test font-variant-* and font-feature-settings on Yosemite and Mavericks https://bugs.webkit.org/show_bug.cgi?id=149778 Reviewed by Simon Fraser. We can simply call the function which enables features on Yosemite and Mavericks. * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::platformFontLookupWithFamily): (WebCore::fontWithFamily): 2015-11-12 Csaba Osztrogonác <ossy@webkit.org> Fix build failure due to missing forward declaration of FontVariantSettings after r191968 https://bugs.webkit.org/show_bug.cgi?id=151185 Reviewed by Myles C. Maxfield. * css/CSSFontFaceSource.h: 2015-11-03 Myles C. Maxfield <mmaxfield@apple.com> font-variant-* properties in @font-face declarations should be honored https://bugs.webkit.org/show_bug.cgi?id=149771 Reviewed by Simon Fraser. According to the CSS Fonts Level 3 spec, web authors are allowed to put font-feature-settings / font-variant-* inside @font-face blocks. These properties are supposed to be applied at a specific time during the font selection algorithm. This patch gives a FontFeatureSettings object and a FontVariantSettings object to CSSFontFace, and moves common parsing logic from StyleBuilderCustom to a shared location. Then, once the two properties are parsed from the @font-face block, the relevant data structures are passed down into the font selection algorithm. This algorithm then consults with these values at the correct time (inside preparePlatformFont()). Tests: css3/font-feature-settings-font-face-rendering.html css3/font-variant-font-face-all.html css3/font-variant-font-face-override.html * WebCore.xcodeproj/project.pbxproj: Add a header for the common location of parsing font-variant-ligatures, font-variant-numeric, and font-variant-east-asian. * css/CSSFontFace.cpp: (WebCore::CSSFontFace::font): Pass the relevant data structures into the font selection algorithm. * css/CSSFontFace.h: Add FontFeatureSettings and FontVariantSettings member variables. (WebCore::CSSFontFace::insertFeature): (WebCore::CSSFontFace::setVariantCommonLigatures): (WebCore::CSSFontFace::setVariantDiscretionaryLigatures): (WebCore::CSSFontFace::setVariantHistoricalLigatures): (WebCore::CSSFontFace::setVariantContextualAlternates): (WebCore::CSSFontFace::setVariantPosition): (WebCore::CSSFontFace::setVariantCaps): (WebCore::CSSFontFace::setVariantNumericFigure): (WebCore::CSSFontFace::setVariantNumericSpacing): (WebCore::CSSFontFace::setVariantNumericFraction): (WebCore::CSSFontFace::setVariantNumericOrdinal): (WebCore::CSSFontFace::setVariantNumericSlashedZero): (WebCore::CSSFontFace::setVariantAlternates): (WebCore::CSSFontFace::setVariantEastAsianVariant): (WebCore::CSSFontFace::setVariantEastAsianWidth): (WebCore::CSSFontFace::setVariantEastAsianRuby): * css/CSSFontFaceSource.cpp: (WebCore::CSSFontFaceSource::font): Pass the relevant data structures into the font selection algorithm. * css/CSSFontFaceSource.h: Ditto. * css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::addFontFaceRule): Call the shared parsing logic to populate the FontFeatureSettings and FontVariantSettings members. * css/FontVariantBuilder.h: Added. Destination for shared parsing logic. (WebCore::applyValueFontVariantLigatures): (WebCore::applyValueFontVariantNumeric): (WebCore::applyValueFontVariantEastAsian): * css/StyleBuilderCustom.h: Source for shared parsing logic. (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures): (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric): (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian): * loader/cache/CachedFont.cpp: Pass the relevant data structures into the font selection algorithm. (WebCore::CachedFont::createFont): (WebCore::CachedFont::platformDataFromCustomData): * loader/cache/CachedFont.h: Ditto. * loader/cache/CachedSVGFont.cpp: Ditto. (WebCore::CachedSVGFont::createFont): (WebCore::CachedSVGFont::platformDataFromCustomData): * loader/cache/CachedSVGFont.h: Ditto. * platform/graphics/FontCache.h: Ditto. * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::codePath): Adjust comment. * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::preparePlatformFont): Consult with the newly parsed values. (WebCore::fontWithFamily): Pass the relevant data structures into the font selection algorithm. (WebCore::FontCache::systemFallbackForCharacters): Ditto. * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): Ditto. * platform/graphics/mac/FontCustomPlatformData.h: Ditto. 2015-10-19 Myles C. Maxfield <mmaxfield@apple.com> FontCascade::typesettingFeatures() is not privy to font-variant-* nor font-feature-settings https://bugs.webkit.org/show_bug.cgi?id=149775 Reviewed by Darin Adler. This patch has two pieces: We used to have a boolean, enableLigatures, which affected how we perform shaping in both our simple and complex text codepaths. However, in this brave new world of font-feature-settings and font-variant-*, there are many properties which may affect shaping (and multiple kinds of ligatures). This patch renames this boolean to requiresShaping, and teaches it about all the various properties which affect text shaping. Similarly, one of the places which used this enableLigatures boolean was to tell CoreText if it should disable ligatures. However, we now have much finer-grained control over ligatures during font creation. This patch moves the responsibility of dictating which font features should be enabled entirely to the Font. Therefore, getCFStringAttributes() doesn't know anything about ligatures anymore; the logic inside font creation is used instead. An added benefit of moving all the font feature logic to one place is that we can implement the feature resolution algorithm described in the CSS3 fonts spec. This patch adds a test to makes sure that text-rendering, font-feature-settings, and font-variant-* play together nicely. Test: fast/text/multiple-feature-properties.html * platform/graphics/Font.cpp: (WebCore::Font::applyTransforms): * platform/graphics/Font.h: * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::FontCascade): (WebCore::FontCascade::operator=): (WebCore::FontCascade::update): (WebCore::FontCascade::drawText): (WebCore::FontCascade::drawEmphasisMarks): (WebCore::FontCascade::width): (WebCore::FontCascade::adjustSelectionRectForText): (WebCore::FontCascade::offsetForPosition): (WebCore::FontCascade::codePath): (WebCore::FontCascade::floatWidthForSimpleText): * platform/graphics/FontCascade.h: (WebCore::FontCascade::requiresShaping): (WebCore::FontCascade::computeRequiresShaping): (WebCore::FontCascade::enableLigatures): Deleted. (WebCore::FontCascade::computeEnableLigatures): Deleted. * platform/graphics/WidthIterator.cpp: (WebCore::WidthIterator::WidthIterator): (WebCore::WidthIterator::applyFontTransforms): * platform/graphics/WidthIterator.h: * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::preparePlatformFont): * platform/graphics/cocoa/FontCocoa.mm: (WebCore::Font::canRenderCombiningCharacterSequence): * platform/graphics/mac/ComplexTextControllerCoreText.mm: (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): * platform/graphics/mac/SimpleFontDataCoreText.cpp: (WebCore::Font::getCFStringAttributes): * svg/SVGFontData.h: 2015-10-13 Myles C. Maxfield <mmaxfield@apple.com> Split TypesettingFeatures into kerning and ligatures bools https://bugs.webkit.org/show_bug.cgi?id=150074 Reviewed by Simon Fraser. Our TypesettingFeatures type represents whether kerning or ligatures are enabled when laying out text. However, now that I have implemented font-feature-settings and font-variant-*, this type is wildly inadequate. There are now multiple kinds of ligatures, and many other features which are neither kerning nor ligatures. Adding tons of information to this type doesn't make sense because 1) We already have a FontVariantSettings struct which contains this information, and 2) None of the users of TypesettingFeatures care about most of these new features. In this new world of font features, the font-kerning property isn't changing. Therefore, all the code which relies only on the Kerning value in TypesettingFeatures doesn't need to change. The places which rely on Ligatures, however, need to be updated to understand that there are many different kinds of ligatures. Indeed, after inspection, all of the places which inspect ligatures are more interested in a high-level concept of whether or not we can trust some simple computation. Therefore, we really have two things we care about: Kerning, and this high-level concept. This patch is the second step to update our view of the world to include font-feature-settings and font-variant-*. In particular, this patch simply splits TypesettingFeatures into two Booleans, one for Kerning, and one for Ligatures (which has no behavior change). Then, once they are separated, I can migrate the Ligatures Boolean to take on its new meaning. This change is purely mechanical. No new tests because there is no behavior change. * WebCore.xcodeproj/project.pbxproj: * css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::operator FontCascadeDescription::Kerning): * platform/graphics/Font.cpp: (WebCore::Font::applyTransforms): * platform/graphics/Font.h: * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::FontCascade): (WebCore::FontCascade::operator=): (WebCore::FontCascade::update): (WebCore::FontCascade::drawText): (WebCore::FontCascade::drawEmphasisMarks): (WebCore::FontCascade::width): (WebCore::FontCascade::adjustSelectionRectForText): (WebCore::FontCascade::offsetForPosition): (WebCore::FontCascade::setDefaultKerning): (WebCore::FontCascade::setDefaultLigatures): (WebCore::FontCascade::codePath): (WebCore::FontCascade::floatWidthForSimpleText): (WebCore::FontCascade::setDefaultTypesettingFeatures): Deleted. (WebCore::FontCascade::defaultTypesettingFeatures): Deleted. * platform/graphics/FontCascade.h: (WebCore::FontCascade::enableKerning): (WebCore::FontCascade::enableLigatures): (WebCore::FontCascade::computeEnableKerning): (WebCore::FontCascade::computeEnableLigatures): (WebCore::FontCascade::typesettingFeatures): Deleted. (WebCore::FontCascade::computeTypesettingFeatures): Deleted. * platform/graphics/FontDescription.cpp: (WebCore::FontCascadeDescription::FontCascadeDescription): * platform/graphics/FontDescription.h: (WebCore::FontCascadeDescription::setKerning): (WebCore::FontCascadeDescription::initialKerning): * platform/graphics/TypesettingFeatures.h: Removed. * platform/graphics/WidthIterator.cpp: (WebCore::WidthIterator::WidthIterator): (WebCore::WidthIterator::applyFontTransforms): (WebCore::WidthIterator::advanceInternal): * platform/graphics/WidthIterator.h: * platform/graphics/cocoa/FontCocoa.mm: (WebCore::Font::canRenderCombiningCharacterSequence): * platform/graphics/mac/ComplexTextControllerCoreText.mm: (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): * platform/graphics/mac/SimpleFontDataCoreText.cpp: (WebCore::Font::getCFStringAttributes): * rendering/RenderBlockLineLayout.cpp: (WebCore::setLogicalWidthForTextRun): * rendering/line/BreakingContext.h: (WebCore::WordTrailingSpace::width): * svg/SVGFontData.h: 2015-12-07 Matthew Hanson <matthew_hanson@apple.com> Build fix. * platform/graphics/ios/FontCacheIOS.mm: (WebCore::FontCache::createFontPlatformData): Pass two nullptrs to match function signature. 2015-12-07 David Kilzer <ddkilzer@apple.com> Merge r193635. rdar://problem/23785592 2015-12-07 Chris Dumez <cdumez@apple.com> Crash in MemoryCache::pruneDeadResourcesToSize() https://bugs.webkit.org/show_bug.cgi?id=151833 <rdar://problem/22392235> Reviewed by David Kilzer. MemoryCache::pruneDeadResourcesToSize() is iterating over m_allResources (which is a vector of LRUList). It first destroys decoded data for each resource in the LRUList. Then, if it does not suffice to reach the target size, and starts actually removing resources from the cache. The issue is that this code alters m_allResources (and its LRULists) as it is iterating over it. We tried to deal with this in various ways: 1. Increment the iterator before removing the resource pointed by the iterator. 2. Protect the next resource in the LRUList and abort early if it is no longer in the cache. This adds code complexity and apparently does not correctly handle all the edge cases as we still see crashes in this code. In particular, I suspect that 2. may not be sufficient if it is possible for the next resource to be moved to another LRUList (in which case, next->inCache() would still return true but the iterator would however become invalid). To make the code simpler and more robust, this patch copies the LRUList (and refs the CachedResources) before iterating over it. This is a lot safer and should hopefully fix the crashes we see in this function. No new tests, no reproduction case. * loader/cache/MemoryCache.cpp: (WebCore::MemoryCache::pruneDeadResourcesToSize): 2015-12-06 Babak Shafiei <bshafiei@apple.com> Merge r193599. 2015-12-06 David Kilzer <ddkilzer@apple.com> REGRESSION (r193575): variantSettings is unused when PLATFORM_FONT_LOOKUP is disabled <rdar://problem/23769741> * platform/graphics/mac/FontCacheMac.mm: (WebCore::fontWithFamily): Mark variantSettings as ununsed when PLATFORM_FONT_LOOKUP is disabled. 2015-12-06 Babak Shafiei <bshafiei@apple.com> Merge r188114. rdar://problem/23221171 2015-08-06 Myles C. Maxfield <mmaxfield@apple.com> CSSSegmentedFontFace::fontRanges() does not handle duplicate fonts correctly https://bugs.webkit.org/show_bug.cgi?id=147765 Reviewed by Filip Pizlo. CSSSegmentedFontFace::fontRanges() was trying to hash on FontDescriptors by picking a few specific pieces of data out of the FontDescriptor, computing a hash on it, and using that unsigned as a key in a HashMap. This has two problems: it doesn't handle equality correctly, as hash collisions cannot depend on an equality operator to dedup, and it doesn't hash on all the members of a FontDescription. Instead, this HashMap should use FontDescriptionKey, which represents a FontDescription, and is designed exactly for the purpose of being used as a key in a HashMap. No new tests because there is no behavior change (because a problem occurs when two different FontDescriptions hash to the same value, which is rare). * css/CSSSegmentedFontFace.cpp: (WebCore::CSSSegmentedFontFace::fontRanges): * css/CSSSegmentedFontFace.h: * platform/graphics/FontCache.h: (WebCore::FontDescriptionKeyHash::hash): (WebCore::FontDescriptionKeyHash::equal): 2015-12-06 Matthew Hanson <matthew_hanson@apple.com> Merge r190895. rdar://problem/23769765 2015-10-12 Myles C. Maxfield <mmaxfield@apple.com> [Font Features] Tiny cleanup regarding FontCascade::typesettingFeatures() https://bugs.webkit.org/show_bug.cgi?id=150051 Reviewed by Simon Fraser. There are no typesetting features which aren't kerning nor ligatures. No new tests because there is no behavior difference. * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::codePath): * platform/graphics/WidthIterator.h: (WebCore::WidthIterator::supportsTypesettingFeatures): Deleted. 2015-12-06 Matthew Hanson <matthew_hanson@apple.com> Merge r190999. rdar://problem/23770070 2015-10-13 Myles C. Maxfield <mmaxfield@apple.com> Unprefix font-kerning https://bugs.webkit.org/show_bug.cgi?id=150080 Reviewed by Sam Weinig. This is the last property in CSS3 Fonts which is prefixed. Test: fast/text/font-kerning.html * css/CSSPropertyNames.in: 2015-12-06 Matthew Hanson <matthew_hanson@apple.com> Merge r190402. rdar://problem/23769689 2015-10-01 Csaba Osztrogonác <ossy@webkit.org> Fix the ARM build after r190192 https://bugs.webkit.org/show_bug.cgi?id=149620 Reviewed by Darin Adler. * platform/graphics/FontFeatureSettings.h: (WebCore::fontFeatureTag): 2015-12-06 Matthew Hanson <matthew_hanson@apple.com> Merge r193575. rdar://problem/23769689 2015-09-23 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] [Font Features] Implement font-variant-* https://bugs.webkit.org/show_bug.cgi?id=148413 Reviewed by Darin Adler. This patch is the first pass of implementing of the font-variant-* properties. Specifically, these properties are: font-variant-ligatures font-variant-position font-variant-caps font-variant-numeric font-variant-alternates font-variant-east-asian These new properties are held inside FontDescription as bit fields. At font creation time, we consult with the FontDescription to figure out which variants are specified. We then convert those variants to font features, and resolve these font features with the additional features specified by font-feature-settings (as the spec requires). This patch also makes our caches sensitive to these new properties of FontDescription so we don't look up cached, stale fonts. The implementation has some caveats, however. They are listed here: 1. These new properties need to interact correctly with @font-face declarations. In particular, only certain properties of the FontDescription should be considered when detecting if a @font-face declaration applies to a particular element. This discrimination does not happen correctly. In addition, any feature-specific CSS properties inside the @font-face declaration need to be consulted at a particular point during the feature resolve. This does not currently occur. 2. One of the properties, font-variant-alternates, has a few values which require custom CSS functions, which makes modeling the properties as bit fields tricky. These extra values need to be implemented. This patch implements all the values which do not require extra CSS features. 3. These new properties have a shorthand, font-variant, which is designed to be backward- compatible with CSS 2.1's concept of font-variant. In particular, CSS 2.1 allows you to use "normal" and "small-caps" with font-variant. Both of these values are values of the new property font-variant-caps. However, our existing implementation of small-caps does not use font features when they exist; instead, it simply draws text at a smaller font size and uses (effectively) text-transform to force capital letters. This implementation needs to be unified with the new font-variant-caps property so that we can expand font-variant to be a shorthand for the new properties. 4. font-variant-position and font-variant-caps should provide appropriate synthesis if no matching font-feature exists. 5. FontCascade::typesettingFeatures() is now no-longer accurate. Fixing this would be large enough to warrant its own patch. 6. These properties are not tested with TrueType fonts. Tests: css3/font-variant-all-webfont.html css3/font-variant-parsing.html * css/CSSComputedStyleDeclaration.cpp: Reconstruct StyleProperties from a RenderStyle. (WebCore::appendLigaturesValue): (WebCore::fontVariantLigaturesPropertyValue): (WebCore::fontVariantPositionPropertyValue): (WebCore::fontVariantCapsPropertyValue): (WebCore::fontVariantNumericPropertyValue): (WebCore::fontVariantAlternatesPropertyValue): (WebCore::fontVariantEastAsianPropertyValue): (WebCore::ComputedStyleExtractor::propertyValue): * css/CSSFontFeatureValue.cpp: Update to FontFeatureTag instead of WTF::String. (WebCore::CSSFontFeatureValue::CSSFontFeatureValue): (WebCore::CSSFontFeatureValue::customCSSText): * css/CSSFontFeatureValue.h: Ditto. (WebCore::CSSFontFeatureValue::create): (WebCore::CSSFontFeatureValue::tag): * css/CSSParser.cpp: Parse the new properties according to the CSS3 fonts spec. (WebCore::isValidKeywordPropertyAndValue): (WebCore::isKeywordPropertyID): (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseFontFeatureTag): (WebCore::CSSParser::parseFontVariantLigatures): (WebCore::CSSParser::parseFontVariantNumeric): (WebCore::CSSParser::parseFontVariantEastAsian): * css/CSSParser.h: * css/CSSPrimitiveValueMappings.h: For the three properties which are simple keyword value properties, implement casting operators to automatically convert between RenderStyle objects and CSS property objects. (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::operator FontVariantPosition): (WebCore::CSSPrimitiveValue::operator FontVariantCaps): (WebCore::CSSPrimitiveValue::operator FontVariantAlternates): * css/CSSPropertyNames.in: New properties. * css/CSSValueKeywords.in: New values. * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertFontFeatureSettings): Update to not use RefPtrs. * css/StyleBuilderCustom.h: Properties which are not simple keyword value properties are decomposed into multiple members of FontDescription. These properties exist to convert between these aggregate members and the CSS properties. (WebCore::StyleBuilderCustom::applyInheritFontVariantLigatures): (WebCore::StyleBuilderCustom::applyInitialFontVariantLigatures): (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures): (WebCore::StyleBuilderCustom::applyInheritFontVariantNumeric): (WebCore::StyleBuilderCustom::applyInitialFontVariantNumeric): (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric): (WebCore::StyleBuilderCustom::applyInheritFontVariantEastAsian): (WebCore::StyleBuilderCustom::applyInitialFontVariantEastAsian): (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian): (WebCore::StyleBuilderCustom::applyInitialWebkitFontVariantLigatures): Deleted. (WebCore::StyleBuilderCustom::applyInheritWebkitFontVariantLigatures): Deleted. (WebCore::StyleBuilderCustom::applyValueWebkitFontVariantLigatures): Deleted. * editing/cocoa/HTMLConverter.mm: (HTMLConverter::computedAttributesForElement): Unprefix font-variant-ligatures. * platform/graphics/FontCache.h: Update cache to be sensitive to new state in FontDescription. (WebCore::FontDescriptionKey::FontDescriptionKey): (WebCore::FontDescriptionKey::operator==): (WebCore::FontDescriptionKey::computeHash): (WebCore::FontDescriptionKey::makeFlagsKey): (WebCore::FontDescriptionKey::makeFlagKey): Deleted. * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::codePath): These new variants should trigger the complex text codepath. * platform/graphics/FontCascade.h: (WebCore::FontCascade::computeTypesettingFeatures): Update to use new state enum. * platform/graphics/FontDescription.cpp: Add state to hold new property values. (WebCore::FontDescription::FontDescription): (WebCore::FontCascadeDescription::FontCascadeDescription): Deleted. * platform/graphics/FontDescription.h: Add state to hold new property values. (WebCore::FontDescription::featureSettings): (WebCore::FontDescription::variantCommonLigatures): (WebCore::FontDescription::variantDiscretionaryLigatures): (WebCore::FontDescription::variantHistoricalLigatures): (WebCore::FontDescription::variantContextualAlternates): (WebCore::FontDescription::variantPosition): (WebCore::FontDescription::variantCaps): (WebCore::FontDescription::variantNumericFigure): (WebCore::FontDescription::variantNumericSpacing): (WebCore::FontDescription::variantNumericFraction): (WebCore::FontDescription::variantNumericOrdinal): (WebCore::FontDescription::variantNumericSlashedZero): (WebCore::FontDescription::variantAlternates): (WebCore::FontDescription::variantEastAsianVariant): (WebCore::FontDescription::variantEastAsianWidth): (WebCore::FontDescription::variantEastAsianRuby): (WebCore::FontDescription::variantSettings): (WebCore::FontDescription::setFeatureSettings): (WebCore::FontDescription::setVariantCommonLigatures): (WebCore::FontDescription::setVariantDiscretionaryLigatures): (WebCore::FontDescription::setVariantHistoricalLigatures): (WebCore::FontDescription::setVariantContextualAlternates): (WebCore::FontDescription::setVariantPosition): (WebCore::FontDescription::setVariantCaps): (WebCore::FontDescription::setVariantNumericFigure): (WebCore::FontDescription::setVariantNumericSpacing): (WebCore::FontDescription::setVariantNumericFraction): (WebCore::FontDescription::setVariantNumericOrdinal): (WebCore::FontDescription::setVariantNumericSlashedZero): (WebCore::FontDescription::setVariantAlternates): (WebCore::FontDescription::setVariantEastAsianVariant): (WebCore::FontDescription::setVariantEastAsianWidth): (WebCore::FontDescription::setVariantEastAsianRuby): (WebCore::FontDescription::operator==): (WebCore::FontCascadeDescription::initialVariantPosition): (WebCore::FontCascadeDescription::initialVariantCaps): (WebCore::FontCascadeDescription::initialVariantAlternates): (WebCore::FontCascadeDescription::commonLigaturesState): Deleted. (WebCore::FontCascadeDescription::discretionaryLigaturesState): Deleted. (WebCore::FontCascadeDescription::historicalLigaturesState): Deleted. (WebCore::FontCascadeDescription::setCommonLigaturesState): Deleted. (WebCore::FontCascadeDescription::setDiscretionaryLigaturesState): Deleted. (WebCore::FontCascadeDescription::setHistoricalLigaturesState): Deleted. (WebCore::FontCascadeDescription::operator==): Deleted. * platform/graphics/FontFeatureSettings.cpp: Update to use FontFeatureTag instead of WTF::String. (WebCore::FontFeature::FontFeature): (WebCore::FontFeature::operator==): (WebCore::FontFeature::operator<): (WebCore::FontFeatureSettings::hash): (WebCore::FontFeatureSettings::create): Deleted. * platform/graphics/FontFeatureSettings.h: Update to use FontFeatureTag instead of WTF::String. (WebCore::fontFeatureTag): (WebCore::FontFeatureTagHash::hash): (WebCore::FontFeatureTagHash::equal): (WebCore::FontFeatureTagHashTraits::constructDeletedValue): (WebCore::FontFeatureTagHashTraits::isDeletedValue): (WebCore::FontFeature::tag): (WebCore::FontFeatureSettings::operator==): (WebCore::FontFeatureSettings::begin): (WebCore::FontFeatureSettings::end): (WebCore::FontFeatureSettings::FontFeatureSettings): Deleted. * platform/graphics/cocoa/FontCacheCoreText.cpp: Ditto. Also, when computing font features, consult with the state inside FontDescription. (WebCore::tagEquals): (WebCore::appendTrueTypeFeature): (WebCore::appendOpenTypeFeature): (WebCore::computeFeatureSettingsFromVariants): (WebCore::preparePlatformFont): (WebCore::platformFontLookupWithFamily): (WebCore::fontWithFamily): (WebCore::FontCache::createFontPlatformData): (WebCore::FontCache::systemFallbackForCharacters): * platform/graphics/harfbuzz/HarfBuzzShaper.cpp: Update to use references instead of pointers. (WebCore::HarfBuzzShaper::setFontFeatures): * platform/graphics/mac/FontCacheMac.mm: (WebCore::platformFontWithFamily): Ditto. * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): Be sensitive to new state inside FontDescription. * platform/text/TextFlags.h: (WebCore::FontVariantSettings::isAllNormal): New state enums. * rendering/RenderThemeIOS.mm: (WebCore::RenderThemeIOS::updateCachedSystemFontDescription): Be sensitive to new state inside FontDescription. * rendering/line/BreakingContext.h: 2015-07-30 Myles C. Maxfield <mmaxfield@apple.com> Clean up makeFontCascadeCacheKey() https://bugs.webkit.org/show_bug.cgi?id=147430 Reviewed by Benjamin Poulain. FontDescriptionKey is designed to encapsulate all the cacheable properties of a FontDescription. However, a higher-level cache, FontCascadeCacheKey, was taking some values from FontDescriptions. The fact that there wasn't a bug before is just a happy coincidence. This patch moves those bits from the higher-level cache and puts them into FontDescriptionKey where they belong. No new tests because there is no behavior change. * platform/graphics/FontCache.h: (WebCore::FontDescriptionKey::makeFlagKey): * platform/graphics/FontCascade.cpp: (WebCore::operator==): (WebCore::makeFontSelectorFlags): Deleted. (WebCore::makeFontCascadeCacheKey): Deleted. (WebCore::computeFontCascadeCacheHash): Deleted. 2015-08-06 Myles C. Maxfield <mmaxfield@apple.com> Make FontDescriptionKey sensitive to FontFeatureSettings https://bugs.webkit.org/show_bug.cgi?id=147751 Reviewed by Anders Carlsson. Just like how FontDescription hashes should be sensitive to locale, they should also be sensitive to font features. This patch also fixes operator== for FontDescriptionKey, which was previously comparing hashes for equality instead of the underlying data. Comparing hashes for equality is useless inside hashmaps. This is in preparation for implementing font-feature-settings. No new tests because there is no behavior change. * platform/graphics/FontCache.cpp: (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey): (WebCore::FontPlatformDataCacheKey::isHashTableDeletedValue): (WebCore::FontPlatformDataCacheKey::hashTableDeletedSize): Deleted. * platform/graphics/FontCache.h: (WebCore::FontDescriptionKey::FontDescriptionKey): (WebCore::FontDescriptionKey::operator==): (WebCore::FontDescriptionKey::operator!=): (WebCore::FontDescriptionKey::isHashTableDeletedValue): (WebCore::FontDescriptionKey::computeHash): * platform/graphics/FontFeatureSettings.cpp: (WebCore::FontFeature::hash): (WebCore::FontFeatureSettings::hash): * platform/graphics/FontFeatureSettings.h: 2015-08-06 Myles C. Maxfield <mmaxfield@apple.com> Font feature settings comparisons are order-dependent and case-dependent https://bugs.webkit.org/show_bug.cgi?id=147719 Reviewed by Benjamin Poulain. We should make our settings vector order-independent and case-independent. Test: css3/font-feature-settings-parsing.html * css/CSSParser.cpp: (WebCore::CSSParser::parseFontFeatureTag): * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertFontFeatureSettings): * platform/graphics/FontFeatureSettings.cpp: (WebCore::FontFeature::FontFeature): (WebCore::FontFeature::operator==): (WebCore::FontFeatureSettings::FontFeatureSettings): * platform/graphics/FontFeatureSettings.h: (WebCore::FontFeature::FontFeature): (WebCore::FontFeature::operator==): (WebCore::FontFeature::operator<): (WebCore::FontFeatureSettings::insert): (WebCore::FontFeatureSettings::FontFeatureSettings): (WebCore::FontFeatureSettings::append): Deleted. 2015-08-11 Myles C. Maxfield <mmaxfield@apple.com> [font-features] Map OpenType feature tags to TrueType feature selectors https://bugs.webkit.org/show_bug.cgi?id=147819 Reviewed by Dean Jackson. Allow uses of font-feature-settings even on TrueType fonts. Test: css3/font-feature-settings-preinstalled-fonts.html * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::appendRawTrueTypeFeature): (WebCore::appendTrueTypeFeature): 2015-12-05 Dana Burkart <dburkart@apple.com> Merge r190564. rdar://problem/23769693 2015-10-05 Myles C. Maxfield <mmaxfield@apple.com> Unprefix -webkit-font-feature-settings https://bugs.webkit.org/show_bug.cgi?id=149722 Reviewed by Sam Weinig. * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::propertyValue): * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseFontFeatureSettings): * css/CSSPropertyNames.in: * css/CSSValueKeywords.in: * css/StyleBuilderCustom.h: (WebCore::StyleBuilderCustom::applyInitialFontFeatureSettings): (WebCore::StyleBuilderCustom::applyInheritFontFeatureSettings): (WebCore::StyleBuilderCustom::applyInitialWebkitFontFeatureSettings): Deleted. (WebCore::StyleBuilderCustom::applyInheritWebkitFontFeatureSettings): Deleted. