2017-03-14 Matthew Hanson <matthew_hanson@apple.com> Merge r213949. rdar://problem/31049877 2017-03-14 Andy Estes <aestes@apple.com> REGRESSION (r209760): Apple Pay doesn't work on sites that specify empty contact fields https://bugs.webkit.org/show_bug.cgi?id=169639 <rdar://problem/30957789> Reviewed by Anders Carlsson. Shipping and billing contact fields are allowed to be empty. * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidate): 2017-03-03 Matthew Hanson <matthew_hanson@apple.com> Merge r213385. rdar://problem/30838984 2017-03-03 Sam Weinig <sam@webkit.org> REGRESSION (r209760): Apple Pay doesn't work on casper.com, shopspring.com, maybe other sites <rdar://problem/30313445> https://bugs.webkit.org/show_bug.cgi?id=169149 Reviewed by Simon Fraser. Relax restriction that the ApplePayShippingMethod sequence must not be empty. This was incorrect. * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidate): 2017-03-02 Matthew Hanson <matthew_hanson@apple.com> Rollout r212893. rdar://problem/30812551 2017-02-22 Brent Fulgham <bfulgham@apple.com> Merge r212828. rdar://problem/30636288 2017-02-21 Antti Koivisto <antti@apple.com> REGRESSION(r207669): Crash after mutating selector text https://bugs.webkit.org/show_bug.cgi?id=168655 <rdar://problem/30632111> Reviewed by Brent Fulgham. Test: fast/css/selector-text-mutation-crash.html * style/StyleScope.cpp: (WebCore::Style::Scope::resolver): (WebCore::Style::Scope::updateStyleResolver): Protect against entering scheduleUpdate and wiping style resolver while updating it. Extension stylesheets can trigger this. (WebCore::Style::Scope::scheduleUpdate): Clear the style resolver immediately if style sheet content changes. The resolver may have data structures that point to the old sheet contents. The resolver would get wiped anyway when the scheduled update actually occurs. * style/StyleScope.h: 2017-02-23 Matthew Hanson <matthew_hanson@apple.com> Rollout r212740. rdar://problem/30636288 2017-02-22 Brent Fulgham <bfulgham@apple.com> Merge r212554. rdar://problem/30636115 2017-02-16 Brent Fulgham <bfulgham@apple.com> RenderView needs to be updated when FrameView changes https://bugs.webkit.org/show_bug.cgi?id=168481 <rdar://problem/30339638> Reviewed by Andreas Kling. The state of the Document's RenderView can get out of sync with the Frame's FrameView. We need a notification mechanism so that modifications to the Frame's view are properly relayed to Document so that it can have a correct RenderView. * dom/Document.cpp: (WebCore::Document::didBecomeCurrentDocumentInView): Create an updated render tree (if one does not already exist). (WebCore::Document::destroyRenderTree): Remove an incorrect ASSERT. We may enter this code when the Frame uses 'setView(nullptr)', which happens during certain updates. * dom/Document.h: * page/Frame.cpp: (WebCore::Frame::setView): Destroy the old render tree (if present) before switching to the new view. Then notify the document that it is now the current document in the new view. 2017-02-21 Matthew Hanson <matthew_hanson@apple.com> Merge r212737. rdar://problem/30636288 2017-02-21 Antti Koivisto <antti@apple.com> REGRESSION(r207669): Crash after mutating selector text https://bugs.webkit.org/show_bug.cgi?id=168655 <rdar://problem/30632111> Reviewed by Brent Fulgham. Test: fast/css/selector-text-mutation-crash.html * style/StyleScope.cpp: (WebCore::Style::Scope::scheduleUpdate): Clear the style resolver immediately if style sheet content changes. The resolver may have data structures that point to the old sheet contents. The resolver would get wiped anyway when the scheduled update actually occurs. 2017-02-18 Ryosuke Niwa <rniwa@webkit.org> REGRESSION(r212218): Assertion failures in and after parserRemoveChild https://bugs.webkit.org/show_bug.cgi?id=168458 Reviewed by Antti Koivisto. The bug was caused by parserRemoveChild not preceeding to remove oldChild even when oldChild had been inserted elsewhere during unload evnets of the disconnected frames. Fixed the bug by checking this condition and exiting early. Also fixed various callers of parserRemoveChild to not call parserAppendChild when the removed node had already been inserted elsewhere by scripts. Tests: fast/parser/adoption-agency-unload-iframe-3.html fast/parser/adoption-agency-unload-iframe-4.html fast/parser/xml-error-unload-iframe.html * dom/ContainerNode.cpp: (WebCore::ContainerNode::parserRemoveChild): Exit early when the node had been inserted elsewhere while firing unload events. Also moved the call to notifyRemovePendingSheetIfNeeded outside NoEventDispatchAssertion since it can synchrnously fire a focus event. (WebCore::ContainerNode::parserAppendChild): Moved adoptNode call to inside NoEventDispatchAssertion since adoptNode call here should never mutate DOM. * html/parser/HTMLConstructionSite.cpp: (WebCore::executeReparentTask): Added an early exit when the node had already been inserted elsewhere. (WebCore::executeInsertAlreadyParsedChildTask): Ditto. * xml/XMLErrors.cpp: (WebCore::XMLErrors::insertErrorMessageBlock): Ditto. * xml/parser/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::end): Fixed a crash unveiled by one of the test cases. Exit early when insertErrorMessageBlock detached the parser (by author scripts). (WebCore::XMLDocumentParser::finish): Keep the parser alive until we exit. 2017-02-20 Ryosuke Niwa <rniwa@webkit.org> HTMLConstructionSiteTask::Insert should never be called on a node with a parent https://bugs.webkit.org/show_bug.cgi?id=168099 Reviewed by Sam Weinig. insertAlreadyParsedChild always use HTMLConstructionSiteTask::InsertAlreadyParsedChild instead of using HTMLConstructionSiteTask::Insert when fostering a child. Also combine the step to take all children and re-parenting into a single task instead of separately issuing TakeAllChildren and Reparent tasks. No new tests since this is a refactoring. * html/parser/HTMLConstructionSite.cpp: (WebCore::insert): Now asserts that the child node never have a parent. (WebCore::executeInsertAlreadyParsedChildTask): Moved the code to remove the parent here. (WebCore::executeTakeAllChildrenAndReparentTask): Renamed from executeTakeAllChildrenTask now that this function also does the reparenting. (WebCore::executeTask): (WebCore::HTMLConstructionSite::reparent): Removed the variant only used with takeAllChildren. (WebCore::HTMLConstructionSite::insertAlreadyParsedChild): Always use InsertAlreadyParsedChild instead of calling fosterParent which uses Insert when fostering parents. (WebCore::HTMLConstructionSite::takeAllChildrenAndReparent): Renamed from takeAllChildren. * html/parser/HTMLConstructionSite.h: (WebCore::HTMLConstructionSiteTask:Operation): * html/parser/HTMLTreeBuilder.cpp: (WebCore::HTMLTreeBuilder::callTheAdoptionAgency): 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Rollout r212601. rdar://problem/30339638 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Rollout r212660. rdar://problem/30553220 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Rollout r212647. rdar://problem/30563318 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r211750. rdar://problem/30383964 2017-02-06 Simon Fraser <simon.fraser@apple.com> Safari pages are blank sometimes (missing tiles) https://bugs.webkit.org/show_bug.cgi?id=167904 Reviewed by Tim Horton. After r211683 we failed to udpate the "inWindow" flag on the page tiled layer, because usingTiledBacking() on GraphicsLayer confusingly was false for the page tiled layer. Fix by removing usingTiledBacking() entirely, and checking for tiledBacking(), looking at the layer type when necessary. Tested by tiled-drawing/tiled-backing-in-window.html * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::GraphicsLayer): (WebCore::GraphicsLayer::setIsInWindowIncludingDescendants): This is the bug fix. (WebCore::GraphicsLayer::getDebugBorderInfo): (WebCore::GraphicsLayer::dumpProperties): * platform/graphics/GraphicsLayer.h: (WebCore::GraphicsLayer::usingTiledBacking): Deleted. * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::recursiveCommitChanges): (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): (WebCore::GraphicsLayerCA::changeLayerTypeTo): * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::willDestroyLayer): (WebCore::RenderLayerBacking::compositingLayerType): * rendering/RenderLayerCompositor.cpp: A bit more logging. (WebCore::RenderLayerCompositor::setIsInWindow): (WebCore::RenderLayerCompositor::attachRootLayer): 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212651. rdar://problem/30604254 2017-02-20 Jon Lee <jonlee@apple.com> Fix build error for iOS. Unreviewed. * platform/graphics/GraphicsContext3D.cpp: Move stub function into !PLATFORM(COCOA) instead of !PLATFORM(MAC). 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212650. rdar://problem/30604254 2017-02-20 Jon Lee <jonlee@apple.com> Unreviewed, rolling out r212639. Have a fix for the linker error on iOS. Reverted changeset: "Unreviewed, rolling out r212637." https://bugs.webkit.org/show_bug.cgi?id=168595 http://trac.webkit.org/changeset/212639 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212633. rdar://problem/30592266 2017-02-19 Dean Jackson <dino@apple.com> Activate/deactivate high performance GPU when requested https://bugs.webkit.org/show_bug.cgi?id=168559 <rdar://problem/30592266> Reviewed by Jon Lee. Respect the high-performance powerPreference for WebGL, by managing an object that enables the high-performance GPU. If a WebGL context wants high-performance, and it is visible, then a manager class in GraphicsContext3D creates and retains the object, causing all the WebGL contexts to move GPUs. If all the high-performance contexts are not visible, such as in a background tab, then the manager will release the object, allowing the GPU to power down. The swapping back from the high-performance GPU happens on a timer, to make sure we don't churn between GPUs if the user is swapping between a lot of tabs, or windows. Unfortunately testing this change properly requires hardware with multiple GPUs. I plan to write an API test that fakes most of the system interaction, such as occluding the page. An API test might also be able to verify if the system has more than one GPU. Otherwise I'll have to plumb everything through Internals. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::isHighPerformanceContext): Helper to detect if the GraphicsContext3D actually used high-performance mode. (WebCore::WebGLRenderingContextBase::create): Add logging if we are actually overriding a high-performance request. (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase): If we are high-performance, then register for activity state changes. (WebCore::WebGLRenderingContextBase::addActivityStateChangeObserverIfNecessary): (WebCore::WebGLRenderingContextBase::removeActivityStateChangeObserver): (WebCore::WebGLRenderingContextBase::destroyGraphicsContext3D): Call removeActivityStateChangeObserver as the GC3D is destroyed. (WebCore::WebGLRenderingContextBase::maybeRestoreContext): If the context was restored successfully, and came back in high-performance, then we need to listen for activity state changes as usual. (WebCore::WebGLRenderingContextBase::activityStateDidChange): If we changed visibility, tell the GC3D. * html/canvas/WebGLRenderingContextBase.h: Class inherits ActivityStateChangeObserver. * page/Settings.in: No longer force low-power everywhere. * platform/graphics/GraphicsContext3D.cpp: (WebCore::GraphicsContext3D::setContextVisibility): Empty implementation for non-Mac. * platform/graphics/GraphicsContext3D.h: (WebCore::GraphicsContext3D::powerPreferenceUsedForCreation): Tells clients what power preference was actually used during creation (e.g. a single GPU system will use default, even if they requested high-performance). * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::GraphicsContext3DManager::GraphicsContext3DManager): Helper class to look after all GraphicsContext3Ds. (WebCore::GraphicsContext3DManager::hasTooManyContexts): We have a limit on the number of contexts we can keep alive at any one time. (WebCore::manager): Helper to return the static instance. (WebCore::displayWasReconfigured): Send a message to all the contexts. (WebCore::GraphicsContext3DManager::addContext): (WebCore::GraphicsContext3DManager::removeContext): (WebCore::GraphicsContext3DManager::addContextRequiringHighPerformance): (WebCore::GraphicsContext3DManager::removeContextRequiringHighPerformance): (WebCore::GraphicsContext3DManager::updateHighPerformanceState): Check if the number of contexts requiring high-performance means we need to enable/disable that GPU. (WebCore::GraphicsContext3DManager::disableHighPerformanceGPUTimerFired): Releases our object that keeps the high-performance GPU on. (WebCore::GraphicsContext3DManager::recycleContextIfNecessary): Get rid of the first (oldest) context. This code was in GC3D proper, but it made more sense here in the helper. (WebCore::setPixelFormat): All contexts are created muxable now. (WebCore::GraphicsContext3D::create): Use the manager. (WebCore::GraphicsContext3D::GraphicsContext3D): Ditto. (WebCore::GraphicsContext3D::~GraphicsContext3D): Add logging. (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Better logging. (WebCore::GraphicsContext3D::updateCGLContext): (WebCore::GraphicsContext3D::setContextVisibility): This is the responder to the ActivityStateChanges in the WebGLRenderingContext. (WebCore::activeContexts): Deleted. (WebCore::addActiveContext): Deleted. (WebCore::removeActiveContext): Deleted. 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212331. rdar://problem/30522092 2017-02-14 Dean Jackson <dino@apple.com> Rename preferLowPowerWebGLRendering setting to forceWebGLUsesLowPower https://bugs.webkit.org/show_bug.cgi?id=168339 <rdar://problem/30522092> Reviewed by Simon Fraser. Use a setting name that more clearly reflects what it is doing. It's not preferring to use the low-power GPU, it's forcing it. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::create): * page/Settings.in: 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Rollout r212538. rdar://problem/30541748 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> A/B test concurrent GC https://bugs.webkit.org/show_bug.cgi?id=168453 <rdar://problem/30553220> Landed on behalf of JF Bastien. Reviewed by Alexey Proskuryakov. Initialize the WTF::SplitTest singleton using the anonymous UUID from crash reporter. This makes it easy to figure out which A/B split tests were enabled from a particular crash log. * WebCore.xcodeproj/project.pbxproj: * platform/SplitTestInitializer.cpp: Added. (getUUID): (InitWebCoreSplitTest): * platform/SplitTestInitializer.h: Copied from Source/WebKit2/WebProcess/EntryPoint/mac/XPCService/WebContentServiceEntryPoint.mm. 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212652. rdar://problem/30435303 2017-02-20 Per Arne Vollan <pvollan@apple.com> [Win] Custom scale factor is not applied in all cases. https://bugs.webkit.org/show_bug.cgi?id=168117 Reviewed by Brent Fulgham. We should not call the function deviceScaleFactorForWindow directly, since this will return the system scale factor, and ignore the custom scale factor. * platform/graphics/ca/win/CACFLayerTreeHost.h: * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp: (WebCore::WKCACFViewLayerTreeHost::initializeContext): (WebCore::WKCACFViewLayerTreeHost::resize): (WebCore::WKCACFViewLayerTreeHost::setScaleFactor): * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h: * platform/win/GDIUtilities.h: (WebCore::makeScaledPoint): * platform/win/PlatformMouseEventWin.cpp: (WebCore::positionForEvent): * platform/win/PopupMenuWin.cpp: (WebCore::PopupMenuWin::show): (WebCore::PopupMenuWin::wndProc): * platform/win/PopupMenuWin.h: 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212621. rdar://problem/30563318 2017-02-18 Ryosuke Niwa <rniwa@webkit.org> REGRESSION(r212218): Assertion failures in and after parserRemoveChild https://bugs.webkit.org/show_bug.cgi?id=168458 Reviewed by Antti Koivisto. The bug was caused by parserRemoveChild not preceeding to remove oldChild even when oldChild had been inserted elsewhere during unload evnets of the disconnected frames. Fixed the bug by checking this condition and exiting early. Also fixed various callers of parserRemoveChild to not call parserAppendChild when the removed node had already been inserted elsewhere by scripts. Tests: fast/parser/adoption-agency-unload-iframe-3.html fast/parser/adoption-agency-unload-iframe-4.html fast/parser/xml-error-unload-iframe.html * dom/ContainerNode.cpp: (WebCore::ContainerNode::parserRemoveChild): Exit early when the node had been inserted elsewhere while firing unload events. Also moved the call to notifyRemovePendingSheetIfNeeded outside NoEventDispatchAssertion since it can synchrnously fire a focus event. (WebCore::ContainerNode::parserAppendChild): Moved adoptNode call to inside NoEventDispatchAssertion since adoptNode call here should never mutate DOM. * html/parser/HTMLConstructionSite.cpp: (WebCore::executeReparentTask): Added an early exit when the node had already been inserted elsewhere. (WebCore::executeInsertAlreadyParsedChildTask): Ditto. * xml/XMLErrors.cpp: (WebCore::XMLErrors::insertErrorMessageBlock): Ditto. * xml/parser/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::end): Fixed a crash unveiled by one of the test cases. Exit early when insertErrorMessageBlock detached the parser (by author scripts). (WebCore::XMLDocumentParser::finish): Keep the parser alive until we exit. 2017-02-20 Matthew Hanson <matthew_hanson@apple.com> Merge r212558. rdar://problem/30451563 2017-02-17 Simon Fraser <simon.fraser@apple.com> REGRESSION (209396): Apple Pay buttons do not render https://bugs.webkit.org/show_bug.cgi?id=168523 rdar://problem/30451563 Reviewed by Geoffrey Garen. The new CSS parser mistakenly converted -apple-pay-button values to -webkit-pay-button, breaking -webkit-appearance: -apple-pay-button. Fix by excluding "-apple-pay" prefixed values from the conversion. Test: fast/css/appearance-apple-pay-button.html * css/parser/CSSPropertyParser.cpp: (WebCore::isAppleLegacyCssValueKeyword): 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Merge r212554. rdar://problem/30339638 2017-02-16 Brent Fulgham <bfulgham@apple.com> RenderView needs to be updated when FrameView changes https://bugs.webkit.org/show_bug.cgi?id=168481 <rdar://problem/30339638> Reviewed by Andreas Kling. The state of the Document's RenderView can get out of sync with the Frame's FrameView. We need a notification mechanism so that modifications to the Frame's view are properly relayed to Document so that it can have a correct RenderView. * dom/Document.cpp: (WebCore::Document::didBecomeCurrentDocumentInView): Create an updated render tree (if one does not already exist). (WebCore::Document::destroyRenderTree): Remove an incorrect ASSERT. We may enter this code when the Frame uses 'setView(nullptr)', which happens during certain updates. * dom/Document.h: * page/Frame.cpp: (WebCore::Frame::setView): Destroy the old render tree (if present) before switching to the new view. Then notify the document that it is now the current document in the new view. 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Merge r212354. rdar://problem/30450371 2017-02-14 Ryosuke Niwa <rniwa@webkit.org> An assertion failure inside removeChildren https://bugs.webkit.org/show_bug.cgi?id=168069 Reviewed by Brent Fulgham. The bug was caused by notifyRemovePendingSheet executing scripts synchronously where it shouldn't. Removed the call to notifyRemovePendingSheetIfNeeded in notifyChildNodeRemoved. Instead, invoke it in its call sites when they're safe. Test: http/tests/security/move-iframe-within-focus-handler-inside-removal.html * dom/ContainerNode.cpp: (WebCore::ContainerNode::takeAllChildrenFrom): (WebCore::ContainerNode::notifyChildInserted): (WebCore::ContainerNode::removeChild): (WebCore::ContainerNode::parserRemoveChild): (WebCore::ContainerNode::replaceAllChildren): (WebCore::ContainerNode::removeChildren): * dom/ContainerNodeAlgorithms.cpp: (WebCore::notifyChildNodeRemoved): 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Merge r212265. rdar://problem/30231732 2017-02-13 Said Abou-Hallawa <sabouhallawa@apple.com> The current frame of an image should not deleted if another frame is asynchronously being decoded https://bugs.webkit.org/show_bug.cgi?id=167618 Reviewed by Simon Fraser. Test: fast/images/animated-image-draw-while-decode.html If the memory cache asks the BitmapImage to destroy all its frames while the next frame is being decoded, a thread contention may happen. This can happen when BitmapImage::draw() is called and the next frame is not ready yet for drawing, so the current frame has to be drawn. This will invoke a frame decoding in the same image from the drawing committing thread. We can avoid that by destroying all the frames except the current frame if the image is asynchronously decoding its frames. This should not add extra memory overhead because building the image frame cache and then destroying it, when needed, is an on-going process. The frames will be allocated and decoded all the time and all of them can be destroyed except the current one. * platform/graphics/BitmapImage.cpp: (WebCore::BitmapImage::destroyDecodedData): (WebCore::BitmapImage::destroyDecodedDataIfNecessary): The logic of destroying the ImageFrames was split among BitmapImage, ImageSource and ImageFrameCache. Move all the logic to BitmapImage and have ImageFrameCache be responsible only for destroying a range of ImageFrames. (WebCore::BitmapImage::draw): add an ASSERT_IMPLIES to ensure the current frame is ready to be rendered if the next frame is being decoded. * platform/graphics/BitmapImage.h: Move a const from ImageFrameCache.h to BitmapImage.h. * platform/graphics/ImageFrameCache.cpp: (WebCore::ImageFrameCache::destroyDecodedData): (WebCore::ImageFrameCache::destroyDecodedDataIfNecessary): Deleted. * platform/graphics/ImageFrameCache.h: (WebCore::ImageFrameCache::destroyAllDecodedData): (WebCore::ImageFrameCache::destroyAllDecodedDataExcludeFrame): (WebCore::ImageFrameCache::destroyDecodedDataBeforeFrame): Make ImageFrameCache be responsible for destroying a range of ImageFrames. This range might include all the frames, all the frames but up to a specific frame, or all the frames but exclude one frame in the middle. * platform/graphics/ImageSource.cpp: (WebCore::ImageSource::clear): No need to call clearFrameBufferCache() from clear(). The decision to call clearFrameBufferCache() or clear() is moved to BitmapImage::destroyDecodedData(). (WebCore::ImageSource::destroyDecodedData): Deleted. (WebCore::ImageSource::destroyDecodedDataIfNecessary): Deleted. These functions are replaced by another set of functions in ImageSource.h. * platform/graphics/ImageSource.h: (WebCore::ImageSource::destroyAllDecodedData): (WebCore::ImageSource::destroyAllDecodedDataExcludeFrame): (WebCore::ImageSource::destroyDecodedDataBeforeFrame): (WebCore::ImageSource::hasDecodingQueue): These are new wrappers which call the corresponding ImageFrameCache functions. 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Merge r212218. rdar://problem/30339793 2017-02-12 Ryosuke Niwa <rniwa@webkit.org> parserRemoveChild should unload subframes https://bugs.webkit.org/show_bug.cgi?id=168151 Reviewed by Darin Adler. Fix the bug that the adoption agency algorithm does not unload subframes as it disconnects nodes. Also moved calls to nodeWillBeRemoved inside NoEventDispatchAssertion to expand on r211965. Tests: fast/parser/adoption-agency-clear-focus-range.html fast/parser/adoption-agency-unload-iframe-1.html fast/parser/adoption-agency-unload-iframe-2.html * dom/ContainerNode.cpp: (WebCore::ContainerNode::takeAllChildrenFrom): Rewritten using idioms used in removeChildren and parserAppendChild. Disconnect all subframes first since this can synchronously dispatch an unload event. Then update DOM ranges, the focused element, and other states in the document. Second, use the regular removeBetween, notifyChildNodeRemoved, childrenChanged sequence of calls to disconnect nodes instead of a single call to removeDetachedChildren to properly disconnect child nodes since those nodes may have already come live due to execution of synchronous scripts prior to the adoption agency algorithm has run, or in response to the unload event we just dispatched. Third, append these nodes using parserAppendChild to avoid dispatching mutation events. (WebCore::willRemoveChild): Removed the call to nodeWillBeRemoved. It's now called within NoEventDispatchAssertion in each call site of willRemoveChild and willRemoveChildren. (WebCore::willRemoveChildren): Ditto. (WebCore::ContainerNode::removeChild): Call nodeWillBeRemoved inside NoEventDispatchAssertion. (WebCore::ContainerNode::replaceAllChildren): Call nodeWillBeRemoved inside NoEventDispatchAssertion. (WebCore::ContainerNode::parserRemoveChild): Disconnect subframes and update document's states. * html/parser/HTMLConstructionSite.cpp: (WebCore::executeTakeAllChildrenAndReparentTask): Add a release assert that new parent does not already have a parent. 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Merge r212035. rdar://problem/30433204 2017-02-09 Filip Pizlo <fpizlo@apple.com> SharedArrayBuffer does not need to be in the transfer list https://bugs.webkit.org/show_bug.cgi?id=168079 Reviewed by Geoffrey Garen and Keith Miller. Tests: workers/sab/multi-memory-multi-buffer.html workers/sab/multi-memory.html workers/sab/no-transfer.html workers/sab/postMessage-clones.html workers/sab/sent-from-worker-no-transfer.html workers/sab/sent-from-worker-transfer.html The SAB API that we originally implemented required that SABs get put in transfer lists when they are sent to workers. The new SAB API that everyone is converging towards requires that you do not put the SAB in the transfer list. That's supposed to be an error. Instead, anytime that a SAB is part of any message to or from a dedicated worker then it is automatically shared. The new API provides a lot more clarity about what is supposed to happen in contexts that support transfering but don't support sharing. Right now this patch allows both styles to work, but I hope we can disable the transfer list capability soon. * bindings/js/IDBBindingUtilities.cpp: (WebCore::deserializeIDBValueToJSValue): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::data): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::serialize): (WebCore::CloneSerializer::CloneSerializer): (WebCore::CloneSerializer::dumpIfTerminal): (WebCore::CloneDeserializer::deserialize): (WebCore::CloneDeserializer::CloneDeserializer): (WebCore::CloneDeserializer::readTerminal): (WebCore::SerializedScriptValue::SerializedScriptValue): (WebCore::SerializedScriptValue::create): (WebCore::SerializedScriptValue::deserialize): * bindings/js/SerializedScriptValue.h: (): Deleted. * dom/CustomEvent.cpp: (WebCore::CustomEvent::trySerializeDetail): * dom/ErrorEvent.cpp: (WebCore::ErrorEvent::trySerializeError): * dom/MessageEvent.cpp: (WebCore::MessageEvent::trySerializeData): * dom/PopStateEvent.cpp: (WebCore::PopStateEvent::trySerializeState): * workers/DedicatedWorkerGlobalScope.cpp: (WebCore::DedicatedWorkerGlobalScope::postMessage): * workers/Worker.cpp: (WebCore::Worker::postMessage): 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Rollout r212488. rdar://problem/29904368 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Rollout r212500. rdar://problem/29904368 2017-02-17 Matthew Hanson <matthew_hanson@apple.com> Rollout r212501. rdar://problem/29904368 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212513. rdar://problem/30301317 2017-02-16 Myles C. Maxfield <mmaxfield@apple.com> font-weight in @font-face can cause a font to be downloaded even when it's not used https://bugs.webkit.org/show_bug.cgi?id=168114 <rdar://problem/30301317> Reviewed by Darin Adler. There were two problems with our font loading code. When we are in the middle of a download, we will use a special interstitial font, and this special font has a flag set which will cause it to be invisible when it is drawn. However, when we start using this font during the load, we give it a unicode-range of U+0-0 which means that it will never be used, and fallback will happen to other weights immediately. The second problem with the font loading code is that this interstital font is just Times. Times doesn't support every character, which means that if we are trying to render some exotic character, we fall back to other weights. The solution here is to use LastResort as the interstitial font, because it supports all characters. Because its metrics are reasonable and we don't ever actually paint this interstitial font, this choice is no worse than Times. Tests: fast/text/font-style-download.html fast/text/font-weight-download-2.html fast/text/font-weight-download.html fast/text/font-weight-fallback.html * css/CSSFontFace.cpp: (WebCore::CSSFontFace::font): * css/CSSSegmentedFontFace.cpp: (WebCore::appendFont): (WebCore::CSSSegmentedFontFace::fontRanges): (WebCore::appendFontWithInvalidUnicodeRangeIfLoading): Deleted. * platform/graphics/Font.h: (WebCore::Font::widthForGlyph): * platform/graphics/FontCache.h: * platform/graphics/freetype/FontCacheFreeType.cpp: (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): * platform/graphics/mac/FontCacheMac.mm: (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): * platform/graphics/win/FontCacheWin.cpp: (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212441. rdar://problem/30357253 2017-02-16 Chris Fleizach <cfleizach@apple.com> AX: Make form validation accessible on iOS https://bugs.webkit.org/show_bug.cgi?id=168400 Reviewed by Chris Dumez. Hide the popover content of form validation from accessibility (since its not interactable) and instead announce the message. * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::show): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212518. rdar://problem/30541748 2017-02-16 Daniel Bates <dabates@apple.com> Remove Chromium-specific code to call FrameLoaderClient::redirectDataToPlugin(nullptr) https://bugs.webkit.org/show_bug.cgi?id=168417 <rdar://problem/30541748> Reviewed by Brent Fulgham. Remove Chromium-specific code that was added in r125500 to call FrameLoaderClient::redirectDataToPlugin(nullptr) in PluginDocument::detachFromPluginElement(). Calling redirectDataToPlugin() with nullptr was used by the Chromium port to signify that the plugin document was being destroyed so that they could tear down their plugin widget. And PluginDocument::detachFromPluginElement() is the only place that calls redirectDataToPlugin() passing nullptr. No other port made use of this machinery and the Chromium port has long since been removed from the Open Source WebKit Project. We should remove this code. * html/PluginDocument.cpp: (WebCore::PluginDocumentParser::appendBytes): Pass the plugin widget by reference. (WebCore::PluginDocument::detachFromPluginElement): Remove call to FrameLoaderClient::redirectDataToPlugin(). This call was only used by the Chromium port as means to be notified when the plugin document was being destroyed. No other port made use of this notification or needed such a notification. * loader/EmptyClients.cpp: Change argument of redirectDataToPlugin() from Widget* to Widget& to convey that this function always takes a valid Widget. Also remove unnecessary argument name as the data type of the argument and the name of the function sufficiently describes the purpose of the argument. * loader/FrameLoaderClient.h: Ditto. 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212350. rdar://problem/30450379 2017-02-14 Brent Fulgham <bfulgham@apple.com> Revalidate URL after events that could trigger navigations https://bugs.webkit.org/show_bug.cgi?id=168071 <rdar://problem/30450379> Reviewed by Ryosuke Niwa. When arbitary javascript runs during a load, we should revalidate the URLs involved to make sure they are still valid. Tests: http/tests/plugins/navigation-during-load-embed.html http/tests/plugins/navigation-during-load.html * html/HTMLEmbedElement.cpp: (WebCore::HTMLEmbedElement::updateWidget): Confirm we are still allowed to load the URL after executing JS callbacks. * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::isURLAllowed): Split existing function into existing protected method, and a new public method that checks a passed URL for validity. * html/HTMLFrameElementBase.h: * html/HTMLFrameOwnerElement.h: (WebCore::HTMLFrameOwnerElement::isURLAllowed): * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::updateWidget): Confirm we are still allowed to load the URL after executing JS callbacks. * loader/SubframeLoader.cpp: (WebCore::SubframeLoader::requestFrame): Ditto. 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212335. rdar://problem/29899473 2017-02-14 Brady Eidson <beidson@apple.com> Unreviewed followup to r212330 to fix Debug builds * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Add call to relaxAdoptionRequirement(). 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212330. rdar://problem/29899473 2017-02-14 Brady Eidson <beidson@apple.com> Speculative fix for: Crash in DocumentThreadableLoader::redirectReceived. <rdar://problem/29899473> and https://bugs.webkit.org/show_bug.cgi?id=168337 Reviewed by Geoffrey Garen. No new tests (Unable to find a reproduction). * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::loadRequest): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212316. rdar://problem/30504444 2017-02-13 Dean Jackson <dino@apple.com> Rename preferLowPowerToHighPerformance to powerPreference https://bugs.webkit.org/show_bug.cgi?id=168269 <rdar://problem/30504444> Reviewed by Chris Dumez. Based on the discussion in https://github.com/KhronosGroup/WebGL/pull/2283. Change WebGLContextAttributes's preferLowPowerToHighPerformance boolean into a powerPreference enum taking three values. The implementation of the enum is in GraphicsContext3DAttributes. While the name and values have changed, there should be no change in behaviour caused by this patch. * html/canvas/WebGLContextAttributes.h: Use GraphicsContext3DAttributes enum GraphicsContext3DPowerPreference. * html/canvas/WebGLContextAttributes.idl: Rename and add the WebIDL enum. * html/canvas/WebGLRenderingContextBase.cpp: Use the new values. (WebCore::WebGLRenderingContextBase::create): (WebCore::WebGLRenderingContextBase::registerWithWebGLStateTracker): * platform/WebGLStateTracker.cpp: * platform/WebGLStateTracker.h: Update the state tracker to use the new values. * platform/graphics/GraphicsContext3DAttributes.h: * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::setPixelFormat): Accept GraphicsContext3DPowerPreference as a parameter. (WebCore::GraphicsContext3D::GraphicsContext3D): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212314. rdar://problem/27685077 2017-02-14 Jeremy Jones <jeremyj@apple.com> When playing inline after fullscreen, set a flag instead of adding attribute plays inline, and use in requiresFullscreenForVideoPlayback. https://bugs.webkit.org/show_bug.cgi?id=167815 rdar://problem/27685077 Reviewed by Jer Noble. Test: media/media-fullscreen-loop-inline.html When video is allowed to play inline after fullscreen. Looped video causes play state to update, which can send video back to fullscreen when allowsInline is false. This change will set a new flag when allowsInlineMediaPlaybackAfterFullscreen allows inline playback that can be tested in requiresFullscreenForVideoPlayback to prevent sending video back into fullscreen when video loops. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::enterFullscreen): (WebCore::HTMLMediaElement::exitFullscreen): * html/HTMLMediaElement.h: (WebCore::HTMLMediaElement::isTemporarilyAllowingInlinePlaybackAfterFullscreen): Added. * html/MediaElementSession.cpp: (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212301. rdar://problem/30494674 2017-02-13 Filip Pizlo <fpizlo@apple.com> worker.postMessage should throw a TypeError if a SharedArrayBuffer is in the transfer list https://bugs.webkit.org/show_bug.cgi?id=168277 Reviewed by Mark Lam. Test: workers/sab/postMessage-transfer-type-error.html This is a simple spec compliance change. The title says it all. * bindings/js/SerializedScriptValue.cpp: (WebCore::SerializedScriptValue::create): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212260. rdar://problem/30481079 2017-02-13 Simon Fraser <simon.fraser@apple.com> Call WKDestroyRenderingResources() on iOS when tabs are backgrounded https://bugs.webkit.org/show_bug.cgi?id=168261 rdar://problem/30481079 Reviewed by Tim Horton. Add CABackingStoreCollectBlocking() to QuartzCoreSPI.h, and fix files in WebCore that do a framework include. * platform/graphics/cocoa/TextTrackRepresentationCocoa.mm: * platform/graphics/cocoa/WebActionDisablingCALayerDelegate.h: * platform/spi/cocoa/QuartzCoreSPI.h: * platform/spi/mac/NSViewSPI.h: 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212214. rdar://problem/30451581 2017-02-12 Ryosuke Niwa <rniwa@webkit.org> REGRESSION (r179497): Crash inside setAttributeNode https://bugs.webkit.org/show_bug.cgi?id=168161 <rdar://problem/30451581> Reviewed by Andreas Kling. The bug was caused by setAttributeNode calling setAttributeInternal with the same element data as the one used to call removeAttributeInternal despite of the fact removeAttributeInternal could have invoked arbitrary scripts and mutated element's m_elementData. Fixed the bug by calling with setAttributeInternal with the result of new invocation of ensureUniqueElementData(). Test: fast/dom/Attr/make-unique-element-data-while-replacing-attr.html * dom/Element.cpp: (WebCore::Element::setAttributeNode): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212174. rdar://problem/29904368 2017-02-10 Daniel Bates <dabates@apple.com> Attempt to fix the build following <https://trac.webkit.org/changeset/212173> (https://bugs.webkit.org/show_bug.cgi?id=166774) * dom/Document.cpp: (WebCore::Document::detachFromCachedFrame): Use ASSER_UNUSED() instead of ASSERT() since the parameter cachedFrame is unused in non-debug build. 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212173. rdar://problem/29904368 2017-02-10 Daniel Bates <dabates@apple.com> Detach frame from document when entering page cache https://bugs.webkit.org/show_bug.cgi?id=166774 <rdar://problem/29904368> Reviewed by Chris Dumez. When a page enters the page cache it is unnecessary for it to hold a reference to its associated frame because subsequent interactions with the page do not need to make use of it. Once a page exits the page cache we associate it with its frame. * dom/Document.cpp: (WebCore::Document::frameDestroyed): Update comment to reflect the renaming of disconnectFromFrame(). (WebCore::Document::attachToCachedFrame): Added. (WebCore::Document::detachFromCachedFrame): Added. (WebCore::Document::prepareForDestruction): Only call CSSAnimationController::detachFromDocument() if we have a frame. Substitute detachFromFrame() for disconnectFromFrame() as the latter was renamed to the former. (WebCore::Document::hasEverCalledWindowOpen): Deleted. (WebCore::Document::markHasCalledWindowOpen): Deleted. (WebCore::Document::disconnectFromFrame): Renamed to detachFromFrame. * dom/Document.h: (WebCore::Document::detachFromFrame): Renamed; formerly named disconnectFromFrame(). Changed visibility from public to private and made this function inline. * history/CachedFrame.cpp: (WebCore::CachedFrameBase::pruneDetachedChildFrames): Remove cached child frames that were removed from the page when it was in the page cache as there is no need to restore such frames. (WebCore::CachedFrameBase::restore): Call pruneDetachedChildFrames() before restoring the frame tree. (WebCore::CachedFrame::CachedFrame): Detach from the frame. (WebCore::CachedFrame::open): Assert that we have a document and re-attach the frame. (WebCore::CachedFrame::destroy): Update assertion as this function should only be called for a frameless document. Only detach the FrameView, DocumentLoader, and Page when the cached frame is for subframe and is associated with a Page object. Call CSSAnimationController::detachFromDocument() to detach the animation controller from the document as it is being destroyed. We have to do this here because the document does not have a frame. And Document::prepareForDestruction() only calls CSSAnimationController::detachFromDocument() if the document has a frame. * history/CachedFrame.h: * history/PageCache.cpp: (WebCore::canCachePage): Remove logic that prevents caching of a page that called window.open() or has an opener as it is feasible to keep such pages in the page cache. * html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::finishedInsertingSubtree): Fix style nit. * loader/FrameLoader.cpp: (WebCore::FrameLoader::frameDetached): Only stop all loaders and stop active DOM objects if the page is not in- or about to enter- the page cache. A page in the page cache has finished loading and its active DOM objects are suspended. Also fix style nit in comment. (WebCore::FrameLoader::detachFromParent): Only stop all loaders if the page is not in- or about to enter- the page cache. A page in the page cache has finished loading. Also added a comment to explain that we protect the frame because stopAllLoaders() can cause the frame to be deallocated. * page/DOMWindow.cpp: (WebCore::DOMWindow::createWindow): Remove logic to call markHasCalledWindowOpen() as this function will be removed. * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::hasCalledWindowOpenKey): Deleted. (WebCore::DiagnosticLoggingKeys::hasOpenerKey): Deleted. * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::Page::openedByWindowOpen): Deleted. * page/Page.h: * page/Settings.in: Remove setting allowsPageCacheWithWindowOpener. 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212172. rdar://problem/30476807 2017-02-10 Simon Fraser <simon.fraser@apple.com> REGRESSION (r211845): [ios-simulator] LayoutTest compositing/masks/solid-color-masked.html is a flaky failure https://bugs.webkit.org/show_bug.cgi?id=168054 Reviewed by Tim Horton. When adding mask layers, there was an ordering dependency. There was a hack in GraphicsLayerCA::setVisibleAndCoverageRects() to propagate m_intersectsCoverageRect to masks. However, if GraphicsLayerCA::setVisibleAndCoverageRects() ran on the masked layer before the mask was added, nothing updated the "m_intersectsCoverageRect" state of the mask layer. Fix by explicitly calling setVisibleAndCoverageRects() on the mask layer, passing the same rects and viewport-constrained state as for its host layer (we already assume that their geometry matches). Tested by compositing/masks/solid-color-masked.html * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects): (WebCore::GraphicsLayerCA::recursiveCommitChanges): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212153. rdar://problem/30467120 2017-02-10 Simon Fraser <simon.fraser@apple.com> Make sure the "inwindow" flag propagates to TiledBackings for masks and reflections https://bugs.webkit.org/show_bug.cgi?id=168127 rdar://problem/30467120 Reviewed by Tim Horton. Replace the special-case, but wrong, GraphicsLayer traversal in setIsInWindowIncludingDescendants() which forgot to hit masks and replica layers with a generic traverse() function, which is then used for setting 'inWindow' as well as resetting tracked repaints. Tests: compositing/tiling/tiled-mask-inwindow.html compositing/tiling/tiled-reflection-inwindow.html * page/PageOverlayController.cpp: (WebCore::PageOverlayController::layerWithDocumentOverlays): (WebCore::PageOverlayController::layerWithViewOverlays): * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::setIsInWindow): (WebCore::GraphicsLayer::setReplicatedByLayer): (WebCore::GraphicsLayer::traverse): (WebCore::GraphicsLayer::setIsInWindowIncludingDescendants): Deleted. * platform/graphics/GraphicsLayer.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::setIsInWindow): (WebCore::RenderLayerCompositor::resetTrackedRepaintRects): (WebCore::resetTrackedRepaintRectsRecursive): Deleted. 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212152. rdar://problem/30459055 2017-02-09 Simon Fraser <simon.fraser@apple.com> Tiled layers are sometimes left with some tiles when outside the viewport https://bugs.webkit.org/show_bug.cgi?id=168104 rdar://problem/30459055 Reviewed by Tim Horton. When the coverage rect of a TiledBacking goes from a non-empty rect to an empty rect, we shouldn't just early return from TileGrid::revalidateTiles(), otherwise we are left with some tiles. Run through the function as normal, which will remove all the tiles for an empty coverage rect. Minor logging changes. Test: tiled-drawing/tile-coverage-iframe-to-zero-coverage.html * platform/graphics/ca/TileGrid.cpp: (WebCore::TileGrid::revalidateTiles): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r212151. rdar://problem/30090186 2017-02-10 Zalan Bujtas <zalan@apple.com> Mail hangs when removing multiple rows from large table. https://bugs.webkit.org/show_bug.cgi?id=168103 <rdar://problem/30090186> Reviewed by Ryosuke Niwa. DeleteSelectionCommand::removeNode doesn't actually destroy table structure items, but instead it removes their content. In order to be able to continue editing the table after the delete, we need to ensure that its cells' width and height are > 0. Currently we issue layout on each table item recursively. This patch delays the layout until after we've finished with the entire subtree delete (10x progression). Performance test added. * editing/DeleteSelectionCommand.cpp: (WebCore::DeleteSelectionCommand::insertBlockPlaceholderForTableCellIfNeeded): (WebCore::DeleteSelectionCommand::removeNodeUpdatingStates): (WebCore::shouldRemoveContentOnly): (WebCore::DeleteSelectionCommand::removeNode): * editing/DeleteSelectionCommand.h: 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211766. rdar://problem/30467124 2017-02-06 Simon Fraser <simon.fraser@apple.com> Re-land r210095 (avoid a tile revalidation on scale change) https://bugs.webkit.org/show_bug.cgi?id=167866 Reviewed by Tim Horton. r210095 was rolled out in r211230 but now that all TileControllers unparent offscreen tiles, we can roll it back it. Also add more Tiling logging. * platform/graphics/ca/TileGrid.cpp: (WebCore::validationPolicyAsString): (WebCore::TileGrid::setScale): (WebCore::TileGrid::prepopulateRect): (WebCore::TileGrid::revalidateTiles): (WebCore::TileGrid::ensureTilesForRect): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211688. rdar://problem/30467177 2017-02-05 Simon Fraser <simon.fraser@apple.com> Remove unparentsOffscreenTiles logic in TileController https://bugs.webkit.org/show_bug.cgi?id=167823 Reviewed by Tim Horton. Give all TileGrids the "unparents offscreen tiles" behavior. This was enabled for only the page tiles in WK2 on Mac and iOS, but there's no reason to not use it for tiled composited layers also. Also use more modern C++ idioms in a few places. * platform/graphics/TiledBacking.h: * platform/graphics/ca/TileController.h: * platform/graphics/ca/TileGrid.cpp: (WebCore::TileGrid::revalidateTiles): (WebCore::TileGrid::ensureTilesForRect): * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::RenderLayerBacking): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211662. rdar://problem/30467322 2017-02-03 Simon Fraser <simon.fraser@apple.com> Correctly set the "inWindow" flag for TileControllers that aren't the page tiles, and clarify "usingTiledBacking" logic https://bugs.webkit.org/show_bug.cgi?id=167774 Reviewed by Tim Horton. RenderLayerBacking had some very confusing "usingTiledCacheLayer" uses. Its member variable, m_usingTiledCacheLayer, really meant "m_isMainFrameLayerWithTiledBacking" so make it so. It had a usingTiledBacking(), which returned the same thing, which this patch replaces with isMainFrameLayerWithTiledBacking(). The fact that usingTiledBacking() was only true for the page tiled layer tripped up RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants(), which would only ever call setIsInWindow() on the page tiled layer. These changes fix that. Also make a way for tests to unparent the web view via UIScriptController, and dump out the "in window" status of TileBackings when dumping tile caches. Test: tiled-drawing/tiled-backing-in-window.html * platform/graphics/TiledBacking.h: * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::dumpAdditionalProperties): * platform/graphics/ca/TileController.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::RenderLayerBacking): (WebCore::computePageTiledBackingCoverage): (WebCore::RenderLayerBacking::adjustTiledBackingCoverage): (WebCore::RenderLayerBacking::setTiledBackingHasMargins): (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): (WebCore::RenderLayerBacking::shouldClipCompositedBounds): (WebCore::RenderLayerBacking::updateDescendantClippingLayer): (WebCore::RenderLayerBacking::updateRootLayerConfiguration): (WebCore::RenderLayerBacking::paintsIntoWindow): (WebCore::computeTileCoverage): Deleted. * rendering/RenderLayerBacking.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::flushPendingLayerChanges): (WebCore::RenderLayerCompositor::rootFixedBackgroundsChanged): (WebCore::RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants): (WebCore::RenderLayerCompositor::supportsFixedRootBackgroundCompositing): (WebCore::RenderLayerCompositor::documentUsesTiledBacking): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211683. rdar://problem/30467272 2017-02-04 Simon Fraser <simon.fraser@apple.com> Clean up how GraphicsLayer's "inWindow" state is set, and fix some issues with Page Overlays https://bugs.webkit.org/show_bug.cgi?id=167850 Reviewed by Tim Horton. RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants() walked the RenderLayer tree to set the GraphicsLayer's "inWindow" state. This had the problem of skipping non-primary GraphicsLayers. We also never did this work for page overlay layers. Fix by giving GraphicsLayers a recursive function that sets the inWindow state, and call that from RenderLayerCompositor::setIsInWindow() and PageOverlayController. PageOverlayController also needs to implement tiledBackingUsageChanged so that tiled backings created dynamically get the correct in-window state. Page overlays also had some serious issues in MiniBrowser, in that they disappeared on reload, and on hide/show web view. This was because the overlay root layers were re-parented, but addChild() for each overlay's layer wasn't called. Clean up by replacing willAttachRootLayer() followed by viewOverlayRootLayer()/documentOverlayRootLayer() with single calls that set up the layers, update the inWindow state, and return the layer. Make it possible to dump tile caches in page overlay tests. Make showGraphicsLayers() always dump page overlay layers (source of much confusion). Test: pageoverlay/overlay-remove-reinsert-view.html * page/PageOverlayController.cpp: (WebCore::PageOverlayController::documentOverlayRootLayer): (WebCore::PageOverlayController::viewOverlayRootLayer): (WebCore::PageOverlayController::layerWithDocumentOverlays): (WebCore::PageOverlayController::layerWithViewOverlays): (WebCore::PageOverlayController::tiledBackingUsageChanged): (WebCore::PageOverlayController::willAttachRootLayer): Deleted. * page/PageOverlayController.h: * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::setIsInWindowIncludingDescendants): (WebCore::dumpChildren): * platform/graphics/GraphicsLayer.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::appendDocumentOverlayLayers): (WebCore::RenderLayerCompositor::setIsInWindow): (WebCore::RenderLayerCompositor::attachRootLayer): (WebCore::RenderLayerCompositor::rootLayerAttachmentChanged): (WebCore::RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants): Deleted. * rendering/RenderLayerCompositor.h: * testing/Internals.cpp: (WebCore::toLayerTreeFlags): (WebCore::Internals::layerTreeAsText): (WebCore::Internals::pageOverlayLayerTreeAsText): * testing/Internals.h: * testing/Internals.idl: * testing/MockPageOverlayClient.cpp: (WebCore::MockPageOverlayClient::layerTreeAsText): * testing/MockPageOverlayClient.h: 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211662. rdar://problem/30467322 2017-02-03 Simon Fraser <simon.fraser@apple.com> Correctly set the "inWindow" flag for TileControllers that aren't the page tiles, and clarify "usingTiledBacking" logic https://bugs.webkit.org/show_bug.cgi?id=167774 Reviewed by Tim Horton. RenderLayerBacking had some very confusing "usingTiledCacheLayer" uses. Its member variable, m_usingTiledCacheLayer, really meant "m_isMainFrameLayerWithTiledBacking" so make it so. It had a usingTiledBacking(), which returned the same thing, which this patch replaces with isMainFrameLayerWithTiledBacking(). The fact that usingTiledBacking() was only true for the page tiled layer tripped up RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants(), which would only ever call setIsInWindow() on the page tiled layer. These changes fix that. Also make a way for tests to unparent the web view via UIScriptController, and dump out the "in window" status of TileBackings when dumping tile caches. Test: tiled-drawing/tiled-backing-in-window.html * platform/graphics/TiledBacking.h: * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::dumpAdditionalProperties): * platform/graphics/ca/TileController.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::RenderLayerBacking): (WebCore::computePageTiledBackingCoverage): (WebCore::RenderLayerBacking::adjustTiledBackingCoverage): (WebCore::RenderLayerBacking::setTiledBackingHasMargins): (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): (WebCore::RenderLayerBacking::shouldClipCompositedBounds): (WebCore::RenderLayerBacking::updateDescendantClippingLayer): (WebCore::RenderLayerBacking::updateRootLayerConfiguration): (WebCore::RenderLayerBacking::paintsIntoWindow): (WebCore::computeTileCoverage): Deleted. * rendering/RenderLayerBacking.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::flushPendingLayerChanges): (WebCore::RenderLayerCompositor::rootFixedBackgroundsChanged): (WebCore::RenderLayerCompositor::setIsInWindowForLayerIncludingDescendants): (WebCore::RenderLayerCompositor::supportsFixedRootBackgroundCompositing): (WebCore::RenderLayerCompositor::documentUsesTiledBacking): 2017-02-16 Matthew Hanson <matthew_hanson@apple.com> Merge r211501. rdar://problem/29904368 2017-02-01 Antoine Quint <graouts@apple.com> [mac-wk1] LayoutTest media/modern-media-controls/tracks-support/tracks-support-click-track-in-panel.html is a flaky timeout https://bugs.webkit.org/show_bug.cgi?id=165319 <rdar://problem/30284104> Reviewed by Dean Jackson. Running media/controls/track-menu.html before media/modern-media-controls/tracks-support/tracks- support-click-track-in-panel.html makes that test time out in all test runs. The root of the issue is that animations are suspended by media/controls/track-menu.html with a call to internals.suspendAnimations(), and that state isn't reset with a call to internals.resumeAnimations(). Then, media/modern-media-controls/tracks-support/tracks-support-click-track-in-panel.html fails because the selection animation for the tracks panel menu item that is clicked never completes and the delegate to notify that an item in the tracks panel was selected is never fired, which leads to the test failure. We change Internals::suspendAnimations() and Internals::resumeAnimations() to only affect the current document, rather than calling into AnimationController::suspendAnimations() which would do just that, but also set a Frame-wide flag that would prevent further animations from running, even in a subsequent document load. * dom/Document.cpp: (WebCore::Document::prepareForDestruction): Ensure the document that is about to be destroyed is no longer associated with an AnimationController. * page/animation/AnimationController.cpp: (WebCore::AnimationControllerPrivate::ensureCompositeAnimation): Update the animation's suspend state in case the document its renderer is associated with is suspended. This is required since previously CompositeAnimations would set their suspend state in their constructor, based on the Frame-wide suspended state, but there is no document to use as a basis to query its suspended state in that constructor. (WebCore::AnimationControllerPrivate::animationsAreSuspendedForDocument): (WebCore::AnimationControllerPrivate::detachFromDocument): (WebCore::AnimationControllerPrivate::suspendAnimationsForDocument): (WebCore::AnimationControllerPrivate::resumeAnimationsForDocument): (WebCore::AnimationControllerPrivate::startAnimationsIfNotSuspended): (WebCore::AnimationController::animationsAreSuspendedForDocument): (WebCore::AnimationController::detachFromDocument): * page/animation/AnimationController.h: * page/animation/AnimationControllerPrivate.h: * testing/Internals.cpp: (WebCore::Internals::animationsAreSuspended): (WebCore::Internals::suspendAnimations): (WebCore::Internals::resumeAnimations): 2017-02-15 Ryan Haddad <ryanhaddad@apple.com> Merge r212238. rdar://problem/30494165 2017-02-13 Chris Dumez <cdumez@apple.com> Regression(r211455): ASSERTION FAILED: frameView || pageCacheState() == InPageCache in com.apple.WebCore: WebCore::Document::destroyRenderTree https://bugs.webkit.org/show_bug.cgi?id=168237 <rdar://problem/30494165> Reviewed by Gavin Barraclough. Drop bad assertion under document::destroyRenderTree() that was introduced in r211455. The assertion seemed like a good idea but the issue is that CachedFrame::destroy() reset's the document's pageCacheState before calling Document::prepareForDestruction(). No new tests, this fixes assertion hits on our bots. * dom/Document.cpp: (WebCore::Document::destroyRenderTree): 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r212131. rdar://problem/30271744 2017-02-10 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make intercap property values serialize correctly https://bugs.webkit.org/show_bug.cgi?id=168073 Reviewed by Zalan Bujtas. Fix CSS value keywords to preserve case when the value contains capital letters. Examples include optimizeSpeed, translateX, scaleY, etc. * css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::operator EPointerEvents): (WebCore::CSSPrimitiveValue::operator TextRenderingMode): (WebCore::CSSPrimitiveValue::operator EImageRendering): (WebCore::CSSPrimitiveValue::operator EColorInterpolation): (WebCore::CSSPrimitiveValue::operator EColorRendering): (WebCore::CSSPrimitiveValue::operator EShapeRendering): * css/MediaQueryEvaluator.cpp: (WebCore::colorGamutEvaluate): * css/SVGCSSValueKeywords.in: * css/TransformFunctions.cpp: (WebCore::transformOperationType): (WebCore::transformsForValue): * css/makevalues.pl: * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): (WebCore::parseTransformTranslateArguments): (WebCore::parseSimpleTransformValue): * css/parser/CSSPropertyParser.cpp: (WebCore::consumeTransformValue): * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::parseColorFunctionParameters): 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r211910. rdar://problem/30358835 2017-02-08 Chris Dumez <cdumez@apple.com> Use smaller tiles in windows that are not active to facilitate App Napping https://bugs.webkit.org/show_bug.cgi?id=167997 <rdar://problem/30358835> Reviewed by Simon Fraser. Use smaller / non-adaptative tiles in windows that are not active to facilitate App Napping after <https://trac.webkit.org/r197594>. Test: compositing/tiling/non-active-window-tiles-size.html * page/FrameView.cpp: (WebCore::FrameView::contentsResized): (WebCore::FrameView::addedOrRemovedScrollbar): (WebCore::FrameView::computeScrollability): (WebCore::FrameView::updateTiledBackingAdaptiveSizing): (WebCore::FrameView::unobscuredContentSizeChanged): (WebCore::FrameView::setViewExposedRect): * page/FrameView.h: * page/Page.cpp: (WebCore::Page::setActivityState): (WebCore::Page::isWindowActive): * page/Page.h: * platform/graphics/TiledBacking.h: * platform/graphics/ca/TileController.cpp: (WebCore::TileController::setTileSizeUpdateDelayDisabledForTesting): (WebCore::TileController::notePendingTileSizeChange): * platform/graphics/ca/TileController.h: * testing/Internals.cpp: (WebCore::Internals::resetToConsistentState): (WebCore::Internals::disableTileSizeUpdateDelay): * testing/Internals.h: * testing/Internals.idl: 2017-02-10 Brent Fulgham <bfulgham@apple.com> Merge r212026. rdar://problem/30096323 2017-02-09 Chris Dumez <cdumez@apple.com> Crash under FormSubmission::create() https://bugs.webkit.org/show_bug.cgi?id=167200 <rdar://problem/30096323> Reviewed by Darin Adler. The issue is that FormSubmission::create() was iterating over form.associatedElements() as was calling Element::appendFormData() in the loop. HTMLObjectElement::appendFormData() was calling pluginWidget(PluginLoadingPolicy::Load) which causes a synchronous layout and can fire events (such as focus event) synchronously. Firing those events synchronously allows the JS to modify the form.associatedElements() vector we are currently iterating on. To avoid this issue, we now call pluginWidget(PluginLoadingPolicy::DoNotLoad) in HTMLObjectElement::appendFormData() as we are not allowed to fire synchronous events at this point. I also added a security assertion in FormSubmission::create() to catch cases where we fire JS events while iterating over the form associated elements to more easily notice these things in the future. Test: fast/forms/formsubmission-appendFormData-crash.html * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::appendFormData): * loader/FormSubmission.cpp: (WebCore::FormSubmission::create): 2017-02-10 Brent Fulgham <bfulgham@apple.com> Unreviewed build fix. * dom/Document.cpp: (WebCore::Document::adoptNode): isConnected -> inDocument. 