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r192953. 2015-11-30 David Hyatt <hyatt@apple.com> Implement the picture element. https://bugs.webkit.org/show_bug.cgi?id=116963 Reviewed by Dean Jackson. Added fast/picture tests. * WebCore.xcodeproj/project.pbxproj: Add HTMLPictureElement.* to the project. * html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate): Remove the CURRENT_SRC ifdef. (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): New helper function that checks the <source> elements of a <picture> parent for the best match. (WebCore::HTMLImageElement::selectImageSource): Pull out the process of image selection into its own function so that this can be called from many places (to ensure that dynamic changes are reflected as elements get changed, added or removed). (WebCore::HTMLImageElement::parseAttribute): Call selectImageSource when attributes change. (WebCore::HTMLImageElement::insertedInto): If inserted into a picture element, make sure to update the source. * html/HTMLImageElement.h: (WebCore::HTMLImageElement::currentSrc): Remove the CURRENT_SRC ifdef. * html/HTMLImageElement.idl: Remove the CURRENT_SRC ifdef. * html/HTMLPictureElement.cpp: Added. (WebCore::HTMLPictureElement::HTMLPictureElement): (WebCore::HTMLPictureElement::create): (WebCore::HTMLPictureElement::sourcesChanged): * html/HTMLPictureElement.h: Added. The new picture element. Has a sourcesChanged() function that is invoked whenever anything about the <source> elements changes. * html/HTMLSourceElement.cpp: (WebCore::HTMLSourceElement::insertedInto): (WebCore::HTMLSourceElement::removedFrom): (WebCore::HTMLSourceElement::parseAttribute): Make sure to call sourcesChanged when new sources come and go or when attributes on source elements change. * html/HTMLSourceElement.h: Added parseAttribute function so we can see when attributes change that force us to do a dynamic update. * html/HTMLTagNames.in: Add the picture element. * html/parser/HTMLSrcsetParser.h: (WebCore::ImageCandidate::srcOrigin): (WebCore::ImageCandidate::isEmpty): Some helpers for picture parsing. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191252. 2015-10-17 David Hyatt <hyatt@apple.com> Implement the CSS4 'revert' keyword. https://bugs.webkit.org/show_bug.cgi?id=149702 Reviewed by Simon Fraser. Added new tests in fast/css and fast/css/variables. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: Add CSSRevertValue to the project and makefiles. * css/CSSParser.cpp: (WebCore::parseKeywordValue): Make sure to handle "revert" in the keyword parsing path (along with inherit/initial/unset). (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseCustomPropertyDeclaration): At the parser level, "revert" is just like inherit/initial/unset and gets its own special singleton value, CSSRevertValue. * css/CSSRevertValue.cpp: Added. (WebCore::CSSRevertValue::customCSSText): * css/CSSRevertValue.h: Added. (WebCore::CSSRevertValue::create): (WebCore::CSSRevertValue::equals): (WebCore::CSSRevertValue::CSSRevertValue): This value is identical to the inherit/initial/unset values, i.e., its own special value that can be used to indicate a revert when doing style resolution. * css/CSSValue.cpp: (WebCore::CSSValue::cssValueType): (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): * css/CSSValue.h: (WebCore::CSSValue::isInheritedValue): (WebCore::CSSValue::isInitialValue): (WebCore::CSSValue::isUnsetValue): (WebCore::CSSValue::isRevertValue): Add the RevertClass to CSSValue and make sure it is handled in all the appropriate methods. * css/CSSValueKeywords.in: Add the "revert" keyword to the list of allowed CSS keywords. * css/CSSValuePool.cpp: (WebCore::CSSValuePool::CSSValuePool): * css/CSSValuePool.h: (WebCore::CSSValuePool::createRevertValue): Add support for a CSSRevertValue singleton, just like inherit/unset/initial. * css/FontLoader.cpp: (WebCore::FontLoader::resolveFontStyle): Add "unset" and "revert" as special keywords to be ignored. This code seems to be turned off, but patching it anyway. * css/SelectorChecker.h: Add a MatchDefault value of 0 to the LinkMatchMask. This enables it to be used as an index to the correct value in Property (in the style resolution code). * css/StyleResolver.cpp: (WebCore::StyleResolver::State::initForStyleResolve): Delete any lingering old CascadedProperty rollbacks for UA/user rules. (WebCore::StyleResolver::styleForKeyframe): (WebCore::StyleResolver::styleForPage): (WebCore::StyleResolver::applyMatchedProperties): Pass along the MatchResult as an additional parameter, since we need it to lazily compute the cascade rollbacks if the "revert" keyword is encountered. (WebCore::StyleResolver::cascadedPropertiesForRollback): This method will lazily create and return a new CascadedProperties pointer that is cached in the StyleResolver's state. This will contain only UA rules (for user reverts) and UA/user rules (for author reverts). These will only be computed at most once for a given element when doing a reversion, and they will be computed lazily, i.e., only if a revert is requested. (WebCore::StyleResolver::applyProperty): Pass along the LinkMatchMask and the MatchResult to applyProperty. This way we know specifically which link type we were computing if we have to revert (so that we roll back and look at the same index in the reverted version). The MatchResult is passed along because it is needed to build the CascadedProperties rollbacks. The basic idea is that if a revert is encountered, the level that the rule came from is checked. If it is UA level, just treat as "unset." If it is author or user level, get the correct CascadedProperties rollback and repeat the applyProperty using the property found in the rollback. If the property is not present in the cascade rollback, then the revert becomes an unset. (WebCore::StyleResolver::CascadedProperties::hasCustomProperty): (WebCore::StyleResolver::CascadedProperties::customProperty): Helpers used by applyProperty to check on custom properties, since they can revert too just like a regular property can. (WebCore::StyleResolver::CascadedProperties::setPropertyInternal): (WebCore::StyleResolver::CascadedProperties::set): (WebCore::StyleResolver::CascadedProperties::setDeferred): Passing along the CascadeLevel (UA, User, Author) so that it can be stored in the Property. This way when we do property application, we always know where the rule came from so that the reversion can be handled properly. (WebCore::StyleResolver::CascadedProperties::addStyleProperties): (WebCore::cascadeLevelForIndex): (WebCore::StyleResolver::CascadedProperties::addMatches): When style properties are added, also figure out the CascadeLevel and pass it along to be stored in the Property. We use the MatchResult's ranges to know where a property comes from. (WebCore::StyleResolver::CascadedProperties::applyDeferredProperties): (WebCore::StyleResolver::CascadedProperties::Property::apply): (WebCore::StyleResolver::applyCascadedProperties): Pass along the MatchResult so we know how to build the rollback. * css/StyleResolver.h: (WebCore::StyleResolver::State::cascadeLevel): (WebCore::StyleResolver::State::setCascadeLevel): (WebCore::StyleResolver::State::authorRollback): (WebCore::StyleResolver::State::userRollback): (WebCore::StyleResolver::State::setAuthorRollback): (WebCore::StyleResolver::State::setUserRollback): (WebCore::StyleResolver::state): (WebCore::StyleResolver::cascadeLevel): (WebCore::StyleResolver::setCascadeLevel): Move CascadedProperties into the header. Add CascadeLevel to Property. Add the level and rollbacks to the resolver's state. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191201. 2015-10-16 David Hyatt <hyatt@apple.com> ASSERT in imported/blink/fast/block/float/overhanging-float-crashes-when-sibling-becomes-formatting-context.html https://bugs.webkit.org/show_bug.cgi?id=150249 Reviewed by Myles Maxfield. Covered by existing tests. * css/CSSValue.cpp: (WebCore::CSSValue::equals): Make sure the "unset" value has an equals implementation. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191178. 2015-10-16 David Hyatt <hyatt@apple.com> Implement the "all" CSS property. https://bugs.webkit.org/show_bug.cgi?id=116966 Reviewed by Zalan Bujtas. Added new tests in fast/css. * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::propertyValue): Don't support "all" from computed style for now. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): Make sure to bail after checking inherit/unset/initial for all, since you can't actually accept longhand values in the shorthand declarations. (WebCore::CSSParser::parseAnimationProperty): "all" for animations is a special value and should not be confused with the property. It animates everything and does not omit unicode-bidi/direction the way the "all" property does. * css/CSSPropertyNames.in: Add the "all" property to the list and use a special keyword in the Longhands value, "all", that makeprop.pl will look for. This way we don't have to dump every single CSS property into the Longhands expression, since that would be nuts. * css/StyleProperties.cpp: (WebCore::StyleProperties::getPropertyValue): Look for a common value across all properties supported by "all". That way you can get back inherit/initial/unset from it. * css/makeprop.pl: Make the perl script look for "all" in the longhand list, and if it sees it, put every single CSS property into the list for the all shorthand. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191151. 2015-10-15 David Hyatt <hyatt@apple.com> Add support for the CSS 'unset' keyword. https://bugs.webkit.org/show_bug.cgi?id=148614 Reviewed by Dean Jackson. Added new test in fast/css, and existing variables tests also use unset in several tests. * WebCore.xcodeproj/project.pbxproj: Add CSSUnsetValue.cpp to the project. * bindings/objc/DOMCSS.mm: (kitClass): Make sure UNSET is handled in the switch. * css/CSSParser.cpp: (WebCore::parseKeywordValue): (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseCustomPropertyDeclaration): Add cases to create a CSSUnsetValue properly. * css/CSSToStyleMap.cpp: (WebCore::CSSToStyleMap::styleImage): (WebCore::CSSToStyleMap::mapFillAttachment): (WebCore::CSSToStyleMap::mapFillClip): (WebCore::CSSToStyleMap::mapFillComposite): (WebCore::CSSToStyleMap::mapFillBlendMode): (WebCore::CSSToStyleMap::mapFillOrigin): (WebCore::CSSToStyleMap::mapFillImage): (WebCore::CSSToStyleMap::mapFillRepeatX): (WebCore::CSSToStyleMap::mapFillRepeatY): (WebCore::convertToLengthSize): (WebCore::CSSToStyleMap::mapFillSize): (WebCore::CSSToStyleMap::mapFillXPosition): (WebCore::CSSToStyleMap::mapFillYPosition): (WebCore::CSSToStyleMap::mapFillMaskSourceType): (WebCore::CSSToStyleMap::mapAnimationDelay): (WebCore::CSSToStyleMap::mapAnimationDirection): (WebCore::CSSToStyleMap::mapAnimationDuration): (WebCore::CSSToStyleMap::mapAnimationFillMode): (WebCore::CSSToStyleMap::mapAnimationIterationCount): (WebCore::CSSToStyleMap::mapAnimationName): (WebCore::CSSToStyleMap::mapAnimationPlayState): (WebCore::CSSToStyleMap::mapAnimationProperty): (WebCore::CSSToStyleMap::mapAnimationTimingFunction): (WebCore::CSSToStyleMap::mapAnimationTrigger): The background and animation functions need to check for unset and be able to map it properly to initial. This is done with a new treatAsInitial method on CSSValue that can take the property ID and check for both initial or unset on a non-inherited property. * css/CSSUnsetValue.cpp: Added. (WebCore::CSSUnsetValue::customCSSText): * css/CSSUnsetValue.h: Added. (WebCore::CSSUnsetValue::create): (WebCore::CSSUnsetValue::equals): (WebCore::CSSUnsetValue::CSSUnsetValue): This new value looks exactly like CSSInheritedValue and CSSInitialValue. * css/CSSValue.cpp: (WebCore::CSSValue::cssValueType): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): (WebCore::CSSValue::isInvalidCustomPropertyValue): (WebCore::CSSValue::treatAsInheritedValue): (WebCore::CSSValue::treatAsInitialValue): * css/CSSValue.h: (WebCore::CSSValue::isUnsetValue): Add isUnsetValue and the UnsetClass. Add support for treatAsInheritedValue and treatAsInitialValue to have a way to query for initial/inherit or the matching unset type. * css/CSSValueKeywords.in: Add the unset keyword. * css/CSSValuePool.cpp: (WebCore::CSSValuePool::CSSValuePool): * css/CSSValuePool.h: (WebCore::CSSValuePool::createUnsetValue): Have a singleton model for unset just like we do for inherit/initial. * css/StyleResolver.cpp: (WebCore::StyleResolver::applyProperty): Handle unset correctly. It maps to inherit for inherited properties and initial for non-inherited ones. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191825. 2015-10-30 Joseph Pecoraro <pecoraro@apple.com> CSSParserVariable leaks seen on leaks bots https://bugs.webkit.org/show_bug.cgi?id=150724 Reviewed by Darin Adler. * css/CSSParserValues.cpp: (WebCore::destroy): Cleanup variable CSSParserValues. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191128. 2015-10-14 David Hyatt <hyatt@apple.com> Implement CSS Variables. https://bugs.webkit.org/show_bug.cgi?id=19660 Reviewed by Dean Jackson. Added new tests in fast/css/custom-properties and fast/css/variables. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: Add CSSVariableValue.cpp and CSSVariableDependentValue.cpp to builds. * css/CSSCalculationValue.cpp: (WebCore::hasDoubleValue): Handle the new CSS_PARSER_WHITESPACE value. * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::customPropertyValue): Patched to make sure style is updated so that dynamic changes to custom properties are reflected immediately when querying values. (WebCore::CSSComputedStyleDeclaration::length): (WebCore::CSSComputedStyleDeclaration::item): The custom properties table is a reference and not a pointer now. * css/CSSCustomPropertyValue.h: (WebCore::CSSCustomPropertyValue::create): (WebCore::CSSCustomPropertyValue::createInvalid): (WebCore::CSSCustomPropertyValue::customCSSText): (WebCore::CSSCustomPropertyValue::equals): (WebCore::CSSCustomPropertyValue::isInvalid): (WebCore::CSSCustomPropertyValue::containsVariables): (WebCore::CSSCustomPropertyValue::value): (WebCore::CSSCustomPropertyValue::CSSCustomPropertyValue): The CSSCustomPropertyValue represents a custom property/value pair in the back end. It holds on to both the property name and a CSSValueList that has the original parser terms. This class also doubles as the invalid-at-compute-time value for custom properties when they contain cycles, etc. * css/CSSFunctionValue.cpp: (WebCore::CSSFunctionValue::buildParserValueSubstitutingVariables): * css/CSSFunctionValue.h: (WebCore::CSSFunctionValue::buildParserValueSubstitutingVariables): Hands back a CSSParserValue for a function with variables replaced with their real values (or fallback). * css/CSSGrammar.y.in: Many changes to support the var() syntax and to handle error conditions and cases. * css/CSSParser.cpp: (WebCore::filterProperties): Null check the value here. Shouldn't happen, but being paranoid. (WebCore::CSSParser::parseVariableDependentValue): This function converts a CSSValueList back into a CSSParserValueList and then passes it off to the parser. If the result parses, successfully, then the parsed CSSValue is handed back. (WebCore::CSSParser::parseValue): Detect when a property value contains variables and simply make a CSSVariableDependentValue to hold a copy of the parser value list (as a CSSValueList). We defer parsing the list until compute-time when we know the values of the variables to use. (WebCore::CSSParser::parseCustomPropertyDeclaration): Add support for inherit, initial and variable references in custom properties. (WebCore::CSSParser::detectFunctionTypeToken): Add support for detection of the "var" token. (WebCore::CSSParser::realLex): Fix the parsing of custom properties to allow "--" and to allow them to start with digits, e.g., "--0". * css/CSSParser.h: Add parseVariableDependentValue function for handling variable substitution and subsequent parsing of the resolved parser value list. * css/CSSParserValues.cpp: (WebCore::CSSParserValueList::containsVariables): Get rid of the toString() function (no longer needed) and replace it with containsVariables(). This check is used to figure out if a parser value list has variables and thus needs to defer parsing until later. (WebCore::CSSParserValue::createCSSValue): Add support for the creation of values for variables, CSSVariableValues. (WebCore::CSSParserValueList::toString): Deleted. No longer needed. * css/CSSParserValues.h: Add CSSParserVariable as a new kind of parser value. This represents a var() that is encountered during parsing. It is similar to a function except it has to hold both the reference (custom property name) and fallback arguments. * css/CSSPrimitiveValue.cpp: (WebCore::isValidCSSUnitTypeForDoubleConversion): (WebCore::CSSPrimitiveValue::cleanup): (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): (WebCore::CSSPrimitiveValue::cloneForCSSOM): (WebCore::CSSPrimitiveValue::equals): Add support for CSS_PARSER_WHITESPACE as a way of preserving whitespace as a parsed item (variables can be only whitespace, and this has to be retained). (WebCore::CSSPrimitiveValue::buildParserValue): Conversion from a CSSPrimitiveValue back into a parser value is handled by this function. * css/CSSPrimitiveValue.h: (WebCore::CSSPrimitiveValue::isParserOperator): (WebCore::CSSPrimitiveValue::parserOperator): Add ability to get parser operator info. Add the buildParserValue declaration. * css/CSSValue.cpp: (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): (WebCore::CSSValue::cloneForCSSOM): (WebCore::CSSValue::isInvalidCustomPropertyValue): * css/CSSValue.h: Add support for variable values and variable dependent values. * css/CSSValueList.cpp: (WebCore::CSSValueList::customCSSText): Improve serialization to not output extra spaces when a comma operator is a value. (WebCore::CSSValueList::containsVariables): Whether or not a CSSVariableValue can be found somewhere within the list (or its descendants). (WebCore::CSSValueList::checkVariablesForCycles): Called to check variables for cycles. (WebCore::CSSValueList::buildParserValueSubstitutingVariables): (WebCore::CSSValueList::buildParserValueListSubstitutingVariables): Functions that handle converting the value list to a parser value list while making variable substitutions along the way. * css/CSSValueList.h: Add the new buildParserXXX functions. * css/CSSVariableDependentValue.cpp: Added. (WebCore::CSSVariableDependentValue::checkVariablesForCycles): * css/CSSVariableDependentValue.h: Added. (WebCore::CSSVariableDependentValue::create): (WebCore::CSSVariableDependentValue::customCSSText): (WebCore::CSSVariableDependentValue::equals): (WebCore::CSSVariableDependentValue::propertyID): (WebCore::CSSVariableDependentValue::valueList): (WebCore::CSSVariableDependentValue::CSSVariableDependentValue): This value represents a list of terms that have not had variables substituted yet. The list is held by the value so that it can be converted back into a parser value list once the variable values are known. * css/CSSVariableValue.cpp: Added. (WebCore::CSSVariableValue::CSSVariableValue): (WebCore::CSSVariableValue::customCSSText): (WebCore::CSSVariableValue::equals): (WebCore::CSSVariableValue::buildParserValueListSubstitutingVariables): * css/CSSVariableValue.h: Added. (WebCore::CSSVariableValue::create): (WebCore::CSSVariableValue::name): (WebCore::CSSVariableValue::fallbackArguments): This value represents a var() itself. It knows how to do the substitution of the variable value and to apply fallback if that value is not present. * css/StyleProperties.cpp: (WebCore::StyleProperties::getPropertyValue): (WebCore::StyleProperties::borderSpacingValue): (WebCore::StyleProperties::getLayeredShorthandValue): (WebCore::StyleProperties::getShorthandValue): (WebCore::StyleProperties::getCommonValue): (WebCore::StyleProperties::getPropertyCSSValue): (WebCore::StyleProperties::getPropertyCSSValueInternal): (WebCore::StyleProperties::asText): (WebCore::StyleProperties::copyPropertiesInSet): * css/StyleProperties.h: Patched to factor property fetching into an internal method so that variables can work with shorthands in the CSS OM. * css/StyleResolver.cpp: (WebCore::StyleResolver::applyProperty): Resolve variable values at compute time. If they fail to resolve, use inherit or initial as the value (depending on whether the property inherits by default). (WebCore::StyleResolver::resolvedVariableValue): Helper function that calls parseVariableDependentValue and gets the resolved result. (WebCore::StyleResolver::applyCascadedProperties): After custom properties have been collected, we check for cycles and perform variable substitutions. This way we get all the variables replaced before we inherit down the style tree. * css/StyleResolver.h: Add resolvedVariableValue declaration. * css/makeprop.pl: Make sure custom properties are inherited by default. * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::checkVariablesInCustomProperties): This function handles updating variables with cycles to be invalid in the RenderStyle. It then also handles the replacement of variables found in custom properties with resolved values. All custom properties are either invalid or are real non-variable-dependent value lists after this function completes. * rendering/style/RenderStyle.h: Add checkVariablesInCustomProperties declaration. * rendering/style/StyleCustomPropertyData.h: (WebCore::StyleCustomPropertyData::create): (WebCore::StyleCustomPropertyData::copy): (WebCore::StyleCustomPropertyData::operator==): (WebCore::StyleCustomPropertyData::operator!=): (WebCore::StyleCustomPropertyData::setCustomPropertyValue): (WebCore::StyleCustomPropertyData::getCustomPropertyValue): (WebCore::StyleCustomPropertyData::values): (WebCore::StyleCustomPropertyData::hasCustomProperty): (WebCore::StyleCustomPropertyData::containsVariables): (WebCore::StyleCustomPropertyData::setContainsVariables): (WebCore::StyleCustomPropertyData::StyleCustomPropertyData): Miscellaneous cleanup, and the addition of whether or not the properties still contain variable dependent values that need to be resolved. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r190231. 2015-09-24 David Hyatt <hyatt@apple.com> Keep the already-parsed list of terms in custom property values so that we don't have to re-parse them later when doing variable resolution. https://bugs.webkit.org/show_bug.cgi?id=149544 Reviewed by Dean Jackson. * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::customPropertyValue): (WebCore::ComputedStyleExtractor::customPropertyText): Add a helper for getting the raw text. More closely parallels how non-custom properties work with the extractor. (WebCore::ComputedStyleExtractor::propertyValue): Change propertyValue to use customPropertyText. (WebCore::ComputedStyleExtractor::copyPropertiesInSet): Don't copy CSS custom properties into the style declaration. This is just used for things like editing, so we didn't need to be putting the custom properties into this set. (WebCore::CSSComputedStyleDeclaration::getPropertyValue): Patched to go straight to the serialized string value. (WebCore::ComputedStyleExtractor::customPropertyValue): Deleted. Replaced by customPropertyText. * css/CSSComputedStyleDeclaration.h: Rename customPropertyValue to customPropertyText and make it just return a String. * css/CSSCustomPropertyValue.h: (WebCore::CSSCustomPropertyValue::create): (WebCore::CSSCustomPropertyValue::customCSSText): (WebCore::CSSCustomPropertyValue::name): (WebCore::CSSCustomPropertyValue::equals): (WebCore::CSSCustomPropertyValue::CSSCustomPropertyValue): (WebCore::CSSCustomPropertyValue::value): Deleted. Changed to hold both a CSSParserValueList, which it adopts from the CSSParser, and a string value that is constructed lazily only if the value is serialized. Now the problematic serialization code will only run if someone uses the CSS OM to trigger a serialization (this should be a rare occurrence, so perf improves with this change). * css/CSSGrammar.y.in: Change parsing of custom properties to be identical to regular properties. This refactoring allows us to simply invoke the parser from style declarations as well and makes everything behave more similarly to normal property parsing. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseCustomPropertyValue): (WebCore::CSSParser::parseCustomPropertyDeclaration): (WebCore::CSSParser::addCustomPropertyDeclaration): Deleted. * css/CSSParser.h: (WebCore::CSSParser::setCustomPropertyName): We now have a method for parsing custom properties that can be invoked from style declarations. The parser list is now adopted by the CSSCustomPropertyValue. * css/CSSParserValues.cpp: (WebCore::CSSParserValueList::toString): Build the string serialization code right into CSSParserValueList. * css/CSSParserValues.h: Add a toString() method for serialization. * css/StyleProperties.cpp: (WebCore::MutableStyleProperties::setProperty): (WebCore::MutableStyleProperties::setCustomProperty): Changed to use the new CSSParser functions. This makes the code behave almost identically to regular property parsing. * css/StyleResolver.cpp: (WebCore::StyleResolver::applyProperty): * rendering/style/RenderStyle.h: * rendering/style/StyleCustomPropertyData.h: Change the mapping on RenderStyle to store the custom CSS values. This way we can get to the original parser lists for each variable when it comes time to do variable resolution. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r190209. 2015-09-24 David Hyatt <hyatt@apple.com> Add support for CSS Custom Properties (in preparation for implementing CSS Variables). https://bugs.webkit.org/show_bug.cgi?id=130397 Reviewed by Antti Koivisto. Added new tests in fast/css/custom-properties. * WebCore.xcodeproj/project.pbxproj: Add new header files to the project (CSSCustomPropertyValue and StyleCustomPropertyData). * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::customPropertyValue): (WebCore::ComputedStyleExtractor::propertyValue): If a custom property value is queried (i.e., it starts with "--"), then we use our customPropertyValue lookup to go to the RenderStyle and fetch the appropriate custom property value from the StyleCustomPropertyData. (WebCore::CSSComputedStyleDeclaration::length): (WebCore::CSSComputedStyleDeclaration::item): Patched to include custom properties in the returned array. They appear at the end of the array after the built-in properties. (WebCore::ComputedStyleExtractor::propertyMatches): Patched to check custom properties. (WebCore::ComputedStyleExtractor::copyPropertiesInSet): Make sure the custom properties get copied into the StyleDeclaration. (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): (WebCore::CSSComputedStyleDeclaration::getPropertyValue): Patched to call customPropertyValue for custom properties. * css/CSSComputedStyleDeclaration.h: Add customPropertyValue() to ComputedStyleExtractor. * css/CSSCustomPropertyValue.h: Added. (WebCore::CSSCustomPropertyValue::create): (WebCore::CSSCustomPropertyValue::equals): (WebCore::CSSCustomPropertyValue::customCSSText): (WebCore::CSSCustomPropertyValue::name): (WebCore::CSSCustomPropertyValue::value): (WebCore::CSSCustomPropertyValue::CSSCustomPropertyValue): Custom properties are parsed as a property with an ID of CSSPropertyCustom and a CSSCustomPropertyValue that holds both the name and the value of the property. Ultimately we might want to just ditch property IDs in favor of AtomicStrings for all properties, and then the need to special case custom properties would go away. For now, though, this is the way we work custom properties into the existing system. * css/CSSGrammar.y.in: Add a production for recognizing custom properties and storing them using a property ID of CSSPropertyCustom and a CSSCustomPropertyValue that has the name/value pair. * css/CSSParser.cpp: (WebCore::filterProperties): Patched to track seen custom properties and to handle them correctly. (WebCore::CSSParser::createStyleProperties): Pass in a seenCustomProperties table to ensure we bail when encountering the same custom property twice. (WebCore::CSSParser::addCustomPropertyDeclaration): Called from the grammar production to create the CSSCustomPropertyValue. (WebCore::isCustomPropertyIdentifier): Recognize the -- custom property during lexing. (WebCore::CSSParser::parseIdentifier): Patched to return a CUSTOM_PROPERTY token when a custom property is identified. * css/CSSParser.h: (WebCore::isCustomPropertyName): Add a helper function for asking if a property name is custom. * css/CSSValue.cpp: (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): * css/CSSValue.h: Patched to add support for CSSCustomPropertyValue. * css/PropertySetCSSStyleDeclaration.cpp: (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue): (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue): (WebCore::PropertySetCSSStyleDeclaration::getPropertyPriority): (WebCore::PropertySetCSSStyleDeclaration::setProperty): (WebCore::PropertySetCSSStyleDeclaration::removeProperty): Add code for handling custom properties in the CSS OM. * css/StyleProperties.cpp: (WebCore::StyleProperties::getPropertyValue): (WebCore::StyleProperties::getCustomPropertyValue): (WebCore::StyleProperties::getPropertyCSSValue): (WebCore::StyleProperties::getCustomPropertyCSSValue): (WebCore::MutableStyleProperties::removeProperty): (WebCore::MutableStyleProperties::removeCustomProperty): (WebCore::StyleProperties::propertyIsImportant): (WebCore::StyleProperties::customPropertyIsImportant): (WebCore::MutableStyleProperties::setProperty): (WebCore::MutableStyleProperties::setCustomProperty): (WebCore::MutableStyleProperties::addParsedProperty): (WebCore::MutableStyleProperties::findPropertyIndex): (WebCore::ImmutableStyleProperties::findCustomPropertyIndex): (WebCore::MutableStyleProperties::findCustomPropertyIndex): (WebCore::MutableStyleProperties::findCSSPropertyWithID): (WebCore::MutableStyleProperties::findCustomCSSPropertyWithName): (WebCore::StyleProperties::propertyMatches): (WebCore::StyleProperties::PropertyReference::cssName): * css/StyleProperties.h: (WebCore::StyleProperties::findCustomPropertyIndex): Patched to support handling custom properties in the CSS OM. We have to create equivalent methods that operate on AtomicString propertyNames instead of on property IDs. * css/StyleResolver.cpp: (WebCore::StyleResolver::CascadedProperties::customProperties): (WebCore::StyleResolver::styleForKeyframe): (WebCore::StyleResolver::styleForPage): (WebCore::StyleResolver::applyMatchedProperties): (WebCore::StyleResolver::applyProperty): (WebCore::StyleResolver::CascadedProperties::set): (WebCore::StyleResolver::applyCascadedProperties): The resolver has to hold a HashMap from AtomicStrings to Properties. It matches identically to how built-in properties work except that an extensible table (HashMap) is used to hold the property data. * css/makeprop.pl: Patched to include the special CSSPropertyCustom value of 1 (just after the CSSPropertyInvalid id value but before the first built-in property value). * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyle::getText): (WebCore::lowercasePropertyName): (WebCore::InspectorStyle::populateAllProperties): Patch inspector to not lowercase CSS custom property names, since they are case-sensitive. * rendering/style/RenderStyle.h: * rendering/style/StyleCustomPropertyData.h: Added. (WebCore::StyleCustomPropertyData::create): (WebCore::StyleCustomPropertyData::copy): (WebCore::StyleCustomPropertyData::operator==): (WebCore::StyleCustomPropertyData::operator!=): (WebCore::StyleCustomPropertyData::setCustomPropertyValue): (WebCore::StyleCustomPropertyData::getCustomPropertyValue): (WebCore::StyleCustomPropertyData::hasCustomProperty): (WebCore::StyleCustomPropertyData::StyleCustomPropertyData): * rendering/style/StyleRareInheritedData.cpp: (WebCore::StyleRareInheritedData::StyleRareInheritedData): (WebCore::StyleRareInheritedData::operator==): * rendering/style/StyleRareInheritedData.h: The front end storage in the RenderStyle for custom properties. For now, custom properties are always inherited, so the data is in StyleRareInheritedData. 2015-12-05 Babak Shafiei <bshafiei@apple.com> Merge r191452. 2015-10-22 Wenson Hsieh <wenson_hsieh@apple.com> Implement touch-action: manipulation; for iOS https://bugs.webkit.org/show_bug.cgi?id=149854 <rdar://problem/23017145> Reviewed by Benjamin Poulain. Implements the manipulation value for the CSS property touch-action. Adds support for parsing the touch-action property and two of its values: auto and manipulation. Tests: css3/touch-action/touch-action-computed-style.html css3/touch-action/touch-action-manipulation-fast-clicks.html css3/touch-action/touch-action-parsing.html * css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::propertyValue): * css/CSSParser.cpp: (WebCore::isValidKeywordPropertyAndValue): (WebCore::isKeywordPropertyID): (WebCore::CSSParser::parseValue): * css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::operator TouchAction): * css/CSSPropertyNames.in: * css/CSSValueKeywords.in: * dom/Element.cpp: (WebCore::Element::allowsDoubleTapGesture): Here, we determine whether an element that resulted from hit-testing a touch should allow double-tap gestures. To do this, we walk up the element's parents, stopping when we detect an element that disallows double tap gestures by having a touch-action other than auto or by hitting the root node. * dom/Element.h: * dom/Node.h: (WebCore::Node::allowsDoubleTapGesture): * rendering/style/RenderStyle.h: * rendering/style/RenderStyleConstants.h: * rendering/style/StyleRareNonInheritedData.cpp: (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): (WebCore::StyleRareNonInheritedData::operator==): * rendering/style/StyleRareNonInheritedData.h: 2015-12-05 David Kilzer <ddkilzer@apple.com> Merge r192129. rdar://problem/23221177 2015-11-07 Michael Catanzaro <mcatanzaro@igalia.com> Unreviewed, fix GTK build after r191981 * html/HTMLFormControlElement.cpp: 2015-12-05 David Kilzer <ddkilzer@apple.com> Merge r191981. rdar://problem/23221177 2015-10-30 Jon Honeycutt <jhoneycutt@apple.com> Implement support for the autocomplete attribute https://bugs.webkit.org/show_bug.cgi?id=150731 rdar://problem/21078968 The autocomplete attribute is defined by https://html.spec.whatwg.org/multipage/forms.html#autofill. Reviewed by Brent Fulgham. Test: fast/forms/autocomplete-tokens.html * html/HTMLFormControlElement.cpp: (WebCore::isContactToken): Return true if this is a contact token. (WebCore::categoryForAutofillFieldToken): Adds all of the autofill field tokens to a map, and returns the category for a given token. (WebCore::maxTokensForAutofillFieldCategory): Return the maximum number of tokens an autofill category supports. (WebCore::HTMLFormControlElement::parseAutocompleteAttribute): Implement the processing model defined in https://html.spec.whatwg.org/multipage/forms.html#processing-model-3 with respect to the IDL-exposed autofill value. (WebCore::HTMLFormControlElement::setAutocomplete): Set the autocomplete attribute to the given string. * html/HTMLFormControlElement.h: Declare setAutocomplete() and autocomplete(). * html/HTMLInputElement.idl: Remove the Reflect attribute. We now have custom processing for getting this attribute. * html/HTMLSelectElement.idl: Declare the autocomplete attribute. * html/HTMLTextAreaElement.idl: Ditto. 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r191155. rdar://problem/23772889 2015-10-15 David Hyatt <hyatt@apple.com> Patch parseKeywordValue to accept "unset" so that it goes down the faster parsing path. https://bugs.webkit.org/show_bug.cgi?id=150213 Reviewed by Dean Jackson. No new tests as correctness doesn't change (just speed). * css/CSSParser.cpp: (WebCore::parseKeywordValue): 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r190667. rdar://problem/23769564 2015-10-06 Simon Fraser <simon.fraser@apple.com> will-change should trigger stacking context based purely on properties https://bugs.webkit.org/show_bug.cgi?id=148068 Reviewed by Zalan Bujtas. Previously, our will-change implementation didn't trigger stacking context on an inline if the will-change property didn't apply to inlines (like 'transform'). However, this doesn't agree with the CSS-WG consensus (https://lists.w3.org/Archives/Public/www-style/2015Sep/0112.html). Change behavior to have stacking context creation behavior for will-change be identical for inlines and blocks. Test: fast/css/will-change/will-change-creates-stacking-context-inline.html * rendering/RenderInline.cpp: (WebCore::inFlowPositionedInlineAncestor): * rendering/RenderInline.h: (WebCore::RenderInline::willChangeCreatesStackingContext): * rendering/style/WillChangeData.cpp: (WebCore::propertyCreatesStackingContext): (WebCore::WillChangeData::addFeature): (WebCore::propertyCreatesStackingContextOnBoxesOnly): Deleted. * rendering/style/WillChangeData.h: (WebCore::WillChangeData::canCreateStackingContextOnInline): Deleted. 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r188604. rdar://problem/23769564 2015-08-18 Simon Fraser <simon.fraser@apple.com> will-change: backface-visibility should not cause stacking context https://bugs.webkit.org/show_bug.cgi?id=148091 Reviewed by Zalan Bujtas. Take CSSPropertyWebkitBackfaceVisibility out of the list of properties that causes will-change to create stacking context, since no value of the property creates stacking. Move willChangeCreatesStackingContext() and shouldWillChangeCreateStackingContext() into RenderInline since it's only called from there. * rendering/RenderElement.cpp: (WebCore::RenderElement::shouldWillChangeCreateStackingContext): Deleted. * rendering/RenderElement.h: (WebCore::RenderElement::willChangeCreatesStackingContext): Deleted. * rendering/RenderInline.h: (WebCore::RenderInline::willChangeCreatesStackingContext): * rendering/style/WillChangeData.cpp: (WebCore::propertyCreatesStackingContext): Deleted. 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r188130. rdar://problem/23769683 2015-08-07 Myles C. Maxfield <mmaxfield@apple.com> Allow FontCustomPlatformData to consult with FontDescription https://bugs.webkit.org/show_bug.cgi?id=147775 Reviewed by Zalan Bujtas. In order to implement font-feature-settings, web fonts need to be able to consult with the set of active font features. Rather than add yet another argument to all the functions in this flow, this patch passes around a reference to the FontDescription itself instead of copies of constituent members of it. No new tests because there is no behavior change. * css/CSSFontFaceSource.cpp: (WebCore::CSSFontFaceSource::font): * loader/cache/CachedFont.cpp: (WebCore::CachedFont::createFont): (WebCore::CachedFont::platformDataFromCustomData): * loader/cache/CachedFont.h: * loader/cache/CachedSVGFont.cpp: (WebCore::CachedSVGFont::platformDataFromCustomData): * loader/cache/CachedSVGFont.h: * platform/graphics/cairo/FontCustomPlatformData.h: * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): * platform/graphics/freetype/FontPlatformData.h: * platform/graphics/freetype/FontPlatformDataFreeType.cpp: (WebCore::FontPlatformData::FontPlatformData): * platform/graphics/freetype/SimpleFontDataFreeType.cpp: (WebCore::Font::platformCreateScaledFont): * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): * platform/graphics/mac/FontCustomPlatformData.h: * platform/graphics/win/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): * platform/graphics/win/FontCustomPlatformData.h: 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r187709. rdar://problem/23769683 2015-07-31 Myles C. Maxfield <mmaxfield@apple.com> Fix the build Unreviewed. * platform/graphics/mac/FontCacheMac.mm: (WebCore::lookupCTFont): 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r188168. rdar://problem/23769683 2015-08-07 Myles C. Maxfield <mmaxfield@apple.com> Post-review comments on r188146 https://bugs.webkit.org/show_bug.cgi?id=147793 Reviewed by Daniel Bates. No new tests because there is no behavior change. * platform/graphics/FontCache.h: * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::appendTrueTypeFeature): (WebCore::appendOpenTypeFeature): (WebCore::applyFontFeatureSettings): * platform/graphics/ios/FontCacheIOS.mm: (WebCore::FontCache::getSystemFontFallbackForCharacters): (WebCore::FontCache::createFontPlatformData): * platform/graphics/mac/FontCacheMac.mm: (WebCore::fontWithFamily): (WebCore::FontCache::systemFallbackForCharacters): * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): * rendering/RenderThemeIOS.mm: (WebCore::RenderThemeIOS::updateCachedSystemFontDescription): 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r188146. rdar://problem/23769683 2015-08-07 Myles C. Maxfield <mmaxfield@apple.com> Implement font-feature-settings https://bugs.webkit.org/show_bug.cgi?id=147722 Reviewed by Simon Fraser. Fonts with features are simply modeled as new font objects. Font feature information is contained within FontDescription, and our caches are correctly sensitive to this information. Therefore, we just need to make our font lookup code honor the request to use certain features. This patch creates a file, FontCacheCoreText.cpp, which will be the new home of all shared OS X / iOS FontCache code. Over time, I will be moving more and more source into this file, until there is nothing left of FontCacheMac.mm and FontCacheIOS.mm. For now, the only function in this file is the code which applies font features. Test: css3/font-feature-settings-preinstalled-fonts.html * WebCore.xcodeproj/project.pbxproj: Add FontCacheCoreText.cpp. * platform/graphics/FontCache.h: * platform/graphics/cocoa/FontCacheCoreText.cpp: Added. (WebCore::appendTrueTypeFeature): What the name says. (WebCore::appendOpenTypeFeature): Ditto. (WebCore::applyFontFeatureSettings): Ditto. * platform/graphics/ios/FontCacheIOS.mm: (WebCore::FontCache::getSystemFontFallbackForCharacters): Call applyFontFeatureSettings(). (WebCore::FontCache::createFontPlatformData): Ditto. * platform/graphics/mac/FontCacheMac.mm: (WebCore::fontWithFamily): Ditto. (WebCore::FontCache::systemFallbackForCharacters): Ditto. (WebCore::FontCache::createFontPlatformData): Ditto. * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::FontCustomPlatformData::fontPlatformData): Ditto. * rendering/RenderThemeIOS.mm: (WebCore::RenderThemeIOS::updateCachedSystemFontDescription): Ditto. 2015-12-05 Matthew Hanson <matthew_hanson@apple.com> Merge r187982. rdar://problem/23769683 2015-08-05 Myles C. Maxfield <mmaxfield@apple.com> [OS X] Migrate to CTFontCreateForCharactersWithLanguage from [NSFont findFontLike:forString:withRange:inLanguage] https://bugs.webkit.org/show_bug.cgi?id=147483 Reviewed by Dean Jackson. [NSFont findFontLike:forString:withRange:inLanguage] doesn't properly handle its last argument. In addition, we want to be moving away from NSFont in the first place and on to Core Text. This new CoreText function correctly handles its language argument, which is required for language-specific font fallback. This patch rolls r187707 back in which was rolled out in r187802 due to test flakiness. This patch fixes the flakiness. No new tests because there is no behavior change. * platform/graphics/FontCache.cpp: (WebCore::FontCache::purgeInactiveFontData): * platform/graphics/FontCache.h: (WebCore::FontCache::platformPurgeInactiveFontData): * platform/graphics/mac/FontCacheMac.mm: (WebCore::fallbackDedupSet): (WebCore::FontCache::platformPurgeInactiveFontData): (WebCore::lookupCTFont): (WebCore::FontCache::systemFallbackForCharacters): * platform/spi/cocoa/CoreTextSPI.h: * platform/spi/mac/NSFontSPI.h: 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r192592. rdar://problem/23581597 2015-11-18 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Client Blocked Resource Requests causes Crash under InspectorPageAgent::cachedResource https://bugs.webkit.org/show_bug.cgi?id=151398 Reviewed by Brian Burg. Test: inspector/network/client-blocked-load.html * inspector/InspectorPageAgent.cpp: (WebCore::InspectorPageAgent::cachedResource): Gracefully handle null request. * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::cachedResource): ASSERT if someone tried to pass a null URL. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r192585. rdar://problem/23581597 2015-11-18 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Timeline Recording across page navigations behaves poorly https://bugs.webkit.org/show_bug.cgi?id=151112 Reviewed by Timothy Hatcher. * inspector/InspectorPageAgent.cpp: (WebCore::InspectorPageAgent::frameStartedLoading): Deleted. Don't reset the execution stopwatch on page navigation. If a timeline is actively being recorded on the frontend then all new timestamps suddenly downshifted towards zero introduces bad data. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r188222. rdar://problem/23581597 2015-08-10 Devin Rousso <drousso@apple.com> Web Inspector: Invalid selectors can be applied to the stylesheet https://bugs.webkit.org/show_bug.cgi?id=147230 Reviewed by Timothy Hatcher. * inspector/InspectorStyleSheet.cpp: (WebCore::isValidSelectorListString): (WebCore::InspectorStyleSheet::setRuleSelector): Now checks to see that the supplied selector is valid before trying to commit it to the rule. (WebCore::InspectorStyleSheet::addRule): (WebCore::checkStyleRuleSelector): Deleted. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r186891. rdar://problem/23581597 2015-07-16 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: update $$() to return an Array https://bugs.webkit.org/show_bug.cgi?id=146964 Reviewed by Brian Burg. Test: inspector/console/command-line-api.html * inspector/CommandLineAPIModuleSource.js: Update $$(...) to return an array. Also InjectedScriptHost.type was renamed to subtype a while ago. 2015-12-02 Timothy Hatcher <timothy@apple.com> Merge r191967. rdar://problem/23221163 2015-11-03 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Handle or Remove ParseHTML Timeline Event Records https://bugs.webkit.org/show_bug.cgi?id=150689 Reviewed by Timothy Hatcher. Remove ParseHTML nesting recordings. We were not using them and for most pages their self-time is very small in comparison to other events. We may consider adding it back later for UI purposes but for now the frontend doesn't use the records so lets remove it. * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::pumpTokenizer): Deleted. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::willWriteHTMLImpl): Deleted. (WebCore::InspectorInstrumentation::didWriteHTMLImpl): Deleted. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::willWriteHTML): Deleted. (WebCore::InspectorInstrumentation::didWriteHTML): Deleted. * inspector/InspectorTimelineAgent.cpp: (WebCore::InspectorTimelineAgent::willWriteHTML): Deleted. (WebCore::InspectorTimelineAgent::didWriteHTML): Deleted. (WebCore::toProtocol): Deleted. * inspector/InspectorTimelineAgent.h: * inspector/TimelineRecordFactory.cpp: (WebCore::TimelineRecordFactory::createParseHTMLData): Deleted. * inspector/TimelineRecordFactory.h: 2015-12-02 Timothy Hatcher <timothy@apple.com> Merge r191732. rdar://problem/23581597 2015-10-29 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Clean up and audit TimelineRecordFactory records https://bugs.webkit.org/show_bug.cgi?id=150660 Reviewed by Brian Burg. Cleanup included removing unused methods and payload data that the frontend wasn't likely to use. Also added ASCIILiteral and removed unnecessary includes. * inspector/InspectorNetworkAgent.cpp: * inspector/InspectorPageAgent.cpp: * inspector/InspectorTimelineAgent.cpp: (WebCore::InspectorTimelineAgent::willLayout): * inspector/InspectorTimelineAgent.h: * inspector/TimelineRecordFactory.cpp: (WebCore::TimelineRecordFactory::createGenericRecord): (WebCore::TimelineRecordFactory::createFunctionCallData): (WebCore::TimelineRecordFactory::createConsoleProfileData): (WebCore::TimelineRecordFactory::createEventDispatchData): (WebCore::TimelineRecordFactory::createGenericTimerData): (WebCore::TimelineRecordFactory::createTimerInstallData): (WebCore::TimelineRecordFactory::createEvaluateScriptData): (WebCore::TimelineRecordFactory::createTimeStampData): (WebCore::TimelineRecordFactory::createParseHTMLData): (WebCore::TimelineRecordFactory::createAnimationFrameData): (WebCore::TimelineRecordFactory::createPaintData): (WebCore::TimelineRecordFactory::appendLayoutRoot): (WebCore::TimelineRecordFactory::createBackgroundRecord): Deleted. (WebCore::TimelineRecordFactory::createLayoutData): Deleted. * inspector/TimelineRecordFactory.h: (WebCore::TimelineRecordFactory::TimelineRecordFactory): 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r191651. rdar://problem/23581597 2015-10-27 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Remove Timeline MarkDOMContent and MarkLoad, data is already available https://bugs.webkit.org/show_bug.cgi?id=150615 Reviewed by Timothy Hatcher. The timestamp only event data is already available from `Page.domContentEventFired` and `Page.loadEventFired` events. We can drop the Timeline specific events in favor of these which have existed for a very long time (before iOS 7). * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::loadEventFiredImpl): (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl): Deleted. * inspector/InspectorTimelineAgent.cpp: (WebCore::InspectorTimelineAgent::didMarkDOMContentEvent): Deleted. (WebCore::InspectorTimelineAgent::didMarkLoadEvent): Deleted. (WebCore::toProtocol): Deleted. * inspector/InspectorTimelineAgent.h: * inspector/TimelineRecordFactory.cpp: (WebCore::TimelineRecordFactory::createMarkData): Deleted. * inspector/TimelineRecordFactory.h: 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r189104. rdar://problem/23581597 2015-08-28 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Separate creating a style sheet from adding a new rule in the protocol https://bugs.webkit.org/show_bug.cgi?id=148502 Reviewed by Timothy Hatcher. Tests: inspector/css/createStyleSheet.html inspector/css/manager-preferredInspectorStyleSheetForFrame.html * inspector/InspectorCSSAgent.h: Allow for multiple inspector style sheets per document. * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::createStyleSheet): (WebCore::InspectorCSSAgent::createInspectorStyleSheetForDocument): Added. (WebCore::InspectorCSSAgent::viaInspectorStyleSheet): Deleted. Extract and generalize creating a via-inspector stylesheet here. (WebCore::InspectorCSSAgent::addRule): Lookup stylesheet to add a rule to via the provided stylesheet id. (WebCore::InspectorCSSAgent::bindStyleSheet): (WebCore::InspectorCSSAgent::detectOrigin): Update to account for a list of stylesheets per document instead of one. * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyleSheet::addRule): (WebCore::InspectorStyleSheetForInlineStyle::setStyleText): 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r189002. rdar://problem/23581597 2015-08-26 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Implement tracking of active stylesheets in the frontend https://bugs.webkit.org/show_bug.cgi?id=105828 Reviewed by Timothy Hatcher. Tests: inspector/css/stylesheet-events-basic.html inspector/css/stylesheet-events-imports.html inspector/css/stylesheet-events-inspector-stylesheet.html * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::documentDetachedImpl): (WebCore::InspectorInstrumentation::activeStyleSheetsUpdatedImpl): * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::documentDetached): (WebCore::InspectorInstrumentation::activeStyleSheetsUpdated): New hooks for when a document is detached or a document's style sheets are updated. * dom/Document.cpp: (WebCore::Document::prepareForDestruction): Inform the inspector so the CSSAgent can remove document related data. * dom/DocumentStyleSheetCollection.h: * dom/DocumentStyleSheetCollection.cpp: (WebCore::DocumentStyleSheetCollection::updateActiveStyleSheets): Inform the inspector so the CSSAgent can push stylesheet related events. (WebCore::DocumentStyleSheetCollection::activeStyleSheetsForInspector): Added. CSSStyleSheets for the inspector include non-disabled author stylesheets even if they are empty. * inspector/InspectorCSSAgent.h: * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::reset): (WebCore::InspectorCSSAgent::documentDetached): Handling for the new list of known document to CSSStyleSheets map. (WebCore::InspectorCSSAgent::enable): When the CSS domain is enabled, tell the frontend about known stylesheets. (WebCore::InspectorCSSAgent::activeStyleSheetsUpdated): (WebCore::InspectorCSSAgent::setActiveStyleSheetsForDocument): Diff the old list of known stylesheets to the new list of stylesheets for an individual document. Then send appropriate added/removed events. (WebCore::InspectorCSSAgent::collectAllStyleSheets): (WebCore::InspectorCSSAgent::collectAllDocumentStyleSheets): (WebCore::InspectorCSSAgent::collectStyleSheets): Collect stylesheets recursively. A stylesheet may link to other stylesheets through @import statements. (WebCore::InspectorCSSAgent::getAllStyleSheets): Use the new methods, this command should go away as it will no longer be useful. (WebCore::InspectorCSSAgent::unbindStyleSheet): (WebCore::InspectorCSSAgent::bindStyleSheet): Create an InspectorStyleSheet from a CSSStyleSheet and add to the appropriate lists. Likewise, unbinding will remove from the appropriate lists. (WebCore::InspectorCSSAgent::viaInspectorStyleSheet): (WebCore::InspectorCSSAgent::detectOrigin): When creating the inspector stylesheet, which is a <style> element, it will push a StyleSheetAdded event. In the process of binding this new stylesheet use the m_creatingViaInspectorStyleSheet to add it to out list of Inspector Stylesheets. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r188631. rdar://problem/23581597 2015-08-18 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Links for rules in <style> are incorrect, do not account for <style> offset in the document https://bugs.webkit.org/show_bug.cgi?id=148141 Reviewed by Brian Burg. Test: inspector/css/getAllStyleSheets.html * css/CSSStyleSheet.h: * css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::create): (WebCore::CSSStyleSheet::createInline): (WebCore::CSSStyleSheet::CSSStyleSheet): Include the starting position when created by the Parser. Default to the minimum position, which should never be possible for an inline <style> because the "<style>" characters themselves require at least some offset. * dom/InlineStyleSheetOwner.cpp: (WebCore::InlineStyleSheetOwner::createSheet): Provide the start position offset for this stylesheet if it was inline. * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo): Include new protocol values for the style sheet. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r187496. rdar://problem/23581597 2015-07-28 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Show Pseudo Elements in DOM Tree https://bugs.webkit.org/show_bug.cgi?id=139612 Reviewed by Timothy Hatcher. Tests: inspector/css/pseudo-element-matches-for-pseudo-element-node.html inspector/dom/pseudo-element-dynamic.html inspector/dom/pseudo-element-static.html Much of this patch was modelled after the Blink implementation of pseudo element inspection. * dom/PseudoElement.h: * dom/PseudoElement.cpp: (WebCore::PseudoElement::~PseudoElement): (WebCore::PseudoElement::clearHostElement): Since InspectorDOMAgent may hold a reference to this PseudoElement we can't report it as destroyed in the destructor, as that wouldn't be reached if the inspector holds a reference. Move this to when the psuedo element is disconnected, which is immediately before destruction. * inspector/InspectorCSSAgent.h: * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::getMatchedStylesForNode): When computing styles for a pseudo element, compute styles from the host element for just the pseudo element's pseudo type. Likewise only include matched results, not inherited or others. (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList): Add the pseudo type to the checker context to try and detect exactly which selector in a list of selectors matched the pseudo element. * inspector/InspectorDOMAgent.h: * inspector/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::unbind): When unbinding an element, also unbind any pseudo element children it may have had and bound. (WebCore::InspectorDOMAgent::assertEditableNode): (WebCore::InspectorDOMAgent::assertEditableElement): (WebCore::InspectorDOMAgent::removeNode): Improve grammar in error message. Don't allow editing pseudo elements. (WebCore::pseudoElementType): (WebCore::InspectorDOMAgent::buildObjectForNode): (WebCore::InspectorDOMAgent::buildArrayForPseudoElements): If a node is a pseudo element include its pseudoType. If a node has pseudo element children include them. (WebCore::InspectorDOMAgent::pseudoElementCreated): (WebCore::InspectorDOMAgent::pseudoElementDestroyed): When pseudo elements are dynamically created or destroyed push pseudo element nodes to the frontend if needed. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::pseudoElementCreatedImpl): (WebCore::InspectorInstrumentation::pseudoElementDestroyedImpl): * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::pseudoElementCreated): (WebCore::InspectorInstrumentation::pseudoElementDestroyed): (WebCore::InspectorInstrumentation::layerTreeDidChange): (WebCore::InspectorInstrumentation::renderLayerDestroyed): Plumbing for pseudo element created/destroyed events. * style/StyleResolveTree.cpp: (WebCore::Style::attachBeforeOrAfterPseudoElementIfNeeded): This is the only place a pseudo element is created, inform the inspector. * inspector/InspectorOverlay.cpp: (WebCore::buildObjectForElementData): Update the element data for the node highlight label to include the host element's selector and the pseudo element selector. 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r188227. rdar://problem/23581597 2015-08-10 Devin Rousso <drousso@apple.com> Web Inspector: [iOS] Allow inspector to retrieve a list of system fonts https://bugs.webkit.org/show_bug.cgi?id=147033 Reviewed by Joseph Pecoraro. Implement systemFontFamilies for iOS. * platform/graphics/ios/FontCacheIOS.mm: (WebCore::FontCache::systemFontFamilies): 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r187249. rdar://problem/23581597 2015-07-23 Devin Rousso <drousso@apple.com> Web Inspector: Add a function to CSSCompletions to get a list of supported system fonts https://bugs.webkit.org/show_bug.cgi?id=147009 Reviewed by Joseph Pecoraro. Test: inspector/css/get-system-fonts.html * inspector/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::getSupportedSystemFontFamilyNames): Gets the list of system fonts (implemented in each platform) and returns that list. * inspector/InspectorCSSAgent.h: * platform/graphics/FontCache.h: * platform/graphics/freetype/FontCacheFreeType.cpp: (WebCore::FontCache::systemFontFamilies): * platform/graphics/ios/FontCacheIOS.mm: (WebCore::FontCache::systemFontFamilies): * platform/graphics/mac/FontCacheMac.mm: (WebCore::FontCache::systemFontFamilies): * platform/graphics/win/FontCacheWin.cpp: (WebCore::FontCache::systemFontFamilies): 2015-12-04 Timothy Hatcher <timothy@apple.com> Merge r187211. rdar://problem/23581597 2015-07-22 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Timeline should immediately start moving play head when starting a new recording https://bugs.webkit.org/show_bug.cgi?id=147210 Reviewed by Timothy Hatcher. Test: inspector/timeline/recording-start-stop-timestamps.html * inspector/InspectorTimelineAgent.cpp: (WebCore::InspectorTimelineAgent::internalStart): (WebCore::InspectorTimelineAgent::internalStop): Include the current timestamp when starting / stopping a recording. 2015-12-02 Matthew Hanson <matthew_hanson@apple.com> Merge r192971. rdar://problem/23726466 2015-12-02 Jer Noble <jer.noble@apple.com> [iOS] Abrupt transition between Fullscreen -> PiP https://bugs.webkit.org/show_bug.cgi?id=151719 Reviewed by Eric Carlson. Follow-up to r192922: When moving from inline -> PiP, don't forget to hide the fullscreen window once the PiP transition completes. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::didStartPictureInPicture): 2015-12-02 Matthew Hanson <matthew_hanson@apple.com> Merge r192922. rdar://problem/23726466 2015-12-01 Jer Noble <jer.noble@apple.com> [iOS] Abrupt transition between Fullscreen -> PiP https://bugs.webkit.org/show_bug.cgi?id=151719 Reviewed by Eric Carlson. Rather than abruptly hiding the fullscreen window, explicitly exit fullscreen mode upon entering PiP. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::didStartPictureInPicture): 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r192259. rdar://problem/23189749 2015-11-10 Myles C. Maxfield <mmaxfield@apple.com> Tatechuyoko text is not vertically centered in its vertical advance https://bugs.webkit.org/show_bug.cgi?id=151074 <rdar://problem/20074305> Reviewed by David Hyatt. During paint time, the run origin of tatechuyoko needs to be adjusted to compensate for the rotation of the writing mode. The calculation which performed this adjustment was incorrect. It is incorrect for two reasons: 1. It used the existing text origin, which had the font's ascent incorporated in it, but did not compensate by either inspecting the overflow bounds' ascent nor the font's ascent proper. 