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Rollout r212118. rdar://problem/30096323 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r212026. rdar://problem/30096323 2017-02-09 Chris Dumez <cdumez@apple.com> Crash under FormSubmission::create() https://bugs.webkit.org/show_bug.cgi?id=167200 <rdar://problem/30096323> Reviewed by Darin Adler. The issue is that FormSubmission::create() was iterating over form.associatedElements() as was calling Element::appendFormData() in the loop. HTMLObjectElement::appendFormData() was calling pluginWidget(PluginLoadingPolicy::Load) which causes a synchronous layout and can fire events (such as focus event) synchronously. Firing those events synchronously allows the JS to modify the form.associatedElements() vector we are currently iterating on. To avoid this issue, we now call pluginWidget(PluginLoadingPolicy::DoNotLoad) in HTMLObjectElement::appendFormData() as we are not allowed to fire synchronous events at this point. I also added a security assertion in FormSubmission::create() to catch cases where we fire JS events while iterating over the form associated elements to more easily notice these things in the future. Test: fast/forms/formsubmission-appendFormData-crash.html * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::appendFormData): * loader/FormSubmission.cpp: (WebCore::FormSubmission::create): 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r211495. rdar://problem/30106362 2017-02-01 Jer Noble <jer.noble@apple.com> NULL-deref crash in TextTrack::removeCue() https://bugs.webkit.org/show_bug.cgi?id=167615 Reviewed by Eric Carlson. Test: http/tests/media/track-in-band-hls-metadata-crash.html Follow-up to r211401. When passing around a reference to an object, the assumption is that the caller is retaining the underlying object. This breaks down for InbandDataTextTrack::removeDataCue(), which releases its own ownership of the cue object, then passes the reference to that object to its superclass to do further remove steps. The retain count of the cue can thus drop to zero within the scope of InbandTextTrack::removeCue(). Use "take" semantics to remove the cue from the m_incompleteCueMap without releasing ownership, and pass a reference to that retained object on to removeCue(), guaranteeing that the cue will not be destroyed until after the romeveDataCue() method returns. * html/track/InbandDataTextTrack.cpp: (WebCore::InbandDataTextTrack::removeDataCue): 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r211650. rdar://problem/30268004 2017-02-03 Jeremy Jones <jeremyj@apple.com> Pointer lock events should be delivered directly to the target element https://bugs.webkit.org/show_bug.cgi?id=167134 rdar://problem/30268004 Reviewed by Dean Jackson. pointer-lock/mouse-event-delivery.html: Enabled for mac, added wheel event tests. When pointer is locked on an element, route mouse events directly to the target element, instead of doing the normal event disptach. * page/EventHandler.cpp: (WebCore::EventHandler::handleMousePressEvent): (WebCore::EventHandler::handleMouseDoubleClickEvent): (WebCore::EventHandler::handleMouseMoveEvent): (WebCore::EventHandler::handleMouseReleaseEvent): (WebCore::EventHandler::handleMouseForceEvent): (WebCore::EventHandler::handleWheelEvent): * page/PointerLockController.cpp: (WebCore::PointerLockController::isLocked): Added. (WebCore::PointerLockController::dispatchLockedWheelEvent): Added. * page/PointerLockController.h: 2017-02-10 Matthew Hanson <matthew_hanson@apple.com> Merge r211375. rdar://problem/30268004 2017-01-30 Ryan Haddad <ryanhaddad@apple.com> Unreviewed, rollout r211235 Pointer lock events should be delivered directly to the target element. The LayoutTest for this change is frequently failing. * page/EventHandler.cpp: (WebCore::EventHandler::handleMousePressEvent): (WebCore::EventHandler::handleMouseDoubleClickEvent): (WebCore::EventHandler::handleMouseMoveEvent): (WebCore::EventHandler::handleMouseReleaseEvent): (WebCore::EventHandler::handleMouseForceEvent): (WebCore::EventHandler::handleWheelEvent): * page/PointerLockController.cpp: (WebCore::PointerLockController::isLocked): Deleted. (WebCore::PointerLockController::dispatchLockedWheelEvent): Deleted. * page/PointerLockController.h: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212029. rdar://problem/30376972 2017-02-09 Chris Dumez <cdumez@apple.com> Make sure Event keeps its current target element alive https://bugs.webkit.org/show_bug.cgi?id=167885 <rdar://problem/30376972> Reviewed by Brent Fulgham. Make sure Event keeps its current target element alive to avoid crashes if it is accessed by JS after it has been garbage collected. Test: fast/events/currentTarget-gc-crash.html * dom/Event.cpp: (WebCore::Event::setCurrentTarget): * dom/Event.h: (WebCore::Event::currentTarget): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212028. rdar://problem/30234133 2017-02-09 Ryosuke Niwa <rniwa@webkit.org> Crash in render tree after dynamically mutating the slot value https://bugs.webkit.org/show_bug.cgi?id=167502 Reviewed by Antti Koivisto. The crash was caused by attributeChanged not destructing the render tree after an assigned element had been removed from its slot. Since the style resolver can no longer find this element in the flat tree, we need to delete its render object as if the element had been removed from the DOM tree. Tests: fast/html/details-summary-slot.html fast/shadow-dom/shadow-slot-attribute-change-crash.html * dom/Element.cpp: (WebCore::Element::attributeChanged): * html/HTMLSummaryElement.cpp: (WebCore::SummarySlotElement): Added. Always use the default slot regardless of the slot attribute's value. (WebCore::HTMLSummaryElement::create): Use SummarySlotElement 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212027. rdar://problem/30145076 2017-02-09 Antti Koivisto <antti@apple.com> Details element doesn't work correctly when mutating content between closing and opening https://bugs.webkit.org/show_bug.cgi?id=167310 Reviewed by Ryosuke Niwa. Tests: fast/html/details-close-modify-open.html fast/shadow-dom/slot-remove-mutate-add.html * dom/SlotAssignment.cpp: (WebCore::SlotAssignment::didChangeSlot): Always reset the slot assignment when content is mutated. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212025. rdar://problem/30076615 2017-02-09 Chris Dumez <cdumez@apple.com> Crash under HTMLFormElement::registerFormElement() https://bugs.webkit.org/show_bug.cgi?id=167162 Reviewed by Ryosuke Niwa. didMoveToNewDocument() was re-registering FormAttributeTargetObserver even if the element's inDocument was not set yet. As a result, it was possible for FormAssociatedElement::resetFormOwner() to be called when the element was in the tree but with its inDocument still being false (because insertedInto() has not been called yet). This could end up calling HTMLFormElement::registerFormElement() even though the element is still recognized as detached. This is an issue because HTMLFormElement::m_associatedElements's order and its corresponding indexes (m_associatedElementsBeforeIndex / m_associatedElementsAfterIndex) rely on the position of the element with regards to the form element (before / inside / after). To address the issue, we now only register the FormAttributeTargetObserver in didMoveToNewDocument() if the inDocument flag is set to true. This is similar to what is done at other call sites of resetFormAttributeTargetObserver(). We also ignore the form content attribute in HTMLFormElement::formElementIndex() if the element is not connected. As per the HTML specification [1], the form content attribute is only taken if the element is connected (i.e. inDocument flag is true). Note that FormAssociatedElement::findAssociatedForm() was already ignoring the form content attribute if the element is disconnected. [1] https://html.spec.whatwg.org/#reset-the-form-owner (step 3) Test: fast/forms/registerFormElement-crash.html * html/FormAssociatedElement.cpp: (WebCore::FormAssociatedElement::didMoveToNewDocument): Only call resetFormAttributeTargetObserver() if inDocument flag is set, similarly to what is done at other call sites. (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver): Add an assertion to make sure no one call this method on an element that is not connected. * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::formElementIndex): Ignore the form content attribute if the element is not connected, as per the HTML specification [1]. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212024. rdar://problem/30051227 2017-02-09 Antti Koivisto <antti@apple.com> Tear down existing renderers when adding a shadow root. https://bugs.webkit.org/show_bug.cgi?id=167117 Reviewed by Andreas Kling. Adding a shadow root may cause children no longer be part of the flat tree. If they had renderers tear down code would no longer reach them. Test: fast/shadow-dom/attach-shadow-teardown.html * dom/Element.cpp: (WebCore::Element::addShadowRoot): Tear down existing render tree when adding a shadow root. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r212023. rdar://problem/30041640 2017-02-09 Brent Fulgham <bfulgham@apple.com> Handle synchronous layout when setting a selection range https://bugs.webkit.org/show_bug.cgi?id=167092 <rdar://problem/30041640> Reviewed by Antti Koivisto. The 'innerTextElement' of a form control can change during layout due to arbitrary JavaScript executing. Handle the case where the inner text element has changed so that current render box height is while setting a selection range. Test: fast/forms/input-type-change-during-selection.html * html/HTMLTextFormControlElement.cpp: (WebCore::HTMLTextFormControlElement::setSelectionRange): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211999. rdar://problem/29930443 2017-02-09 Brent Fulgham <bfulgham@apple.com> Disconnect shadow children of root when detaching a frame https://bugs.webkit.org/show_bug.cgi?id=166851 <rdar://problem/29930443> Reviewed by Andy Estes. If the root of the tree we are disconnecting has a shadow element, include it in the set of things to disconnect. Tests: fast/shadow-dom/shadow-at-root-during-disconnect.html * dom/ContainerNodeAlgorithms.cpp: (WebCore::disconnectSubframes): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211966. rdar://problem/30149422 2017-02-09 Brent Fulgham <bfulgham@apple.com> Unreviewed build fix after r211965. * dom/Document.cpp: (WebCore::Document::adoptNode): inDocument -> isConnected 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211965. rdar://problem/30149422 2017-02-09 Ryosuke Niwa <rniwa@webkit.org> Adopting a child node of a script element can run script https://bugs.webkit.org/show_bug.cgi?id=167318 Reviewed by Darin Adler. The bug was caused by ScriptElement::childrenChanged indiscriminately running the script. Do this only if some node has been inserted as spec'ed: https://html.spec.whatwg.org/multipage/scripting.html#script-processing-model "The script element is connected and a node or document fragment is inserted into the script element, after any script elements inserted at that time." Split NonContentsChildChanged into NonContentsChildInserted and NonContentsChildRemoved to disambiguate non-contents child such as text and element being removed or inserted. New behavior matches that of Gecko and Chrome as well as the latest HTML5 specification. Also deploy NoEventDispatchAssertion in more places. Unfortunately, this results in some DOM trees internal to WebKit to be mutated while there is NoEventDispatchAssertion in the stack. Added a new RAII object "EventAllowedScope" to temporarily disable this assertion within such a tree. CachedSVGFont's ensureCustomFontData used to completely disable this assertion but we no longer have to do this either. To clarify the new semantics, renamed isEventDispatchForbidden to isEventAllowedInMainThread with the negated boolean value, and added a new variant isEventDispatchAllowedInSubtree, which checks isEventDispatchForbidden() is true or if the node was one of an internal DOM node or its descendent held by EventAllowedScope. Inspired by https://chromium.googlesource.com/chromium/src/+/604e798ec6ee30f44d57a5c4a44ce3dab3a871ed Tests: fast/html/script-must-not-run-when-child-is-adopted.html fast/html/script-must-not-run-when-child-is-removed.html * dom/CharacterData.cpp: (WebCore::CharacterData::notifyParentAfterChange): Added NoEventDispatchAssertion. * dom/ContainerNode.cpp: (WebCore::ContainerNode::insertBefore): Added NoEventDispatchAssertion around TreeScope's adoptIfNeeded and insertBeforeCommon as done elsewhere. (WebCore::ContainerNode::appendChildCommon): Added NoEventDispatchAssertion. (WebCore::ContainerNode::changeForChildInsertion): Use NonContentsChildInserted here. (WebCore::ContainerNode::notifyChildRemoved): Added NoEventDispatchAssertion. (WebCore::ContainerNode::replaceChild): Moved adoptIfNeeded into NoEventDispatchAssertion. (WebCore::ContainerNode::removeChild): Added NoEventDispatchAssertion. (WebCore::ContainerNode::parserRemoveChild): Added NoEventDispatchAssertion. (WebCore::ContainerNode::removeChildren): Call childrenChanged in NoEventDispatchAssertion. (WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck): Moved adoptIfNeeded into NoEventDispatchAssertion. (WebCore::dispatchChildInsertionEvents): Check the forbidden-ness more precisely. (WebCore::dispatchChildRemovalEvents): Ditto. * dom/ContainerNode.h: (WebCore::ContainerNode::ChildChange::isInsertion): Added. * dom/ContainerNodeAlgorithms.cpp: (WebCore::notifyChildNodeInserted): Check the forbidden-ness more precisely. Here, we check against insertionPoint since EventAllowedScope checks against the root node. * dom/Document.cpp: (WebCore::Document::adoptNode): Assert the node to be adopted has not been inserted back, or else remove() had resulted in an exception before calling TreeScope::adoptIfNeeded. * dom/Element.cpp: (WebCore::Element::childrenChanged): * dom/NoEventDispatchAssertion.h: (WebCore::NoEventDispatchAssertion::isEventDispatchForbidden): Added a new variant that takes a node. If this node is a descendent of a node "marked as safe" by EventAllowedScope, then we don't consider the event dispatch to be forbidden. (WebCore::NoEventDispatchAssertion::dropTemporarily): Deleted. (WebCore::NoEventDispatchAssertion::restoreDropped): Deleted. (WebCore::NoEventDispatchAssertion::EventAllowedScope): Added. A RAII object which marks descendants of a given node as "safe" for the purpose of checking isEventDispatchForbidden. (WebCore::NoEventDispatchAssertion::EventAllowedScope::EventAllowedScope): Added. There can be a chain of EventAllowedScope objects in the stack. s_currentScope points to the most recently instantiated RAII object, and each instance remembers prior instance. (WebCore::NoEventDispatchAssertion::EventAllowedScope::~EventAllowedScope): Added. (WebCore::NoEventDispatchAssertion::EventAllowedScope::isAllowedNode): Added. Returns true if the given node is a descendent of any node held by instances of EventAllowedScope. (WebCore::NoEventDispatchAssertion::EventAllowedScope::isAllowedNodeInternal): Added. A helper function for isAllowedNode. * dom/Node.cpp: (WebCore::Node::dispatchSubtreeModifiedEvent): Check the forbidden-ness more precisely. * dom/ScriptElement.cpp: (WebCore::ScriptElement::childrenChanged): Only prepare the script if we've inserted nodes. (WebCore::ScriptElement::executeClassicScript): Assert isEventDispatchForbidden is false since running arbitrary author scripts can, indeed, result dispatch any events. * dom/ScriptElement.h: * html/HTMLElement.cpp: (WebCore::textToFragment): Made this a static local function and not return an exception since there is no way appendChild called in this function can throw an exception. (WebCore::HTMLElement::setInnerText): Create EventAllowedScope for the fragment. It's called called by HTMLTextAreaElement's childrenChanged to update its UA shadow tree, and it's dispatching as event on a new fragment can't execute arbitrary scripts since it has never been exposed to author scripts. Because of the precise-ness of this check, this does not disable the assertion for "this" element. HTMLTextFormControlElement::setInnerTextValue explicitly creates another EventAllowedScope to mark the shadow tree into which the fragment is inserted safe. (WebCore::HTMLElement::setOuterText): * html/HTMLElement.h: * html/HTMLScriptElement.cpp: (WebCore::HTMLScriptElement::childrenChanged): * html/HTMLTextFormControlElement.cpp: (WebCore::HTMLTextFormControlElement::setInnerTextValue): See above (setInnerText). * html/track/VTTCue.cpp: (WebCore::VTTCue::createCueRenderingTree): Create EventAllowedScope for the cloned fragment here since the VTT tree is never exposed to author scripts. (WebCore::VTTCue::updateDisplayTree): Ditto. * loader/cache/CachedSVGFont.cpp: (WebCore::CachedSVGFont::ensureCustomFontData): Use EventAllowedScope to disable assertions only on the new SVG document we just created instead of disabling for all DOM trees. * svg/SVGScriptElement.cpp: (WebCore::SVGScriptElement::childrenChanged): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211763. rdar://problem/30380075 2017-02-06 Brent Fulgham <bfulgham@apple.com> Correct File Path Handling in SecurityOrigin and FileSystem https://bugs.webkit.org/show_bug.cgi?id=167894 <rdar://problem/30380080> Reviewed by Alexey Proskuryakov. Roll out the URL decoding being done in the FileSystem class (added in Bug 167894), and instead ensure that SecurityOrigin properly handles file URLs, and only passes valid file strings to the FileSystem interface. Tested by FileSystemTests and SecurityOriginTests in TestWebKitAPI. * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::SecurityOrigin): Initialize m_filePath using the url's fileSystemPath, not the %-encoded 'path' property. (WebCore::SecurityOrigin::canDisplay): Pass the 'fileSystemPath' to 'filesHaveSameVolume', rather than the %-encoded 'path' property. * page/SecurityOrigin.h: * platform/FileSystem.cpp: (WebCore::filesHaveSameVolume): Do not use 'decodeURLEscapeSequences' in 'filesHaveSameVolume'. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211382. rdar://problem/29738514 2017-01-30 Myles C. Maxfield <mmaxfield@apple.com> Correct spacing regression on inter-element complex path shaping on some fonts https://bugs.webkit.org/show_bug.cgi?id=166013 Reviewed by Simon Fraser. This patch brings the implementation of ComplexTextController in-line with the design at https://trac.webkit.org/wiki/ComplexTextController. Previously, ComplexTextController had a few problems: - The total width computed by ComplexTextController didn't match the width if you iterated over the entire string and added up the advances - FontCascade::getGlyphsAndAdvancesForComplexText() tried to compensate for the above by construing the concepts of paint advances as distinct from layout advances - Initial advances were considered part of layout sometimes and part of painting other times, depending on which function reports the information - For RTL runs, the wrong origin was added to the initial advance, and the origin should have been subtracted instead of added This patch exhaustively updates every function in ComplexTextController to be consistent with the design linked to above. This design solves all of these problems. Tests: ComplexTextControllerTest.InitialAdvanceWithLeftRunInRTL ComplexTextControllerTest.InitialAdvanceInRTL ComplexTextControllerTest.InitialAdvanceWithLeftRunInLTR ComplexTextControllerTest.InitialAdvanceInLTR ComplexTextControllerTest.InitialAdvanceInRTLNoOrigins ComplexTextControllerTest.LeadingExpansion ComplexTextControllerTest.VerticalAdvances * platform/graphics/GlyphBuffer.h: (WebCore::GlyphBuffer::setLeadingExpansion): Deleted. No longer necessary. (WebCore::GlyphBuffer::leadingExpansion): Deleted. Ditto. * platform/graphics/cocoa/FontCascadeCocoa.mm: (WebCore::FontCascade::adjustSelectionRectForComplexText): Removed use of unnecessary leadingExpansion(). (WebCore::FontCascade::getGlyphsAndAdvancesForComplexText): This function needs to compute paint advances, which means that it can't base this information off of layout advances. This function uses the trick mentioned at the end of the above link to compute the paint offset of an arbitrary glyph in the middle of an RTL run. * platform/graphics/mac/ComplexTextController.cpp: (WebCore::ComplexTextController::computeExpansionOpportunity): Refactored for testing. (WebCore::ComplexTextController::ComplexTextController): Ditto. (WebCore::ComplexTextController::finishConstruction): Ditto. (WebCore::ComplexTextController::offsetForPosition): This function operates on layout advances, and the initial layout advance is already added into the m_adjustedBaseAdvances vector by adjustGlyphsAndAdvances(). Therefore, there is no need to add it again here. (WebCore::ComplexTextController::advance): This function had completely busted logic about the relationship between initial advances and the first origin in each run. Because of the fortunate choice of only representing layout advances in m_adjustedBaseAdvances, this entire block can be removed and the raw paint initial advance can be reported to the GlyphBuffer. Later in the function, we have to update the logic about how to compute a paint advance given a layout advance and some origins. In particular, there are two tricky pieces here: 1. The layout advance for the first glyph is equal to (initial advance - first origin + first Core Text advance, so computing the paint offset must cancel out the initial layout offset, and 2. the last paint advance in a run must actually end up at the position of the first glyph in the next run, so the next run's initial advance must be queried. (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Previously, we represented an initial advance of a successive run by just adding it to the previous run's last advance. However, this is incompatible with the new model presented in the link above, so we remove this section. We also have to add in the logic that the layout advance for the first glyph is equal to the formula presented above. * platform/graphics/mac/ComplexTextController.h: (WebCore::ComplexTextController::ComplexTextRun::initialAdvance): Adjust comment to reflect reality. (WebCore::ComplexTextController::leadingExpansion): Deleted. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211957. rdar://problem/30029354 2017-02-09 Antti Koivisto <antti@apple.com> Nullptr crash under styleForFirstLetter https://bugs.webkit.org/show_bug.cgi?id=167756 rdar://problem/30029354 Reviewed by Zalan Bujtas. Don't know how we get here. Paper over the crash. * rendering/RenderBlock.cpp: (WebCore::styleForFirstLetter): Use parent first line style if we compute null style for the first letter renderer. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211949. rdar://problem/30119483 2017-02-09 Andreas Kling <akling@apple.com> Disallow accelerated rendering for ginormous 2D canvases. <https://webkit.org/b/167968> <rdar://problem/30119483> Reviewed by Antti Koivisto. Add a "maximumAccelerated2dCanvasSize" setting that defaults to 5120x2880 which is the 5K resolution for 16:9. Also added a way to include the "accelerates drawing" flag in layer tree dumps. Test: compositing/canvas/accelerated-canvas-compositing-size-limit.html * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::shouldAccelerate): * page/Frame.h: * page/Settings.in: * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::dumpProperties): * platform/graphics/GraphicsLayerClient.h: * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::layerTreeAsText): * testing/Internals.cpp: (WebCore::toLayerTreeFlags): * testing/Internals.h: * testing/Internals.idl: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211926. rdar://problem/30275036 2017-02-08 Youenn Fablet <youennf@gmail.com> HTML Link elements should load data URLs as same origin https://bugs.webkit.org/show_bug.cgi?id=168032 <rdar://problem/30275036> Reviewed by Alex Christensen. Test: fast/dom/data-url-css-link-element-cors-active.html Making CSS data URLs resources considered as same origin when loaded through link elements. In the future, we should consider remove the data URL same origin flag and fully align with the fetch and HTML spec. * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::process): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211913. rdar://problem/28062149 2017-02-08 Sam Weinig <sam@webkit.org> REGRESSION (r193286): Promise chain no longer prevent UI refresh <rdar://problem/28062149> https://bugs.webkit.org/show_bug.cgi?id=161291 Reviewed by Geoffrey Garen. Add new subtest to js/dom/Promise.html * dom/Microtasks.cpp: (WebCore::MicrotaskQueue::append): (WebCore::MicrotaskQueue::remove): (WebCore::MicrotaskQueue::performMicrotaskCheckpoint): * dom/Microtasks.h: The microtask queue needs to be completely drained, even of new microtasks added while the previous task was run. Remove the m_tasksAppendedDuringMicrotaskCheckpoint as it is no longer needed. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211895. rdar://problem/30129966 2017-02-08 Brady Eidson <beidson@apple.com> Opt-out iBooks from synchronous willSendRequest on iOS. <rdar://problem/30129966> and https://bugs.webkit.org/show_bug.cgi?id=168006 Reviewed by Brent Fulgham. No new tests (Not a testable behavior change at this time). * platform/network/mac/ResourceHandleMac.mm: (WebCore::synchronousWillSendRequestEnabled): iBooks never gets synchronous willSendRequest: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211845. rdar://problem/30187368 2017-02-06 Ryosuke Niwa <rniwa@webkit.org> WebContent process repeatedly jetsams on BuzzFeed's Another Round page https://bugs.webkit.org/show_bug.cgi?id=167830 <rdar://problem/30187368> Reviewed by Simon Fraser. The jetsams on https://www.buzzfeed.com/anotherround were caused by WebKit creating the backing store for every iframe's layer on the page regardless of whether they're in the viewport or not. This was caused by GraphicsLayerCA's setVisibleAndCoverageRects not setting CoverageRectChanged on m_uncommittedChanges on the very first call. Fixed the bug by initializing m_uncommittedChanges to always have CoverageRectChanged so that the coverage rect would get updated properly. Unfortunately, no new tests since somehow the backing store doesn't get created inside the test runner. * platform/graphics/ca/GraphicsLayerCA.h: (WebCore::GraphicsLayerCA): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211835. rdar://problem/27439617 2017-02-07 Alex Christensen <achristensen@webkit.org> Revert r166597 https://bugs.webkit.org/show_bug.cgi?id=167951 Reviewed by Andreas Kling. * platform/spi/cf/CFNetworkSPI.h: Remove now-unused SPI declaration. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211758. rdar://problem/30096129 2017-02-06 Youenn Fablet <youennf@gmail.com> Allow some schemes to opt-out of CORS https://bugs.webkit.org/show_bug.cgi?id=167795 Reviewed by Alex Christensen. Test: http/tests/security/bypassing-cors-checks-for-extension-urls.html Adding the possibility to opt out of CORS for DocumentThreadableLoader clients (fetch and XHR). This is made specific to the case of user extension URLs for pages running user scripts. Introducing a boolean flag in Page for that purpose. Introducing a helper routine in SchemeRegistry to centralize the various user script extension schemes. * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): * page/Frame.cpp: (WebCore::Frame::injectUserScripts): * page/Page.h: (WebCore::Page::setAsRunningUserScripts): (WebCore::Page::isRunningUserScripts): * platform/SchemeRegistry.cpp: (WebCore::SchemeRegistry::isUserExtensionScheme): * platform/SchemeRegistry.h: * testing/Internals.cpp: (WebCore::Internals::setAsRunningUserScripts): * testing/Internals.h: * testing/Internals.idl: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211746. rdar://problem/30107622 2017-02-06 Jer Noble <jer.noble@apple.com> Playback stalls when a SourceBuffer append causes frame eviction https://bugs.webkit.org/show_bug.cgi?id=167834 Reviewed by Eric Carlson. Test: PerformanceTests/Media/MSERemoveCodedFrames.html Optimize searching through SampleMap by presentationTime. Many of the methods exposed by PresentationOrderSampleMap used the bare std::equal_range, lower_bound, or upper_bound methods. Unlike those methods exposed on std::map, the bare search methods perform a linear O(n) search, rather than a the binary O(log(n)) search used by std::map. Rewrite those methods using the bare methods in terms of the std::map search methods. Drive-by fix: rename findSampleOnOrAfterPresentationTime to findSampleStartingOnOrAfterPresentationTime to make the behavior of the method more explicit. * Modules/mediasource/SampleMap.cpp: (WebCore::PresentationOrderSampleMap::findSampleContainingPresentationTime): (WebCore::PresentationOrderSampleMap::findSampleStartingOnOrAfterPresentationTime): (WebCore::PresentationOrderSampleMap::reverseFindSampleBeforePresentationTime): (WebCore::DecodeOrderSampleMap::findSyncSampleAfterPresentationTime): (WebCore::PresentationOrderSampleMap::findSamplesBetweenPresentationTimes): (WebCore::PresentationOrderSampleMap::findSamplesWithinPresentationRange): (WebCore::PresentationOrderSampleMap::findSampleOnOrAfterPresentationTime): Deleted. * Modules/mediasource/SampleMap.h: (WebCore::PresentationOrderSampleMap::begin): (WebCore::PresentationOrderSampleMap::end): (WebCore::PresentationOrderSampleMap::rbegin): (WebCore::PresentationOrderSampleMap::rend): (WebCore::DecodeOrderSampleMap::begin): (WebCore::DecodeOrderSampleMap::end): (WebCore::DecodeOrderSampleMap::rbegin): (WebCore::DecodeOrderSampleMap::rend): (WebCore::SampleMap::SampleMap): (WebCore::SampleMap::sizeInBytes): (WebCore::SampleMap::decodeOrder): (WebCore::SampleMap::presentationOrder): * Modules/mediasource/SourceBuffer.cpp: (WebCore::removeSamplesFromTrackBuffer): (WebCore::SourceBuffer::removeCodedFrames): (WebCore::SourceBuffer::reenqueueMediaForTime): * WebCore.xcodeproj/project.pbxproj: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211730. rdar://problem/30251840 2017-02-06 Antti Koivisto <antti@apple.com> CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Node::invalidateStyle https://bugs.webkit.org/show_bug.cgi?id=167878 rdar://problem/30251840 Reviewed by Andreas Kling. Speculative fix. We are trying to invalidate a null node from ~PostResolutionCallbackDisabler. Looks like the only way this could happen is if HTMLFrameOwnerElement::scheduleinvalidateStyleAndLayerComposition is called with null 'this'. There is one place where this might happen. * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::attachRootLayer): Add null check. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211667. rdar://problem/28193222 2017-02-03 Myles C. Maxfield <mmaxfield@apple.com> REGRESSION(r204858): Synthetic bold text in vertical writing mode is rotated away from original text https://bugs.webkit.org/show_bug.cgi?id=167826 <rdar://problem/28193222> Reviewed by Zalan Bujtas. When drawing vertical text, the rotation is not reset between successive paint calls. We implement synthetic bold by drawing text twice, which means that the second draw call was getting rotated twice. This was an oversight in r204858. Test: fast/text/synthetic-bold-vertical-text.html * platform/graphics/cocoa/FontCascadeCocoa.mm: (WebCore::showGlyphsWithAdvances): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211663. rdar://problem/30343810 2017-02-03 Jeremy Jones <jeremyj@apple.com> WK1 mouse events are missing movementX and movementY for pointerlock. https://bugs.webkit.org/show_bug.cgi?id=167775 rdar://problem/30343810 Reviewed by Alexey Proskuryakov. pointer-lock/mouse-event-delivery.html Improve mouse-event-delivery.html test to mouse move and check for valid movementX and movementY. * platform/mac/PlatformEventFactoryMac.mm: (WebCore::PlatformMouseEventBuilder::PlatformMouseEventBuilder): WK1 plumb throuhg movementX and movementY 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211625. rdar://problem/29168795 2017-02-03 Antti Koivisto <antti@apple.com> WebContent crash when pasting into input fields at com.apple.WebCore: WebCore::ResourceRequestBase::url const + 9 https://bugs.webkit.org/show_bug.cgi?id=167787 rdar://problem/29168795 Reviewed by Andreas Kling. No test, don't know how to get here. * page/animation/CSSPropertyAnimation.cpp: (WebCore::crossfadeBlend): Null check. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211622. rdar://problem/30116072 2017-02-02 Andreas Kling <akling@apple.com> [Mac] In-process memory pressure monitor for WebContent processes AKA websam <https://webkit.org/b/167491> <rdar://problem/30116072> Reviewed by Antti Koivisto. Add a new timer-based memory pressure monitor that checks the process memory footprint every 30 seconds and reacts to changes by setting a MemoryUsagePolicy. There are four MemoryUsagePolicy values: - Unrestricted (below 1GB) - Conservative (above 1GB) - Strict (above 2GB) - Panic (above 4GB, or 3GB if 32-bit) For Strict and above, the old-style "isUnderMemoryPressure()" API will return true. Transitioning to a higher policy will cause memory pressure handlers to run: At Strict, we run the "non-critical" memory pressure handler, then carry on. At Panic, we run the "critical" memory pressure handler. If that fails to recover enough memory to bring us back below 4GB, we may kill the process: A process is eligible to get killed for using too much memory if: - It's not visible on screen (i.e it's a background tab.) - It's not playing audio. - It has not performed a main frame navigation in the last hour. Before killing the process, an exit-time callback will run. This patch installs such a callback that prints out some time-of-death statistics about C++ and JavaScript memory usage to hopefully help understand what was soaking up all the memory. * bindings/js/CommonVM.cpp: (WebCore::commonVMSlow): * loader/FrameLoader.cpp: (WebCore::FrameLoader::setState): * page/MainFrame.cpp: (WebCore::MainFrame::didCompleteLoad): * page/MainFrame.h: * page/MemoryRelease.cpp: (WebCore::pageCount): (WebCore::logMemoryStatisticsAtTimeOfDeath): (WebCore::didExceedMemoryLimitAndFailedToRecover): (WebCore::processIsEligibleForMemoryKill): * page/MemoryRelease.h: * page/ResourceUsageThread.h: * page/cocoa/ResourceUsageThreadCocoa.mm: (WebCore::vmPageSize): * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::MemoryPressureHandler): (WebCore::MemoryPressureHandler::setShouldUsePeriodicMemoryMonitor): (WebCore::toString): (WebCore::thresholdForPolicy): (WebCore::policyForFootprint): (WebCore::MemoryPressureHandler::measurementTimerFired): * platform/MemoryPressureHandler.h: (WebCore::MemoryPressureHandler::setMemoryKillCallback): (WebCore::MemoryPressureHandler::setProcessIsEligibleForMemoryKillCallback): (WebCore::MemoryPressureHandler::isUnderMemoryPressure): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211621. rdar://problem/30221102 2017-02-02 Alex Christensen <achristensen@webkit.org> URLParser: Fix parsing invalid IPv4 addresses with non-ASCII characters https://bugs.webkit.org/show_bug.cgi?id=167773 <rdar://problem/30221102> Reviewed by Ryosuke Niwa. If an invalid IPv4 address contains the first syntaxViolation (difference between input and canonicalized URL), an iterator is used to calculate how far we have parsed in the input string to copy all the syntax-violation-free characters into a Vector. If a URL contains only ASCII that doesn't contain anything percent-encoded in the host, there is a fast path to parse ASCII hosts. All my existing invalid IPv4 tests followed this path. If there is a non-ASCII character, we need to use an iterator to the original string instead of an iterator to the string after converting the input string's host to ASCII. Covered by a new API test which used to RELEASE_ASSERT. * platform/URLParser.cpp: (WebCore::URLParser::parseIPv4Host): (WebCore::URLParser::parseIPv6Host): (WebCore::URLParser::parseHostAndPort): * platform/URLParser.h: 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211613. rdar://problem/30132707 2017-02-02 Wenson Hsieh <wenson_hsieh@apple.com> CrashTracer: [USER] com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::URL::host const + 9 https://bugs.webkit.org/show_bug.cgi?id=167766 <rdar://problem/30132707> Reviewed by Chris Dumez. The mainframe's document pointer may be null when tearing down a page upon navigation to a page that is in the page cache. If this triggers a GC sweep, we will attempt to reload touch bar media controls, which (as a part of the media controller heuristic) checks the mainframe's document URL to see if quirks should be enabled. This assumes that the mainframe's document exists, which is not a safe assumption if page navigation is occurring. As such, we need a null check for the mainframe's document in needsPlaybackControlsManagerQuirk(). No test, as we were unable to reproduce this crash. * html/HTMLMediaElement.cpp: (WebCore::needsPlaybackControlsManagerQuirk): 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211564. rdar://problem/29012252 2017-02-02 Antti Koivisto <antti@apple.com> Column progression wrong after enabling pagination on RTL document https://bugs.webkit.org/show_bug.cgi?id=167733 <rdar://problem/29012252> Reviewed by Zalan Bujtas. Column progression depends on document direction but was not updated when direction changed. Test: fast/multicol/pagination/pagination-dynamic-rtl.html * rendering/RenderBox.cpp: (WebCore::RenderBox::styleDidChange): Update column styles if document direction changes. 2017-02-09 Matthew Hanson <matthew_hanson@apple.com> Merge r211254. rdar://problem/30188490 2017-01-26 Chris Dumez <cdumez@apple.com> Crash when navigating back to a page in PacheCache when one of its frames has been removed https://bugs.webkit.org/show_bug.cgi?id=167421 <rdar://problem/30188490> Reviewed by Darin Adler. Disallow page caching of a page if: 1. The main window has an opener (i.e. it was opened via window.open) 2. It has ever used window.open() This is because allowing page caching in this case would allow such windows to script each other even after one of them entered Page Cache. Allowing this is dangerous and easily causes crashes. This is a short term workaround until we find a better solution to the problem. One issue is this workaround is that navigating back to a page that has an opener or used window.open() will not longer get the page from PageCache. As a result, state may be lost upon navigating back. However, we never guarantee that pages get page cached, and Chrome does not have a PageCache. Tests: fast/history/page-cache-after-window-open.html fast/history/page-cache-back-navigation-crash.html fast/history/page-cache-with-opener.html * dom/Document.cpp: (WebCore::Document::hasEverCalledWindowOpen): (WebCore::Document::markHasCalledWindowOpen): * dom/Document.h: * history/PageCache.cpp: (WebCore::canCachePage): * page/DOMWindow.cpp: (WebCore::DOMWindow::createWindow): * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::hasCalledWindowOpenKey): (WebCore::DiagnosticLoggingKeys::hasOpenerKey): * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::Page::openedByWindowOpen): * page/Page.h: * page/Settings.in: 2017-02-06 Matthew Hanson <matthew_hanson@apple.com> Merge r211653. rdar://problem/29872943 2017-02-03 Chris Dumez <cdumez@apple.com> Dismiss HTML form validation popover when pressing Escape key https://bugs.webkit.org/show_bug.cgi?id=167716 <rdar://problem/29872943> Reviewed by Simon Fraser. Dismiss any visible HTML form validation popover when pressing the Escape key. Test: fast/forms/validation-bubble-escape-key-dismiss.html * page/EventHandler.cpp: (WebCore::EventHandler::keyEvent): * page/ValidationMessageClient.h: 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211504. rdar://problem/30301117 2017-02-01 Chris Dumez <cdumez@apple.com> REGRESSION(r205136): {}.toString.call(crossOriginWindow) should not throw https://bugs.webkit.org/show_bug.cgi?id=167681 <rdar://problem/30301117> Reviewed by Mark Lam. As per https://html.spec.whatwg.org/#crossorigingetownpropertyhelper-(-o,-p-): """ If P is @@toStringTag, @@hasInstance, or @@isConcatSpreadable, then return PropertyDescriptor{ [[Value]]: undefined, [[Writable]]: false, [[Enumerable]]: false, [[Configurable]]: true }. """ We now implement this behavior instead of throwing. Test: http/tests/security/symbols-cross-origin.html * bindings/js/JSDOMWindowCustom.cpp: (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess): * bindings/js/JSLocationCustom.cpp: (WebCore::JSLocation::getOwnPropertySlotDelegate): 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211659. rdar://problem/28725791 2017-02-03 Jer Noble <jer.noble@apple.com> ASSERT in HTMLMediaElement::~HTMLMediaElement https://bugs.webkit.org/show_bug.cgi?id=167818 Reviewed by Brent Fulgham. Test: media/audio-dealloc-crash.html HTMLMediaElement's MediaElementSession can nominate the HTMLMediaElement itself to become the playback controls session from inside the HTMLMediaElement destructor. Protect against this by clearing out the session before calling updatePlaybackControlsManager(). * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::~HTMLMediaElement): 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211676. rdar://problem/30229990 2017-02-04 Chris Dumez <cdumez@apple.com> Unreviewed, fix mistake in comment added in r211569. * history/PageCache.cpp: (WebCore::PageCache::removeAllItemsForPage): 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211569. rdar://problem/30229990 2017-02-02 Chris Dumez <cdumez@apple.com> [Crash] com.apple.WebKit.WebContent at WebKit: WebKit::WebPage::fromCorePage() https://bugs.webkit.org/show_bug.cgi?id=167738 <rdar://problem/30229990> Reviewed by Andreas Kling. Upon destruction of a Page, we destroy the BackForwardClient, which is supposed to keep track of HistoryItems associated to this particular page and remove them from the PageCache. Given the crash trace, the issue seems to be that some HistoryItems associated with the Page sometimes linger in the PageCache *after* the Page has been destroyed, which leads to crashes later on when pruning the PageCache. In order to make the process more robust, this patch refactors the code so that the Page is now in charge of removing all its associated HistoryItems from the PageCache instead of relying on the BackForwardClient. Also, instead of having the Page keep track of which HistoryItems are associated with it (which is error prone), we now scan all PageCache entries instead to find which ones are associated with the Page. While this is in theory slower, this is much safer and in practice not an issue because the PageCache usually has 3-5 entries. No new tests, could not reproduce. * history/CachedPage.cpp: (WebCore::CachedPage::CachedPage): * history/CachedPage.h: (WebCore::CachedPage::page): * history/PageCache.cpp: (WebCore::PageCache::removeAllItemsForPage): * history/PageCache.h: * page/Page.cpp: (WebCore::Page::~Page): 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211551. rdar://problem/26685576 2017-02-02 Yongjun Zhang <yongjun_zhang@apple.com> In iOS, we should take background assertion when accessing localstorage databases. https://bugs.webkit.org/show_bug.cgi?id=165478 Move WebSQLiteDatabaseTrackerClient from WebKitLegacy to WebCore so that it can be accessible from WebKit1 and WebKit2. Previously, to avoid dependencies on UIKit, WebKitLegacy introduced several global methods for UIKit to setup the start/end background task blocks on runtime (WebKitSetStartBackgroundTaskBlock, WebKitSetInvalidWebBackgroundTaskIdentifier and WebKitSetEndBackgroundTaskBlock). Since we have to move the background task handling to WebCore, to avoid adding WebCore dependencies on UIKit, this patch introdues a new WebCore class WebBackgroundTaskController which holds the start/end background task blocks. The existing WebKitSetStartBackgroundTaskBlock and WebKitSetEndBackgroundTaskBlock methods in WebKit1 will use WebBackgroundTaskController to store the blocks set by UIKit. Reviewed by Brady Eidson. No new test since this is code refactoring. * WebCore.xcodeproj/project.pbxproj: Add a new class WebBackgroundTaskController to the project. Also move WebSQLiteDatabaseTrackerClient from WebKitLegacy to WebCore. * platform/ios/WebBackgroundTaskController.h: Use properties to hold the blocks for starting or ending background tasks. * platform/ios/WebBackgroundTaskController.mm: (+[WebBackgroundTaskController sharedController]): (-[WebBackgroundTaskController dealloc]): (-[WebBackgroundTaskController startBackgroundTaskWithExpirationHandler:]): Start a background task with a expiration handler; to start the background task, we will use backgroundTaskStartBlock set up by UIKit. (-[WebBackgroundTaskController endBackgroundTaskWithIdentifier:]): Call backgroundTaskEndBlack to end a background task. * platform/ios/WebSQLiteDatabaseTrackerClient.h: Copied from Source/WebKit/ios/Storage/WebSQLiteDatabaseTrackerClient.h. * platform/ios/WebSQLiteDatabaseTrackerClient.mm: Copied from Source/WebKit/ios/Storage/WebSQLiteDatabaseTrackerClient.mm. (WebCore::WebSQLiteDatabaseTrackerClient::sharedWebSQLiteDatabaseTrackerClient): Make WebSQLiteDatabaseTrackerClient a singleton. (WebCore::WebSQLiteDatabaseTrackerClient::WebSQLiteDatabaseTrackerClient): (WebCore::WebSQLiteDatabaseTrackerClient::~WebSQLiteDatabaseTrackerClient): (WebCore::WebSQLiteDatabaseTrackerClient::willBeginFirstTransaction): Use a utility class WebDatabaseTransactionBackgroundTaskController to schedule database transaction background task. (WebCore::WebSQLiteDatabaseTrackerClient::didFinishLastTransaction): Use WebDatabaseTransactionBackgroundTaskController to stop databas transaction background task. (transactionBackgroundTaskIdentifierLock: Moved from Source/WebKit/mac/Storage/WebDatabaseManager.mm. (setTransactionBackgroundTaskIdentifier): Ditto. (getTransactionBackgroundTaskIdentifier): Ditto. (+[WebDatabaseTransactionBackgroundTaskController startBackgroundTask]): Ditto. (+[WebDatabaseTransactionBackgroundTaskController endBackgroundTask]): Ditto. 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211446. rdar://problem/30273885 2017-01-31 Anders Carlsson <andersca@apple.com> Apple Pay button does nothing on nytimes.com https://bugs.webkit.org/show_bug.cgi?id=167664 rdar://problem/30273885 Reviewed by Sam Weinig. Separate line item validation into convertAndValidateTotal and convertAndValidate. The former works on totals (which require an amount), and the latter works on regular line items that do not require an amount if the item type is "pending". * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidateTotal): (WebCore::convertAndValidate): Only check the amount if the type is not pending. (WebCore::ApplePaySession::completeShippingMethodSelection): (WebCore::ApplePaySession::completeShippingContactSelection): (WebCore::ApplePaySession::completePaymentMethodSelection): Call convertAndValidateTotal for totals. 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211455. rdar://problem/30241193 2017-01-31 Chris Dumez <cdumez@apple.com> com.apple.WebKit.WebContent.Development crashed in com.apple.WebCore: WebCore::FrameView::didDestroyRenderTree https://bugs.webkit.org/show_bug.cgi?id=167665 <rdar://problem/30241193> Reviewed by Andreas Kling. When destroying a PageCache entry, we would call Document::prepareFromDestruction() which would destroy the render tree and then call FrameView::didDestroyRenderTree(). We would sometimes hit the ASSERT(m_widgetsInRenderTree.isEmpty()) assertion in didDestroyRenderTree(). This indicates that there are still RenderWidgets associated with the FrameView even though we claim we already destroyed the render tree. The reason for this is that, in the PageCache context, the top document's frame is reused on navigation and may not be associated with a new document that is currently displayed, has a render tree (and possible RenderWidgets). The solution proposed is to stop calling FrameView::didDestroyRenderTree() in Document::prepareFromDestruction() if the frame's document is not |this|. This happens when the document is destroyed while in PageCache. We do not want to mess with the frame / frameview in this case since they are no longer associated to the present document anymore. No new tests, already covered by existing tests which currently crash flakily. * dom/Document.cpp: (WebCore::Document::destroyRenderTree): 2017-02-05 Matthew Hanson <matthew_hanson@apple.com> Merge r211656. rdar://problem/30102568 2017-02-03 Daniel Bates <dabates@apple.com> [Mac][WK2] Add SPI to override the Content Security Policy of a page https://bugs.webkit.org/show_bug.cgi?id=167810 <rdar://problem/30102568> Reviewed by Anders Carlsson. * dom/Document.cpp: (WebCore::Document::initSecurityContext): Apply the embedding client's override Content Security Policy to the document if one exists. * loader/FrameLoaderClient.h: Add function overrideContentSecurityPolicy() that a FrameLoaderClient can override to provide a custom Content Security Policy for a document (defaults: null string - no policy). As its name implies, the policy returned by overrideContentSecurityPolicy() will define the Content Security Policy for the document, overriding any subsequently received Content Security Policy for the document. * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::copyStateFrom): Only copy policies from the specified ContentSecurityPolicy object if our policy was not specified by the embedding client. (WebCore::ContentSecurityPolicy::didReceiveHeader): Set ContentSecurityPolicy::m_hasAPIPolicy to true when we receive an API policy from the embedding client (ContentSecurityPolicy::PolicyFrom::API). An API policy must be defined before a policy received from a document. Do not process a received header if we already have an API policy as the API policy overrides all other policies. * page/csp/ContentSecurityPolicy.h: 2017-02-02 Matthew Hanson <matthew_hanson@apple.com> Merge r211541. rdar://problem/30100286 2017-02-01 Simon Fraser <simon.fraser@apple.com> [iOS WK2] With visual viewports, a fixed bottom bar can be clipped out when the keyboard is visible https://bugs.webkit.org/show_bug.cgi?id=167710 rdar://problem/30100286 Reviewed by Wenson Hsieh. Add a bit of logging to show when RLC decides to not composite a fixed element which is out of bounds. Test: fast/visual-viewport/ios/bottom-bar-with-keyboard.html * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::requiresCompositingForPosition): 2017-02-02 Matthew Hanson <matthew_hanson@apple.com> Merge r211471. rdar://problem/30270210 2017-01-31 Wenson Hsieh <wenson_hsieh@apple.com> Regression (Safari 10.1): Pressing Return in a contenteditable no longer inserts a line break under certain conditions https://bugs.webkit.org/show_bug.cgi?id=167525 <rdar://problem/30270210> Reviewed by Ryosuke Niwa. Test: fast/events/input-events-insert-newlines-after-mutation.html Reverts an unintended change made while refactoring code for input events that caused input events to be dispatched immediately rather than on the scoped queue. Normally, input events are dispatched in CompositeEditCommand::apply after the end of the scope, but TypingCommands may fire input events *from within* the scope by calling typingAddedToOpenCommand. Instead, TypingCommands should always dispatch events synchronously after the end of the scoped queue in CompositeEditCommand::apply, but this is a riskier change than we should currently allow, so we should revert to our old behavior for the time being. * editing/Editor.cpp: 2017-02-02 Matthew Hanson <matthew_hanson@apple.com> Merge r211433. rdar://problem/30091558 2017-01-31 Simon Fraser <simon.fraser@apple.com> REGRESSION (r209411): Scrolling to a fragment identifier in overflow:scroll inside position:fixed no longer works https://bugs.webkit.org/show_bug.cgi?id=167630 rdar://problem/30091558 Reviewed by Zalan Bujtas. r209411 added special handling for scrolling inside position:fixed, but cut off all scrolling, breaking overflow:scroll inside position:fixed. Fix by only handling the position:fixed case when we get to the root layer, which is where we scroll the document. Test: fast/overflow/scroll-anchor-in-overflow-in-position-fixed.html * rendering/RenderLayer.cpp: (WebCore::RenderLayer::getRectToExpose): 2017-02-01 Matthew Hanson <matthew_hanson@apple.com> Merge r211502. rdar://problem/30298722 2017-02-01 Brent Fulgham <bfulgham@apple.com> Correct "filesHaveSameVolume" predicate https://bugs.webkit.org/show_bug.cgi?id=167696 <rdar://problem/30298722> Reviewed by David Kilzer. We are passing %-encoded strings to the underlying operating system's file system APIs. This doesn't work. Instead, we need to present a decoded version of the file path that matches what the system APIs expect. Tested by new TestWebKitAPI Test. * platform/FileSystem.cpp: (WebCore::filesHaveSameVolume): Make sure the file paths we give to the underlying operating system are not percent encoded. * platform/FileSystem.h: Export 'filesHaveSameVolume' for use by testing system. 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211387. rdar://problem/29500273 2017-01-30 Simon Fraser <simon.fraser@apple.com> [iOS] position:fixed inside touch-scrollable overflow is mispositioned https://bugs.webkit.org/show_bug.cgi?id=167604 rdar://problem/29500273 Reviewed by Zalan Bujtas. For layers inside touch-scrollable overflow, RenderLayerBacking::computeParentGraphicsLayerRect() needs to account for the offset from the ancestor compositing layer's origin, to handle scrollable elements with box-shadow, for example. Also make the compositing log output a little easier to read. Test: compositing/scrolling/fixed-inside-scroll.html * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::computeParentGraphicsLayerRect): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::logLayerInfo): 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211386. rdar://problem/30204866 2017-01-30 Jer Noble <jer.noble@apple.com> NULL-deref crash at PlatformMediaSession::endInterruption https://bugs.webkit.org/show_bug.cgi?id=167595 Reviewed by Eric Carlson. Use the same, NULL-aware forEachSession() iterator rather than iterating over m_sessions directly. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::beginInterruption): (WebCore::PlatformMediaSessionManager::endInterruption): 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211337. rdar://problem/30126535 2017-01-28 Zalan Bujtas <zalan@apple.com> Resolve beforeChild's render tree position before calling addChildIgnoringContinuation. https://bugs.webkit.org/show_bug.cgi?id=167540 <rdar://problem/30126535> Reviewed by Simon Fraser. Use the actual render tree position for the beforeChild when inside a flow thread. Test: fast/multicol/assert-on-continuation-with-spanner.html * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::addChild): * rendering/RenderInline.cpp: (WebCore::RenderInline::addChild): * rendering/RenderMultiColumnFlowThread.cpp: (WebCore::RenderMultiColumnFlowThread::resolveMovedChild): 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211309. rdar://problem/30240378 2017-01-27 Michael Saboff <msaboff@apple.com> JSCustomElementInterface::invokeCallback can be called with a null callback because Weak<> https://bugs.webkit.org/show_bug.cgi?id=167522 Reviewed by Filip Pizlo. Added all provided callbacks to the global object with a private name the same way that the constructor was added. This will keep these callbacks from being GC'ed. * bindings/js/JSCustomElementRegistryCustom.cpp: (WebCore::JSCustomElementRegistry::define): 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211305. rdar://problem/29320059 2017-01-27 Simon Fraser <simon.fraser@apple.com> Element with a backdrop-filter and a mask may not correctly mask the backdrop https://bugs.webkit.org/show_bug.cgi?id=167456 rdar://problem/29320059 Reviewed by Antoine Quint. If a layer had a backdrop filter, but also corner radii that triggered using a mask layer, then the call to updateClippingStrategy() in GraphicsLayerCA::updateBackdropFiltersRect() would set the backdrop layer's mask, but GraphicsLayerCA::updateMaskLayer() would promptly then set the mask layer back to nil. Fix by having GraphicsLayerCA::updateMaskLayer() put the mask on the structural layer, if there is one. We always have a structural layer with backdrops, so this will mask both the layer and the backdrop. Test: css3/filters/backdrop/backdrop-filter-uneven-corner-radii.html * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::updateMaskLayer): * platform/graphics/mac/WebLayer.mm: (-[CALayer _descriptionWithPrefix:]): Dump the mask layer. 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211249. rdar://problem/29539389 2017-01-26 Jeremy Jones <jeremyj@apple.com> Page should be able to request pointer lock without user gesture if it relinquished it without a user gesture https://bugs.webkit.org/show_bug.cgi?id=167126 Reviewed by Jon Lee. Enabled pointer-lock/locked-element-removed-from-dom.html for WK2. Not enable in WK1 because of https://bugs.webkit.org/show_bug.cgi?id=167127 This change allows a page to lock the pointer again without a user gesture if it was unlocked by the page and not by the user. See https://www.w3.org/TR/2016/REC-pointerlock-20161027/ 5.1 Methods * page/PointerLockController.cpp: When a document acquires pointer lock with a user gesture, that document is allowed to request pointer lock again until the user takes an action to end pointer lock. We know it is a user action because user actions always call requestPointerUnlockAndForceCursorVisible(). When the page requests a pointer unlock (via requestPointerUnlock), that document is allowed to continue to relock the page. This continues until there is either an unlock request form the user via requestPointerUnlockAndForceCursorVisible or a didLosePointerLock without a pointer unlock request. (WebCore::PointerLockController::PointerLockController): (WebCore::PointerLockController::requestPointerLock): (WebCore::PointerLockController::requestPointerUnlock): (WebCore::PointerLockController::requestPointerUnlockAndForceCursorVisible): (WebCore::PointerLockController::elementRemoved): (WebCore::PointerLockController::documentDetached): (WebCore::PointerLockController::didAcquirePointerLock): (WebCore::PointerLockController::didLosePointerLock): (WebCore::PointerLockController::clearElement): * page/PointerLockController.h: 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r211240. rdar://problem/30247467b 2017-01-26 Jer Noble <jer.noble@apple.com> Autoplay muted videos stop playback of any streaming app in the background https://bugs.webkit.org/show_bug.cgi?id=163993 <rdar://problem/29020431> Reviewed by Eric Carlson. Added test in TestWebKitAPI, WebKit1.AudioSessionCategoryIOS. Previously, we would set the audio session category to "playback" if there was a media- element-type media session, and if there was a session capable of playing audio. But because this was an "or" operation, we would incorrectly set the category to "playback" if there was a video element incapable of rendering audio (due to being muted, without an audio track, etc.), and also a session capable of producing audio, such as WebAudio. With this change, this turns into an "and" operation; there must be a media element capable of rendering audio in order to switch the audio session category to "playback". Additionally, we no longer cache the value of "canProduceAudio()"; it's queried directly whenever updateSessionState() is called. * Modules/webaudio/AudioContext.cpp: (WebCore::AudioContext::constructCommon): * Modules/webaudio/AudioContext.h: * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::insertedInto): (WebCore::HTMLMediaElement::loadResource): (WebCore::HTMLMediaElement::setMuted): (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): (WebCore::HTMLMediaElement::clearMediaPlayer): (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): (WebCore::HTMLMediaElement::presentationType): (WebCore::HTMLMediaElement::characteristics): (WebCore::HTMLMediaElement::canProduceAudio): * html/HTMLMediaElement.h: * platform/audio/PlatformMediaSession.cpp: (WebCore::PlatformMediaSession::activeAudioSessionRequired): (WebCore::PlatformMediaSession::canProduceAudio): (WebCore::PlatformMediaSession::canProduceAudioChanged): (WebCore::PlatformMediaSession::setCanProduceAudio): Deleted. * platform/audio/PlatformMediaSession.h: (WebCore::PlatformMediaSessionClient::canProduceAudio): (WebCore::PlatformMediaSession::canProduceAudio): Deleted. * platform/audio/cocoa/MediaSessionManagerCocoa.cpp: (PlatformMediaSessionManager::updateSessionState): 2017-01-31 Matthew Hanson <matthew_hanson@apple.com> Merge r210217. rdar://problem/30260068 Committed on behalf of Chris Dumez. * bindings/js/JSStorageCustom.cpp: (WebCore::JSStorage::nameGetter): Early-return false if an item has an exception (after propagating it.) 2017-01-27 Ryan Haddad <ryanhaddad@apple.com> Merge r211285. 2017-01-27 Ryan Haddad <ryanhaddad@apple.com> Rebaseline bindings tests after r211238. Unreviewed test gardening. * bindings/scripts/test/JS/JSTestDOMJIT.cpp: (WebCore::JSTestDOMJIT::visitChildren): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTarget::visitChildren): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNode::visitChildren): 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211244. rdar://problem/29956321 2017-01-26 Dean Jackson <dino@apple.com> WebGL content in Safari sticks to GPU that it was started on, sometimes causing extra battery drain and difficulty interacting with UI https://bugs.webkit.org/show_bug.cgi?id=167477 <rdar://problem/29956321> Reviewed by Tim Horton. We were not implementing the recommended approach to properly handle GPU switching, causing some contexts to remain on a GPU and slow down the machine's UI. It also could stop the discrete GPU from turning off. Register for CGL's display reconfiguration notification, so that we can alert any active CGLContexts and cause them to update. The code change here doesn't lend itself to automated testing because it is specific to hardware with multiple GPUs, relies on some separate tools to detect which GPU is active, and an external method of triggering a GPU switch. It's best tested by the manual workflow in Radar. * platform/graphics/GraphicsContext3D.h: Add a macOS-specific update call. * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::displayWasReconfigured): The callback for display reconfigurations. (WebCore::addActiveContext): Helper to keep track of active contexts, so we can register/unregister the callback when necessary. (WebCore::removeActiveContext): (WebCore::GraphicsContext3D::create): Use the new helpers. (WebCore::GraphicsContext3D::~GraphicsContext3D): (WebCore::GraphicsContext3D::updateCGLContext): Tell the CGLContextRef to update. 