2. It did not distinguish between the overflow bounds' ascent vs. descent. Instead, it added them together and treated both values together. No new tests yet. I need to make a font to test this. * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::paint): * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::computeTextOrigin): (WebCore::RenderCombineText::combineText): (WebCore::RenderCombineText::adjustTextOrigin): Deleted. * rendering/RenderCombineText.h: 2015-12-02 Matthew Hanson <matthew_hanson@apple.com> Merge r192368. rdar://problem/23189763 2015-11-12 Csaba Osztrogonác <ossy@webkit.org> Fix build failure due to missing NeverDestroyed.h include after r192169 https://bugs.webkit.org/show_bug.cgi?id=151186 Reviewed by Darin Adler. * rendering/RenderCombineText.cpp: 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r192169. rdar://problem/23189763 2015-11-09 Myles C. Maxfield <mmaxfield@apple.com> Some style changes cause tatechuyoko to be drawn off center https://bugs.webkit.org/show_bug.cgi?id=150986 <rdar://problem/20748013> Reviewed by Darin Adler. Layouts should be idempotent. In particular, during layout, an element should not rely on a previous call to styleDidChange() with a sufficiently high StyleDifference. RenderCombineText was assuming that, if a layout occurs, a previous call to styleDidChange() would have reset the renderedText. However, an ancestor element might cause the RenderCombineText to re-combine when it is already combined. Therefore, the recombination should fully uncombine before recombining. Test: fast/text/text-combine-style-change-extra-layout.html * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::combineText): Fully uncombine before recombining. 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r190383. rdar://problem/23432383 2015-09-30 Katlyn Graff <kgraff@apple.com> Add support for the imageSmoothingQuality property for CanvasRenderingContext2D. https://bugs.webkit.org/show_bug.cgi?id=149541 Reviewed by Ryosuke Niwa. As documented here: https://html.spec.whatwg.org/multipage/scripting.html#image-smoothing Exposes the smooothing quality of algorithms used for scaling images. Valid input values are low, medium, and high: associated algorithms are expected to vary for differing hardware. setImageSmoothingQuality provides a handle into CGInterpolationQuality. Test: fast/canvas/canvas-imageSmoothingQuality.html * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::State::State): (WebCore::CanvasRenderingContext2D::State::operator=): (WebCore::smoothingToInterpolationQuality): (WebCore::CanvasRenderingContext2D::imageSmoothingQuality): (WebCore::CanvasRenderingContext2D::setImageSmoothingQuality): (WebCore::CanvasRenderingContext2D::setImageSmoothingEnabled): * html/canvas/CanvasRenderingContext2D.h: * html/canvas/CanvasRenderingContext2D.idl: 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r188194. rdar://problem/23432383 2015-08-08 Dean Jackson <dino@apple.com> Remove the webkit prefix from CanvasRenderingContext2D imageSmoothingEnabled https://bugs.webkit.org/show_bug.cgi?id=147803 <rdar://problem/22200553> Reviewed by Sam Weinig. Rename webkitImageSmoothingEnabled to imageSmoothingEnabled. Updated existing tests, and made sure that the prefixed version is identical to the standard version. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::imageSmoothingEnabled): Renamed from webkitImageSmoothingEnabled. (WebCore::CanvasRenderingContext2D::setImageSmoothingEnabled): Renamed from setWebkitImageSmoothingEnabled. (WebCore::CanvasRenderingContext2D::webkitImageSmoothingEnabled): Deleted. (WebCore::CanvasRenderingContext2D::setWebkitImageSmoothingEnabled): Deleted. * html/canvas/CanvasRenderingContext2D.h: Rename the methods. * html/canvas/CanvasRenderingContext2D.idl: Add the non-prefixed form, and mark is as the implementation of the prefixed form. 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r189427. rdar://problem/23432383 2015-09-04 Myles C. Maxfield <mmaxfield@apple.com> Rename members of CanvasRenderingContext2D::State https://bugs.webkit.org/show_bug.cgi?id=148889 Reviewed by Tim Horton. CanvasRenderingContext2D::State is a struct, so its members should not start with m_. No new tests because there is no behavior change. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::State::State): (WebCore::CanvasRenderingContext2D::State::operator=): (WebCore::CanvasRenderingContext2D::restore): (WebCore::CanvasRenderingContext2D::setStrokeStyle): (WebCore::CanvasRenderingContext2D::setFillStyle): (WebCore::CanvasRenderingContext2D::lineWidth): (WebCore::CanvasRenderingContext2D::setLineWidth): (WebCore::CanvasRenderingContext2D::lineCap): (WebCore::CanvasRenderingContext2D::setLineCap): (WebCore::CanvasRenderingContext2D::lineJoin): (WebCore::CanvasRenderingContext2D::setLineJoin): (WebCore::CanvasRenderingContext2D::miterLimit): (WebCore::CanvasRenderingContext2D::setMiterLimit): (WebCore::CanvasRenderingContext2D::shadowOffsetX): (WebCore::CanvasRenderingContext2D::setShadowOffsetX): (WebCore::CanvasRenderingContext2D::shadowOffsetY): (WebCore::CanvasRenderingContext2D::setShadowOffsetY): (WebCore::CanvasRenderingContext2D::shadowBlur): (WebCore::CanvasRenderingContext2D::setShadowBlur): (WebCore::CanvasRenderingContext2D::shadowColor): (WebCore::CanvasRenderingContext2D::setShadowColor): (WebCore::CanvasRenderingContext2D::getLineDash): (WebCore::CanvasRenderingContext2D::setLineDash): (WebCore::CanvasRenderingContext2D::setWebkitLineDash): (WebCore::CanvasRenderingContext2D::lineDashOffset): (WebCore::CanvasRenderingContext2D::setLineDashOffset): (WebCore::CanvasRenderingContext2D::applyLineDash): (WebCore::CanvasRenderingContext2D::globalAlpha): (WebCore::CanvasRenderingContext2D::setGlobalAlpha): (WebCore::CanvasRenderingContext2D::globalCompositeOperation): (WebCore::CanvasRenderingContext2D::setGlobalCompositeOperation): (WebCore::CanvasRenderingContext2D::scale): (WebCore::CanvasRenderingContext2D::rotate): (WebCore::CanvasRenderingContext2D::translate): (WebCore::CanvasRenderingContext2D::transform): (WebCore::CanvasRenderingContext2D::setTransform): (WebCore::CanvasRenderingContext2D::setStrokeColor): (WebCore::CanvasRenderingContext2D::setFillColor): (WebCore::CanvasRenderingContext2D::fillInternal): (WebCore::CanvasRenderingContext2D::strokeInternal): (WebCore::CanvasRenderingContext2D::clipInternal): (WebCore::CanvasRenderingContext2D::isPointInPathInternal): (WebCore::CanvasRenderingContext2D::isPointInStrokeInternal): (WebCore::CanvasRenderingContext2D::clearRect): (WebCore::CanvasRenderingContext2D::fillRect): (WebCore::CanvasRenderingContext2D::strokeRect): (WebCore::CanvasRenderingContext2D::setShadow): (WebCore::CanvasRenderingContext2D::applyShadow): (WebCore::CanvasRenderingContext2D::shouldDrawShadows): (WebCore::CanvasRenderingContext2D::drawImage): (WebCore::CanvasRenderingContext2D::transformAreaToDevice): (WebCore::CanvasRenderingContext2D::rectContainsCanvas): (WebCore::CanvasRenderingContext2D::compositeBuffer): (WebCore::CanvasRenderingContext2D::didDraw): (WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal): (WebCore::CanvasRenderingContext2D::font): (WebCore::CanvasRenderingContext2D::setFont): (WebCore::CanvasRenderingContext2D::textAlign): (WebCore::CanvasRenderingContext2D::setTextAlign): (WebCore::CanvasRenderingContext2D::textBaseline): (WebCore::CanvasRenderingContext2D::setTextBaseline): (WebCore::CanvasRenderingContext2D::direction): (WebCore::CanvasRenderingContext2D::setDirection): (WebCore::CanvasRenderingContext2D::drawTextInternal): (WebCore::CanvasRenderingContext2D::inflateStrokeRect): (WebCore::CanvasRenderingContext2D::imageSmoothingEnabled): (WebCore::CanvasRenderingContext2D::setImageSmoothingEnabled): * html/canvas/CanvasRenderingContext2D.h: 2015-12-01 Matthew Hanson <matthew_hanson@apple.com> Merge r187544. rdar://problem/23395970 2015-07-29 Chris Dumez <cdumez@apple.com> Avoid unnecessarily constructing PlatformMediaSessionManager on Document destruction https://bugs.webkit.org/show_bug.cgi?id=147398 Reviewed by Jer Noble. Only call PlatformMediaSessionManager::stopAllMediaPlaybackForProcess() in destructors if an PlatformMediaSessionManager instance already exists, to avoid constructing one unecessarily at that point. * dom/Document.cpp: (WebCore::Document::~Document): * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::sharedManager): (WebCore::PlatformMediaSessionManager::sharedManagerIfExists): * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::PlatformMediaSessionManager::sharedManager): (WebCore::PlatformMediaSessionManager::sharedManagerIfExists): 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r192709. 2015-11-20 Simon Fraser <simon.fraser@apple.com> Fix the Windows build. * platform/graphics/cg/IOSurfacePool.h: 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r192701. 2015-11-20 Simon Fraser <simon.fraser@apple.com> Allow more buffer formats in the IOSurface pool https://bugs.webkit.org/show_bug.cgi?id=151516 Reviewed by Tim Horton. Previously IOSurface::create was only looking in the pool for RGBA-format surfaces. Change that to always look in the pool, and to cache all format types. We include format in the criteria used to pick a surface from the pool. * platform/graphics/cg/IOSurfacePool.cpp: (WebCore::surfaceMatchesParameters): (WebCore::IOSurfacePool::takeSurface): (WebCore::IOSurfacePool::shouldCacheFormat): (WebCore::IOSurfacePool::shouldCacheSurface): (WebCore::IOSurfacePool::addSurface): * platform/graphics/cg/IOSurfacePool.h: * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::surfaceFromPool): (IOSurface::create): (IOSurface::IOSurface): 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r192689. 2015-11-19 Simon Fraser <simon.fraser@apple.com> Back-buffer to front-buffer copy fails for some buffer formats https://bugs.webkit.org/show_bug.cgi?id=151475 rdar://problem/23617899 Reviewed by Tim Horton. Fix some fo the bitsPerComponent/bitsPerPixel options in IOSurface::ensurePlatformContext() for RGB10 buffers. Fix IOSurface::format() to return the new formats. Implement IOSurface::copyToSurface(), which does a synchronous copy between surfaces. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::create): (IOSurface::ensurePlatformContext): (IOSurface::format): (IOSurface::copyToSurface): 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r190894. 2015-10-12 Simon Fraser <simon.fraser@apple.com> Add a CGContextStateSaver and use it https://bugs.webkit.org/show_bug.cgi?id=150049 Reviewed by Tim Horton. Add a stack-based graphics state save/restore class for CGContext, like the one we have for GraphicsContext, and use it in GraphicsContextCG. * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::GraphicsContext::drawNativeImage): (WebCore::GraphicsContext::drawLine): (WebCore::GraphicsContext::drawJoinedLines): (WebCore::GraphicsContext::fillPath): (WebCore::GraphicsContext::strokePath): (WebCore::GraphicsContext::fillRect): (WebCore::GraphicsContext::platformFillRoundedRect): (WebCore::GraphicsContext::fillRectWithRoundedHole): (WebCore::GraphicsContext::strokeRect): * platform/graphics/cg/GraphicsContextCG.h: (WebCore::CGContextStateSaver::CGContextStateSaver): (WebCore::CGContextStateSaver::~CGContextStateSaver): (WebCore::CGContextStateSaver::save): (WebCore::CGContextStateSaver::restore): 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r190587. 2015-10-05 Beth Dakin <bdakin@apple.com> WebCore::IOSurface should ask the IOSurface for the pixel format instead of caching it https://bugs.webkit.org/show_bug.cgi?id=149820 -and corresponding- rdar://problem/22976230 Reviewed by Tim Horton. Also there is no reason to make YUV be iOS only, so this patch removes those PLATFORM checks. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::IOSurface): (IOSurface::format): * platform/spi/cocoa/IOSurfaceSPI.h: 2015-12-01 Babak Shafiei <bshafiei@apple.com> Merge r190576. 2015-10-05 Beth Dakin <bdakin@apple.com> Errant space!! * platform/graphics/cocoa/IOSurface.mm: (IOSurface::releaseGraphicsContext): (IOSurface::convertToFormat): 2015-11-19 Babak Shafiei <bshafiei@apple.com> Merge r192284. 2015-11-10 Simon Fraser <simon.fraser@apple.com> Use different pixel formats for displays that support them https://bugs.webkit.org/show_bug.cgi?id=151122 rdar://problem/22846841 Reviewed by Tim Horton. Add new IOSurface format enum values, and set up the appropriate IOSurfaceCreate() property dictionaries for them. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::IOSurface): * platform/spi/cocoa/IOSurfaceSPI.h: 2015-11-19 Babak Shafiei <bshafiei@apple.com> Merge r192138. 2015-11-07 Simon Fraser <simon.fraser@apple.com> Use ColorSpaceSRGB for image buffers everywhere https://bugs.webkit.org/show_bug.cgi?id=150990 Reviewed by Zalan Bujtas. ColorSpaceSRGB and ColorSpaceDeviceRGB are equivalent now, so convert code that creates image buffers tagged with ColorSpaceDeviceRGB to use ColorSpaceSRGB. * platform/graphics/GraphicsContext.cpp: (WebCore::GraphicsContext::createCompatibleBuffer): * platform/graphics/ImageBuffer.h: (WebCore::ImageBuffer::create): * platform/graphics/cg/BitmapImageCG.cpp: (WebCore::BitmapImage::checkForSolidColor): * platform/graphics/cg/ColorCG.cpp: (WebCore::Color::Color): * platform/graphics/cg/GraphicsContextCG.cpp: (WebCore::sRGBColorSpaceRef): Deleted. * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::ImageBuffer::putByteArray): * platform/graphics/cocoa/IOSurface.mm: (IOSurface::createFromImage): * platform/graphics/filters/FEFlood.h: * platform/graphics/filters/FETile.cpp: (WebCore::FETile::platformApplySoftware): * platform/graphics/filters/FilterEffect.cpp: (WebCore::FilterEffect::FilterEffect): * platform/graphics/filters/SourceGraphic.h: (WebCore::SourceGraphic::SourceGraphic): * rendering/FilterEffectRenderer.cpp: (WebCore::FilterEffectRenderer::build): (WebCore::FilterEffectRenderer::apply): * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::paintProgressBar): * rendering/svg/RenderSVGResourceClipper.cpp: (WebCore::RenderSVGResourceClipper::applyClippingToContext): * rendering/svg/RenderSVGResourceFilter.cpp: (WebCore::RenderSVGResourceFilter::buildPrimitives): * rendering/svg/RenderSVGResourceGradient.cpp: (WebCore::createMaskAndSwapContextForTextGradient): * rendering/svg/RenderSVGResourceMasker.cpp: (WebCore::RenderSVGResourceMasker::applyResource): * rendering/svg/RenderSVGResourcePattern.cpp: (WebCore::RenderSVGResourcePattern::createTileImage): * svg/graphics/SVGImage.cpp: (WebCore::SVGImage::drawPatternForContainer): * svg/graphics/filters/SVGFEImage.cpp: (WebCore::FEImage::platformApplySoftware): 2015-11-19 Babak Shafiei <bshafiei@apple.com> Merge r190574. 2015-10-05 Beth Dakin <bdakin@apple.com> Compress snapshots on iOS https://bugs.webkit.org/show_bug.cgi?id=149814 -and corresponding- rdar://problem/22976230 Reviewed by Simon Fraser. Though the default is still RGBA, it is now possible to create an IOSurface that uses the YUV422 pixel format. * platform/graphics/cocoa/IOSurface.h: * platform/graphics/cocoa/IOSurface.mm: (IOSurface::surfaceFromPool): (IOSurface::create): (IOSurface::createFromImage): (IOSurface::IOSurface): (IOSurface::releaseGraphicsContext): In order to have a YUV IOSurface, we actually have to create an RGBA surface first and then convert it to YUV, so this class method will handle that. (IOSurface::convertToFormat): Necessary SPI. * platform/spi/cocoa/IOSurfaceSPI.h: 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Rollout r192419. rdar://problem/22846841 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Rollout r192479. rdar://problem/22846841 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Rollout r192501. rdar://problem/22846841 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r192269. rdar://problem/23189742 2015-11-09 David Hyatt <hyatt@apple.com> tate-chu-yoko should shrink to fit when it exceeds the available width. <rdar://problem/12130468> https://bugs.webkit.org/show_bug.cgi?id=151051 Reviewed by Myles Maxfield. Covered by existing tests * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::combineText): When testing for text-combine, find the font variant that is the best fit, i.e., that exceeds the available width by the smallest amount. Scale that best fit down repeatedly until it fits within the available space. We set a pixel size of 6 as the threshold at which we give up. Also make sure to reset glyphOverflow on each measurement, as this was creating a potential bug both with variant checking and then with scaling, since glyphOverflow isn't reset when width() is invoked. 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r192120. rdar://problem/23189774 2015-11-06 Myles C. Maxfield <mmaxfield@apple.com> REGRESSION(r182286): Tatechuyoko following ruby is drawn too far to the right https://bugs.webkit.org/show_bug.cgi?id=150923 Reviewed by Zalan Bujtas. Ever since r182286, expansion opportunities in justified ruby were moved to their neighboring elements (thereby forbidding trailing nor leading expansions inside ruby). However, when the neighboring element is tatechuyoko, we will erroneously honor the expansion opportunity inside the tatechuyoko, thereby moving it horizontally. Tatechuyoko should never have expansion opportunities inside it. Test: fast/text/ruby-justify-tatechuyoko.html * rendering/RenderBlockLineLayout.cpp: (WebCore::expansionBehaviorForInlineTextBox): 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r192042. rdar://problem/23189765 2015-11-03 Myles C. Maxfield <mmaxfield@apple.com> Ruby base ending in tatechuyoko forces a line break before the tatechuyoko https://bugs.webkit.org/show_bug.cgi?id=150883 Reviewed by Darin Adler. Asking the width of a 0-length tatechuyoko should return 0. Test: fast/text/ruby-tatechuyoko.html * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::width): 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r190595. rdar://problem/23432378 2015-10-05 Dean Jackson <dino@apple.com> EXT_texture_filter_anisotropic extension exposed with WEBKIT_ prefix https://bugs.webkit.org/show_bug.cgi?id=149765 <rdar://problem/22983722> Reviewed by Beth Dakin. We can now remove the WEBKIT_ prefix from this extension. Test: fast/canvas/webgl/unprefixed-anisotropic-extension.html * html/canvas/WebGL2RenderingContext.cpp: Support the prefixed and unprefixed form. (WebCore::WebGL2RenderingContext::getExtension): * html/canvas/WebGLRenderingContext.cpp: (WebCore::WebGLRenderingContext::getExtension): (WebCore::WebGLRenderingContext::getSupportedExtensions): 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r190446. rdar://problem/23432369 2015-10-01 Dean Jackson <dino@apple.com> Expose WEBGL_debug_renderer_info https://bugs.webkit.org/show_bug.cgi?id=149735 <rdar://problem/18343500> Reviewed by Simon Fraser. Enable the extension that allows content to query for the GPUs vendor and details. Now that we're enabling this, there was no need for the internal setting that identified privileged situations. However, since this meant that WEBGL_debug_shaders was also exposed, I explicitly disable it since it is not yet conformant. Test: fast/canvas/webgl/webgl-debug-renderer-info.html as well as the general conformance suite. * html/canvas/WebGL2RenderingContext.cpp: No need to guard around allowPrivilegedExtensions(). (WebCore::WebGL2RenderingContext::getExtension): (WebCore::WebGL2RenderingContext::getSupportedExtensions): * html/canvas/WebGLRenderingContext.cpp: Ditto. (WebCore::WebGLRenderingContext::getExtension): (WebCore::WebGLRenderingContext::getSupportedExtensions): * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::allowPrivilegedExtensions): Deleted. * html/canvas/WebGLRenderingContextBase.h: * page/Settings.in: Remove privilegedWebGLExtensions. * platform/graphics/opengl/Extensions3DOpenGL.cpp: Forbid the translated shader extension while it is still buggy. (WebCore::Extensions3DOpenGL::supportsExtension): 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r188647. rdar://problem/23432373 2015-08-18 Dean Jackson <dino@apple.com> Support CSS filters without webkit prefix https://bugs.webkit.org/show_bug.cgi?id=148138 <rdar://problem/22331434> Reviewed by Sam Weinig. Add support for the un-prefixed form of the CSS filter property. This was straightforward for the general case on HTML content. It was a bit more tricky on SVG content, where there already was an existing "filter" property/attribute. The parsing code is now shared between SVG and HTML, as is the computed style output. Covered by updating the existing tests, and adding one new test: css3/filters/unprefixed.html * css/CSSComputedStyleDeclaration.cpp: Rename CSSPropertyWebkitFilter to CSSPropertyFilter. (WebCore::isLayoutDependent): (WebCore::ComputedStyleExtractor::propertyValue): * css/CSSFilterImageValue.cpp: (WebCore::CSSFilterImageValue::customCSSText): Use "filter(" as the prefix. * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): Rename CSSPropertyWebkitFilter to CSSPropertyFilter. (WebCore::CSSParser::isGeneratedImageValue): Add support for "filter()". (WebCore::CSSParser::parseGeneratedImage): Ditto. (WebCore::CSSParser::parseBuiltinFilterArguments): * css/CSSPropertyNames.in: Add filter. Make -webkit-filter an alias. * css/SVGCSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::svgPropertyValue): Deleted. * page/animation/CSSPropertyAnimation.cpp: Rename CSSPropertyWebkitFilter to CSSPropertyFilter. (WebCore::PropertyWrapperAcceleratedFilter::PropertyWrapperAcceleratedFilter): * page/animation/KeyframeAnimation.cpp: Ditto. (WebCore::KeyframeAnimation::checkForMatchingFilterFunctionLists): * platform/graphics/GraphicsLayer.cpp: Rename AnimatedPropertyWebkitFilter to AnimatedPropertyFilter. (WebCore::GraphicsLayer::validateFilterOperations): * platform/graphics/GraphicsLayerClient.h: Ditto. * platform/graphics/ca/GraphicsLayerCA.cpp: Ditto. (WebCore::GraphicsLayerCA::moveOrCopyAnimations): (WebCore::GraphicsLayerCA::addAnimation): (WebCore::GraphicsLayerCA::createAnimationFromKeyframes): (WebCore::GraphicsLayerCA::createFilterAnimationsFromKeyframes): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::updateOrRemoveFilterClients): SVG manages its own filter resources, so we shouldn't add a layer that has an SVG root to the filter clients. * rendering/RenderLayerBacking.cpp: Renaming. (WebCore::RenderLayerBacking::startAnimation): (WebCore::RenderLayerBacking::startTransition): (WebCore::RenderLayerBacking::graphicsLayerToCSSProperty): (WebCore::RenderLayerBacking::cssToGraphicsLayerProperty): * rendering/RenderLayerCompositor.cpp: Ditto. (WebCore::RenderLayerCompositor::requiresCompositingForAnimation): * rendering/style/SVGRenderStyle.h: Remove the SVG filter style. (WebCore::SVGRenderStyle::isolatesBlending): No need to check for hasFilter(). (WebCore::SVGRenderStyle::initialFilterResource): Deleted. (WebCore::SVGRenderStyle::setFilterResource): Deleted. (WebCore::SVGRenderStyle::filterResource): Deleted. (WebCore::SVGRenderStyle::hasFilter): Deleted. * rendering/style/SVGRenderStyleDefs.cpp: Remove the filter resource. (WebCore::StyleResourceData::StyleResourceData): Deleted. (WebCore::StyleResourceData::operator==): Deleted. * rendering/style/SVGRenderStyleDefs.h: * rendering/style/WillChangeData.cpp: Renaming. (WebCore::propertyCreatesStackingContext): (WebCore::propertyTriggersCompositing): * rendering/svg/SVGRenderSupport.cpp: (WebCore::SVGRenderSupport::isolatesBlending): Since SVGRenderStyle no longer checks hasFilter() in its isolatesBlending(), we need to do it here. * rendering/svg/SVGRenderingContext.cpp: (WebCore::SVGRenderingContext::prepareToRenderSVGContent): * rendering/svg/SVGRenderTreeAsText.cpp: (WebCore::writeResources): Dump from the CSS style value. * rendering/svg/SVGResources.cpp: Ditto. (WebCore::SVGResources::buildCachedResources): * rendering/svg/SVGResources.h: * rendering/svg/SVGResourcesCache.cpp: (WebCore::SVGResourcesCache::addResourcesFromRenderer): * platform/graphics/texmap/TextureMapperLayer.cpp: Renaming. * platform/graphics/texmap/TextureMapperAnimation.cpp: * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp: 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r188530. rdar://problem/23432371 2015-08-17 Simon Fraser <simon.fraser@apple.com> will-change should sometimes trigger compositing https://bugs.webkit.org/show_bug.cgi?id=148072 Reviewed by Tim Horton. Implement the compositing side-effects of will-change, if any of the following properties are specified: opacity filter (as -webkit-filter) backdrop-filter (as -webkit-backdrop-filter) transform (on transformable elements only) Tests: compositing/layer-creation/will-change-change.html compositing/layer-creation/will-change-layer-creation.html * inspector/InspectorLayerTreeAgent.cpp: (WebCore::InspectorLayerTreeAgent::reasonsForCompositingLayer): Tell the inspector about will-change. * rendering/RenderElement.cpp: (WebCore::RenderElement::adjustStyleDifference): Need to trigger a recomposite if will-change includes a compositing trigger property. This gets called before and after setting the style, so this checks both states. (WebCore::RenderElement::shouldWillChangeCreateStackingContext): * rendering/RenderElement.h: (WebCore::RenderElement::willChangeCreatesStackingContext): Helper function that RenderInline uses to determine if it needs to create a RenderLayer, since RenderInline doesn't get automatic layer RenderLayers as a side effect of having non-auto z-index in the style. * rendering/RenderInline.h: Need to trigger a RenderLayer if will-change includes a property that applies to inlines. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::requiresCompositingLayer): Call requiresCompositingForWillChange(). (WebCore::RenderLayerCompositor::requiresOwnBackingStore): Call requiresCompositingForWillChange(). (WebCore::RenderLayerCompositor::reasonsForCompositing): Include requiresCompositingForWillChange(). (WebCore::RenderLayerCompositor::requiresCompositingForWillChange): If will-change contains a property that would trigger compositing on this element, return true. * rendering/RenderLayerCompositor.h: * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::changeRequiresLayout): Set ContextSensitivePropertyWillChange in changedContextSensitiveProperties if will-change changes. * rendering/style/RenderStyle.h: Rename for clarity. * rendering/style/RenderStyleConstants.h: Add ContextSensitivePropertyWillChange. * rendering/style/WillChangeData.cpp: (WebCore::propertyCreatesStackingContext): Subset of properties that create stacking context on any element. (WebCore::propertyCreatesStackingContextOnBoxesOnly): Additional properties that create stacking context on boxes. (WebCore::propertyTriggersCompositing): Properties that trigger compositing on any element. (WebCore::propertyTriggersCompositingOnBoxesOnly): Additional properties that trigger compositing on boxes. (WebCore::WillChangeData::addFeature): As features are added, manage a set of flags to know if they trigger stacking context or compositing, on inlines and boxes. (WebCore::WillChangeData::createsStackingContext): Deleted. * rendering/style/WillChangeData.h: (WebCore::WillChangeData::canCreateStackingContext): (WebCore::WillChangeData::canCreateStackingContextOnInline): (WebCore::WillChangeData::canTriggerCompositing): (WebCore::WillChangeData::canTriggerCompositingOnInline): 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r188514. rdar://problem/23432371 2015-08-15 Simon Fraser <simon.fraser@apple.com> Have will-change create stacking context when necessary https://bugs.webkit.org/show_bug.cgi?id=148060 Reviewed by Zalan Bujtas. If will-change includes a property whose non-initial value can create stacking context, create stacking context for that element. Test: fast/css/will-change/will-change-creates-stacking-context.html * css/StyleResolver.cpp: (WebCore::StyleResolver::adjustRenderStyle): * rendering/style/RenderStyle.h: Add willChangeCreatesStackingContext(), which on most cases is a fast, inlined 'return false'. Otherwise ask the WillChangeData. * rendering/style/WillChangeData.cpp: (WebCore::propertyCreatesStackingContext): (WebCore::WillChangeData::createsStackingContext): * rendering/style/WillChangeData.h: 2015-11-13 Matthew Hanson <matthew_hanson@apple.com> Merge r188512. rdar://problem/23432371 2015-08-14 Simon Fraser <simon.fraser@apple.com> Implement parsing for CSS will-change https://bugs.webkit.org/show_bug.cgi?id=148052 Reviewed by Dean Jackson. Syntax is will-change: auto | <animateable-feature># where <animateable-feature> = scroll-position | contents | <custom-ident> To support this, add WillChangeData which stores a vector of "feature" and CSS property squished into 16 bits. This is stored in rareNonInheritedData. If null or an empty list, the property value is 'auto'. The list preserves unknown properties. Test: fast/css/will-change-parsing.html * CMakeLists.txt: * WebCore.vcxproj/WebCore.vcxproj: * WebCore.vcxproj/WebCore.vcxproj.filters: * WebCore.xcodeproj/project.pbxproj: * css/CSSComputedStyleDeclaration.cpp: (WebCore::getWillChangePropertyValue): (WebCore::ComputedStyleExtractor::propertyValue): * css/CSSParser.cpp: (WebCore::CSSParser::parseValue): (WebCore::isValidGridPositionCustomIdent): Renamed from isValidCustomIdent(), since it's grid-specific. (WebCore::CSSParser::parseIntegerOrCustomIdentFromGridPosition): (WebCore::valueIsCSSKeyword): Returns true for the "CSS-wide" keywords like "initial", "inherit" and "default". (WebCore::CSSParser::parseFontFamily): (WebCore::isValidWillChangeAnimatableFeature): (WebCore::CSSParser::parseWillChange): (WebCore::isValidCustomIdent): Deleted. * css/CSSParser.h: * css/CSSPrimitiveValue.h: (WebCore::CSSPrimitiveValue::isPropertyID): New utility function. * css/CSSPropertyNames.in: * css/CSSValueKeywords.in: * css/StyleBuilderCustom.h: (WebCore::StyleBuilderCustom::applyValueWillChange): * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::setWillChange): * rendering/style/RenderStyle.h: * rendering/style/StyleAllInOne.cpp: * rendering/style/StyleRareNonInheritedData.cpp: (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): (WebCore::StyleRareNonInheritedData::operator==): (WebCore::StyleRareNonInheritedData::willChangeDataEquivalent): * rendering/style/StyleRareNonInheritedData.h: * rendering/style/WillChangeData.cpp: Added. (WebCore::WillChangeData::operator==): (WebCore::WillChangeData::containsScrollPosition): (WebCore::WillChangeData::containsContents): (WebCore::WillChangeData::containsProperty): (WebCore::WillChangeData::addFeature): (WebCore::WillChangeData::featureAt): * rendering/style/WillChangeData.h: Added. (WebCore::WillChangeData::create): (WebCore::WillChangeData::operator!=): (WebCore::WillChangeData::isAuto): (WebCore::WillChangeData::numFeatures): (WebCore::WillChangeData::WillChangeData): (WebCore::WillChangeData::AnimatableFeature::feature): (WebCore::WillChangeData::AnimatableFeature::property): (WebCore::WillChangeData::AnimatableFeature::featurePropertyPair): (WebCore::WillChangeData::AnimatableFeature::AnimatableFeature): (WebCore::WillChangeData::AnimatableFeature::operator==): 2015-10-29 Lucas Forschler <lforschler@apple.com> Merge r191706. rdar://problem/23319282 2015-10-28 Andy Estes <aestes@apple.com> [Content Filtering] Crash when allowing a 0-byte resource to load https://bugs.webkit.org/show_bug.cgi?id=150644 <rdar://problem/23288538> Reviewed by Darin Adler. Test: contentfiltering/allow-empty-document.html * loader/ContentFilter.cpp: (WebCore::ContentFilter::deliverResourceData): resourceBuffer will be null if the resource contained no data. 2015-10-27 Matthew Hanson <matthew_hanson@apple.com> Merge r191636. rdar://problem/23077744 2015-10-27 Alex Christensen <achristensen@webkit.org> Cancel navigation policy checks like we do content policy checks. https://bugs.webkit.org/show_bug.cgi?id=150582 rdar://problem/22077579 Reviewed by Brent Fulgham. This was verified manually and I'll write a layout test for it soon. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::DocumentLoader): (WebCore::DocumentLoader::~DocumentLoader): (WebCore::DocumentLoader::willSendRequest): (WebCore::DocumentLoader::continueAfterNavigationPolicy): (WebCore::DocumentLoader::cancelPolicyCheckIfNeeded): * loader/DocumentLoader.h: Add a bool to keep track of whether we are waiting for navigation policy checks, like we do with content policy checks. Without this check, sometimes callbacks are made to DocumentLoaders that do not exist any more because they do not get cancelled by cancelPolicyCheckIfNeeded when detaching from the frame. 2015-10-23 Matthew Hanson <matthew_hanson@apple.com> Merge r191487. rdar://problem/22811325 2015-10-22 Sam Weinig <sam@webkit.org> Navigations on the same host (but with different schemes and ports) should not trigger universal links <rdar://problem/22811325> https://bugs.webkit.org/show_bug.cgi?id=150481 Reviewed by Dan Bernstein. Add new helper which efficiently compares the hosts of two URLs. * platform/URL.cpp: (WebCore::hostsAreEqual): * platform/URL.h: 2015-10-20 Matthew Hanson <matthew_hanson@apple.com> Merge r191357. rdar://problem/23103005 2015-10-20 Chris Fleizach <cfleizach@apple.com> AX: CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::AccessibilityTable::tableElement const + 116 https://bugs.webkit.org/show_bug.cgi?id=150349 Reviewed by Brent Fulgham. The crash point for this bug says that the parentElement of the firstBody is garbage when it's accessed. Unfortunately, I could not reproduce this in-situ or with a test. So my speculative solution is to recalculate those body elements to ensure that they're valid before we access. * accessibility/AccessibilityTable.cpp: (WebCore::AccessibilityTable::tableElement): (WebCore::AccessibilityTable::isDataTable): 2015-10-20 Matthew Hanson <matthew_hanson@apple.com> Merge r191223. rdar://problem/22900764 2015-10-16 Alex Christensen <achristensen@webkit.org> Disabled content blockers should not block any loads https://bugs.webkit.org/show_bug.cgi?id=150261 Reviewed by Brady Eidson. This fix was tested manually by reloading without content blockers on websites with iframes and content blockers that block the contents of the iframes. * page/UserContentController.cpp: (WebCore::UserContentController::removeAllUserContentExtensions): (WebCore::contentExtensionsEnabled): (WebCore::UserContentController::processContentExtensionRulesForLoad): (WebCore::UserContentController::actionsForResourceLoad): Check the DocumentLoader of the main frame when checking if content extensions are disabled, because that is the DocumentLoader that has the flag from reloading without content blockers. 2015-10-20 Matthew Hanson <matthew_hanson@apple.com> Merge r191063. rdar://problem/22900764 2015-10-14 Alex Christensen <achristensen@webkit.org> Add SPI for reloading without content blockers https://bugs.webkit.org/show_bug.cgi?id=150058 rdar://problem/22742222 Reviewed by Sam Weinig. * loader/FrameLoader.cpp: (WebCore::FrameLoader::reloadWithOverrideEncoding): (WebCore::FrameLoader::reload): * loader/FrameLoader.h: * page/Page.h: (WebCore::Page::userContentController): (WebCore::Page::userContentExtensionsEnabled): Deleted. (WebCore::Page::setUserContentExtensionsEnabled): Deleted. * replay/UserInputBridge.cpp: (WebCore::UserInputBridge::loadRequest): (WebCore::UserInputBridge::reloadFrame): (WebCore::UserInputBridge::stopLoadingFrame): * replay/UserInputBridge.h: Pass a bool from the reloadWithoutContentBlockers call to the DocumentLoader, which stores the state of whether the content blockers are enabled or not. Remove the state from the Page and copying the state from the Page to the DocumentLoader because that caused issues with the content blockers being re-enabled at the wrong time. 2015-10-20 Matthew Hanson <matthew_hanson@apple.com> Merge r190510. rdar://problem/22900764 2015-10-02 Alex Christensen <achristensen@webkit.org> Reloading without content blockers doesn't apply to resource loads after the main frame finishes https://bugs.webkit.org/show_bug.cgi?id=149430 rdar://problem/22742222 Reviewed by Geoffrey Garen. Test: http/tests/contentextensions/disable-blocker.html * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::loadResource): * loader/DocumentLoader.h: (WebCore::DocumentLoader::userContentExtensionsEnabled): (WebCore::DocumentLoader::setUserContentExtensionsEnabled): Store and use the state of whether content blockers are enabled or not on the DocumentLoader so that it stays constant for a document's entire life. This state comes from the Page when making the DocumentLoader in WebKit2. * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadResourceSynchronously): * loader/ResourceLoader.cpp: (WebCore::ResourceLoader::willSendRequestInternal): * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::requestResource): * page/DOMWindow.cpp: (WebCore::DOMWindow::open): * page/UserContentController.cpp: (WebCore::UserContentController::removeAllUserContentExtensions): (WebCore::UserContentController::processContentExtensionRulesForLoad): (WebCore::UserContentController::actionsForResourceLoad): * page/UserContentController.h: 2015-10-16 Matthew Hanson <matthew_hanson@apple.com> Merge r190752. rdar://problem/23110932 2015-10-08 Andreas Kling <akling@apple.com> Generated frame tree names should be kept reasonably long. <https://webkit.org/b/149874> Reviewed by Darin Adler. Some clumsy advertising script is going around assigning JavaScript source code to the "name" attribute of iframes. This is causing WebKit to generate way too huge names for anonymous descendants of such iframes. Previously, the generated name of an anonymous subframe would be its slash-separated path from the root frame, with the "name" attribute of each ancestor between the slashes, or "<!--frame${index in parent}-->" for anonymous ancestors. These ad scripts are often over 100kB in size, with multiple subframes, so we'd end up with frame names looking like this: "<!--framePath //<MONSTER BLOB OF JAVASCRIPT FROM HELL>/<!--frame0--><!--frame0-->-->" While this is worth fixing for the memory usage alone, we've been making it way worse by also using these paths when recording the back/forward history parts of WebKit session state. This patch makes generated paths always use index-in-parent as the "directory name" for ancestors of anonymous subframes. The above example path will now instead be: "<!--framePath //<!--frame0-->/<!--frame0-->/<!--frame0-->-->" Test: fast/frames/long-names-in-nested-subframes.html * page/FrameTree.cpp: (WebCore::FrameTree::indexInParent): (WebCore::FrameTree::uniqueChildName): * page/FrameTree.h: 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Merge r190604. rdar://problem/22993012 2015-10-05 Jer Noble <jer.noble@apple.com> [iOS] REGRESSION(r190434): Media continues to play when locking screen https://bugs.webkit.org/show_bug.cgi?id=149822 Reviewed by Brent Fulgham. In MediaSessionManagerIOS.mm, both -applicationWillEnterForeground: and -applicationDidBecomeActive: called PlatformMediaSessionManager::applicationWillEnterForeground(), leading to the PlatformMediaSession's m_interruptionCount becoming increasingly unbalanced. Rename PlatformMediaSessionManager::applicationWillEnterForeground() to applicationDidEnterForeground() to more correctly reflect when this notification will be called. Add a new method, MediaSessionManagerIOS::applicationWillEnterForeground(bool), whose paramater is whether the screen was locked. This allows the beginInterruption() and endInterruption() methods to be correctly balanced. Drive-by fix: remove the unimplemented declarations for application{will,did}Enter{Fore,Back}ground() from PlatformMediaSession.h. * platform/audio/PlatformMediaSession.h: * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterForeground): (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground): Deleted. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): (WebCore::MediaSessionManageriOS::applicationWillEnterForeground): (-[WebMediaSessionHelper applicationWillEnterForeground:]): (-[WebMediaSessionHelper applicationDidBecomeActive:]): * testing/Internals.cpp: (WebCore::Internals::applicationDidEnterForeground): (WebCore::Internals::applicationWillEnterForeground): Deleted. * testing/Internals.h: * testing/Internals.idl: 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Merge r190447. rdar://problem/22865007 2015-10-01 Jaehun Lim <ljaehun.lim@samsung.com> Unreviewed, fix build warning after r190434 Fix error: variable ‘interruption’ set but not used [-Werror=unused-but-set-variable] * testing/Internals.cpp: (WebCore::Internals::beginMediaSessionInterruption): 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Merge r190434. rdar://problem/22865007 2015-10-01 Eric Carlson <eric.carlson@apple.com> [iOS] AirPlay should not stop when the screen locks https://bugs.webkit.org/show_bug.cgi?id=148315 <rdar://problem/22770703> Reviewed by Jer Noble. Tested by media/video-interruption-with-resume-allowing-play.html media/video-interruption-with-resume-not-allowing-play.html * Modules/webaudio/AudioContext.h: overrideBackgroundPlaybackRestriction -> shouldOverrideBackgroundPlaybackRestriction. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::suspendPlayback): Fix a typo in the logging. (WebCore::HTMLMediaElement::mayResumePlayback): Ditto. (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Renamed from overrideBackgroundPlaybackRestriction. (WebCore::HTMLMediaElement::overrideBackgroundPlaybackRestriction): Deleted. * html/HTMLMediaElement.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::stateName): (WebCore::interruptionName): New, log the name of the interruption. (WebCore::PlatformMediaSession::beginInterruption): Log the interruption type. Don't increment the interruption counter if we are going to ignore it. Incorporate logic from doInterruption. (WebCore::PlatformMediaSession::doInterruption): Deleted. (WebCore::PlatformMediaSession::shouldDoInterruption): Deleted. (WebCore::PlatformMediaSession::forceInterruption): Deleted. * platform/audio/PlatformMediaSession.h: Add SuspendedUnderLock interruption type. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground): Deleted. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): Call beginInterruption when appropriate. 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Rollout r188486. rdar://problem/22707497 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Rollout r188531. rdar://problem/22707497 2015-10-15 Matthew Hanson <matthew_hanson@apple.com> Merge r191077. rdar://problem/22993325 2015-10-14 Alex Christensen <achristensen@webkit.org> [Content Extensions] Make blocked async XHR call onerror https://bugs.webkit.org/show_bug.cgi?id=146706 Reviewed by Brady Eidson. Test: http/tests/contentextensions/async-xhr-onerror.html * xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::XMLHttpRequest): (WebCore::XMLHttpRequest::createRequest): (WebCore::XMLHttpRequest::networkError): (WebCore::XMLHttpRequest::networkErrorTimerFired): (WebCore::XMLHttpRequest::abortError): * xml/XMLHttpRequest.h: Make a timer that calls networkError in 0 time if a content blocker blocks the asynchronous load. It is necessary to call setPendingActivity and dropProtection (which calls unsetPendingActivity) to keep a reference to the XMLHttpRequest alive. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r191008. rdar://problem/23110743 2015-10-13 Dean Jackson <dino@apple.com> Device motion and orientation should only be visible from the main frame's security origin https://bugs.webkit.org/show_bug.cgi?id=150072 <rdar://problem/23082036> Reviewed by Brent Fulgham. There are reports that gyroscope and accelerometer information can be used to detect keyboard entry. One initial step to reduce the risk is to forbid device motion and orientation events from being fired in frames that are a different security origin from the main page. Manual test: deviceorientation-main-frame-only.html * page/DOMWindow.cpp: (WebCore::DOMWindow::isSameSecurityOriginAsMainFrame): New helper function. (WebCore::DOMWindow::addEventListener): Check if we are the main frame, or the same security origin as the main frame. If not, don't add the event listeners. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r190570. rdar://problem/23075838 2015-10-05 Zalan Bujtas <zalan@apple.com> Mark the line dirty when RenderQuote's text changes. https://bugs.webkit.org/show_bug.cgi?id=149784 rdar://problem/22558169 Reviewed by Antti Koivisto. When quotation mark changes ( " -> ' or empty string), we need to mark the line dirty to ensure its content gets laid out properly. Test: fast/inline/quotation-text-changes-dynamically.html * rendering/RenderQuote.cpp: (WebCore::quoteTextRenderer): (WebCore::RenderQuote::updateText): (WebCore::fragmentChild): Deleted. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r190382. rdar://problem/22934241 2015-09-30 Dean Jackson <dino@apple.com> GraphicsContext3D::mappedSymbolName should initialize count variable https://bugs.webkit.org/show_bug.cgi?id=149692 <rdar://problem/22871304> Reviewed by Simon Fraser. While debugging another WebGL issue, I noticed that some OpenGL renderers can get into a state where they drop resources (e.g. a GPU reset). If we don't detect that in time, we might try to ask for the currently attached resources and our in-parameter will not be set. In this case, initialize it to zero so that we don't do silly things. * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: (WebCore::GraphicsContext3D::mappedSymbolName): Initialize count to 0. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r190339. rdar://problem/23075839 2015-09-29 Jon Honeycutt <jhoneycutt@apple.com> Avoid reparsing an XSLT stylesheet after the first failure. https://bugs.webkit.org/show_bug.cgi?id=149188 <rdar://problem/22709912> Reviewed by Dave Hyatt. Patch by Jiewen Tan, jiewen_tan@apple.com. Test: svg/custom/invalid-xslt-crash.svg * xml/XSLStyleSheet.h: Add a new member variable m_compilationFailed that tracks whether compilation has failed. Default value is false. * xml/XSLStyleSheetLibxslt.cpp: (WebCore::XSLStyleSheet::compileStyleSheet): Return early if the compilation has failed before. After compiling the style sheet, if we failed, set m_compilationFailed to true. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r190097. rdar://problem/23075843 2015-09-21 Ryosuke Niwa <rniwa@webkit.org> Fix release builds with security assertion after r190007. * dom/DocumentOrderedMap.cpp: * dom/DocumentOrderedMap.h: 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r190007. rdar://problem/23075843 2015-09-18 Ryosuke Niwa <rniwa@webkit.org> REGRESSION(r150187): updateIdForTreeScope may not be called inside shadow trees https://bugs.webkit.org/show_bug.cgi?id=149364 Reviewed by Antti Koivisto. Since the tree scope is set to that of Document's inside removeBetween when a node is removed from a shadow tree, oldScope != &treeScope() was already true inside Element::removedFrom. This can introduce an inconsistency in DocumentOrderedMap which could result in a crash. Fixed the bug by checking it against document(), which is the behavior we had prior to r150187. Also added a consistency check in DocumentOrderedMap to catch bugs like this. No new tests. New assertions fail in existing tests without this fix. * dom/DocumentOrderedMap.cpp: (WebCore::DocumentOrderedMap::add): (WebCore::DocumentOrderedMap::remove): (WebCore::DocumentOrderedMap::get): * dom/DocumentOrderedMap.h: * dom/Element.cpp: (WebCore::Element::removedFrom): 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r188531. rdar://problem/22707497 2015-08-17 Andy Estes <aestes@apple.com> REGRESSION (r188486): Crash in SubresourceLoader::didReceiveResponse() when TemporaryChange goes out of scope https://bugs.webkit.org/show_bug.cgi?id=148082 Reviewed by Alexey Proskuryakov. Covered by existing tests run under ASan or Guard Malloc. * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::didReceiveResponse): Ensure that callingDidReceiveResponse is destroyed while the SubresourceLoader is still alive by declaring it after protect. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r188486. rdar://problem/22707497 2015-08-13 Andy Estes <aestes@apple.com> [Cocoa] Downloads do not start if policy decision is made asynchronously https://bugs.webkit.org/show_bug.cgi?id=147985 Reviewed by Brady Eidson. It's only possible to convert a NSURLConnection to a download while the connection delegate's -connection:didReceiveResponse: is being called. However, WebKit clients can decide content policy asynchronously. If a client chooses to download a response asynchronously, we can no longer convert the connection to a download, so we should start a new download instead. New API test: _WKDownload.AsynchronousDownloadPolicy * dom/Document.cpp: Updated to include SubresourceLoader.h. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::mainResourceLoader): Updated to return a SubresourceLoader. (WebCore::DocumentLoader::continueAfterContentPolicy): Cast mainResourceLoader() to a ResourceLoader since didFail() is private in SubresourceLoader. * loader/DocumentLoader.h: * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::SubresourceLoader): Initialized m_callingDidReceiveResponse to false. (WebCore::SubresourceLoader::didReceiveResponse): Used TemporaryChange<> to set m_callingDidReceiveResponse to true. * loader/SubresourceLoader.h: * loader/appcache/ApplicationCacheHost.cpp: Updated to include SubresourceLoader.h. * loader/mac/DocumentLoaderMac.cpp: Ditto. 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r188416. rdar://problem/22803749 2015-08-13 Jer Noble <jer.noble@apple.com> Don't short circuit seeking https://bugs.webkit.org/show_bug.cgi?id=147892 Reviewed by Eric Carlson. When two seekWithTolerance() requests come in before the first is acted upon in seekTask(), the second will result in a "no seek required" conditional, because the new "currentTime" is assumed to be the destination time of the first seek. When cancelling a pending seek, first replace the "now" value with the "now" value from the replaced seek, thus preserving the original currentTime across all replacement seeks. Drive-by fix: some added logging causes occasional crashes, due to the underlying object being accessed having been deleted. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::seekWithTolerance): * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::seekToTime): 2015-10-14 Matthew Hanson <matthew_hanson@apple.com> Merge r188390. rdar://problem/22803749 2015-08-13 Eric Carlson <eric.carlson@apple.com> Don't short circuit seeking https://bugs.webkit.org/show_bug.cgi?id=147892 Reviewed by Jer Noble. Test: media/video-seek-to-current-time.html * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::prepareForLoad): Call clearSeeking. (WebCore::HTMLMediaElement::fastSeek): Add logging. (WebCore::HTMLMediaElement::seekWithTolerance): Add logging. Set m_pendingSeekType. (WebCore::HTMLMediaElement::seekTask): Call clearSeeking. Don't short circuit a if the current or pending seek is a fast seek. Set m_seeking to true immediately before calling media engine as it may have been cleared before the seek task queue ran. (WebCore::HTMLMediaElement::clearSeeking): New. * html/HTMLMediaElement.h: * html/HTMLMediaElementEnums.h: * platform/GenericTaskQueue.h: (WebCore::GenericTaskQueue::enqueueTask): Clear m_pendingTasks. * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::seekWithTolerance): Don't return early when asked to seek to the current time. (WebCore::MediaPlayerPrivateAVFoundation::invalidateCachedDuration): Remove some extremely noisy logging. * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::seekToTime): Add logging. 2015-10-09 Babak Shafiei <bshafiei@apple.com> Roll out r190434. 2015-10-09 Babak Shafiei <bshafiei@apple.com> Roll out r190447. 2015-10-09 Babak Shafiei <bshafiei@apple.com> Roll out r190604. 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190604. rdar://problem/22993012 2015-10-05 Jer Noble <jer.noble@apple.com> [iOS] REGRESSION(r190434): Media continues to play when locking screen https://bugs.webkit.org/show_bug.cgi?id=149822 Reviewed by Brent Fulgham. In MediaSessionManagerIOS.mm, both -applicationWillEnterForeground: and -applicationDidBecomeActive: called PlatformMediaSessionManager::applicationWillEnterForeground(), leading to the PlatformMediaSession's m_interruptionCount becoming increasingly unbalanced. Rename PlatformMediaSessionManager::applicationWillEnterForeground() to applicationDidEnterForeground() to more correctly reflect when this notification will be called. Add a new method, MediaSessionManagerIOS::applicationWillEnterForeground(bool), whose paramater is whether the screen was locked. This allows the beginInterruption() and endInterruption() methods to be correctly balanced. Drive-by fix: remove the unimplemented declarations for application{will,did}Enter{Fore,Back}ground() from PlatformMediaSession.h. * platform/audio/PlatformMediaSession.h: * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterForeground): (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground): Deleted. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): (WebCore::MediaSessionManageriOS::applicationWillEnterForeground): (-[WebMediaSessionHelper applicationWillEnterForeground:]): (-[WebMediaSessionHelper applicationDidBecomeActive:]): * testing/Internals.cpp: (WebCore::Internals::applicationDidEnterForeground): (WebCore::Internals::applicationWillEnterForeground): Deleted. * testing/Internals.h: * testing/Internals.idl: 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190602. rdar://problem/22995810 2015-10-05 Alex Christensen <achristensen@webkit.org> Invalid CSS Selector for Content Blockers invalidates others https://bugs.webkit.org/show_bug.cgi?id=148446 rdar://problem/22918235 Reviewed by Benjamin Poulain. Test: http/tests/contentextensions/invalid-selector.html * contentextensions/ContentExtensionParser.cpp: (WebCore::ContentExtensions::loadTrigger): (WebCore::ContentExtensions::isValidSelector): (WebCore::ContentExtensions::loadAction): (WebCore::ContentExtensions::loadRule): Add a check to see if a selector is valid before adding it. 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190447. rdar://problem/22865007 2015-10-01 Jaehun Lim <ljaehun.lim@samsung.com> Unreviewed, fix build warning after r190434 Fix error: variable ‘interruption’ set but not used [-Werror=unused-but-set-variable] * testing/Internals.cpp: (WebCore::Internals::beginMediaSessionInterruption): 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190434. rdar://problem/22865007 2015-10-01 Eric Carlson <eric.carlson@apple.com> [iOS] AirPlay should not stop when the screen locks https://bugs.webkit.org/show_bug.cgi?id=148315 <rdar://problem/22770703> Reviewed by Jer Noble. Tested by media/video-interruption-with-resume-allowing-play.html media/video-interruption-with-resume-not-allowing-play.html * Modules/webaudio/AudioContext.h: overrideBackgroundPlaybackRestriction -> shouldOverrideBackgroundPlaybackRestriction. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::suspendPlayback): Fix a typo in the logging. (WebCore::HTMLMediaElement::mayResumePlayback): Ditto. (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Renamed from overrideBackgroundPlaybackRestriction. (WebCore::HTMLMediaElement::overrideBackgroundPlaybackRestriction): Deleted. * html/HTMLMediaElement.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::stateName): (WebCore::interruptionName): New, log the name of the interruption. (WebCore::PlatformMediaSession::beginInterruption): Log the interruption type. Don't increment the interruption counter if we are going to ignore it. Incorporate logic from doInterruption. (WebCore::PlatformMediaSession::doInterruption): Deleted. (WebCore::PlatformMediaSession::shouldDoInterruption): Deleted. (WebCore::PlatformMediaSession::forceInterruption): Deleted. * platform/audio/PlatformMediaSession.h: Add SuspendedUnderLock interruption type. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground): Deleted. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): Call beginInterruption when appropriate. 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r189979. rdar://problem/23033080 2015-09-18 Chris Dumez <cdumez@apple.com> WebContent crash in WebCore::MemoryPressureHandler::releaseCriticalMemory() with GuardMalloc when preparing to suspend https://bugs.webkit.org/show_bug.cgi?id=149350 Reviewed by Antti Koivisto. in MemoryPressureHandler::releaseCriticalMemory(), iterate over a copy of Document::allDocuments() instead of iterating over allDocuments() directly. Also make sure the Documents are ref'd inside the copy. This is needed because clearing the StyleResolver of a Document may cause Documents to be unref'd and removed from the allDocument() HashSet. No new tests, already covered by existing tests. * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::releaseCriticalMemory): 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r189834. rdar://problem/22807373 2015-09-15 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Paused Debugger prevents page reload https://bugs.webkit.org/show_bug.cgi?id=148174 Reviewed by Brian Burg. When navigating the page while paused, suppress any pausing until the page has completed navigation. If not paused and navigating, you can still pause in pagehide and unload handlers or other late page events. Could not write a reliable test for this at the moment. InspectorTest.reloadPage has multiple issues with the output, so I'll investigate making reload tests more reliable later. * inspector/InspectorController.h: * inspector/InspectorController.cpp: (WebCore::InspectorController::resume): Deleted. * loader/FrameLoader.cpp: (WebCore::FrameLoader::continueLoadAfterNavigationPolicy): We now use existing InspectorInstrumentation functions instead of a method on InspectorController during load. In dropping the method InspectorController can drop a member variable no longer used. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::willStartProvisionalLoad): Add a new instrumentation hook. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::willStartProvisionalLoadImpl): (WebCore::InspectorInstrumentation::didCommitLoadImpl): When starting or completing main frame navigations, let the PageDebuggerAgent do some work. * inspector/PageDebuggerAgent.h: * inspector/PageDebuggerAgent.cpp: (WebCore::PageDebuggerAgent::mainFrameStartedLoading): (WebCore::PageDebuggerAgent::mainFrameStoppedLoading): (WebCore::PageDebuggerAgent::mainFrameNavigated): Suppress pausing if navigating while paused. Otherwise behave as normal. 