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211242. rdar://problem/29957753 2017-01-26 Commit Queue <commit-queue@webkit.org> Unreviewed, rolling out r210328. https://bugs.webkit.org/show_bug.cgi?id=167476 Blocking bug is fixed <rdar://problem/29957753> (Requested by keith_miller on #webkit). Reverted changeset: "Disable smooth playhead animation for main content media in the Touch Bar" https://bugs.webkit.org/show_bug.cgi?id=166715 http://trac.webkit.org/changeset/210328 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211241. rdar://problem/30099051 2017-01-26 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: iOS: Memory timeline shows impossible values for Page size (underflowed) https://bugs.webkit.org/show_bug.cgi?id=167468 <rdar://problem/30099051> Reviewed by Andreas Kling. * page/cocoa/ResourceUsageThreadCocoa.mm: (WebCore::vmPageSize): This value matches the sysctl value we were attempting to access, and is the most appropriate when dealing with mach APIs, as we are using here. 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211235. rdar://problem/30058933 2017-01-26 Jeremy Jones <jeremyj@apple.com> Pointer lock events should be delivered directly to the target element https://bugs.webkit.org/show_bug.cgi?id=167134 Reviewed by Jon Lee. pointer-lock/mouse-event-delivery.html: Enabled for mac, added wheel event tests. When pointer is locked on an element, route mouse events directly to the target element, instead of doing the normal event disptach. * page/EventHandler.cpp: (WebCore::EventHandler::handleMousePressEvent): (WebCore::EventHandler::handleMouseDoubleClickEvent): (WebCore::EventHandler::handleMouseMoveEvent): (WebCore::EventHandler::handleMouseReleaseEvent): (WebCore::EventHandler::handleMouseForceEvent): (WebCore::EventHandler::handleWheelEvent): * page/PointerLockController.cpp: (WebCore::PointerLockController::isLocked): Added. (WebCore::PointerLockController::dispatchLockedWheelEvent): Added. * page/PointerLockController.h: 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211233. rdar://problem/30220959 2017-01-26 Chris Dumez <cdumez@apple.com> Fix CPU / Memory diagnostic logging in PerformanceMonitor https://bugs.webkit.org/show_bug.cgi?id=167469 <rdar://problem/30220959> Reviewed by Alex Christensen. Fix CPU / Memory diagnostic logging in PerformanceMonitor to use logDiagnosticMessage() instead of logDiagnosticMessageWithValue(). logDiagnosticMessageWithValue() should only be used with numeric values but we already take care of the bucketing on our side. * page/DiagnosticLoggingClient.h: * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::postPageBackgroundingCPUUsageKey): (WebCore::DiagnosticLoggingKeys::postPageBackgroundingMemoryUsageKey): (WebCore::DiagnosticLoggingKeys::postPageLoadCPUUsageKey): (WebCore::DiagnosticLoggingKeys::postPageLoadMemoryUsageKey): (WebCore::DiagnosticLoggingKeys::foregroundCPUUsageToDiagnosticLoggingKey): (WebCore::DiagnosticLoggingKeys::backgroundCPUUsageToDiagnosticLoggingKey): (WebCore::DiagnosticLoggingKeys::postPageBackgroundingKey): Deleted. (WebCore::DiagnosticLoggingKeys::postPageLoadKey): Deleted. (WebCore::DiagnosticLoggingKeys::memoryUsageKey): Deleted. * page/DiagnosticLoggingKeys.h: * page/PerformanceMonitor.cpp: (WebCore::PerformanceMonitor::measurePostLoadCPUUsage): (WebCore::PerformanceMonitor::measurePostLoadMemoryUsage): (WebCore::PerformanceMonitor::measurePostBackgroundingMemoryUsage): (WebCore::PerformanceMonitor::measurePostBackgroundingCPUUsage): 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211231. rdar://problem/30217518 2017-01-26 Brady Eidson <beidson@apple.com> Gamepads: Some DPads are still not exposed in the HID backend. rdar://problem/30217518 and https://bugs.webkit.org/show_bug.cgi?id=167465 Reviewed by Alex Christensen. No new tests (Currently unable to test HID backend directly) * platform/gamepad/mac/HIDGamepad.cpp: (WebCore::HIDGamepad::maybeAddButton): Allow GenericDesktop paged elements that are DPads to be buttons. 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211230. rdar://problem/30009849 2017-01-26 Commit Queue <commit-queue@webkit.org> Unreviewed, rolling out r210095. https://bugs.webkit.org/show_bug.cgi?id=167464 broke tiling on mac (Requested by thorton on #webkit). Reverted changeset: "TileGrid revalidates tiles twice during flush, first with wrong visible rect" https://bugs.webkit.org/show_bug.cgi?id=166406 http://trac.webkit.org/changeset/210095 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211229. rdar://problem/30216981 2017-01-26 Chris Dumez <cdumez@apple.com> Fix WebGL diagnostic logging https://bugs.webkit.org/show_bug.cgi?id=167463 <rdar://problem/30216981> Reviewed by Alex Christensen. Fix WebGL diagnostic logging so that it no longer uses logDiagnosticMessageWithValue(). This is because the value apparently needs to be numeric on Mac. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::checkForContextLossHandling): * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::pageHandlesWebGLContextLossKey): (WebCore::WebCore::DiagnosticLoggingKeys::webGLStateKey): (WebCore::DiagnosticLoggingKeys::stateKey): Deleted. (WebCore::DiagnosticLoggingKeys::handlesContextLossKey): Deleted. (WebCore::WebCore::DiagnosticLoggingKeys::webGLKey): Deleted. * page/DiagnosticLoggingKeys.h: 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211220. rdar://problem/29578619 2017-01-26 Brady Eidson <beidson@apple.com> Gamepad support shows wrong values for PS4 controllers (D-pad is missing). <rdar://problem/29578619> and https://bugs.webkit.org/show_bug.cgi?id=165588 Reviewed by Alex Christensen. No new tests (Currently unable to test HID backend directly) DPads report their HID type as "a button", but their HID usage is "Hatswitch". This patch adds a new element type that maps a "hatswitch" value to 4 additional buttons. * platform/gamepad/mac/HIDGamepad.cpp: (WebCore::HIDGamepad::initElements): (WebCore::HIDGamepad::initElementsFromArray): (WebCore::HIDGamepad::maybeAddButton): (WebCore::HIDGamepad::maybeAddDPad): (WebCore::HIDGamepad::maybeAddAxis): (WebCore::fillInButtonValues): (WebCore::HIDGamepad::valueChanged): * platform/gamepad/mac/HIDGamepad.h: (WebCore::HIDGamepadElement::isDPad): (WebCore::HIDGamepadDPad::HIDGamepadDPad): (WebCore::HIDGamepadDPad::normalizedValue): 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211201. rdar://problem/30134866 2017-01-25 Ryosuke Niwa <rniwa@webkit.org> Crash under DOMSelection::deleteFromDocument() https://bugs.webkit.org/show_bug.cgi?id=167232 Reviewed by Chris Dumez. The crash was caused by DOMSelection's deleteFromDocument() mutating contents inside the user-agent shadow tree of an input element when the text field is readonly. Fixed the bug by exiting early whenever the selection is inside a shadow tree since getSelection().getRangeAt(0) always returns a range outside the input element or any shadow tree for that matter. New behavior matches that of Gecko. The working draft spec of which I'm the editor states that deleteFromDocument() must invoke Range's deleteContents() on the associated range, which is the collapsed range returned by getSelection().getRangeAt(0) in the spec: https://www.w3.org/TR/2016/WD-selection-api-20160921/#widl-Selection-deleteFromDocument-void And Range's deleteContents() immediately terminates in step 1 when start and end are identical: https://dom.spec.whatwg.org/commit-snapshots/6b7621282c2e3b222ac585650e484abf4c0a416b/ Note that Range's DOM mutating methods are not available inside an user-agent shadow tree because WebKit never returns a Range whose end boundary points are inside the tree to author scripts. Editing commands (ones executable from document.execCommand) that mutate DOM like this check whether the content is editable or not. Since VisibleSelection's validate() function makes sure the selection is either entirely within or outside of an root editable element (editing host in the W3C spec lingo), editing commands should never mutate a random node inside an user-agent shadow tree. Test: editing/selection/deleteFromDocument-shadow-tree-crash.html * page/DOMSelection.cpp: (WebCore::DOMSelection::deleteFromDocument): 2017-01-26 Matthew Hanson <matthew_hanson@apple.com> Merge r211238. rdar://problem/30216742 2017-01-26 Filip Pizlo <fpizlo@apple.com> EventTarget should visit the JSEventListeners using visitAdditionalChildren https://bugs.webkit.org/show_bug.cgi?id=167462 Reviewed by Michael Saboff. No new tests because this is already caught by existing testing. This would show up as ASSERTs in debug, and we suspect it might be at fault for null deref crashes. Previously, EventTarget would have its event listeners visited by its subclasses' visitChildren methods. Every subclass of EventTarget would call EventTarget's visitJSEventListeners. For example, this means that if JSFoo has seven classes between it and JSEventTarget in the JSCell class hierarchy, then JSFoo::visitChildren would end up calling visitJSEventListeners seven extra times. Also, the weird way that visitJSEventListeners was called meant that it was not part of the GC's output constraint processing. This meant that it would not be called when the GC tried to terminate. So, if something about the event listener changes during a GC cycle, the GC would potentially fail to mark one of the references. Both problems can be solved by simply moving the call to visitJSEventListeners into visitAdditionalChildren. * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitAdditionalChildren): * bindings/js/JSEventTargetCustom.cpp: (WebCore::JSEventTarget::visitAdditionalChildren): * bindings/scripts/CodeGeneratorJS.pm: (GenerateImplementation): * dom/EventTarget.idl: 2017-01-26 Andreas Kling <akling@apple.com> Branch-specific fix for a crash seen after merging r201777. <rdar://problem/30209068> Reviewed by Andy Estes. Add null checking of the FrameView in Document::destroyRenderTree() before calling functions on it. This is not necessary in trunk, as the FrameView is guaranteed to be present there. FrameView can be missing on the branch, since render trees for page cached documents are destroyed when leaving the page cache, not when entering it (trunk behavior.) When leaving the page cache, the FrameView is already detached, hence the bug. * dom/Document.cpp: (WebCore::Document::destroyRenderTree): 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211151. rdar://problem/30171195 2017-01-25 Chris Dumez <cdumez@apple.com> Measure how common it is for content to deal with WebGL context loss https://bugs.webkit.org/show_bug.cgi?id=166866 <rdar://problem/30171195> Reviewed by Alex Christensen. Add diagnostic logging to measure how common it is for sites to handle WebGL context loss via the webglcontextlost & webglcontextrestored events. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase): (WebCore::WebGLRenderingContextBase::checkForContextLossHandling): * html/canvas/WebGLRenderingContextBase.h: * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::noKey): (WebCore::DiagnosticLoggingKeys::yesKey): (WebCore::DiagnosticLoggingKeys::handlesContextLossKey): * page/DiagnosticLoggingKeys.h: 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge 210777. rdar://problem/30186526 2017-01-15 Andreas Kling <akling@apple.com> FrameView shouldn't keep dangling pointers into dead render trees. <https://webkit.org/b/167011> Reviewed by Antti Koivisto. Added some pretty paranoid assertions to FrameView that verify all of its raw pointers into the render tree are gone after the render tree has been destroyed. They immediately caught two bugs, also fixed in this patch. * page/FrameView.h: * page/FrameView.cpp: (WebCore::FrameView::willDestroyRenderTree): (WebCore::FrameView::didDestroyRenderTree): Added these two callbacks for before/after Document tears down its render tree. The former clears the layout root, and detaches custom scrollbars. The latter contains a bunch of sanity assertions that pointers into the now-destroyed render tree are gone. * dom/Document.cpp: (WebCore::Document::destroyRenderTree): Notify FrameView before/after teardown. * page/animation/AnimationController.h: * page/animation/AnimationController.cpp: (WebCore::AnimationController::hasAnimations): Added a helper to check if there are any composite animations around, as these contain raw pointers to renderers. * rendering/RenderElement.cpp: (WebCore::RenderElement::willBeRemovedFromTree): (WebCore::RenderElement::willBeDestroyed): Moved slow repaint object unregistration from willBeRemovedFromTree() to willBeDestroyed(). The willBeRemovedFromTree() callback is skipped as an optimization during full tree teardown, but willBeDestroyed() always gets called. This fixes a bug where we'd fail to remove dangling pointers. 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211126. rdar://problem/30174873 2017-01-24 Simon Fraser <simon.fraser@apple.com> [iOS WK2] Avoid IOSurface readback for snapshot creation https://bugs.webkit.org/show_bug.cgi?id=167397 rdar://problem/30174873 Reviewed by Tim Horton. Export sinkIntoImage(). * platform/graphics/cocoa/IOSurface.h: 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211120. rdar://problem/30151767 2017-01-24 Andreas Kling <akling@apple.com> Add memory footprint reporting using diagnostic logging. <https://webkit.org/b/167285> <rdar://problem/30151767> Reviewed by Chris Dumez. Add some basic logging of physical memory footprint post-load and post-backgrounding. The logging works similarly to the CPU usage logging, though with slightly longer delays to allow the measurement to stabilize. * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::memoryUsageKey): (WebCore::DiagnosticLoggingKeys::memoryUsageToDiagnosticLoggingKey): * page/DiagnosticLoggingKeys.h: * page/PerformanceLogging.cpp: (WebCore::PerformanceLogging::physicalFootprint): * page/PerformanceLogging.h: * page/PerformanceMonitor.cpp: (WebCore::PerformanceMonitor::PerformanceMonitor): (WebCore::PerformanceMonitor::didFinishLoad): (WebCore::PerformanceMonitor::activityStateChanged): (WebCore::PerformanceMonitor::measurePostLoadMemoryUsage): (WebCore::PerformanceMonitor::measurePostBackgroundingMemoryUsage): * page/PerformanceMonitor.h: * page/Settings.h: (WebCore::Settings::isPostLoadMemoryUsageMeasurementEnabled): (WebCore::Settings::isPostBackgroundingMemoryUsageMeasurementEnabled): * page/cocoa/PerformanceLoggingCocoa.mm: (WebCore::PerformanceLogging::physicalFootprint): 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211125. rdar://problem/30074665 2017-01-24 Brent Fulgham <bfulgham@apple.com> Bug 167392: REGRESSION(r210531): Relax same-volume display requirement for iOS https://bugs.webkit.org/show_bug.cgi?id=167392 <rdar://problem/30074665> Reviewed by Brady Eidson. * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canDisplay): Exclude the new check when building on iOS. 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211137. rdar://problem/29896656 2017-01-24 Alex Christensen <achristensen@webkit.org> REGRESSION (r208902): URLWithUserTypedString returns nil with file URLs https://bugs.webkit.org/show_bug.cgi?id=167402 <rdar://problem/29896656> Reviewed by Ryosuke Niwa. Covered by a new API test. * platform/mac/WebCoreNSURLExtras.mm: (WebCore::mapHostNameWithRange): uidna_IDNToASCII succeeds when length is 0. uidna_nameToASCII fails when length is 0. This causes bad things to happen with file URLs, which have no host, so their host length is 0. This makes us match behavior before r208902. 2017-01-25 Dean Jackson <dino@apple.com> Disable Variation fonts on this branch. <rdar://problem/30085249> * Configurations/FeatureDefines.xcconfig: 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211114. rdar://problem/29857388 2017-01-24 Anders Carlsson <andersca@apple.com> When Safari reloads pages with Flash objects after Flash is installed, placeholders don't paint (but do work!) https://bugs.webkit.org/show_bug.cgi?id=167391 rdar://problem/29857388 Reviewed by Sam Weinig. * page/Page.cpp: (WebCore::Page::refreshPlugins): Remove an unused variable. * plugins/PluginInfoProvider.cpp: (WebCore::PluginInfoProvider::refresh): Make sure to call refreshPlugins(). Instead of reloading subframes, just reload all the main frames with subframes that contain plug-ins. 2017-01-25 Matthew Hanson <matthew_hanson@apple.com> Merge r211052. rdar://problem/29857388 2017-01-20 Anders Carlsson <andersca@apple.com> When Safari reloads pages with Flash objects after Flash is installed, placeholders don't paint (but do work!) https://bugs.webkit.org/show_bug.cgi?id=167268 rdar://problem/29857388 Reviewed by Sam Weinig. * page/Page.cpp: (WebCore::Page::refreshPlugins): Call PluginInfoProvider::refresh instead. (WebCore::Page::clearPluginData): Add new setter. * page/Page.h: Declare new members. * plugins/PluginInfoProvider.cpp: (WebCore::PluginInfoProvider::refresh): Put the logic to clear plug-in data and reload frames here. * plugins/PluginInfoProvider.h: Add new members. 2017-01-24 Matthew Hanson <matthew_hanson@apple.com> Merge r211067. rdar://problem/29319962 2017-01-23 Alex Christensen <achristensen@webkit.org> URLParser should fail to parse percent-encoded invalid UTF-8 sequences https://bugs.webkit.org/show_bug.cgi?id=167330 <rdar://problem/29319962> Reviewed by Tim Horton. Covered by new API tests. * platform/URLParser.cpp: (WebCore::containsOnlyASCII): (WebCore::URLParser::parseHostAndPort): If UTF-8 decoding fails after percent-decoding the host, fail to parse. This matches Chrome and Firefox, and it was proposed to the spec in https://github.com/whatwg/url/issues/215 2017-01-24 Matthew Hanson <matthew_hanson@apple.com> Merge r211058. rdar://problem/29526875 2017-01-23 Alex Christensen <achristensen@webkit.org> Make URLs with non-special schemes and a query or fragment but no slash after the host more compatible https://bugs.webkit.org/show_bug.cgi?id=167317 <rdar://problem/29526875> Reviewed by Sam Weinig. This is currently being added to the URL spec in https://github.com/whatwg/url/issues/212 Covered by new API tests. * platform/URLParser.cpp: (WebCore::URLParser::parse): Only add a slash if there wasn't one if the URL has a special scheme. This new behavior matches the old behavior of URL::parse. 2017-01-24 Matthew Hanson <matthew_hanson@apple.com> Merge r211045. rdar://problem/29486368 2017-01-23 Jer Noble <jer.noble@apple.com> REGRESSION (r208149): Video details does not apear and missing scrubber in Control Center https://bugs.webkit.org/show_bug.cgi?id=167233 Reviewed by Alex Christensen. Test: In TestWebKitAPI, NowPlayingControlsTests.NowPlayingControlsIOS In r208149, we introduced a new media type, Video, and renamed the old type to VideoAudio (to be able to distinguish between video-with-audio and silent-video). But we missed one place where that type needs to be renamed. For testing purposes, overload methods from PlatformMediaSessionManager which WebKit2 uses to report the current now playing session and it's information. * platform/audio/ios/MediaSessionManagerIOS.h: * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::nowPlayingEligibleSession): (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): 2017-01-24 Matthew Hanson <matthew_hanson@apple.com> Merge r211028. rdar://problem/30060378 2017-01-20 Dean Jackson <dino@apple.com> [WebGL] Do not allow GPU muxing on some old Mac hardware https://bugs.webkit.org/show_bug.cgi?id=167259 <rdar://problem/30060378> Reviewed by Simon Fraser and Darin Adler. Some old Macbook Pro models should never use the integrated GPU for WebGL, because they are unstable when swapping between that and the discrete GPU. Unfortunately this hardware configuration isn't in our testing infrastructure, so it was confirmed manually. Meanwhile, our existing tests make sure this patch doesn't break anything elsewhere. * platform/graphics/mac/GraphicsContext3DMac.mm: (WebCore::attachToAppleGraphicsControl): Helper function to get a mach port that talks to Apple's Graphics Control system. (WebCore::hasMuxCapability): Decides whether a system can do live GPU switching, based on whether or not it has a muxable GPU, and if that GPU is not the old hardware we know is problematic. (WebCore::hasMuxableGPU): Helper to return the static hasMuxCapability value. (WebCore::setPixelFormat): Only request the integrated card when the GPU is muxable. 2017-01-24 Matthew Hanson <matthew_hanson@apple.com> Merge r211007. rdar://problem/28620919 2017-01-20 Brady Eidson <beidson@apple.com> Require a button press on a gamepad for them to be exposed to the DOM. <rdar://problem/28620919> and https://bugs.webkit.org/show_bug.cgi?id=167272 Reviewed by Alex Christensen. Test: gamepad/gamepad-visibility-1.html * Modules/gamepad/GamepadManager.cpp: (WebCore::GamepadManager::platformGamepadInputActivity): * Modules/gamepad/GamepadManager.h: * platform/gamepad/GamepadProvider.cpp: (WebCore::GamepadProvider::dispatchPlatformGamepadInputActivity): * platform/gamepad/GamepadProvider.h: (WebCore::GamepadProvider::~GamepadProvider): Deleted. (WebCore::GamepadProvider::isMockGamepadProvider): Deleted. * platform/gamepad/GamepadProviderClient.h: * platform/gamepad/cocoa/GameControllerGamepad.h: * platform/gamepad/cocoa/GameControllerGamepad.mm: (WebCore::GameControllerGamepad::setupAsExtendedGamepad): (WebCore::GameControllerGamepad::setupAsGamepad): * platform/gamepad/cocoa/GameControllerGamepadProvider.h: * platform/gamepad/cocoa/GameControllerGamepadProvider.mm: (WebCore::GameControllerGamepadProvider::gamepadHadInput): (WebCore::GameControllerGamepadProvider::inputNotificationTimerFired): * platform/gamepad/mac/HIDGamepad.cpp: (WebCore::HIDGamepad::valueChanged): * platform/gamepad/mac/HIDGamepad.h: * platform/gamepad/mac/HIDGamepadProvider.cpp: (WebCore::HIDGamepadProvider::valuesChanged): (WebCore::HIDGamepadProvider::inputNotificationTimerFired): * platform/gamepad/mac/HIDGamepadProvider.h: * testing/MockGamepadProvider.cpp: (WebCore::MockGamepadProvider::setMockGamepadButtonValue): (WebCore::MockGamepadProvider::gamepadInputActivity): * testing/MockGamepadProvider.h: 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210951. rdar://problem/29562247 2017-01-19 Said Abou-Hallawa <sabouhallawa@apple.com> REGRESSION(r206156): Animated images are repeated one extra iteration than the value which is saved in the image file https://bugs.webkit.org/show_bug.cgi?id=167174 Reviewed by Simon Fraser. Before r206156, BitmapImage::repetitionCount() used to return zero for the case loopCount = 1, -1 for loopCount = Infinity and loopCount for all other cases. Having repetitionCount() return zero for loopCount = 1 makes the condition if (++m_repetitionsComplete > repetitionCount()) break the animation loop after one iteration. But it was wrong for all loopCount > 1. It was causing an extra iteration to be played for the animated image. After r206156, BitmapImage::repetitionCount() returns loopCount for all cases loopCount != Infinity. Keeping the same condition causes the extra iteration to be played even for loopCount = 1. Test: fast/images/animated-image-loop-count.html * platform/graphics/BitmapImage.cpp: (WebCore::BitmapImage::internalStartAnimation): 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210949. rdar://problem/30108531 2017-01-19 Chris Dumez <cdumez@apple.com> iterable<> should be enabled on WK1 https://bugs.webkit.org/show_bug.cgi?id=167221 <rdar://problem/30108531> Reviewed by Youenn Fablet. * Modules/fetch/FetchHeaders.idl: * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodePrototype::finishCreation): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObjPrototype::finishCreation): * bindings/scripts/test/TestNode.idl: * bindings/scripts/test/TestObj.idl: * css/FontFaceSet.idl: * dom/NodeList.idl: 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210945. rdar://problem/28745101 2017-01-19 Jer Noble <jer.noble@apple.com> CRASH at WebCore::TrackListBase::remove https://bugs.webkit.org/show_bug.cgi?id=167217 Reviewed by Brent Fulgham. Test: media/media-source/media-source-error-crash.html In very specific conditions, a HTMLMediaElement backed by a MediaSource can try to remove the same track from its track list twice. If there are two SourceBuffers attached to a HTMLMediaElement, and one has not yet been initialized, when the second fails to parse an appended buffer after receiving an initialization segment, the HTMLMediaElement will remove all its tracks in mediaLoadingFailed(), then MediaSource object itself will attempt remove the same track in removeSourceBuffer(). Solving this the safest way possible: bail early from TrackListBase if asked to remove a track which the list does not contain. * html/track/TrackListBase.cpp: (TrackListBase::remove): 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210936. rdar://problem/30058349 2017-01-19 Chris Dumez <cdumez@apple.com> Implement per activity state CPU usage reporting using diagnostic logging https://bugs.webkit.org/show_bug.cgi?id=167163 <rdar://problem/30058349> Reviewed by Andreas Kling. Implement per activity state CPU usage reporting using diagnostic logging. * WebCore.xcodeproj/project.pbxproj: * page/ActivityState.h: * page/ChromeClient.h: * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::nonVisibleStateKey): (WebCore::DiagnosticLoggingKeys::visibleNonActiveStateKey): (WebCore::DiagnosticLoggingKeys::visibleAndActiveStateKey): (WebCore::DiagnosticLoggingKeys::foregroundCPUUsageToDiagnosticLogginKey): (WebCore::DiagnosticLoggingKeys::backgroundCPUUsageToDiagnosticLogginKey): * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::isUtilityPageChromeClient): (WebCore::Page::Page): (WebCore::Page::~Page): (WebCore::Page::didStartProvisionalLoad): (WebCore::Page::didFinishLoad): (WebCore::Page::isUtilityPage): (WebCore::Page::setActivityState): (WebCore::Page::setIsVisibleInternal): * page/Page.h: (WebCore::Page::activityState): (WebCore::Page::isUtilityPage): * page/PerformanceMonitor.cpp: Added. (WebCore::activityStateForCPUSampling): (WebCore::PerformanceMonitor::PerformanceMonitor): (WebCore::PerformanceMonitor::didStartProvisionalLoad): (WebCore::PerformanceMonitor::didFinishLoad): (WebCore::PerformanceMonitor::activityStateChanged): (WebCore::PerformanceMonitor::measurePostLoadCPUUsage): (WebCore::PerformanceMonitor::measurePostBackgroundingCPUUsage): (WebCore::PerformanceMonitor::measurePerActivityStateCPUUsage): (WebCore::stringForCPUSamplingActivityState): (WebCore::PerformanceMonitor::measureCPUUsageInActivityState): * page/PerformanceMonitor.h: Copied from Source/WebCore/page/ActivityState.h. * page/Settings.cpp: * page/Settings.h: (WebCore::Settings::isPostLoadCPUUsageMeasurementEnabled): (WebCore::Settings::isPostBackgroundingCPUUsageMeasurementEnabled): (WebCore::Settings::isPerActivityStateCPUUsageMeasurementEnabled): 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210473. rdar://problem/29204422 2017-01-06 Jer Noble <jer.noble@apple.com> Crash in WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sizeWillChangeAtTime(const MediaTime&, const FloatSize&)::block_invoke https://bugs.webkit.org/show_bug.cgi?id=166738 Reviewed by Eric Carlson. AVFoundation can potentially call the same boundary time observer multiple times, and in that case, it's possible that the observer queue will be empty when we attempt to remove the first item from the queue. There's an ASSERT() in Deque for this case, but we need to explicitly protect against this case. Drive-by fix: Explicitly unregister the observer before releasing it. * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sizeWillChangeAtTime): 2017-01-20 Matthew Hanson <matthew_hanson@apple.com> Merge r210939. rdar://problem/29885052 2017-01-19 Chris Dumez <cdumez@apple.com> Make sure HTML validation bubble gets dismissed when its associated element's frame gets detached https://bugs.webkit.org/show_bug.cgi?id=167215 <rdar://problem/29885052> Reviewed by Andreas Kling. Make sure HTML validation bubble gets dismissed when its associated element's frame gets detached and that we do not crash. Tests: fast/forms/validation-message-detached-iframe.html fast/forms/validation-message-detached-iframe2.html * dom/Document.cpp: (WebCore::Document::prepareForDestruction): * page/ValidationMessageClient.h: 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210888. rdar://problem/30068195 2017-01-18 Michael Catanzaro <mcatanzaro@igalia.com> REGRESSION(r210531): Broke local resource loads from custom local protocols https://bugs.webkit.org/show_bug.cgi?id=167058 Reviewed by Brent Fulgham. Allow local protocols to access resources on different volumes unless the protocol is "file". * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canDisplay): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210862. rdar://problem/30055009 2017-01-18 Youenn Fablet <youenn@apple.com> [Streams API] ReadableStream generic reader constructor does not need to call ReadableStream getReader https://bugs.webkit.org/show_bug.cgi?id=167137 Reviewed by Xabier Rodriguez-Calvar. Test: streams/shadowing-getReader.html * bindings/js/JSReadableStreamPrivateConstructors.cpp: (WebCore::constructJSReadableStreamDefaultReader): Using private constructor instead of getReader. 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210860. rdar://problem/30080035 2017-01-18 Youenn Fablet <youenn@apple.com> Reject fetch promise in case of ReadableStream upload https://bugs.webkit.org/show_bug.cgi?id=167145 Reviewed by Alex Christensen. Covered by rebased tests. * Modules/fetch/FetchBody.cpp: (WebCore::FetchBody::extract): Storing the fact that body data is represented as a ReadableStream. * Modules/fetch/FetchBody.h: (WebCore::FetchBody::isReadableStream): * Modules/fetch/FetchRequest.h: * Modules/fetch/FetchResponse.cpp: (WebCore::FetchResponse::fetch): Rejecting if request body data is a ReadableStream. 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210774. rdar://problem/30019773 2017-01-14 Chris Dumez <cdumez@apple.com> Report CPU usage of tabs after they become non-visible using diagnostic logging https://bugs.webkit.org/show_bug.cgi?id=167019 <rdar://problem/30019773> Reviewed by Darin Adler. Report CPU usage of tabs after they become non-visible using diagnostic logging. We start measure CPU usage 5 seconds after a tab goes to the background, for 5 minutes and report how much CPU the tab used during those 5 minutes. We will not log if the tab gets closed or moved to the foreground during those 5 minutes. * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::postPageBackgroundingKey): * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::Page::Page): (WebCore::Page::didStartProvisionalLoad): (WebCore::Page::didFinishLoad): (WebCore::foregroundCPUUsageToDiagnosticLogginKey): (WebCore::Page::measurePostLoadCPUUsage): (WebCore::backgroundCPUUsageToDiagnosticLogginKey): (WebCore::Page::measurePostBackgroundingCPUUsage): (WebCore::Page::setIsVisibleInternal): * page/Page.h: * page/Settings.cpp: (WebCore::Settings::isPostBackgroundingCPUUsageMeasurementEnabled): * page/Settings.h: 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210733. rdar://problem/30014496 2017-01-13 Chris Dumez <cdumez@apple.com> Report post-page load CPU usage using diagnostic logging https://bugs.webkit.org/show_bug.cgi?id=166950 <rdar://problem/30014496> Reviewed by Alex Christensen. Shortly after page load (5 seconds), we measure the WebContent process' CPU usage over 10 seconds and report the percentage back via release logging. We also log the percentage using diagnostic logging using the following buckets: - Below 10% - 10 to 20% - 20 to 40% - 60 to 80% - Over 80% The logging works on both Mac and iOS. I verified that I get results consistent with Activity Monitor or top. No new tests, no Web-facing behavior change, only extra logging. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * loader/FrameLoader.cpp: (WebCore::FrameLoader::checkLoadCompleteForThisFrame): * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::postPageLoadKey): (WebCore::DiagnosticLoggingKeys::cpuUsageKey): * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::Page::Page): (WebCore::Page::didFinishLoad): (WebCore::cpuUsageToDiagnosticLogginKey): (WebCore::Page::measurePostLoadCPUUsage): * page/Page.h: * page/Settings.cpp: (WebCore::Settings::isPostLoadCPUUsageMeasurementEnabled): * page/Settings.h: * platform/CPUTime.cpp: Added. (WebCore::getCPUTime): (WebCore::CPUTime::percentageCPUUsageSince): * platform/CPUTime.h: Added. * platform/cocoa/CPUTimeCocoa.mm: Added. (WebCore::timeValueToMicroseconds): (WebCore::getCPUTime): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210762. rdar://problem/29883469 2017-01-13 Alex Christensen <achristensen@webkit.org> Fix WinCairo build after r210753. https://bugs.webkit.org/show_bug.cgi?id=166730 * platform/WebGLStateTracker.h: WTF::Function apparently needs to explicitly be differentiated from JSC::Attribute Function in PropertySlot.h. 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210753. rdar://problem/29883469 2017-01-13 Chris Dumez <cdumez@apple.com> [WK2] Add diagnostic logging to measure WebGL usage https://bugs.webkit.org/show_bug.cgi?id=166730 <rdar://problem/29883469> Reviewed by Alex Christensen. Add diagnostic logging to measure high performance WebGL usage. We report at regular intervals in which WebGL state Safari is: - Inactive - ActiveInForegroundTab - ActiveInBackgroundTabOnly This should give us an estimate of: - What % of the time is Safari using high performance graphics - What % of this time is only due to background tabs No new tests, no Web-facing behavior change. * WebCore.xcodeproj/project.pbxproj: * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::create): (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase): (WebCore::WebGLRenderingContextBase::registerWithWebGLStateTracker): * html/canvas/WebGLRenderingContextBase.h: * page/DiagnosticLoggingKeys.cpp: (WebCore::DiagnosticLoggingKeys::inactiveKey): (WebCore::DiagnosticLoggingKeys::activeInForegroundTabKey): (WebCore::DiagnosticLoggingKeys::activeInBackgroundTabOnlyKey): (WebCore::DiagnosticLoggingKeys::stateKey): (WebCore::WebCore::DiagnosticLoggingKeys::webGLKey): * page/DiagnosticLoggingKeys.h: * page/Page.cpp: (WebCore::Page::Page): * page/Page.h: (WebCore::Page::webGLStateTracker): * page/PageConfiguration.cpp: * page/PageConfiguration.h: * platform/WebGLStateTracker.cpp: Copied from Source/WebCore/platform/graphics/GraphicsContext3DAttributes.h. (WebCore::WebGLStateTracker::WebGLStateTracker): (WebCore::m_stateChangeHandler): (WebCore::WebGLStateTracker::updateWebGLState): * platform/WebGLStateTracker.h: Copied from Source/WebCore/platform/graphics/GraphicsContext3DAttributes.h. * platform/graphics/GraphicsContext3DAttributes.h: 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210748. rdar://problem/27745030 2017-01-13 Jer Noble <jer.noble@apple.com> Use a strong reference when calling callOnMainThread to schedule events in AudioScheduledSourceNode. https://bugs.webkit.org/show_bug.cgi?id=166983 Reviewed by Brent Fulgham. * Modules/webaudio/AudioScheduledSourceNode.cpp: (WebCore::AudioScheduledSourceNode::finish): * Modules/webaudio/AudioScheduledSourceNode.h: 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210831. rdar://problem/29057611 2017-01-17 Zalan Bujtas <zalan@apple.com> Editing nested RTL-LTR content makes the process unresponsive. https://bugs.webkit.org/show_bug.cgi?id=167140 rdar://problem/29057611 Reviewed by Ryosuke Niwa. Break out of the loop if we keep coming back to the same position. This is a workaround for the underlying editing/position bug -> webkit.org/b/167138. Test: editing/rtl-to-ltr-editing-word-move-spin.html * editing/VisibleUnits.cpp: (WebCore::visualWordPosition): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210795. rdar://problem/24457632 2017-01-16 Antti Koivisto <antti@apple.com> CrashTracer: com.apple.WebKit.WebContent at JavaScriptCore: WTF::StringImpl::containsOnlyWhitespace https://bugs.webkit.org/show_bug.cgi?id=167106 <rdar://problem/24457632> Reviewed by Tim Horton. Speculative fix. * editing/cocoa/DataDetection.mm: (WebCore::DataDetection::detectContentInRange): Test before casting to Text. 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210750. rdar://problem/29995070 2017-01-13 Brent Fulgham <bfulgham@apple.com> Avoid nullptr frame dereference when scrollTo is called on a disconnected DOMWindow https://bugs.webkit.org/show_bug.cgi?id=167030 <rdar://problem/29995070> Reviewed by Dean Jackson. Correct DOMWindow::scrollTo to match all other functions in the class so that the it checks that the current frame is valid before attempting to use it. * page/DOMWindow.cpp: (WebCore::DOMWindow::scrollTo): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210727. rdar://problem/29668223 2017-01-12 Tim Horton <timothy_horton@apple.com> Keyboard accessory bar can appear on top of full-screen video https://bugs.webkit.org/show_bug.cgi?id=166902 <rdar://problem/29668223> Reviewed by Darin Adler. * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Increase the full-screen video window level to one above the keyboard, to ensure that the video is never obscured by the keyboard or its accessory views. 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210844. rdar://problem/29993906 2017-01-16 Filip Pizlo <fpizlo@apple.com> Make opaque root scanning truly constraint-based https://bugs.webkit.org/show_bug.cgi?id=165760 Reviewed by Geoffrey Garen. No new tests yet. I think that writing tests for this is a big investigation: https://bugs.webkit.org/show_bug.cgi?id=165808 Remove the previous advancing wavefront DOM write barrier. I don't think this will scale very well. It's super confusing. This change makes it so that visitAdditionalChildren can become a GC constraint that executes as part of the fixpoint. This changes all WebCore visitAdditionalChildren into output constraints by using new JSC API for Subspaces and MarkingConstraints. * ForwardingHeaders/heap/MarkedAllocatorInlines.h: Added. * ForwardingHeaders/heap/MarkedBlockInlines.h: Added. * ForwardingHeaders/heap/MarkingConstraint.h: Added. * ForwardingHeaders/heap/SubspaceInlines.h: Added. * ForwardingHeaders/heap/VisitingTimeout.h: Added. * WebCore.xcodeproj/project.pbxproj: * bindings/js/CommonVM.cpp: (WebCore::commonVMSlow): (WebCore::writeBarrierOpaqueRootSlow): Deleted. * bindings/js/CommonVM.h: (WebCore::writeBarrierOpaqueRoot): Deleted. * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::finishCreation): (WebCore::JSDOMGlobalObject::scriptExecutionContext): * bindings/js/JSDOMWrapper.cpp: (WebCore::outputConstraintSubspaceFor): (WebCore::globalObjectOutputConstraintSubspaceFor): * bindings/js/JSDOMWrapper.h: * bindings/js/WebCoreJSClientData.cpp: Added. (WebCore::JSVMClientData::JSVMClientData): (WebCore::JSVMClientData::~JSVMClientData): (WebCore::JSVMClientData::getAllWorlds): (WebCore::initNormalWorldClientData): * bindings/js/WebCoreJSClientData.h: (WebCore::JSVMClientData::outputConstraintSpace): (WebCore::JSVMClientData::globalObjectOutputConstraintSpace): (WebCore::JSVMClientData::forEachOutputConstraintSpace): (WebCore::JSVMClientData::JSVMClientData): Deleted. (WebCore::JSVMClientData::~JSVMClientData): Deleted. (WebCore::JSVMClientData::getAllWorlds): Deleted. (WebCore::initNormalWorldClientData): Deleted. * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): * dom/ContainerNodeAlgorithms.cpp: (WebCore::notifyChildNodeInserted): (WebCore::notifyChildNodeRemoved): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210829. rdar://problem/30044439 2017-01-16 Filip Pizlo <fpizlo@apple.com> JSCell::classInfo() shouldn't have a bunch of mitigations for being called during destruction https://bugs.webkit.org/show_bug.cgi?id=167066 Reviewed by Keith Miller and Michael Saboff. No new tests because no new behavior. It's now necessary to avoid jsCast in destructors and finalizers. This was an easy rule to introduce because this used to always be the rule. * bindings/js/JSCSSValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::finalize): * bindings/js/JSDOMIterator.h: (WebCore::IteratorTraits>::destroy): * bindings/scripts/CodeGeneratorJS.pm: (GenerateImplementation): 2017-01-18 Matthew Hanson <matthew_hanson@apple.com> Merge r210822. rdar://problem/15607819 2017-01-17 Joseph Pecoraro <pecoraro@apple.com> Crash when closing tab with debugger paused https://bugs.webkit.org/show_bug.cgi?id=161746 <rdar://problem/15607819> Reviewed by Brian Burg and Brent Fulgham. * page/Page.h: (WebCore::Page::incrementNestedRunLoopCount): (WebCore::Page::decrementNestedRunLoopCount): (WebCore::Page::insideNestedRunLoop): Keep track of whether or not this Page is inside of a nested run loop. Currently the only nested run loop we know about is EventLoop used by Web Inspector when debugging JavaScript. (WebCore::Page::whenUnnested): Callback that can be called when we are no longer inside of a nested run loop. (WebCore::Page::~Page): Ensure we are not in a known nested run loop when destructing, since that could be unsafe. * inspector/PageScriptDebugServer.cpp: (WebCore::PageScriptDebugServer::runEventLoopWhilePausedInternal): Increment and decrement as we go into or leave the nested runloop. * inspector/InspectorController.cpp: (WebCore::InspectorController::inspectedPageDestroyed): (WebCore::InspectorController::disconnectAllFrontends): Rework destruction to allow disconnectAllFrontends to happen earlier if necessary. WebKit clients may use this to disconnect remote frontends when closing a Page. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210447. rdar://problem/29872292 2017-01-06 Chris Dumez <cdumez@apple.com> [Form Validation] "character" in maxlength validation message should be singular when maxlength is 1 https://bugs.webkit.org/show_bug.cgi?id=166712 <rdar://problem/29872292> Reviewed by Darin Adler. Fix validation message to use singular form of "character" when maxLength value is 1. Test: fast/forms/validation-message-maxLength.html * English.lproj/Localizable.strings: * English.lproj/Localizable.stringsdict: Added. * WebCore.xcodeproj/project.pbxproj: * extract-localizable-strings.pl: * platform/LocalizedStrings.cpp: * platform/LocalizedStrings.h: * platform/cocoa/LocalizedStringsCocoa.mm: (WebCore::localizedNString): (WebCore::localizedString): (WebCore::validationMessageTooLongText): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210474. rdar://problem/29762809 2017-01-06 Daniel Bates <dabates@apple.com> Ensure navigation only allowed for documents not in the page cache https://bugs.webkit.org/show_bug.cgi?id=166773 <rdar://problem/29762809> Reviewed by Brent Fulgham. It is wise to ensure that navigation is only allowed when initiated from a document that is not in- or about to be put in- the page cache. Such a navigation would surprise a person that had navigated away from the initiating document among other issues. * dom/Document.cpp: (WebCore::Document::canNavigate): Only allow navigation if the document is not in the page cache. * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::handleClick): Ditto. * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::handleClick): Ditto. * loader/FrameLoader.cpp: (WebCore::FrameLoader::urlSelected): Assert triggering event's document is not in the page cache. (WebCore::FrameLoader::submitForm): Allow submission if the document is not in the page cache. (WebCore::FrameLoader::loadFrameRequest): Assert triggering event's document is not in the page cache. * mathml/MathMLElement.cpp: (WebCore::MathMLElement::defaultEventHandler): Only allow navigation if the document is not in the page cache. * svg/SVGAElement.cpp: (WebCore::SVGAElement::defaultEventHandler): Ditto. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210536. rdar://problem/29939970 2017-01-09 Chris Dumez <cdumez@apple.com> REGRESSION(r189555): ImageDocument title no longer includes the size of the image https://bugs.webkit.org/show_bug.cgi?id=166876 <rdar://problem/29939970> Reviewed by Tim Horton. ImageDocument title no longer included the size of the image after r189555. This is because Document::setTitle() is a no-op if the document does not have a <head> element. To address the issue, we now include a <head> element in ImageDocuments so that their title element properly gets added to it. Test: fast/images/imageDocument-title.html * html/ImageDocument.cpp: (WebCore::ImageDocument::createDocumentStructure): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210689. rdar://problem/29985957 2017-01-12 Chris Dumez <cdumez@apple.com> [iOS] HTML form validation popover sometimes does not go away https://bugs.webkit.org/show_bug.cgi?id=166990 <rdar://problem/29985957> Reviewed by Tim Horton. The issue was that [UIViewController presentViewController:] is asynchronous and that we sometimes tried to call [m_popoverController dismissViewControllerAnimated:] before presentViewController had completed. This is something that UIKit does not handle nicely and the popover just stays visible even though we have asked for the controller to be dismissed and destroyed the ValidationBubble object. To address the issue, I made ValidationBubble RefCounted and make sure the ValidationBubble object stays alive at least until the completion handler for [UIViewController presentViewController:] has been called. This is done via protecting the object using a RefPtr<> and capturing it in the lambda. Because dismissViewControllerAnimated is called in the destructor, it is no longer possible to call dismissViewControllerAnimated before the call to presentViewController has completed. No new tests, no easily testable since the popover was staying visible after being destroyed (held on by UIKit). * platform/ValidationBubble.h: (WebCore::ValidationBubble::create): * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::show): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210685. rdar://problem/29775711 2017-01-12 Chris Dumez <cdumez@apple.com> Unreviewed EFL/GTK build fix after r210684. * Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210684. rdar://problem/29775711 2017-01-12 Brady Eidson <beidson@apple.com> REGRESSION (r209977): Crash in UniqueIDBDatabase::executeNextDatabaseTask. https://bugs.webkit.org/show_bug.cgi?id=166984 Reviewed by Alex Christensen. No new tests (Unable to reproduce, speculative fix). * Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor): If we're not already prefetching for this cursor, starting doing so after holding a protector ref. (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor): If we're now done prefetching for this cursor, schedule the protector ref to be destroyed on the main thread. * Modules/indexeddb/server/UniqueIDBDatabase.h: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210679. rdar://problem/29910273 2017-01-12 Youenn Fablet <youenn@apple.com> OneDrive application crashes upon launch https://bugs.webkit.org/show_bug.cgi?id=166975 Reviewed by Brady Eidson. Checking whether load is terminated just after calling ResourceLoader::willSendRequestInternal. The reason is that delegate call may actually cancel the load at that point. * loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::willSendRequestInternal): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210677. rdar://problem/21482487 2017-01-12 Jer Noble <jer.noble@apple.com> Protect MediaPlayer from being destroyed mid-load() https://bugs.webkit.org/show_bug.cgi?id=166976 Reviewed by Eric Carlson. It's possible for a message sent by MediaPlayer to HTMLMediaElement to cause MediaPlayer to be destroyed before MediaPlayer::load() completes. We have previously protected against this same problem in HTMLMediaElement::loadResource() by ref'ing at the beginning of the function and deref'ing on exit. To do the same in MediaPlayer, it must become RefCounted. To keep the same semantics about m_client in MediaPlayer (always available without requiring a null-check), make a new static MediaPlayerClient object which can replace the real (HTMLMediaElement) client when the MediaPlayer is invalidated. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::~HTMLMediaElement): (WebCore::HTMLMediaElement::clearMediaPlayer): (WebCore::HTMLMediaElement::createMediaPlayer): * html/HTMLMediaElement.h: * platform/graphics/MediaPlayer.cpp: (WebCore::nullMediaPlayerClient): (WebCore::MediaPlayer::create): (WebCore::MediaPlayer::MediaPlayer): (WebCore::MediaPlayer::invalidate): (WebCore::MediaPlayer::load): (WebCore::MediaPlayer::loadWithNextMediaEngine): (WebCore::MediaPlayer::inMediaDocument): (WebCore::MediaPlayer::fullscreenMode): (WebCore::MediaPlayer::requestedRate): (WebCore::MediaPlayer::currentPlaybackTargetIsWirelessChanged): (WebCore::MediaPlayer::networkStateChanged): (WebCore::MediaPlayer::readyStateChanged): (WebCore::MediaPlayer::volumeChanged): (WebCore::MediaPlayer::muteChanged): (WebCore::MediaPlayer::timeChanged): (WebCore::MediaPlayer::sizeChanged): (WebCore::MediaPlayer::repaint): (WebCore::MediaPlayer::durationChanged): (WebCore::MediaPlayer::rateChanged): (WebCore::MediaPlayer::playbackStateChanged): (WebCore::MediaPlayer::firstVideoFrameAvailable): (WebCore::MediaPlayer::characteristicChanged): (WebCore::MediaPlayer::cachedKeyForKeyId): (WebCore::MediaPlayer::keyNeeded): (WebCore::MediaPlayer::mediaKeysStorageDirectory): (WebCore::MediaPlayer::referrer): (WebCore::MediaPlayer::userAgent): (WebCore::MediaPlayer::graphicsDeviceAdapter): (WebCore::MediaPlayer::cachedResourceLoader): (WebCore::MediaPlayer::createResourceLoader): (WebCore::MediaPlayer::addAudioTrack): (WebCore::MediaPlayer::removeAudioTrack): (WebCore::MediaPlayer::addTextTrack): (WebCore::MediaPlayer::removeTextTrack): (WebCore::MediaPlayer::addVideoTrack): (WebCore::MediaPlayer::removeVideoTrack): (WebCore::MediaPlayer::outOfBandTrackSources): (WebCore::MediaPlayer::shouldWaitForResponseToAuthenticationChallenge): (WebCore::MediaPlayer::handlePlaybackCommand): (WebCore::MediaPlayer::sourceApplicationIdentifier): (WebCore::MediaPlayer::preferredAudioCharacteristics): (WebCore::MediaPlayer::doesHaveAttribute): (WebCore::MediaPlayer::mediaPlayerNetworkInterfaceName): (WebCore::MediaPlayer::getRawCookies): (WebCore::MediaPlayer::shouldDisableSleep): * platform/graphics/MediaPlayer.h: (WebCore::MediaPlayer::platformVolumeConfigurationRequired): (WebCore::MediaPlayer::client): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210663. rdar://problem/29916484 2017-01-12 Said Abou-Hallawa <sabouhallawa@apple.com> [iOS][WK1] Fix initialization of CADisplayLink::preferredFramesPerSecond https://bugs.webkit.org/show_bug.cgi?id=166956 Reviewed by Tim Horton. Set this option to 60fps instead of leaving set to the default. * platform/graphics/ios/DisplayRefreshMonitorIOS.mm: (-[WebDisplayLinkHandler initWithMonitor:]): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210616. rdar://problem/29971105 2017-01-11 Youenn Fablet <youenn@apple.com> Remove request.formData property until it gets implemented https://bugs.webkit.org/show_bug.cgi?id=166920 <rdar://problem/29971105> Reviewed by Chris Dumez. Covered by rebased tests. * Modules/fetch/FetchBody.idl: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210609. rdar://problem/27896585 2017-01-11 Andreas Kling <akling@apple.com> Crash when WebCore's GC heap grows way too large. <https://webkit.org/b/166875> <rdar://problem/27896585> Reviewed by Mark Lam. Cap the common WebCore VM at 4 GB of live JavaScript heap objects. * bindings/js/CommonVM.cpp: (WebCore::commonVMSlow): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210599. rdar://problem/15307582 2017-01-11 Brent Fulgham <bfulgham@apple.com> File scheme should not allow access of a resource on a different volume. https://bugs.webkit.org/show_bug.cgi?id=158552 <rdar://problem/15307582> Reviewed by Alex Christensen. Revise SecurityOrigin to prevent files from one storage device (volume) from accessing content on a different storage device (volume) unless universal access is enabled. Pass the current file device as part of the NSURLRequest so that CFNetwork can reject loads where the device changes in the midst of a load. Also properly reflect that SecurityOrigin is never null by passing as a reference, rather than as a pointer. Tests: Tools/TestWebKitAPI/Tests/mac/CrossPartitionFileSchemeAccess.mm * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canAccess): Pass argument as reference. (WebCore::SecurityOrigin::canDisplay): Add check that files share the same volume. (WebCore::SecurityOrigin::isSameSchemeHostPort): Pass argument as reference. * page/SecurityOrigin.h: * platform/FileSystem.cpp: (WebCore::filesHaveSameVolume): Added. * platform/FileSystem.h: * platform/network/cocoa/ResourceRequestCocoa.mm: (WebCore::ResourceRequest::doUpdatePlatformRequest): If loading a file URL, tell CFNetwork the storage device at the time of the start of the load so we can trigger a failure if this changes during the load operation. * platform/posix/FileSystemPOSIX.cpp: (WebCore::getFileDeviceId): Added. * platform/win/FileSystemWin.cpp: (WebCore::getFileDeviceId): Added. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210593. rdar://problem/29970907 2017-01-11 Chris Dumez <cdumez@apple.com> Iterating over URLSearchParams does not work https://bugs.webkit.org/show_bug.cgi?id=166921 <rdar://problem/29970907> Reviewed by Alex Christensen. Make URLSearchParams iterable, as per: - https://url.spec.whatwg.org/#urlsearchparams Test: fast/dom/DOMURL/searchparams-iterable.html * html/URLSearchParams.cpp: (WebCore::URLSearchParams::Iterator::next): (WebCore::URLSearchParams::Iterator::Iterator): * html/URLSearchParams.h: (WebCore::URLSearchParams::createIterator): * html/URLSearchParams.idl: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210564. rdar://problem/29944582 2017-01-10 Ryosuke Niwa <rniwa@webkit.org> :active and :hover states may not be updated across slots https://bugs.webkit.org/show_bug.cgi?id=166881 <rdar://problem/29944582> Reviewed by Antti Koivisto. The bug was caused by updateHoverActiveState not updating :hover and :active states on elements when nodes are assigned to slots because they were walking up the tree using parentOrShadowHostElement and parentNode. Fixed the bug by using parentElementInComposedTree instead since :hover and :active states need to be updated in accordance with the render tree, which is created from the "flat tree" or the "composed tree" in WebKit's terminology (this is old terminology in the spec). Tests: fast/shadow-dom/clear-active-state-in-shadow.html fast/shadow-dom/hover-over-nested-slotted-content.html * dom/Document.cpp: (WebCore::Document::updateHoverActiveState): Fixed the bug. * dom/Node.cpp: (WebCore::Node::parentElementInComposedTree): Added. * dom/Node.h: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210546. rdar://problem/29491188 2017-01-10 Youenn Fablet <youenn@apple.com> CachedScript cloning does not clone encodedSize https://bugs.webkit.org/show_bug.cgi?id=166865 Reviewed by Darin Adler. Covered by updated test. * loader/cache/CachedResource.cpp: (WebCore::CachedResource::setBodyDataFrom): set encoded size based on being cloned resource. * loader/cache/CachedScript.cpp: (WebCore::CachedScript::script): (WebCore::CachedScript::setBodyDataFrom): Making use of CachedResource::setBodyDataFrom for complete cloning. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210508. rdar://problem/29801059 2017-01-09 Daniel Bates <dabates@apple.com> Evaluating window named element may return wrong result https://bugs.webkit.org/show_bug.cgi?id=166792 <rdar://problem/29801059> Reviewed by Chris Dumez. * bindings/js/JSDOMWindowProperties.cpp: (WebCore::jsDOMWindowPropertiesGetOwnPropertySlotNamedItemGetter): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210472. rdar://problem/29767412 2017-01-06 Joseph Pecoraro <pecoraro@apple.com> REGRESSION(r208886) Web Inspector: Toggling CSS Properties in Styles Sidebar (comment / uncomment) https://bugs.webkit.org/show_bug.cgi?id=166786 <rdar://problem/29767412> Reviewed by Brian Burg. * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyle::populateAllProperties): Match earlier behavior and don't send the frontend information about disabled (commented out) properties. Follow-up later to send this information when implementing proper handling of them in the frontend. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210468. rdar://problem/29859121 2017-01-06 Chris Dumez <cdumez@apple.com> Regression(r189230): DOM Callbacks may use wrong global object https://bugs.webkit.org/show_bug.cgi?id=166784 Reviewed by Mark Lam. DOM Callbacks could end up using the wrong global object after r189230 because we were getting the globalObject from the callback object instead of the one at the point the callback object was passed in by JavaScript. This patch fixes the issue. Test: fast/frames/frame-window-as-callback.html * bindings/js/JSCallbackData.cpp: (WebCore::JSCallbackData::invokeCallback): * bindings/js/JSCallbackData.h: (WebCore::JSCallbackData::globalObject): (WebCore::JSCallbackData::JSCallbackData): (WebCore::JSCallbackDataStrong::JSCallbackDataStrong): (WebCore::JSCallbackDataStrong::callback): (WebCore::JSCallbackDataStrong::invokeCallback): (WebCore::JSCallbackDataWeak::JSCallbackDataWeak): (WebCore::JSCallbackDataWeak::callback): (WebCore::JSCallbackDataWeak::invokeCallback): * bindings/scripts/CodeGeneratorJS.pm: (GenerateCallbackImplementationContent): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210425. rdar://problem/29872021 2017-01-05 Chris Dumez <cdumez@apple.com> [Form Validation] lengthy validation messages should be truncated with an ellipsis https://bugs.webkit.org/show_bug.cgi?id=166747 <rdar://problem/29872021> Reviewed by Simon Fraser. Lengthy HTML validation messages should be truncated with an ellipsis. Previously, they were truncated but there was no ellipsis. No new tests, not easily testable. Manually tested on - http://codepen.io/cdumez/full/zoOZmZ/ (last field) * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::ValidationBubble): * platform/mac/ValidationBubbleMac.mm: (WebCore::ValidationBubble::ValidationBubble): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210378. rdar://problem/29024384 2017-01-05 Zalan Bujtas <zalan@apple.com> Start hittesting a clean tree in RenderEmbeddedObject::isReplacementObscured https://bugs.webkit.org/show_bug.cgi?id=166743 <rdar://problem/29024384> Reviewed by Simon Fraser. Unable to reproduce. * rendering/RenderEmbeddedObject.cpp: (WebCore::RenderEmbeddedObject::isReplacementObscured): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210376. rdar://problem/29763079 2017-01-04 Ryosuke Niwa <rniwa@webkit.org> Crash inside Editor::styleForSelectionStart https://bugs.webkit.org/show_bug.cgi?id=166710 Reviewed by Chris Dumez. Added a null pointer check. This crash can happen when the DOM is mutated as editorState tries to compute the style at the selection start. No new tests since there is no reproducible test case, and I couldn't come up with one either. This crash seems to retire some intricate dependency between when DOM is mutated, selection is updated, and then performPostLayoutTasks ends up updating the editor state in response to the element's editabilty changing. * editing/cocoa/EditorCocoa.mm: (WebCore::Editor::styleForSelectionStart): 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210147. rdar://problem/29675551 2016-12-23 Simon Fraser <simon.fraser@apple.com> REGRESSION (r209299): Selection is broken when you zoom in webpage using trackpad https://bugs.webkit.org/show_bug.cgi?id=166472 rdar://problem/29675551 Reviewed by Tim Horton. r209299 broke autoscroll in zoomed pages because it changed RenderLayer::scrollRectToVisible() to shrink viewRect by page scale. This is incorrect for all callers of scrollRectToVisible, since the "absoluteRect" passed in is actually in zoomed document coordinates for all the callers I tested. This code is also fixed to account for headers and footers. getRectToExpose() takes rectangles in "scroll view contents" coordinates (i.e. including header, and zoomed document), so doesn't need the separate visibleRectRelativeToDocument parameter. Tests: fast/events/autoscroll-main-document.html fast/events/autoscroll-when-zoomed.html fast/events/drag-select-when-zoomed-with-header.html fast/events/drag-select-when-zoomed.html fast/scrolling/scroll-to-anchor-zoomed-header.html * rendering/RenderLayer.cpp: (WebCore::RenderLayer::scrollRectToVisible): (WebCore::RenderLayer::getRectToExpose): * rendering/RenderLayer.h: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210095. rdar://problem/29912221 2016-12-21 Tim Horton <timothy_horton@apple.com> TileGrid revalidates tiles twice during flush, first with wrong visible rect https://bugs.webkit.org/show_bug.cgi?id=166406 Reviewed by Simon Fraser. No new tests; existing tests cover this code, this is just a perf win, specifically reducing the amount of layer churn during zooming. * platform/graphics/ca/TileGrid.cpp: (WebCore::TileGrid::setScale): Schedule a revalidation, which will happen later in the same flush, instead of doing it immediately. Doing it immediately is problematic, because we're currently in the middle of a GraphicsLayer tree flush, and don't have the complete picture of the new state yet. We're guaranteed to get the new scale *before* the flush calls revalidateTiles. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210432. rdar://problem/29633667 2017-01-05 Ryosuke Niwa <rniwa@webkit.org> Finding text doesn't work across shadow boundary https://bugs.webkit.org/show_bug.cgi?id=158503 Reviewed by Antti Koivisto. Added a new TextIterator behavior flag, TextIteratorTraversesFlatTree, which makes TextIterator traverse the flat tree instead of the DOM tree, and made this behavior default in findPlainText. Also added a new find options flag, DoNotTraverseFlatTree, to suppress this behavior in window.find(~) and execCommand('FindString', false, ~) as they should not be able to peek information inside shadow trees. Unfortunately these APIs have been deprecated in the standards so there is no specification to follow. For now, we don't support finding a word or a keyword across a shadow boundary as this would require making rangeOfString and other related functions return a Range-like object that can cross shadow boundaries. Also added internals.rangeOfString to test Editor::rangeOfString, and replaced the bit-flag arguments to internals.countMatchesForText and internals.countFindMatches by an array of strings for better portability. Test: editing/text-iterator/find-string-on-flat-tree.html * editing/Editor.cpp: (WebCore::Editor::rangeOfString): Use the modern containingShadowRoot instead of nonBoundaryShadowTreeRootNode since the start container can be a shadow root, which nonBoundaryShadowTreeRootNode asserts not be the case. * editing/Editor.h: * editing/EditorCommand.cpp: (WebCore::executeFindString): Don't traverse across shadow boundaries. * editing/FindOptions.h: Added DoNotTraverseFlatTree. * editing/TextIterator.cpp: (WebCore::assignedAuthorSlot): Added. (WebCore::authorShadowRoot): Added. (WebCore::firstChildInFlatTreeIgnoringUserAgentShadow): Added. (WebCore::nextSiblingInFlatTreeIgnoringUserAgentShadow): Added. (WebCore::firstChild): Added. Traverses the flat tree when TextIteratorTraversesFlatTree is set. (WebCore::nextSibling): Ditto. (WebCore::parentNodeOrShadowHost): Ditto. (WebCore::TextIterator::advance): Don't set m_handledChildren to true when the current node has display: contents. (WebCore::findPlainText): Use TextIteratorTraversesFlatTree unless DoNotTraverseFlatTree is set. * editing/TextIteratorBehavior.h: Added TextIteratorTraversesFlatTree. * page/DOMWindow.cpp: (WebCore::DOMWindow::find): Don't traverse across shadow boundaries. * testing/Internals.cpp: (WebCore::parseFindOptions): Added. (WebCore::Internals::rangeOfString): Added. (WebCore::Internals::countMatchesForText): Replaced the find options by an array of strings instead of a bit mask. (WebCore::Internals::countFindMatches): Ditto. * testing/Internals.h: * testing/Internals.idl: Added rangeOfString, and replaced find options bit-flag in countMatchesForText and countFindMatches by an array of strings so that the tests themselves don't rely on a specific value of each bit flag. 