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r189421. rdar://problem/22823243 2015-09-04 Myles C. Maxfield <mmaxfield@apple.com> Crash when font completes downloading after calling 2D canvas setText() multiple times https://bugs.webkit.org/show_bug.cgi?id=148789 Reviewed by Darin Adler. The CSSFontSelector has a list of clients, and when fonts complete downloading, these clients get a call back. CanvasRenderingContext2D::State is one such of these clients. However, the CSSFontSelector may be destroyed and recreated at any time. We were getting into a case where multiple CSSFontSelectors were thinking that the same CanvasRenderingContext2D::State were their client. When the CanvasRenderingContext2D::State was destroyed, it only unregistered itself from one of the CSSFontSelectors, which means the CSSFontSelector left over has a dangling pointer to it. The solution is to implement a new helper class, FontProxy, to hold the CanvasRenderingContext2D::State's font, and maintain the invariant that this object is always registered to exactly one CSSFontSelector, and this CSSFontSelector is the one which is associated with the FontProxy's FontCascade object. This patch maintains this invariant, as well as protecting all access to the State's FontCascade object so no one can reach in and change it without going through functions which maintain the invariant. Test: fast/canvas/font-selector-crash.html * css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::registerForInvalidationCallbacks): (WebCore::CSSFontSelector::unregisterForInvalidationCallbacks): (WebCore::CSSFontSelector::dispatchInvalidationCallbacks): * css/CSSFontSelector.h: * dom/Document.cpp: (WebCore::Document::fontsNeedUpdate): (WebCore::Document::fontSelector): (WebCore::Document::clearStyleResolver): * dom/Document.h: * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::State::State): (WebCore::CanvasRenderingContext2D::State::operator=): (WebCore::CanvasRenderingContext2D::FontProxy::~FontProxy): (WebCore::CanvasRenderingContext2D::FontProxy::FontProxy): (WebCore::CanvasRenderingContext2D::FontProxy::update): (WebCore::CanvasRenderingContext2D::FontProxy::fontsNeedUpdate): (WebCore::CanvasRenderingContext2D::FontProxy::initialize): (WebCore::CanvasRenderingContext2D::FontProxy::fontMetrics): (WebCore::CanvasRenderingContext2D::FontProxy::fontDescription): (WebCore::CanvasRenderingContext2D::FontProxy::width): (WebCore::CanvasRenderingContext2D::FontProxy::drawBidiText): (WebCore::CanvasRenderingContext2D::font): (WebCore::CanvasRenderingContext2D::setFont): (WebCore::CanvasRenderingContext2D::measureText): (WebCore::CanvasRenderingContext2D::drawTextInternal): (WebCore::CanvasRenderingContext2D::State::~State): Deleted. (WebCore::CanvasRenderingContext2D::State::fontsNeedUpdate): Deleted. (WebCore::CanvasRenderingContext2D::accessFont): Deleted. * html/canvas/CanvasRenderingContext2D.h: * platform/graphics/FontSelector.h: 2015-10-08 Andy Estes <aestes@apple.com> Merge r188486, r188517, r188531, r188844, r188845, r188851, r188852, r188880, r188881, r188988, r189193, r189289, and r190133. rdar://problem/22846460 2015-08-26 Andy Estes <aestes@apple.com> [Content Filtering] Determine navigation and content policy before continuing to filter a load https://bugs.webkit.org/show_bug.cgi?id=148506 Reviewed by Brady Eidson. Prior to this change, ContentFilter would hide from DocumentLoader all CachedRawResourceClient callbacks until a decision was made, then replay the missed callbacks. This approach interacted poorly with some features of the loader, notably appcache and downloads. In the case of appcache, DocumentLoader might not have a chance to check for substitute data until the original load has finished, wasting bandwidth, and might receive duplicate or out-of-order callbacks. In the case of downloads, it would often be too late to convert the existing connection to a download, leading to restarted downloads or outright failures. Bandaids were put in place for these issues in r188150, r188486, and r188851 to fix crashes or serious regressions in behavior, but these weren't complete fixes. They did not solve any of the duplicate data loading problems, and they did not make downloads work reliably in all cases. This patch rolls out the bandaids (but keeps their tests) and replaces them with a more robust fix. Instead of hiding callbacks from DocumentLoader, ContentFilter now delivers willSendRequest(), redirectReceived(), and responseReceived() to DocumentLoader immediately, and cancels filtering if DocumentLoader decides to ignore the load, download it, or load substitute data. ContentFilter continues to buffer incoming data to prevent partial rendering of blocked content. The existing tests for r188150 and r188851 were kept, the test for r188486 was rewritten to be specific to content filtering, and new tests were added to cover the case where ContentFilter is still undecided after a load finishes. Tests: contentfiltering/allow-never.html contentfiltering/block-never.html ContentFiltering.AllowDownloadAfterAddData ContentFiltering.AllowDownloadAfterFinishedAddingData ContentFiltering.AllowDownloadAfterRedirect ContentFiltering.AllowDownloadAfterResponse ContentFiltering.AllowDownloadAfterWillSendRequest ContentFiltering.AllowDownloadNever ContentFiltering.BlockDownloadAfterAddData ContentFiltering.BlockDownloadAfterFinishedAddingData ContentFiltering.BlockDownloadAfterRedirect ContentFiltering.BlockDownloadAfterResponse ContentFiltering.BlockDownloadAfterWillSendRequest ContentFiltering.BlockDownloadNever * bindings/js/JSMockContentFilterSettingsCustom.cpp: (WebCore::JSMockContentFilterSettings::decisionPoint): Taught to handle DecisionPoint::Never, and rewrote to not need a set of const uint8_ts that mirror the DecisionPoint enum. (WebCore::JSMockContentFilterSettings::setDecisionPoint): Ditto. (WebCore::toJSValue): Rewrote to not need a set of const uint8_ts that mirror the Decision enum. (WebCore::toDecision): Ditto. * loader/ContentFilter.cpp: (WebCore::ContentFilter::createIfEnabled): Renamed from createIfNeeded, and changed to take a DocumentLoader& instead of a DecisionFunction. (WebCore::ContentFilter::ContentFilter): (WebCore::ContentFilter::responseReceived): If m_state != Blocked after filtering, call DocumentLoader::responseReceived(). (WebCore::ContentFilter::dataReceived): If m_state == Allowed after filtering, deliver buffered data to DocumentLoader. If no filtering was necessary, call DocumentLoader::dataReceived() directly. (WebCore::ContentFilter::redirectReceived): If m_state != Blocked after filtering, call DocumentLoader::redirectReceived(). (WebCore::ContentFilter::notifyFinished): If an error occured, call DocumentLoader::notifyFinished() immediately and return. If m_state != Blocked after filtering, deliver buffered data to DocumentLoader and call DocumentLoader::notifyFinished(). If no filtering was necessary and m_state != Blocked, call DocumentLoader::notifyFinished() directly. (WebCore::ContentFilter::didDecide): Called DocumentLoader::contentFilterDidDecide() instead of m_decisionFunction(). (WebCore::ContentFilter::deliverResourceData): Added a helper function to deliver buffered data to DocumentLoader. (WebCore::ContentFilter::createIfNeeded): Renamed to createIfEnabled(). * loader/ContentFilter.h: * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::DocumentLoader): (WebCore::DocumentLoader::willSendRequest): Stopped asserting that redirectResponse is null and made it part of the if condition instead, since willSendRequest() will now be called on redirects when there is an active ContentFilter. (WebCore::DocumentLoader::startLoadingMainResource): Called becomeMainResourceClient() instead of becomeMainResourceClientIfFilterAllows(). (WebCore::DocumentLoader::becomeMainResourceClient): Renamed from becomeMainResourceClientIfFilterAllows(). Only called ContentFilter::startFilteringMainResource() if the filter state is Initialized, since ContentFilter might have already made a decision in willSendRequest(). (WebCore::DocumentLoader::contentFilterDidDecide): Stopped deleting m_contentFilter, since it will continue to deliver callbacks even after making a decision. Fixed a bug where we were creating two copies of ContentFilter's replacement data. (WebCore::DocumentLoader::syntheticRedirectReceived): Deleted. (WebCore::DocumentLoader::becomeMainResourceClientIfFilterAllows): Renamed to becomeMainResourceClient(). * loader/DocumentLoader.h: * loader/EmptyClients.h: * loader/FrameLoaderClient.h: * loader/ResourceLoader.cpp: (WebCore::ResourceLoader::willSendRequestInternal): Removed part of r188851. * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::didReceiveResponse): Removed part of r188486. * loader/SubresourceLoader.h: * loader/cache/CachedRawResource.cpp: (WebCore::CachedRawResource::didAddClient): Removed part of r188150. * loader/cache/CachedRawResourceClient.h: (WebCore::CachedRawResourceClient::syntheticRedirectReceived): Removed part of r188150. * testing/MockContentFilterSettings.h: Defined DecisionPoint::Never. * testing/MockContentFilterSettings.idl: Defined DECISION_POINT_NEVER. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Roll out r190447. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Roll out r190434. 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190480. rdar://problem/22865007 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r190447. 2015-10-01 Jaehun Lim <ljaehun.lim@samsung.com> Unreviewed, fix build warning after r190434 Fix error: variable ‘interruption’ set but not used [-Werror=unused-but-set-variable] * testing/Internals.cpp: (WebCore::Internals::beginMediaSessionInterruption): 2015-10-08 Matthew Hanson <matthew_hanson@apple.com> Merge r190478. rdar://problem/22865007 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r190434. 2015-10-01 Eric Carlson <eric.carlson@apple.com> [iOS] AirPlay should not stop when the screen locks https://bugs.webkit.org/show_bug.cgi?id=148315 <rdar://problem/22770703> Reviewed by Jer Noble. Tested by media/video-interruption-with-resume-allowing-play.html media/video-interruption-with-resume-not-allowing-play.html * Modules/webaudio/AudioContext.h: overrideBackgroundPlaybackRestriction -> shouldOverrideBackgroundPlaybackRestriction. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::suspendPlayback): Fix a typo in the logging. (WebCore::HTMLMediaElement::mayResumePlayback): Ditto. (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction): Renamed from overrideBackgroundPlaybackRestriction. (WebCore::HTMLMediaElement::overrideBackgroundPlaybackRestriction): Deleted. * html/HTMLMediaElement.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::stateName): (WebCore::interruptionName): New, log the name of the interruption. (WebCore::PlatformMediaSession::beginInterruption): Log the interruption type. Don't increment the interruption counter if we are going to ignore it. Incorporate logic from doInterruption. (WebCore::PlatformMediaSession::doInterruption): Deleted. (WebCore::PlatformMediaSession::shouldDoInterruption): Deleted. (WebCore::PlatformMediaSession::forceInterruption): Deleted. * platform/audio/PlatformMediaSession.h: Add SuspendedUnderLock interruption type. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground): Deleted. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): Call beginInterruption when appropriate. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r190380. 2015-09-30 Dean Jackson <dino@apple.com> Crash in gleLookupHashObject when context is lost https://bugs.webkit.org/show_bug.cgi?id=149690 <rdar://problem/22751585> <rdar://problem/22465495> Reviewed by Simon Fraser. When we received notification that the GPU has reset, we were nulling out and deleting our OpenGL contexts and then trying to do it all over again. The fix was to flip the order of operations. While there I added some logging, and changed the way we check GPU status to make sure we do a check after the first draw call. Unfortunately we can't test automatically because it involves resetting the GPU which can possibly cause concurrent tests to fail. * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Move forceContextLost() to be the first thing we do after we've realised we need to bail. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r190375. 2015-09-30 Myles C. Maxfield <mmaxfield@apple.com> Crash when using an SVG font with > 390 glyphs https://bugs.webkit.org/show_bug.cgi?id=149677 <rdar://problem/21676402> Reviewed by Simon Fraser. The "Charset Index" in OTF are indices into a collection of strings. There are 390 predefined strings in this collection. We were currently assigning each glyph to one of these strings. However, if there are more glyphs than strings, we will be using invalid indices. The values of the strings themselves are not necessary for SVG fonts. Therefore, the solution is to create a single dummy string, and have all glyphs target it. Tests: svg/custom/many-glyphs.svg * css/CSSFontFaceSource.cpp: (WebCore::CSSFontFaceSource::font): * svg/SVGToOTFFontConversion.cpp: (WebCore::SVGToOTFFontConverter::appendCFFTable): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r190327. 2015-09-29 Jer Noble <jer.noble@apple.com> REGRESSION: WebAudio user-gesture restriction is no longer lifted by touchstart event https://bugs.webkit.org/show_bug.cgi?id=149367 Reviewed by Eric Carlson. Use processingUserGestureForMedia() rather than processingUserGesture(), as the former includes touchstart and the latter does not. * Modules/webaudio/AudioContext.cpp: (WebCore::AudioContext::willBeginPlayback): (WebCore::AudioContext::willPausePlayback): * html/MediaElementSession.cpp: (WebCore::MediaElementSession::playbackPermitted): (WebCore::MediaElementSession::dataLoadingPermitted): (WebCore::MediaElementSession::fullscreenPermitted): (WebCore::MediaElementSession::showPlaybackTargetPicker): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r189560. 2015-09-09 Benjamin Poulain <bpoulain@apple.com> CSS general sibling selectors does not work without CSS JIT https://bugs.webkit.org/show_bug.cgi?id=148987 rdar://problem/22559860 Reviewed by Andreas Kling. When traversing with the indirect adjacent combinator, SelectorChecker was not setting the style invalidation flag on the right element. Tests: fast/css/indirect-adjacent-style-invalidation-1.html fast/css/indirect-adjacent-style-invalidation-2.html fast/css/indirect-adjacent-style-invalidation-3.html * css/SelectorChecker.cpp: (WebCore::SelectorChecker::matchRecursively): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r189322. 2015-09-03 Jer Noble <jer.noble@apple.com> [iOS] Playback does not pause when deselecting route and locking screen. https://bugs.webkit.org/show_bug.cgi?id=148724 Reviewed by Eric Carlson. When deselecting a route, the route change notification can be delayed for some amount of time. If the screen is locked before the notification is fired, the PlatformMediaSessionManager can refuse to pause the video when entering the background due to a wireless playback route still being active. When the media element transitions from having an active route to not having one (or vice versa), re-run the interruption check. In order to correctly determine, when that occurs, whether we are in an 'application background' state, cache that value to an ivar when handling application{Will,Did}Enter{Background,Foreground}. Because we only want to run this step during an actual transition between playing to a route -> playing locally, cache the value of isPlayingToWirelessPlayback to another ivar, and only inform the PlatformMediaSessionManager when that value actually changes. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): * platform/audio/PlatformMediaSession.cpp: (WebCore::PlatformMediaSession::isPlayingToWirelessPlaybackTargetChanged): Set or clear m_isPlayingToWirelessPlaybackTarget. * platform/audio/PlatformMediaSession.h: (WebCore::PlatformMediaSession::isPlayingToWirelessPlaybackTarget): Simple getter. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationWillEnterBackground): Set m_isApplicationInBackground. (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground): Ditto. (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground): Clear m_isApplicationInBackground. (WebCore::PlatformMediaSessionManager::sessionIsPlayingToWirelessPlaybackTargetChanged): Run interruption if application is in background. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188768. 2015-08-21 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: REGRESSION(173684): Edit as HTML not working https://bugs.webkit.org/show_bug.cgi?id=148268 Reviewed by Chris Dumez. Tests: inspector/dom/getOuterHTML.html inspector/dom/setOuterHTML.html * inspector/DOMPatchSupport.cpp: (WebCore::DOMPatchSupport::innerPatchChildren): Revert the optimization change made in r173684. The optimization changes had a few issues. It changed the logic to potentially drop out of the loop before all new items were processed and using a node reference to track an index did not account for the modifications insertBefore may have made to that node's index in the list. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188690. 2015-08-20 Chris Dumez <cdumez@apple.com> [Cocoa] Treat Epoch as invalid value for "Last-Modified" header https://bugs.webkit.org/show_bug.cgi?id=148162 rdar://problem/22330837 Reviewed by Antti Koivisto. Ignore "Last-Modified" header when computing heuristic freshness if it is Epoch. CFNetwork currently converts a malformed date for Last-Modified into Epoch so there is no way for us to distinguish Epoch from invalid input. Without this, we would end up with cached resources that have a giant lifetime (> 4 years) due to a malformed HTTP header. Some Websites (e.g. www.popehat.com) also wrongly return Epoch as Last-Modified value and we would end up caching it overly aggressively. Now that we consider Epoch as an invalid value for Last-Modified, it will also work around this content bug. Test: http/tests/cache/disk-cache/disk-cache-last-modified.html * platform/network/ResourceResponseBase.cpp: (WebCore::ResourceResponseBase::lastModified): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188634. 2015-08-18 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] Punctuation near Hindi text is garbled when styled with the system font https://bugs.webkit.org/show_bug.cgi?id=148164 Reviewed by Brian Burg. Fonts cache whether or not they are the system font. This caching took place at the end of Font::platformInit(). However, in the middle of Font::platformInit(), we look up a glyph, which calls GlyphPage::fill() which consults with this cache. However, at this point, the cache has not been constructed yet. The solution is just to construct the cache earlier (at the beginning of the function). Consulting with the cache before it is populated causes it to erroneously say that no fonts are system fonts. Then, we use Core Graphics to ask for glyphs instead of Core Text. Core Graphics, however, is incapable of handling the system font, and returns us garbled results. In particular, when the system language is set to Japanese, the system font does not support punctuation, and Core Text tells us so. However, Core Graphics erroneously tells us that the system font does support punctuation. Then, if text is near the punctuation which causes us to take the complex text codepath (such as Hindi text), we tell Core Text to explicitly lay out the punctuation using the system font (which does not support punctuation). Core Text then replies that the provided font doesn't support the punctuation, and that we should use LastResort with some other glyphs instead. WebKit then disregards the font CoreText told us to use (because we are oh-so-sure that the font in question supports punctuation) and uses the LastResort glyph IDs with our font, which causes arbitrary glyphs to be shown. Test: fast/text/hindi-system-font-punctuation.html * platform/graphics/cocoa/FontCocoa.mm: (WebCore::Font::platformInit): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188622. 2015-08-18 Dean Jackson <dino@apple.com> Add null check in ImageBufferData::getData https://bugs.webkit.org/show_bug.cgi?id=148156 <rdar://problem/22337157> Reviewed by Simon Fraser. We're getting a number of crash reports that suggest the allocation of the result buffer has failed, but have been unable to reproduce. This patch adds a null check to the allocation, and logs a message to the system console. This might avoid the crashes, and hopefully we'll see the message. No new tests, since we're unable to reproduce this crash. * platform/graphics/cg/ImageBufferDataCG.cpp: (WebCore::ImageBufferData::getData): Add a null-check and early return. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188405. 2015-08-13 Wenson Hsieh <wenson_hsieh@apple.com> A focused node should not be assisted when handling touch events synchronously https://bugs.webkit.org/show_bug.cgi?id=147836 <rdar://problem/22204108> Reviewed by Enrica Casucci. Makes interaction with touch handlers no longer assist the currently focused element in the general case. Added plumbing to reassist a currently focused node when dispatching touch events, so that an input that programmatically focuses itself and prevents default on a touch event will be properly assisted when it has been programmatically focused (either through Javascript or the autofocus attribute) prior to receiving the touch event. This patch also removes the now unnecessary special-casing of the Gmail settings app that currently makes the keyboard deploy upon autofocus. * dom/Element.cpp: (WebCore::Element::focus): Notifies the chrome client that the element has refocused before returning early. * page/ChromeClient.h: Refocusing an element does nothing by default. * platform/RuntimeApplicationChecksIOS.h: Removed special casing for Gmail Add Account. * platform/RuntimeApplicationChecksIOS.mm: See above. (WebCore::applicationIsGmailAddAccountOnIOS): See above. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r188182. 2015-08-07 James Craig <jcraig@apple.com> REGRESSION(r184722) AX: WebKit video playback toolbar removed from DOM; no longer accessible to VoiceOver https://bugs.webkit.org/show_bug.cgi?id=145684 Reviewed by Dean Jackson. Updated Apple Video controls to add an invisible but focusable button that allows VoiceOver users (and when unblocked, keyboard users) to re-display the video controls. Test: media/video-controls-show-on-kb-or-ax-event.html * English.lproj/mediaControlsLocalizedStrings.js: * Modules/mediacontrols/mediaControlsApple.css: (audio::-webkit-media-show-controls): (video::-webkit-media-show-controls): * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.createControls): (Controller.prototype.handleFullscreenChange): (Controller.prototype.handleShowControlsClick): (Controller.prototype.handleWrapperMouseMove): (Controller.prototype.updateForShowingControls): (Controller.prototype.showControls): (Controller.prototype.hideControls): (Controller.prototype.setNeedsUpdateForDisplayedWidth): * Modules/mediacontrols/mediaControlsiOS.css: (audio::-webkit-media-show-controls): (video::-webkit-media-show-controls): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r187994. 2015-08-05 Zalan Bujtas <zalan@apple.com> [Frame flattening] Return early when child RenderView is not available. https://bugs.webkit.org/show_bug.cgi?id=147697 Reviewed by Simon Fraser. No change in functionality. * rendering/RenderFrameBase.cpp: (WebCore::RenderFrameBase::peformLayoutWithFlattening): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r187921. 2015-08-04 Chris Dumez <cdumez@apple.com> Subframes with no current HistoryItem should not prevent page-caching https://bugs.webkit.org/show_bug.cgi?id=147649 <rdar://problem/21614832> Reviewed by Andreas Kling. Subframes with no current HistoryItem should not prevent page-caching. We need one for the main frame as this is the key in the PageCache. However, there is no reason to require one for subframes. This is a common reason for page-caching failures nowadays. Frames do no have a current HistoryItem until something has been loaded in them. Test: http/tests/navigation/page-cache-iframe-no-current-historyItem.html * history/PageCache.cpp: (WebCore::logCanCacheFrameDecision): (WebCore::PageCache::canCachePageContainingThisFrame): 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r187210. 2015-07-22 Wenson Hsieh <wenson_hsieh@apple.com> Coordinates-based snap offsets don't update correctly when container is scrolled https://bugs.webkit.org/show_bug.cgi?id=147215 Reviewed by Brent Fulgham. Fixes the way we append the snap offsets of child elements with coordinates. We now consider the scroll offset of the parent scroll snapping container, so snap offset recomputations don't fail on scroll snapping containers. Test: css3/scroll-snap/scroll-snap-coordinate-overflow-resize.html * page/scrolling/AxisScrollSnapOffsets.cpp: (WebCore::appendChildSnapOffsets): Fixed to consider the scroll offset of the parent container. 2015-10-02 Babak Shafiei <bshafiei@apple.com> Merge r187145. 2015-07-21 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Node highlights are wrong when the page is zoomed https://bugs.webkit.org/show_bug.cgi?id=147177 Reviewed by Simon Fraser. * inspector/InspectorOverlay.cpp: (WebCore::InspectorOverlay::update): Remove scaling that appears to no longer be needed, it was double scaling the overlay content and misplacing it in the process. 2015-10-01 Babak Shafiei <bshafiei@apple.com> Merge r188298. 2015-08-11 Zalan Bujtas <zalan@apple.com> Invalid FrameView::m_viewportRenderer after layout is finished. https://bugs.webkit.org/show_bug.cgi?id=147848 rdar://problem/22205197 Reviewed by Simon Fraser. We cache the current viewport renderer (FrameView::m_viewportRenderer) right before layout. It gets dereferenced later when layout is finished to update the overflow status. If the viewport renderer gets destroyed during layout, we end up with a dangling pointer. This patch replaces the pointer caching with type caching (none, body, document). Unable to construct a test case. 2015-09-16 Babak Shafiei <bshafiei@apple.com> Merge r189862. 2015-09-16 Chris Fleizach <cfleizach@apple.com> AX: No VoiceOver typing feedback in some search fields https://bugs.webkit.org/show_bug.cgi?id=149177 Reviewed by Mario Sanchez Prada. If SearchFieldRole is not marked as a TextControl, it does not end up returning the accessibilityValue, which is needed to output the right text to VoiceOver. Test: accessibility/ax-value-with-search.html * accessibility/AccessibilityObject.cpp: (WebCore::AccessibilityObject::isTextControl): 2015-09-10 Babak Shafiei <bshafiei@apple.com> Merge r189469. 2015-09-07 Daniel Bates <dabates@apple.com> ASSERT_WITH_SECURITY_IMPLICATION in WebCore::DocumentOrderedMap::get(); update form association after subtree insertion https://bugs.webkit.org/show_bug.cgi?id=148919 <rdar://problem/21868036> Reviewed by Andy Estes. Currently we update the form association of a form control upon insertion into the document. Instead we should update the form association of a form control after its containing subtree is inserted into the document to avoid an assertion failure when the containing subtree has an element whose id is identical to both the id of some other element in the document and the name of the form referenced by the inserted form control. Tests: fast/forms/update-form-owner-in-moved-subtree-assertion-failure-2.html fast/forms/update-form-owner-in-moved-subtree-assertion-failure-3.html fast/forms/update-form-owner-in-moved-subtree-assertion-failure-4.html fast/forms/update-form-owner-in-moved-subtree-assertion-failure.html * html/FormAssociatedElement.cpp: (WebCore::FormAssociatedElement::insertedInto): Moved resetFormOwner() from here to {HTMLFormControlElement, HTMLObjectElement}::finishedInsertingSubtree(). * html/HTMLFormControlElement.cpp: (WebCore::HTMLFormControlElement::insertedInto): Return InsertionShouldCallFinishedInsertingSubtree so that HTMLFormControlElement::finishedInsertingSubtree() is called. (WebCore::HTMLFormControlElement::finishedInsertingSubtree): Added; turn around and call FormAssociatedElement::resetFormOwner(). * html/HTMLFormControlElement.h: * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::insertedInto): Return InsertionShouldCallFinishedInsertingSubtree so that HTMLInputElement::finishedInsertingSubtree() is called and move logic to update radio button group from here... (WebCore::HTMLInputElement::finishedInsertingSubtree): to here. * html/HTMLInputElement.h: * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::insertedInto): Return InsertionShouldCallFinishedInsertingSubtree so that HTMLObjectElement::finishedInsertingSubtree() is called. (WebCore::HTMLObjectElement::finishedInsertingSubtree): Added; turn around and call FormAssociatedElement::resetFormOwner(). * html/HTMLObjectElement.h: * html/HTMLSelectElement.cpp: (WebCore::HTMLSelectElement::insertedInto): Modified to return the result of HTMLFormControlElementWithState::insertedInto(), which may schedule a callback after subtree insertion. * html/HTMLTextFormControlElement.cpp: (WebCore::HTMLTextFormControlElement::insertedInto): Ditto. 2015-09-03 Babak Shafiei <bshafiei@apple.com> Merge r189167. 2015-08-31 Enrica Casucci <enrica@apple.com> Incorrect cursor movement for U+26F9, U+1F3CB with variations. https://bugs.webkit.org/show_bug.cgi?id=148629 rdar://problem/22492366 Reviewed by Ryosuke Niwa. Updating text break iterator rules to correctly handle those two emoji with variations. * platform/text/TextBreakIterator.cpp: (WebCore::cursorMovementIterator): 2015-08-27 Babak Shafiei <bshafiei@apple.com> Merge r189024. 2015-08-27 Enrica Casucci <enrica@apple.com> Add some new emoji with modifiers and new sequence. https://bugs.webkit.org/show_bug.cgi?id=148202 rdar://problem/21849857 Reviewed by Sam Weinig. Adding support for some new emoji with modifiers and one new emoji sequence. * platform/graphics/FontCascade.cpp: (WebCore::FontCascade::characterRangeCodePath): * platform/text/CharacterProperties.h: (WebCore::isEmojiGroupCandidate): (WebCore::isEmojiModifier): * platform/text/TextBreakIterator.cpp: (WebCore::cursorMovementIterator): 2015-08-26 Babak Shafiei <bshafiei@apple.com> Merge r188271. 2015-08-11 Said Abou-Hallawa <sabouhallawa@apple.com> feMorphology is not rendered correctly on Retina display https://bugs.webkit.org/show_bug.cgi?id=147589 Reviewed by Dean Jackson. The result ImageBuffer of any FilterEffect is already scaled up for 2x display. The FEMorphology needs to fix its painting data dimension and radius by multiplying them by the filter scale factor. Test: fast/hidpi/filters-morphology.html * platform/graphics/filters/FEMorphology.cpp: (WebCore::FEMorphology::platformApplySoftware): 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r188659. 2015-08-19 Brent Fulgham <bfulgham@apple.com> Scrollable area container is not properly cleared when page is going into the PageCache https://bugs.webkit.org/show_bug.cgi?id=148182 <rdar://problem/21969170> Reviewed by Dean Jackson. Must be tested manually going back and forth in history several times. * history/CachedFrame.cpp: (WebCore::CachedFrame::CachedFrame): Clear the cached ScrollableAreas from the FrameView. * page/FrameView.cpp: (WebCore::FrameView::clearScrollableAreas): Added. * page/FrameView.h: 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r188370. 2015-08-12 Brent Fulgham <bfulgham@apple.com> Move RenderBox-specific Scroll Snap code from RenderElement to RenderBox https://bugs.webkit.org/show_bug.cgi?id=147963 Reviewed by Simon Fraser. No new tests: No change in functionality. * rendering/RenderBox.cpp: (WebCore::RenderBox::styleWillChange): Remove RenderBox-specific code. (WebCore::RenderBox::willBeRemovedFromTree): Ditto. * rendering/RenderBox.h: * rendering/RenderElement.cpp: (WebCore::RenderElement::styleWillChange): Move code from RenderElement to handle Scroll Snap Points. (WebCore::RenderElement::willBeRemovedFromTree): Added new override to handle scroll-snap point logic. 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r188340. 2015-08-12 Brent Fulgham <bfulgham@apple.com> REGRESSION(r185606): ASSERT in WebCore::RenderElement::styleWillChange https://bugs.webkit.org/show_bug.cgi?id=147596 <rdar://problem/21963355> Reviewed by Jon Honeycutt. Only add (or remove) a RenderElement from the container of RenderBoxes with scroll snap coordinates if the element actually is a RenderBox. Tested by css3/scroll-snap/improper-snap-points-crash.html. * rendering/RenderElement.cpp: (WebCore::RenderElement::styleWillChange): (WebCore::RenderElement::willBeRemovedFromTree): 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r188014. 2015-08-05 Chris Dumez <cdumez@apple.com> Crash when removing children of a MathMLSelectElement https://bugs.webkit.org/show_bug.cgi?id=147704 <rdar://problem/21940321> Reviewed by Ryosuke Niwa. When MathMLSelectElement::childrenChanged() is called after its children have been removed, MathMLSelectElement calls updateSelectedChild() which accesses m_selectedChild. However, in this case, m_selectedChild is the previously selected child and it may be destroyed as this point if it was removed. To avoid this problem, MathMLSelectElement now keep a strong ref to the currently selected element. Test: mathml/maction-removeChild.html * mathml/MathMLSelectElement.h: 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r187758. 