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210131. rdar://problem/29633667 2016-12-23 Ryosuke Niwa <rniwa@webkit.org> Eliminate the use of lastChild in TextIterator https://bugs.webkit.org/show_bug.cgi?id=166456 Reviewed by Antti Koivisto. Just use the node we just existed in TextIterator::exitNode and in emitting additional new line to eliminate the use of Node::lastChild. Also initialize member variables in the declaration instead of the constructor to modernize the code. * editing/TextIterator.cpp: (WebCore::TextIterator::TextIterator): (WebCore::TextIterator::advance): (WebCore::TextIterator::exitNode): * editing/TextIterator.h: 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210094. rdar://problem/29912214 2016-12-21 Tim Horton <timothy_horton@apple.com> TileGrid creates new tiles when there are recyclable tiles about to be removed https://bugs.webkit.org/show_bug.cgi?id=166408 Reviewed by Simon Fraser. No new tests; existing tests cover this code, this is just a perf win, specifically reducing the amount of layer churn during zooming. * platform/graphics/ca/TileGrid.cpp: (WebCore::TileGrid::revalidateTiles): Remove all the tiles that will be removed first, then add new tiles. Strictly ordering it this way means that tiles will be removed, go into the LayerPool, then be pulled back out of the LayerPool to sit in the newly-covered areas. Previously, we would sometimes make new layers for newly-covered areas, and then remove unneeded but otherwise recyclable tiles, which would then just go sit in the LayerPool (and often get pruned, wastefully). 2017-01-12 Matthew Hanson <matthew_hanson@apple.com> Merge r210078. rdar://problem/29633667 2016-12-21 Ryosuke Niwa <rniwa@webkit.org> Modernize findPlainText https://bugs.webkit.org/show_bug.cgi?id=166299 Reviewed by Sam Weinig. Modernized findPlainText by merging the static version of it into it and extracting the main nested loop out as findPlainTextOffset. No new tests since there should be no behavioral change. * editing/TextIterator.cpp: (WebCore::findPlainTextOffset): (WebCore::findPlainText): 2017-01-06 Matthew Hanson <matthew_hanson@apple.com> Merge r210221. rdar://problem/29449474 2017-01-01 Jeff Miller <jeffm@apple.com> Update user-visible copyright strings to include 2017 https://bugs.webkit.org/show_bug.cgi?id=166278 Reviewed by Dan Bernstein. * Info.plist: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210372. rdar://problem/29870033 2017-01-05 Chris Dumez <cdumez@apple.com> Turn preferLowPowerWebGLRendering setting on by default https://bugs.webkit.org/show_bug.cgi?id=166737 <rdar://problem/29870033> Reviewed by Dean Jackson. Temporarily turn preferLowPowerWebGLRendering setting on by default until we deal better with WebGL content in background tabs. * page/Settings.in: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210369. rdar://problem/29100419 2017-01-05 Zalan Bujtas <zalan@apple.com> Mark the dedicated root linebox for trailing floats in empty inlines dirty. https://bugs.webkit.org/show_bug.cgi?id=166732 <rdar://problem/29100419> Reviewed by Antti Koivisto. We normally attach floating boxes to the last root linebox. However when the floatbox is preceded by a <br> we generate a dedicated root linebox (TrailingFloatsRootInlineBox) for the floatbox. When this floatbox is a RenderInline descendant and this RenderInline does not generate lineboxes (it's ancestor RenderBlockFlow does) we have to make sure that this special root linebox gets marked dirty when the associated floatbox changes. (Unfortunately through the recursive calls on dirtyLinesFromChangedChild(), we lose the information about the "changed child" since the inlines propagates the marking logic to the RenderBlockFlow, see FIXME.) Test: fast/inline/trailing-floats-inline-crash2.html * rendering/RenderLineBoxList.cpp: (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210368. rdar://problem/28908164 2017-01-05 Antoine Quint <graouts@apple.com> [Cocoa] Both modern-media-controls/images/iOS modern-media-controls/images/macOS are installed on both platforms https://bugs.webkit.org/show_bug.cgi?id=163871 Reviewed by Eric Carlson. We now only copy modern media controls images, if any, for the current platform. * WebCore.xcodeproj/project.pbxproj: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210361. rdar://problem/29870245 2017-01-05 Chris Dumez <cdumez@apple.com> Form validation: Align email validation with the latest HTML specification https://bugs.webkit.org/show_bug.cgi?id=166697 <rdar://problem/29870245> Reviewed by Alex Christensen. Align email validation with the latest HTML specification: - https://html.spec.whatwg.org/#valid-e-mail-address It particular, the following changes were made: - The first and last character of the domain now needs to be a letter or a digit - Parts of the domain can only be 63 characters in length No new tests, extended existing test. * html/EmailInputType.cpp: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210360. rdar://problem/19595567 2017-01-05 Enrica Casucci <enrica@apple.com> Support File Promise during drag for macOS. https://bugs.webkit.org/show_bug.cgi?id=165204 rdar://problem/19595567 Reviewed by Tim Horton. Adds the support for handling File Promise type during drag. DragData now has the knowledge of the NSFilesPromisePboardType and checks for the data type during drag. * page/mac/DragControllerMac.mm: (WebCore::DragController::dragOperation): * platform/DragData.h: (WebCore::DragData::setFileNames): (WebCore::DragData::fileNames): * platform/mac/DragDataMac.mm: (WebCore::DragData::containsFiles): (WebCore::DragData::numberOfFiles): (WebCore::DragData::asFilenames): (WebCore::DragData::containsCompatibleContent): (WebCore::DragData::containsPromise): (WebCore::DragData::asURL): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210359. rdar://problem/29882478 2017-01-05 Per Arne Vollan <pvollan@apple.com> [Win] Compile error. https://bugs.webkit.org/show_bug.cgi?id=166726 Reviewed by Alex Christensen. Add include folder. * CMakeLists.txt: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210328. rdar://problem/29870673 2017-01-05 Wenson Hsieh <wenson_hsieh@apple.com> Disable smooth playhead animation for main content media in the Touch Bar https://bugs.webkit.org/show_bug.cgi?id=166715 <rdar://problem/29870673> Reviewed by Eric Carlson. Passing in a non-zero playback rate to WebPlaybackControlsManager's timing property causes unintended effects further down the stack. Please see the Radar for more details. * platform/mac/WebPlaybackSessionInterfaceMac.mm: (WebCore::WebPlaybackSessionInterfaceMac::updatePlaybackControlsManagerTiming): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210288. rdar://problem/29741862 2016-01-04 Brent Fulgham <bfulgham@apple.com> Correct DOMWindow handling during FrameLoader::clear https://bugs.webkit.org/show_bug.cgi?id=166357 <rdar://problem/29741862> Reviewed by Andy Estes. Make sure that we always clean up the DOM window when clearing Window properties, even if the document will remain in the page cache. Since 'clearWindowShell' is only used in FrameLoader, divide it's beahvior into two steps: 1. Rename 'clearWindowShell' to 'clearWIndowShellsNotMatchingDOMWindow' to better describe its function. Switch to a modern C++ loop. Do not switch to the new DOMWindow here, but detach and clear existing DOMWindow connections. 2. Add a new method 'setDOMWindowForWindowShell'. Complete switch to the new DOMWindow. This change allows us to disconnect the old DOMWindow, perform the 'setDocument(nullptr)' operation, and then connect to the new Window without leaving the loader in an inconsistent state. * loader/bindings/js/ScriptController.cpp: (WebCore::clearWindowShellsNotMatchingDOMWindow): Renamed from 'clearWindowShell' (WebCore::setDOMWindowForWindowShell): Added. * loader/bindings/js/ScriptController.h: * loader/FrameLoader.cpp: (WebCore::FrameLoader::clear): Revise to use the new two-step DOMWindow switch logic. 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210284. rdar://problem/29865854 2017-01-04 Chris Dumez <cdumez@apple.com> Assertion hit on redfin.com: ASSERTION FAILED: collection->length() > 1 https://bugs.webkit.org/show_bug.cgi?id=166687 <rdar://problem/29865854> Reviewed by Darin Adler. We were mistakenly calling Document::addWindowNamedItem() / Document::removeWindowNamedItem() for elements in Shadow DOMs. As a result, the windowNamedItem DocumentOrderedMap would contain elements in shadow DOMs. This would cause the assertion to be hit in window's named property getter because of the length mismatch between the windowNamedItem DocumentOrderedMap and the WindowNameCollection. Tests: fast/shadow-dom/document-named-property.html fast/shadow-dom/window-named-property.html * dom/Element.cpp: (WebCore::Element::updateNameForDocument): (WebCore::Element::updateIdForDocument): * html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::parseAttribute): * html/HTMLObjectElement.cpp: (WebCore::HTMLObjectElement::updateDocNamedItem): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210279. rdar://problem/29607569 2017-01-04 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Cross Origin importScripts() scripts lack source URL, causes issues with Inspector showing Resource https://bugs.webkit.org/show_bug.cgi?id=165569 <rdar://problem/29607569> Reviewed by Youenn Fablet. Test: http/tests/inspector/worker/blob-script-with-cross-domain-imported-scripts.html * Modules/fetch/FetchLoader.cpp: (WebCore::FetchLoader::start): * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::didReceiveResponse): * loader/ThreadableLoader.cpp: (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): * loader/ThreadableLoader.h: * loader/WorkerThreadableLoader.cpp: (WebCore::LoaderTaskOptions::LoaderTaskOptions): Add a new ThreadableLoader option to avoid filtering the response. * workers/WorkerScriptLoader.cpp: (WebCore::WorkerScriptLoader::loadSynchronously): (WebCore::WorkerScriptLoader::loadAsynchronously): Disable filtering of the response. This is an internal load, we don't want to filter data that would be valuable later. 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210267. rdar://problem/29796608 2017-01-03 Ryosuke Niwa <rniwa@webkit.org> label element with tabindex >= 0 is not focusable https://bugs.webkit.org/show_bug.cgi?id=102780 <rdar://problem/29796608> Reviewed by Darin Adler. Fixed the bug by removing the override for HTMLLabelElement::isFocusable which always returned false. This is a behavior from r5532 but it doesn't match the latest HTML specification or that of Chrome and Firefox. Also fixed an existing bug in HTMLLabelElement::focus and HTMLLegendElement::focus which focused the associated form control when there is one even if the element itself is focusable. Without this fix, traversing from control with shift+tab would break since focusing the label would move the focus back to the input element inside the label element. Finally, fixed a bug in HTMLLegendElement::focus that we can call inFocus without updating layout first. The fix was inspired by https://chromium.googlesource.com/chromium/src/+/085ad8697b1be50c4f93e296797a25a43a79bcfb Test: fast/events/focus-label-legend-elements-with-tabindex.html * html/HTMLLabelElement.cpp: (WebCore::HTMLLabelElement::focus): (WebCore::HTMLLabelElement::isFocusable): Deleted. * html/HTMLLabelElement.h: * html/HTMLLegendElement.cpp: (WebCore::HTMLLegendElement::focus): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210273. rdar://problem/29834093 2017-01-04 Tim Horton <timothy_horton@apple.com> Provide a setting for clients to always prefer low-power WebGL https://bugs.webkit.org/show_bug.cgi?id=166675 <rdar://problem/29834093> Reviewed by Dan Bernstein. No new tests; as noted in r204664, we don't know how to reliably test automatic graphics switching. One could use the manual test introduced in that commit; after this commit, with the setting switched on, on a dual-GPU machine that is actively using integrated graphics, that test should return the same result for both contexts. * page/Settings.in: Add a setting to prefer low-power WebGL. * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::create): If said setting is enabled, set preferLowPowerToHighPerformance. 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210266. rdar://problem/29447824 2017-01-03 Tim Horton <timothy_horton@apple.com> NSSpellChecker's recordResponse isn't called for unseen automatic corrections https://bugs.webkit.org/show_bug.cgi?id=166450 <rdar://problem/29447824> Reviewed by Darin Adler. Test: editing/mac/spelling/accept-unseen-candidate-records-acceptance.html * editing/AlternativeTextController.cpp: (WebCore::AlternativeTextController::recordAutocorrectionResponse): (WebCore::AlternativeTextController::recordAutocorrectionResponseReversed): Deleted. * editing/AlternativeTextController.h: Add recordAutocorrectionResponse, which takes a AutocorrectionResponseType, instead of having a function specifically for reverted autocorrections. Also, get rid of the unnecessary indirection of the private overload of recordAutocorrectionResponseReversed, since there's only one caller. * editing/Editor.cpp: (WebCore::Editor::markAndReplaceFor): Call recordAutocorrectionResponse with Accepted when performing an auto-autocorrection. (WebCore::Editor::changeBackToReplacedString): Adopt recordAutocorrectionResponse. * page/AlternativeTextClient.h: Add an "AutocorrectionAccepted" response type. 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210142. rdar://problem/29109053 2016-12-23 Andreas Kling <akling@apple.com> REGRESSION(r209865): Crash when navigating back to some pages with compositing layers. <https://webkit.org/b/166469> <rdar://problem/29109053> Reviewed by Darin Adler. Remove the old WK1-era clear/restoreBackingStores optimization from the page cache. When enabling it on non-iOS platforms, we started hitting lots of assertions, and none of our memory tests showed any significant improvement anyway. Test: compositing/page-cache-back-crash.html * history/CachedFrame.cpp: (WebCore::CachedFrameBase::CachedFrameBase): (WebCore::CachedFrameBase::restore): (WebCore::CachedFrame::CachedFrame): * history/CachedFrame.h: * page/FrameView.cpp: (WebCore::FrameView::restoreBackingStores): Deleted. * page/FrameView.h: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210122. rdar://problem/29763012 2016-12-22 Brent Fulgham <bfulgham@apple.com> Nested calls to setDocument can omit firing 'unload' events https://bugs.webkit.org/show_bug.cgi?id=166422 <rdar://problem/29763012> Reviewed by Alex Christensen. Test: fast/loader/nested-document-handling.html Only allow a single document change to be taking place during a given runloop cycle. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::executeIfJavaScriptURL): Block script changing the document when we are in the middle of changing the document. * page/Frame.cpp: (WebCore::Frame::setDocument): Keep track of document change state. * page/Frame.h: 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210120. rdar://problem/29772233 2016-12-22 Zalan Bujtas <zalan@apple.com> Do not destroy the RenderNamedFlowFragment as leftover anonymous block. https://bugs.webkit.org/show_bug.cgi?id=166436 rdar://problem/29772233 Reviewed by Simon Fraser. When as the result of certain style change, the generated anonymous block is not needed anymore, we move its descendants up to the parent and destroy the generated box. While RenderNamedFlowFragment is a generated block, the cleanup code should just ignore it the same way we ignore boxes like multicolumn, mathml etc. Test: fast/regions/flow-fragment-as-anonymous-block-crash.html * rendering/RenderObject.h: (WebCore::RenderObject::isAnonymousBlock): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210112. rdar://problem/29742039 2016-12-22 Daniel Bates <dabates@apple.com> Bypass pop-up blocker from cross-origin or sandboxed frame https://bugs.webkit.org/show_bug.cgi?id=166290 <rdar://problem/29742039> Reviewed by Darin Adler. Tests: fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame.html fast/events/popup-blocked-from-sandboxed-frame-via-window-open-named-sibling-frame2.html fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html * page/DOMWindow.cpp: (WebCore::DOMWindow::open): Use FrameLoader::findFrameForNavigation() to find the target frame to navigate with respect to the active document just as we do in WebCore::createWindow(). 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210104. rdar://problem/29139619 2016-12-22 Jer Noble <jer.noble@apple.com> NULL-deref CRASH in WebCore::PlatformMediaSession::mediaType https://bugs.webkit.org/show_bug.cgi?id=166407 Reviewed by Darin Adler. In r207688, we added a facility in PlatformMediaSessionManager for safely walking through a list of PlatformMediaSessions by replacing entries of deleted sessions with nullptr. We now need to use those new iteration falicities in MediaSessionManageriOS. In addition to the existing iterators, add one which takes a predicate, and returns the first session which matches the predicate, or nullptr, if none do. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::findSession): (WebCore::PlatformMediaSessionManager::anyOfSessions): * platform/audio/PlatformMediaSessionManager.h: (WebCore::PlatformMediaSessionManager::sessions): Deleted. * platform/audio/ios/MediaSessionManagerIOS.mm: (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring): (WebCore::MediaSessionManageriOS::nowPlayingEligibleSession): (WebCore::MediaSessionManageriOS::externalOutputDeviceAvailableDidChange): (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): (WebCore::MediaSessionManageriOS::applicationWillEnterForeground): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210100. rdar://problem/28388000 2016-12-22 Jer Noble <jer.noble@apple.com> Muted media element playback should not interrupt other audio playback https://bugs.webkit.org/show_bug.cgi?id=166347 Reviewed by Eric Carlson. Test: TestWebKitAPI/WebKit/ios/AudioSessionCategoryIOS.mm * platform/audio/cocoa/MediaSessionManagerCocoa.cpp: (PlatformMediaSessionManager::updateSessionState): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210083. rdar://problem/25391382 2016-12-21 Jiewen Tan <jiewen_tan@apple.com> WebKit should set Original URL of a download request correctly https://bugs.webkit.org/show_bug.cgi?id=166394 <rdar://problem/25391382> Reviewed by Alex Christensen. WebKit should set Original URL of a download request correctly if the download is initiated by clicking on a link with target=_blank. Manually tested as the requested test infrastructure doesn't exist yet. We need actual loading process for API test such that we could simulate the real situation which PolicyDownload is only set when we receive responds. Currently we can only set PolicyDownload in a NavigationDelegate when the load starts. Hence we cannot simulate the following process: load starts -> PolicyUse -> creates a new WebView -> respond receives -> PolicyDownload -> downloads. * loader/FrameLoader.cpp: (WebCore::FrameLoader::setOriginalURLForDownloadRequest): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210061. rdar://problem/29763143 2016-12-21 Eric Carlson <eric.carlson@apple.com> [MediaStream] MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer can be called before it has a media stream https://bugs.webkit.org/show_bug.cgi?id=166344 <rdar://problem/29763143> Reviewed by Jer Noble. There is a very narrow window during which a MediaStream player can be asked for its layer before it has a steam, resulting in a NULL dereference and crash. Don't do that. Unable to reproduce. * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210059. rdar://problem/29727145 2016-12-21 Simon Fraser <simon.fraser@apple.com> Fixed bars are positioned incorrectly when there are header and footer banners https://bugs.webkit.org/show_bug.cgi?id=166302 rdar://problem/29727145 Reviewed by Tim Horton. The computation of the visual viewport was wrong in the presence of header and footer banners. It needs to take into account the fact that "visibleContentRect" applies to the scroll view contents, which includes header and footer (unscaled), and the potentially scaled document, and we need to return a rectangle in unscaled document coordinates. Make a static method in FrameView to do this computation, and call it from FrameView::visualViewportRect() and ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition(). layoutViewportForScrollPosition() is only called on Mac, so remove the #ifdeffing related to scaling, and pass in an unscaled scroll position. Test: fast/visual-viewport/zoomed-fixed-header-and-footer.html * page/FrameView.cpp: (WebCore::FrameView::updateLayoutViewport): (WebCore::FrameView::maxStableLayoutViewportOrigin): (WebCore::FrameView::visibleDocumentRect): (WebCore::FrameView::visualViewportRect): * page/FrameView.h: * page/scrolling/ScrollingTreeFrameScrollingNode.cpp: (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition): * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm: (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints): 2017-01-05 Matthew Hanson <matthew_hanson@apple.com> Merge r210035. rdar://problem/29704862 2016-12-20 Zalan Bujtas <zalan@apple.com> SVG elements should inherit the root's flow thread state. https://bugs.webkit.org/show_bug.cgi?id=166173 rdar://problem/29704862 Reviewed by Simon Fraser. When the <svg> is not part of the multicolumn context (out of flow positioning), its descendants should not be in the flow either. Test: fast/multicol/svg-inside-multicolumn.html * rendering/RenderObject.cpp: (WebCore::RenderObject::computedFlowThreadState): * rendering/RenderObject.h: (WebCore::RenderObject::isProgress): (WebCore::RenderObject::isRenderSVGBlock): * rendering/svg/RenderSVGBlock.h: 2017-01-04 Matthew Hanson <matthew_hanson@apple.com> Merge r209990. rdar://problem/29705967 2016-12-18 Brent Fulgham <bfulgham@apple.com> Side effects while restting form elements https://bugs.webkit.org/show_bug.cgi?id=165959 <rdar://problem/29705967> Reviewed by Anders Carlsson. JavaScript logic can run while resetting FormElement objects. This can lead to unintended side-effets and other unwanted behavior. We should protect these elements during the reset. Test: fast/html/form-mutate.html * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::HTMLFormElement): Switch to C++11 initialization. (WebCore::HTMLFormElement::reset): Protect elements until the reset operation is finished. (WebCore::HTMLFormElement::resetAssociatedFormControlElements): Added to share code with 'resumeFromDocument'. (WebCore::HTMLFormElement::resumeFromDocument): Protect elements until the reset operation is finished. 2017-01-04 Matthew Hanson <matthew_hanson@apple.com> Merge r210045. rdar://problem/29560853 2016-12-20 Alex Christensen <achristensen@webkit.org> Remove initEvent quirk https://bugs.webkit.org/show_bug.cgi?id=166284 Reviewed by Dan Bernstein. We added this quirk in r207908 and expanded it in r209946 and r210034. Many web compatibility issues have been found, which leads us to believe that many more exist. This reverts the behavior to match how it was before r203848. This change was proposed to the spec in https://github.com/whatwg/dom/issues/387 * dom/Event.cpp: (WebCore::Event::initEventForBindings): Deleted. * dom/Event.h: * dom/Event.idl: * platform/RuntimeApplicationChecks.h: * platform/RuntimeApplicationChecks.mm: (WebCore::IOSApplication::isBaiduNuomi): Deleted. (WebCore::IOSApplication::isAutoNaviAMap): Deleted. (WebCore::IOSApplication::isFlipboard): Deleted. 2017-01-04 Matthew Hanson <matthew_hanson@apple.com> Merge r210034. rdar://problem/29560853 2016-12-20 Alex Christensen <achristensen@webkit.org> Fix yet another app that uses initEvent with fewer than 3 parameters https://bugs.webkit.org/show_bug.cgi?id=166257 <rdar://problem/29420268> Reviewed by Sam Weinig. * dom/Event.cpp: (WebCore::Event::initEventForBindings): * platform/RuntimeApplicationChecks.h: * platform/RuntimeApplicationChecks.mm: (WebCore::IOSApplication::isAutoNaviAMap): AutoNavi amap has content that uses initEvent with one parameter. This quirk is needed here, too. 2016-12-21 Babak Shafiei <bshafiei@apple.com> Roll out r209261. 2016-12-21 Babak Shafiei <bshafiei@apple.com> Roll out r209510. 2016-12-19 Dean Jackson <dino@apple.com> Merge another patch for rdar://problem/29466493. 2016-12-19 Dean Jackson <dino@apple.com> Disable some features on the safari-603-branch. <rdar://problem/29466493> * Configurations/FeatureDefines.xcconfig: * css/SelectorChecker.cpp: (WebCore::SelectorChecker::matchRecursively): * css/SelectorFilter.cpp: (WebCore::SelectorFilter::collectIdentifierHashes): * css/parser/CSSSelectorParser.cpp: (WebCore::isOnlyPseudoClassFunction): (WebCore::CSSSelectorParser::consumePseudo): (WebCore::CSSSelectorParser::consumeCombinator): * cssjit/SelectorCompiler.cpp: (WebCore::SelectorCompiler::fragmentRelationForSelectorRelation): 2016-12-19 Babak Shafiei <bshafiei@apple.com> Merge patch for rdar://problem/29466493. 2016-12-19 Dean Jackson <dino@apple.com> Disable some features on the safari-603-branch. <rdar://problem/29466493> - Force the default state of experimental features to off. - Move some experimental features that should be enabled on this branch into the general feature list, so they can't be disabled. - Disable some features that are not ready. * Configurations/FeatureDefines.xcconfig: 2016-12-18 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Prefetch cursor records in the server. https://bugs.webkit.org/show_bug.cgi?id=166014 Reviewed by Andy Estes. No new tests (Covered by existing LayoutTests and PerformanceTests). This patch implements the followng: 1 - After a backing store cursor completes a fetch in the server, it will schedule the next fetch even before the client requests one. It will do this up to a limited number of prefetches. 2 - Once a client request to advance the cursor comes in, we'll work our way through prefetched records instead of reading anything from disk, which might then cause us to continue prefetch. 3 - If any changes to the object store occur, it will throw away all previously fetched records (There's room for future improvement here) * Modules/indexeddb/server/IDBBackingStore.h: * Modules/indexeddb/server/IDBServer.cpp: (WebCore::IDBServer::IDBServer::postDatabaseTask): * Modules/indexeddb/server/MemoryIDBBackingStore.h: * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRange): (WebCore::IDBServer::SQLiteIDBBackingStore::prefetchCursor): * Modules/indexeddb/server/SQLiteIDBBackingStore.h: * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::objectStoreRecordsChanged): (WebCore::IDBServer::SQLiteIDBCursor::prefetch): (WebCore::IDBServer::SQLiteIDBCursor::advance): * Modules/indexeddb/server/SQLiteIDBCursor.h: * Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor): (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor): (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTask): * Modules/indexeddb/server/UniqueIDBDatabase.h: 2016-12-18 Wenson Hsieh <wenson_hsieh@apple.com> Changing text direction fires input events with null inputTypes and no data https://bugs.webkit.org/show_bug.cgi?id=166007 <rdar://problem/29557205> Reviewed by Sam Weinig. Adds support for the "formatSetInlineTextDirection" input type, triggered when using the context menu on Mac in an editable area (for both plain and rich text cases) to change paragraph direction. To do this, we add cases for EditActionSetWritingDirection in inputTypeNameForEditingAction and inputEventDataForEditingStyleAndAction. When changing text direction for a plaintext editable element, we have logic in Editor::setBaseWritingDirection that sets the focused element's dir attribute to the requested value (ltr or rtl). We add similar hooks here to dispatch input events and handle preventing default. Test: fast/events/before-input-events-prevent-text-direction.html * editing/EditCommand.cpp: (WebCore::inputTypeNameForEditingAction): Handle the EditActionSetWritingDirection case. * editing/Editor.cpp: (WebCore::inputEventDataForEditingStyleAndAction): (WebCore::Editor::applyParagraphStyle): Include input event data when dispatching an input event here. (WebCore::Editor::setBaseWritingDirection): * testing/Internals.cpp: (WebCore::Internals::setBaseWritingDirection): * testing/Internals.h: * testing/Internals.idl: Introduce an internal testing support hook for setting base writing direction (the same codepath taken when using the context menu to change paragraph direction). Currently, using testRunner.execCommand creates and applies style with an additional `unicode-bidi` attribute, and appears to also be intentionally disabled for plaintext editable elements. 2016-12-17 Simon Fraser <simon.fraser@apple.com> Build fix: linking WebCore was failing: you can't export inline functions. * css/DeprecatedCSSOMPrimitiveValue.cpp: (WebCore::DeprecatedCSSOMPrimitiveValue::primitiveType): (WebCore::DeprecatedCSSOMPrimitiveValue::setFloatValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getFloatValue): (WebCore::DeprecatedCSSOMPrimitiveValue::setStringValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getStringValue): * css/DeprecatedCSSOMPrimitiveValue.h: (WebCore::DeprecatedCSSOMPrimitiveValue::primitiveType): Deleted. (WebCore::DeprecatedCSSOMPrimitiveValue::setFloatValue): Deleted. (WebCore::DeprecatedCSSOMPrimitiveValue::getFloatValue): Deleted. (WebCore::DeprecatedCSSOMPrimitiveValue::setStringValue): Deleted. (WebCore::DeprecatedCSSOMPrimitiveValue::getStringValue): Deleted. 2016-12-16 Dave Hyatt <hyatt@apple.com> [CSS Values] Make separate wrapper classes for the deprecated CSS Values OM https://bugs.webkit.org/show_bug.cgi?id=165968 Reviewed by Andreas Kling. This patch changes the CSS OM for values to use distinct wrapper classes instead of cloning the existing classes. By actually wrapping values instead of cloning, we are freed up to change our CSS value hierarchy however we'd like (such as changing to match the new CSS Values OM that is coming soon). All of the CSS Values wrapper classes are prefixed with "DeprecatedCSSOM" to reflect our desire (ultimately) to remove this API from our tree. We're the only ones that support it, and it's not used on the Web, but it is part of the WebKitLegacy API and might be used internally. * CMakeLists.txt: * DerivedSources.cpp: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/DOMWrapperWorld.h: * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::getPropertyCSSValue): * bindings/js/JSCSSValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots): (WebCore::JSDeprecatedCSSOMValueOwner::finalize): (WebCore::toJSNewlyCreated): (WebCore::toJS): (WebCore::JSCSSValueOwner::isReachableFromOpaqueRoots): Deleted. (WebCore::JSCSSValueOwner::finalize): Deleted. * css/CSSComputedStyleDeclaration.cpp: (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): * css/CSSComputedStyleDeclaration.h: * css/CSSGridLineNamesValue.cpp: (WebCore::CSSGridLineNamesValue::cloneForCSSOM): Deleted. * css/CSSGridLineNamesValue.h: * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cloneForCSSOM): Deleted. * css/CSSImageSetValue.h: * css/CSSImageValue.cpp: (WebCore::CSSImageValue::createDeprecatedCSSOMWrapper): (WebCore::CSSImageValue::cloneForCSSOM): Deleted. * css/CSSImageValue.h: * css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::createDeprecatedCSSOMPrimitiveWrapper): (WebCore::CSSPrimitiveValue::cloneForCSSOM): Deleted. * css/CSSPrimitiveValue.h: * css/CSSPrimitiveValue.idl: Removed. * css/CSSStyleDeclaration.h: * css/CSSStyleDeclaration.idl: * css/CSSValue.cpp: (WebCore::CSSValue::traverseSubresources): (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): (WebCore::CSSValue::createDeprecatedCSSOMWrapper): (): Deleted. (WebCore::CSSValue::cloneForCSSOM): Deleted. * css/CSSValue.h: (WebCore::CSSValue::CSSValue): (WebCore::CSSValue::setCssText): Deleted. (WebCore::CSSValue::isCSSOMSafe): Deleted. (WebCore::CSSValue::isSubtypeExposedToCSSOM): Deleted. * css/CSSValue.idl: Removed. * css/CSSValueList.cpp: (WebCore::CSSValueList::cloneForCSSOM): Deleted. * css/CSSValueList.h: (WebCore::CSSValueList::separator): * css/CSSValueList.idl: Removed. * css/Counter.h: * css/Counter.idl: Removed. * css/DeprecatedCSSOMCounter.h: Added. * css/DeprecatedCSSOMCounter.idl: Copied from Source/WebCore/css/Counter.idl. * css/DeprecatedCSSOMPrimitiveValue.cpp: Added. (WebCore::DeprecatedCSSOMPrimitiveValue::getCounterValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getRectValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getRGBColorValue): * css/DeprecatedCSSOMPrimitiveValue.h: Added. (WebCore::DeprecatedCSSOMPrimitiveValue::create): (WebCore::DeprecatedCSSOMPrimitiveValue::equals): (WebCore::DeprecatedCSSOMPrimitiveValue::cssValueType): (WebCore::DeprecatedCSSOMPrimitiveValue::cssText): (WebCore::DeprecatedCSSOMPrimitiveValue::primitiveType): (WebCore::DeprecatedCSSOMPrimitiveValue::setFloatValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getFloatValue): (WebCore::DeprecatedCSSOMPrimitiveValue::setStringValue): (WebCore::DeprecatedCSSOMPrimitiveValue::getStringValue): (WebCore::DeprecatedCSSOMPrimitiveValue::stringValue): (WebCore::DeprecatedCSSOMPrimitiveValue::DeprecatedCSSOMPrimitiveValue): * css/DeprecatedCSSOMPrimitiveValue.idl: Copied from Source/WebCore/css/CSSPrimitiveValue.idl. * css/DeprecatedCSSOMRGBColor.h: Added. * css/DeprecatedCSSOMRGBColor.idl: Copied from Source/WebCore/css/RGBColor.idl. * css/DeprecatedCSSOMRect.h: Added. * css/DeprecatedCSSOMRect.idl: Copied from Source/WebCore/css/Rect.idl. * css/DeprecatedCSSOMValue.cpp: Added. (WebCore::compareCSSOMValues): (WebCore::DeprecatedCSSOMValue::equals): (WebCore::DeprecatedCSSOMValue::destroy): (WebCore::DeprecatedCSSOMValue::cssValueType): (WebCore::DeprecatedCSSOMValue::cssText): * css/DeprecatedCSSOMValue.h: Added. (WebCore::DeprecatedCSSOMValue::deref): (WebCore::DeprecatedCSSOMValue::setCssText): (WebCore::DeprecatedCSSOMValue::operator==): (WebCore::DeprecatedCSSOMValue::isComplexValue): (WebCore::DeprecatedCSSOMValue::isPrimitiveValue): (WebCore::DeprecatedCSSOMValue::isValueList): (WebCore::DeprecatedCSSOMValue::classType): (WebCore::DeprecatedCSSOMValue::DeprecatedCSSOMValue): (WebCore::DeprecatedCSSOMValue::~DeprecatedCSSOMValue): (WebCore::DeprecatedCSSOMComplexValue::create): (WebCore::DeprecatedCSSOMComplexValue::equals): (WebCore::DeprecatedCSSOMComplexValue::cssText): (WebCore::DeprecatedCSSOMComplexValue::cssValueType): (WebCore::DeprecatedCSSOMComplexValue::DeprecatedCSSOMComplexValue): * css/DeprecatedCSSOMValue.idl: Copied from Source/WebCore/css/CSSValue.idl. * css/DeprecatedCSSOMValueList.cpp: Added. (WebCore::DeprecatedCSSOMValueList::equals): (WebCore::DeprecatedCSSOMValueList::cssText): * css/DeprecatedCSSOMValueList.h: Added. (WebCore::DeprecatedCSSOMValueList::create): (WebCore::DeprecatedCSSOMValueList::cssValueType): (WebCore::DeprecatedCSSOMValueList::length): (WebCore::DeprecatedCSSOMValueList::item): (WebCore::DeprecatedCSSOMValueList::DeprecatedCSSOMValueList): * css/DeprecatedCSSOMValueList.idl: Copied from Source/WebCore/css/CSSValueList.idl. * css/LengthRepeat.h: * css/PropertySetCSSStyleDeclaration.cpp: (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue): (WebCore::PropertySetCSSStyleDeclaration::wrapForDeprecatedCSSOM): (WebCore::StyleRuleCSSStyleDeclaration::didMutate): (WebCore::InlineCSSStyleDeclaration::didMutate): (WebCore::PropertySetCSSStyleDeclaration::cloneAndCacheForCSSOM): Deleted. * css/PropertySetCSSStyleDeclaration.h: * css/RGBColor.cpp: (WebCore::RGBColor::red): Deleted. (WebCore::RGBColor::green): Deleted. (WebCore::RGBColor::blue): Deleted. (WebCore::RGBColor::alpha): Deleted. * css/RGBColor.h: * css/RGBColor.idl: Removed. * css/Rect.h: (WebCore::RectBase::RectBase): * css/Rect.idl: Removed. * svg/SVGElement.cpp: (WebCore::SVGElement::getPresentationAttribute): * svg/SVGElement.h: * svg/SVGElement.idl: 2016-12-17 Philippe Normand <pnormand@igalia.com> Unreviewed, rollout r209860 OWR player shouldn't be selected for normal video playback * platform/GStreamer.cmake: * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr): (WebCore::MediaPlayerPrivateGStreamerOwr::play): (WebCore::MediaPlayerPrivateGStreamerOwr::pause): (WebCore::MediaPlayerPrivateGStreamerOwr::load): (WebCore::MediaPlayerPrivateGStreamerOwr::stop): (WebCore::MediaPlayerPrivateGStreamerOwr::trackEnded): (WebCore::MediaPlayerPrivateGStreamerOwr::trackEnabledChanged): (WebCore::MediaPlayerPrivateGStreamerOwr::setSize): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp: (WebCore::MediaEndpointOwr::createMutedRemoteSource): * platform/mediastream/openwebrtc/RealtimeAudioSourceOwr.h: Removed. * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp: (WebCore::RealtimeMediaSourceCenterOwr::mediaSourcesAvailable): * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.cpp: Removed. * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h: * platform/mediastream/openwebrtc/RealtimeVideoSourceOwr.h: Removed. 2016-12-17 Michael Catanzaro <mcatanzaro@igalia.com> warning: the compiler can assume that the address of 'thisObject' will always evaluate to 'true' [-Waddress] in WebCore::JSHTMLDocument::getOwnPropertySlot https://bugs.webkit.org/show_bug.cgi?id=165987 Reviewed by Mark Lam. Work around the warning by passing the JSObject pointer this function receives directly to ASSERT_GC_OBJECT_INHERITS, instead of casting it to a reference and then taking the address of that, to avoid the -Waddress warning. * bindings/js/JSHTMLDocumentCustom.cpp: (WebCore::JSHTMLDocument::getOwnPropertySlot): 2016-12-17 Jer Noble <jer.noble@apple.com> Add implementation for navigator.requestMediaKeySystemAccess() https://bugs.webkit.org/show_bug.cgi?id=165850 Reviewed by Eric Carlson. Test: media/encrypted-media/mock-navigator-requestMediaKeySystemAccess.html Add an implementation of NavigatorEME::requestMediaKeySystemAccess() as well as the CDM object on which it depends. * Modules/encryptedmedia/CDM.cpp: Added. (WebCore::cdmFactories): (WebCore::createCDMPrivateForKeySystem): (WebCore::CDM::registerCDMFactory): (WebCore::CDM::unregisterCDMFactory): (WebCore::CDM::supportsKeySystem): (WebCore::CDM::create): (WebCore::CDM::CDM): (WebCore::CDM::getSupportedConfiguration): (WebCore::CDM::doSupportedConfigurationStep): (WebCore::CDM::isPersistentType): (WebCore::CDM::getSupportedCapabilitiesForAudioVideoType): (WebCore::CDM::getConsentStatus): * Modules/encryptedmedia/CDM.h: Added. (WebCore::CDMFactory::~CDMFactory): (WebCore::CDM::keySystem): (WebCore::CDM::createWeakPtr): * Modules/encryptedmedia/CDMPrivate.h: Added. (WebCore::CDMPrivate::~CDMPrivate): * Modules/encryptedmedia/NavigatorEME.cpp: (WebCore::NavigatorEME::requestMediaKeySystemAccess): (WebCore::tryNextSupportedConfiguration): * Modules/encryptedmedia/NavigatorEME.h: * Modules/encryptedmedia/NavigatorEME.idl: To aid in testing, a new Internals object is added, MockCDMFactory, which can be controlled by LayoutTests to change the behavior of the Mock objects it creates. * testing/Internals.cpp: (WebCore::Internals::registerMockCDM): * testing/Internals.h: * testing/Internals.idl: * testing/MockCDMFactory.cpp: Added. (WebCore::MockCDMFactory::MockCDMFactory): (WebCore::MockCDMFactory::~MockCDMFactory): (WebCore::MockCDMFactory::unregister): (WebCore::MockCDMFactory::supportsKeySystem): (WebCore::MockCDMFactory::createCDM): (WebCore::MockCDM::MockCDM): (WebCore::MockCDM::supportsInitDataType): (WebCore::MockCDM::supportsConfiguration): (WebCore::MockCDM::supportsConfigurationWithRestrictions): (WebCore::MockCDM::supportsSessionTypeWithConfiguration): (WebCore::MockCDM::supportsRobustness): (WebCore::MockCDM::distinctiveIdentifiersRequirement): (WebCore::MockCDM::persistentStateRequirement): (WebCore::MockCDM::distinctiveIdentifiersAreUniquePerOriginAndClearable): * testing/MockCDMFactory.h: Added. (WebCore::MockCDMFactory::create): (WebCore::MockCDMFactory::supportedDataTypes): (WebCore::MockCDMFactory::setSupportedDataTypes): (WebCore::MockCDMFactory::supportedRobustness): (WebCore::MockCDMFactory::setSupportedRobustness): (WebCore::MockCDMFactory::distinctiveIdentifiersRequirement): (WebCore::MockCDMFactory::setDistinctiveIdentifiersRequirement): (WebCore::MockCDMFactory::persistentStateRequirement): (WebCore::MockCDMFactory::setPersistentStateRequirement): * testing/MockCDMFactory.idl: Added. Move the MediaKeySessionType definition out of the MediaKeys.idl file and into its own. Move the MediaKeysRequiriment definition out of the MediaKeySystemConfiguration.idl file and into its own. Generally fix up the .idl files so that they properly work with their implementation files. * Modules/encryptedmedia/MediaKeySessionType.idl: Added. * Modules/encryptedmedia/MediaKeySystemAccess.cpp: (WebCore::MediaKeySystemAccess::create): (WebCore::MediaKeySystemAccess::MediaKeySystemAccess): (WebCore::MediaKeySystemAccess::keySystem): Deleted. (WebCore::MediaKeySystemAccess::getConfiguration): Deleted. * Modules/encryptedmedia/MediaKeySystemAccess.h: (WebCore::MediaKeySystemAccess::keySystem): (WebCore::MediaKeySystemAccess::getConfiguration): (WebCore::MediaKeySystemAccess::create): Deleted. * Modules/encryptedmedia/MediaKeySystemAccess.idl: * Modules/encryptedmedia/MediaKeySystemConfiguration.h: * Modules/encryptedmedia/MediaKeySystemConfiguration.idl: * Modules/encryptedmedia/MediaKeySystemMediaCapability.idl: * Modules/encryptedmedia/MediaKeys.idl: * Modules/encryptedmedia/MediaKeysRequirement.idl: Added. * Modules/encryptedmedia/MediaKeysRestrictions.h: Added. * bindings/js/JSMediaKeySystemAccessCustom.cpp: Removed. As some of these enums are referenced in the Internals project, they need to be exported from WebCore correctly. Teach the code generator how to export the symbols generated by enums. * bindings/scripts/CodeGeneratorJS.pm: (GenerateEnumerationHeaderContent): Add new files to the project. * CMakeLists.txt: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: 2016-12-17 Darin Adler <darin@apple.com> Remove WebCore::Dictionary, which is now unused https://bugs.webkit.org/show_bug.cgi?id=165988 Reviewed by Andreas Kling. * CMakeLists.txt: Removed the files. * WebCore.xcodeproj/project.pbxproj: Ditto. * bindings/js/Dictionary.cpp: Removed. * bindings/js/Dictionary.h: Removed. * bindings/js/JSBindingsAllInOne.cpp: Removed include of Dictionary.cpp. 2016-12-17 Youenn Fablet <youenn@apple.com> Cloned CachedResource should not have an empty response https://bugs.webkit.org/show_bug.cgi?id=165947 Reviewed by Sam Weinig. Test: http/tests/loading/reusing-cached-stylesheet-from-different-domain.html * loader/cache/CachedResource.cpp: (WebCore::CachedResource::setBodyDataFrom): Copying the response to the cloned resource. Even though the issue is appearing for stylesheets only, it is safer to do that for all cloned ressources. 2016-12-16 Brady Eidson <beidson@apple.com> IndexedDB: Refactor SQLiteIDBCursor to prepare for cursor prefetching. https://bugs.webkit.org/show_bug.cgi?id=165978 Reviewed by Alex Christensen. No new tests (Refactor, no behavior change). In preparation for cursor prefetching, we need to shift the cursor off of keeping "the current record" and onto keeping "a deque of fetched records", the first of which is "the current record". This patch does just that, but with no behavior change; The deque only ever holds 0 or 1 records. * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::currentData): (WebCore::IDBServer::SQLiteIDBCursor::objectStoreRecordsChanged): (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement): (WebCore::IDBServer::SQLiteIDBCursor::prefetch): (WebCore::IDBServer::SQLiteIDBCursor::advance): (WebCore::IDBServer::SQLiteIDBCursor::fetch): (WebCore::IDBServer::SQLiteIDBCursor::fetchNextRecord): (WebCore::IDBServer::SQLiteIDBCursor::markAsErrored): (WebCore::IDBServer::SQLiteIDBCursor::internalFetchNextRecord): (WebCore::IDBServer::SQLiteIDBCursor::iterate): (WebCore::IDBServer::SQLiteIDBCursor::currentKey): (WebCore::IDBServer::SQLiteIDBCursor::currentPrimaryKey): (WebCore::IDBServer::SQLiteIDBCursor::currentValue): (WebCore::IDBServer::SQLiteIDBCursor::didComplete): (WebCore::IDBServer::SQLiteIDBCursor::didError): (WebCore::IDBServer::SQLiteIDBCursor::currentRecordRowID): (WebCore::IDBServer::SQLiteIDBCursor::advanceUnique): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::advanceOnce): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce): Deleted. * Modules/indexeddb/server/SQLiteIDBCursor.h: (WebCore::IDBServer::SQLiteIDBCursor::SQLiteCursorRecord::isTerminalRecord): (WebCore::IDBServer::SQLiteIDBCursor::currentRecordRowID): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::currentKey): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::currentPrimaryKey): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::currentValue): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::didComplete): Deleted. (WebCore::IDBServer::SQLiteIDBCursor::didError): Deleted. 2016-12-16 Darin Adler <darin@apple.com> Remove all custom bindings from media streams, using dictionaries instead https://bugs.webkit.org/show_bug.cgi?id=165943 Reviewed by Sam Weinig. * CMakeLists.txt: Added and removed files. * DerivedSources.make: Ditto. * Modules/mediastream/DoubleRange.h: Added. Moved dictionary here so it can be shared by both MediaStreamTrack and MediaTrackSupportedConstraints. * Modules/mediastream/DoubleRange.idl: Ditto. * Modules/mediastream/LongRange.h: Ditto. * Modules/mediastream/LongRange.idl: Ditto. * Modules/mediastream/MediaDevices.cpp: (WebCore::MediaDevices::getSupportedConstraints): Changed to return a struct instead of a reference counted object. * Modules/mediastream/MediaDevices.h: Updated for the above. * Modules/mediastream/MediaDevices.idl: Added a conditional on the dictionary in this file; not needed because the conditional on the interface automatically affects the entire fiel, but for now the style seems to be to put these on all the dictionaries. * Modules/mediastream/MediaSourceSettings.cpp: Removed. * Modules/mediastream/MediaSourceSettings.h: Removed. * Modules/mediastream/MediaStreamTrack.cpp: (WebCore::MediaStreamTrack::getSettings): Changed to return a struct instead of a reference counted object. (WebCore::capabilityDoubleRange): Added. Helper for getCapabilities. (WebCore::capabilityIntRange): Ditto. (WebCore::capabilityStringVector): Ditto. (WebCore::capabilityBooleanVector): Ditto. (WebCore::MediaStreamTrack::getCapabilities): Changed to return a struct instead of a reference counted object. * Modules/mediastream/MediaStreamTrack.h: Updated for the above changes. Also defined the structs here in the class. * Modules/mediastream/MediaStreamTrack.idl: Defined the two dictionaries here and changed the functions to return them and not use [Custom] any more. * Modules/mediastream/MediaTrackConstraints.h: Moved DoubleRange and LongRange out of this file and into their own headers. Also removed the currently unimplemented latency and channelCount; there are FIXME comments in the IDL file about eventually adding these to match the specification. * Modules/mediastream/MediaTrackConstraints.idl: Added conditionals, and removed the unimplemented latency and channelCount. style of marking everything consistently. * Modules/mediastream/MediaTrackSupportedConstraints.h: Replaced this class with a struct. * Modules/mediastream/MediaTrackSupportedConstraints.idl: Replaced this interface with a dictionary. * WebCore.xcodeproj/project.pbxproj: Added and removed files. * bindings/js/JSMediaStreamTrackCustom.cpp: Removed. * bindings/js/JSMediaTrackSupportedConstraintsCustom.cpp: Removed. * platform/mediastream/MediaStreamTrackPrivate.cpp: Removed include of the MediaSourceSettings.h header. * platform/mediastream/MediaStreamTrackPrivate.h: Removed forward declaration of the MediaSourceSettings class. 2016-12-16 Zalan Bujtas <zalan@apple.com> Possible nullptr dereference when applying pagination to viewport https://bugs.webkit.org/show_bug.cgi?id=165926 Reviewed by Simon Fraser. Static analysis found a code path where a null dereference could occur. * page/FrameView.cpp: (WebCore::FrameView::applyPaginationToViewport): 2016-12-16 Ryan Haddad <ryanhaddad@apple.com> Fix the Windows build. Unreviewed build fix. * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp: 2016-12-16 Ryan Haddad <ryanhaddad@apple.com> Yet another attempt to fix the Windows build after r209936. Unreviewed build fix. * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.h: 2016-12-16 Alex Christensen <achristensen@webkit.org> Use initEvent quirk added in r207908 for Flipboard https://bugs.webkit.org/show_bug.cgi?id=165974 <rdar://problem/28264190> Reviewed by Chris Dumez. * dom/Event.cpp: (WebCore::Event::initEventForBindings): * platform/RuntimeApplicationChecks.h: * platform/RuntimeApplicationChecks.mm: (WebCore::IOSApplication::isFlipboard): Flipboard also has JavaScript content that calls initEvent with not enough arguments. 2016-12-16 Chris Dumez <cdumez@apple.com> [iOS] Align HTML from validation popover style with Copy/Paste callout bar https://bugs.webkit.org/show_bug.cgi?id=165973 <rdar://problem/29336638> Reviewed by Simon Fraser. Tweak font size and padding of the HTML from validation popover to match the style of the Copy/Paste callout bar on iOS. * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::ValidationBubble): 2016-12-16 Ryan Haddad <ryanhaddad@apple.com> Another attempt to fix the Windows build after r209936. Unreviewed build fix. * CMakeLists.txt: 2016-12-16 Andy Estes <aestes@apple.com> Add a setting to suppress keyboard input during provisional navigation https://bugs.webkit.org/show_bug.cgi?id=165830 Reviewed by Brent Fulgham. Added a setting that suppresses keyboard input during provisional navigation. When the setting is enabled, DOM propogation of keyboard input events (KeyboardEvents, CompositionEvents, InputEvents, and some TextEvents) is suppressed, and text insertion is disabled in the editor. Non-editing default event handling still occurs, for instance keyboard scrolling, access keys, and focus navigation. Test: http/tests/navigation/keyboard-events-during-provisional-navigation.html * dom/CompositionEvent.h: Added a type trait specialization. * dom/EventDispatcher.cpp: (WebCore::shouldSuppressEventDispatchInDOM): Added. Returns true if the event is trusted, FrameLoader::shouldSuppressKeyboardInput() returns true, and the event is a CompositionEvent, InputEvent, KeyboardEvent, or keyboard/composition TextEvent. (WebCore::EventDispatcher::dispatchEvent): Called stopPropogation() on the event if shouldSuppressEventDispatchInDOM() returns true. * dom/InputEvent.h: Removed the inline no-op destructor so that DataTransfer does not need to be a complete type in every translation unit that includes this header. Added a type trait specialization. * dom/TextEvent.h: Added isKeyboard() to determine if m_inputType is TextEventInputKeyboard. * editing/Editor.cpp: (WebCore::Editor::shouldInsertText): Returned false if FrameLoader::shouldSuppressKeyboardInput() returns true and the action is EditorInsertActionTyped. * loader/FrameLoader.cpp: (WebCore::FrameLoader::shouldSuppressKeyboardInput): Added. Returns true if Settings::shouldSuppressKeyboardInputDuringProvisionalNavigation() returns true and the state is FrameStateProvisional. * loader/FrameLoader.h: Declared shouldSuppressKeyboardInput(). * page/EventHandler.h: Exported accessKeyModifiers(). * page/Settings.in: Defined shouldSuppressKeyboardInputDuringProvisionalNavigation with an initial value of false. * testing/Internals.cpp: (WebCore::Internals::accessKeyModifiers): Added. Returns a vector of strings representing the access key modifiers. * testing/Internals.h: Declared accessKeyModifiers(). * testing/Internals.idl: Exposed accessKeyModifiers() on the internals object. 2016-12-16 Brady Eidson <beidson@apple.com> More SQLiteIDBCursor refactoring. https://bugs.webkit.org/show_bug.cgi?id=165956 Reviewed by Tim Horton. No new tests (No behavior change). This is a simple patch that encapsulates the current state of the cursor in one structure which will allow for storing multiple-such states in the future (to support prefetching). * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::currentData): (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement): (WebCore::IDBServer::SQLiteIDBCursor::advance): (WebCore::IDBServer::SQLiteIDBCursor::advanceUnique): (WebCore::IDBServer::SQLiteIDBCursor::markAsErrored): (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce): (WebCore::IDBServer::SQLiteIDBCursor::iterate): * Modules/indexeddb/server/SQLiteIDBCursor.h: (WebCore::IDBServer::SQLiteIDBCursor::currentRecordRowID): (WebCore::IDBServer::SQLiteIDBCursor::currentKey): (WebCore::IDBServer::SQLiteIDBCursor::currentPrimaryKey): (WebCore::IDBServer::SQLiteIDBCursor::currentValue): (WebCore::IDBServer::SQLiteIDBCursor::didComplete): (WebCore::IDBServer::SQLiteIDBCursor::didError): 2016-12-16 Jer Noble <jer.noble@apple.com> Follow-up build fix after r209936; also rename MockCDM -> LegacyMockCDM in CMakeLists.txt. * CMakeLists.txt: 2016-12-16 Sam Weinig <sam@webkit.org> [Bindings] Remove use of Dictionary/ArrayValue in CDMSessionClearKey https://bugs.webkit.org/show_bug.cgi?id=165961 Reviewed by Darin Adler. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Remove ArrayValue.h/cpp * bindings/js/ArrayValue.cpp: Removed. * bindings/js/ArrayValue.h: Removed. * bindings/js/Dictionary.cpp: * bindings/js/Dictionary.h: Remove support for ArrayValue. * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp: (WebCore::CDMSessionClearKey::update): Replace use of Dictionary/ArrayValue with direct JSObject functions. This should really be replaced with a JSON parser that does not require round tripping through JavaScript objects. 2016-12-13 Jer Noble <jer.noble@apple.com> Move existing CDM* implementations into modules/encryptedmedia/legacy https://bugs.webkit.org/show_bug.cgi?id=165823 Rubber-stamped by Sam Weinig. * Modules/encryptedmedia/legacy/LegacyCDM.cpp: Renamed from Source/WebCore/Modules/encryptedmedia/CDM.cpp. (WebCore::CDMFactory::CDMFactory): (WebCore::installedCDMFactories): (WebCore::CDM::registerCDMFactory): (WebCore::CDMFactoryForKeySystem): (WebCore::CDM::supportsKeySystem): (WebCore::CDM::keySystemSupportsMimeType): (WebCore::CDM::create): (WebCore::CDM::CDM): (WebCore::CDM::~CDM): (WebCore::CDM::supportsMIMEType): (WebCore::CDM::createSession): (WebCore::CDM::mediaPlayer): * Modules/encryptedmedia/legacy/LegacyCDM.h: Renamed from Source/WebCore/Modules/encryptedmedia/CDM.h. (WebCore::CDMClient::~CDMClient): (WebCore::CDM::keySystem): (WebCore::CDM::client): (WebCore::CDM::setClient): * Modules/encryptedmedia/legacy/LegacyCDMPrivate.h: Renamed from Source/WebCore/Modules/encryptedmedia/CDMPrivate.h. (WebCore::CDMPrivateInterface::CDMPrivateInterface): (WebCore::CDMPrivateInterface::~CDMPrivateInterface): * Modules/encryptedmedia/legacy/LegacyCDMPrivateClearKey.cpp: Renamed from Source/WebCore/Modules/encryptedmedia/CDMPrivateClearKey.cpp. (WebCore::CDMPrivateClearKey::supportsKeySystem): (WebCore::CDMPrivateClearKey::supportsKeySystemAndMimeType): (WebCore::CDMPrivateClearKey::supportsMIMEType): (WebCore::CDMPrivateClearKey::createSession): * Modules/encryptedmedia/legacy/LegacyCDMPrivateClearKey.h: Renamed from Source/WebCore/Modules/encryptedmedia/CDMPrivateClearKey.h. (WebCore::CDMPrivateClearKey::CDMPrivateClearKey): (WebCore::CDMPrivateClearKey::~CDMPrivateClearKey): * Modules/encryptedmedia/legacy/LegacyCDMPrivateMediaPlayer.cpp: Renamed from Source/WebCore/Modules/encryptedmedia/CDMPrivateMediaPlayer.cpp. (WebCore::CDMPrivateMediaPlayer::supportsKeySystem): (WebCore::CDMPrivateMediaPlayer::supportsKeySystemAndMimeType): (WebCore::CDMPrivateMediaPlayer::supportsMIMEType): (WebCore::CDMPrivateMediaPlayer::createSession): * Modules/encryptedmedia/legacy/LegacyCDMPrivateMediaPlayer.h: Renamed from Source/WebCore/Modules/encryptedmedia/CDMPrivateMediaPlayer.h. (WebCore::CDMPrivateMediaPlayer::CDMPrivateMediaPlayer): (WebCore::CDMPrivateMediaPlayer::~CDMPrivateMediaPlayer): (WebCore::CDMPrivateMediaPlayer::cdm): * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp: Renamed from Source/WebCore/Modules/encryptedmedia/CDMSessionClearKey.cpp. (WebCore::clearKeyVM): (WebCore::CDMSessionClearKey::CDMSessionClearKey): (WebCore::CDMSessionClearKey::~CDMSessionClearKey): (WebCore::CDMSessionClearKey::generateKeyRequest): (WebCore::CDMSessionClearKey::releaseKeys): (WebCore::CDMSessionClearKey::update): (WebCore::CDMSessionClearKey::cachedKeyForKeyID): * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.h: Renamed from Source/WebCore/Modules/encryptedmedia/CDMSessionClearKey.h. * Modules/encryptedmedia/legacy/WebKitMediaKeySession.h: * Modules/encryptedmedia/legacy/WebKitMediaKeys.h: * WebCore.xcodeproj/project.pbxproj: * platform/graphics/LegacyCDMSession.h: Renamed from Source/WebCore/platform/graphics/CDMSession.h. (WebCore::CDMSessionClient::~CDMSessionClient): (WebCore::CDMSession::CDMSession): (WebCore::CDMSession::~CDMSession): (WebCore::CDMSession::type): (WebCore::CDMSession::cachedKeyForKeyID): * platform/graphics/MediaPlayer.h: * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.h: * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm: * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm: * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.h: * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm: * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm: * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h: * testing/Internals.cpp: * testing/LegacyMockCDM.cpp: Renamed from Source/WebCore/testing/MockCDM.cpp. (WebCore::MockCDMSession::~MockCDMSession): (WebCore::MockCDM::supportsKeySystem): (WebCore::MockCDM::supportsKeySystemAndMimeType): (WebCore::MockCDM::supportsMIMEType): (WebCore::MockCDM::createSession): (WebCore::initDataPrefix): (WebCore::keyPrefix): (WebCore::keyRequest): (WebCore::generateSessionId): (WebCore::MockCDMSession::MockCDMSession): (WebCore::MockCDMSession::generateKeyRequest): (WebCore::MockCDMSession::releaseKeys): (WebCore::MockCDMSession::update): * testing/LegacyMockCDM.h: Renamed from Source/WebCore/testing/MockCDM.h. (WebCore::MockCDM::MockCDM): (WebCore::MockCDM::~MockCDM): 2016-12-16 Andreas Kling <akling@apple.com> Subframes going into page cache don't need to resetScrollbars(). <https://webkit.org/b/163750> <rdar://problem/29273020> Reviewed by Antti Koivisto. The main frame is the only frame that switches its FrameView when using the page cache, subframes just suspend their DOM and wait around to be either killed or restored. Thus there is no reason for subframes to reset their FrameView's scrollbars when going into page cache, since nothing affects them while cached, and their layout should end up identical when restoring. This was causing some flakiness with subframe scrollbars jumping between different sizes in when restoring from page cache in macOS/WK1. This change makes the behavior consistent in both WK1 and WK2, and removes the flakiness. * dom/Document.cpp: (WebCore::Document::setPageCacheState): 2016-12-16 Wenson Hsieh <wenson_hsieh@apple.com> Visual viewports: carets and selection UI are incorrectly positioned when editing fixed elements https://bugs.webkit.org/show_bug.cgi?id=165767 <rdar://problem/29602382> Reviewed by Simon Fraser. When changing the layout viewport override, mark viewport-constrained objects as needing layout. If only the width and height of the old and new layout viewports are compared, EditorState info (namely selection and caret rects) that depends on the document location of fixed elements may be stale immediately after the layout viewport override changes and before layout occurs. This caused one of the tests (fixed-caret-position-after-scroll.html) to occasionally fail. Tests: editing/caret/ios/absolute-caret-position-after-scroll.html editing/caret/ios/fixed-caret-position-after-scroll.html editing/selection/ios/absolute-selection-after-scroll.html editing/selection/ios/fixed-selection-after-scroll.html * page/FrameView.cpp: (WebCore::FrameView::setLayoutViewportOverrideRect): 2016-12-14 Sam Weinig <sam@webkit.org> [ApplePay] Remove remaining custom bindings from the ApplePay code https://bugs.webkit.org/show_bug.cgi?id=165860 Reviewed by Darin Adler. * DerivedSources.make: Add new IDL files. * WebCore.xcodeproj/project.pbxproj: Add/remove files. * bindings/js/JSApplePayPaymentAuthorizedEventCustom.cpp: Removed. * bindings/js/JSApplePayPaymentMethodSelectedEventCustom.cpp: Removed. * bindings/js/JSApplePayShippingContactSelectedEventCustom.cpp: Removed. * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp: Removed. Remove custom bindings. * Modules/applepay/ApplePayLineItem.h: Added. * Modules/applepay/ApplePayLineItem.idl: Added. * Modules/applepay/ApplePayPayment.h: Added. * Modules/applepay/ApplePayPayment.idl: Added. * Modules/applepay/ApplePayPaymentContact.h: Added. * Modules/applepay/ApplePayPaymentContact.idl: Added. * Modules/applepay/ApplePayPaymentMethod.h: Added. * Modules/applepay/ApplePayPaymentMethod.idl: Added. * Modules/applepay/ApplePayPaymentPass.h: Added. * Modules/applepay/ApplePayPaymentPass.idl: Added. * Modules/applepay/ApplePayPaymentRequest.h: Added. * Modules/applepay/ApplePayPaymentRequest.idl: Added. * Modules/applepay/ApplePayShippingMethod.h: Added. * Modules/applepay/ApplePayShippingMethod.idl: Added. Split out dictionaries and enums into separate files where needed. * Modules/applepay/ApplePayPaymentAuthorizedEvent.cpp: (WebCore::ApplePayPaymentAuthorizedEvent::ApplePayPaymentAuthorizedEvent): * Modules/applepay/ApplePayPaymentAuthorizedEvent.h: * Modules/applepay/ApplePayPaymentAuthorizedEvent.idl: Convert the 'payment' property to return an ApplePayPayment dictionary, removing the need for custom bindings. * Modules/applepay/ApplePayPaymentMethodSelectedEvent.cpp: (WebCore::ApplePayPaymentMethodSelectedEvent::ApplePayPaymentMethodSelectedEvent): * Modules/applepay/ApplePayPaymentMethodSelectedEvent.h: * Modules/applepay/ApplePayPaymentMethodSelectedEvent.idl: Convert the 'paymentMethod' property to return an ApplePayPaymentMethod dictionary, removing the need for custom bindings. * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidate): (WebCore::ApplePaySession::create): (WebCore::ApplePaySession::ApplePaySession): (WebCore::ApplePaySession::completeShippingMethodSelection): (WebCore::ApplePaySession::completeShippingContactSelection): (WebCore::ApplePaySession::completePaymentMethodSelection): (WebCore::ApplePaySession::didSelectShippingMethod): * Modules/applepay/ApplePaySession.h: Update for new names, remove need for ExecState in the create function, and simplify billingContact and shippingContact now that they are strongly typed. * Modules/applepay/ApplePaySession.idl: Move dictionaries and enums to their own files. * Modules/applepay/ApplePayShippingContactSelectedEvent.cpp: (WebCore::ApplePayShippingContactSelectedEvent::ApplePayShippingContactSelectedEvent): * Modules/applepay/ApplePayShippingContactSelectedEvent.h: * Modules/applepay/ApplePayShippingContactSelectedEvent.idl: Convert the 'shippingContact' property to return an ApplePayPaymentContact dictionary, removing the need for custom bindings. * Modules/applepay/ApplePayShippingMethodSelectedEvent.cpp: * Modules/applepay/ApplePayShippingMethodSelectedEvent.h: * Modules/applepay/ApplePayShippingMethodSelectedEvent.idl: Convert the 'shippingMethod' property to return an ApplePayShippingMethod dictionary, removing the need for custom bindings. * Modules/applepay/Payment.h: * Modules/applepay/PaymentContact.h: * Modules/applepay/PaymentMethod.h: * Modules/applepay/cocoa/PaymentCocoa.mm: * Modules/applepay/cocoa/PaymentContactCocoa.mm: * Modules/applepay/cocoa/PaymentMethodCocoa.mm: Replace toJS/fromJS functions with ones that convert to/from the associated dictionary type. * bindings/generic/IDLTypes.h: (WebCore::IDLJSON::nullValue): (WebCore::IDLJSON::isNullValue): (WebCore::IDLJSON::extractValueFromNullable): * bindings/js/JSDOMConvert.h: (WebCore::Converter<IDLJSON>::convert): (WebCore::JSConverter<IDLJSON>::convert): Add a new custom type, JSON, which converts from a String to a JS object. * bindings/scripts/CodeGenerator.pm: * bindings/scripts/CodeGeneratorJS.pm: Add support for the new JSON type, and improve scoped naming to allow for enums in dictionary only IDL files. * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp: Update test result for improved scoped naming. 2016-12-16 Zalan Bujtas <zalan@apple.com> Defer certain accessibility callbacks until after layout is finished. https://bugs.webkit.org/show_bug.cgi?id=165861 rdar://problem/29646301 Reviewed by Chris Fleizach. Currently with certain AXObjectCache callbacks, we can end up in a layout while the render tree is being mutated. This patch ensures that such callbacks are deferred until after tree mutation/layout is finished. Test: accessibility/accessibility-crash-with-dynamic-inline-content.html * accessibility/AXObjectCache.cpp: (WebCore::AXObjectCache::remove): (WebCore::AXObjectCache::performDeferredIsIgnoredChange): (WebCore::AXObjectCache::insertDeferredIsIgnoredChange): * accessibility/AXObjectCache.h: * page/FrameView.cpp: (WebCore::FrameView::performPostLayoutTasks): * rendering/RenderBlock.cpp: (WebCore::RenderBlock::deleteLines): * rendering/RenderBlockLineLayout.cpp: (WebCore::RenderBlockFlow::createAndAppendRootInlineBox): 2016-12-16 Ryan Haddad <ryanhaddad@apple.com> Rebaseline bindings tests after r209897. Unreviewed test gardening. * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObj::visitChildren): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterface::visitChildren): 2016-12-15 Brent Fulgham <bfulgham@apple.com> Arguments called in wrong order https://bugs.webkit.org/show_bug.cgi?id=165923 Reviewed by Simon Fraser. Correct the ordering of several function calls. * Modules/mediasource/SourceBuffer.cpp: (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): The 'nearestToPresentationStartTime' argument is being checked for validity, but 'nearestToPresentationEndTime' is being used in the calculation. This seems like a copy/paste error. * page/PrintContext.cpp: (WebCore::PrintContext::outputLinkedDestinations): FloatPoint::expandedTo returns a new object that has been expanded. This code continued using the 'unexpanded' point. * platform/graphics/GraphicsContext3D.cpp: (WebCore::GraphicsContext3D::computeImageSizeInBytes): The 'bytesPerComponent' and 'componentsPerPixel' variables were being passed in the wrong order. * platform/network/CacheValidation.cpp: The 'last-modified' header string was being concatenated with the following string, resulting in an incorrect 'last-modifiedproxy-authenticate' string value. * svg/SVGToOTFFontConversion.cpp: (WebCore::SVGToOTFFontConverter::firstGlyph): The ASSERT was assigning to the (by-value) input parameter 'codePoint', rather than comparing it to the firstGlyph value's codePoint. 2016-12-16 Youenn Fablet <youenn@apple.com> [Fetch API] Improve resource loading console logging https://bugs.webkit.org/show_bug.cgi?id=160546 Reviewed by Alex Christensen. Covered by rebased tests. Adding support for logging of resource loading failures in ThreadableLoader. This will allow doing consistent logging for clients such as fetch, XHR, event source... Doing logging for Fetch API only at the moment in ThreadableLoader. Future patches should migrate XHR to this logging system. Logging routine is implemented in ThreadableLoader. It is used directly by DocumentThreadableLoader before calling didFail client callback. DocumentThreadableLoader has a new option to not log errors, in the case the client is WorkerThreadableLoader::MainBridge. In that case, the logging is done in the worker context within WorkerThreadableLoader::MainBridge::didFail * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Enable logging. (WebCore::DocumentThreadableLoader::create): Passing logging parameter to constructor. (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Adding initialization of logging parameter. (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest): Making use of the new logErrorAndFail helper routine. (WebCore::DocumentThreadableLoader::cancel): No need to log error if it is being cancelled. (WebCore::DocumentThreadableLoader::redirectReceived): Made the reportXX routines methods of DocumentThreadableLoaders and using logErrorAndFail internally. (WebCore::DocumentThreadableLoader::didFail): Wrapper around logErrorAndFail since cancel is not calling it anymore. (WebCore::DocumentThreadableLoader::preflightFailure): (WebCore::DocumentThreadableLoader::loadRequest): (WebCore::DocumentThreadableLoader::reportRedirectionWithBadScheme): (WebCore::DocumentThreadableLoader::reportContentSecurityPolicyError): (WebCore::DocumentThreadableLoader::reportCrossOriginResourceSharingError): (WebCore::DocumentThreadableLoader::logErrorAndFail): (WebCore::reportContentSecurityPolicyError): Deleted. (WebCore::reportCrossOriginResourceSharingError): Deleted. (WebCore::reportRedirectionWithBadScheme): Deleted. * loader/DocumentThreadableLoader.h: * loader/ThreadableLoader.cpp: (WebCore::ThreadableLoader::logError): * loader/ThreadableLoader.h: * loader/ThreadableLoaderClientWrapper.h: (WebCore::ThreadableLoaderClientWrapper::create): (WebCore::ThreadableLoaderClientWrapper::initiator): (WebCore::ThreadableLoaderClientWrapper::ThreadableLoaderClientWrapper): * loader/WorkerThreadableLoader.cpp: (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): (WebCore::WorkerThreadableLoader::MainThreadBridge::didFail): 2016-12-16 Enrique Ocaña González <eocanha@igalia.com> [GStreamer][MSE] Fix build warning in MediaPlayerPrivateGStreamer.cpp using gcc 6.2 https://bugs.webkit.org/show_bug.cgi?id=165900 Reviewed by Žan Doberšek. * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: (WebCore::MediaPlayerPrivateGStreamerMSE::supportsCodecs): Move the variable asignation out of the if condition. 2016-12-16 Romain Bellessort <romain.bellessort@crf.canon.fr> [Readable Streams API] Implement ReadableByteStreamController cancel internal method https://bugs.webkit.org/show_bug.cgi?id=165798 Reviewed by Youenn Fablet. Implemented cancel method of ReadableByteStreamController. Also fixed small inconsistency in readableByteStreamControllerClose. Added one test to check cancel behaviour. More tests may be added as the API is implemented. * Modules/streams/ReadableByteStreamInternals.js: (privateInitializeReadableByteStreamController): Define cancel internal method. (readableByteStreamControllerCancel): Added. (readableByteStreamControllerClose): Fixed behaviour (no value should be dequeued). * bindings/js/WebCoreBuiltinNames.h: Removed bytesFilled (previous addition was not needed). 2016-12-16 Youenn Fablet <youennf@gmail.com> svg/as-image/svg-image-with-data-uri-use-data-uri.svg is flaky after r207754 https://bugs.webkit.org/show_bug.cgi?id=163887 <rdar://problem/29266436> Reviewed by Alex Christensen. Test: http/tests/security/cross-origin-cached-images-with-memory-pressure.html With the introduction of cached resource cloning, an Image may be referenced by several CachedImage. This did not work well with Image observer system as it mandates a one-to-one relationship. Introducing CachedImageObserver to restore the one-to-one relationship between Image and its observer. CachedImageObserver can keep references for more than one CachedImage. In the future, it might be better to split more clearly CachedImageObserver and its API from CachedImage. Or remove the concept of CachedResource cloning and find new ways to provide CachedResource origin information to clients. * loader/cache/CachedImage.cpp: (WebCore::CachedImage::load): Moved boolean image observer fields to CachedImageObserver. (WebCore::CachedImage::setBodyDataFrom): Keeping a reference of the image observer when cloning the resource. (WebCore::CachedImage::createImage): Creating the observer when creating the image. (WebCore::CachedImage::CachedImageObserver::CachedImageObserver): (WebCore::CachedImage::CachedImageObserver::decodedSizeChanged): (WebCore::CachedImage::CachedImageObserver::didDraw): (WebCore::CachedImage::CachedImageObserver::animationAdvanced): (WebCore::CachedImage::CachedImageObserver::changedInRect): (WebCore::CachedImage::clearImage): * loader/cache/CachedImage.h: * loader/cache/CachedResource.cpp: (WebCore::CachedResource::setBodyDataFrom): Now that each cached image receives decodedSizeChanged callback, we need to set its size correctly. 2016-12-15 Joonghun Park <jh718.park@samsung.com> [EFL] Fix debug build break since r209873. Unreviewed. https://bugs.webkit.org/show_bug.cgi?id=165945 No new tests, no new behaviours. Use Primitive System Data Type uint64_t instead of unsigned long long. * Modules/indexeddb/IDBFactory.cpp: (WebCore::IDBFactory::openInternal): * Modules/indexeddb/IDBFactory.h: 2016-12-15 Zalan Bujtas <zalan@apple.com> text-align: justify and word-spacing combine to overflow column https://bugs.webkit.org/show_bug.cgi?id=165796 rdar://problem/29672168 Reviewed by Myles C. Maxfield. The value of the word-spacing property is not applied on the inline-tree boxes (normal line layout) with kerning enabled. It causes hittest failures and selection/rendering glitches. We normally use the pre-computed 'WordMeasurements' values to figure out the run widths. However with kerning on, in some cases we need to re-measure a certain part of the text by calling RenderText::width(). This function omits the word-spacing value for leading whitespace, so when this text fragment starts with a whitespace, (while it's not at the beginning of the run) we have to manually add the word-spacing value back. r146087 added this logic with the restriction of applying it only to whitespace-only runs. Test: fast/css/word-spacing-with-normal-layout.html * rendering/RenderBlockLineLayout.cpp: (WebCore::setLogicalWidthForTextRun): 2016-12-15 Myles C. Maxfield <mmaxfield@apple.com> Stop reinterpret_casting UBreakIterators to the undefined type TextBreakIterator https://bugs.webkit.org/show_bug.cgi?id=165931 Reviewed by Alex Christensen. No new tests because there is no behavior change. * dom/CharacterData.cpp: (WebCore::CharacterData::parserAppendData): * editing/TextCheckingHelper.cpp: (WebCore::findMisspellings): * editing/VisibleUnits.cpp: (WebCore::wordBreakIteratorForMinOffsetBoundary): (WebCore::wordBreakIteratorForMaxOffsetBoundary): (WebCore::isLogicalStartOfWord): (WebCore::islogicalEndOfWord): (WebCore::visualWordPosition): (WebCore::startSentenceBoundary): (WebCore::endSentenceBoundary): (WebCore::previousSentencePositionBoundary): (WebCore::nextSentencePositionBoundary): * html/HTMLInputElement.cpp: * html/HTMLTextAreaElement.cpp: * html/InputType.cpp: * html/TextFieldInputType.cpp: * html/TextInputType.cpp: * platform/graphics/StringTruncator.cpp: (WebCore::textBreakAtOrPreceding): (WebCore::boundedTextBreakFollowing): (WebCore::rightClipToWordBuffer): * platform/graphics/mac/ComplexTextController.cpp: (WebCore::ComplexTextController::offsetForPosition): * platform/text/TextBoundaries.cpp: (WebCore::findNextWordFromIndex): (WebCore::findWordBoundary): (WebCore::findEndWordBoundary): * platform/text/mac/TextBoundaries.mm: (WebCore::findNextWordFromIndex): * rendering/BreakLines.h: (WebCore::nextBreakablePositionNonLoosely): (WebCore::nextBreakablePositionLoosely): * rendering/RenderBlock.cpp: * rendering/RenderText.cpp: (WebCore::makeCapitalized): (WebCore::RenderText::previousOffset): (WebCore::RenderText::previousOffsetForBackwardDeletion): (WebCore::RenderText::nextOffset): * rendering/SimpleLineLayoutTextFragmentIterator.h: * rendering/line/LineBreaker.h: 2016-12-15 Darin Adler <darin@apple.com> Use asString instead of toWTFString, toString, or getString when we already checked isString https://bugs.webkit.org/show_bug.cgi?id=165895 Reviewed by Yusuke Suzuki. * Modules/fetch/FetchBody.cpp: (WebCore::FetchBody::extract): Use asString/value instead of toWTFString. * Modules/mediastream/SDPProcessor.cpp: (WebCore::SDPProcessor::callScript): Use asString/value instead of getString. * bindings/js/ArrayValue.cpp: (WebCore::ArrayValue::get): Use asString/value instead of toWTFString. * bindings/js/IDBBindingUtilities.cpp: (WebCore::get): Use asString/length instead of toString/length. (WebCore::createIDBKeyFromValue): Use asString/value instead of toWTFString. * bindings/js/JSCryptoAlgorithmDictionary.cpp: (WebCore::JSCryptoAlgorithmDictionary::getAlgorithmIdentifier): Ditto. * bindings/js/JSDataCueCustom.cpp: (WebCore::constructJSDataCue): Use asString/value instead of getString. * bindings/js/JSInspectorFrontendHostCustom.cpp: (WebCore::populateContextMenuItems): Use asString/value instead of toWTFString. * bindings/js/ScriptController.cpp: (WebCore::jsValueToModuleKey): Use asString/toIdentifier instead of jsCast<JSString*>/value/Identifier::fromString. * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::dumpIfTerminal): Streamline by getting rid of local variable. * contentextensions/ContentExtensionParser.cpp: (WebCore::ContentExtensions::getDomainList): Use asString instead of jsCast<JSString*>. (WebCore::ContentExtensions::loadTrigger): Use asString/value instead of toWTFString. (WebCore::ContentExtensions::loadAction): Ditto. * css/FontFace.cpp: (WebCore::FontFace::create): Use asString/value instead of getString. 2016-12-15 Zalan Bujtas <zalan@apple.com> Change ::computeLogicalHeight's computedValues out argument to the return value. https://bugs.webkit.org/show_bug.cgi?id=165789 Reviewed by Simon Fraser. No change in functionality. * html/shadow/SliderThumbElement.cpp: (WebCore::RenderSliderContainer::computeLogicalHeight): * html/shadow/mac/ImageControlsButtonElementMac.cpp: (WebCore::RenderImageControlsButton::computeLogicalHeight): * html/shadow/mac/ImageControlsRootElementMac.cpp: (WebCore::RenderImageControls::computeLogicalHeight): * rendering/RenderBlock.cpp: (WebCore::RenderBlock::computeBlockPreferredLogicalWidths): (WebCore::RenderBlock::estimateRegionRangeForBoxChild): * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange): * rendering/RenderBox.cpp: (WebCore::RenderBox::updateLogicalHeight): (WebCore::RenderBox::computeLogicalHeight): (WebCore::RenderBox::computePercentageLogicalHeight): (WebCore::RenderBox::computeReplacedLogicalHeightUsing): (WebCore::RenderBox::availableLogicalHeightUsing): * rendering/RenderBox.h: (WebCore::RenderBox::ComputedMarginValues::ComputedMarginValues): Deleted. (WebCore::RenderBox::LogicalExtentComputedValues::LogicalExtentComputedValues): Deleted. * rendering/RenderFlexibleBox.cpp: (WebCore::RenderFlexibleBox::mainAxisContentExtent): * rendering/RenderFlowThread.cpp: (WebCore::RenderFlowThread::computeLogicalHeight): * rendering/RenderFlowThread.h: * rendering/RenderListBox.cpp: (WebCore::RenderListBox::computeLogicalHeight): * rendering/RenderListBox.h: * rendering/RenderMeter.cpp: (WebCore::RenderMeter::computeLogicalHeight): * rendering/RenderMeter.h: * rendering/RenderMultiColumnFlowThread.cpp: (WebCore::RenderMultiColumnFlowThread::computeLogicalHeight): * rendering/RenderMultiColumnFlowThread.h: * rendering/RenderMultiColumnSet.cpp: (WebCore::RenderMultiColumnSet::computeLogicalHeight): * rendering/RenderMultiColumnSet.h: * rendering/RenderProgress.cpp: (WebCore::RenderProgress::computeLogicalHeight): * rendering/RenderProgress.h: * rendering/RenderTextControl.cpp: (WebCore::RenderTextControl::computeLogicalHeight): * rendering/RenderTextControl.h: * rendering/RenderView.cpp: (WebCore::RenderView::computeLogicalHeight): * rendering/RenderView.h: * rendering/svg/RenderSVGForeignObject.cpp: (WebCore::RenderSVGForeignObject::computeLogicalHeight): * rendering/svg/RenderSVGForeignObject.h: 2016-12-15 Chris Dumez <cdumez@apple.com> Make sure HTML validation bubble's state is updated after layout https://bugs.webkit.org/show_bug.cgi?id=165922 <rdar://problem/29694730> Reviewed by Simon Fraser. Make sure HTML validation bubble's state is updated after layout. In particular, if the validation bubble's associated element has moved or is no longer visible, we now hide the bubble. Tests: fast/forms/validation-bubble-disappears-when-input-detached.html fast/forms/validation-bubble-disappears-when-input-moved.html fast/forms/validation-bubble-disappears-when-input-no-longer-visible.html * page/FrameView.cpp: (WebCore::FrameView::viewportContentsChanged): * page/Page.cpp: (WebCore::Page::updateValidationBubbleStateIfNeeded): * page/Page.h: * page/ValidationMessageClient.h: 2016-12-15 Sam Weinig <sam@webkit.org> [WebIDL] Remove use of Dictionary from JSCryptoAlgorithmDictionary https://bugs.webkit.org/show_bug.cgi?id=165919 Reviewed by Darin Adler. * bindings/js/JSCryptoAlgorithmDictionary.cpp: * bindings/js/JSCryptoAlgorithmDictionary.h: * bindings/js/JSCryptoOperationData.cpp: * bindings/js/JSCryptoOperationData.h: * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Replace simplistic use of Dictionary with simplistic use of direct JSObject functions. Also, pass the ExecState by reference. 2016-12-15 Filip Pizlo <fpizlo@apple.com> Get rid of HeapRootVisitor and make SlotVisitor less painful to use https://bugs.webkit.org/show_bug.cgi?id=165911 Reviewed by Geoffrey Garen. No new tests because no new behavior. This updates WebCore code to new JSC API. * bindings/js/JSDOMBinding.cpp: (WebCore::DOMConstructorJSBuiltinObject::visitChildren): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMPromise.h: (WebCore::DeferredPromise::visitAggregate): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::visitJSFunction): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::visitChildren): * bindings/scripts/CodeGeneratorJS.pm: (GenerateImplementation): 2016-12-15 Myles C. Maxfield <mmaxfield@apple.com> Sort Xcode project files https://bugs.webkit.org/show_bug.cgi?id=165937 Reviewed by Simon Fraser. No new tests because there is no behavior change. * WebCore.xcodeproj/project.pbxproj: 2016-12-15 Chris Dumez <cdumez@apple.com> Move charCode / keyCode / which attributes from UIEvent to KeyboardEvent https://bugs.webkit.org/show_bug.cgi?id=165904 Reviewed by Sam Weinig. Move 'charCode' / 'keyCode' attributes from UIEvent to KeyboardEvent and add 'which' to KeyboardEvent to match the specification: - https://w3c.github.io/uievents/#legacy-interface-KeyboardEvent We keep a 'which' attribute on UIEvent even though the specification does not say we should because Firefox and Chrome have 'which' on UIEvent still. Specification: - 'charCode' / 'keyCode' / 'which' on KeyboardEvent only Firefox: - 'charCode' / 'keyCode' on KeyboardEvent only - 'which' on UIEvent only Chrome: - 'charCode' / 'keyCode' / 'which' on KeyboardEvent - 'which' on UIEvent as well Old WebKit behavior: - 'charCode' / 'keyCode' / 'which' on UIEvent only New WebKit behavior: - 'charCode' / 'keyCode' / 'which' on KeyboardEvent - 'which' on UIEvent as well Our new behavior is identical to Chrome, much closer to the specification, and closer to Firefox as well. No new tests, updated / rebaselined existing tests. * dom/KeyboardEvent.cpp: (WebCore::KeyboardEvent::KeyboardEvent): (WebCore::KeyboardEvent::keyCode): (WebCore::KeyboardEvent::charCode): (WebCore::KeyboardEvent::which): * dom/KeyboardEvent.h: * dom/KeyboardEvent.idl: * dom/MouseEvent.cpp: (WebCore::MouseEvent::which): * dom/UIEvent.cpp: * dom/UIEvent.h: * dom/UIEvent.idl: 2016-12-15 Brady Eidson <beidson@apple.com> IndexedDB: Add an "IDBCursorRecord" struct. https://bugs.webkit.org/show_bug.cgi?id=165929 Reviewed by Alex Christensen. No new tests (Refactor, no behavior change). * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::currentData): (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement): (WebCore::IDBServer::SQLiteIDBCursor::advanceUnique): (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce): (WebCore::IDBServer::SQLiteIDBCursor::iterate): * Modules/indexeddb/server/SQLiteIDBCursor.h: (WebCore::IDBServer::SQLiteIDBCursor::currentKey): (WebCore::IDBServer::SQLiteIDBCursor::currentPrimaryKey): (WebCore::IDBServer::SQLiteIDBCursor::currentValue): * Modules/indexeddb/shared/IDBCursorRecord.h: Added. (WebCore::IDBCursorRecord::encode): (WebCore::IDBCursorRecord::decode): * WebCore.xcodeproj/project.pbxproj: 2016-12-15 Keith Rollin <krollin@apple.com> Refactor Document::suspend/resume https://bugs.webkit.org/show_bug.cgi?id=165921 Reviewed by Chris Dumez. Update Document::suspend to call Document::suspendScheduledTasks rather than duplicating the latter's code within itself. Similar treatment of Document::resume and Document::resumeScheduledTasks. No new tests -- no new functionality, just refactoring existing code. * dom/Document.cpp: (WebCore::Document::suspend): (WebCore::Document::resume): 2016-12-15 Alex Christensen <achristensen@webkit.org> Remove flex and bison build dependencies; commit generated XPath parser https://bugs.webkit.org/show_bug.cgi?id=165783 Reviewed by Brent Fulgham. flex and bison are annoying to install and use, especially on Windows. Since only XPathGrammar uses them and that's not actively developed, let's just check in the one generated file and make building WebKit easier forever! * CMakeLists.txt: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * css/makegrammar.pl: Removed. * xml/XPathGrammar.cpp: Added. (xpathyylex): (xpathyyerror): (yysyntax_error): * xml/XPathGrammar.h: Added. * xml/XPathGrammar.y: Rename TEXT to TEXT_ to fix a build error on Windows. TEXT is already defined. 2016-12-15 Brady Eidson <beidson@apple.com> Enhance some of the logging statements just added for IndexedDB Operation scheduling. Rubberstamped by Tim Horton. No new tests (No behavior change). * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::iterateCursor): (WebCore::IDBTransaction::requestGetRecord): (WebCore::IDBTransaction::requestIndexRecord): (WebCore::IDBTransaction::requestPutOrAdd): * Modules/indexeddb/shared/IDBCursorInfo.cpp: (WebCore::IDBCursorInfo::loggingString): * Modules/indexeddb/shared/IDBIterateCursorData.cpp: (WebCore::IDBIterateCursorData::loggingString): 2016-12-15 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] Implement font-synthesis: small-caps https://bugs.webkit.org/show_bug.cgi?id=165892 Reviewed by David Hyatt. The CSS Fonts level 4 spec adds a new value to the "font-synthesis" property which controls whether or not small-caps is allowed to be synthesized. Luckily, we already have an implementation of this straightforward, so the implementation is quite simple. Tests: css3/font-synthesis-small-caps.html fast/text/font-synthesis-parsing.html * css/CSSComputedStyleDeclaration.cpp: (WebCore::fontSynthesisFromStyle): * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertFontSynthesis): * css/parser/CSSPropertyParser.cpp: (WebCore::consumeFontSynthesis): * platform/graphics/FontCache.h: (WebCore::FontDescriptionKey::makeFlagsKey): * platform/graphics/FontDescription.cpp: (WebCore::FontDescription::FontDescription): * platform/graphics/FontDescription.h: (WebCore::FontCascadeDescription::initialFontSynthesis): * platform/graphics/mac/ComplexTextController.cpp: (WebCore::shouldSynthesize): (WebCore::ComplexTextController::collectComplexTextRuns): 2016-12-15 Brady Eidson <beidson@apple.com> Add a new Logging Channel for IndexedDB Operation scheduling. https://bugs.webkit.org/show_bug.cgi?id=165912 Reviewed by Alex Christensen. No new tests (No behavior change). * Modules/indexeddb/IDBDatabase.cpp: (WebCore::IDBDatabase::transaction): * Modules/indexeddb/IDBFactory.cpp: (WebCore::IDBFactory::openInternal): (WebCore::IDBFactory::deleteDatabase): * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::internalAbort): (WebCore::IDBTransaction::commit): (WebCore::IDBTransaction::createObjectStore): (WebCore::IDBTransaction::renameObjectStore): (WebCore::IDBTransaction::createIndex): (WebCore::IDBTransaction::renameIndex): (WebCore::IDBTransaction::doRequestOpenCursor): (WebCore::IDBTransaction::iterateCursor): (WebCore::IDBTransaction::requestGetAllObjectStoreRecords): (WebCore::IDBTransaction::requestGetAllIndexRecords): (WebCore::IDBTransaction::requestGetRecord): (WebCore::IDBTransaction::requestIndexRecord): (WebCore::IDBTransaction::requestCount): (WebCore::IDBTransaction::requestDeleteRecord): (WebCore::IDBTransaction::requestClearObjectStore): (WebCore::IDBTransaction::requestPutOrAdd): (WebCore::IDBTransaction::deleteObjectStore): (WebCore::IDBTransaction::deleteIndex): * Modules/indexeddb/shared/IDBCursorInfo.cpp: (WebCore::IDBCursorInfo::loggingString): * Modules/indexeddb/shared/IDBCursorInfo.h: * Modules/indexeddb/shared/IDBGetAllRecordsData.cpp: (WebCore::IDBGetAllRecordsData::loggingString): * Modules/indexeddb/shared/IDBGetAllRecordsData.h: * Modules/indexeddb/shared/IDBGetRecordData.cpp: (WebCore::IDBGetRecordData::loggingString): * Modules/indexeddb/shared/IDBGetRecordData.h: * Modules/indexeddb/shared/IDBIndexInfo.cpp: (WebCore::IDBIndexInfo::condensedLoggingString): * Modules/indexeddb/shared/IDBIndexInfo.h: * Modules/indexeddb/shared/IDBIterateCursorData.cpp: (WebCore::IDBIterateCursorData::loggingString): * Modules/indexeddb/shared/IDBIterateCursorData.h: * Modules/indexeddb/shared/IDBObjectStoreInfo.cpp: (WebCore::IDBObjectStoreInfo::condensedLoggingString): * Modules/indexeddb/shared/IDBObjectStoreInfo.h: * platform/Logging.h: 2016-12-15 Konstantin Tokarev <annulen@yandex.ru> Added missing override and final specifiers https://bugs.webkit.org/show_bug.cgi?id=165903 Reviewed by Darin Adler. No new tests needed. * Modules/mediastream/OverconstrainedErrorEvent.h: * bindings/js/JSCallbackData.h: * bindings/js/JSCustomXPathNSResolver.h: * bindings/js/JSErrorHandler.h: * css/StyleRuleImport.h: * dom/SecurityPolicyViolationEvent.h: * editing/CreateLinkCommand.h: * editing/DeleteSelectionCommand.h: * editing/DictationCommand.h: * editing/Editor.cpp: * editing/FormatBlockCommand.h: * editing/IndentOutdentCommand.h: * editing/InsertLineBreakCommand.h: * editing/InsertParagraphSeparatorCommand.h: * editing/ModifySelectionListLevel.h: * editing/MoveSelectionCommand.h: * editing/RemoveFormatCommand.h: * editing/RemoveNodePreservingChildrenCommand.h: * editing/ReplaceSelectionCommand.h: * editing/SimplifyMarkupCommand.h: * editing/SplitTextNodeContainingElementCommand.h: * editing/UnlinkCommand.h: * fileapi/FileReaderLoader.h: * html/canvas/ANGLEInstancedArrays.h: * html/canvas/WebGLVertexArrayObjectBase.h: * loader/SinkDocument.h: * loader/archive/mhtml/MHTMLArchive.h: * page/animation/CSSPropertyAnimation.cpp: * platform/audio/MultiChannelResampler.cpp: * platform/audio/SincResampler.cpp: * platform/audio/gstreamer/AudioDestinationGStreamer.h: * platform/audio/gstreamer/AudioSourceProviderGStreamer.h: * platform/graphics/TextTrackRepresentation.cpp: * platform/graphics/displaylists/DisplayListItems.h: * platform/graphics/filters/FEBlend.h: * platform/graphics/filters/FEColorMatrix.h: * platform/graphics/filters/FEComponentTransfer.h: * platform/graphics/filters/FEConvolveMatrix.h: * platform/graphics/filters/FEDiffuseLighting.h: * platform/graphics/filters/FEDropShadow.h: * platform/graphics/filters/FEGaussianBlur.h: * platform/graphics/filters/FELighting.h: * platform/graphics/filters/FEMerge.h: * platform/graphics/filters/FEMorphology.h: * platform/graphics/filters/FEOffset.h: * platform/graphics/filters/FESpecularLighting.h: * platform/graphics/filters/FETile.h: * platform/graphics/filters/FETurbulence.h: * platform/graphics/filters/SourceAlpha.h: * platform/graphics/filters/SourceGraphic.h: * platform/graphics/opengl/Extensions3DOpenGL.h: * platform/graphics/opengl/Extensions3DOpenGLCommon.h: * platform/graphics/texmap/TextureMapperBackingStore.h: * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h: * platform/mock/GeolocationClientMock.h: * platform/text/TextCodecICU.h: * platform/text/TextCodecLatin1.h: * platform/text/TextCodecUTF16.h: * platform/text/TextCodecUTF8.h: * platform/text/TextCodecUserDefined.h: * rendering/RenderFullScreen.cpp: * storage/StorageEvent.h: * svg/properties/SVGListProperty.h: * svg/properties/SVGStaticListPropertyTearOff.h: * svg/properties/SVGStaticPropertyTearOff.h: * xml/NativeXPathNSResolver.h: * xml/XMLHttpRequestProgressEvent.h: * xml/XMLHttpRequestProgressEventThrottle.h: * xml/XPathVariableReference.h: * xml/XSLImportRule.h: 2016-12-15 Chris Dumez <cdumez@apple.com> Inline Document::existingAXObjectCache() https://bugs.webkit.org/show_bug.cgi?id=165906 Reviewed by Darin Adler. Inline Document::existingAXObjectCache() to avoid paying function call cost in the common case where AX is disabled. * dom/Document.cpp: (WebCore::Document::existingAXObjectCacheSlow): (WebCore::Document::existingAXObjectCache): Deleted. * dom/Document.h: (WebCore::Document::existingAXObjectCache): 2016-12-15 Ryan Haddad <ryanhaddad@apple.com> Rebaseline bindings tests after r209864. Unreviewed test gardening. * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp: (WebCore::convertDictionary<DictionaryImplName>): 2016-12-15 Andreas Kling <akling@apple.com> Always clear RenderLayer backing stores when going into page cache. <https://webkit.org/b/165901> Reviewed by Simon Fraser. We were already doing this for the iOS and GTK+ ports, let's do it everywhere for consistency, and a bit of memory usage improvement. This patch just removes the setting and always calls FrameView::clearBackingStores() when there is composited content going into page cache. * history/CachedFrame.cpp: (WebCore::CachedFrame::CachedFrame): * history/PageCache.h: (WebCore::PageCache::shouldClearBackingStores): Deleted. (WebCore::PageCache::setShouldClearBackingStores): Deleted. 2016-12-15 Darin Adler <darin@apple.com> Remove custom binding for MediaDevices https://bugs.webkit.org/show_bug.cgi?id=165894 Reviewed by Eric Carlson. Removes the explicit code to parse the MediaStreamConstraints and MediaTrackConstraints. Next step could be to change the internal code to use the structs from bindings directly so we don't need code to convert to an internal format. * CMakeLists.txt: Added MediaTrackConstraints.idl and MediaTrackConstraints.cpp, removed JSMediaDevicesCustom.cpp. * DerivedSources.make: Added MediaTrackConstraints.idl. Also sorted list of IDL files and fixed use of tabs. * Modules/mediastream/MediaDevices.cpp: (WebCore::createMediaConstraintsImpl): Added. (WebCore::MediaDevices::getUserMedia): Changed this function to take arguments that are generated by the bindings script, and call createMediaConstraintsImpl to convert into the internal data structure. * Modules/mediastream/MediaDevices.h: Added StreamConstraints struct and changed getUserMedia to take that as specified in the IDL. * Modules/mediastream/MediaDevices.idl: Added definition of the MediaStreamConstraints dictionary. Removed [Custom] from getUserMedia. * Modules/mediastream/MediaStream.cpp: (WebCore::MediaStream::MediaStream): Pass a reference to addObserver. (WebCore::MediaStream::~MediaStream): Pass a rference to removeObserver. (WebCore::MediaStream::internalAddTrack): Ditto. (WebCore::MediaStream::internalRemoveTrack): Ditto. * Modules/mediastream/MediaStreamTrack.cpp: (WebCore::createMediaConstraintsImpl): Added. (WebCore::MediaStreamTrack::applyConstraints): Changed to take an optional MediaTrackConstraints argument and call createMediaConstraintsImpl to convert into the internal data structure. Also merged the multiple overloads of this all into a single function, used auto to make the code easier to read, and moved the code that stores new constrains into the success handling, since the specification says that's the only case where we should store it. (WebCore::MediaStreamTrack::addObserver): Take a reference instead of a pointer. (WebCore::MediaStreamTrack::removeObserver): Ditto. * Modules/mediastream/MediaStreamTrack.h: Removed many unneeded includes. Changed getConstraints to return const MediaTrackConstraints&, applyConstraints to take an optional MediaTrackConstraints, add/removeObserver to take a reference rather than a pointer, and changed m_constraints to be a MediaTrackConstraints instead of a RefPtr<MediaConstraints>. * Modules/mediastream/MediaStreamTrack.idl: Removed [Custom] from getConstraints and applyConstraints. * Modules/mediastream/MediaTrackConstraints.cpp: Added. (WebCore::set): Overloaded function to set constriaints in a MediaTrackConstraintSetMap. (WebCore::convertToInternalForm): Helper function that takes a MediaTrackConstraintSet and turns it into a MediaTrackConstraintSetMap. (WebCore::convertAdvancedToInternalForm): More of the same, but for vectors. (WebCore::createMediaConstraintsImpl): Top level function. Calls the other functions and then MediaConstraintsImpl::create. * Modules/mediastream/MediaTrackConstraints.h: Added. Contains all the structures and type definitions for the dictionaries defined in the IDL file, and also the createMediaConstraintsImpl function declaration. * Modules/mediastream/MediaTrackConstraints.idl: Added. Contains the MediaTrackConstraints and all the other dictionaries and typedefs that are needed to define that dictionary. * Modules/mediastream/UserMediaRequest.cpp: (WebCore::UserMediaRequest::start): Changed to not depend on MediaDevices::Promise. (WebCore::UserMediaRequest::UserMediaRequest): Ditto. (WebCore::isSecure): Rearranged to be easier to understand. (WebCore::UserMediaRequest::start): Removed a local variable for simplicity. (WebCore::UserMediaRequest::document): Removed a redundant null check. * Modules/mediastream/UserMediaRequest.h: Reduced includes, changed to not depend on MediaDevices::Promise, removing the reason to include MediaDevices.h. * WebCore.xcodeproj/project.pbxproj: Updated to remove old files and add new ones. * bindings/js/JSBindingsAllInOne.cpp: Removed JSMediaDevicesCustom.cpp. * bindings/js/JSMediaDevicesCustom.cpp: Removed. * bindings/js/JSMediaDevicesCustom.h: Removed. * bindings/js/JSMediaStreamTrackCustom.cpp: (WebCore::JSMediaStreamTrack::applyConstraints): Deleted. (WebCore::JSMediaStreamTrack::getConstraints): Deleted. * bindings/scripts/CodeGenerator.pm: (ProcessDocument): Updated to allow multiple standalone dictionaries, as long as the name of one of the dictionaries matches the name of the file. * bindings/scripts/CodeGeneratorJS.pm: (GenerateDictionary): Added "other dictionaries" argument so we can support files with multiple dictionaries in them. (GenerateDictionariesHeaderContent): Completed support for dictionaries that are not named after a top level interface by added one more check for a missing $interface in a place that otherwise would not handle it correctly. (GenerateImplementation): Removed code that set $currentCachedAttribute and $cacheIndex, since no was reading the value of either any longer. (GenerateDictionaryHeader): Added "other dictionaries". (GenerateDictionaryImplementation): Ditto. (WriteData): Removed unnnecessarily indirect code that was using FileNamePrefix and a local variable named $prefix instead of just writing "JS". * bindings/scripts/generate-bindings.pl: Corrected the use of the fileparse function from the Path::Basename module; after reading the documentation for this it is clear that there is no need to first call basename, and fileparse should also be used instead of basename. * platform/mediastream/MediaConstraints.h: Removed unneeded includes. (WebCore::StringConstraint::appendExact): Removed an incorrect use of clear here that would mess up cases where there is supposed to be more than one exact value. * platform/mediastream/MediaStreamTrackPrivate.cpp: Remvoed unneeded includes. (WebCore::MediaStreamTrackPrivate::clone): Removed code to copy m_constraints. (WebCore::MediaStreamTrackPrivate::constraints): Deleted. * platform/mediastream/MediaStreamTrackPrivate.h: Removed the constraints function member and the m_constraints data member. 2016-12-15 Dave Hyatt <hyatt@apple.com> [CSS Parser] Enable CSS Deferred Parsing https://bugs.webkit.org/show_bug.cgi?id=165869 Reviewed by Sam Weinig. Enable CSS deferred parsing once again. It's now behind a pref, so it's easy to flip off and on. To address the memory regression that caused the previous rollout, the tokenizer is no longer retained. Instead the sheet text and escaped strings are retained by CSSDeferredParser, and then DeferredStyleProperties and DeferredStyleGroupRuleList make copies of the tokens from the original tokenization process. As the rules get parsed, these tokens get thrown away. This means that instead of the entire set of tokens staying in memory as long as even one unparsed rule remained, now only the tokens that still need parsing will remain alive. Unparsed rules will consume slightly more memory than parsed rules, but the more unparsed rules you have, the bigger the performance win as well, so this is a tradeoff. Given that the parsing speed is going up by anywhere from 25-40% on cold loads of pages (where all stylesheets have to parse), this seems worth it to me. * css/parser/CSSParserMode.h: * page/Settings.in: 2016-12-15 Alejandro G. Castro <alex@igalia.com> [OWR] Unskip fast/mediastream/MediaStream-video-element-track-stop.html https://bugs.webkit.org/show_bug.cgi?id=165316 Reviewed by Philippe Normand. Fixed the ended support of the video element in the OWR player and fixed the videoTracks support. Now the OW player properly adds and removes the audio and video tracks. Added the getSettings support to the mediastream interface. Solved also the size handling in some of the enable/muted situations. Unskipping fast/mediastream/MediaStream-video-element-track-stop.html. * platform/GStreamer.cmake: Added the new RealtimeMediaSourceOwr.cpp with the new code handling the settings. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr): Release the new video and audio maps that creates a relationship of the mediastream tracks with the mediatracks of the video element. (WebCore::MediaPlayerPrivateGStreamerOwr::play): Set ended to false when we start playing. (WebCore::MediaPlayerPrivateGStreamerOwr::load): Create the media tracks to the player so that the videoTracks API returns it, and add an entry in the map to be able to restore it using the mediastream track. (WebCore::MediaPlayerPrivateGStreamerOwr::disableMediaTracks): Move some part of the stop function to this one in order to use it in pause method and avoid changing the video selection in that case. (WebCore::MediaPlayerPrivateGStreamerOwr::stop): Now we call the function disableMediaTracks and we also change teh selected videoTrack. (WebCore::MediaPlayerPrivateGStreamerOwr::trackEnded): For videoTrack reset the size and the selected element. In case there is no media playing we Make sure we set the ended variable to true and call the timeChange to modify the state of the player. (WebCore::MediaPlayerPrivateGStreamerOwr::trackEnabledChanged): Handle properly the situation when the user changed the enabled value, we disable the media. (WebCore::MediaPlayerPrivateGStreamerOwr::setSize): Modify the size of the source. (WebCore::MediaPlayerPrivateGStreamerOwr::naturalSize): Overrided to make sure we return a size even when the sample is not ready for gst. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added the ended attribute and the maps. * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp: (WebCore::MediaEndpointOwr::createMutedRemoteSource): Use the new realtime video and audio sources classes, this new classes implement the settings of each type of media element. * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp: (WebCore::RealtimeMediaSourceCenterOwr::mediaSourcesAvailable): Use the new audio and video source classes instead of the general one in order to handle the settings properly. * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.cpp: Added (WebCore::RealtimeMediaSourceOwr::settings): Initialize using the subclass and return the new currentSettings attribute. (WebCore::RealtimeMediaSourceOwr::supportedConstraints): Call the subclass initialization of the supportedSettings. * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h: (WebCore::RealtimeMediaSourceOwr::initializeSettings): Added to initialize the settings before returning the value. Implemented in the subclass. (WebCore::RealtimeMediaSourceOwr::initializeSupportedConstraints): Added to initialize the supported settings of the media. Implemented in the subclass. (WebCore::RealtimeMediaSourceOwr::settings): Moved to the cpp file, implemented using the initialize functions of the subclass * platform/mediastream/openwebrtc/RealtimeVideoSourceOwr.h: Added this new class to handle the settings of the video elements. The class initializes the settings and the supportedSettings. * platform/mediastream/openwebrtc/RealtimeAudioSourceOwr.h: Added this new class to handle the settings of the audio elements. The class initializes the settings and the supportedSettings. 2016-12-15 Alex Christensen <achristensen@webkit.org> REGRESSION (r208902) Null pointer dereference in wkIsPublicSuffix https://bugs.webkit.org/show_bug.cgi?id=165885 <rdar://problem/29476917> Reviewed by Darin Adler. wkIsPublicSuffix crashes if you give it a nil NSString*. This was possible before IDN2008 adoption, but it's more common now because domains like "r4---asdf.example.com" fail in uidna_nameToASCII but not in uidna_IDNToASCII. decodeHostName can return a nil NSString. We can't use it unchecked, so instead we use an algorithm that allows for decoding failures while still finding top privately controlled domains correctly. Tested by new API tests which crash before this change and verify the behavior matches behavior before r208902. * platform/mac/PublicSuffixMac.mm: (WebCore::isPublicSuffix): (WebCore::topPrivatelyControlledDomain): 2016-12-15 Alex Christensen <achristensen@webkit.org> Fix Windows WebGL build after r209832 * CMakeLists.txt: 2016-12-14 Hunseop Jeong <hs85.jeong@samsung.com> Unreviewed build fix after r209832 * platform/graphics/PlatformDisplay.cpp: (WebCore::PlatformDisplay::sharedDisplay): Added the guard for the clang 2016-12-14 Yusuke Suzuki <utatane.tea@gmail.com> [GTK] Support latest SubtleCrypto HMAC APIs https://bugs.webkit.org/show_bug.cgi?id=165863 Reviewed by Sam Weinig. SubtleCrypto spec is updated, and new delegate implementations are required to support these interfaces. This patch implements platformSign and platformVerify with WorkQueues for gcrypt backend. * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp: (WebCore::calculateSignature): (WebCore::CryptoAlgorithmHMAC::platformSign): (WebCore::CryptoAlgorithmHMAC::platformVerify): 2016-12-14 Chris Dumez <cdumez@apple.com> Unreviewed, rolling out r209415. This workaround is no longer needed now that <rdar://problem/29518605> has been fixed Reverted changeset: "Add HTML interactive form validation blacklist for some WebKit-specific sites" https://bugs.webkit.org/show_bug.cgi?id=165470 http://trac.webkit.org/changeset/209415 2016-12-14 Dean Jackson <dino@apple.com> Update prefers-reduced-motion syntax https://bugs.webkit.org/show_bug.cgi?id=165880 <rdar://problems/29671807> Reviewed by Sam Weinig. After discussion in: https://github.com/w3c/csswg-drafts/issues/442 ... the syntax of prefers-reduced-motion was changed to accept "reduce" or "no-preference". Updated the tests in fast/media. * css/CSSValueKeywords.in: Add no-preference keyword. * css/MediaQueryEvaluator.cpp: (WebCore::prefersReducedMotionEvaluate): 2016-12-14 Sam Weinig <sam@webkit.org> REGRESSION (204679): Google notifications never load (expecting DOMStringList rather than JS array for Location.ancestorOrigins) <rdar://problem/29573563> https://bugs.webkit.org/show_bug.cgi?id=165872 Reviewed by Chris Dumez. Revert the Location.ancestorOrigins part of r204679 because google.com is relying on it returning a DOMStringList (or at least something with a .item() function), rather than a frozen javascript array. Spec changes are tracked with https://github.com/whatwg/html/issues/2179. * page/Location.cpp: (WebCore::Location::ancestorOrigins): * page/Location.h: * page/Location.idl: Change Location.ancestorOrigins back to returning a DOMStringList. 2016-12-14 Dave Hyatt <hyatt@apple.com> [CSS Parser] Rename StyleKeyframe to StyleRuleKeyframe https://bugs.webkit.org/show_bug.cgi?id=165876 Reviewed by Simon Fraser. * css/CSSKeyframeRule.cpp: (WebCore::StyleRuleKeyframe::StyleRuleKeyframe): (WebCore::StyleRuleKeyframe::~StyleRuleKeyframe): (WebCore::StyleRuleKeyframe::mutableProperties): (WebCore::StyleRuleKeyframe::keyText): (WebCore::StyleRuleKeyframe::setKeyText): (WebCore::StyleRuleKeyframe::cssText): (WebCore::CSSKeyframeRule::CSSKeyframeRule): (WebCore::StyleKeyframe::StyleKeyframe): Deleted. (WebCore::StyleKeyframe::~StyleKeyframe): Deleted. (WebCore::StyleKeyframe::mutableProperties): Deleted. (WebCore::StyleKeyframe::keyText): Deleted. (WebCore::StyleKeyframe::setKeyText): Deleted. (WebCore::StyleKeyframe::cssText): Deleted. * css/CSSKeyframeRule.h: * css/CSSKeyframesRule.cpp: (WebCore::StyleRuleKeyframes::keyframes): (WebCore::StyleRuleKeyframes::parserAppendKeyframe): (WebCore::StyleRuleKeyframes::wrapperAppendKeyframe): (WebCore::CSSKeyframesRule::appendRule): (WebCore::CSSKeyframesRule::item): * css/CSSKeyframesRule.h: * css/StyleResolver.cpp: (WebCore::StyleResolver::styleForKeyframe): (WebCore::StyleResolver::keyframeStylesForAnimation): * css/StyleResolver.h: * css/StyleRule.cpp: (WebCore::StyleRuleBase::destroy): * css/StyleRule.h: * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseKeyframeRule): * css/parser/CSSParser.h: * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::parseDeferredKeyframeList): (WebCore::CSSParserImpl::consumeKeyframesRule): (WebCore::CSSParserImpl::consumeKeyframeStyleRule): * css/parser/CSSParserImpl.h: 2016-12-14 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make deferred parsing retain the sheet text. Fix invalidation to avoid deferred parsing. https://bugs.webkit.org/show_bug.cgi?id=165868 Reviewed by Simon Fraser. With this new model of token copying, the sheet text needs to be retained. The tokenizer did this, but we're no longer keeping it around. StyleInvalidation is also aggressively crawling media rules, even unsupported ones, so fix it to avoid deferred parsing. * css/StyleInvalidationAnalysis.cpp: (WebCore::shouldDirtyAllStyle): * css/parser/CSSDeferredParser.cpp: (WebCore::CSSDeferredParser::CSSDeferredParser): * css/parser/CSSDeferredParser.h: (WebCore::CSSDeferredParser::create): * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::CSSParserImpl): 2016-12-14 Ryosuke Niwa <rniwa@webkit.org> iOS: An element with tabindex is not focusable unless there is no mouse event handler https://bugs.webkit.org/show_bug.cgi?id=165843 Reviewed by Antti Koivisto. The bug was caused by ancestorRespondingToClickEvents not checking the precense of tabindex attribute. Check that condition along with event listeners. Test: fast/events/focusing-element-with-tabindex-by-tap-or-click.html * page/ios/FrameIOS.mm: (WebCore::ancestorRespondingToClickEvents): 2016-12-14 Alex Christensen <achristensen@webkit.org> Progress towards using ANGLE to do WebGL rendering https://bugs.webkit.org/show_bug.cgi?id=165864 Reviewed by Dean Jackson. No new tests, no change in behavior. Just compile fixes for a configuration that will soon be standard that can be landed now without breaking anything. * platform/graphics/PlatformDisplay.cpp: (WebCore::PlatformDisplay::sharedDisplay): Ignore some clang warnings that will cause problems when this is compiled on Mac. 2016-12-14 Dean Jackson <dino@apple.com> [iOS] MediaDocuments have controls on the bottom of the page https://bugs.webkit.org/show_bug.cgi?id=165865 <rdar://problem/28757268> Reviewed by Jon Lee. MediaDocuments on iOS are incorrectly placing the controls at the bottom of the page. This is due to the <video> element getting a height of 100%. It should be "auto" instead. * html/MediaDocument.cpp: (WebCore::MediaDocumentParser::createDocumentStructure): 2016-12-14 Dave Hyatt <hyatt@apple.com> [CSS Parser] Implement deferred parsing of properties, @media, @supports and @keyframes https://bugs.webkit.org/show_bug.cgi?id=165743 Reviewed by Dean Jackson. Added new tests in fast/css/deferred-parsing. This patch implements deferred parsing in CSS. By default, when parsing author stylesheets, the parser goes into a deferred mode where it leaves the declaration block of all style rules unparsed initially. Instead of creating and setting an ImmutableStyleProperties object on the StyleRule, the parser creates a DeferredStyleProperties object instead that is capable of calling into CSSDeferredParser to parse the properties and values only when the properties are finally asked for. In addition, this patch defers the parsing of the interior of @media, @supports, and @keyframes rules. @media blocks that are never matched will never parse any of the rules inside. @supports conditions for unsupported features will also not be parsed. For @keyframes, if the animation is never referenced/used, then the @keyframes child rules will never be parsed. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: Add CSSDeferredParser to the build. * css/CSSFontFaceSet.cpp: (WebCore::CSSFontFaceSet::matchingFaces): Patched to drop the StyleSheetContents* argument from parseValue, since it is no longer needed. * css/CSSKeyframesRule.cpp: (WebCore::StyleRuleKeyframes::StyleRuleKeyframes): (WebCore::StyleRuleKeyframes::parseDeferredRulesIfNeeded): (WebCore::StyleRuleKeyframes::keyframes): (WebCore::StyleRuleKeyframes::wrapperAppendKeyframe): (WebCore::StyleRuleKeyframes::wrapperRemoveKeyframe): (WebCore::StyleRuleKeyframes::findKeyframeIndex): * css/CSSKeyframesRule.h: Keyframes now hold both a keyframes Vector and a DeferredStyleGroupRuleList object. The keyframes vector won't be populated until it is needed, and the population is done by DeferredStyleGroupRuleList, which holds both the original tokens of the keyframes rule interior, and a references to the CSSDeferredParser that will do the parsing. * css/DOMCSSNamespace.cpp: (WebCore::DOMCSSNamespace::supports): Patched to drop the StyleSheetContents* argument from parseValue, since it is no longer needed. * css/ElementRuleCollector.cpp: (WebCore::ElementRuleCollector::collectMatchingRulesForList): ElementRuleCollector tests to see if a rule is empty by counting properties(), but we don't want to initiate deferred parsing just to check this. Instead we invoke propertiesWithoutDeferredParsing, which will hand back a nullptr if the properties haven't been parsed yet. In order to ensure this optimization continues to work, any rules whose interiors consist of only whitespace do not get deferred. * css/FontFace.cpp: (WebCore::FontFace::setVariant): * css/PropertySetCSSStyleDeclaration.cpp: (WebCore::PropertySetCSSStyleDeclaration::setProperty): (WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal): Patched to drop the StyleSheetContents* argument from parseValue, since it is no longer needed. * css/StyleProperties.cpp: (WebCore::MutableStyleProperties::MutableStyleProperties): (WebCore::MutableStyleProperties::setProperty): (WebCore::DeferredStyleProperties::create): (WebCore::DeferredStyleProperties::DeferredStyleProperties): (WebCore::DeferredStyleProperties::~DeferredStyleProperties): (WebCore::DeferredStyleProperties::parseDeferredProperties): * css/StyleProperties.h: (WebCore::StylePropertiesBase::type): (WebCore::StylePropertiesBase::cssParserMode): (WebCore::StylePropertiesBase::StylePropertiesBase): (WebCore::StyleProperties::isMutable): (WebCore::StyleProperties::StyleProperties): (WebCore::StylePropertiesBase::deref): (isType): (WebCore::StyleProperties::cssParserMode): Deleted. (WebCore::StyleProperties::deref): Deleted. Right now StyleProperties has two subclasses, ImmutableStyleProperties (which is created by the parser when not deferring), and MutableStyleProperties (used when making changes and doing DOM Manipulations). This patch adds a new base class called StylePropertiesBase, and StyleProperties now derives from it. DeferredStyleProperties derives from this base. The members of StyleProperties have been moved up into StylePropertiesBase. The m_isMutable bit, used to determine the type for downcasting has been enhanced to m_type (2 bits), since there are now three possible subclasses. * css/StyleRule.cpp: (WebCore::StyleRule::StyleRule): (WebCore::StyleRule::properties): (WebCore::StyleRule::mutableProperties): (WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount): Patched to ensure that when properties() are accessed, that if the current stored StylePropertyBase in the rule is a DeferredStyleProperties, we then parse and replace DeferredStyleProperties with ImmutableStyleProperties on the rule. By using a common base class, we avoid increasing memory usage in StyleRule. (WebCore::DeferredStyleGroupRuleList::create): (WebCore::DeferredStyleGroupRuleList::DeferredStyleGroupRuleList): (WebCore::DeferredStyleGroupRuleList::parseDeferredRules): (WebCore::DeferredStyleGroupRuleList::parseDeferredKeyframes): DeferredStyleGroupList is used to handle deferred parsing of objects with child rules. These include @media, @supports and @keyframes. (WebCore::StyleRuleGroup::StyleRuleGroup): (WebCore::StyleRuleGroup::childRules): (WebCore::StyleRuleGroup::wrapperInsertRule): (WebCore::StyleRuleGroup::wrapperRemoveRule): (WebCore::StyleRuleGroup::parseDeferredRulesIfNeeded): (WebCore::StyleRuleMedia::StyleRuleMedia): (WebCore::StyleRuleSupports::StyleRuleSupports): StyleRuleGroup now holds both a child rules Vector and a DeferredStyleGroupRuleList. If DeferredStyleGroupRuleList is set, then when the childRules are finally accessed, we will populate the childRules Vector and then null out the DeferredStyleGroupRuleList. * css/StyleRule.h: (WebCore::StyleRule::propertiesWithoutDeferredParsing): (WebCore::StyleRuleGroup::childRulesWithoutDeferredParsing): (WebCore::StyleRuleGroup::childRules): Deleted. Add new accesors for fetching properties and child rules without causing deferred parsing to happen. * css/StyleSheetContents.cpp: (WebCore::StyleSheetContents::parseAuthorStyleSheet): (WebCore::StyleSheetContents::parseString): Patched to turn on deferred parsing for author sheets and for all non-UA stylesheets parsed from a string (e.g., <style>). (WebCore::traverseSubresourcesInRules): The broken resource check was aggressively accessing properties(). Patch it to call propertiesWithoutDeferredParsing() instead so that it doesn't defeat the new optimization. * css/WebKitCSSMatrix.cpp: (WebCore::WebKitCSSMatrix::setMatrixValue): Patched to drop the StyleSheetContents* argument from parseValue, since it is no longer needed. * css/parser/CSSDeferredParser.cpp: Added. (WebCore::CSSDeferredParser::CSSDeferredParser): (WebCore::CSSDeferredParser::parseDeclaration): (WebCore::CSSDeferredParser::parseRuleList): (WebCore::CSSDeferredParser::parseKeyframeList): * css/parser/CSSDeferredParser.h: Added. (WebCore::CSSDeferredParser::create): (WebCore::CSSDeferredParser::tokenizer): (WebCore::CSSDeferredParser::mode): (WebCore::CSSDeferredParser::context): (WebCore::CSSDeferredParser::styleSheet): The CSSDeferredParser. It caches the original tokenizer's' escaped strings. Because the CSSDeferredParser is referenced by all the rules that have yet to parse, it will stay alive until all rules in the stylesheet has been fully parsed. The parser receives CSSParserTokenRanges from DeferredStyleProperties or DeferredStyleGroupRuleList and feeds them to CSSParserImpl, which then is able to do the parsing as it would have occurred originally had the range not been deferred. * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseSheet): (WebCore::CSSParser::parseSupportsCondition): (WebCore::CSSParser::parseSingleValue): (WebCore::CSSParser::parseValue): * css/parser/CSSParser.h: * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): (WebCore::parseKeywordValue): (WebCore::CSSParserFastPaths::maybeParseValue): * css/parser/CSSParserFastPaths.h: Drop the StyleSheetContents* argument from the methods that no longer need them. * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::CSSParserImpl): (WebCore::CSSParserImpl::tokenizer): (WebCore::CSSParserImpl::parseValue): (WebCore::CSSParserImpl::parseCustomPropertyValue): (WebCore::CSSParserImpl::parseDeclarationList): (WebCore::CSSParserImpl::parseInlineStyleDeclaration): (WebCore::CSSParserImpl::parseRule): (WebCore::CSSParserImpl::parseStyleSheet): (WebCore::CSSParserImpl::parseDeclarationListForInspector): (WebCore::CSSParserImpl::parseStyleSheetForInspector): (WebCore::CSSParserImpl::consumeQualifiedRule): (WebCore::CSSParserImpl::consumeMediaRule): (WebCore::CSSParserImpl::consumeSupportsRule): (WebCore::CSSParserImpl::consumeKeyframesRule): (WebCore::CSSParserImpl::consumeStyleRule): Drop the StyleSheetContents* argument from the methods that no longer need them. (WebCore::CSSParserImpl::createDeferredStyleProperties): (WebCore::CSSParserImpl::parseDeferredDeclaration): (WebCore::CSSParserImpl::parseDeferredRuleList): (WebCore::CSSParserImpl::parseDeferredKeyframeList): The methods that handle deferred parsing. They make sure to initialize new CSSParserImpls with the original deferred parser, and then call existing methods to do the parsing. * css/parser/CSSParserImpl.h: Patched to remove StyleSheetContents* arguments from some methods and to add the new deferred parsing methods. * css/parser/CSSParserTokenRange.cpp: (WebCore::CSSParserTokenRange::consumeBlockCheckingForEditability): * css/parser/CSSParserTokenRange.h: In order to preserve the editability optimization from r180867, when a style rule's block is consumed, we use a special method that looks for -webkit-user-modify tokens. If one is seen, then the editability optimization is turned off. Because we do this at the token level, the optimization keeps working even if properties don't get parsed. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::parseSingleValue): (WebCore::CSSPropertyParser::parseFontFaceDescriptor): (WebCore::CSSPropertyParser::consumeFont): (WebCore::CSSPropertyParser::parseShorthand): Patched to remove StyleSheetContents* arguments now that the editability check is in CSSTokenizer instead. * css/parser/CSSTokenizer.cpp: (WebCore::CSSTokenizer::tokenRange): * css/parser/CSSTokenizer.h: Make tokenRange() const. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::CanvasRenderingContext2D::setFont): Patched to drop the StyleSheetContents* argument. * testing/Internals.cpp: (WebCore::deferredStyleRulesCountForList): (WebCore::Internals::deferredStyleRulesCount): (WebCore::deferredGroupRulesCountForList): (WebCore::Internals::deferredGroupRulesCount): (WebCore::deferredKeyframesRulesCountForList): (WebCore::Internals::deferredKeyframesRulesCount): * testing/Internals.h: * testing/Internals.idl: Add new testing methods that can count the deferred style rules and group child rule lists. These methods are used by the new layout tests. 