2015-08-03 Anders Carlsson <andersca@apple.com> Safari is failing to remove SQLite Databases via Remove All Website Data https://bugs.webkit.org/show_bug.cgi?id=147584 rdar://problem/22095006 Reviewed by Brady Eidson. If we end up deleting every single database for an origin, make sure to also delete the origin. * Modules/webdatabase/DatabaseTracker.cpp: (WebCore::DatabaseTracker::deleteDatabasesModifiedSince): 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r187685. 2015-07-31 Myles C. Maxfield <mmaxfield@apple.com> [SVG -> OTF Converter] Crash when converting Arabic fonts https://bugs.webkit.org/show_bug.cgi?id=147510 Reviewed by Anders Carlsson. SVGToOTFFontConverter::compareCodepointsLexicographically() wasn't transitive. Test: fast/text/arabic-duplicate-glyph-font.html * svg/SVGToOTFFontConversion.cpp: (WebCore::SVGToOTFFontConverter::compareCodepointsLexicographically): 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r187564. 2015-07-29 Zalan Bujtas <zalan@apple.com> Remove the spanner placeholder from m_spannerMap when the placeholder object gets transferred to a descendant flow. https://bugs.webkit.org/show_bug.cgi?id=147380 rdar://problem/21981078 Reviewed by David Hyatt. Before r180328, the spanner placeholder was removed from m_spannerMap through RenderMultiColumnFlowThread::removeFlowChildInfo() by calling flowThreadRelativeWillBeRemoved() when the placeholder renderer got transferred to the descendant flow. Now we just remove it from the map when the renderer is being detached. Test: fast/multicol/newmulticol/spanner-crash-with-embedded-columns.html * rendering/RenderMultiColumnFlowThread.cpp: (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted): 2015-08-21 Babak Shafiei <bshafiei@apple.com> Merge r186984. 2015-07-17 Zalan Bujtas <zalan@apple.com> REGRESSION (r169105): Do not assign a renderer to multiple selection subtrees. https://bugs.webkit.org/show_bug.cgi?id=147038 rdar://problem/21819351 Reviewed by David Kilzer. A renderer should never be assigned to multiple selection subtrees. (Currently RenderObject maintains the last selection state.) RenderView::applySubtreeSelection() loops from the start to the end of the selection to find renderers that are inside the selection. However, in case of regions (when multiple selection roots are present) traversing the renderer tree by calling RenderObject::nextInPreOrder() could end up going across selection roots. This patch ensures that we assign renderers to a specific selection only when the current selection root and the renderer's selection root match. Test: fast/regions/crash-when-renderer-is-in-multiple-selection-subtrees2.html * rendering/RenderView.cpp: (WebCore::SelectionIterator::SelectionIterator): (WebCore::SelectionIterator::current): (WebCore::SelectionIterator::checkForSpanner): (WebCore::RenderView::applySubtreeSelection): 2015-08-13 Babak Shafiei <bshafiei@apple.com> Merge r188377. 2015-08-12 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] [CJK-configured device] System font has vertical punctuation https://bugs.webkit.org/show_bug.cgi?id=147964 <rdar://problem/22256660> Reviewed by Dean Jackson. GlyphPage::fill() has multiple code paths to accomplish its goal. It uses the shouldUseCoreText() helper function to determine which one of the paths should be taken. However, not all of the code paths in GlyphPage::fill() are able of handling all situations. Indeed, the CoreText code paths in GlyphPage::fill() are only able to handle the situations which shouldUseCoreText() returns true for. This happens in the following cases: 1. If the font is a composite font 2. If the font is used for text-combine 3. If the font has vertical glyphs In r187693, I added one more case to this list: If the font is the system font. However, I failed to add the necessary support to GlyphPage::fill() for this case. Becasue of this, we just happened to fall into the case of vertical fonts (just by coincidence), which causes us to use CTFontGetVerticalGlyphsForCharacters() instead of CTFontGetGlyphsForCharacters(). The solution is to adopt the same behavior we were using before r187693. Back then, we were using CGFontGetGlyphsForUnichars(), which always returned horizontal glyphs. We should simply adopt this same behavior, except in the Core Text case. Therefore, this patch is just a simple check to see if we are using the system font when determining which Core Text function to use. Test: fast/text/system-font-punctuation.html * platform/graphics/FontDescription.h: (WebCore::FontDescription::setWidthVariant): * platform/graphics/FontPlatformData.h: (WebCore::FontPlatformData::isForTextCombine): * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::shouldUseCoreText): (WebCore::GlyphPage::fill): * rendering/RenderCombineText.cpp: (WebCore::RenderCombineText::combineText): 2015-08-12 Babak Shafiei <bshafiei@apple.com> Merge r188190. 2015-08-08 Commit Queue <commit-queue@webkit.org> Unreviewed, rolling out r179871. https://bugs.webkit.org/show_bug.cgi?id=147810 Breaks product images on http://www.apple.com/shop/buy- mac/macbook (Requested by smfr on #webkit). Reverted changeset: "Render: properly update body's background image" https://bugs.webkit.org/show_bug.cgi?id=140183 http://trac.webkit.org/changeset/179871 2015-08-11 Matthew Hanson <matthew_hanson@apple.com> Rollout r188243. rdar://problem/22102378 2015-08-11 Matthew Hanson <matthew_hanson@apple.com> Rollout r188195. rdar://problem/22102378 2015-08-11 Matthew Hanson <matthew_hanson@apple.com> Merge r188243. rdar://problem/22102378 2015-08-10 Myles C. Maxfield <mmaxfield@apple.com> Post-review fixup after r188195 https://bugs.webkit.org/show_bug.cgi?id=147806 Unreviewed. Covered by fast/text/crash-obscure-text.html. * platform/graphics/cocoa/FontPlatformDataCocoa.mm: (WebCore::FontPlatformData::objectForEqualityCheck): 2015-08-11 Matthew Hanson <matthew_hanson@apple.com> Merge r188195. rdar://problem/22102378 2015-08-09 Myles C. Maxfield <mmaxfield@apple.com> Crash in ComplexTextController when laying out obscure text https://bugs.webkit.org/show_bug.cgi?id=147806 <rdar://problem/22102378> Reviewed by Darin Adler. CTFontDescriptorCopyAttribute(fontDescriptor.get(), kCTFontReferenceURLAttribute) can return nullptr. Test: fast/text/crash-obscure-text.html * platform/graphics/mac/ComplexTextControllerCoreText.mm: (WebCore::safeCFEqual): (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): 2015-08-11 Matthew Hanson <matthew_hanson@apple.com> Merge r188263. rdar://problem/22202935 2015-08-11 Myles C. Maxfield <mmaxfield@apple.com> [iOS] Arabic letter Yeh is drawn in LastResort https://bugs.webkit.org/show_bug.cgi?id=147862 <rdar://problem/22202935> Reviewed by Darin Adler. In order to perform font fallback, we must know which fonts support which characters. We perform this check by asking each font to map a sequence of codepoints to glyphs, and any glyphs which end up with a 0 value are unsupported by the font. One of the mechanisms that we use to do this is to combine the code points into a string, and tell Core Text to lay out the string. However, this is fundamentally a different operation than the one we are trying to perform. Strings combine adjacent codepoints into grapheme clusters, and CoreText operates on these. However, we are trying to gain information regarding codepoints, not grapheme clusters. Instead of taking this string-based approach, we should try harder to use Core Text functions which operate on ordered collections of characters, rather than strings. In particular, CTFontGetGlyphsForCharacters() and CTFontGetVerticalGlyphsForCharacters() have the behavior we want where any unmapped characters end up with a 0 value glyph. Previously, we were only using the result of those functions if they were successfully able to map their entire input. However, given the fact that we can degrade gracefully in the case of a partial mapping, we shouldn't need to bail completely to the string-based approach should a partial mapping occur. At some point we should delete the string-based approach entirely. However, this path is still explicitly used for composite fonts. Fixing that use case is out of scope for this patch. Test: fast/text/arabic-glyph-cache-fill-combine.html * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::GlyphPage::fill): 2015-08-09 Babak Shafiei <bshafiei@apple.com> Merge r188162. 2015-08-07 Wenson Hsieh <wenson_hsieh@apple.com> Temporarily allow programmatic input assistance for adding Gmail account https://bugs.webkit.org/show_bug.cgi?id=147792 Reviewed by Enrica Casucci. <rdar://problem/22126518> Temporary fix for keyboard input sliding out and immediately back in upon user interaction in the Gmail 2-factor authentication page. * platform/RuntimeApplicationChecksIOS.h: * platform/RuntimeApplicationChecksIOS.mm: (WebCore::applicationIsGmailAddAccountOnIOS): Added bundle ID for Gmail settings. 2015-08-07 Babak Shafiei <bshafiei@apple.com> Merge r188150. 2015-08-07 Andy Estes <aestes@apple.com> Crash when following a Google search link to Twitter with Limit Adult Content enabled https://bugs.webkit.org/show_bug.cgi?id=147651 Reviewed by Brady Eidson. When a loaded CachedRawResource gets a new client, it synthesizes the callbacks that the new client would have received while the resource was loading. Unlike a real network load, it synthesizes these callbacks in a single run loop iteration. When DocumentLoader receives a redirect, and finds substitute data in the app cache for the redirect URL, it schedules a timer that removes DocumentLoader as a client of the CachedRawResource then synthesizes its own set of CachedRawResourceClient callbacks. But since CachedRawResource has already delivered client callbacks before the app cache timer fires, DocumentLoader unexpectedly ends up getting two sets of client callbacks and badness ensues. The fix is to let CachedRawResource detect if a redirect will trigger the client to load substitute data. If so, stop delivering client callbacks. Layout test to follow. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::syntheticRedirectReceived): If there is valid substitute data, do not continue. * loader/DocumentLoader.h: * loader/cache/CachedRawResource.cpp: Returned early if syntheticRedirectReceived() said not to continue. (WebCore::CachedRawResource::didAddClient): * loader/cache/CachedRawResourceClient.h: (WebCore::CachedRawResourceClient::syntheticRedirectReceived): 2015-08-06 Babak Shafiei <bshafiei@apple.com> Merge r188062. 2015-08-06 Eric Carlson <eric.carlson@apple.com> Do not enforce "content-disposition: attachment" sandbox restrictions on a MediaDocument https://bugs.webkit.org/show_bug.cgi?id=147734 rdar://problem/22028179 Reviewed by Andy Estes. Test to follow, see https://bugs.webkit.org/show_bug.cgi?id=147735 * dom/Document.cpp: (WebCore::Document::initSecurityContext): Use applyContentDispositionAttachmentSandbox instead of setting sandbox flags directly. (WebCore::Document::shouldEnforceContentDispositionAttachmentSandbox): Don't special case MediaDocument. (WebCore::Document::applyContentDispositionAttachmentSandbox): Apply sandbox flags according to document type. * dom/Document.h: 2015-08-06 Babak Shafiei <bshafiei@apple.com> Merge r188051. 2015-08-06 Eric Carlson <eric.carlson@apple.com> Do not enforce "content-disposition: attachment" sandbox restrictions on a MediaDocument https://bugs.webkit.org/show_bug.cgi?id=147734 rdar://problem/22028179 Reviewed by Dean Jackson. Test to follow, see https://bugs.webkit.org/show_bug.cgi?id=147735 * dom/Document.cpp: (WebCore::Document::shouldEnforceContentDispositionAttachmentSandbox): Return early if the Document is a MediaDocument. 2015-08-06 Babak Shafiei <bshafiei@apple.com> Merge r187693. 2015-07-31 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] Latin quotes are used with the system font on Chinese devices https://bugs.webkit.org/show_bug.cgi?id=147504 Reviewed by Dean Jackson. The system font has some fancy logic regarding character selection which requires using Core Text for glyph selection. No new tests because tests can't change the system language of the device. * platform/graphics/mac/GlyphPageMac.cpp: (WebCore::shouldUseCoreText): 2015-08-05 Matthew Hanson <matthew_hanson@apple.com> Merge r187962. rdar://problem/21827815 2015-08-05 Daniel Bates <dabates@apple.com> REGRESSION (r185111): Clicking phone numbers doesn't prompt to call sometimes https://bugs.webkit.org/show_bug.cgi?id=147678 <rdar://problem/21827815> Reviewed by Brady Eidson. Fixes an issue where a non-user-initiated navigation of the main frame to a phone link (tel URL) may be ignored. The navigation is ignored if the page was reloaded as a result of a web content process crash, its lifetime exceeded the back-forward cache expiration interval, or a person quits and opens Safari again, among other scenarios. * history/HistoryItem.cpp: (WebCore::HistoryItem::setShouldOpenExternalURLsPolicy): Added. (WebCore::HistoryItem::shouldOpenExternalURLsPolicy): Added. * history/HistoryItem.h: * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadDifferentDocumentItem): Apply the "should open external URLs" policy from the history item, if applicable. Also, be more explicit when instantiating a NavigationAction so as to help make it straightforward to reduce the number of NavigationAction constructors we have in the future. * loader/HistoryController.cpp: (WebCore::HistoryController::saveDocumentState): Save the "should open external URLs" policy to the history item. (WebCore::HistoryController::restoreDocumentState): Apply the "should open external URLs" policy from the history item to the document loader. (WebCore::HistoryController::initializeItem): Update the "should open external URLs" policy of the history item to reflect the policy of the document loader associated with the current frame. 2015-08-05 Matthew Hanson <matthew_hanson@apple.com> Merge r187864. rdar://problem/22081036 2015-08-04 Jeremy Jones <jeremyj@apple.com> Implement isPictureInPictureInterrupted. https://bugs.webkit.org/show_bug.cgi?id=147620 Reviewed by Eric Carlson. Implement isPictureInPictureInterrupted so setting the property to true pauses playback. This allows PiP to pause when the device is locked while the app is suspended. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (-[WebAVPlayerController init]): (-[WebAVPlayerController isPictureInPictureInterrupted]): (-[WebAVPlayerController setPictureInPictureInterrupted:]): 2015-08-04 Matthew Hanson <matthew_hanson@apple.com> Merge r187762. rdar://problem/22026864 2015-08-03 Dean Jackson <dino@apple.com> Inline video controls overlap each other while playing video in slideover mode https://bugs.webkit.org/show_bug.cgi?id=147535 <rdar://problem/22026864> Reviewed by Eric Carlson. Now that the resizing code is in the shared controller, we need to make sure to hide the timeline scrubber in iOS when the controls get too small. This involved adding the dropped class to the timeline, and rules for hiding to the CSS. Meanwhile, when the page scale factor is less than one, we use the CSS zoom property and don't need to factor in the page scale factor when calculating the size. * Modules/mediacontrols/mediaControlsApple.js: (Controller.prototype.updateLayoutForDisplayedWidth): Don't use pageScaleFactor. * Modules/mediacontrols/mediaControlsiOS.css: (audio::-webkit-media-controls-panel .dropped): Add display none for this rule. 2015-08-03 Matthew Hanson <matthew_hanson@apple.com> Merge r187740. rdar://problem/22098457 2015-08-03 Brady Eidson <beidson@apple.com> Crash when signing into twitter calling WebCore::DocumentLoader::responseReceived(WebCore::CachedResource*, WebCore::ResourceResponse const&). <rdar://problem/22098457> and https://bugs.webkit.org/show_bug.cgi?id=147560 Reviewed by Alexey Proskuryakov. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): Only grab identifierForLoadWithoutResourceLoader() if there's no ResourceLoader. 2015-08-03 Matthew Hanson <matthew_hanson@apple.com> Merge r187466. rdar://problem/21960398 2015-07-27 Brady Eidson <beidson@apple.com> Crash in WebCore::DocumentLoader::willSendRequest() with ContentFilter and AppCache. <rdar://problem/21960398> and https://bugs.webkit.org/show_bug.cgi?id=147339 Reviewed by Alexey Proskuryakov. No new tests (Not yet proven to be possible to test this). * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): Grab the identifier from the CachedResource directly, not from the null ResourceLoader. (WebCore::DocumentLoader::continueAfterNavigationPolicy): Null check the ResourceLoader, as it can definitely be gone by this point. * loader/cache/CachedResource.cpp: (WebCore::CachedResource::clearLoader): Save off the identifier for later use. * loader/cache/CachedResource.h: (WebCore::CachedResource::identifierForLoadWithoutResourceLoader): Expose the identifier that the ResourceLoader had when it went away. 2015-08-03 Matthew Hanson <matthew_hanson@apple.com> Merge r187731. rdar://problem/22052829 2015-08-01 Chris Fleizach <cfleizach@apple.com> AX: On some complex sites, iOS instantly crashes once VoiceOver is turned on https://bugs.webkit.org/show_bug.cgi?id=147529 Reviewed by Dan Bernstein. Sometimes after focusing on a node, it seems like the entire document is destroyed. Accessibility the axObjectCache returns nullptr and we crash. Despite my best efforts, I couldn't make a layout test that reproduced this. It's possible the entire document needs to be destroyed and replaced with something. * accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::setFocused): 2015-08-01 Babak Shafiei <bshafiei@apple.com> Merge r187686. 2015-07-31 Tim Horton <timothy_horton@apple.com> [iOS] DOMNode preview snapshot rects are wrong for user-select: none links https://bugs.webkit.org/show_bug.cgi?id=147513 <rdar://problem/22083354> Reviewed by Simon Fraser. * bindings/objc/DOM.mm: (-[DOMNode getPreviewSnapshotImage:andRects:]): Use the same code as WebKit2 to compute the fallback rect (if TextIndicator fails), asking the RenderObject (or RenderImage) for its bounding box instead of using the (often wrong) Range bounding rect. Make sure to use the fallback rect *any* time TextIndicator fails (before we would return no rects at all if TextIndicator::createWithRange returned null, and the fallback rect if it returned with an empty image). Inverse-page-scale the margin, to match the appearance in WebKit2. 2015-08-01 Babak Shafiei <bshafiei@apple.com> Merge r187687. 2015-07-31 Andreas Kling <akling@apple.com> Crashes under HTMLMediaElement::updateActiveTextTrackCues() when destroying CachedPage. <https://webkit.org/b/147506> <rdar://problem/21939014> Reviewed by Chris Dumez. Don't mess with the media element's text tracks below its ActiveDOMObject::stop() implementation, since that may cause DOM mutations. I don't have a repro or a test for this, but plenty of crash logs to indicate that we're getting ourselves into trouble by modifying the DOM during CachedPage teardown. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::configureTextTrackDisplay): 2015-07-31 Babak Shafiei <bshafiei@apple.com> Roll out r187466. 2015-07-31 Babak Shafiei <bshafiei@apple.com> Merge r187694. 2015-07-31 Eric Carlson <eric.carlson@apple.com> [iOS] use a media-specific user gesture check https://bugs.webkit.org/show_bug.cgi?id=147509 Reviewed by Tim Horton. Change an enum name added in r187688. * dom/UserGestureIndicator.cpp: (WebCore::isDefinite): DefinitelyProcessingMediaUserGesture -> DefinitelyProcessingPotentialUserGesture (WebCore::UserGestureIndicator::processingUserGestureForMedia): Ditto. * dom/UserGestureIndicator.h: Ditto. 2015-07-31 Babak Shafiei <bshafiei@apple.com> Merge r187688. 2015-07-31 Eric Carlson <eric.carlson@apple.com> [iOS] use a media-specific user gesture check https://bugs.webkit.org/show_bug.cgi?id=147509 Reviewed by Jer Noble. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::processingUserGestureForMedia): New. * bindings/js/ScriptController.h: * dom/UserGestureIndicator.cpp: (WebCore::isDefinite): Allow DefinitelyProcessingMediaUserGesture. (WebCore::UserGestureIndicator::processingUserGestureForMedia): New. * dom/UserGestureIndicator.h: * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::load): Use ScriptController::processingUserGestureForMedia instead of ScriptController::processingUserGesture (WebCore::HTMLMediaElement::play): Ditto. 2015-07-31 Babak Shafiei <bshafiei@apple.com> Merge r187684. 2015-07-31 Jeremy Jones <jeremyj@apple.com> Rename AVPlayerLayerView to _AVPlayerLayerView. https://bugs.webkit.org/show_bug.cgi?id=147399 Reviewed by Eric Carlson. Change class name AVPlayerLayerView to match change in AVKit SPI. This prevents conflicts with 3rd party apps. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebAVPlayerLayerView_dealloc): (getWebAVPlayerLayerViewClass): * platform/spi/cocoa/AVKitSPI.h: 2015-07-31 Babak Shafiei <bshafiei@apple.com> Merge r187675. 2015-07-31 Jer Noble <jer.noble@apple.com> CRASH at WebCore::TaskDispatcher<WebCore::ScriptExecutionContext>::postTask + 38 https://bugs.webkit.org/show_bug.cgi?id=147485 Rubber-stamped by Joseph Pecoraro. Follow-up test crash fix: call superclass's contextDestroyed() which allows the m_scriptExecutionContext variable to be cleared. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::contextDestroyed): 2015-07-31 Matthew Hanson <matthew_hanson@apple.com> Merge r187655. rdar://problem/21632211 2015-07-31 Jer Noble <jer.noble@apple.com> CRASH at WebCore::TaskDispatcher<WebCore::ScriptExecutionContext>::postTask + 38 https://bugs.webkit.org/show_bug.cgi?id=147485 Reviewed by Eric Carlson. CrashLogs indicate a use-after-free of the ScriptExecutionContext (i.e., Document) used by the GenericTaskQueue objects owned by HTMLMediaElement. When the ScriptExecutionContext notifies its ActiveDOMObjects that it is about to be destroyed, close() the GenericTaskQueues so that they can no longer accept new tasks. Previously, enqueueing a task on a closed GenericTaskQueue ASSERTed in debug builds, but silently succeeded in release builds. Calling enqueueTask() on a closed GenericTaskQueue is now a no-op. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::contextDestroyed): * html/HTMLMediaElement.h: * platform/GenericTaskQueue.h: (WebCore::GenericTaskQueue::enqueueTask): 2015-07-31 Matthew Hanson <matthew_hanson@apple.com> Merge r187630. rdar://problem/18835799 2015-07-30 Andreas Kling <akling@apple.com> [CF] Web process continually eating memory on simple, shared Google Docs spreadsheet. <https://webkit.org/b/147403> <rdar://problem/18835799> Reviewed by Geoffrey Garen. Make sure we service the CFRunLoop on worker threads, since ports using CoreFoundation will be scheduling garbage collections and heap sweeps using CFRunLoop timers. This fix is a stopgap. Long term we need a better design for integrating GC tasks with with the web worker run loop. * workers/WorkerRunLoop.cpp: (WebCore::WorkerRunLoop::runInMode): Instead of sleeping forever, calculate a better wakeup deadline by asking the CFRunLoop when its next timer will fire. Then, when a timeout occurs, call CFRunLoopRunInMode (with seconds=0) to service pending timers. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187557 2015-07-29 Brady Eidson <beidson@apple.com> Crash in WebCore::DocumentLoader::stopLoadingForPolicyChange. <rdar://problem/21412186> and https://bugs.webkit.org/show_bug.cgi?id=147418 Reviewed by Chris Dumez. No new tests (No known reproducibility) * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::responseReceived): When setting to m_waitingForContentPolicy true, make sure we have a FrameLoader. (WebCore::DocumentLoader::detachFromFrame): Always explicitly call cancelPolicyCheckIfNeeded(). (WebCore::DocumentLoader::cancelPolicyCheckIfNeeded): Cancel the policy check if there is one. (WebCore::DocumentLoader::cancelMainResourceLoad): Use cancelPolicyCheckIfNeeded(). * loader/DocumentLoader.h: 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187556 2015-07-29 Brady Eidson <beidson@apple.com> Crash calling webSocket.close() from onError handler for blocked web socket. <rdar://problem/21771620> and https://bugs.webkit.org/show_bug.cgi?id=147411 Reviewed by Tim Horton. Tests: http/tests/security/mixedContent/websocket/insecure-websocket-in-iframe.html http/tests/security/mixedContent/websocket/insecure-websocket-in-main-frame.html This was introduced with http://trac.webkit.org/changeset/185848 * Modules/websockets/WebSocket.cpp: (WebCore::WebSocket::connect): When blocked because of mixedContent, call dispatchOrQueueErrorEvent(). (WebCore::WebSocket::didReceiveMessageError): Use dispatchOrQueueErrorEvent() instead. (WebCore::WebSocket::dispatchOrQueueErrorEvent): Dispatch the error event, but don't dispatch one twice! * Modules/websockets/WebSocket.h: * Modules/websockets/WebSocketChannel.cpp: (WebCore::WebSocketChannel::fail): Null-check m_handshake before creating a console message from it. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187535 2015-07-28 Simon Fraser <simon.fraser@apple.com> Animations sometimes fail to start https://bugs.webkit.org/show_bug.cgi?id=147394 rdar://problem/21852603 Reviewed by Dean Jackson. When an accelerated animation or transition was started at the same time as a non-accelerated one, and then the node for the former was removed, we could never kick off the non-accelerated animation. AnimationControllerPrivate has logic to synchronize the two types of animation when they start in the same animation update, which involves setting the m_waitingForAsyncStartNotification flag, and waiting for a notifyAnimationStarted() to come in from the graphics system. However, it failed to handle the case where the accelerated animation was removed before the callback was received, which left the m_waitingForAsyncStartNotification flag set to true, preventing the non-accelerated animation from running. Test: animations/remove-syncing-animation.html * page/animation/AnimationBase.h: (WebCore::AnimationBase::isAccelerated): Make this public. * page/animation/AnimationController.cpp: (WebCore::AnimationControllerPrivate::clear): Add logging. (WebCore::AnimationControllerPrivate::receivedStartTimeResponse): Add logging. (WebCore::AnimationControllerPrivate::animationWillBeRemoved): Add logging. After removing animations from the maps, check to see if we expect any of the remaining animations are waiting for a notifyAnimationStarted(). If not, clear the m_waitingForAsyncStartNotification flag. (WebCore::AnimationController::notifyAnimationStarted): Log the renderer. (WebCore::AnimationControllerPrivate::AnimationControllerPrivate): Remove unneeded initializations of HashMaps. * page/animation/CompositeAnimation.cpp: (WebCore::CompositeAnimation::updateTransitions): Log renderers. (WebCore::CompositeAnimation::updateKeyframeAnimations): Ditto. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187525 2015-07-28 Myles C. Maxfield <mmaxfield@apple.com> [iOS] Crash when encountering characters whose natural font is one we can't look up https://bugs.webkit.org/show_bug.cgi?id=147377 <rdar://problem/22022011> Reviewed by Simon Fraser. These characters hit the complex text code path, where CoreText picks fonts to use for each character. We then try to map these CoreText fonts back to our own Font objects, and we assume (on iOS) that our own font search will always return something. On OS X, we do not have such an assumption, and we handle the case where it does not hold. This method works on iOS as well, so the solution is to just perform it on both OSes. Test: fast/text/crash-complex-unknown-font.html * platform/graphics/mac/ComplexTextControllerCoreText.mm: (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187522 2015-07-28 Said Abou-Hallawa <sabouhallawa@apple.com> [iOS] REGRESSION(r168075): Fullscreen web video doesn't pause on screen lock https://bugs.webkit.org/show_bug.cgi?id=147269 Reviewed by Andreas Kling. Media elements should pause when the application is going to EnterBackground under lock regardless whether it is in full screen or not. * platform/audio/PlatformMediaSession.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::PlatformMediaSession::doInterruption): This code was moved from beginInterruption(). (WebCore::PlatformMediaSession::shouldDoInterruption): Move the condition which allows the media session interruption to a separate function. (WebCore::PlatformMediaSession::beginInterruption): Call the functions shouldDoInterruption() and doInterruption(). (WebCore::PlatformMediaSession::forceInterruption): This function will be called from PlatformMediaSessionManager::applicationDidEnterBackground() to override the decision which is made by PlatformMediaSession::beginInterruption() if the application isSuspendedUnderLock. * platform/audio/PlatformMediaSessionManager.h: * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground): [UIApp isSuspendedUnderLock] is only valid when it is called when the UIApplicationDidEnterBackgroundNotification is received. We need to force interrupting the media sessions if the application isSuspendedUnderLock and UIApplicationWillResignActiveNotification was ignored because of PiP. * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (-[WebMediaSessionHelper initWithCallback:]): (-[WebMediaSessionHelper applicationDidEnterBackground:]): Listen to UIApplicationDidEnterBackgroundNotification and make a call on the web thread to PlatformMediaSessionManager::applicationDidEnterBackground() and pass the isSuspendedUnderLock flag which is queried on the UIProcess. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187521 2015-07-28 Tim Horton <timothy_horton@apple.com> [iOS] Creating a TextIndicator causes the view to scroll to the current selection https://bugs.webkit.org/show_bug.cgi?id=147379 <rdar://problem/22038421> Reviewed by Beth Dakin. * editing/Editor.cpp: (WebCore::Editor::setIgnoreCompositionSelectionChange): * editing/Editor.h: Add a flag so that setIgnoreCompositionSelectionChange(false) can still not force-reveal the current selection. This is useful for e.g. TextIndicator, who saves the selection, changes it, and then restores it, but doesn't want to scroll to the saved/restored selection. * page/TextIndicator.cpp: (WebCore::TextIndicator::createWithRange): Make use of the above flag. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187516 2015-07-28 Eric Carlson <eric.carlson@apple.com> [iOS] Set AirPlay discovery mode to disabled when page is hidden https://bugs.webkit.org/show_bug.cgi?id=147369 Reviewed by Jer Noble. * html/MediaElementSession.cpp: (WebCore::MediaElementSession::requiresPlaybackTargetRouteMonitoring): Return false when the client is not visible. * html/MediaElementSession.