2016-12-14 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Massively speedup IDBIndex.get(). https://bugs.webkit.org/show_bug.cgi?id=165802 Reviewed by Alex Christensen. No new tests (No behavior change to Javascript, table upgrade change covered by API test). This change upgrades the IndexRecords schema to include the ObjectStore record ID for the referenced record. It also adds a SQLite Index-by-key on IndexRecords. This speeds up PerformanceTests/IndexedDB/index-get.html by 15-20x. * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::v3IndexRecordsTableSchema): (WebCore::IDBServer::v3IndexRecordsTableSchemaAlternate): (WebCore::IDBServer::v1IndexRecordsIndexSchema): (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsTable): (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedPutIndexKey): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedPutIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedGetIndexRecordForOneKey): * Modules/indexeddb/server/SQLiteIDBBackingStore.h: * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::markAsErrored): (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce): * Modules/indexeddb/server/SQLiteIDBCursor.h: (WebCore::IDBServer::SQLiteIDBCursor::currentRecordRowID): 2016-12-14 Sam Weinig <sam@webkit.org> Actually set the shipping contact when validating the payment request Reviewed by Anders Carlsson. * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidate): Fix typo. 2016-12-14 John Wilander <wilander@apple.com> Handle key generation with empty challenge string https://bugs.webkit.org/show_bug.cgi?id=165835 <rdar://problem/29128710> Reviewed by Anders Carlsson. https://bugs.webkit.org/show_bug.cgi?id=160945 didn't set the challenge length to 1 for empty challenge strings. Thus the null terminator was not included. Empty challenge strings are allowed: "If the element has a challenge attribute, then let challenge be that attribute's value. Otherwise, let challenge be the empty string." https://www.w3.org/TR/html5/forms.html#the-keygen-element (fetched 2016-12-13) Email certificate generation at https://www.comodo.com/home/email-security/free-email-certificate.php broke because of https://bugs.webkit.org/show_bug.cgi?id=160945. No new tests. The original patch did not have tests and the breakage was in the produced key material so a test would have to validate the crypto output. * platform/mac/SSLKeyGeneratorMac.mm: (WebCore::signedPublicKeyAndChallengeString): Now adds 1 to the length of the challenge to account for its null terminator. This matches the old behavior. 2016-12-14 Daniel Bates <dabates@apple.com> CSP: Allow HTTPS URL to match HTTP source expression https://bugs.webkit.org/show_bug.cgi?id=159520 <rdar://problem/27287177> Reviewed by Brent Fulgham. Test: http/tests/security/contentSecurityPolicy/script-src-parsing-implicit-and-explicit-port-number.html * page/csp/ContentSecurityPolicySource.cpp: (WebCore::ContentSecurityPolicySource::schemeMatches): (WebCore::ContentSecurityPolicySource::portMatches): 2016-12-14 Alex Christensen <achristensen@webkit.org> REGRESSION (r209776): [ios-simulator] LayoutTest http/tests/xmlhttprequest/on-network-timeout-error-during-preflight.html is timing out https://bugs.webkit.org/show_bug.cgi?id=165836 Reviewed by Brady Eidson. * loader/CrossOriginAccessControl.cpp: (WebCore::createAccessControlPreflightRequest): Use the platform default timeout for CORS preflight requests. 2016-12-14 Antti Koivisto <antti@apple.com> WebContent crash under WebCore::CachedResource::load in WebCore::FrameLoader::outgoingReferrer const https://bugs.webkit.org/show_bug.cgi?id=165852 <rdar://problem/27297153> Reviewed by Chris Dumez. There appears to be some path where we get here with a null frame. No test, don't know how exactly this happens. * loader/FrameLoader.cpp: (WebCore::FrameLoader::outgoingReferrer): Null check the frame. 2016-12-14 Chris Dumez <cdumez@apple.com> Unreviewed, rolling out r209766. Regressed Dromaeo JSLib by ~50% Reverted changeset: "Make opaque root scanning truly constraint-based" https://bugs.webkit.org/show_bug.cgi?id=165760 http://trac.webkit.org/changeset/209766 2016-12-14 Andy Estes <aestes@apple.com> EventDispatcher::dispatchEvent() should take its Node by reference https://bugs.webkit.org/show_bug.cgi?id=165840 Reviewed by Andreas Kling. No new tests. No change in behavior. * dom/Element.cpp: (WebCore::Element::dispatchWheelEvent): Dereferenced |this| when calling EventDispatcher::dispatchEvent(). (WebCore::Element::dispatchKeyEvent): Ditto. (WebCore::Element::dispatchFocusEvent): Ditto. (WebCore::Element::dispatchBlurEvent): Ditto. * dom/EventDispatcher.cpp: (WebCore::EventDispatcher::dispatchEvent): Changed |origin| from a Node* to a Node&, renamed it to |node|, and protected it with a Ref called |protectedNode| to match our preferred style. * dom/EventDispatcher.h: Changed dispatchEvent's first parameter type from Node* to Node&. * dom/Node.cpp: (WebCore::Node::dispatchEvent): Dereferenced |this| when calling EventDispatcher::dispatchEvent(). (WebCore::Node::dispatchTouchEvent): Ditto. (WebCore::Node::dispatchUIRequestEvent): Ditto. * dom/ScopedEventQueue.cpp: (WebCore::ScopedEventQueue::dispatchEvent): Dereferenced |node| when calling EventDispatcher::dispatchEvent(). * dom/SimulatedClick.cpp: (WebCore::simulateMouseEvent): Passed |element| as a reference to EventDispatcher::dispatchEvent(). 2016-12-14 Chris Dumez <cdumez@apple.com> Remove Unicode case-insensitive matching for usemap="" https://bugs.webkit.org/show_bug.cgi?id=163894 Reviewed by Antti Koivisto. Remove Unicode case-insensitive matching for usemap="" as this no longer matches the specification [1] or Firefox. Also align our parsing logic for the usemap attribute to match the specification [2]. This simplifies the code a bit, is more efficient and the compatibility risk should be low based on Firefox's behavior and Chome's usage data. [1] https://github.com/whatwg/html/commit/6acdb2122298d2bb7bb839c0a61b4e1f9b0f9bc9 [2] https://html.spec.whatwg.org/#rules-for-parsing-a-hash-name-reference Test: fast/images/image-usemap-parsing.html * dom/Document.cpp: (WebCore::Document::addImageElementByUsemap): (WebCore::Document::removeImageElementByUsemap): (WebCore::Document::imageElementByUsemap): * dom/Document.h: * dom/DocumentOrderedMap.cpp: (WebCore::DocumentOrderedMap::getElementByUsemap): * dom/DocumentOrderedMap.h: * dom/TreeScope.cpp: (WebCore::TreeScope::getImageMap): * html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::parseAttribute): (WebCore::HTMLImageElement::insertedInto): (WebCore::HTMLImageElement::removedFrom): (WebCore::HTMLImageElement::matchesUsemap): * html/HTMLImageElement.h: * html/HTMLMapElement.cpp: (WebCore::HTMLMapElement::imageElement): (WebCore::HTMLMapElement::parseAttribute): * html/parser/HTMLParserIdioms.cpp: (WebCore::parseHTMLHashNameReference): * html/parser/HTMLParserIdioms.h: 2016-12-14 Ryan Haddad <ryanhaddad@apple.com> Attempt to fix the Windows build after r209805. Unreviewed build fix. * css/CSSAllInOne.cpp: 2016-12-14 Dave Hyatt <hyatt@apple.com> [CSS Parser] Remove WebkitCSSTransformValue https://bugs.webkit.org/show_bug.cgi?id=165844 Reviewed by Zalan Bujtas. Remove WebkitCSSTransformValue and just use a CSSFunctionValue instead. No other browsers support it, and the information it provides is easily obtainable from cssText. * CMakeLists.txt: * DerivedSources.cpp: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSCSSValueCustom.cpp: (WebCore::toJSNewlyCreated): * css/CSSComputedStyleDeclaration.cpp: (WebCore::matrixTransformValue): * css/CSSValue.cpp: (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): (WebCore::CSSValue::cloneForCSSOM): * css/CSSValue.h: (WebCore::CSSValue::isSpringTimingFunctionValue): (WebCore::CSSValue::isWebKitCSSTransformValue): Deleted. * css/StyleResolver.cpp: * css/TransformFunctions.cpp: (WebCore::transformOperationType): (WebCore::transformsForValue): * css/TransformFunctions.h: * css/WebKitCSSTransformValue.cpp: Removed. * css/WebKitCSSTransformValue.h: Removed. * css/WebKitCSSTransformValue.idl: Removed. * css/parser/CSSParserFastPaths.cpp: (WebCore::parseTransformTranslateArguments): (WebCore::parseTransformNumberArguments): (WebCore::parseSimpleTransformValue): (WebCore::parseSimpleTransformList): * css/parser/CSSPropertyParser.cpp: (WebCore::consumeTranslate3d): (WebCore::consumeNumbers): (WebCore::consumePerspective): (WebCore::consumeTransformValue): (WebCore::transformOperationForCSSValueID): Deleted. 2016-12-14 Antti Koivisto <antti@apple.com> Make Style::Update const in RenderTreeUpdater https://bugs.webkit.org/show_bug.cgi?id=165845 Reviewed by Andreas Kling. Moving style away from unique_ptrs leaves them in weird state. * style/RenderTreeUpdater.cpp: (WebCore::findRenderingRoots): (WebCore::RenderTreeUpdater::commit): (WebCore::RenderTreeUpdater::updateElementRenderer): Clone the style instead of moving it. This is not meaningfully more expensive. Remove null checks, style is never null. * style/RenderTreeUpdater.h: 2016-12-13 Yusuke Suzuki <utatane.tea@gmail.com> Use JSValue::toWTFString instead of calling toString(exec) and value(exec) https://bugs.webkit.org/show_bug.cgi?id=165795 Reviewed by Saam Barati. * bindings/js/IDBBindingUtilities.cpp: (WebCore::createIDBKeyFromValue): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::setKind): (WebCore::JSAudioTrack::setLanguage): * bindings/js/JSCryptoAlgorithmDictionary.cpp: (WebCore::JSCryptoAlgorithmDictionary::getAlgorithmIdentifier): * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::setLocation): * bindings/js/JSDeviceMotionEventCustom.cpp: (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent): * bindings/js/JSDeviceOrientationEventCustom.cpp: (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::handleEvent): * bindings/js/JSHTMLAllCollectionCustom.cpp: (WebCore::callHTMLAllCollection): (WebCore::JSHTMLAllCollection::namedItem): * bindings/js/JSHTMLFormControlsCollectionCustom.cpp: (WebCore::JSHTMLFormControlsCollection::namedItem): * bindings/js/JSHTMLInputElementCustom.cpp: (WebCore::JSHTMLInputElement::setSelectionDirection): * bindings/js/JSInspectorFrontendHostCustom.cpp: (WebCore::populateContextMenuItems): * bindings/js/JSMessageEventCustom.cpp: (WebCore::handleInitMessageEvent): * bindings/js/JSSQLTransactionCustom.cpp: (WebCore::JSSQLTransaction::executeSql): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::setLanguage): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::setKind): (WebCore::JSVideoTrack::setLanguage): * bindings/js/JSWebKitSubtleCryptoCustom.cpp: (WebCore::cryptoKeyFormatFromJSValue): (WebCore::cryptoKeyUsagesFromJSValue): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::send): * bindings/js/JSXSLTProcessorCustom.cpp: (WebCore::JSXSLTProcessor::setParameter): (WebCore::JSXSLTProcessor::getParameter): (WebCore::JSXSLTProcessor::removeParameter): * bindings/js/ScheduledAction.cpp: (WebCore::ScheduledAction::create): * bridge/c/c_utility.cpp: (JSC::Bindings::convertValueToNPVariant): * bridge/testbindings.cpp: (main): 2016-12-14 Joonghun Park <jh718.park@samsung.com> [EFL] Fix debug build break since r207192. Unreviewed. https://bugs.webkit.org/show_bug.cgi?id=165847 No new tests, no new behaviours. In JSDOMBinding.h, JSClass::info() returns each js class's "static const JSC::ClassInfo s_info"'s address. It's static variable's address, so always non-null. * bindings/js/JSDOMBinding.h: (WebCore::BindingCaller::callPromiseOperation): (WebCore::BindingCaller::callOperation): (WebCore::BindingCaller::setAttribute): (WebCore::BindingCaller::attribute): 2016-12-14 Enrique Ocaña González <eocanha@igalia.com> REGRESSION(r207879-207891): [GStreamer] Introduced many layout test failures and crashes, bots exiting early https://bugs.webkit.org/show_bug.cgi?id=164022 Reviewed by Xabier Rodriguez-Calvar. Covered by existing tests. * page/Settings.cpp: Added new setting to disable GStreamer players, so the selection of MockMediaPlayerMediaSource can be forced for some tests, just like it's already being done for the AVFoundation player in Mac. (WebCore::Settings::setGStreamerEnabled): * page/Settings.h: (WebCore::Settings::isGStreamerEnabled): * platform/graphics/MediaPlayer.cpp: (WebCore::buildMediaEnginesVector): Don't register GStreamer players when they're disabled. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp: (WebCore::MediaPlayerPrivateGStreamer::durationMediaTime): Use doubles instead of floats. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Use doubles instead of floats for m_durationAtEOS. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp: Don't reset m_sample on videoSink drain, it causes too many problems. (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSink): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h: Removed unused methods. * platform/graphics/gstreamer/VideoSinkGStreamer.cpp: Keep releasing m_sample on drain, but don't report the event externally via signal anymore. The base player private isn't listening to it anymore. (webkitVideoSinkEvent): (webkit_video_sink_class_init): * platform/graphics/gstreamer/mse/AppendPipeline.cpp: (WebCore::AppendPipeline::parseDemuxerSrcPadCaps): Check if the demuxer caps correspond to a supported codec. (WebCore::AppendPipeline::didReceiveInitializationSegment): Empty m_track is now legal and means unsupported codec. (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread): Warn about more than one stream, but "support" it by ignoring it using a black hole probe. (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsink): Also report the duration when it's detected for the first time. Invalid stream types now mean that unsupported codecs have been detected. Complete init segment processing in that case. (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread): Disconnect black hole probe. (WebCore::appendPipelineDemuxerBlackHolePadProbe): Ignore buffers. (WebCore::appendPipelineDemuxerPadRemoved): New parameter used. * platform/graphics/gstreamer/mse/AppendPipeline.h: * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: (WebCore::MediaPlayerPrivateGStreamerMSE::supportsCodecs): Check supported codecs by matching against wildcard expressions. (WebCore::MediaPlayerPrivateGStreamerMSE::supportsType): Check for supported codecs. * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h: New supportsCodecs() method. * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp: (WebCore::MediaSourceClientGStreamerMSE::resetParserState): Implemented parser resetting by aborting the AppendPipeline. * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h: Added resetParserState(). * platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp: (WebCore::SourceBufferPrivateGStreamer::resetParserState): Implemented it. * testing/Internals.cpp: (WebCore::Internals::initializeMockMediaSource): Disable the GStreamer players when initializing the mock media source, like it's already done for the AVFoundation player to force the selection of MockMediaPlayerMediaSource. 2016-12-14 Enrique Ocaña González <eocanha@igalia.com> [GStreamer][MSE] Fix player private selection when MSE is enabled https://bugs.webkit.org/show_bug.cgi?id=164116 Reviewed by Philippe Normand. Covered by existing tests. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp: (WebCore::MediaPlayerPrivateGStreamer::load): * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: (WebCore::MediaPlayerPrivateGStreamerMSE::load): 2016-12-13 Commit Queue <commit-queue@webkit.org> Unreviewed, rolling out r209792. https://bugs.webkit.org/show_bug.cgi?id=165841 Cause build failures (Requested by yusukesuzuki on #webkit). Reverted changeset: "Use JSValue::toWTFString instead of calling toString(exec) and value(exec)" https://bugs.webkit.org/show_bug.cgi?id=165795 http://trac.webkit.org/changeset/209792 2016-12-13 Yusuke Suzuki <utatane.tea@gmail.com> Use JSValue::toWTFString instead of calling toString(exec) and value(exec) https://bugs.webkit.org/show_bug.cgi?id=165795 Reviewed by Saam Barati. * bindings/js/IDBBindingUtilities.cpp: (WebCore::createIDBKeyFromValue): (WebCore::getNthValueOnKeyPath): Deleted. (WebCore::internalCreateIDBKeyFromScriptValueAndKeyPath): Deleted. (WebCore::ensureNthValueOnKeyPath): Deleted. (WebCore::canInjectNthValueOnKeyPath): Deleted. (WebCore::injectIDBKeyIntoScriptValue): Deleted. (WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath): Deleted. (WebCore::canInjectIDBKeyIntoScriptValue): Deleted. (WebCore::deserializeIDBValueToJSValue): Deleted. (WebCore::scriptValueToIDBKey): Deleted. (WebCore::idbKeyDataToScriptValue): Deleted. (WebCore::createKeyPathArray): Deleted. (WebCore::generateIndexKeyForValue): Deleted. * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::setKind): (WebCore::JSAudioTrack::setLanguage): * bindings/js/JSCryptoAlgorithmDictionary.cpp: (WebCore::JSCryptoAlgorithmDictionary::getAlgorithmIdentifier): * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::setLocation): * bindings/js/JSDeviceMotionEventCustom.cpp: (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent): * bindings/js/JSDeviceOrientationEventCustom.cpp: (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::handleEvent): (WebCore::JSEventListener::virtualisAttribute): Deleted. (WebCore::JSEventListener::operator==): Deleted. (WebCore::eventHandlerAttribute): Deleted. (WebCore::createEventListenerForEventHandlerAttribute): Deleted. (WebCore::setEventHandlerAttribute): Deleted. (WebCore::windowEventHandlerAttribute): Deleted. (WebCore::setWindowEventHandlerAttribute): Deleted. (WebCore::documentEventHandlerAttribute): Deleted. (WebCore::setDocumentEventHandlerAttribute): Deleted. * bindings/js/JSHTMLAllCollectionCustom.cpp: (WebCore::callHTMLAllCollection): (WebCore::JSHTMLAllCollection::namedItem): * bindings/js/JSHTMLFormControlsCollectionCustom.cpp: (WebCore::JSHTMLFormControlsCollection::namedItem): * bindings/js/JSHTMLInputElementCustom.cpp: (WebCore::JSHTMLInputElement::setSelectionDirection): (WebCore::JSHTMLInputElement::setSelectionRange): Deleted. * bindings/js/JSInspectorFrontendHostCustom.cpp: (WebCore::populateContextMenuItems): (WebCore::JSInspectorFrontendHost::showContextMenu): Deleted. * bindings/js/JSMessageEventCustom.cpp: (WebCore::handleInitMessageEvent): * bindings/js/JSSQLTransactionCustom.cpp: (WebCore::JSSQLTransaction::executeSql): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::setLanguage): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::setKind): (WebCore::JSVideoTrack::setLanguage): * bindings/js/JSWebKitSubtleCryptoCustom.cpp: (WebCore::cryptoKeyFormatFromJSValue): (WebCore::cryptoKeyUsagesFromJSValue): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::send): (WebCore::JSXMLHttpRequest::responseText): Deleted. (WebCore::JSXMLHttpRequest::retrieveResponse): Deleted. * bindings/js/JSXSLTProcessorCustom.cpp: (WebCore::JSXSLTProcessor::setParameter): (WebCore::JSXSLTProcessor::getParameter): (WebCore::JSXSLTProcessor::removeParameter): * bindings/js/ScheduledAction.cpp: (WebCore::ScheduledAction::create): * bridge/c/c_utility.cpp: (JSC::Bindings::convertValueToNPVariant): * bridge/testbindings.cpp: (main): * inspector/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::buildObjectForEventListener): 2016-12-13 Yusuke Suzuki <utatane.tea@gmail.com> ASSERTION FAILED: hasParserBlockingScript() seen with js/dom/modules/module-will-fire-beforeload.html https://bugs.webkit.org/show_bug.cgi?id=164883 Reviewed by Ryosuke Niwa. This is *attempt to fix* patch since I cannot reproduce the crash reported in this issue. One possible scenario of this crash is the following. 1. There is pending deferred scripts, that is not fetched yet. 2. Then, we start watching on the script. And stop document parser. 3. The document parser is stopped/detached by calling finishJSTest in beforeload. 4. At this critical timing, (2)'s script is fetched, and notifyFinished is called since it is watched. In this patch, we ignore the script execution if the document parser is stopped / detached. Previously, it goes into the wrong path. And it causes assertion failure. * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::notifyFinished): 2016-12-13 Keith Rollin <krollin@apple.com> Memory warning logging appears to capture resident footprint, missing compress/swap. https://bugs.webkit.org/show_bug.cgi?id=165533 <rdar://problem/29318410> Reviewed by Daniel Bates. Fix GTK build by adding an explicit constructor. * platform/MemoryPressureHandler.h: (WebCore::MemoryPressureHandler::ReliefLogger::MemoryUsage::MemoryUsage): 2016-12-13 Daniel Bates <dabates@apple.com> CSP: ws: and wss: blocked with connect-src * https://bugs.webkit.org/show_bug.cgi?id=165804 <rdar://problem/28563643> Reviewed by David Kilzer. Allow * to match ws: and wss:. This will make our behavior of * more closely conform the behavior of * in the Content Security Policy Level 3 spec., <https://w3c.github.io/webappsec-csp/#match-url-to-source-expression> (Editor's Draft, 2 December 2016). Tests: http/tests/security/contentSecurityPolicy/connect-src-star-secure-websocket-allowed.html http/tests/security/contentSecurityPolicy/connect-src-star-websocket-allowed.html http/tests/security/contentSecurityPolicy/default-src-star-secure-websocket-allowed.html http/tests/security/contentSecurityPolicy/default-src-star-websocket-allowed.html * page/csp/ContentSecurityPolicySourceList.cpp: (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar): 2016-12-13 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make CSSFunctionValue derive from CSSValueList https://bugs.webkit.org/show_bug.cgi?id=165832 Reviewed by Dean Jackson. With the old parser gone, we can now shrink CSSFunctionValue a bit by having it derive from CSSValueList instead of having an extra member that holds a value list of arguments. This is similar to the trick already employed by WebkitCSSTransformValue. * css/CSSComputedStyleDeclaration.cpp: (WebCore::specifiedValueForGridTrackSize): * css/CSSFunctionValue.cpp: (WebCore::CSSFunctionValue::customCSSText): (WebCore::CSSFunctionValue::CSSFunctionValue): Deleted. (WebCore::CSSFunctionValue::equals): Deleted. (WebCore::CSSFunctionValue::append): Deleted. * css/CSSFunctionValue.h: * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertScrollSnapPoints): (WebCore::StyleBuilderConverter::createGridTrackSize): * css/StyleResolver.cpp: (WebCore::StyleResolver::createFilterOperations): * css/parser/CSSPropertyParser.cpp: (WebCore::isGridTrackFixedSized): 2016-12-13 Chris Dumez <cdumez@apple.com> Make Document a FrameDestructionObserver https://bugs.webkit.org/show_bug.cgi?id=165810 <rdar://problem/29157645> Reviewed by Ryosuke Niwa. Make Document a FrameDestructionObserver to make sure Document::m_frame is properly nulled out when a Frame gets destroyed. Document::disconnectFromFrame() is supposed to be called before the Frame gets destroyed so this also adds an assertion to try and identify places where we fail to call it. No new tests, no known reproduction case. * dom/Document.cpp: (WebCore::Document::Document): (WebCore::Document::disconnectFromFrame): (WebCore::Document::frameDestroyed): * dom/Document.h: (WebCore::Document::frame): Deleted. 2016-12-13 Joseph Pecoraro <pecoraro@apple.com> REGRESSION(r204163): Web Inspector: Page crashes when Inspector tries to load insecure SourceMap https://bugs.webkit.org/show_bug.cgi?id=165806 <rdar://problem/28169025> Reviewed by Alex Christensen. Test: http/tests/inspector/network/loadResource-insecure-resource.html * inspector/InspectorNetworkAgent.cpp: (WebCore::InspectorNetworkAgent::loadResource): DocumentThreadableLoader now triggers the ThreadableLoaderClient's didFail callback, so this didFailLoaderCreation is now redundent and incorrect. 2016-12-13 Dave Hyatt <hyatt@apple.com> [CSS Parser] Enhance fast path translate transforms to allow percentages https://bugs.webkit.org/show_bug.cgi?id=165822 Reviewed by Simon Fraser. * css/parser/CSSParserFastPaths.cpp: (WebCore::parseTransformTranslateArguments): 2016-12-13 Ryosuke Niwa <rniwa@webkit.org> :hover rule causes a single tap to not activate a slotted anchor element https://bugs.webkit.org/show_bug.cgi?id=165551 Reviewed by Antti Koivisto. Fixed a bug in ancestorRespondingToClickEvents that we were traversing the ancestor nodes without taking shadow roots and slots into account. This prevented tapping on a text node assigned to a slot inside an anchor element to activate the hyperlink on iOS. This bug was supposed to be fixed in r206605, and it was still broken on iOS due to the bug in ancestorRespondingToClickEvents. It is now tested by click-text-inside-linked-slot.html. Tests: fast/shadow-dom/click-on-slotted-anchor-with-hover.html fast/shadow-dom/click-text-inside-linked-slot.html * page/ios/FrameIOS.mm: (WebCore::ancestorRespondingToClickEvents): (WebCore::Frame::qualifyingNodeAtViewportLocation): 2016-12-13 Dave Hyatt <hyatt@apple.com> [CSS Parser] Eliminate SVGPaint and SVGColor https://bugs.webkit.org/show_bug.cgi?id=165819 Reviewed by Dean Jackson. Remove SVGColor and SVGPaint CSS values from the tree. The new parser already stopped making these values when parsing, so all that's left is to make sure computed style doesn't use these values either. We are the only browser engine to support these CSS values, they see no use on the Web, and they're already gone at the parsing level, so it's time to remove these interfaces from our tree. * CMakeLists.txt: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSCSSValueCustom.cpp: (WebCore::toJSNewlyCreated): * css/CSSComputedStyleDeclaration.h: * css/CSSValue.cpp: (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): (WebCore::CSSValue::cloneForCSSOM): * css/CSSValue.h: (WebCore::CSSValue::isSubtypeExposedToCSSOM): (WebCore::CSSValue::isSVGColor): Deleted. (WebCore::CSSValue::isSVGPaint): Deleted. * css/SVGCSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::adjustSVGPaintForCurrentColor): (WebCore::ComputedStyleExtractor::svgPropertyValue): * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertSVGColor): * css/StyleBuilderCustom.h: (WebCore::StyleBuilderCustom::applyValueFill): (WebCore::StyleBuilderCustom::applyValueStroke): * page/animation/CSSPropertyAnimation.cpp: (WebCore::PropertyWrapperSVGPaint::PropertyWrapperSVGPaint): * rendering/style/RenderStyle.h: (WebCore::RenderStyle::fillPaintType): (WebCore::RenderStyle::setFillPaintColor): (WebCore::RenderStyle::strokePaintType): (WebCore::RenderStyle::setStrokePaintColor): * rendering/style/SVGRenderStyle.h: (WebCore::SVGRenderStyle::initialFillPaintType): (WebCore::SVGRenderStyle::initialStrokePaintType): (WebCore::SVGRenderStyle::setFillPaint): (WebCore::SVGRenderStyle::setStrokePaint): (WebCore::SVGRenderStyle::fillPaintType): (WebCore::SVGRenderStyle::strokePaintType): (WebCore::SVGRenderStyle::visitedLinkFillPaintType): (WebCore::SVGRenderStyle::visitedLinkStrokePaintType): (WebCore::SVGRenderStyle::hasStroke): (WebCore::SVGRenderStyle::hasFill): * rendering/style/SVGRenderStyleDefs.h: * rendering/svg/RenderSVGResource.cpp: (WebCore::requestPaintingResource): * rendering/svg/SVGResources.cpp: (WebCore::paintingResourceFromSVGPaint): * svg/SVGAllInOne.cpp: * svg/SVGAnimatedColor.cpp: (WebCore::SVGAnimatedColorAnimator::constructFromString): (WebCore::parseColorFromString): (WebCore::SVGAnimatedColorAnimator::calculateDistance): * svg/SVGAnimatedType.cpp: (WebCore::SVGAnimatedType::setValueAsString): * svg/SVGAnimatedType.h: * svg/SVGColor.cpp: Removed. * svg/SVGColor.h: Removed. * svg/SVGColor.idl: Removed. * svg/SVGFEDiffuseLightingElement.cpp: * svg/SVGFESpecularLightingElement.cpp: * svg/SVGPaint.cpp: Removed. * svg/SVGPaint.h: Removed. * svg/SVGPaint.idl: Removed. 2016-12-13 Alex Christensen <achristensen@webkit.org> Restore NSURLRequest's default time interval to match behavior before NSURLSession adoption https://bugs.webkit.org/show_bug.cgi?id=165821 <rdar://problem/28492939> Reviewed by Brady Eidson. Before adopting NSURLSession, iOS used CFURLConnection, not NSURLConnection. iOS used to have a default timeout of INT_MAX and it now has a default timeout of 0, which means use the default NSURLRequest timeout, which is 60 seconds. This is not enough for some slow mobile networks, so we want to match behavior of our CFURLConnection code here. * platform/network/ResourceRequestBase.cpp: Use INT_MAX as the default timeout of requests on iOS. 2016-12-13 Filip Pizlo <fpizlo@apple.com> Make opaque root scanning truly constraint-based https://bugs.webkit.org/show_bug.cgi?id=165760 Reviewed by Saam Barati. No new tests yet. I think that writing tests for this is a big investigation: https://bugs.webkit.org/show_bug.cgi?id=165808 Remove the previous advancing wavefront DOM write barrier. I don't think this will scale very well. It's super confusing. This change makes it so that visitChildren can become a GC constraint that executes as part of the fixpoint. This changes all WebCore visitChildren methods that do opaque roots into constraints. * bindings/js/CommonVM.cpp: (WebCore::commonVMSlow): (WebCore::writeBarrierOpaqueRootSlow): Deleted. * bindings/js/CommonVM.h: (WebCore::writeBarrierOpaqueRoot): Deleted. * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitAdditionalChildren): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitAdditionalChildren): * bindings/js/JSIDBCursorCustom.cpp: (WebCore::JSIDBCursor::visitAdditionalChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitAdditionalChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitAdditionalChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitAdditionalChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCue::visitAdditionalChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitAdditionalChildren): * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitAdditionalChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * dom/ContainerNodeAlgorithms.cpp: (WebCore::notifyChildNodeInserted): (WebCore::notifyChildNodeRemoved): 2016-12-12 Sam Weinig <sam@webkit.org> [WebIDL] Remove use of Dictionary in ApplePaySession https://bugs.webkit.org/show_bug.cgi?id=165787 Reviewed by Anders Carlsson. First take at generating the bindings for ApplePaySession and removing all use of Dictionary. - Removes all use of Dictionary! - Removes use of logging errors to the console with improved Exception messages. - Use ExceptionOr extensively to pass exception state. Still to do: - Reconcile / merge ApplePaySession::PaymentRequest with WebCore::PaymentRequest and all the sub-objects held within. - Remove PaymentRequestValidator entirely, merging validation into the validation we already do in ApplePaySession.cpp - Make ApplePayEvents use generated dictionary creation code. Test: http/tests/ssl/applepay/ApplePaySession.html * Modules/applepay/ApplePaySession.cpp: (WebCore::convertAndValidate): (WebCore::canCallApplePaySessionAPIs): (WebCore::ApplePaySession::create): (WebCore::ApplePaySession::ApplePaySession): (WebCore::ApplePaySession::supportsVersion): (WebCore::ApplePaySession::canMakePayments): (WebCore::ApplePaySession::canMakePaymentsWithActiveCard): (WebCore::ApplePaySession::openPaymentSetup): (WebCore::ApplePaySession::begin): (WebCore::ApplePaySession::completeMerchantValidation): (WebCore::ApplePaySession::completeShippingMethodSelection): (WebCore::ApplePaySession::completeShippingContactSelection): (WebCore::ApplePaySession::completePaymentMethodSelection): (WebCore::ApplePaySession::didSelectShippingMethod): (WebCore::createContactFields): Deleted. (WebCore::toLineItemType): Deleted. (WebCore::isValidLineItemPropertyName): Deleted. (WebCore::createLineItem): Deleted. (WebCore::createLineItems): Deleted. (WebCore::createMerchantCapabilities): Deleted. (WebCore::createSupportedNetworks): Deleted. (WebCore::toShippingType): Deleted. (WebCore::isValidShippingMethodPropertyName): Deleted. (WebCore::createShippingMethod): Deleted. (WebCore::createShippingMethods): Deleted. (WebCore::isValidPaymentRequestPropertyName): Deleted. (WebCore::createPaymentRequest): Deleted. * Modules/applepay/ApplePaySession.h: Replace hand written dictionary extraction code with autogenerated code and hand written additional validation. * Modules/applepay/ApplePaySession.idl: Add helper dictionaries and enums. * Modules/applepay/PaymentRequestValidator.cpp: (WebCore::PaymentRequestValidator::validate): (WebCore::PaymentRequestValidator::validateTotal): (WebCore::validateCountryCode): (WebCore::validateCurrencyCode): (WebCore::validateMerchantCapabilities): (WebCore::validateSupportedNetworks): (WebCore::validateShippingMethod): (WebCore::validateShippingMethods): (WebCore::PaymentRequestValidator::PaymentRequestValidator): Deleted. (WebCore::PaymentRequestValidator::~PaymentRequestValidator): Deleted. (WebCore::PaymentRequestValidator::validateCountryCode): Deleted. (WebCore::PaymentRequestValidator::validateCurrencyCode): Deleted. (WebCore::PaymentRequestValidator::validateMerchantCapabilities): Deleted. (WebCore::PaymentRequestValidator::validateShippingMethod): Deleted. (WebCore::PaymentRequestValidator::validateSupportedNetworks): Deleted. (WebCore::PaymentRequestValidator::validateShippingMethods): Deleted. * Modules/applepay/PaymentRequestValidator.h: Instead of reporting the validation errors to the console, pass them in the exception. This allows us to remove the window member, and move the helpers to the implementation file as statics. * WebCore.xcodeproj/project.pbxproj: Remove file. * bindings/generic/IDLTypes.h: (WebCore::IDLObject::nullValue): (WebCore::IDLObject::isNullValue): (WebCore::IDLObject::extractValueFromNullable): Add nullability traits for IDLObject. * bindings/js/JSApplePaySessionCustom.cpp: Removed. 2016-12-13 Daniel Bates <dabates@apple.com> CSP: Teach the preload scanner about the 'nonce' attribute https://bugs.webkit.org/show_bug.cgi?id=161192 <rdar://problem/28010354> Reviewed by Darin Adler. This patch was inspired by a similar Blink change: <https://chromium.googlesource.com/chromium/src/+/dde5487f380cf774e4c0e96ba7f88ea68e723907> Preload external scripts and stylesheets whose HTML script and link elements have a nonce attribute that is listed in the Content Security Policy (CSP) of the page. Currently the preload scanner ignores the nonce attribute on HTML script and link elements. So, WebKit does not preload their associated subresources unless the value of the src attribute or href attribute is whitelisted in the CSP of the page for script and link elements, respectively. Instead the preload scanner should recognize the nonce attribute on script and link elements and query the CSP of the page with it. If the nonce attribute is whitelisted then the request should be preloaded. Tests: http/tests/loading/do-not-preload-css-blocked-by-csp.html http/tests/loading/do-not-preload-script-src-blocked-by-csp.html http/tests/loading/preload-css-with-csp-nonce.html http/tests/loading/preload-script-src-with-csp-nonce.html * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): Set the nonce on the PreloadRequest to the nonce that we found during the scan. (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): For script and link tag names, save the value of the nonce attribute (if it has one). * html/parser/HTMLResourcePreloader.cpp: (WebCore::PreloadRequest::resourceRequest): Skip CSP policy check if the nonce is listed in the CSP of the page. * html/parser/HTMLResourcePreloader.h: (WebCore::PreloadRequest::setNonce): Added. 2016-12-13 Dave Hyatt <hyatt@apple.com> [CSS Parser] Rename CSSPrimitiveValue::UnitTypes to CSSPrimitiveValue::UnitType https://bugs.webkit.org/show_bug.cgi?id=165776 Reviewed by Zalan Bujtas. * css/CSSCalculationValue.cpp: (WebCore::unitCategory): (WebCore::hasDoubleValue): (WebCore::determineCategory): (WebCore::CSSCalcExpressionNodeParser::parseValue): * css/CSSCalculationValue.h: * css/CSSPrimitiveValue.cpp: (WebCore::isValidCSSUnitTypeForDoubleConversion): (WebCore::isStringType): (WebCore::CSSPrimitiveValue::unitCategory): (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::cleanup): (WebCore::CSSPrimitiveValue::computeLengthDouble): (WebCore::CSSPrimitiveValue::computeNonCalcLengthDouble): (WebCore::CSSPrimitiveValue::conversionToCanonicalUnitsScaleFactor): (WebCore::CSSPrimitiveValue::getFloatValue): (WebCore::CSSPrimitiveValue::doubleValue): (WebCore::CSSPrimitiveValue::canonicalUnitTypeForCategory): (WebCore::CSSPrimitiveValue::doubleValueInternal): (WebCore::CSSPrimitiveValue::cloneForCSSOM): * css/CSSPrimitiveValue.h: (WebCore::CSSPrimitiveValue::isFontRelativeLength): (WebCore::CSSPrimitiveValue::isLength): (WebCore::CSSPrimitiveValue::isResolution): (WebCore::CSSPrimitiveValue::createAllowingMarginQuirk): * css/CSSValue.h: * css/CSSValuePool.cpp: (WebCore::CSSValuePool::createValue): * css/CSSValuePool.h: (WebCore::CSSValuePool::createValue): * css/MediaQueryExp.cpp: (WebCore::featureWithValidDensity): (WebCore::MediaQueryExpression::MediaQueryExpression): * css/parser/CSSParserFastPaths.cpp: (WebCore::parseSimpleLength): (WebCore::parseSimpleLengthValue): (WebCore::parseColorIntOrPercentage): (WebCore::fastParseColorInternal): (WebCore::parseTransformTranslateArguments): (WebCore::parseTransformNumberArguments): * css/parser/CSSParserToken.cpp: (WebCore::cssPrimitiveValueUnitFromTrie): (WebCore::stringToUnitType): (WebCore::CSSParserToken::CSSParserToken): (WebCore::CSSParserToken::convertToPercentage): * css/parser/CSSParserToken.h: (WebCore::CSSParserToken::unitType): * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeTransformOrigin): (WebCore::consumeCounter): (WebCore::consumeAnimationName): (WebCore::consumePerspective): (WebCore::consumePositionLonghand): (WebCore::consumeCounterContent): (WebCore::consumeReflect): (WebCore::consumeGridBreadth): (WebCore::CSSPropertyParser::consumeFlex): * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::CalcParser::consumeNumber): (WebCore::CSSPropertyParserHelpers::consumeInteger): (WebCore::CSSPropertyParserHelpers::consumeLength): (WebCore::CSSPropertyParserHelpers::consumePercent): (WebCore::CSSPropertyParserHelpers::consumeAngle): (WebCore::CSSPropertyParserHelpers::consumeTime): (WebCore::CSSPropertyParserHelpers::consumeCustomIdent): (WebCore::CSSPropertyParserHelpers::consumeString): (WebCore::CSSPropertyParserHelpers::consumeUrl): (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientPoint): (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientColorStop): (WebCore::CSSPropertyParserHelpers::consumeCrossFade): (WebCore::CSSPropertyParserHelpers::consumeImageSet): (WebCore::CSSPropertyParserHelpers::consumeFilterFunction): * css/parser/MediaQueryParser.cpp: (WebCore::MediaQueryParser::readFeatureValue): * css/parser/SizesAttributeParser.cpp: (WebCore::SizesAttributeParser::computeLength): * css/parser/SizesAttributeParser.h: * dom/StyledElement.cpp: (WebCore::StyledElement::setInlineStyleProperty): (WebCore::StyledElement::addPropertyToPresentationAttributeStyle): * dom/StyledElement.h: * svg/SVGLengthValue.cpp: (WebCore::SVGLengthValue::toCSSPrimitiveValue): 2016-12-13 Eric Carlson <eric.carlson@apple.com> Annotate MediaStream and WebRTC idl with EnabledAtRuntime flag https://bugs.webkit.org/show_bug.cgi?id=165251 Reviewed by Youenn Fablet. No new tests, fixes an API test. * page/Settings.in: Delete mediaStreamEnabled and peerConnectionEnabled, we don't need a setting and a runtime feature. 2016-12-13 Antti Koivisto <antti@apple.com> REGRESSION (r198990): Cannot edit content inside <details> in wysiwyg editor https://bugs.webkit.org/show_bug.cgi?id=165757 Reviewed by Andreas Kling. Test: fast/html/details-edit.html -webkit-user-modify is reset on shadow boundary so it doesn't go through <details> shadow tree. * css/StyleResolver.cpp: (WebCore::StyleResolver::styleForElement): (WebCore::StyleResolver::pseudoStyleForElement): (WebCore::StyleResolver::styleForPage): (WebCore::StyleResolver::applyMatchedProperties): * dom/Node.cpp: (WebCore::computeEditabilityFromComputedStyle): (WebCore::Node::computeEditability): Make -webkit-user-modify (which we would want to get rid of completely eventually) have no effect in shadow trees. Check for contenteditable directly instead. * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::createInnerTextStyle): * html/HTMLTextAreaElement.cpp: (WebCore::HTMLTextAreaElement::createInnerTextStyle): * html/shadow/TextControlInnerElements.cpp: * rendering/RenderFlowThread.cpp: (WebCore::RenderFlowThread::createFlowThreadStyle): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::calculateClipRects): * rendering/RenderListItem.cpp: (WebCore::RenderListItem::styleDidChange): * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::createAnonymousStyleWithDisplay): (WebCore::RenderStyle::createStyleInheritingFromPseudoStyle): (WebCore::RenderStyle::inheritFrom): Let -webkit-user-modify inherit through shadow boundary as normal. * rendering/style/RenderStyle.h: 2016-12-12 Darin Adler <darin@apple.com> Remove bindings generation support for legacy WebCore::Dictionary https://bugs.webkit.org/show_bug.cgi?id=165762 Reviewed by Sam Weinig. After this patch, all use of legacy WebCore::Dictionary is within custom bindings or inside the DOM code itself. Bindings generation machinery no longer has a special type named "Dictionary" but has increasingly good support for IDL-defined dictionaries. * Modules/applepay/ApplePaySession.cpp: (WebCore::ApplePaySession::create): Take ExecState and a JSValue rather than a Dictionary. (WebCore::ApplePaySession::completeMerchantValidation): Ditto. * Modules/applepay/ApplePaySession.h: Updated for the above changes. * Modules/applepay/ApplePaySession.idl: For this last file using Dictionary in IDL, move to "[CallWith=ScriptState]" and "any" as a stopgap. Later we can return and use IDL dictionaries or other more modern solutions. * Modules/mediastream/MediaDevices.idl: For the custom binding written in JavaScript, use the type mentioned in the specification rather than Dictionary. The bindings generator ignores the type, so this is more like changing a comment rather than changing source code. * Modules/mediastream/RTCPeerConnection.js: (initializeRTCPeerConnection): Refer to a non-object as not a valid "dictionary", lowercase rather than "Dictionary". * Modules/mediastream/RTCPeerConnectionInternals.js: (callbacksAndDictionaryOverload): Ditto. * bindings/generic/IDLTypes.h: Removed IDLLegacyDictionary. * bindings/js/JSCryptoAlgorithmDictionary.cpp: (WebCore::getHashAlgorithm): Fixed a comment. * bindings/js/JSDOMConvert.h: (WebCore::Converter<IDLLegacyDictionary<T>>::convert): Deleted. * bindings/scripts/CodeGenerator.pm: (IsBuiltinType): Removed special case for "Dictionary". * bindings/scripts/CodeGeneratorJS.pm: (AddToIncludesForIDLType): Ditto. (AreTypesDistinguishableForOverloadResolution): Ditto. (GenerateOverloadedFunctionOrConstructor): Ditto. (GenerateParametersCheck): Ditto. (GetBaseIDLType): Ditto. * bindings/scripts/test/JS/JSTestObj.cpp: Regenerated results. * bindings/scripts/test/TestObj.idl: Removed test case for Dictionary. 2016-12-12 Chris Dumez <cdumez@apple.com> Drop unnecessary null check in removeDetachedChildrenInContainer() https://bugs.webkit.org/show_bug.cgi?id=165778 Reviewed by Alex Christensen. Drop unnecessary null check in removeDetachedChildrenInContainer(). Node cannot be null but we do an implicit null check. No new tests, no Web-exposed behavior change. * dom/ContainerNodeAlgorithms.cpp: (WebCore::removeDetachedChildrenInContainer): 2016-12-12 Chris Dumez <cdumez@apple.com> Add Document.onvisibilitychange event handler attribute https://bugs.webkit.org/show_bug.cgi?id=165784 Reviewed by Daniel Bates. Add Document.onvisibilitychange event handler attribute as per Page Visibility Level 2 API: - http://w3c.github.io/page-visibility/#onvisiblitychange-event-handler Test: fast/events/page-visibility-onvisibilitychange.html * dom/Document.idl: 2016-12-12 Dean Jackson <dino@apple.com> [iOS] MediaDocument "Done" button should navigate the page back https://bugs.webkit.org/show_bug.cgi?id=165779 Reviewed by Sam Weinig. Detect if the exit from fullscreen was caused by the Done button, and if so, tell the page to navigate back. Unfortunately this is not yet testable. It's waiting on the UI-based device testing in development by the media team. * platform/cocoa/WebVideoFullscreenModel.h: Add a finishedWithMedia parameter to requestFullscreenMode, to indicate if the change in mode is associated with the closing of the media document. * platform/cocoa/WebVideoFullscreenModelVideoElement.h: * platform/cocoa/WebVideoFullscreenModelVideoElement.mm: (WebVideoFullscreenModelVideoElement::requestFullscreenMode): If we're a media document, and we say we're finished with the media, tell the document to navigate back a page. * platform/ios/WebVideoFullscreenControllerAVKit.mm: (WebVideoFullscreenControllerContext::requestFullscreenMode): * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason): 2016-12-12 Zalan Bujtas <zalan@apple.com> Infinite recursion when viewport is set to the size of the content but the content overflows the viewport. https://bugs.webkit.org/show_bug.cgi?id=165775 rdar://problem/29366628 Reviewed by Simon Fraser. In certain cases when the viewport is sized to accomodate the content and the content always overflows the viewport, we might end up in recursive FrameView::layout calls. This is specific to content with viewport units, because we always invalidate elements with vw/vh units on viewport size change. However if this viewport size change is in response to content size change (layout), invalidating elements could trigger synchronous layout, while we are still inside this current layout. This is very similar to the m_setNeedsLayoutWasDeferred case and they should eventually be merged. It also means that we might be behind by one layout on elements with vw/vh units (fixed layout only though). Currently not testable. * page/FrameView.cpp: (WebCore::FrameView::availableContentSizeChanged): 2016-12-12 Keith Rollin <krollin@apple.com> Memory warning logging appears to capture resident footprint, missing compress/swap. https://bugs.webkit.org/show_bug.cgi?id=165533 <rdar://problem/29318410> Reviewed by Andreas Kling. Have platformMemoryUsage return both resident and resident + swapped values. This is now returned as a struct in a std::optional to better support cases where values cannot or are not returned. Report these values in logMemoryUsageChange. Remove most of the ReliefLogger instances and their messages. We no longer free up fastMalloc memory after each memory-release operation, so there are no memory regions returned to the OS. Instead, we now free up fastMalloc memory regions at the end of all memory-releasing operations in one fell swoop and report a grand total of memory returned. No new tests -- no changes to user accessible functionality. * page/MemoryRelease.cpp: (WebCore::releaseNoncriticalMemory): (WebCore::releaseCriticalMemory): (WebCore::releaseMemory): * page/cocoa/MemoryReleaseCocoa.mm: (WebCore::platformReleaseMemory): * platform/MemoryPressureHandler.cpp: (WebCore::MemoryPressureHandler::releaseMemory): (WebCore::MemoryPressureHandler::ReliefLogger::logMemoryUsageChange): (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): * platform/MemoryPressureHandler.h: (WebCore::MemoryPressureHandler::ReliefLogger::ReliefLogger): (WebCore::MemoryPressureHandler::ReliefLogger::~ReliefLogger): (WebCore::MemoryPressureHandler::ReliefLogger::loggingEnabled): * platform/cocoa/MemoryPressureHandlerCocoa.mm: (WebCore::MemoryPressureHandler::platformReleaseMemory): (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): * platform/linux/MemoryPressureHandlerLinux.cpp: * platform/win/MemoryPressureHandlerWin.cpp: (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): 2016-12-12 Chris Dumez <cdumez@apple.com> Document.visibilityState should use an IDL string enumeration https://bugs.webkit.org/show_bug.cgi?id=165774 Reviewed by Daniel Bates. Document.visibilityState should use an IDL string enumeration: - http://w3c.github.io/page-visibility/#extensions-to-the-document-interface No new tests, there should be no Web-exposed behavior change. * CMakeLists.txt: * Modules/vibration/NavigatorVibration.cpp: (WebCore::NavigatorVibration::vibrate): * WebCore.xcodeproj/project.pbxproj: * dom/Document.cpp: (WebCore::Document::hidden): (WebCore::Document::pageVisibilityState): Deleted. (WebCore::Document::visibilityState): Deleted. * dom/Document.h: * dom/Document.idl: * page/Page.cpp: (WebCore::Page::visibilityState): * page/PageVisibilityState.cpp: Removed. * page/PageVisibilityState.h: (): Deleted. 2016-12-12 Jer Noble <jer.noble@apple.com> Remove implementation of legacy Mozilla-based Fullscreen API. https://bugs.webkit.org/show_bug.cgi?id=165689 Reviewed by Eric Carlson. Alias the legacy webkitRequestFull_S_creen() function on Element to webkitRequestFull_s_creen(). Remove the custom behavior in Document::requestFullScreenForElement() to handle the legacy path. * dom/Document.cpp: (WebCore::Document::requestFullScreenForElement): * dom/Document.h: * dom/Element.cpp: (WebCore::Element::webkitRequestFullscreen): (WebCore::Element::webkitRequestFullScreen): Deleted. * dom/Element.h: * dom/Element.idl: * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::enterFullscreen): * html/shadow/MediaControlElements.cpp: (WebCore::MediaControlFullscreenButtonElement::defaultEventHandler): 2016-12-12 Zalan Bujtas <zalan@apple.com> The CSS 'columns' property when set on the <body> element makes short columns https://bugs.webkit.org/show_bug.cgi?id=164891 Reviewed by Darin Adler and David Hyatt. Currently when the body has auto height, we use the height of the viewport as the available height for the columns defined on the body element. This is the desired behaviour for paginated content. However in case of a simple, non-paginated multicolumn context, we should let the columns grow beyond the viewport vertically. This is also what other browsers do. This patch sets the available height on columns (in non-paginated context) only if the logical height is defined (we are right before layout, so applying non-defined values does not make much sense anyway). The reason why it is only broken on the <body> is because it stretches to the viewport by default (see stretchesToViewport()) while other block renderers do not. Test: fast/multicol/columns-on-body.html * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange): 2016-12-09 Dean Jackson <dino@apple.com> Autoplay isn't working in iPhone MediaDocuments https://bugs.webkit.org/show_bug.cgi?id=165710 <rdar://problems/29606761> Reviewed by Darin Adler. Our silent video autoplay detection disabled autoplay of videos in MediaDocuments. Test: media/ios/autoplay-only-in-main-document.html * html/MediaElementSession.cpp: (WebCore::MediaElementSession::playbackPermitted): Return true if we're in a top-level media document. 2016-12-12 Zan Dobersek <zdobersek@igalia.com> Unreviewed. Fixing build breakage in GStreamer's WebKitCommonEncryptionDecryptorGStreamer. * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp: (webkitMediaCommonEncryptionDecryptTransformInPlace): WTF::Seconds should be used instead of std::chrono::seconds. 2016-12-11 Simon Fraser <simon.fraser@apple.com> REGRESSION (r200283): Transform, overflow hidden and filter combination completely hides the element https://bugs.webkit.org/show_bug.cgi?id=161509 Reviewed by David Hyatt. When the filter painting code needs to recompute a paintDirtyRect, it was using selfClipRect() which is obviously wrong because it returns a rect in absolute coordinates. Use code factored out of localClipRect() instead, which returns a rect relative to the painting root. Test: css3/filters/filter-on-overflow-hidden.html * rendering/RenderLayer.cpp: (WebCore::RenderLayer::paintLayerContents): 2016-12-11 Saam Barati <sbarati@apple.com> We should be able to throw exceptions from Wasm code and when Wasm frames are on the stack https://bugs.webkit.org/show_bug.cgi?id=165429 Reviewed by Keith Miller. * bindings/js/JSDOMBinding.cpp: (WebCore::GetCallerGlobalObjectFunctor::operator()): 2016-12-11 Darin Adler <darin@apple.com> Remove uses of Dictionary in WebRTC IDL files https://bugs.webkit.org/show_bug.cgi?id=165736 Reviewed by Sam Weinig. Also removed quite a bit of unused code. There were some mocks that were out of date and no longer matched the types used in the real code, that also were no longer hooked up, and other types of dead code. We will have to implement anew when we want to restore tests like the ones these were intended to enable. * CMakeLists.txt: Updated for all the removed files. * Modules/mediastream/MediaEndpointPeerConnection.cpp: Moved some types in here that don't need to be in the header. (WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection): Use make_unique. (WebCore::MediaEndpointPeerConnection::setConfiguration): Changed argument type, obviating the need for most of the code that was here. * Modules/mediastream/MediaEndpointPeerConnection.h: Updated for the above. Made more things private and final. Marked the constructor explicit. Removed unneeded includes. * Modules/mediastream/PeerConnectionBackend.h: Removed unneeded includes and forward declarations. Changed the argument type for setConfiguration (see above). * Modules/mediastream/RTCConfiguration.cpp: Removed. None of the code here was needed except for the ICE server validation, and that was moved into RTCPeerConnection::setConfiguration. * Modules/mediastream/RTCConfiguration.h: Changed this from a class to a struct since this is now a dictionary rather than an interface. * Modules/mediastream/RTCConfiguration.idl: Changed this from an interface to a dictionary. * Modules/mediastream/RTCDTMFSender.cpp: Removed some of the code from this file. This class currently isn't implemented, but was depending on RTCPeerConnectionHandler. I removed some of the dead code. Someone will have to straighten this out so we can turn it back on. * Modules/mediastream/RTCDTMFSender.h: Ditto. * Modules/mediastream/RTCDataChannel.cpp: Updated includes. * Modules/mediastream/RTCIceCandidate.cpp: (WebCore::RTCIceCandidate::create): Removed most of the code, since this now takes a structure rather than a WebCore::Dictionary, and so the bindings take care of the work. * Modules/mediastream/RTCIceCandidate.h: Updated for the above. * Modules/mediastream/RTCIceCandidate.idl: Changed the constructor to take a RTCIceCandidateInit instead of a Dictionary. * Modules/mediastream/RTCIceServer.h: Changed this from a class to a struct since this is now a dictionary rather than an interface. * Modules/mediastream/RTCIceServer.idl: Changed this from an interface to a dictionary. * Modules/mediastream/RTCPeerConnection.cpp: (WebCore::RTCPeerConnection::initializeWith): Take an RTCConfiguration rather than a Dictionary. (WebCore::RTCPeerConnection::getConfiguration): Moved to header, now an inline. (WebCore::RTCPeerConnection::setConfiguration): Use the configuration dictionary now instead of the configuration class. Also moved validation of server URLs here, formerly in the RTCConfiguration RTCConfiguration::initialize function. Also moved code to convert from RTCConfiguration to MediaEndpointConfiguration here, formerly in MediaEndpointPeerConnection::setConfiguration. * Modules/mediastream/RTCPeerConnection.h: Updated for the above. * Modules/mediastream/RTCPeerConnection.idl: Changed argument to initializeWith and setConfiguration from Dictionary to RTCConfiguration. * Modules/mediastream/RTCSessionDescription.cpp: (WebCore::parseTypeString): Deleted. (WebCore::RTCSessionDescription::create): Changed to take struct instead of Dictionary. * Modules/mediastream/RTCSessionDescription.h: Added Init struct and changed create to take it. * Modules/mediastream/RTCSessionDescription.idl: Changed constructor argument to take RTCSessionDescriptionInit dictionary instead of Dictionary. * Modules/webaudio/MediaStreamAudioDestinationNode.cpp: Updated includes. * WebCore.xcodeproj/project.pbxproj: Updated for all the removed files. * bindings/scripts/CodeGeneratorJS.pm: (GenerateDictionaryImplementationContent): Fixed convertDictionaryToJS to work with other nullable types besides RefPtr. * bindings/scripts/test/JS/JSTestObj.cpp: Regenerated. * platform/mediastream/RTCConfigurationPrivate.h: Removed. * platform/mediastream/RTCIceServerPrivate.h: Removed. * platform/mediastream/RTCPeerConnectionHandler.cpp: Removed. * platform/mediastream/RTCPeerConnectionHandler.h: Removed. * platform/mock/RTCDTMFSenderHandlerMock.cpp: Removed. * platform/mock/RTCDTMFSenderHandlerMock.h: Removed. * platform/mock/RTCDataChannelHandlerMock.h: Updated includes, made more things private and final. * platform/mock/RTCPeerConnectionHandlerMock.cpp: Removed. * platform/mock/RTCPeerConnectionHandlerMock.h: Removed. * testing/Internals.cpp: (WebCore::Internals::Internals): Removed call to enableMockRTCPeerConnectionHandler. (WebCore::Internals::enableMockRTCPeerConnectionHandler): Deleted. 2016-12-11 Darin Adler <darin@apple.com> Use std::vsnprintf instead of vasprintf https://bugs.webkit.org/show_bug.cgi?id=165740 Reviewed by Sam Weinig. * platform/FileHandle.cpp: (WebCore::FileHandle::printf): Use vsnprintf, including StringExtras.h to ensure compatibility with older versions of the Visual Studio library, and Vector for the buffer. Use inline capacity in the vector so we normally don't need to allocate any memory on the heap. * xml/XSLTUnicodeSort.cpp: (xsltTransformErrorTrampoline): Ditto. * xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::XMLDocumentParser::error): Ditto. 2016-12-11 Darin Adler <darin@apple.com> Make some refinements to HTMLPlugInImageElement https://bugs.webkit.org/show_bug.cgi?id=165742 Reviewed by Sam Weinig. * html/HTMLPlugInImageElement.cpp: Removed many unneeded includes. (WebCore::titleText): Use HashMap::ensure, correct argument types. (WebCore::subtitleText): Ditto. (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement): Moved initialization of most scalars to the class definition. (WebCore::HTMLPlugInImageElement::isImageType): Use auto. (WebCore::HTMLPlugInImageElement::wouldLoadAsPlugIn): Removed unneeded local variable and if statement. (WebCore::HTMLPlugInImageElement::willDetachRenderers): Use auto. (WebCore::HTMLPlugInImageElement::updateSnapshot): Do not call renderer twice unnecessarily. (WebCore::plugInImageElementIsolatedWorld): Use auto. (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot): Use auto. (WebCore::HTMLPlugInImageElement::partOfSnapshotOverlay): Use auto. (WebCore::HTMLPlugInImageElement::restartSimilarPlugIns): Got rid of unnecessary typedef. (WebCore::HTMLPlugInImageElement::userDidClickSnapshot): Take a reference rather than PassRefPtr. (WebCore::documentHadRecentUserGesture): Removed unneeded if. (WebCore::HTMLPlugInImageElement::checkSizeChangeForSnapshotting): Use auto. (WebCore::isSmallerThanTinySizingThreshold): Use auto. (WebCore::HTMLPlugInImageElement::isTopLevelFullPagePlugin): Use auto. (WebCore::HTMLPlugInImageElement::checkSnapshotStatus): Use auto. (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn): Got rid of unnecessary local variable. Use auto. (WebCore::HTMLPlugInImageElement::requestObject): Got rid of unnecessary local variable. * html/HTMLPlugInImageElement.h: Updated for the above. Removed incorrect use of const. Initialized all scalars. Made function private and final. * rendering/RenderSnapshottedPlugIn.cpp: (WebCore::RenderSnapshottedPlugIn::handleEvent): Pass reference instead of pointer. 2016-12-11 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Cleanup some InspectorInstrumentation network loading notifications https://bugs.webkit.org/show_bug.cgi?id=165688 Reviewed by Brian Burg. Eliminate InspectorInstrumentation::willReceiveResourceResponse by folding it into InspectorInstrumentation::didReceiveResourceResponse. Simplify other related InspectorInstrumentation calls by using references and using more consistent InspectorInstrumentation patterns. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl): (WebCore::InspectorInstrumentation::willReceiveResourceResponseImpl): Deleted. (WebCore::InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl): Deleted. (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl): Deleted. (WebCore::InspectorInstrumentation::continueWithPolicyDownloadImpl): Deleted. (WebCore::InspectorInstrumentation::continueWithPolicyIgnoreImpl): Deleted. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::didReceiveResourceResponse): (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied): (WebCore::InspectorInstrumentation::continueWithPolicyDownload): (WebCore::InspectorInstrumentation::continueWithPolicyIgnore): (WebCore::InspectorInstrumentation::willReceiveResourceResponse): Deleted. * loader/CrossOriginPreflightChecker.cpp: (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied): (WebCore::DocumentLoader::continueAfterContentPolicy): * loader/ResourceLoadNotifier.cpp: (WebCore::ResourceLoadNotifier::dispatchDidReceiveResponse): * loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::didReceiveResponse): 2016-12-11 Eric Carlson <eric.carlson@apple.com> [MediaStream] Protect MediaDevicesRequest during callback https://bugs.webkit.org/show_bug.cgi?id=165711 <rdar://problem/28400468> Reviewed by Sam Weinig. No new tests, I was unable to create a reproducible test but this fix avoids an occasional crash in existing tests. * Modules/mediastream/MediaDevicesEnumerationRequest.cpp: (WebCore::MediaDevicesEnumerationRequest::start): Take a reference to the object before calling the controller in case the completion handler is called synchronously. 2016-12-09 Filip Pizlo <fpizlo@apple.com> The DOM should have an advancing wavefront opaque root barrier https://bugs.webkit.org/show_bug.cgi?id=165712 Reviewed by Yusuke Suzuki. No new tests because this was covered by crashing tests. Consider these two cases: Removal: 1) DOM at start: D->X->Y 2) Mark X, X->visitChildren, addOpaqueRoot(D) 3) remove X 4) Y thinks it's not reachable (its opaque root, X, is not in the set). Insertion: 1) DOM at start: D, X->Y 2) Mark X, X->visitChildren, addOpaqueRoot(X) 3) insert X into D 4) Y thinks it's not reachable (its opaque root, D, is not in the set). We can fix this with two barriers: Removal: add X (the removed child) to the opaque root set. Insertion: add D (the insertion point) to the opaque root set. Thanks Rysosuke for coming up with this idea! Both barriers advance the wavefront. We could consider retreating wavefront barriers in the future (where we cause visitChildren to be called again on wrappers that belonged to roots that got affected by insertion/removal) but those would probably require more bookkeeping. To make this barrier very fast, the WebCore caches the JSC VM's barrier state in its own global variable for very fast access. This variable will be false most of the time. It's false when there is no VM, so triggering the barrier won't cause the VM to be created. It's only true when GC is running, which is rare by design. To make that caching more sensible, I finally gave WebCore a central header for the common VM (CommonVM.h). * CMakeLists.txt: * Modules/mediastream/SDPProcessor.cpp: (WebCore::SDPProcessor::callScript): * WebCore.xcodeproj/project.pbxproj: * bindings/js/CommonVM.cpp: Added. (WebCore::commonVMSlow): (WebCore::writeBarrierOpaqueRootSlow): * bindings/js/CommonVM.h: Added. (WebCore::commonVM): (WebCore::writeBarrierOpaqueRoot): * bindings/js/DOMWrapperWorld.cpp: (WebCore::mainThreadNormalWorld): * bindings/js/GCController.cpp: (WebCore::collect): (WebCore::GCController::garbageCollectSoon): (WebCore::GCController::garbageCollectNow): (WebCore::GCController::garbageCollectNowIfNotDoneRecently): (WebCore::GCController::setJavaScriptGarbageCollectorTimerEnabled): (WebCore::GCController::deleteAllCode): (WebCore::GCController::deleteAllLinkedCode): * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSDOMBinding.cpp: (WebCore::addImpureProperty): * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::fireFrameClearedWatchpointsForWindow): (WebCore::JSDOMWindowBase::commonVM): Deleted. * bindings/js/JSDOMWindowBase.h: * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::setWindow): * bindings/js/JSNodeCustom.h: (WebCore::root): * bindings/js/ScriptCachedFrameData.cpp: (WebCore::ScriptCachedFrameData::ScriptCachedFrameData): (WebCore::ScriptCachedFrameData::restore): (WebCore::ScriptCachedFrameData::clear): * bindings/js/ScriptController.cpp: (WebCore::ScriptController::~ScriptController): (WebCore::ScriptController::createWorld): (WebCore::ScriptController::getAllWorlds): (WebCore::ScriptController::clearWindowShell): (WebCore::ScriptController::cacheableBindingRootObject): (WebCore::ScriptController::bindingRootObject): (WebCore::ScriptController::windowScriptNPObject): (WebCore::ScriptController::jsObjectForPluginElement): (WebCore::ScriptController::clearScriptObjects): * dom/CollectionIndexCache.cpp: (WebCore::reportExtraMemoryAllocatedForCollectionIndexCache): * dom/ContainerNode.cpp: * dom/ContainerNodeAlgorithms.cpp: (WebCore::notifyChildNodeInserted): (WebCore::notifyChildNodeRemoved): * dom/Document.cpp: (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): * dom/Node.h: (WebCore::Node::opaqueRoot): * dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::vm): * html/HTMLImageLoader.cpp: (WebCore::HTMLImageLoader::notifyFinished): * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::pauseAfterDetachedTask): (WebCore::HTMLMediaElement::ensureIsolatedWorld): * html/HTMLPlugInImageElement.cpp: (WebCore::plugInImageElementIsolatedWorld): * inspector/InspectorController.cpp: (WebCore::InspectorController::vm): * inspector/PageScriptDebugServer.cpp: (WebCore::PageScriptDebugServer::PageScriptDebugServer): * page/PerformanceLogging.cpp: (WebCore::PerformanceLogging::memoryUsageStatistics): (WebCore::PerformanceLogging::javaScriptObjectCounts): * page/ResourceUsageThread.cpp: (WebCore::ResourceUsageThread::createThreadIfNeeded): * svg/graphics/SVGImage.cpp: (WebCore::SVGImage::reportApproximateMemoryCost): * testing/MemoryInfo.h: (WebCore::MemoryInfo::MemoryInfo): 2016-12-11 Dan Bernstein <mitz@apple.com> [Cocoa] NSAttributedString representation of text copied from -webkit-nbsp-mode:space element contains non-breaking space characters, but shouldn’t https://bugs.webkit.org/show_bug.cgi?id=165515 <rdar://problem/4108460> Reviewed by Darin Adler. Test: platform/mac/fast/text/attributed-substring-from-range.html * editing/cocoa/HTMLConverter.mm: (HTMLConverter::_processText): Emit a space instead of a non-breaking space if the text node is styled with -webkit-nbsp-mode:space. (WebCore::editingAttributedStringFromRange): Replace all non-breaking spaces with spaces if they come from a text node with -webkit-nbsp-mode:space. 2016-12-11 Konstantin Tokarev <annulen@yandex.ru> Unreviewed, add KHR include dir to fix ANGLE build after r209665 https://bugs.webkit.org/show_bug.cgi?id=165686 * CMakeLists.txt: 2016-12-10 Dave Hyatt <hyatt@apple.com> Rolling out 165737, since it broke layout tests. I need to find a different place to put the init. * contentextensions/ContentExtensionParser.cpp: (WebCore::ContentExtensions::isValidSelector): 2016-12-10 Simon Fraser <simon.fraser@apple.com> Support the deprecated dictionary constructor for DOMPointReadOnly and DOMPoint https://bugs.webkit.org/show_bug.cgi?id=165732 Reviewed by Sam Weinig. For compatibility with other browsers, support the DOMPointInit constructor to DOMPoint and DOMPointReadOnly per <https://www.w3.org/TR/geometry-1/#DOMPoint> Extended geometry/DOMPoint-001.html to test. * dom/DOMPoint.h: * dom/DOMPoint.idl: * dom/DOMPointReadOnly.h: (WebCore::DOMPointReadOnly::create): * dom/DOMPointReadOnly.idl: 2016-12-10 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure content extensions initialize AtomicString https://bugs.webkit.org/show_bug.cgi?id=165737 Reviewed by Simon Fraser. Fixes two broken tests in TestWebkitAPI. * contentextensions/ContentExtensionParser.cpp: (WebCore::ContentExtensions::isValidSelector): 2016-12-10 Simon Fraser <simon.fraser@apple.com> Animation followed by transition doesn't always fire transitionend event https://bugs.webkit.org/show_bug.cgi?id=165731 rdar://problem/28471240 Reviewed by Zalan Bujtas. After r200047, a keyframe animation of an accelerated property followed by a transition didn't always fire a transitionend event. This happened if CompositeAnimation::timeToNextService() happend to be called when the transitions's timeToNextService() returned a positive value, but the keyframe animation still existed, but its timeToNextService() returned -1. In this case that -1 would clobber the positing minT. Fix by just continuing in each loop when the timeToNextService() returns -1. This code should probably be rewritten to use std::optional<double> rather than magic values. Test: animations/animation-followed-by-transition.html * page/animation/CompositeAnimation.cpp: (WebCore::CompositeAnimation::timeToNextService): * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::addAnimation): (WebCore::GraphicsLayerCA::pauseAnimation): (WebCore::GraphicsLayerCA::removeAnimation): (WebCore::GraphicsLayerCA::platformCALayerAnimationStarted): (WebCore::GraphicsLayerCA::platformCALayerAnimationEnded): 2016-12-10 Sam Weinig <sam@webkit.org> [WebIDL] Merge JSDictionary into Dictionary, and remove unused bits https://bugs.webkit.org/show_bug.cgi?id=165641 Reviewed by Dan Bernstein. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Remove JSDictionary.h/cpp * Modules/mediastream/RTCDataChannel.cpp: Remove unused #include of Dictionary.h * Modules/mediastream/RTCPeerConnection.cpp: * Modules/mediastream/RTCPeerConnection.h: Replace unnecessary #include of Dictionary in a header with forward declaration. * bindings/js/Dictionary.cpp: (WebCore::Dictionary::Dictionary): (WebCore::Dictionary::tryGetProperty): (WebCore::Dictionary::getOwnPropertyNames): (WebCore::Dictionary::convertValue): (WebCore::Dictionary::asJSObject<Notification>): Deleted. (WebCore::Dictionary::getOwnPropertiesAsStringHashMap): Deleted. (WebCore::Dictionary::getWithUndefinedOrNullCheck): Deleted. * bindings/js/Dictionary.h: (WebCore::Dictionary::isObject): (WebCore::Dictionary::isUndefinedOrNull): (WebCore::Dictionary::execState): (WebCore::Dictionary::initializerObject): (WebCore::Dictionary::isValid): (WebCore::Dictionary::convertValue): (WebCore::Dictionary::get): (WebCore::Dictionary::tryGetPropertyAndResult): (WebCore::Dictionary::getEventListener): Deleted. Merge JSDictionary into Dictionary. Remove all unused functions (some getters, lots of convertValue overrides). Modernize to taste. * bindings/js/JSCryptoAlgorithmDictionary.cpp: (WebCore::JSCryptoAlgorithmDictionary::getAlgorithmIdentifier): (WebCore::getHashAlgorithm): (WebCore::createHmacParams): (WebCore::createHmacKeyParams): (WebCore::createRsaKeyGenParams): (WebCore::createRsaOaepParams): (WebCore::createRsaSsaParams): Update for rename. JSDictionary is now Dictionary. * bindings/js/JSDictionary.cpp: Removed. * bindings/js/JSDictionary.h: Removed. * dom/MutationObserver.cpp: Remove unused #include of Dictionary.h 2016-12-10 Dave Hyatt <hyatt@apple.com> [CSS Parser] Move CSSParserValues.h/.cpp to CSSParserSelector.h/.cpp https://bugs.webkit.org/show_bug.cgi?id=165730 Reviewed by Simon Fraser. * WebCore.xcodeproj/project.pbxproj: * css/CSSCustomPropertyValue.cpp: * css/CSSPrimitiveValue.cpp: * css/CSSSelectorList.cpp: * css/makeSelectorPseudoClassAndCompatibilityElementMap.py: * css/parser/CSSParserImpl.cpp: * css/parser/CSSParserSelector.cpp: Copied from Source/WebCore/css/parser/CSSParserValues.cpp. * css/parser/CSSParserSelector.h: Copied from Source/WebCore/css/parser/CSSParserValues.h. * css/parser/CSSParserValues.cpp: Removed. * css/parser/CSSParserValues.h: Removed. * css/parser/CSSSelectorParser.h: 2016-12-10 Dave Hyatt <hyatt@apple.com> [CSS Parser] Remove the pseudoclass/element hacks https://bugs.webkit.org/show_bug.cgi?id=165729 Reviewed by Sam Weinig. * css/SelectorPseudoClassAndCompatibilityElementMap.in: * css/SelectorPseudoElementTypeMap.in: * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumePseudo): 2016-12-09 Sam Weinig <sam@webkit.org> [WebIDL] Remove custom bindings for Geolocation https://bugs.webkit.org/show_bug.cgi?id=165625 Reviewed by Alex Christensen. * CMakeLists.txt: * DerivedSources.cpp: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Add/remove files. * Modules/geolocation/GeoNotifier.cpp: (WebCore::GeoNotifier::GeoNotifier): (WebCore::GeoNotifier::hasZeroTimeout): (WebCore::GeoNotifier::startTimerIfNeeded): * Modules/geolocation/GeoNotifier.h: (WebCore::GeoNotifier::create): (WebCore::GeoNotifier::options): Update to store PositionOptions as a value, and pass the PositionCallback as a Ref, rather than a RefPtr, since it is not optional. * Modules/geolocation/Geolocation.cpp: (WebCore::createGeoposition): Use auto, to get the good type for Coordinates (Ref). (WebCore::Geolocation::getCurrentPosition): (WebCore::Geolocation::watchPosition): (WebCore::Geolocation::haveSuitableCachedPosition): (WebCore::Geolocation::startUpdating): * Modules/geolocation/Geolocation.h: Update to pass PositionOptions itself now that it is a plain struct. * Modules/geolocation/Geolocation.idl: Remove [Custom] extended attribute and add FIXME about nullable annotation. * Modules/geolocation/Geoposition.h: Pass/store Coordinates as a Ref. * Modules/geolocation/PositionOptions.h: Convert to be a simple struct. * Modules/geolocation/PositionOptions.idl: Added. * bindings/js/JSGeolocationCustom.cpp: Removed. 2016-12-09 Dave Hyatt <hyatt@apple.com> [CSS Parser] Remove the old CSS Parser https://bugs.webkit.org/show_bug.cgi?id=165645 Reviewed by Daniel Bates. Remove the old CSS parser code. In doing so, code that used documentless CSSParserContexts is now going through the new parser. This resulted in some additional changes. These include: (1) Canvas color parsing switched to new parser's code. This resulted in progressions on canvas tests. (2) Support for CSSNamespaceRule in the CSS OM, since the Inspector's creation of CSS OM wrappers made it necessary to add this in. The old parser did not create style rules for namespaces, but the new one (and other browsers) did. (3) <font face="X"> now uses the new parser's font-family parsing code. This change was made in createFontFaceValue in CSSValuePool. (4) FontFace now uses a new function on the new parser called parseFontFaceDescriptor. This function sets things up so that parsing occurs as though you are inside a @font-face. The old parser let you call parseValue to parse "properties", but descriptors need to be handled differently in the new parser. (5) Illegal CSS rules in mediaControlsApple/ios.css forced me to add a quirk to handle chained shadow DOM pseudo-elements. This should not be allowed, but for now it is. * CMakeLists.txt: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSCSSRuleCustom.cpp: (WebCore::toJSNewlyCreated): * bindings/js/JSCSSStyleDeclarationCustom.cpp: * css/CSSCalculationValue.cpp: (WebCore::unitCategory): (WebCore::hasDoubleValue): (WebCore::checkDepthAndIndexDeprecated): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseCalc): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::operatorValue): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseValue): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseValueTerm): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseValueMultiplicativeExpression): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseAdditiveValueExpression): Deleted. (WebCore::CSSCalcExpressionNodeParserDeprecated::parseValueExpression): Deleted. * css/CSSCalculationValue.h: * css/CSSComputedStyleDeclaration.cpp: (WebCore::specifiedValueForGridTrackSize): * css/CSSCustomPropertyValue.cpp: (WebCore::CSSCustomPropertyValue::checkVariablesForCycles): (WebCore::CSSCustomPropertyValue::resolveVariableReferences): * css/CSSCustomPropertyValue.h: * css/CSSFunctionValue.cpp: (WebCore::CSSFunctionValue::CSSFunctionValue): (WebCore::CSSFunctionValue::customCSSText): (WebCore::CSSFunctionValue::append): (WebCore::CSSFunctionValue::buildParserValueSubstitutingVariables): Deleted. * css/CSSFunctionValue.h: * css/CSSGrammar.y.in: Removed. * css/CSSGrammar.y.includes: Removed. * css/CSSGroupingRule.cpp: (WebCore::CSSGroupingRule::insertRule): * css/CSSKeyframeRule.h: * css/CSSKeyframesRule.cpp: (WebCore::CSSKeyframesRule::appendRule): * css/CSSNamespaceRule.cpp: Added. (WebCore::CSSNamespaceRule::CSSNamespaceRule): (WebCore::CSSNamespaceRule::~CSSNamespaceRule): (WebCore::CSSNamespaceRule::namespaceURI): (WebCore::CSSNamespaceRule::prefix): (WebCore::CSSNamespaceRule::cssText): (WebCore::CSSNamespaceRule::reattach): * css/CSSNamespaceRule.h: Added. * css/CSSNamespaceRule.idl: Added. * css/CSSPrimitiveValue.cpp: (WebCore::isValidCSSUnitTypeForDoubleConversion): (WebCore::isStringType): (WebCore::CSSPrimitiveValue::cleanup): (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): (WebCore::CSSPrimitiveValue::cloneForCSSOM): (WebCore::CSSPrimitiveValue::equals): (WebCore::CSSPrimitiveValue::buildParserValue): Deleted. * css/CSSPrimitiveValue.h: * css/CSSRule.h: * css/CSSRule.idl: * css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::insertRule): * css/CSSValue.cpp: (WebCore::CSSValue::equals): (WebCore::CSSValue::cssText): (WebCore::CSSValue::destroy): * css/CSSValue.h: (WebCore::CSSValue::isCustomPropertyValue): (WebCore::CSSValue::hasVariableReferences): (WebCore::CSSValue::isVariableDependentValue): Deleted. (WebCore::CSSValue::isVariableValue): Deleted. * css/CSSValueList.cpp: (WebCore::CSSValueList::customCSSText): (WebCore::CSSValueList::containsVariables): Deleted. (WebCore::CSSValueList::checkVariablesForCycles): Deleted. (WebCore::CSSValueList::buildParserValueSubstitutingVariables): Deleted. (WebCore::CSSValueList::buildParserValueListSubstitutingVariables): Deleted. * css/CSSValueList.h: (WebCore::CSSValueList::createSlashSeparated): (WebCore::CSSValueList::createFromParserValueList): Deleted. * css/CSSValuePool.cpp: (WebCore::CSSValuePool::createFontFaceValue): * css/CSSVariableData.cpp: * css/CSSVariableDependentValue.cpp: Removed. * css/CSSVariableDependentValue.h: Removed. * css/CSSVariableValue.cpp: Removed. * css/CSSVariableValue.h: Removed. * css/DOMCSSNamespace.cpp: * css/FontFace.cpp: (WebCore::FontFace::parseString): * css/InspectorCSSOMWrappers.cpp: * css/MediaQueryExp.cpp: (WebCore::isFeatureValidWithIdentifier): Deleted. (WebCore::isFeatureValidWithNonNegativeLengthOrNumber): Deleted. (WebCore::isFeatureValidWithDensity): Deleted. (WebCore::isFeatureValidWithNonNegativeInteger): Deleted. (WebCore::isFeatureValidWithNonNegativeNumber): Deleted. (WebCore::isFeatureValidWithZeroOrOne): Deleted. (WebCore::isFeatureValidWithNumberWithUnit): Deleted. (WebCore::isFeatureValidWithNumber): Deleted. (WebCore::isSlash): Deleted. (WebCore::isPositiveIntegerValue): Deleted. * css/MediaQueryExp.h: * css/PropertySetCSSStyleDeclaration.cpp: (WebCore::PropertySetCSSStyleDeclaration::setCssText): (WebCore::PropertySetCSSStyleDeclaration::setProperty): * css/SelectorPseudoTypeMap.h: * css/StyleProperties.cpp: (WebCore::StyleProperties::getPropertyValue): (WebCore::StyleProperties::getPropertyCSSValue): (WebCore::MutableStyleProperties::setCustomProperty): (WebCore::MutableStyleProperties::parseDeclaration): (WebCore::StyleProperties::asText): * css/StyleProperties.h: * css/StyleResolver.cpp: (WebCore::StyleResolver::applyProperty): * css/StyleResolver.h: * css/StyleRule.cpp: (WebCore::StyleRuleBase::createCSSOMWrapper): * css/StyleSheetContents.cpp: (WebCore::StyleSheetContents::parseAuthorStyleSheet): (WebCore::StyleSheetContents::parseString): (WebCore::StyleSheetContents::completeURL): (WebCore::StyleSheetContents::parseStringAtPosition): Deleted. * css/StyleSheetContents.h: * css/WebKitCSSMatrix.cpp: * css/makeSelectorPseudoClassAndCompatibilityElementMap.py: * css/parser/CSSParser.cpp: (WebCore::CSSParserContext::CSSParserContext): (WebCore::CSSParser::CSSParser): (WebCore::CSSParser::parseSheet): (WebCore::CSSParser::parseRule): (WebCore::CSSParser::parseKeyframeRule): (WebCore::CSSParser::parseSupportsCondition): (WebCore::CSSParser::parseColor): (WebCore::CSSParser::parseSystemColor): (WebCore::CSSParser::parseSingleValue): (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseCustomPropertyValue): (WebCore::CSSParser::parseSelector): (WebCore::CSSParser::parseInlineStyleDeclaration): (WebCore::CSSParser::parseDeclaration): (WebCore::CSSParser::parseValueWithVariableReferences): (WebCore::CSSParser::parseKeyframeKeyList): (WebCore::CSSParser::parseFontFaceDescriptor): (WebCore::equalLettersIgnoringASCIICase): Deleted. (WebCore::hasPrefix): Deleted. (WebCore::createPrimitiveValuePair): Deleted. (WebCore::AnimationParseContext::commitFirstAnimation): Deleted. (WebCore::AnimationParseContext::hasCommittedFirstAnimation): Deleted. (WebCore::AnimationParseContext::commitAnimationPropertyKeyword): Deleted. (WebCore::AnimationParseContext::animationPropertyKeywordAllowed): Deleted. (WebCore::AnimationParseContext::hasSeenAnimationPropertyKeyword): Deleted. (WebCore::AnimationParseContext::sawAnimationPropertyKeyword): Deleted. (): Deleted. (WebCore::convertToASCIILowercaseInPlace): Deleted. (WebCore::CSSParserString::convertToASCIILowercaseInPlace): Deleted. (WebCore::CSSParser::setupParser): Deleted. (WebCore::isColorPropertyID): Deleted. (WebCore::CSSParser::isValidSystemColorValue): Deleted. (WebCore::validPrimitiveValueColor): Deleted. (WebCore::parseColorValue): Deleted. (WebCore::isSimpleLengthPropertyID): Deleted. (WebCore::parseSimpleLength): Deleted. (WebCore::parseSimpleLengthValue): Deleted. (WebCore::isValidKeywordPropertyAndValue): Deleted. (WebCore::isUniversalKeyword): Deleted. (WebCore::isKeywordPropertyID): Deleted. (WebCore::parseKeywordValue): Deleted. (WebCore::parseTransformTranslateArguments): Deleted. (WebCore::parseTranslateTransformValue): Deleted. (WebCore::CSSParser::parseFontFaceValue): Deleted. (WebCore::CSSParser::parseColorFromString): Deleted. (WebCore::CSSParser::parseDeclarationDeprecated): Deleted. (WebCore::filterProperties): Deleted. (WebCore::CSSParser::createStyleProperties): Deleted. (WebCore::CSSParser::addProperty): Deleted. (WebCore::CSSParser::rollbackLastProperties): Deleted. (WebCore::CSSParser::clearProperties): Deleted. (WebCore::CSSParser::completeURL): Deleted. (WebCore::CSSParser::validateCalculationUnit): Deleted. (WebCore::CSSParser::shouldAcceptUnitLessValues): Deleted. (WebCore::CSSParser::validateUnit): Deleted. (WebCore::CSSParser::createPrimitiveNumericValue): Deleted. (WebCore::CSSParser::createPrimitiveStringValue): Deleted. (WebCore::isComma): Deleted. (WebCore::isForwardSlashOperator): Deleted. (WebCore::CSSParser::isValidSize): Deleted. (WebCore::CSSParser::parseValidPrimitive): Deleted. (WebCore::CSSParser::addExpandedPropertyForValue): Deleted. (WebCore::isImageSetFunctionValue): Deleted. (WebCore::CSSParser::addFillValue): Deleted. (WebCore::isContentDistributionKeyword): Deleted. (WebCore::isContentPositionKeyword): Deleted. (WebCore::isBaselinePositionKeyword): Deleted. (WebCore::isAlignmentOverflowKeyword): Deleted. (WebCore::isItemPositionKeyword): Deleted. (WebCore::CSSParser::parseLegacyPosition): Deleted. (WebCore::CSSParser::parseContentDistributionOverflowPosition): Deleted. (WebCore::CSSParser::parseItemPositionOverflowPosition): Deleted. (WebCore::parseBackgroundClip): Deleted. (WebCore::CSSParser::useLegacyBackgroundSizeShorthandBehavior): Deleted. (WebCore::CSSParser::parseNonElementSnapPoints): Deleted. (WebCore::CSSParser::parseScrollSnapPositions): Deleted. (WebCore::CSSParser::parseScrollSnapDestination): Deleted. (WebCore::CSSParser::parseScrollSnapCoordinate): Deleted. (WebCore::CSSParser::parseFillShorthand): Deleted. (WebCore::CSSParser::addAnimationValue): Deleted. (WebCore::CSSParser::parseAnimationShorthand): Deleted. (WebCore::CSSParser::parseColumnWidth): Deleted. (WebCore::CSSParser::parseColumnCount): Deleted. (WebCore::CSSParser::parseColumnsShorthand): Deleted. (WebCore::CSSParser::parseTransitionShorthand): Deleted. (WebCore::CSSParser::parseShorthand): Deleted. (WebCore::CSSParser::parse4Values): Deleted. (WebCore::CSSParser::parsePage): Deleted. (WebCore::CSSParser::parseSize): Deleted. (WebCore::CSSParser::parseSizeParameter): Deleted. (WebCore::CSSParser::parseQuotes): Deleted. (WebCore::CSSParser::parseAlt): Deleted. (WebCore::CSSParser::parseCustomPropertyDeclaration): Deleted. (WebCore::CSSParser::parseContent): Deleted. (WebCore::CSSParser::parseAttr): Deleted. (WebCore::CSSParser::parseBackgroundColor): Deleted. (WebCore::CSSParser::parseFillImage): Deleted. (WebCore::CSSParser::parsePositionX): Deleted. (WebCore::CSSParser::parsePositionY): Deleted. (WebCore::CSSParser::parseFillPositionComponent): Deleted. (WebCore::isValueConflictingWithCurrentEdge): Deleted. (WebCore::isFillPositionKeyword): Deleted. (WebCore::CSSParser::parse4ValuesFillPosition): Deleted. (WebCore::CSSParser::parse3ValuesFillPosition): Deleted. (WebCore::CSSParser::isPotentialPositionValue): Deleted. (WebCore::CSSParser::parseFillPosition): Deleted. (WebCore::CSSParser::parse2ValuesFillPosition): Deleted. (WebCore::CSSParser::parseFillRepeat): Deleted. (WebCore::CSSParser::parseFillSize): Deleted. (WebCore::CSSParser::parseFillProperty): Deleted. (WebCore::CSSParser::parseAnimationDelay): Deleted. (WebCore::CSSParser::parseAnimationDirection): Deleted. (WebCore::CSSParser::parseAnimationDuration): Deleted. (WebCore::CSSParser::parseAnimationFillMode): Deleted. (WebCore::CSSParser::parseAnimationIterationCount): Deleted. (WebCore::CSSParser::parseAnimationName): Deleted. (WebCore::CSSParser::parseAnimationPlayState): Deleted. (WebCore::CSSParser::parseAnimationTrigger): Deleted. (WebCore::CSSParser::parseAnimationProperty): Deleted. (WebCore::CSSParser::parseTransformOriginShorthand): Deleted. (WebCore::CSSParser::isSpringTimingFunctionEnabled): Deleted. (WebCore::CSSParser::parseCubicBezierTimingFunctionValue): Deleted. (WebCore::CSSParser::parseSpringTimingFunctionValue): Deleted. (WebCore::CSSParser::parseAnimationTimingFunction): Deleted. (WebCore::isValidGridPositionCustomIdent): Deleted. (WebCore::CSSParser::parseIntegerOrCustomIdentFromGridPosition): Deleted. (WebCore::CSSParser::parseGridPosition): Deleted. (WebCore::gridMissingGridPositionValue): Deleted. (WebCore::CSSParser::parseGridItemPositionShorthand): Deleted. (WebCore::CSSParser::parseGridGapShorthand): Deleted. (WebCore::CSSParser::parseGridTemplateColumns): Deleted. (WebCore::CSSParser::parseGridTemplateRowsAndAreasAndColumns): Deleted. (WebCore::CSSParser::parseGridTemplateShorthand): Deleted. (WebCore::parseImplicitAutoFlow): Deleted. (WebCore::CSSParser::parseGridShorthand): Deleted. (WebCore::CSSParser::parseGridAreaShorthand): Deleted. (WebCore::CSSParser::parseSingleGridAreaLonghand): Deleted. (WebCore::CSSParser::parseGridLineNames): Deleted. (WebCore::isGridTrackFixedSized): Deleted. (WebCore::CSSParser::parseGridTrackList): Deleted. (WebCore::CSSParser::parseGridTrackRepeatFunction): Deleted. (WebCore::CSSParser::parseGridTrackSize): Deleted. (WebCore::CSSParser::parseGridBreadth): Deleted. (WebCore::isValidGridAutoFlowId): Deleted. (WebCore::CSSParser::parseGridAutoFlow): Deleted. (WebCore::skipCommaInDashboardRegion): Deleted. (WebCore::CSSParser::parseDashboardRegions): Deleted. (WebCore::parseGridTemplateAreasColumnNames): Deleted. (WebCore::CSSParser::parseGridTemplateAreasRow): Deleted. (WebCore::CSSParser::parseGridTemplateAreas): Deleted. (WebCore::CSSParser::parseCounterContent): Deleted. (WebCore::CSSParser::parseClipShape): Deleted. (WebCore::completeBorderRadii): Deleted. (WebCore::CSSParser::parseInsetRoundedCorners): Deleted. (WebCore::CSSParser::parseBasicShapeInset): Deleted. (WebCore::CSSParser::parseShapeRadius): Deleted. (WebCore::CSSParser::parseBasicShapeCircle): Deleted. (WebCore::CSSParser::parseBasicShapeEllipse): Deleted. (WebCore::CSSParser::parseBasicShapePolygon): Deleted. (WebCore::CSSParser::parseBasicShapePath): Deleted. (WebCore::isBoxValue): Deleted. (WebCore::CSSParser::parseBasicShapeAndOrBox): Deleted. (WebCore::CSSParser::parseShapeProperty): Deleted. (WebCore::CSSParser::parseClipPath): Deleted. (WebCore::CSSParser::parseBasicShape): Deleted. (WebCore::CSSParser::parseFont): Deleted. (WebCore::CSSParser::parseSystemFont): Deleted. (WebCore::FontFamilyValueBuilder::FontFamilyValueBuilder): Deleted. (WebCore::FontFamilyValueBuilder::add): Deleted. (WebCore::FontFamilyValueBuilder::commit): Deleted. (WebCore::valueIsCSSKeyword): Deleted. (WebCore::CSSParser::parseFontFamily): Deleted. (WebCore::CSSParser::parseLineHeight): Deleted. (WebCore::CSSParser::parseFontSize): Deleted. (WebCore::createFontWeightValueKeyword): Deleted. (WebCore::CSSParser::parseFontWeight): Deleted. (WebCore::CSSParser::parseFontSynthesis): Deleted. (WebCore::CSSParser::parseFontFaceSrcURI): Deleted. (WebCore::CSSParser::parseFontFaceSrcLocal): Deleted. (WebCore::CSSParser::parseFontFaceSrc): Deleted. (WebCore::CSSParser::parseFontFaceUnicodeRange): Deleted. (WebCore::checkForValidDouble): Deleted. (WebCore::parseDouble): Deleted. (WebCore::parseColorIntOrPercentage): Deleted. (WebCore::isTenthAlpha): Deleted. (WebCore::parseAlphaValue): Deleted. (WebCore::mightBeRGBA): Deleted. (WebCore::mightBeRGB): Deleted. (WebCore::fastParseColorInternal): Deleted. (WebCore::CSSParser::fastParseColor): Deleted. (WebCore::CSSParser::parsedDouble): Deleted. (WebCore::CSSParser::isCalculation): Deleted. (WebCore::isPercent): Deleted. (WebCore::CSSParser::parseColorInt): Deleted. (WebCore::CSSParser::parseColorDouble): Deleted. (WebCore::CSSParser::parseRGBParameters): Deleted. (WebCore::CSSParser::parseColorFunctionParameters): Deleted. (WebCore::CSSParser::parseHSLParameters): Deleted. (WebCore::CSSParser::parseColorFromValue): Deleted. (WebCore::ShadowParseContext::ShadowParseContext): Deleted. (WebCore::ShadowParseContext::allowLength): Deleted. (WebCore::ShadowParseContext::commitValue): Deleted. (WebCore::ShadowParseContext::commitLength): Deleted. (WebCore::ShadowParseContext::commitColor): Deleted. (WebCore::ShadowParseContext::commitStyle): Deleted. (WebCore::CSSParser::parseShadow): Deleted. (WebCore::CSSParser::parseReflect): Deleted. (WebCore::CSSParser::parseFlex): Deleted. (WebCore::BorderImageParseContext::BorderImageParseContext): Deleted. (WebCore::BorderImageParseContext::canAdvance): Deleted. (WebCore::BorderImageParseContext::setCanAdvance): Deleted. (WebCore::BorderImageParseContext::allowCommit): Deleted. (WebCore::BorderImageParseContext::allowImage): Deleted. (WebCore::BorderImageParseContext::allowImageSlice): Deleted. (WebCore::BorderImageParseContext::allowRepeat): Deleted. (WebCore::BorderImageParseContext::allowForwardSlashOperator): Deleted. (WebCore::BorderImageParseContext::requireWidth): Deleted. (WebCore::BorderImageParseContext::requireOutset): Deleted. (WebCore::BorderImageParseContext::commitImage): Deleted. (WebCore::BorderImageParseContext::commitImageSlice): Deleted. (WebCore::BorderImageParseContext::commitForwardSlashOperator): Deleted. (WebCore::BorderImageParseContext::commitBorderWidth): Deleted. (WebCore::BorderImageParseContext::commitBorderOutset): Deleted. (WebCore::BorderImageParseContext::commitRepeat): Deleted. (WebCore::BorderImageParseContext::commitWebKitBorderImage): Deleted. (WebCore::BorderImageParseContext::commitBorderImage): Deleted. (WebCore::BorderImageParseContext::commitBorderImageProperty): Deleted. (WebCore::CSSParser::parseBorderImage): Deleted. (WebCore::isBorderImageRepeatKeyword): Deleted. (WebCore::CSSParser::parseBorderImageRepeat): Deleted. (WebCore::BorderImageSliceParseContext::BorderImageSliceParseContext): Deleted. (WebCore::BorderImageSliceParseContext::allowNumber): Deleted. (WebCore::BorderImageSliceParseContext::allowFill): Deleted. (WebCore::BorderImageSliceParseContext::allowFinalCommit): Deleted. (WebCore::BorderImageSliceParseContext::top): Deleted. (WebCore::BorderImageSliceParseContext::commitNumber): Deleted. (WebCore::BorderImageSliceParseContext::commitFill): Deleted. (WebCore::BorderImageSliceParseContext::commitBorderImageSlice): Deleted. (WebCore::CSSParser::parseBorderImageSlice): Deleted. (WebCore::BorderImageQuadParseContext::BorderImageQuadParseContext): Deleted. (WebCore::BorderImageQuadParseContext::allowNumber): Deleted. (WebCore::BorderImageQuadParseContext::allowFinalCommit): Deleted. (WebCore::BorderImageQuadParseContext::top): Deleted. (WebCore::BorderImageQuadParseContext::commitNumber): Deleted. (WebCore::BorderImageQuadParseContext::setAllowFinalCommit): Deleted. (WebCore::BorderImageQuadParseContext::setTop): Deleted. (WebCore::BorderImageQuadParseContext::commitBorderImageQuad): Deleted. (WebCore::CSSParser::parseBorderImageQuad): Deleted. (WebCore::CSSParser::parseBorderImageWidth): Deleted. (WebCore::CSSParser::parseBorderImageOutset): Deleted. (WebCore::CSSParser::parseBorderRadius): Deleted. (WebCore::CSSParser::parseAspectRatio): Deleted. (WebCore::CSSParser::parseCounter): Deleted. (WebCore::parseDeprecatedGradientPoint): Deleted. (WebCore::parseDeprecatedGradientColorStop): Deleted. (WebCore::CSSParser::parseDeprecatedGradient): Deleted. (WebCore::valueFromSideKeyword): Deleted. (WebCore::parseGradientColorOrKeyword): Deleted. (WebCore::CSSParser::parseDeprecatedLinearGradient): Deleted. (WebCore::CSSParser::parseDeprecatedRadialGradient): Deleted. (WebCore::CSSParser::parseLinearGradient): Deleted. (WebCore::CSSParser::parseRadialGradient): Deleted. (WebCore::CSSParser::parseGradientColorStops): Deleted. (WebCore::CSSParser::isGeneratedImageValue): Deleted. (WebCore::CSSParser::parseGeneratedImage): Deleted. (WebCore::CSSParser::parseFilterImage): Deleted. (WebCore::CSSParser::parseCrossfade): Deleted. (WebCore::CSSParser::parseCanvas): Deleted. (WebCore::CSSParser::parseNamedImage): Deleted. (WebCore::CSSParser::parseImageResolution): Deleted. (WebCore::CSSParser::parseImageSet): Deleted. (WebCore::TransformOperationInfo::TransformOperationInfo): Deleted. (WebCore::TransformOperationInfo::type): Deleted. (WebCore::TransformOperationInfo::argCount): Deleted. (WebCore::TransformOperationInfo::unit): Deleted. (WebCore::TransformOperationInfo::unknown): Deleted. (WebCore::TransformOperationInfo::hasCorrectArgCount): Deleted. (WebCore::CSSParser::parseTransform): Deleted. (WebCore::CSSParser::parseTransformValue): Deleted. (WebCore::CSSParser::isBlendMode): Deleted. (WebCore::CSSParser::isCompositeOperator): Deleted. (WebCore::isValidPrimitiveFilterFunction): Deleted. (WebCore::CSSParser::parseBuiltinFilterArguments): Deleted. (WebCore::cssValueKeywordIDForFunctionName): Deleted. (WebCore::CSSParser::parseFilter): Deleted. (WebCore::validFlowName): Deleted. (WebCore::CSSParser::isTextAutosizingEnabled): Deleted. (WebCore::CSSParser::isCSSGridLayoutEnabled): Deleted. (WebCore::CSSParser::parseFlowThread): Deleted. (WebCore::CSSParser::parseRegionThread): Deleted. (WebCore::CSSParser::parseTransformOrigin): Deleted. (WebCore::CSSParser::parsePerspectiveOrigin): Deleted. (WebCore::CSSParser::addTextDecorationProperty): Deleted. (WebCore::CSSParser::parseTextDecoration): Deleted. (WebCore::CSSParser::parseTextDecorationSkip): Deleted. (WebCore::CSSParser::parseTextUnderlinePosition): Deleted. (WebCore::CSSParser::parseTextEmphasisStyle): Deleted. (WebCore::CSSParser::parseTextEmphasisPosition): Deleted. (WebCore::CSSParser::parseTextIndent): Deleted. (WebCore::CSSParser::parseHangingPunctuation): Deleted. (WebCore::CSSParser::parseLineBoxContain): Deleted. (WebCore::CSSParser::parseFontFeatureTag): Deleted. (WebCore::CSSParser::parseFontFeatureSettings): Deleted. (WebCore::CSSParser::parseFontVariationTag): Deleted. (WebCore::CSSParser::parseFontVariationSettings): Deleted. (WebCore::CSSParser::parseFontVariantLigatures): Deleted. (WebCore::CSSParser::parseFontVariantNumeric): Deleted. (WebCore::CSSParser::parseFontVariantEastAsian): Deleted. (WebCore::CSSParser::parseFontVariant): Deleted. (WebCore::isValidWillChangeAnimatableFeature): Deleted. (WebCore::CSSParser::parseWillChange): Deleted. (WebCore::CSSParser::parseCalculation): Deleted. (WebCore::isCSSLetter): Deleted. (WebCore::isCSSEscape): Deleted. (WebCore::isURILetter): Deleted. (WebCore::isIdentifierStartAfterDash): Deleted. (WebCore::isCustomPropertyIdentifier): Deleted. (WebCore::isEqualToCSSIdentifier): Deleted. (WebCore::isEqualToCSSCaseSensitiveIdentifier): Deleted. (WebCore::checkAndSkipEscape): Deleted. (WebCore::skipWhiteSpace): Deleted. (WebCore::CSSParserString::characters<LChar>): Deleted. (WebCore::CSSParserString::characters<UChar>): Deleted. (WebCore::CSSParser::currentCharacter<LChar>): Deleted. (WebCore::CSSParser::currentCharacter<UChar>): Deleted. (WebCore::CSSParser::currentCharacter16): Deleted. (WebCore::CSSParser::tokenStart<LChar>): Deleted. (WebCore::CSSParser::tokenStart<UChar>): Deleted. (WebCore::CSSParser::currentLocation): Deleted. (WebCore::CSSParser::isIdentifierStart): Deleted. (WebCore::checkAndSkipString): Deleted. (WebCore::CSSParser::parseEscape): Deleted. (WebCore::CSSParser::UnicodeToChars<LChar>): Deleted. (WebCore::CSSParser::UnicodeToChars<UChar>): Deleted. (WebCore::CSSParser::parseIdentifierInternal): Deleted. (WebCore::CSSParser::parseIdentifier): Deleted. (WebCore::CSSParser::parseStringInternal): Deleted. (WebCore::CSSParser::parseString): Deleted. (WebCore::CSSParser::findURI): Deleted. (WebCore::CSSParser::parseURIInternal): Deleted. (WebCore::CSSParser::parseURI): Deleted. (WebCore::CSSParser::parseUnicodeRange): Deleted. (WebCore::CSSParser::parseNthChild): Deleted. (WebCore::CSSParser::parseNthChildExtra): Deleted. (WebCore::CSSParser::detectFunctionTypeToken): Deleted. (WebCore::CSSParser::detectMediaQueryToken): Deleted. (WebCore::CSSParser::detectNumberToken): Deleted. (WebCore::CSSParser::detectDashToken): Deleted. (WebCore::CSSParser::detectAtToken): Deleted. (WebCore::CSSParser::detectSupportsToken): Deleted. (WebCore::CSSParser::realLex): Deleted. (WebCore::CSSParser::createImportRule): Deleted. (WebCore::CSSParser::createMediaRule): Deleted. (WebCore::CSSParser::createEmptyMediaRule): Deleted. (WebCore::CSSParser::createSupportsRule): Deleted. (WebCore::CSSParser::markSupportsRuleHeaderStart): Deleted. (WebCore::CSSParser::markSupportsRuleHeaderEnd): Deleted. (WebCore::CSSParser::popSupportsRuleData): Deleted. (WebCore::CSSParser::processAndAddNewRuleToSourceTreeIfNeeded): Deleted. (WebCore::CSSParser::addNewRuleToSourceTree): Deleted. (WebCore::CSSParser::popRuleData): Deleted. (WebCore::CSSParser::syntaxError): Deleted. (WebCore::CSSParser::isLoggingErrors): Deleted. (WebCore::CSSParser::logError): Deleted. (WebCore::CSSParser::createKeyframesRule): Deleted. (WebCore::CSSParser::createStyleRule): Deleted. (WebCore::CSSParser::createFontFaceRule): Deleted. (WebCore::CSSParser::addNamespace): Deleted. (WebCore::CSSParser::determineNameInNamespace): Deleted. (WebCore::CSSParser::rewriteSpecifiersWithNamespaceIfNeeded): Deleted. (WebCore::CSSParser::rewriteSpecifiersWithElementName): Deleted. (WebCore::CSSParser::rewriteSpecifiers): Deleted. (WebCore::CSSParser::createPageRule): Deleted. (WebCore::CSSParser::createSelectorVector): Deleted. (WebCore::CSSParser::recycleSelectorVector): Deleted. (WebCore::CSSParser::createRegionRule): Deleted. (WebCore::CSSParser::createMarginAtRule): Deleted. (WebCore::CSSParser::startDeclarationsForMarginBox): Deleted. (WebCore::CSSParser::endDeclarationsForMarginBox): Deleted. (WebCore::CSSParser::createKeyframe): Deleted. (WebCore::CSSParser::invalidBlockHit): Deleted. (WebCore::CSSParser::updateLastMediaLine): Deleted. (WebCore::fixUnparsedProperties): Deleted. (WebCore::CSSParser::fixUnparsedPropertyRanges): Deleted. (WebCore::CSSParser::markRuleHeaderStart): Deleted. (WebCore::CSSParser::setRuleHeaderEnd): Deleted. (WebCore::CSSParser::markRuleHeaderEnd): Deleted. (WebCore::CSSParser::markSelectorStart): Deleted. (WebCore::CSSParser::markSelectorEnd): Deleted. (WebCore::CSSParser::markRuleBodyStart): Deleted. (WebCore::CSSParser::markRuleBodyEnd): Deleted. (WebCore::CSSParser::markPropertyStart): Deleted. (WebCore::CSSParser::markPropertyEnd): Deleted. (WebCore::CSSParser::createViewportRule): Deleted. (WebCore::CSSParser::parseViewportProperty): Deleted. (WebCore::CSSParser::parseViewportShorthand): Deleted. (WebCore::isAppleLegacyCSSPropertyKeyword): Deleted. (WebCore::cssPropertyID): Deleted. (WebCore::cssPropertyNameIOSAliasing): Deleted. (WebCore::isAppleLegacyCSSValueKeyword): Deleted. (WebCore::cssValueKeywordID): Deleted. (WebCore::isValidNthToken): Deleted. * css/parser/CSSParser.h: (): Deleted. (WebCore::CSSParser::ValueWithCalculation::ValueWithCalculation): Deleted. (WebCore::CSSParser::ValueWithCalculation::value): Deleted. (WebCore::CSSParser::ValueWithCalculation::operator CSSParserValue&): Deleted. (WebCore::CSSParser::ValueWithCalculation::calculation): Deleted. (WebCore::CSSParser::ValueWithCalculation::setCalculation): Deleted. (WebCore::CSSParser::hasProperties): Deleted. (WebCore::CSSParser::startNestedSelectorList): Deleted. (WebCore::CSSParser::endNestedSelectorList): Deleted. (WebCore::CSSParser::resetPropertyRange): Deleted. (WebCore::CSSParser::isExtractingSourceData): Deleted. (WebCore::CSSParser::lex): Deleted. (WebCore::CSSParser::token): Deleted. (WebCore::CSSParser::markViewportRuleBodyStart): Deleted. (WebCore::CSSParser::markViewportRuleBodyEnd): Deleted. (WebCore::CSSParser::setCustomPropertyName): Deleted. (WebCore::CSSParser::is8BitSource): Deleted. (WebCore::CSSParser::setStyleSheet): Deleted. (WebCore::CSSParser::inStrictMode): Deleted. (WebCore::CSSParser::inQuirksMode): Deleted. (WebCore::CSSParser::setupParser): Deleted. (WebCore::CSSParser::inShorthand): Deleted. (WebCore::CSSParser::inViewport): Deleted. (WebCore::CSSParser::operator|): Deleted. (WebCore::CSSParser::validateUnit): Deleted. (WebCore::ShorthandScope::ShorthandScope): Deleted. (WebCore::ShorthandScope::~ShorthandScope): Deleted. (WebCore::CSSParser::setTokenStart<LChar>): Deleted. (WebCore::CSSParser::setTokenStart<UChar>): Deleted. (WebCore::CSSParser::tokenStartOffset): Deleted. (WebCore::CSSParser::currentCharacterOffset): Deleted. (WebCore::CSSParser::tokenStartChar): Deleted. (WebCore::isCustomPropertyName): Deleted. (WebCore::cssyylex): Deleted. * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): * css/parser/CSSParserMode.h: (WebCore::CSSParserContextHash::hash): * css/parser/CSSParserValues.cpp: (WebCore::CSSParserSelector::setSelectorList): (WebCore::destroy): Deleted. (WebCore::CSSParserValueList::~CSSParserValueList): Deleted. (WebCore::CSSParserValueList::addValue): Deleted. (WebCore::CSSParserValueList::insertValueAt): Deleted. (WebCore::CSSParserValueList::extend): Deleted. (WebCore::CSSParserValueList::containsVariables): Deleted. (WebCore::CSSParserValue::createCSSValue): Deleted. (WebCore::CSSParserSelector::parsePseudoElementSelector): Deleted. (WebCore::CSSParserSelector::parsePseudoElementCueFunctionSelector): Deleted. (WebCore::CSSParserSelector::parsePseudoElementSlottedFunctionSelector): Deleted. (WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector): Deleted. (WebCore::CSSParserSelector::parsePseudoClassAndCompatibilityElementSelector): Deleted. (WebCore::CSSParserSelector::setPseudoClassValue): Deleted. * css/parser/CSSParserValues.h: (WebCore::CSSParserString::init): Deleted. (WebCore::CSSParserString::clear): Deleted. (WebCore::CSSParserString::is8Bit): Deleted. (WebCore::CSSParserString::characters8): Deleted. (WebCore::CSSParserString::characters16): Deleted. (WebCore::CSSParserString::length): Deleted. (WebCore::CSSParserString::setLength): Deleted. (WebCore::CSSParserString::operator[]): Deleted. (WebCore::CSSParserString::operator String): Deleted. (WebCore::CSSParserString::operator AtomicString): Deleted. (WebCore::CSSParserString::toStringView): Deleted. (): Deleted. (WebCore::CSSParserValueList::CSSParserValueList): Deleted. (WebCore::CSSParserValueList::size): Deleted. (WebCore::CSSParserValueList::currentIndex): Deleted. (WebCore::CSSParserValueList::current): Deleted. (WebCore::CSSParserValueList::next): Deleted. (WebCore::CSSParserValueList::previous): Deleted. (WebCore::CSSParserValueList::setCurrentIndex): Deleted. (WebCore::CSSParserValueList::valueAt): Deleted. (WebCore::CSSParserValueList::clear): Deleted. (WebCore::CSSParserValue::setFromValueList): Deleted. (WebCore::equalLettersIgnoringASCIICase): Deleted. * css/parser/CSSPropertyParser.cpp: (WebCore::isCustomPropertyName): (WebCore::cssPropertyNameIOSAliasing): * css/parser/CSSPropertyParser.h: * css/parser/SVGCSSParser.cpp: Removed. * dom/InlineStyleSheetOwner.cpp: (WebCore::InlineStyleSheetOwner::createSheet): * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyleSheet::ensureSourceData): (WebCore::InspectorStyleSheetForInlineStyle::ruleSourceData): * page/animation/AnimationController.cpp: * rendering/style/RenderStyle.cpp: * svg/SVGAnimateElementBase.cpp: * svg/SVGAnimationElement.cpp: * svg/SVGElement.cpp: 2016-12-10 Konstantin Tokarev <annulen@yandex.ru> [cmake] Include WTF, JSC, and WebCore headers automatically to targers using them https://bugs.webkit.org/show_bug.cgi?id=165686 Reviewed by Michael Catanzaro. This change reduces duplication of include path lists between modules, and reduces future need for fixes like r209605 (broken build because of WebCore header suddenly becoming used in WebKit2). No new tests needed. * CMakeLists.txt: * PlatformEfl.cmake: * PlatformGTK.cmake: * PlatformMac.cmake: * PlatformWinCairo.cmake: 2016-12-10 Ryosuke Niwa <rniwa@webkit.org> Replace isUnclosedNode by isClosedShadowHidden https://bugs.webkit.org/show_bug.cgi?id=165722 Reviewed by Antti Koivisto. Replaced Node::isUnclosedNode by Node::isClosedShadowHidden and negated the semantics as done in the spec: https://dom.spec.whatwg.org/#concept-closed-shadow-hidden https://github.com/whatwg/dom/pull/306 Also added a version which follows the spec text for a debug assertion. No new tests since this has no behavioral change. * dom/EventContext.h: (WebCore::EventContext::isUnreachableNode): * dom/EventPath.cpp: (WebCore::EventPath::computePathUnclosedToTarget): (WebCore::RelatedNodeRetargeter::checkConsistency): * dom/Node.cpp: (WebCore::isClosedShadowHiddenUsingSpecDefinition): Added to assert our implementation matches the spec text. (WebCore::Node::isClosedShadowHidden): Renamed from Node::isUnclosedNode and negated the return value. * dom/Node.h: 2016-12-10 Antti Koivisto <antti@apple.com> CrashTracer: com.apple.WebKit.WebContent.Development at com.apple.WebCore: WTF::match_constness<WebCore::CSSValue, WebCore::CSSContentDistributionValue>::type& WTF::downcast<WebCore::CSSContentDistributionValue, WebCore::CSSValue> + 65 https://bugs.webkit.org/show_bug.cgi?id=165652 rdar://problem/28465278 Reviewed by Darin Adler. No, test don't know how to get here. * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertContentAlignmentData): Add type checks. 2016-12-10 Jiewen Tan <jiewen_tan@apple.com> [WebCrypto] RSA algorithms should allow importing keys without usages https://bugs.webkit.org/show_bug.cgi?id=165680 <rdar://problem/29601354> Reviewed by Brent Fulgham. Tests: crypto/subtle/rsa-oaep-import-jwk-public-key-empty-usages.html crypto/subtle/rsa-oaep-import-spki-key-empty-usages.html crypto/subtle/rsaes-pkcs1-v1_5-import-jwk-public-key-empty-usages.html crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key-empty-usages.html crypto/subtle/rsassa-pkcs1-v1_5-import-jwk-public-key-empty-usages.html crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key-empty-usages.html * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey): * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::importKey): 2016-12-10 Frederic Wang <fred.wang@free.fr> Add STIX Two Math to the list of math fonts in mathml.css https://bugs.webkit.org/show_bug.cgi?id=165676 Reviewed by Darin Adler. No new tests, this is just changing default style. * css/mathml.css: (math): 2016-12-09 Romain Bellessort <romain.bellessort@crf.canon.fr> [Readable Streams API] Implement ReadableByteStreamController desiredSize https://bugs.webkit.org/show_bug.cgi?id=165599 Reviewed by Darin Adler. Implemented ReadableByteStreamController attribute desiredSize. Added test to check desiredSize value. * Modules/streams/ReadableByteStreamController.js: (desiredSize): * Modules/streams/ReadableByteStreamInternals.js: (readableByteStreamControllerGetDesiredSize): 2016-12-09 Ryosuke Niwa <rniwa@webkit.org> document.pointerLockElement exposes a node inside a shadow tree https://bugs.webkit.org/show_bug.cgi?id=165702 Reviewed by Simon Fraser. Expose pointerLockElement on ShadowRoot as spec'ed (DocumentOrShadowRoot): https://w3c.github.io/pointerlock/#extensions-to-the-documentorshadowroot-mixin Use ancestorElementInThisScope to find the correct node in pointerLockElement. Tests: fast/shadow-dom/pointerlockelement-in-shadow-tree.html fast/shadow-dom/pointerlockelement-in-slot.html * dom/Document.cpp: (WebCore::Document::pointerLockElement): Moved to TreeScope. * dom/Document.h: * dom/Document.idl: Moved ointerLockElement to DocumentOrShadowRoot.idl. * dom/DocumentOrShadowRoot.idl: Ditto. * dom/TreeScope.cpp: (WebCore::TreeScope::focusedElementInScope): Use documentScope instead of acessing it via m_rootNode. (WebCore::TreeScope::pointerLockElement): Moved from Document. * dom/TreeScope.h: 2016-12-09 Daniel Bates <dabates@apple.com> Add reflected nonce attribute to HTML Link element IDL https://bugs.webkit.org/show_bug.cgi?id=165709 Reviewed by Ryosuke Niwa. Add the reflected nonce attribute to the HTML Link element IDL definition as per the HTML standard <https://html.spec.whatwg.org/multipage/semantics.html#the-link-element> (9 December 2016). Test: fast/dom/nonce-attribute-reflection.html * html/HTMLLinkElement.idl: 2016-12-09 Eric Carlson <eric.carlson@apple.com> Annotate MediaStream and WebRTC idl with EnabledAtRuntime flag https://bugs.webkit.org/show_bug.cgi?id=165251 Reviewed by Dean Jackson. Based on a patch by Dr Alex Gouaillard <agouaillard@gmail.com> No new tests, covered by existing tests. * Modules/mediastream/MediaStreamEvent.idl: Add "EnabledAtRuntime". * Modules/mediastream/NavigatorMediaDevices.idl: Ditto. * Modules/mediastream/NavigatorUserMedia.idl: Ditto. * Modules/mediastream/RTCDTMFToneChangeEvent.idl: Ditto. * Modules/mediastream/RTCIceCandidate.idl: Ditto. * Modules/mediastream/RTCPeerConnection.idl: Ditto. * Modules/mediastream/RTCRtpReceiver.idl: Ditto. * Modules/mediastream/RTCRtpSender.idl: Ditto. * Modules/mediastream/RTCRtpTransceiver.idl: Ditto. * Modules/mediastream/RTCSessionDescription.idl: Ditto. * Modules/mediastream/RTCTrackEvent.idl: Ditto. * bindings/generic/RuntimeEnabledFeatures.cpp: (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures): Set m_isMediaStreamEnabled in the constructor instead of in reset() because the later is called by the Internals constructor, making it impossible to override the runtime flag from WTR or DRT. (WebCore::RuntimeEnabledFeatures::reset): Don't set m_isMediaStreamEnabled. * page/Settings.in: Add peerConnectionEnabled. 2016-12-09 Daniel Bates <dabates@apple.com> Remove QuickLook scheme from the list of secure schemes https://bugs.webkit.org/show_bug.cgi?id=165699 Reviewed by Andy Estes. Following r207155 we use a unique origin for QuickLook documents. Unique origins are not subject to mixed content restrictions. Prior to r207155 QuickLook documents used the origin from which they were served. We added the QuickLook scheme to the list of secure schemes as a workaround to avoid mixed content errors when loading subresources in a QuickLook document served over HTTPS. Now that we use a unique origin for QuickLook documents we no longer need this workaround. * platform/SchemeRegistry.cpp: (WebCore::secureSchemes): 2016-12-09 Brady Eidson <beidson@apple.com> Re-landing: Add _WKIconLoadingDelegate SPI. https://bugs.webkit.org/show_bug.cgi?id=164894 Reviewed by Alex Christensen. No new tests (Manual testing possible in MiniBrowser now, WKTR tests coming soon in https://bugs.webkit.org/show_bug.cgi?id=164895). With this client, WebCore will ask the FrameLoaderClient about each icon found in the <head>. WebKit2 will then ask the embedding app - for each icon - if it wants that icon to load. For icons the app decides to load, WebKit will pass the data to the app without storing locally. * WebCore.xcodeproj/project.pbxproj: * dom/Document.cpp: (WebCore::Document::implicitClose): * html/LinkIconCollector.cpp: (WebCore::iconSize): (WebCore::compareIcons): * html/LinkIconCollector.h: * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::startIconLoading): (WebCore::DocumentLoader::didGetLoadDecisionForIcon): (WebCore::DocumentLoader::finishedLoadingIcon): * loader/DocumentLoader.h: * loader/FrameLoaderClient.h: * loader/icon/IconLoader.cpp: (WebCore::IconLoader::IconLoader): (WebCore::IconLoader::startLoading): (WebCore::IconLoader::notifyFinished): * loader/icon/IconLoader.h: * platform/LinkIcon.h: Copied from Source/WebCore/html/LinkIconCollector.h. (WebCore::LinkIcon::encode): (WebCore::LinkIcon::decode): 2016-12-06 Jiewen Tan <jiewen_tan@apple.com> [Part 2 of 2] Add support for PKCS8 format while doing SubtleCrypto.importKey/exportKey https://bugs.webkit.org/show_bug.cgi?id=129978 <rdar://problem/21799829> Reviewed by Brent Fulgham. This is part 2 of Bug 129978. In this patch, it adds the PKCS8 format support for SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5, RSASSA-PKCS1-v1_5 and RSA-OAEP. Tests: crypto/subtle/rsa-import-jwk-key-export-pkcs8-key.html crypto/subtle/rsa-import-pkcs8-key-export-jwk-key.html crypto/subtle/rsa-import-pkcs8-key-export-pkcs8-key.html crypto/subtle/rsa-oaep-generate-export-key-pkcs8.html crypto/subtle/rsa-oaep-import-pkcs8-key.html crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-pkcs8.html crypto/subtle/rsaes-pkcs1-v1_5-import-pkcs8-key.html crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-pkcs8.html crypto/subtle/rsassa-pkcs1-v1_5-import-pkcs8-key.html crypto/workers/subtle/rsa-export-pkcs8-key.html crypto/workers/subtle/rsa-import-pkcs8-key.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::toKeyData): * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey): (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey): (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey): * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::importKey): (WebCore::CryptoAlgorithmRSA_OAEP::exportKey): * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp: (WebCore::CryptoKeyRSA::importPkcs8): (WebCore::CryptoKeyRSA::exportPkcs8): * crypto/keys/CryptoKeyRSA.h: * crypto/mac/CryptoKeyRSAMac.cpp: (WebCore::CryptoKeyRSA::importSpki): (WebCore::CryptoKeyRSA::importPkcs8): (WebCore::CryptoKeyRSA::exportPkcs8): 2016-12-09 Geoffrey Garen <ggaren@apple.com> Deploy OrdinalNumber in JSC::SourceCode https://bugs.webkit.org/show_bug.cgi?id=165687 Reviewed by Michael Saboff. Updated for interface changes. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::evaluateModule): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::startLine): 2016-12-09 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Some resources fetched via Fetch API do not have data https://bugs.webkit.org/show_bug.cgi?id=165230 <rdar://problem/29449220> Reviewed by Alex Christensen. Tests: http/tests/inspector/network/fetch-response-body.html http/tests/inspector/network/xhr-response-body.html * platform/network/ResourceRequestBase.h: Distinguish Fetch requests. * Modules/fetch/FetchRequest.cpp: (WebCore::FetchRequest::initializeWith): Set the requester type as Fetch. * loader/DocumentThreadableLoader.cpp: (WebCore::DocumentThreadableLoader::didReceiveResponse): * loader/DocumentThreadableLoader.h: * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::didReceiveThreadableLoaderResponseImpl): (WebCore::InspectorInstrumentation::didReceiveXHRResponseImpl): Deleted. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::didReceiveResourceResponse): (WebCore::InspectorInstrumentation::didReceiveThreadableLoaderResponse): (WebCore::InspectorInstrumentation::didReceiveXHRResponse): Deleted. * inspector/InspectorNetworkAgent.cpp: (WebCore::InspectorNetworkAgent::didReceiveThreadableLoaderResponse): (WebCore::InspectorNetworkAgent::didFinishXHRLoading): (WebCore::InspectorNetworkAgent::didReceiveXHRResponse): Deleted. Add a generic way for a ThreadableLoader load to update the type of a network request. This will include both XHR and Fetch requests. * inspector/InspectorPageAgent.cpp: (WebCore::hasTextContent): (WebCore::createXHRTextDecoder): (WebCore::InspectorPageAgent::resourceTypeJson): (WebCore::InspectorPageAgent::cachedResourceType): (WebCore::InspectorPageAgent::createTextDecoder): (WebCore::textContentForCachedResource): * inspector/InspectorPageAgent.h: * inspector/NetworkResourcesData.cpp: (WebCore::createOtherResourceTextDecoder): Deleted. Share the logic that creates a Text Decoders for XHR with other non-buffered requests (like Fetch). This moves us to identical behavior for now. * platform/MIMETypeRegistry.cpp: (WebCore::MIMETypeRegistry::isSupportedJSONMIMEType): (WebCore::MIMETypeRegistry::isTextMIMEType): * platform/MIMETypeRegistry.h: Better detect different JSON content based on MIME Type. 2016-12-09 Ryosuke Niwa <rniwa@webkit.org> document.webkitFullscreenElement leaks elements inside a shadow tree https://bugs.webkit.org/show_bug.cgi?id=158471 Reviewed by Chris Dumez. Fixed the bug by calling the newly added ancestorElementInThisScope in webkitCurrentFullScreenElementForBindings and webkitFullscreenElementForBinding. The specification (https://fullscreen.spec.whatwg.org/#dom-document-fullscreenelement) uses "the result of retargeting fullscreen element" and returns null if the result is not in the same tree as the context object. This is equivalent to the algorithm implemented by ancestorElementInThisScope. Observe that the retargeting algorithm (https://dom.spec.whatwg.org/#retarget) finds the lowest common tree scope of the retargetee and the context object. There are two cases to consider. 1. The context object's tree scope is the lowest common tree scope: In this case, an ancestor shadow host or the retargetee itself is in this tree scope. It's sufficient traverse every shadow host to find the one that resides in the same tree scope as the context object. This is precisely what ancestorElementInThisScope does. 2. The context object's tree scope is not the lowest common tree scope: In this case, the context object is inside a shadow tree whose ancestor shadow host is in the lowest common tree scope. In this case, retargeting algorithm finds a node which is not in the same tree as the context object. Thus, the result is null. ancestorElementInThisScope traveres ancestor shadow hosts and returns null if no shadow host's tree scope matches that of the context object's tree scope. Thus, it would return null in this case as desired. Also renamed TreeScope::focusedElement to focusedElementInScope for clarity since Document which inherits from TreeScope also has a distinct member function named focusedElement called by TreeScope::focusedElement, and used ancestorElementInThisScope since it uses the same algorithm. Tests: fast/shadow-dom/activeElement-for-focused-element-in-another-shadow.html fast/shadow-dom/blur-on-shadow-host-with-focused-shadow-content.html fast/shadow-dom/fullscreen-in-shadow-fullscreenElement.html fast/shadow-dom/fullscreen-in-shadow-webkitCurrentFullScreenElement.html fast/shadow-dom/fullscreen-in-slot-fullscreenElement.html fast/shadow-dom/fullscreen-in-slot-webkitCurrentFullScreenElement.html * dom/Document.cpp: (WebCore::Document::removeFocusedNodeOfSubtree): (WebCore::Document::activeElement): * dom/Document.h: (WebCore::Document::webkitCurrentFullScreenElementForBindings): Added. (WebCore::Document::webkitFullscreenElementForBindings): Added. * dom/Document.idl: * dom/Element.cpp: (WebCore::Element::blur): * dom/ShadowRoot.h: (WebCore::ShadowRoot::activeElement): * dom/TreeScope.cpp: (WebCore::TreeScope::ancestorNodeInThisScope): Renamed from ancestorInThisScope for clarity. (WebCore::TreeScope::ancestorElementInThisScope): (WebCore::TreeScope::focusedElementInScope): Renamed from focusedElement to disambiguate it from Document's focusedElement. * dom/TreeScope.h: * editing/VisibleSelection.cpp: (WebCore::adjustPositionForEnd): (WebCore::adjustPositionForStart): * editing/htmlediting.cpp: (WebCore::comparePositions): (WebCore::firstEditablePositionAfterPositionInRoot): (WebCore::lastEditablePositionBeforePositionInRoot): * page/DOMSelection.cpp: (WebCore::selectionShadowAncestor): (WebCore::DOMSelection::shadowAdjustedNode): (WebCore::DOMSelection::shadowAdjustedOffset): * rendering/HitTestResult.cpp: (WebCore::HitTestResult::addNodeToRectBasedTestResult): Added a FIXME here since this is clearly wrong for shadow trees created by author scripts. 2016-12-09 Geoffrey Garen <ggaren@apple.com> TextPosition and OrdinalNumber should be more like idiomatic numbers https://bugs.webkit.org/show_bug.cgi?id=165678 Reviewed by Filip Pizlo. * bindings/js/CachedScriptSourceProvider.h: (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::sourcePosition): * bindings/js/JSLazyEventListener.cpp: (WebCore::JSLazyEventListener::JSLazyEventListener): * bindings/js/ScriptController.cpp: (WebCore::ScriptController::eventHandlerPosition): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): * css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::create): * dom/ScriptElement.h: * html/parser/HTMLTreeBuilder.cpp: (WebCore::uninitializedPositionValue1): * inspector/InspectorStyleSheet.cpp: (WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo): Adopt default construtor. * xml/XMLErrors.cpp: (WebCore::XMLErrors::XMLErrors): (WebCore::XMLErrors::handleError): * xml/XMLErrors.h: Use std::optional instead of belowRangePosition() because in-band signaling is harder to reason about. * xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::XMLDocumentParser::textPosition): Adopt default constructor. 2016-12-09 Chris Dumez <cdumez@apple.com> [Cocoa] Validation message for required checkbox doesn’t conform the the Apple Style Guide https://bugs.webkit.org/show_bug.cgi?id=165661 Reviewed by Dan Bernstein. Update validation message as per Apple Style Guide. * English.lproj/Localizable.strings: * platform/LocalizedStrings.cpp: (WebCore::validationMessageValueMissingForCheckboxText): 2016-12-09 Zalan Bujtas <zalan@apple.com> ASSERTION FAILED: !beforeChild->isRubyRun() in WebCore::RenderRubyAsBlock::addChild https://bugs.webkit.org/show_bug.cgi?id=141433 <rdar://problem/27711351> Reviewed by Dean Jackson. Do not try to inject the list marker into a block ruby subtree. Have it as the sibling of the ruby instead (with an anonymous block wrapper ofc). Test: fast/ruby/assert-with-listitem-and-block-ruby.html * rendering/RenderListItem.cpp: (WebCore::getParentOfFirstLineBox): 2016-12-09 Antoine Quint <graouts@apple.com> [Modern Media Controls] Implement the pageScaleFactor property https://bugs.webkit.org/show_bug.cgi?id=165660 Reviewed by Dean Jackson. We implement the pageScaleFactor property on MediaController. This property is set by the HTMLMediaElement when the page scale factor changes, and we only choose to handle it on iOS by setting controlsDependOnPageScaleFactor to true on the MediaControlsHost. To do so, we now size the media controls by multiplying the layout size of the media by the page scale factor, and apply an inverse CSS zoom on the media controls themselves. Test: media/modern-media-controls/media-controller/media-controller-scale-factor.html * Modules/modern-media-controls/controls/media-controls.css: (.media-controls-container,): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.prototype.get scaleFactor): (MediaControls.prototype.set scaleFactor): (MediaControls.prototype.commitProperty): * Modules/modern-media-controls/media/media-controller.js: (MediaController): (MediaController.prototype.set pageScaleFactor): (MediaController.prototype._updateControlsSize): * html/HTMLMediaElement.cpp: (WebCore::controllerJSValue): (WebCore::HTMLMediaElement::setControllerJSProperty): We no longer hit a JSC assertion when trying to set the pageScaleFactor property before the JS controller was actually created. 2016-12-09 Daniel Bates <dabates@apple.com> Attempt to fix the Mac CMake build following <http://trac.webkit.org/changeset/209549> (https://bugs.webkit.org/show_bug.cgi?id=165572) Add directory html/canvas to the list of forwarding headers directories so that the Legacy WebKit Objective-C DOM binding DOMHTMLCanvasElement.mm can ultimately include header WebGLContextAttributes.h. * PlatformMac.cmake: 2016-12-09 Brady Eidson <beidson@apple.com> LinkIconCollector refactoring. https://bugs.webkit.org/show_bug.cgi?id=165657 Reviewed by Dean Jackson. No new tests (Refactor, no behavior change) * WebCore.xcodeproj/project.pbxproj: * html/LinkIconCollector.cpp: (WebCore::iconSize): (WebCore::compareIcons): * html/LinkIconCollector.h: * platform/LinkIcon.h: Move outside of LinkIconCollector for future expandability. 