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::PlatformMediaSession::clientDataBufferingTimerFired): Call configureWireLessTargetMonitoring. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187491 2015-07-28 Jer Noble <jer.noble@apple.com> [iOS] Notify fullscreen controller in UIProcess whether external playback is allowed https://bugs.webkit.org/show_bug.cgi?id=147343 Reviewed by Brady Eidson. Pass the value of the MediaElementSession's wirelessVideoPlaybackDisabled() property up through WebKit2 to WebVideoFullscreenControllerAVKit. * platform/ios/WebVideoFullscreenControllerAVKit.mm: (WebVideoFullscreenControllerContext::setWirelessVideoPlaybackDisabled): Pass to the interface on the main thread. * platform/ios/WebVideoFullscreenInterface.h: * platform/ios/WebVideoFullscreenInterfaceAVKit.h: * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::setWirelessVideoPlaybackDisabled): Sets .allowsExternalPlayback to !disabled. (WebVideoFullscreenInterfaceAVKit::wirelessVideoPlaybackDisabled): Returns the last value set. * platform/ios/WebVideoFullscreenModelVideoElement.mm: (WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface): Update the value of wirelessVideoPlaybackDisabled if the element is present. (WebVideoFullscreenModelVideoElement::setVideoElement): Ditto if the interface is present. (WebVideoFullscreenModelVideoElement::updateForEventName): Update the value either way. 2015-07-28 Brady Eidson <beidson@apple.com> Handle null CFArrayRef returning from _CFHTTPParsedCookiesWithResponseHeaderFields. <rdar://problem/21995928> and https://bugs.webkit.org/show_bug.cgi?id=147365 Reviewed by Alexey Proskuryakov. * platform/network/cf/CookieJarCFNet.cpp: (WebCore::filterCookies): ASSERT the input is not null. (WebCore::createCookies): Always return a CFArrayRef, even if it's empty. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187489 2015-07-28 Chris Dumez <cdumez@apple.com> Allow lax MIME type parsing for same-origin CSS in quirks mode. https://bugs.webkit.org/show_bug.cgi?id=147327 <rdar://problem/22010303> Reviewed by Zalan Bujtas. The change made in r180020 is too strict for the web, and doesn't match Firefox Chrome, or IE's behavior. In particular, it does not respect the same-origin carveout that the HTML spec specifies: https://html.spec.whatwg.org/multipage/semantics.html#link-type-stylesheet This patch corrects that oversight and aligns our behavior with other popular browsers. This change was adapted from Blink r196678: https://src.chromium.org/viewvc/blink?revision=196678&view=revision Tests: http/tests/security/cross-origin-css-in-quirks-1.html http/tests/security/cross-origin-css-in-quirks-2.html http/tests/security/cross-origin-css-in-quirks-3.html http/tests/security/cross-origin-css-in-quirks-4.html http/tests/security/cross-origin-css-in-quirks-5.html http/tests/security/cross-origin-css-in-quirks-6.html http/tests/security/cross-origin-css-in-quirks-7.html http/tests/security/cross-origin-css-in-quirks-8.html http/tests/security/same-origin-css-1.html http/tests/security/same-origin-css-2.html http/tests/security/same-origin-css-3.html http/tests/security/same-origin-css-4.html http/tests/security/same-origin-css-5.html http/tests/security/same-origin-css-6.html http/tests/security/same-origin-css-7.html http/tests/security/same-origin-css-8.html http/tests/security/same-origin-css-in-quirks.html * css/StyleRuleImport.cpp: (WebCore::StyleRuleImport::setCSSStyleSheet): * css/StyleSheetContents.cpp: (WebCore::StyleSheetContents::parseAuthorStyleSheet): * css/StyleSheetContents.h: * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::setCSSStyleSheet): * loader/cache/CachedCSSStyleSheet.cpp: (WebCore::CachedCSSStyleSheet::sheetText): (WebCore::CachedCSSStyleSheet::canUseSheet): (WebCore::CachedCSSStyleSheet::checkNotify): Deleted. * loader/cache/CachedCSSStyleSheet.h: 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187466 2015-07-27 Brady Eidson <beidson@apple.com> Crash in WebCore::DocumentLoader::willSendRequest() with ContentFilter and AppCache. <rdar://problem/21960398> and https://bugs.webkit.org/show_bug.cgi?id=147339 Reviewed by Alexey Proskuryakov. No new tests (Not yet proven to be possible to test this). * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): Grab the identifier from the CachedResource directly, not from the null ResourceLoader. (WebCore::DocumentLoader::continueAfterNavigationPolicy): Null check the ResourceLoader, as it can definitely be gone by this point. * loader/cache/CachedResource.cpp: (WebCore::CachedResource::clearLoader): Save off the identifier for later use. * loader/cache/CachedResource.h: (WebCore::CachedResource::identifierForLoadWithoutResourceLoader): Expose the identifier that the ResourceLoader had when it went away. 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187448 2015-07-27 Anders Carlsson <andersca@apple.com> WKWebsiteDataStore remove methods don't properly delete cookies https://bugs.webkit.org/show_bug.cgi?id=147333 rdar://problem/21948230 Reviewed by Tim Horton. If there are multiple cookies for a single domain, make sure to delete all of them and not just the first one we find. Fix this by keeping a mapping from domain to a list of cookies. * platform/network/mac/CookieJarMac.mm: (WebCore::deleteCookiesForHostnames): 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187379 2015-07-24 Dan Bernstein <mitz@apple.com> Tried to fix the iOS 9 build after r187375. * platform/network/mac/CookieJarMac.mm: 2015-07-31 Lucas Forschler <lforschler@apple.com> Merge r187375 2015-07-24 Anders Carlsson <andersca@apple.com> WKWebsiteDataStore remove methods don't properly delete cookies https://bugs.webkit.org/show_bug.cgi?id=147282 rdar://problem/21948230 Reviewed by Sam Weinig. Rename deleteCookiesForHostname to deleteCookiesForHostnames and make it take a vector of hostnames instead. Also, fix the Mac implementation to not be O(n2) by putting all cookies in a dictionary keyed on the domain. Also make sure to call _saveStorage after deleting cookies. Finally, get rid of deleteCookiesForHostname from CookieJarCFNet.cpp and use the Mac implementation on iOS as well. Just stub out deleteCookiesForHostnames on Windows since nobody is calling it. * platform/network/PlatformCookieJar.h: * platform/network/cf/CookieJarCFNet.cpp: (WebCore::deleteCookiesForHostnames): (WebCore::deleteCookiesForHostname): Deleted. * platform/network/mac/CookieJarMac.mm: (WebCore::deleteCookiesForHostnames): (WebCore::deleteAllCookiesModifiedSince): (WebCore::deleteCookiesForHostname): Deleted. * platform/network/soup/CookieJarSoup.cpp: (WebCore::deleteCookiesForHostnames): (WebCore::deleteCookiesForHostname): Deleted. * platform/spi/cf/CFNetworkSPI.h: 2015-07-30 Matthew Hanson <matthew_hanson@apple.com> Merge r187490. rdar://problem/21995928 2015-07-28 Brady Eidson <beidson@apple.com> Handle null CFArrayRef returning from _CFHTTPParsedCookiesWithResponseHeaderFields. <rdar://problem/21995928> and https://bugs.webkit.org/show_bug.cgi?id=147365 Reviewed by Alexey Proskuryakov. * platform/network/cf/CookieJarCFNet.cpp: (WebCore::filterCookies): ASSERT the input is not null. (WebCore::createCookies): Always return a CFArrayRef, even if it's empty. 2015-07-30 Matthew Hanson <matthew_hanson@apple.com> Merge r187278. rdar://problem/19908029 2015-07-23 Nan Wang <n_wang@apple.com> AX: AccessibilityNodeObject::childrenChanged() generates too many AXLiveRegionChanged notifications https://bugs.webkit.org/show_bug.cgi?id=147211 <rdar://problem/19908029> Reviewed by Chris Fleizach. AccessibilityNodeObject::childrenChanged() can be called repeatedly, generating a live region change notification each time. Sometimes, so many happen that VoiceOver hangs. We can use a timer to make sure that we coalesce these notifications. Test: platform/mac/accessibility/aria-multiple-liveregions-notification.html * accessibility/AXObjectCache.cpp: (WebCore::AXComputedObjectAttributeCache::getIgnored): (WebCore::AXObjectCache::AXObjectCache): (WebCore::AXObjectCache::~AXObjectCache): (WebCore::AXObjectCache::frameLoadingEventNotification): (WebCore::AXObjectCache::postLiveRegionChangeNotification): (WebCore::AXObjectCache::liveRegionChangedNotificationPostTimerFired): (WebCore::AXObjectCache::handleScrollbarUpdate): * accessibility/AXObjectCache.h: * accessibility/AccessibilityNodeObject.cpp: (WebCore::AccessibilityNodeObject::childrenChanged): 2015-07-30 Matthew Hanson <matthew_hanson@apple.com> Merge r187504. rdar://problem/21915355 2015-07-28 Said Abou-Hallawa <sabouhallawa@apple.com> Crash happens when calling removeEventListener for an SVG element which has an instance inside a <defs> element of shadow tree https://bugs.webkit.org/show_bug.cgi?id=147290 Reviewed by Daniel Bates. When the shadow tree is built for a <use> element, all the SVG elements are allowed to be cloned in the shadow tree but later some of the elements are disallowed and removed. Make sure, when disallowing an element in the shadow tree, to reset the correspondingElement relationship between all the disallowed descendant SVG elements and all their original elements. Test: svg/custom/remove-event-listener-shadow-disallowed-element.svg *svg/SVGElement.cpp: (WebCore::SVGElement::setCorrespondingElement) * svg/SVGUseElement.cpp: (WebCore::removeDisallowedElementsFromSubtree): 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187352. 2015-07-24 Devin Rousso <drousso@apple.com> Web Inspector: Editing non-inspector-stylesheet rule selectors fails after the first change https://bugs.webkit.org/show_bug.cgi?id=147229 Reviewed by Timothy Hatcher. Test: inspector/css/modify-rule-selector.html * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyleSheet::setRuleSelector): Now checks to see if the stylesheet is not mutated before making the change to the rule's selector, and if so mark it as not mutated to allow future edits. 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187393. 2015-07-25 Tim Horton <timothy_horton@apple.com> Expose TextIndicator-backed snapshot and rect gathering on DOMNode https://bugs.webkit.org/show_bug.cgi?id=147298 <rdar://problem/21905839> Reviewed by Sam Weinig. * bindings/objc/DOM.mm: (-[DOMNode getPreviewSnapshotImage:andRects:]): No need to multiply by device scale here. 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187392. 2015-07-25 Tim Horton <timothy_horton@apple.com> Expose TextIndicator-backed snapshot and rect gathering on DOMNode https://bugs.webkit.org/show_bug.cgi?id=147298 <rdar://problem/21905839> * bindings/objc/DOM.mm: (-[DOMNode getPreviewSnapshotImage:andRects:]): * bindings/objc/DOMExtensions.h: * bindings/objc/DOMPrivate.h: Move this to a private header. 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187391. 2015-07-25 Tim Horton <timothy_horton@apple.com> Expose TextIndicator-backed snapshot and rect gathering on DOMNode https://bugs.webkit.org/show_bug.cgi?id=147298 <rdar://problem/21905839> Reviewed by Sam Weinig. * bindings/objc/DOM.mm: (-[DOMNode getPreviewSnapshotImage:andRects:]): * bindings/objc/DOMExtensions.h: 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187386. 2015-07-25 Chris Fleizach <cfleizach@apple.com> AX: iOS: Video "start playback" playback controls not accessible https://bugs.webkit.org/show_bug.cgi?id=147285 Reviewed by Jer Noble. The start playback control also needs the right label. * Modules/mediacontrols/mediaControlsiOS.js: (ControllerIOS.prototype.createBase): 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187371. 2015-07-24 Chris Fleizach <cfleizach@apple.com> AX: scrollable elements do not allow 3-finger swipe https://bugs.webkit.org/show_bug.cgi?id=141893 Reviewed by Mario Sanchez Prada. To allow iOS Accessibility to perform by-page scrolling in overflow areas, we move that scrolling code into AccessibilityObject and then iterate all the possible ScrollableAreas, rather than just finding the parents that are ScrollViews. Test: platform/ios-simulator/accessibility/scroll-in-overflow-div.html * accessibility/AccessibilityObject.cpp: (WebCore::AccessibilityObject::scrollAreaAndAncestor): (WebCore::AccessibilityObject::scrollPosition): (WebCore::AccessibilityObject::scrollVisibleContentRect): (WebCore::AccessibilityObject::scrollContentsSize): (WebCore::AccessibilityObject::scrollByPage): * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm: (-[WebAccessibilityObjectWrapper accessibilityScroll:]): (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]): (-[WebAccessibilityObjectWrapper _accessibilityScrollPosition]): (-[WebAccessibilityObjectWrapper _accessibilityScrollSize]): (-[WebAccessibilityObjectWrapper _accessibilityScrollVisibleRect]): (-[WebAccessibilityObjectWrapper accessibilityElementDidBecomeFocused]): 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187367. 2015-07-24 Alexey Proskuryakov <ap@apple.com> [Cocoa] Clean up server trust handling in ResourceHandle. https://bugs.webkit.org/show_bug.cgi?id=147277 rdar://problem/21394410 Reviewed by Brady Eidson. * platform/network/ProtectionSpaceBase.h: (WebCore::ProtectionSpaceBase::isPasswordBased): * platform/network/ProtectionSpaceBase.cpp: (WebCore::ProtectionSpaceBase::isPasswordBased): Added. This is somewhat weak, as authentication schemes could change, but I couldn't find any better way. * platform/network/ResourceHandle.h: * platform/network/cf/ResourceHandleCFNet.cpp: (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): (WebCore::ResourceHandle::tryHandlePasswordBasedAuthentication): * platform/network/mac/ResourceHandleMac.mm: (WebCore::ResourceHandle::didReceiveAuthenticationChallenge): (WebCore::ResourceHandle::tryHandlePasswordBasedAuthentication): Factored out password handling, and made sure to not try that for server trust. 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187366. 2015-07-24 Zalan Bujtas <zalan@apple.com> [iOS]: Inline video controls are blurry on scaled-down pages on non-retina devices. https://bugs.webkit.org/show_bug.cgi?id=147272 rdar://problem/21429111 Reviewed by Simon Fraser. Blurry inline video controls are the result of transform scaling up the content when the page is zoomed out (page scale > 1). This patch addresses the blurriness by switching to css zoom when the content is being scaled up. While transform scale is a paint time operation, css zoom triggers layout and the content is getting painted on a non-scaled graphics context. * Modules/mediacontrols/mediaControlsiOS.css: (audio::-webkit-media-controls-timeline-container): * Modules/mediacontrols/mediaControlsiOS.js: (ControllerIOS.prototype.set pageScaleFactor): 2015-07-27 Babak Shafiei <bshafiei@apple.com> Merge r187358. 2015-07-24 Alexey Proskuryakov <ap@apple.com> Remove WEBCORE_EXPORT from Page::allowsMediaDocumentInlinePlayback() https://bugs.webkit.org/show_bug.cgi?id=147260 Reviewed by Daniel Bates. * page/Page.h: (WebCore::Page::allowsMediaDocumentInlinePlayback): 2015-07-26 Babak Shafiei <bshafiei@apple.com> Merge r187244. 2015-07-23 Myles C. Maxfield <mmaxfield@apple.com> REGRESSION(r182236): Justified Arabic text does not expand https://bugs.webkit.org/show_bug.cgi?id=147217 Reviewed by Simon Fraser. When I was writing r182236, I got confused between the levels of the string hierarchy in ComplexTextController. I've added a comment in the header which should make it easier to get it right. Test: fast/text/international/arabic-justify.html * platform/graphics/mac/ComplexTextController.cpp: (WebCore::ComplexTextController::adjustGlyphsAndAdvances): * platform/graphics/mac/ComplexTextController.h: 2015-07-24 Jer Noble <jer.noble@apple.com> Merge r187251, r187252, r187262, r187263, r187272, r187289. rdar://problem/20689512 2015-07-21 Jer Noble <jer.noble@apple.com> Notify the UI delegate when a MediaDocument's natural size changes https://bugs.webkit.org/show_bug.cgi?id=147182 Reviewed by Simon Fraser. Notify the MediaDocument that it's underlying media element has changed its natural size, either when the media engine notifies us that the size changed, or when the ready state progresses to HAVE_METADATA. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::setReadyState): Notify the media document. (WebCore::HTMLMediaElement::mediaPlayerSizeChanged): Ditto. * html/MediaDocument.cpp: (WebCore::MediaDocument::mediaElementNaturalSizeChanged): Pass to the chrome client. * html/MediaDocument.h: * page/ChromeClient.h: 2015-07-23 Jer Noble <jer.noble@apple.com> Relax media playback restrictions if the allowsMediaDocumentInlinePlayback property is set. https://bugs.webkit.org/show_bug.cgi?id=147234 Reviewed by Darin Adler. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::prepareForLoad): Moved restriction check into MediaElementSession. * html/MediaElementSession.cpp: (WebCore::MediaElementSession::playbackPermitted): Check if is a top-level media document and if allowsMediaDocumentInilnePlayback is set, and return early. (WebCore::MediaElementSession::effectivePreloadForElement): Ditto. (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading): Ditto. * html/MediaElementSession.h: 2015-07-21 Jer Noble <jer.noble@apple.com> [iOS] Add an explicit API to allow media documents to (temporarily) play inline https://bugs.webkit.org/show_bug.cgi?id=147181 Reviewed by Beth Dakin. Add listeners for the new allowsMediaDocumentInlinePlayback API. When this value becomes NO, force any playing MediaDocuments to enter fullscreen mode. * dom/Document.cpp: (WebCore::Document::registerForAllowsMediaDocumentInlinePlaybackChangedCallbacks): Added registration method. (WebCore::Document::unregisterForAllowsMediaDocumentInlinePlaybackChangedCallbacks): Added deregistration method. (WebCore::Document::allowsMediaDocumentInlinePlaybackChanged): Notify all listeners. * dom/Document.h: * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::registerWithDocument): Listen for allowsMediaDocumentInlinePlayback changes. (WebCore::HTMLMediaElement::unregisterWithDocument): Stop listening to same. (WebCore::HTMLMediaElement::allowsMediaDocumentInlinePlaybackChanged): Enter fullscreen mode if the value changes to false during playback. * html/HTMLMediaElement.h: * html/MediaElementSession.cpp: (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback): Early true if the override value is set. * page/Page.cpp: (WebCore::Page::setAllowsMediaDocumentInlinePlayback): Notify all documents of the changed value. * page/Page.h: (WebCore::Page::allowsMediaDocumentInlinePlayback): Simple getter. 2015-07-24 Lucas Forschler <lforschler@apple.com> Merge r187149 2015-07-21 Benjamin Poulain <bpoulain@apple.com> [CSS Selectors Level 4] Add #ifdefs to the new '>>' descendant combinator https://bugs.webkit.org/show_bug.cgi?id=147184 Reviewed by Anders Carlsson. Now that '>>>' is dead, the combinator '>>' is at risk. This patch #ifdef all that code with the other experimental features from Level 4. * css/CSSGrammar.y.in: * css/CSSParserValues.cpp: (WebCore::CSSParserSelector::appendTagHistory): * css/CSSParserValues.h: * css/CSSSelector.cpp: (WebCore::CSSSelector::CSSSelector): (WebCore::CSSSelector::selectorText): * css/CSSSelector.h: (WebCore::CSSSelector::CSSSelector): 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187036. rdar://problem/21901881 2015-07-20 Jeremy Jones <jeremyj@apple.com> Allow video to rotate when app doesnt allow rotation. https://bugs.webkit.org/show_bug.cgi?id=147121 Reviewed by Jer Noble. Set an SPI bool on the fullscreen video root view controller to allow it to override app rotation restrictions. This allows video to be played in landscape in portrait only apps. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::setupFullscreen): 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187274. rdar://problem/21905756 2015-07-23 Timothy Horton <timothy_horton@apple.com> [iOS] Frame snapshots don't factor in page scale https://bugs.webkit.org/show_bug.cgi?id=147239 <rdar://problem/21905756> Reviewed by Simon Fraser. * page/FrameSnapshotting.cpp: (WebCore::snapshotFrameRect): Apply page scale when determining the backing store size and setting up the context. * page/TextIndicator.cpp: (WebCore::TextIndicator::createWithSelectionInFrame): Don't assume snapshotFrameRect gave us an image with scale=deviceScale, because it will factor in the pageScale too. * platform/graphics/ImageBuffer.h: (WebCore::ImageBuffer::resolutionScale): Expose resolutionScale. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::addToOverlapMap): This has been true for a long time. 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187271. rdar://problem/21929247 2015-07-22 Simon Fraser <simon.fraser@apple.com> Layer z-ordering is incorrect when scrolling on page witih position:fixed https://bugs.webkit.org/show_bug.cgi?id=147220 rdar://problem/15849697&21929247 Reviewed by Dean Jackson. Overlap testing for compositing uses the currently laid out position of fixed elements, without taking into account the fact that async scrolling can move them around, and possibly under other non-composited elements. This manifested as position:fixed elements moving over other elements on some pages when scrolling, when they should have moved behind. Fix by expanding the overlap map entry for position:fixed elements to create an rect for the area they cover at all scroll locations, taking min and max scroll offsets into account. Also add a couple more LOG(Compositing) statements. Tests: compositing/layer-creation/fixed-overlap-extent-rtl.html compositing/layer-creation/fixed-overlap-extent.html * rendering/RenderLayerCompositor.cpp: (WebCore::fixedPositionOffset): (WebCore::RenderLayerCompositor::computeExtent): (WebCore::RenderLayerCompositor::needsFixedRootBackgroundLayer): (WebCore::RenderLayerCompositor::rootBackgroundTransparencyChanged): 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187219. rdar://problem/21032083 2015-07-23 Timothy Horton <timothy_horton@apple.com> Try to fix the build * platform/spi/cocoa/QuartzCoreSPI.h: 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187216. rdar://problem/21032083 2015-07-22 Tim Horton <timothy_horton@apple.com> Try to fix the build * platform/spi/cocoa/QuartzCoreSPI.h: 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187215. rdar://problem/21032083 2015-07-22 James Savage <james.savage@apple.com> Use updated CoreAnimation snapshot SPI. https://bugs.webkit.org/show_bug.cgi?id=147197 <rdar://problem/21032083> Reviewed by Tim Horton. Patch by James Savage. * platform/spi/cocoa/QuartzCoreSPI.h: 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187203. rdar://problem/21012688 2015-07-22 Dean Jackson <dino@apple.com> Video controls, though hidden, are still interactive when in PiP https://bugs.webkit.org/show_bug.cgi?id=147216 <rdar://problem/21012688> Reviewed by Simon Fraser. Explicitly add the PiP class to the controls container so that we can hang a pointer-events: none off it. * Modules/mediacontrols/mediaControlsiOS.css: (video::-webkit-media-controls-panel.picture-in-picture): Add a pointer-events: none. * Modules/mediacontrols/mediaControlsiOS.js: (ControllerIOS.prototype.handlePresentationModeChange): Add/remove a PiP class to the controls panel when necessary. 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187189. rdar://problem/21567767 2015-07-22 Dean Jackson <dino@apple.com> Out of bounds in WebGLRenderingContext::simulateVertexAttrib0 https://bugs.webkit.org/show_bug.cgi?id=147176 <rdar://problem/21567767> Reviewed by Oliver Hunt. Test: fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays.html Add overflow checking for the drawing calls, specifically the way they may simulate vertexAttrib0. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::validateDrawArrays): Call new validation method. (WebCore::WebGLRenderingContextBase::validateDrawElements): Ditto. (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): New method that validates the parameters used to create the simulated attribute. (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): No need to do overflow checking here now that the validation method does it for us. (WebCore::WebGLRenderingContextBase::validateVertexAttributes): Deleted. * html/canvas/WebGLRenderingContextBase.h: Add new validation method. 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187173. rdar://problem/21637698 2015-07-22 Beth Dakin <bdakin@apple.com> Animated images should animate in previews https://bugs.webkit.org/show_bug.cgi?id=147173 -and corresponding- rdar://problem/21637698 Reviewed by Dan Bernstein. New virtual function to indicate whether or not the image is animated. * platform/graphics/BitmapImage.h: * platform/graphics/Image.h: (WebCore::Image::isAnimated): 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187170. rdar://problem/21901076 2015-07-22 Wenson Hsieh <wenson_hsieh@apple.com> Search fields render placeholder text improperly. https://bugs.webkit.org/show_bug.cgi?id=147192 <rdar://problem/21901076> Reviewed by Alexey Proskuryakov. Due to changes in the way AppKit renders search inputs, we must now explicitly set the placeholder text of a search input rendered using the Mac theme to be an empty string when rendering the search input box (not including the actual placeholder text). * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::setSearchCellState): Force the placeholder text of the NSSearchFieldCell for the Mac theme to be an empty string. 2015-07-24 Matthew Hanson <matthew_hanson@apple.com> Merge r187144. rdar://problem/21931728 2015-07-21 Dean Jackson <dino@apple.com> Default media controls use a serif font, which seems wrong https://bugs.webkit.org/show_bug.cgi?id=147179 <rdar://problem/21931728> Reviewed by Simon Fraser. The captions menu (and other text) should use a system style, -webkit-small-control. * Modules/mediacontrols/mediaControlsApple.css: (::-webkit-media-controls): 2015-07-24 Lucas Forschler <lforschler@apple.com> Merge r187133 2015-07-21 Benjamin Poulain <bpoulain@apple.com> StyleSheetContents::wrapperInsertRule() can create rules that overflow RuleData's selector index https://bugs.webkit.org/show_bug.cgi?id=147144 Reviewed by Alex Christensen. RuleData identifies selectors by the index in a large array. The index only has 13 bits so rules with more than 8192 selectors should be split. One of the paths was not splitting the rule: StyleSheetContents::wrapperInsertRule(). When rules with too many selectors were added, the index would overflow and some RuleData would point to selectors in the middle of selector chains. The resulting behavior is random based on the selectors and the DOM. We cannot easily fix that because the CSS OM API do not expect to create several rules in response to calls to the API. In this patch, I don't do anything fancy and just let the calls fail if we cannot use the rules safely. Content Extensions were also running into this problem. Large Selector lists are pretty common, and ContentExtensionStyleSheet::addDisplayNoneSelector() was overflowing the RuleData, creating broken page. Unlike CSSOM, there is no problem with splitting rules coming from Content Extensions. Instead of creating new APIs for that case, I rely on the parser to extend the StyleSheetContents. That code already knows how to break rules correctly. Tests: fast/css/insert-rule-overflow-rule-data.html http/tests/contentextensions/css-display-none-overflows-rule-data-1.html http/tests/contentextensions/css-display-none-overflows-rule-data-2.html * contentextensions/ContentExtensionStyleSheet.cpp: (WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector): * css/StyleSheetContents.cpp: (WebCore::StyleSheetContents::wrapperInsertRule): 2015-07-23 Lucas Forschler <lforschler@apple.com> Merge r187130 2015-07-21 Jon Honeycutt <jhoneycutt@apple.com> [iOS] Keyboard bold/italic/underline keys don't highlight after being tapped to style a selection https://bugs.webkit.org/show_bug.cgi?id=147164 <rdar://problem/21630806> Reviewed by Ryosuke Niwa. * editing/cocoa/EditorCocoa.mm: (WebCore::Editor::styleForSelectionStart): Use adjustedSelectionStartForStyleComputation(), which will ensure that we're at the start of the selected node, not at the end of the node before the selection. 2015-07-23 Lucas Forschler <lforschler@apple.com> Merge r187116 2015-07-21 Said Abou-Hallawa <sabouhallawa@apple.com> REGRESSION (r172417, r184065): Multiple rendering issues with fixed attached background-image https://bugs.webkit.org/show_bug.cgi?id=147049 <rdar://problem/21110936> Reviewed by Simon Fraser. The fixed-attached background-image rendering is special. In general, to display it, the destinationSize should be set to visibleContentSize. The destinationLocation should be set such that the background-image does not move with scrolling. The topContentInset should be subtracted from the destinationLocation such that background-image can be rendered blurred in the topContentArea. However there are cases in which these rules have to be changed. -- destinationSize: In the case of fixed layout size, the fixedLayoutSize is bigger than the visibleContentSize. In this case, if the background-image belongs to the root element, the destinationSize has to be set to fixedLayoutSize. Otherwise it has to be set to the borderBoxSize unless the overflow is hidden. -- destinationLocation: If the background-image belongs to the root element, no scroll offset to added to destinationLocation. For non-root element case, FrameView::documentScrollOffsetRelativeToViewOrigin() should be used if no page scaling is applied. Otherwise FrameView::scrollOffsetForFixedPosition() should be used instead. Tests: platform/mac-wk2/tiled-drawing/fixed-layout-size-fixed-attachment-cover.html platform/mac-wk2/tiled-drawing/fixed-layout-size-fixed-attachment-local.html * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry): Ensure the geometry for the fixed-attached background-image is calculated correctly. * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateGeometry): Ensure the background layer gets the correct size for the fixedLayoutSize mode. 2015-07-23 Lucas Forschler <lforschler@apple.com> Merge r186981 2015-07-17 Zalan Bujtas <zalan@apple.com> (display: block)input range's thumb disappears when moved. https://bugs.webkit.org/show_bug.cgi?id=146896 <rdar://problem/21787807> Reviewed by Simon Fraser. Since the thumb is positioned after the layout for the input (shadow) subtree is finished, the repaint rects issued during the layout will not cover the re-positioned thumb. We need to issue a repaint soon after the thumb is re-positioned. Test: fast/repaint/block-inputrange-repaint.html * html/shadow/SliderThumbElement.cpp: (WebCore::RenderSliderContainer::layout): == Rolled over to ChangeLog-2015-07-23 ==