2016-12-09 Ryan Haddad <ryanhaddad@apple.com> Unreviewed, rolling out r209574. This change broke the Windows build. Reverted changeset: "[WebIDL] Remove custom bindings for Geolocation" https://bugs.webkit.org/show_bug.cgi?id=165625 http://trac.webkit.org/changeset/209574 2016-12-09 Ryosuke Niwa <rniwa@webkit.org> Custom Elements from a different document are not customized when created with innerHTML https://bugs.webkit.org/show_bug.cgi?id=165617 Reviewed by Antti Koivisto. The bug was caused by a superflous null check on window in createHTMLElementOrFindCustomElementInterface. Removed the nullcheck to fix the bug. Test: fast/custom-elements/adopting-from-frameless-document.html * html/parser/HTMLConstructionSite.cpp: (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface): 2016-12-09 Daniel Bates <dabates@apple.com> [CSP] Policy of window opener not applied to about:blank window https://bugs.webkit.org/show_bug.cgi?id=165531 <rdar://problem/29426639> Reviewed by Brent Fulgham. Fixes an issue where the content security policy of the opener document was not applied to an about:blank window. An about:blank window inherits its security origin from its opener document. It should also copy (inherit) the ContentSecurityPolicy from its opener document. When copying the ContentSecurityPolicy state from the opener document to the about:blank document we must take care to avoid copying any upgrade-insecure-request directive because new windows should not inherit it by definition. With respect to upgrade-insecure-requests, new windows should only inherit the insecure navigation set from their opener document. Test: http/tests/security/contentSecurityPolicy/image-blocked-in-about-blank-window.html * dom/Document.cpp: (WebCore::Document::initContentSecurityPolicy): Copy the ContentSecurityPolicy state from the owner document to this document when it inherits its security origin from its owner. An about:blank window is one example of a document that inherits its security origin from its owner. * loader/WorkerThreadableLoader.cpp: (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom() to copy the upgrade insecure requests state from the owner document to the worker now that ContentSecurityPolicy::copyStateFrom() no longer does this. * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::copyStateFrom): Do not copy the upgrade insecure request state. Callers are now responsible for calling ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom() to copy this state. * page/csp/ContentSecurityPolicyDirectiveList.cpp: (WebCore::ContentSecurityPolicyDirectiveList::parse): Ignore directive upgrade-insecure-requests when inheriting ContentSecurityPolicy state as this directive as the Upgrade Insecure Requests feature has its own inheritance semantics that differ from the semantics of copying a ContentSecurityPolicy object. * xml/XSLTProcessor.cpp: (WebCore::XSLTProcessor::createDocumentFromSource): Call ContentSecurityPolicy::copyUpgradeInsecureRequestStateFrom() to copy the upgrade insecure requests state from the original document to the transformed document now that ContentSecurityPolicy::copyStateFrom() no longer does this. 2016-12-09 Antoine Quint <graouts@apple.com> [Modern Media Controls] Remaining time label first appears way to the left https://bugs.webkit.org/show_bug.cgi?id=165637 Reviewed by Dean Jackson. We would sometimes see the remaining time label be laid out in an incorrect position when a video would start playing. This happened because the time label was being committed from a previous value before, in the same frame, we would call the layout() function of MacOSInlineMediaControls. This would set the newly computed location for the remaining time label, but because we would reset the list of dirty properties after calling all layout functions, the new value set in MacOSInlineMediaControls.layout() would be disregarded and the wrong, committed value would persist until it was reset in a much later frame. We now correctly clear the list of dirty nodes before laying them out, giving all nodes a chance to become dirty again during layout, and updated again in the next frame. Test: media/modern-media-controls/layout-node/node-made-dirty-during-layout.html * Modules/modern-media-controls/controls/layout-node.js: (performScheduledLayout): 2016-12-09 Per Arne Vollan <pvollan@apple.com> Fix compile errors on Windows when building with .proj files. Unreviewed build fix. Fix include paths. * platform/graphics/win/IntPointWin.cpp: * platform/graphics/win/IntRectWin.cpp: * platform/graphics/win/IntSizeWin.cpp: 2016-12-09 Csaba Osztrogonác <ossy@webkit.org> Unreviewed buildfix after r209570. * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::addBuiltinGlobals): 2016-12-01 Sergio Villar Senin <svillar@igalia.com> [css-grid] Pass Grid as argument to items' placement methods https://bugs.webkit.org/show_bug.cgi?id=165250 Reviewed by Darin Adler. In order to constify computeIntrinsicLogicalWidths() it is required to constify placeItemsOnGrid() first, which is the base method of the grid items' positioning logic. The first step is to constify all the methods invoked by the latter, which basically means to pass the Grid as argument to all of them instead of directly using the m_grid attribute from RenderGrid. As this is an intermediate step, a new const_cast<> was required in the intrinsic size computation. However it will be promptly removed after the const-ification of placeItemsOnGrid(). After this, only the methods used by the track sizing algorithm will directly access m_grid. All those would get a reference to the Grid via GridSizingData, but that's a matter of a follow up patch. Apart from that, m_gridIsDirty was removed because it was always too confusing. It was replaced by Grid's m_needsItemsPlacement which is much more concise. The clearGrid() call was indeed only forcing a new placement of the grid items. No new tests as this is a refactoring. * rendering/RenderGrid.cpp: (WebCore::RenderGrid::Grid::setNeedsItemsPlacement): New method to flag the Grid whenever grid items' placement algorithm needs to be run. (WebCore::RenderGrid::canPerformSimplifiedLayout): (WebCore::RenderGrid::layoutBlock): (WebCore::RenderGrid::computeIntrinsicLogicalWidths): (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): (WebCore::RenderGrid::placeItemsOnGrid): (WebCore::RenderGrid::populateExplicitGridAndOrderIterator): Constified. Got Grid as argument. (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid): Ditto. (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid): Ditto. (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Ditto. (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid): Ditto. (WebCore::RenderGrid::clearGrid): (WebCore::RenderGrid::offsetAndBreadthForPositionedChild): (WebCore::RenderGrid::numTracks): * rendering/RenderGrid.h: 2016-12-09 Gavin Barraclough <barraclough@apple.com> Revert - Add _WKIconLoadingDelegate SPI https://bugs.webkit.org/show_bug.cgi?id=164894 Unreviewed rollout due to performance regression. * WebCore.xcodeproj/project.pbxproj: * dom/Document.cpp: (WebCore::Document::implicitClose): * html/LinkIconCollector.cpp: (WebCore::iconSize): (WebCore::compareIcons): * html/LinkIconCollector.h: * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::startIconLoading): Deleted. (WebCore::DocumentLoader::didGetLoadDecisionForIcon): Deleted. (WebCore::DocumentLoader::finishedLoadingIcon): Deleted. * loader/DocumentLoader.h: * loader/FrameLoaderClient.h: * loader/icon/IconLoader.cpp: (WebCore::IconLoader::IconLoader): (WebCore::IconLoader::startLoading): (WebCore::IconLoader::notifyFinished): * loader/icon/IconLoader.h: * platform/LinkIcon.h: Removed. 2016-12-08 Jiewen Tan <jiewen_tan@apple.com> [WebCrypto] Remove NoInterfaceObject attribute from SubtleCrypto Interface https://bugs.webkit.org/show_bug.cgi?id=165629 <rdar://problem/29586203> Reviewed by Chris Dumez. Covered by existing tests. * crypto/SubtleCrypto.idl: 2016-12-08 Keith Rollin <krollin@apple.com> FileHandle::printf doesn't build on Windows https://bugs.webkit.org/show_bug.cgi?id=165642 Reviewed by Ryosuke Niwa. Fix the build -- vasprintf does not exist on Windows, so make FileHandle::printf a no-op on that platform. No new tests -- affected facility is currently only used in testing code and is not user reachable. * platform/FileHandle.cpp: (WebCore::FileHandle::printf): 2016-12-08 Antoine Quint <graouts@apple.com> [Modern Media Controls] Exiting fullscreen with paused media shows the start button https://bugs.webkit.org/show_bug.cgi?id=165640 Reviewed by Dean Jackson. Like all supporting objects, the StartSupport instance gets recreated when creating controls for new layout traits, which happens when going from fullscreen to inline. Due to this, the "_isPlayed" property is not longer set to true, even if the media has played prior to being paused in fullscreen. We now also check the media's played range to identify whether media has been played. * Modules/modern-media-controls/media/start-support.js: (StartSupport.prototype._shouldShowStartButton): (StartSupport): 2016-12-08 Myles C. Maxfield <mmaxfield@apple.com> ASSERTION FAILED: locale in WebCore::lastHyphenLocation https://bugs.webkit.org/show_bug.cgi?id=164182 Reviewed by Zalan Bujtas. Our hyphenation code assumes the locale is in a small set of known locales. However, web content can put whatever string it wants in the locale field. Test: fast/text/hyphenation-unknown-locale.html * platform/text/cf/HyphenationCF.cpp: (WebCore::lastHyphenLocation): * rendering/RenderText.cpp: (WebCore::maxWordFragmentWidth): When computing the minimum preferred width of an element, we want to know the size of the widest nonbreakable unit. When hyphenation is enabled, we have to measure the width of each fragment of each word (where "fragment" is determined by a substring between two successive hyphenation points, appended with a hyphen character). A hyphenation point at string offset 0 is irrelevant for this purpose, because it would lead to an empty fragment. Therefore, skip this situation. 2016-12-08 David Kilzer <ddkilzer@apple.com> Always check the return value of pthread_key_create() <https://webkit.org/b/165274> Reviewed by Darin Adler. * platform/ios/wak/WebCoreThread.mm: (InitThreadContextKey): Call CRASH() if pthread_key_create() returns an error. The error code will be stored in a register available in a crash log, so no need to log the value explicitly. 2016-12-08 Alex Christensen <achristensen@webkit.org> Reduce PassRefPtr use in platform/graphics https://bugs.webkit.org/show_bug.cgi?id=165636 Reviewed by Dean Jackson. No change in behavior. * platform/graphics/GraphicsContext3D.h: * platform/graphics/mac/DisplayRefreshMonitorMac.h: (WebCore::DisplayRefreshMonitorMac::create): * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: (WebCore::GraphicsContext3D::createForCurrentGLContext): (WebCore::GraphicsContext3D::paintRenderingResultsToImageData): 2016-12-08 Keith Rollin <krollin@apple.com> Move FileHandle to WebCore FileHandle.h https://bugs.webkit.org/show_bug.cgi?id=165562 Reviewed by Alex Christensen. Add FileHandle, a small wrapper around FileSystem facilities to manage the lifetime of an open file and give the facilities a C++ interface. No new tests -- affected facility is currently only used in testing code and is not user reachable. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * platform/FileHandle.cpp: Added. (WebCore::FileHandle::FileHandle): (WebCore::FileHandle::~FileHandle): (WebCore::FileHandle::operator=): (WebCore::FileHandle::operator bool): (WebCore::FileHandle::open): (WebCore::FileHandle::read): (WebCore::FileHandle::write): (WebCore::FileHandle::printf): (WebCore::FileHandle::close): * platform/FileHandle.h: Added. 2016-12-07 Ryosuke Niwa <rniwa@webkit.org> ASSERTION FAILED: m_items.isEmpty() in CustomElementReactionQueue destructor https://bugs.webkit.org/show_bug.cgi?id=162029 <rdar://problem/28945851> Reviewed by Chris Dumez. The bug was caused by Document::removedLastRef enqueuing disconnectedCallback during a tear down. Don't enqueue a disconnectedCallback while a document is getting torn down since that should not be observable to author scripts. The connected, adopted, and attributeChanged callbacks are immune from this problem since they don't happen during a document destruction. Note that this was also the case prior to this patch since the disconnectedCallback would have been added to the current CustomElementReactionQueue which will be destructed without invoking callbacks (or hit a release assertion added in r208785 and r209426 for now). Tests: fast/custom-elements/disconnected-callback-in-detached-iframe.html fast/custom-elements/element-queue-during-document-destruction.html * dom/CustomElementReactionQueue.cpp: (WebCore::CustomElementReactionQueue::enqueueConnectedCallbackIfNeeded): Added an assertion that document's refCount hasn't reached zero yet. (WebCore::CustomElementReactionQueue::enqueueDisconnectedCallbackIfNeeded): Fixed the bug. (WebCore::CustomElementReactionQueue::enqueueAdoptedCallbackIfNeeded): Added the same assertion. (WebCore::CustomElementReactionQueue::enqueueAttributeChangedCallbackIfNeeded): Ditto. 2016-12-08 Daniel Bates <dabates@apple.com> Add Strict Mixed Content Checking and Upgrade Insecure Requests to WebKit Feature Status dashboard https://bugs.webkit.org/show_bug.cgi?id=165635 Rubber-stamped by Ryosuke Niwa. * features.json: 2016-12-08 Daniel Bates <dabates@apple.com> Implement Strict Mixed Content Checking https://bugs.webkit.org/show_bug.cgi?id=165438 <rdar://problem/26103867> Reviewed by Brent Fulgham and Andy Estes. Add support for the CSP directive block-all-mixed-content to enable strict mixed content checking as per <https://www.w3.org/TR/2016/CR-mixed-content-20160802/#strict-checking> (2 August 2016). Currently WebKit only blocks blockable content as such content can contaminate the security origin that loaded it. Optionally-blockable content, including images, would be allowed to load as mixed content. When strict mixed content checking is enabled all mixed content is blocked. That is, both blockable and optionally-blockable content will be blocked. A web site can opt into strict mixed content checking by adding the directive block-all-mixed-content to their content security policy. Tests: http/tests/security/contentSecurityPolicy/block-all-mixed-content/data-url-iframe-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/duplicate-directive.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe-report-only.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-css-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-iframe-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-blob-url-iframe-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-inherited-policy.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-xslt-document-in-iframe-with-inherited-policy.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-plugin-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe-with-inherited-policy.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-script-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-asynchronous-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-xhr-synchronous-in-main-frame.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-in-iframe.html http/tests/security/contentSecurityPolicy/block-all-mixed-content/secure-image-after-upgrade-redirect-in-iframe.html * dom/Document.cpp: (WebCore::Document::initSecurityContext): Inherit strict mixed content checking mode from parent document. * dom/SecurityContext.h: (WebCore::SecurityContext::isStrictMixedContentMode): Added. (WebCore::SecurityContext::setStrictMixedContentMode): Added. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): Check mixed content policy with respect to the current frame. The document in the current frame may have opted into strict mixed content checking or inherited it from its parent document. * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::begin): Inherit the strict mixed content checking mode from the owner document when loading a JavaScript URL in a frame (e.g. <iframe src="javascript:...">) because such URLs inherit the security origin of their parent document. * loader/MixedContentChecker.cpp: (WebCore::MixedContentChecker::canDisplayInsecureContent): Check the content security policy of the document and the strict mixed content checking mode bit on the document (in that order) to determine if we are in strict mode. Block display of insecure content when in strict mode. Modified to take enum AlwaysDisplayInNonStrictMode (defaults to AlwaysDisplayInNonStrictMode::No) as to whether to allow our current relaxed behavior of displaying insecure content in non-strict mode. (WebCore::MixedContentChecker::canRunInsecureContent): Check the content security policy of the document and the strict mixed content checking mode bit on the document (in that order) to determine if we are in strict mode. Block running of insecure content when in strict mode. * loader/MixedContentChecker.h: * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::checkInsecureContent): Always check mixed content policy with respect to the current frame. The document in the current frame may have opted into strict mixed content checking or inherited it from its parent document. Also renamed a local variable f to frame to better describe its purpose. * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::allowRunningOrDisplayingInsecureContent): Added. Iterate through all the policies and report violations with respect to policies that have directive block-all-mixed-content. (WebCore::ContentSecurityPolicy::didReceiveHeader): Move logic to set eval() error message from here... (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): ...to here so that we only perform it once we are ready to apply the CSP policy to the script execution context. Additionally, enable strict mixed content checking on the script execution context if applicable. (WebCore::ContentSecurityPolicy::reportViolation): Added overrides that take a string and a directive list object (ContentSecurityPolicyDirectiveList) for the effective violated directive and its associated directive list, respectively. We make use of these overrides so as to support reporting block-all-mixed-content violations, which are not implemented using a ContentSecurityPolicyDirective object as it seemed sufficient to implement it as a boolean on ContentSecurityPolicyDirectiveList. * page/csp/ContentSecurityPolicy.h: * page/csp/ContentSecurityPolicyDirectiveList.cpp: (WebCore::ContentSecurityPolicyDirectiveList::setBlockAllMixedContentEnabled): Added. (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the directive block-all-mixed-content. * page/csp/ContentSecurityPolicyDirectiveList.h: (WebCore::ContentSecurityPolicyDirectiveList::hasBlockAllMixedContentDirective): Added. * page/csp/ContentSecurityPolicyDirectiveNames.cpp: * page/csp/ContentSecurityPolicyDirectiveNames.h: Add constant for "block-all-mixed-content". 2016-12-08 Sam Weinig <sam@webkit.org> [WebIDL] Remove custom bindings for Geolocation https://bugs.webkit.org/show_bug.cgi?id=165625 Reviewed by Alex Christensen. * CMakeLists.txt: * DerivedSources.cpp: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Add/remove files. * Modules/geolocation/GeoNotifier.cpp: (WebCore::GeoNotifier::GeoNotifier): (WebCore::GeoNotifier::hasZeroTimeout): (WebCore::GeoNotifier::startTimerIfNeeded): * Modules/geolocation/GeoNotifier.h: (WebCore::GeoNotifier::create): (WebCore::GeoNotifier::options): Update to store PositionOptions as a value, and pass the PositionCallback as a Ref, rather than a RefPtr, since it is not optional. * Modules/geolocation/Geolocation.cpp: (WebCore::createGeoposition): Use auto, to get the good type for Coordinates (Ref). (WebCore::Geolocation::getCurrentPosition): (WebCore::Geolocation::watchPosition): (WebCore::Geolocation::haveSuitableCachedPosition): (WebCore::Geolocation::startUpdating): * Modules/geolocation/Geolocation.h: Update to pass PositionOptions itself now that it is a plain struct. * Modules/geolocation/Geolocation.idl: Remove [Custom] extended attribute and add FIXME about nullable annotation. * Modules/geolocation/Geoposition.h: Pass/store Coordinates as a Ref. * Modules/geolocation/PositionOptions.h: Convert to be a simple struct. * Modules/geolocation/PositionOptions.idl: Added. * bindings/js/JSGeolocationCustom.cpp: Removed. 2016-12-08 Alex Christensen <achristensen@webkit.org> REGRESSION (URL parser): Relative URLs aren’t resolved correctly when the base URL is an applewebdata: URL https://bugs.webkit.org/show_bug.cgi?id=165621 Reviewed by Dan Bernstein. Covered by new API tests. * platform/URLParser.cpp: (WebCore::URLParser::parse): URLs with nonspecial schemes and no slash after the host get no slash as the path to maintain compatibility with all browsers. This was proposed to the URL spec in https://github.com/whatwg/url/issues/148 When such as URL is used as a base URL with a relative path, in order to maintain compatibility with URL::parse we need to prepend a slash to the path. For completeness I added tests with a relative path, a relative query, a relative fragment, and a relative empty string, and because the fate of the spec is unclear in this case, I decided to maintain compatibility with URL::parse in all these cases. 2016-12-06 Filip Pizlo <fpizlo@apple.com> Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Made WebCore down with concurrent marking by adding some locking and adapting to some new API. This has new test modes in run-sjc-stress-tests. Also, the way that LayoutTests run is already a fantastic GC test. * ForwardingHeaders/heap/DeleteAllCodeEffort.h: Added. * ForwardingHeaders/heap/LockDuringMarking.h: Added. * bindings/js/GCController.cpp: (WebCore::GCController::deleteAllCode): (WebCore::GCController::deleteAllLinkedCode): * bindings/js/GCController.h: * bindings/js/JSDOMBinding.cpp: (WebCore::getCachedDOMStructure): (WebCore::cacheDOMStructure): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::addBuiltinGlobals): (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMGlobalObject.h: (WebCore::getDOMConstructor): * bindings/js/JSDOMPromise.cpp: (WebCore::DeferredPromise::DeferredPromise): (WebCore::DeferredPromise::clear): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * dom/EventListenerMap.cpp: (WebCore::EventListenerMap::clear): (WebCore::EventListenerMap::replace): (WebCore::EventListenerMap::add): (WebCore::EventListenerMap::remove): (WebCore::EventListenerMap::find): (WebCore::EventListenerMap::removeFirstEventListenerCreatedFromMarkup): (WebCore::EventListenerMap::copyEventListenersNotCreatedFromMarkupToTarget): (WebCore::EventListenerIterator::EventListenerIterator): * dom/EventListenerMap.h: (WebCore::EventListenerMap::lock): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: (WebCore::EventTarget::visitJSEventListeners): Deleted. * dom/Node.cpp: (WebCore::Node::eventTargetDataConcurrently): (WebCore::Node::ensureEventTargetData): (WebCore::Node::clearEventTargetData): * dom/Node.h: * page/MemoryRelease.cpp: (WebCore::releaseCriticalMemory): * page/cocoa/MemoryReleaseCocoa.mm: (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation): (WebCore::registerMemoryReleaseNotifyCallbacks): 2016-12-08 Dave Hyatt <hyatt@apple.com> [CSS Parser] Add strict checking for right parens to selector functions like :matches, :not etc. https://bugs.webkit.org/show_bug.cgi?id=165624 Reviewed by Dean Jackson. Unskipped fast/selectors/invalid-functional-pseudo-class.html. * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumePseudo): Bail if we don't actually consume a right parenthesis. 2016-12-08 Jeremy Jones <jeremyj@apple.com> Exit fullscreen on escape key down, not up. https://bugs.webkit.org/show_bug.cgi?id=165618 rdar://problem/29581688 This problem was introduced by https://bugs.webkit.org/show_bug.cgi?id=165416 The fix to only exit fullscreen on key down, not key up. Reviewed by Jer Noble. * page/EventHandler.cpp: (WebCore::EventHandler::keyEvent): 2016-12-08 Dave Hyatt <hyatt@apple.com> [CSS Parser] Unskip background parsing tests https://bugs.webkit.org/show_bug.cgi?id=165619 Reviewed by Zalan Bujtas. Change background-position so that the origin being set is tracked on a per-x/y basis instead of as a single boolean. The single boolean caused lousy computed style dumping, since we would switch into verbose mode for both x and y, even if only one of them had a pair set for it. * css/CSSComputedStyleDeclaration.cpp: (WebCore::createPositionListForLayer): * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertPositionComponent): * rendering/style/FillLayer.cpp: (WebCore::FillLayer::FillLayer): (WebCore::FillLayer::operator=): (WebCore::FillLayer::fillUnsetProperties): * rendering/style/FillLayer.h: (WebCore::FillLayer::isBackgroundXOriginSet): (WebCore::FillLayer::isBackgroundYOriginSet): (WebCore::FillLayer::setBackgroundXOrigin): (WebCore::FillLayer::setBackgroundYOrigin): (WebCore::FillLayer::clearXPosition): (WebCore::FillLayer::clearYPosition): (WebCore::FillLayer::isBackgroundOriginSet): Deleted. 2016-12-08 Jeremy Jones <jeremyj@apple.com> pointer lock should exit when a js alert is shown https://bugs.webkit.org/show_bug.cgi?id=165423 rdar://problem/29430803 Reviewed by Jer Noble. Test: pointer-lock/lock-lost-on-alert.html * page/DOMWindow.cpp: (WebCore::DOMWindow::alert): (WebCore::DOMWindow::confirm): (WebCore::DOMWindow::prompt): 2016-12-07 Sam Weinig <sam@webkit.org> [WebIDL] WebGLContextAttributes should be a dictionary https://bugs.webkit.org/show_bug.cgi?id=165572 Reviewed by Dean Jackson. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: Remove unused files. * bindings/js/JSHTMLCanvasElementCustom.cpp: (WebCore::JSHTMLCanvasElement::getContext): (WebCore::attributesFor3DContext): Deleted. Re-work getContext to use JSDOMConvert and use the WebGLContextAttributes dictionary. * bindings/scripts/CodeGeneratorJS.pm: (NativeToJSValueDOMConvertNeedsState): (NativeToJSValueDOMConvertNeedsGlobalObject): Add missing inclusion of dictionaries. * html/HTMLCanvasElement.cpp: (WebCore::maxActivePixelMemory): (WebCore::HTMLCanvasElement::getContext): (WebCore::HTMLCanvasElement::is2dType): (WebCore::HTMLCanvasElement::getContext2d): (WebCore::shouldEnableWebGL): (WebCore::HTMLCanvasElement::is3dType): (WebCore::HTMLCanvasElement::getContextWebGL): * html/HTMLCanvasElement.h: Refactor context creation of 2d and WebGL contexts into their own functions. Make the WebGL one take a WebGLContextAttributes struct. * html/HTMLCanvasElement.idl: No functionality change. Make IDL match the latest spec. * html/canvas/CanvasContextAttributes.cpp: Removed. * html/canvas/CanvasContextAttributes.h: Removed. Remove unneeded base class. * html/canvas/WebGLContextAttributes.cpp: Removed. * html/canvas/WebGLContextAttributes.h: Instead of a class, we can use a type alias of GraphicsContext3D::Attributes for WebGLContextAttributes. * html/canvas/WebGLContextAttributes.idl: Convert to a dictionary. * html/canvas/WebGL2RenderingContext.cpp: * html/canvas/WebGL2RenderingContext.h: * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::create): (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase): (WebCore::WebGLRenderingContextBase::clearIfComposited): (WebCore::WebGLRenderingContextBase::getContextAttributes): (WebCore::WebGLRenderingContextBase::applyStencilTest): * html/canvas/WebGLRenderingContextBase.h: Update to WebGLContextAttributes by value, since it is a simple struct now. Update getContextAttributes to return a std::optional<WebGLContextAttributes>. * html/canvas/WebGLRenderingContextBase.idl: Make getContextAttributes return a nullable WebGLContextAttributes, as per spec. * platform/graphics/GraphicsContext3D.h: Sort attributes into categories, one that match WebGLContextAttributes, and the remainder. 2016-12-08 Zalan Bujtas <zalan@apple.com> Do not create multicolumn context for certain type of renderers. https://bugs.webkit.org/show_bug.cgi?id=135601 <rdar://problem/27686300> Reviewed by David Hyatt. Certain type of renderers including forms should not initialize multicolumn context for their inner (shadow) content. It just does not makes sense and is inline with what other browsers do. Test: fast/multicol/no-multicol-for-textareas.html * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::willCreateColumns): (WebCore::RenderBlockFlow::requiresColumns): * rendering/RenderBlockFlow.h: 2016-12-08 Dave Hyatt <hyatt@apple.com> [CSS Parser] REGRESSION: Values of 0 should not be allowed for -webkit-aspect-ratio https://bugs.webkit.org/show_bug.cgi?id=165607 Reviewed by Simon Fraser. Unskipped fast/css/aspect-ratio-parsing-tests.html. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeWebkitAspectRatio): Don't allow 0 as either the left or right value of the ratio. 2016-12-08 Antti Koivisto <antti@apple.com> ::after and ::before don't work on :host https://bugs.webkit.org/show_bug.cgi?id=164675 <rdar://problem/29231874> Reviewed by Andreas Kling. We didn't allow combining :host with any other selectors. Pseudo elements should be allowed. Test: fast/shadow-dom/shadow-host-with-before-after.html * css/ElementRuleCollector.cpp: (WebCore::ElementRuleCollector::matchAuthorRules): Allow pseudo element matching. (WebCore::ElementRuleCollector::matchHostPseudoClassRules): Use the normal collectMatchingRulesForList path instead of a direct call to SelectorChecker::matchHostPseudoClass. This path supports pseudo elements. Pass the information that we are matching :host rules with m_isMatchingHostPseudoClass bit similarly to how this is done with slots. (WebCore::ElementRuleCollector::ruleMatches): * css/ElementRuleCollector.h: * css/RuleSet.cpp: Collect :host rules similarly to other rules. (WebCore::RuleSet::addRule): * css/SelectorChecker.cpp: Rename didMoveToShadowHost->mayMatchHostPseudoClass for clarity. (WebCore::SelectorChecker::match): Enable :host matching in the current context immediately if needed. (WebCore::SelectorChecker::matchHostPseudoClass): The check for illegal combinations with :host is now done in checkOne(). (WebCore::localContextForParent): (WebCore::SelectorChecker::checkOne): In context where :host matches nothing else can match, except pseudo elements. * css/SelectorChecker.h: 2016-12-08 Alex Christensen <achristensen@webkit.org> Fix CMake build. * PlatformMac.cmake: Add PerformanceLoggingCocoa.mm after r209181. 2016-12-08 Per Arne Vollan <pvollan@apple.com> [Win] Some versions of Cygwin Perl generate incorrect C++ code. https://bugs.webkit.org/show_bug.cgi?id=165524 rdar://problem/29508043 Reviewed by Daniel Bates. Perl strings with variables seems to be handled differently, depending on which version of Cygwin Perl you are running. To make sure they are handled identically, specify variables in strings as "${var}" instead of "$var". * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): 2016-12-08 Alex Christensen <achristensen@webkit.org> Fix EFL build after r209526 https://bugs.webkit.org/show_bug.cgi?id=165594 * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::consumePositiveIntegerRaw): nullptr is being automatically converted to false everywhere but EFL. It should be false. This function returns a bool. 2016-12-07 Dave Hyatt <hyatt@apple.com> REGRESSION: font shorthand parsing is broken https://bugs.webkit.org/show_bug.cgi?id=165594 Reviewed by Zalan Bujtas. Unskipping fast/css/font-calculated-value.html. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeFontWeight): The new parser did not support calc() in the font-weight property. In order to support a positive integer, add new functions to consume and handle positive integers without making a CSSPrimitiveValue out of the number. These correspond to consumeNumberRaw but are limited to positive integers. (WebCore::CSSPropertyParser::consumeFont): The implicit bool was incorrectly set to true when properties were defined because releaseNonNull() cleared the variables being null checked. Add separate booleans to avoid this. * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::CalcParser::consumePositiveIntegerRaw): (WebCore::CSSPropertyParserHelpers::consumePositiveIntegerRaw): * css/parser/CSSPropertyParserHelpers.h: Add the new helpers that consume positive integers without creating CSSPrimitiveValues out of them. 2016-12-07 Jeremy Jones <jeremyj@apple.com> Exit pointer lock when page goes into page cache. https://bugs.webkit.org/show_bug.cgi?id=165425 rdar://problem/29430834 Reviewed by Jer Noble. Test: pointer-lock/lock-lost-on-navigation.html Cancel pointer lock when page goes into page cache and add methods to Internals so it can be tested. * dom/Document.cpp: (WebCore::Document::setPageCacheState): * page/PointerLockController.h: * testing/Internals.cpp: (WebCore::Internals::pageHasPendingPointerLock): (WebCore::Internals::pageHasPointerLock): * testing/Internals.h: * testing/Internals.idl: 2016-12-07 Antoine Quint <graouts@apple.com> [Modern Media Controls] Tracks panel does not display in the right location in fullscreen and cannot be dismissed https://bugs.webkit.org/show_bug.cgi?id=165575 Reviewed by Dean Jackson. We position the tracks panel programmatically based on the current bounds of the fullscreen button in fullscreen. This allows for the tracks panel to be shown in the right spot even after dragging the controls bar. We also use the fullscreen media controls as the target for tracking "mousedown" events when the tracks panel is shown in a fullscreen presentation. Tests: media/modern-media-controls/tracks-support/tracks-support-show-panel-after-dragging-controls.html media/modern-media-controls/tracks-support/tracks-support-show-panel-fullscreen.html * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: (.media-controls.mac.fullscreen .scrubber): (.media-controls.mac.fullscreen .tracks-panel): Deleted. * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js: (MacOSFullscreenMediaControls.prototype.showTracksPanel): * Modules/modern-media-controls/controls/tracks-panel.js: (TracksPanel.prototype.presentInParent): (TracksPanel.prototype.hide): (TracksPanel.prototype.get bottomY): (TracksPanel.prototype.set bottomY): (TracksPanel.prototype.commitProperty): (TracksPanel.prototype._mousedownTarget): 2016-12-07 Antoine Quint <graouts@apple.com> [Modern Media Controls] Use a small picture-in-picture button in fullscreen https://bugs.webkit.org/show_bug.cgi?id=165587 Reviewed by Dean Jackson. Use a newer, smaller asset for picture-in-picture in fullscreen. * Modules/modern-media-controls/controls/icon-service.js: * Modules/modern-media-controls/images/macOS/pip-in-fullscreen@1x.png: Added. * Modules/modern-media-controls/images/macOS/pip-in-fullscreen@2x.png: Added. 2016-12-07 Dean Jackson <dino@apple.com> Remove runtime toggle for pointer-lock https://bugs.webkit.org/show_bug.cgi?id=165577 <rdar://problems/29566996> Reviewed by Jon Lee. Remove any runtime calls to check if pointer-lock is enabled. It's either compiled in or out. Covered by existing tests. * bindings/generic/RuntimeEnabledFeatures.h: (WebCore::RuntimeEnabledFeatures::setPointerLockEnabled): Deleted. (WebCore::RuntimeEnabledFeatures::pointerLockEnabled): Deleted. * dom/Document.idl: * dom/Element.idl: * page/Page.h: * page/PointerLockController.cpp: (WebCore::PointerLockController::requestPointerLock): (WebCore::PointerLockController::requestPointerUnlock): (WebCore::PointerLockController::requestPointerUnlockAndForceCursorVisible): 2016-12-07 John Wilander <wilander@apple.com> Allow commas in Accept, Accept-Language, and Content-Language request headers for simple CORS https://bugs.webkit.org/show_bug.cgi?id=165566 <rdar://problem/29560983> Reviewed by Alex Christensen. Updated the existing tests. * platform/network/HTTPParsers.cpp: (WebCore::isValidAcceptHeaderValue): Now also accepts ','. (WebCore::isValidLanguageHeaderValue): Ditto. 2016-12-07 Dave Hyatt <hyatt@apple.com> [CSS Parser] Stop skipping tests in the css3 LayoutTests subdirectory https://bugs.webkit.org/show_bug.cgi?id=165574 Reviewed by Dean Jackson. * css/CSSGroupingRule.cpp: (WebCore::CSSGroupingRule::insertRule): The old parser didn't support the creation of @namespace rules in the CSS OM, but the new parser does. We need to ensure that just like for @import rules, that the insertion of a @namespace rule inside a @supports rule is not allowed. This test passed in the old parser because the rule just didn't get created, but in the new parser, we need to add a check along with the @import rule check to ensure it isn't allowed. 2016-12-07 Antoine Quint <graouts@apple.com> [Modern Media Controls] Remove aspect ratio button https://bugs.webkit.org/show_bug.cgi?id=165571 Reviewed by Dean Jackson. Since we do not have a way to toggle letterboxing on an HTMLMediaElement, we remove the corresponding button in the media controls. * Modules/modern-media-controls/controls/aspect-ratio-button.js: Removed. * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js: * Modules/modern-media-controls/js-files: 2016-12-07 Jeremy Jones <jeremyj@apple.com> One esc to exit fullscreen and pointer lock https://bugs.webkit.org/show_bug.cgi?id=165416 rdar://problem/29430711 Reviewed by Jer Noble. Test: pointer-lock/lock-lost-on-esc-in-fullscreen.html When handling escape, also exit fullscreen on escape. This also means that escape can exit fullscreen in TestRunner. * page/EventHandler.cpp: (WebCore::EventHandler::keyEvent): 2016-12-07 Yusuke Suzuki <utatane.tea@gmail.com> [JSC] Drop translate phase in module loader https://bugs.webkit.org/show_bug.cgi?id=164861 Reviewed by Saam Barati. * bindings/js/JSDOMWindowBase.cpp: * bindings/js/JSWorkerGlobalScopeBase.cpp: 2016-12-07 Keith Rollin <krollin@apple.com> Network event record/replay https://bugs.webkit.org/show_bug.cgi?id=164527 <rdar://problem/29168157> Reviewed by Alex Christensen. Export parseURLEncodedForm. No new tests -- no functionality added, changed, or removed. * platform/URLParser.h: 2016-12-07 Dave Hyatt <hyatt@apple.com> [CSS Parser] Consolidate string/ident/url serialization functions https://bugs.webkit.org/show_bug.cgi?id=165552 Reviewed by Zalan Bujtas. Right now CSSParser has string, ident and url serialization functions called quoteCSStringIfNeeded (which actually serializes both strings and identifiers), as well as quoteCSSURLIfNeeded. CSSMarkup already has serialization functions that exist outside of the CSSParser and that handle serialization of strings, idents and URLs. This patch eliminates the CSSParser functions and consolidates all of the serialization to use CSSMarkup's functions. Note that we are not spec-compliant at all here, and so I had to amend the functions to support our non-spec-compliant serialization. The goal of this patch is consolidation and not to fix our broken serialization. Notable changes include parameterizing string serialization so that both single and double quotes are supported, since in the existing code we're sometimes spec-compliant (CSSSelectors) and sometimes not (CSSPrimitiveValue). We also overload CSS_STRING primitive value type and have it act as both a string and a custom identifier. This is lame, since the parser should have made two different types of objects instead, but since our parser doesn't do that yet, I added a serializeAsStringOrCustomIdent that preserves our old behavior of "quote the string only if needed." In this case what that really meant was "Try to guess that we were originally a custom ident and leave off quotes if so." This function will go away once we properly create CSSStringValues and CSSCustomIdentValues instead of turning the latter into strings. * css/CSSBasicShapes.cpp: (WebCore::buildPathString): * css/CSSImageValue.cpp: (WebCore::CSSImageValue::customCSSText): * css/CSSMarkup.cpp: (WebCore::isCSSTokenizerURL): (WebCore::serializeString): (WebCore::serializeURL): (WebCore::serializeAsStringOrCustomIdent): (WebCore::serializeURI): Deleted. * css/CSSMarkup.h: * css/CSSPrimitiveValue.cpp: (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): * css/CSSSelector.cpp: (WebCore::CSSSelector::selectorText): * css/parser/CSSParser.cpp: (WebCore::isCSSTokenizerIdent): Deleted. (WebCore::isCSSTokenizerURL): Deleted. (WebCore::quoteCSSStringInternal): Deleted. (WebCore::quoteCSSString): Deleted. (WebCore::quoteCSSStringIfNeeded): Deleted. (WebCore::quoteCSSURLIfNeeded): Deleted. * css/parser/CSSParser.h: * html/HTMLElement.cpp: (WebCore::HTMLElement::mapLanguageAttributeToLocale): 2016-12-07 Dean Jackson <dino@apple.com> Expose internal API to detect media documents https://bugs.webkit.org/show_bug.cgi?id=165559 <rdar://problems/29564054> Reviewed by Antoine Quint. Expose via MediaControlsHost whether or not we're in a MediaDocument. Since MediaControlsHost is only exposed to our internal controls, it's not possible to test this directly. However, a subsequent test for media documents with audio-only content will cover this change. * Modules/mediacontrols/MediaControlsHost.cpp: Add isInMediaDocument and put const on various methods that should have it. (WebCore::MediaControlsHost::captionDisplayMode): (WebCore::MediaControlsHost::supportsFullscreen): (WebCore::MediaControlsHost::isVideoLayerInline): (WebCore::MediaControlsHost::isInMediaDocument): * Modules/mediacontrols/MediaControlsHost.h: * Modules/mediacontrols/MediaControlsHost.idl: Add isInMediaDocument. 2016-12-07 Zalan Bujtas <zalan@apple.com> ASSERTION FAILED: count >= 1 in WebCore::RenderMultiColumnSet::columnCount https://bugs.webkit.org/show_bug.cgi?id=136365 <rdar://problem/27686727> Reviewed by Simon Fraser. Margin value overflow ends up confusing the column count computing logic. Test: fast/multicol/assert-on-column-count-when-zoomed-in.html * css/StyleResolver.cpp: (WebCore::addIntrinsicMargins): 2016-12-07 Ryosuke Niwa <rniwa@webkit.org> document.caretRangeFromPoint doesn't retarget the resultant Range correctly. https://bugs.webkit.org/show_bug.cgi?id=165146 Reviewed by Sam Weinig. The bug was caused by caretRangeFromPoint not retargeting the resultant Range correctly. Namely, it's possible for RenderObject::positionForPoint to move across shadow boundary even if node was identically equal to ancestorInThisScope(node). Fixed the bug by directly retargeting the range's container node and its offset as done for elementFromPoint in r206795. Test: fast/shadow-dom/caret-range-from-point-in-shadow-tree.html * dom/Document.cpp: (WebCore::Document::caretRangeFromPoint): 2016-12-07 Antoine Quint <graouts@apple.com> [Modern Media Controls] Entering fullscreen and returning to inline shows fullscreen controls https://bugs.webkit.org/show_bug.cgi?id=165536 Reviewed by Tim Horton. We regressed when we implemented the fix for webkit.org/b/165494 and we started to rely solely on the "webkitpresentationmodechanged" event to identify presention mode changes. As it turns out, when the "webkitpresentationmodechanged" event is dispatched when exiting fullscreen and returning to the inline presentation mode, querying the "webkitPresentationMode" property says "inline" while "webkitDisplayingFullscreen" still returns true (raised as webkit.org/b/165538). We now use the "webkitPresentationMode" property when that property is supported and we're using the "webkitpresentationmodechanged" event, and we use the "webkitDisplayingFullscreen" property otherwise. Test: media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-inline.html * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype.get layoutTraits): 2016-12-07 Wenson Hsieh <wenson_hsieh@apple.com> Scroll position jumps to the origin when scrolling without momentum at the end of a scroll snapping container https://bugs.webkit.org/show_bug.cgi?id=165474 <rdar://problem/29534305> Reviewed by Simon Fraser. When initializing an AppKit _NSScrollingMomentumCalculator, if the initial and target positions are the same and the initial velocity is (0, 0), the momentum calculator will output (0, 0) as the animated scroll position when animating. This causes the scroll position to jump to the top left in some cases when scrolling in scroll snap containers. To fix this, we teach the ScrollingMomentumCalculatorMac to return an animation duration of 0 and an animated scroll position equal to the final scroll position when this is the case. Test: tiled-drawing/scrolling/scroll-snap/scrolling-jumps-to-top.html * page/scrolling/mac/ScrollingMomentumCalculatorMac.h: * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm: (WebCore::ScrollingMomentumCalculatorMac::ScrollingMomentumCalculatorMac): (WebCore::ScrollingMomentumCalculatorMac::scrollOffsetAfterElapsedTime): (WebCore::ScrollingMomentumCalculatorMac::animationDuration): 2016-12-07 Nan Wang <n_wang@apple.com> AX: menu type toolbar should be mapped correctly on Mac https://bugs.webkit.org/show_bug.cgi?id=165537 Reviewed by Chris Fleizach. The menu tag with a toolbar type should have the corresponding role. Test: accessibility/mac/menu-type-toolbar.html * accessibility/AccessibilityRenderObject.cpp: (WebCore::AccessibilityRenderObject::determineAccessibilityRole): 2016-12-07 Wenson Hsieh <wenson_hsieh@apple.com> Add a new project for recording and playing back editing commands in editable web content https://bugs.webkit.org/show_bug.cgi?id=165114 <rdar://problem/29408135> Reviewed by Beth Dakin. Adds new scripts used to record and play back editing, as well as a new Xcode Copy files phase that pushes these scripts to the internal system directory when installing. See the Tools ChangeLog and individual comments below for more details. Covered by 3 new unit tests in the EditingHistory project. * InternalScripts/DumpEditingHistory.js: Added. (beginProcessingTopLevelUpdate): (endProcessingTopLevelUpdate): (appendDOMUpdatesFromRecords): (appendSelectionUpdateIfNecessary): Adds new entries into the top-level list of DOM updates captured when editing. Respectively, these are input events and selection changes. (EditingHistory.getEditingHistoryAsJSONString): * InternalScripts/EditingHistoryUtil.js: Added. (prototype._scramble): (prototype.applyToText): (prototype.applyToFilename): (prototype._scrambedNumberIndexForCode): (prototype._scrambedLowercaseIndexForCode): (prototype._scrambedUppercaseIndexForCode): Naive implementation of an obfuscator. Currently, this only affects alphanumeric characters. Obfuscation is off by default, but can be toggled on in JavaScript. (elementFromMarkdown): (GlobalNodeMap): (GlobalNodeMap.prototype.nodesForGUIDs): (GlobalNodeMap.prototype.guidsForTNodes): (GlobalNodeMap.prototype.nodeForGUID): (GlobalNodeMap.prototype.guidForNode): (GlobalNodeMap.prototype.hasGUIDForNode): (GlobalNodeMap.prototype.nodes): (GlobalNodeMap.prototype.toObject): (GlobalNodeMap.fromObject): (GlobalNodeMap.dataForNode): (GlobalNodeMap.elementFromTagName): (GlobalNodeMap.nodeAttributesToObject): (GlobalNodeMap.prototype.descriptionHTMLForGUID): (GlobalNodeMap.prototype.descriptionHTMLForNode): The GlobalNodeMap keeps track of every node that has appeared in the DOM, assigning each node a globally unique identifier (GUID). This GUID is used when reconstructing the DOM, as well as unapplying or applying editing. (SelectionState): (SelectionState.prototype.isEqual): (SelectionState.prototype.applyToSelection): (SelectionState.fromSelection): (SelectionState.prototype.toObject): (SelectionState.fromObject): Represents a snapshot of the Selection state (determined by getSelection()). (DOMUpdate): (DOMUpdate.prototype.apply): (DOMUpdate.prototype.unapply): (DOMUpdate.prototype.targetNode): (DOMUpdate.prototype.detailsElement): (DOMUpdate.ofType): (DOMUpdate.fromRecords): A DOMUpdate is an abstract object representing a change in the DOM that may be applied and unapplied. These are also serializable as hashes, which may then be converted to JSON when generating editing history data. (ChildListUpdate): (ChildListUpdate.prototype.apply): (ChildListUpdate.prototype.unapply): (ChildListUpdate.prototype._nextSibling): (ChildListUpdate.prototype._removedNodes): (ChildListUpdate.prototype._addedNodes): (ChildListUpdate.prototype.toObject): (ChildListUpdate.prototype.detailsElement): (ChildListUpdate.fromObject): These three update types correspond to the three types of DOM mutations. These may appear as top-level updates if they are not captured during an input event, but for the majority of user-input-driven changes, they will be children of an input event. (CharacterDataUpdate): (CharacterDataUpdate.prototype.apply): (CharacterDataUpdate.prototype.unapply): (CharacterDataUpdate.prototype.detailsElement): (CharacterDataUpdate.prototype.toObject): (CharacterDataUpdate.fromObject): (AttributeUpdate): (AttributeUpdate.prototype.apply): (AttributeUpdate.prototype.unapply): (AttributeUpdate.prototype.detailsElement): (AttributeUpdate.prototype.toObject): (AttributeUpdate.fromObject): (SelectionUpdate): (SelectionUpdate.prototype.apply): (SelectionUpdate.prototype.unapply): (SelectionUpdate.prototype.toObject): (SelectionUpdate.fromObject): (SelectionUpdate.prototype._rangeDescriptionHTML): (SelectionUpdate.prototype._anchorDescriptionHTML): (SelectionUpdate.prototype._focusDescriptionHTML): (SelectionUpdate.prototype.detailsElement): Represents a change in the Selection. While no changes to the DOM structure occur as a result of a SelectionUpdate, the information contained in these updates is used to determine where the selection should be when rewinding or playing back the editing history. (InputEventUpdate): (InputEventUpdate.prototype._obfuscatedData): (InputEventUpdate.prototype.apply): (InputEventUpdate.prototype.unapply): (InputEventUpdate.prototype.toObject): (InputEventUpdate.fromObject): (InputEventUpdate.prototype.detailsElement): Represents an update due to user input, which consists of some number of child DOM mutation updates. * WebCore.xcodeproj/project.pbxproj: 2016-12-07 Jer Noble <jer.noble@apple.com> ASSERT crash while running media-source/mediasource-activesourcebuffers.html under Stress GC bot. https://bugs.webkit.org/show_bug.cgi?id=165514 Reviewed by Eric Carlson. If a track associated with MSE is disabled after a SourceBuffer begins parsing a queued append operation, SourceBuffer can get into a state where it asks SourceBufferPrivateAVFObjC if it is ready to accept data for that disabled track. This causes an ASSERT_NOT_REACHED in isReadyForMoreData(). However, this seems to be a valid condition; we can safely just return "false" from isReadyForMoreSamples() (and also bail from notifyClientWhenReadyForMoreSamples()) when asked about a disabled track. * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm: (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): 2016-12-07 Dave Hyatt <hyatt@apple.com> [CSS Parser] Eliminate the Scope class and fold it into CSSTokenizer https://bugs.webkit.org/show_bug.cgi?id=165532 Reviewed by Dean Jackson. The Scope class, nested inside CSSTokenizer, is both poorly named and serves no purpose. It's especially weird that it was the entry point into tokenization instead of CSSTokenizer. Eliminate the class, fold its members and functions into CSSTokenizer, and have callers just make a CSSTokenizer instead. * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseSupportsCondition): (WebCore::CSSParser::parseSelector): * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::parseValue): (WebCore::CSSParserImpl::parseCustomPropertyValue): (WebCore::CSSParserImpl::parseInlineStyleDeclaration): (WebCore::CSSParserImpl::parseDeclarationList): (WebCore::CSSParserImpl::parseRule): (WebCore::CSSParserImpl::parseStyleSheet): (WebCore::CSSParserImpl::parseKeyframeKeyList): (WebCore::CSSParserImpl::parseDeclarationListForInspector): (WebCore::CSSParserImpl::parseStyleSheetForInspector): * css/parser/CSSTokenizer.cpp: (WebCore::CSSTokenizer::CSSTokenizer): (WebCore::CSSTokenizer::tokenRange): (WebCore::CSSTokenizer::tokenCount): (WebCore::CSSTokenizer::registerString): (WebCore::CSSTokenizer::Scope::Scope): Deleted. (WebCore::CSSTokenizer::Scope::tokenRange): Deleted. (WebCore::CSSTokenizer::Scope::tokenCount): Deleted. * css/parser/CSSTokenizer.h: (WebCore::CSSTokenizer::Scope::storeString): Deleted. * css/parser/CSSTokenizerInputStream.cpp: (WebCore::CSSTokenizerInputStream::CSSTokenizerInputStream): * css/parser/CSSTokenizerInputStream.h: * css/parser/MediaQueryParser.cpp: (WebCore::MediaQueryParser::parseMediaQuerySet): * css/parser/SizesAttributeParser.cpp: (WebCore::SizesAttributeParser::SizesAttributeParser): 2016-12-07 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Remove unused and mostly untested Page domain commands and events https://bugs.webkit.org/show_bug.cgi?id=165507 Reviewed by Brian Burg. Remove any code associated with the commands/events being removed. * inspector/DOMPatchSupport.cpp: * inspector/DOMPatchSupport.h: * inspector/InspectorClient.h: (WebCore::InspectorClient::handleJavaScriptDialog): Deleted. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::scriptsEnabledImpl): Deleted. (WebCore::InspectorInstrumentation::willRunJavaScriptDialogImpl): Deleted. (WebCore::InspectorInstrumentation::didRunJavaScriptDialogImpl): Deleted. * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::scriptsEnabled): Deleted. (WebCore::InspectorInstrumentation::willRunJavaScriptDialog): Deleted. (WebCore::InspectorInstrumentation::didRunJavaScriptDialog): Deleted. * inspector/InspectorPageAgent.cpp: (WebCore::InspectorPageAgent::disable): (WebCore::InspectorPageAgent::didClearWindowObjectInWorld): (WebCore::InspectorPageAgent::didPaint): (WebCore::InspectorPageAgent::buildObjectForFrame): (WebCore::InspectorPageAgent::archive): (WebCore::createXHRTextDecoder): Deleted. (WebCore::InspectorPageAgent::getScriptExecutionStatus): Deleted. (WebCore::InspectorPageAgent::setScriptExecutionDisabled): Deleted. (WebCore::InspectorPageAgent::willRunJavaScriptDialog): Deleted. (WebCore::InspectorPageAgent::didRunJavaScriptDialog): Deleted. (WebCore::InspectorPageAgent::scriptsEnabled): Deleted. (WebCore::InspectorPageAgent::handleJavaScriptDialog): Deleted. * inspector/InspectorPageAgent.h: * page/Chrome.cpp: (WebCore::Chrome::runBeforeUnloadConfirmPanel): (WebCore::Chrome::runJavaScriptAlert): (WebCore::Chrome::runJavaScriptConfirm): (WebCore::Chrome::runJavaScriptPrompt): * page/Settings.cpp: (WebCore::Settings::setScriptEnabled): 2016-12-07 Jer Noble <jer.noble@apple.com> [pointer-lock] Cursor should become visible when exiting pointer-lock via ESC key. https://bugs.webkit.org/show_bug.cgi?id=165377 Reviewed by Eric Carlson. Follow up to previous patch; clear the m_forceCursorVisibleUponUnlock flag upon losing pointer lock, so that subsequent unlocks don't erroneously cause the cursor to become visible. * page/PointerLockController.cpp: (WebCore::PointerLockController::didLosePointerLock): 2016-12-06 Geoffrey Garen <ggaren@apple.com> performance.now() should truncate to 100us https://bugs.webkit.org/show_bug.cgi?id=165503 <rdar://problem/29544531> Reviewed by Mark Lam. * page/Performance.cpp: (WebCore::Performance::reduceTimeResolution): 2016-12-07 Dave Hyatt <hyatt@apple.com> [CSS Parser] Turn back on a bunch of layout tests https://bugs.webkit.org/show_bug.cgi?id=165529 Reviewed by Zalan Bujtas. Fixes fast/css/transform-origin-parsing.html. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeTransformOrigin): The implicit check was relying on a null check of the z value, but we called releaseNonNull on it already. This meant all z properties were marked as implicit incorrectly. Fix by storing whether or not we had a z value in a local variable. 2016-12-07 Andreas Kling <akling@apple.com> [iOS] Remove bitrotted FrameLoader attempt to limit page caching under memory pressure. <https://webkit.org/b/165527> Reviewed by Antti Koivisto. This code no longer does anything, as the page cache is hard capped at 0 entries while under memory pressure. * loader/FrameLoader.cpp: (WebCore::FrameLoader::commitProvisionalLoad): 2016-12-06 Antoine Quint <graouts@apple.com> [Modern Media Controls] Use tap and pinch gestures on iOS https://bugs.webkit.org/show_bug.cgi?id=165518 Reviewed by Dean Jackson. We now use touch events to identify taps and pinches on media controls to respond immediately to user interaction on buttons and enter fullscreen when pinching out. * Modules/modern-media-controls/controls/button.css: (button): * Modules/modern-media-controls/controls/button.js: (Button): (Button.prototype.handleEvent): (Button.prototype.gestureRecognizerStateDidChange): (Button.prototype._notifyDelegateOfActivation): (Button.prototype._handleUIEvent): Deleted. * Modules/modern-media-controls/controls/controls-bar.js: (ControlsBar.prototype.set fadesWhileIdle): (ControlsBar.prototype.gestureRecognizerStateDidChange): * Modules/modern-media-controls/controls/icon-button.js: (IconButton.prototype._updateImage): (IconButton): * Modules/modern-media-controls/controls/ios-inline-media-controls.js: (IOSInlineMediaControls.prototype.gestureRecognizerStateDidChange): * Modules/modern-media-controls/gesture-recognizers/gesture-recognizer.js: Added. (GestureRecognizer): (GestureRecognizer.prototype.get state): (GestureRecognizer.prototype.set state): (GestureRecognizer.prototype.get target): (GestureRecognizer.prototype.set target): (GestureRecognizer.prototype.get numberOfTouches): (GestureRecognizer.prototype.get enabled): (GestureRecognizer.prototype.set enabled): (GestureRecognizer.prototype.reset): (GestureRecognizer.prototype.locationInElement): (GestureRecognizer.prototype.locationInClient): (GestureRecognizer.prototype.locationOfTouchInElement): (GestureRecognizer.prototype.touchesBegan): (GestureRecognizer.prototype.touchesMoved): (GestureRecognizer.prototype.touchesEnded): (GestureRecognizer.prototype.touchesCancelled): (GestureRecognizer.prototype.gestureBegan): (GestureRecognizer.prototype.gestureChanged): (GestureRecognizer.prototype.gestureEnded): (GestureRecognizer.prototype.enterPossibleState): (GestureRecognizer.prototype.enterBeganState): (GestureRecognizer.prototype.enterEndedState): (GestureRecognizer.prototype.enterCancelledState): (GestureRecognizer.prototype.enterFailedState): (GestureRecognizer.prototype.enterChangedState): (GestureRecognizer.prototype.enterRecognizedState): (GestureRecognizer.prototype.handleEvent): (GestureRecognizer.prototype._initRecognizer): (GestureRecognizer.prototype._updateBaseListeners): (GestureRecognizer.prototype._removeTrackingListeners): (GestureRecognizer.prototype._updateTargetTouches): (GestureRecognizer.prototype._updateKeyboardModifiers): * Modules/modern-media-controls/gesture-recognizers/pinch.js: Added. (PinchGestureRecognizer): (PinchGestureRecognizer.prototype.get velocity): (PinchGestureRecognizer.prototype.touchesBegan): (PinchGestureRecognizer.prototype.touchesMoved): (PinchGestureRecognizer.prototype.touchesEnded): (PinchGestureRecognizer.prototype.gestureBegan): (PinchGestureRecognizer.prototype.gestureChanged): (PinchGestureRecognizer.prototype.gestureEnded): (PinchGestureRecognizer.prototype.reset): (PinchGestureRecognizer.prototype._recordGesture): (PinchGestureRecognizer.prototype._updateStateWithEvent): (PinchGestureRecognizer.prototype._distance): * Modules/modern-media-controls/gesture-recognizers/tap.js: Added. (TapGestureRecognizer): (TapGestureRecognizer.prototype.touchesBegan): (TapGestureRecognizer.prototype.touchesMoved): (TapGestureRecognizer.prototype.touchesEnded): (TapGestureRecognizer.prototype.reset): (TapGestureRecognizer.prototype.locationInElement): (TapGestureRecognizer.prototype.locationInClient): (TapGestureRecognizer.prototype._clearTimer): (TapGestureRecognizer.prototype._rewindTimer): (TapGestureRecognizer.prototype._timerFired): * Modules/modern-media-controls/js-files: * Modules/modern-media-controls/media/airplay-support.js: (AirplaySupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/controls-visibility-support.js: (ControlsVisibilitySupport): (ControlsVisibilitySupport.prototype.handleEvent): (ControlsVisibilitySupport.prototype.syncControl): Deleted. * Modules/modern-media-controls/media/fullscreen-support.js: (FullscreenSupport): (FullscreenSupport.prototype.iOSInlineMediaControlsRecognizedPinchInGesture): (FullscreenSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/media-controller-support.js: (MediaControllerSupport): (MediaControllerSupport.prototype.handleEvent): (MediaControllerSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/mute-support.js: (MuteSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/pip-support.js: (PiPSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/playback-support.js: (PlaybackSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/skip-back-support.js: (SkipBackSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/start-support.js: (StartSupport.prototype.buttonWasClicked): Deleted. * Modules/modern-media-controls/media/tracks-support.js: (TracksSupport.prototype.buttonWasClicked): Deleted. 2016-12-06 Dean Jackson <dino@apple.com> Apply styling to media documents with modern controls https://bugs.webkit.org/show_bug.cgi?id=165499 <rdar://problems/29543847> Reviewed by Antoine Quint. Forgot to commit most of the changes in MediaDocument.cpp :( * html/MediaDocument.cpp: (WebCore::MediaDocumentParser::createDocumentStructure): 2016-12-06 Simon Fraser <simon.fraser@apple.com> Two tiled drawing tests failing with visual viewports enabled. https://bugs.webkit.org/show_bug.cgi?id=165489 Reviewed by Dean Jackson. computeLayoutViewportOrigin() gets called for iframes when the layout viewport is zero-sized, but the visual viewport is non-zero. It doesn't really make sense to compute a layout viewport when the visual viewport is larger than the layout viewport, but if this happens just anchor the layout viewport at the origin of the visual viewport. * page/FrameView.cpp: (WebCore::FrameView::computeLayoutViewportOrigin): 2016-12-04 Darin Adler <darin@apple.com> Remove various stray uses of WebCore::Dictionary https://bugs.webkit.org/show_bug.cgi?id=165358 Reviewed by Sam Weinig. I discovered three completely unused classes in the MediaStream code: MediaTrackConstraint, MediaTrackConstraintSet, and MediaTrackConstraints. While there is some chance we may implement these at some point, they are likely to be dictionaries or some other kind of data structure rather than clases, and there is no reason to keep the current classes. * CMakeLists.txt: Removed MediaTrackConstraint, MediaTrackConstraintSet, and MediaTrackConstraints. * DerivedSources.cpp: Ditto. * DerivedSources.make: Ditto. * Modules/indexeddb/IDBDatabase.h: Removed include of Dictionary.h. * Modules/indexeddb/IDBObjectStore.cpp: Added include of HeapInlines.h. * Modules/indexeddb/IDBRequest.cpp: Added include of StrongInlines.h. * Modules/indexeddb/IDBTransaction.cpp: Added include of SerializedScriptValue.h. * Modules/mediastream/MediaStreamTrack.cpp: (WebCore::MediaStreamTrack::getConstraints): Deleted. This function is implemented entirely in the bindings layer. * Modules/mediastream/MediaStreamTrack.h: Removed getConstraints. * Modules/mediastream/MediaTrackConstraint.cpp: Removed. * Modules/mediastream/MediaTrackConstraint.h: Removed. * Modules/mediastream/MediaTrackConstraint.idl: Removed. * Modules/mediastream/MediaTrackConstraintSet.cpp: Removed. * Modules/mediastream/MediaTrackConstraintSet.h: Removed. * Modules/mediastream/MediaTrackConstraintSet.idl: Removed. * Modules/mediastream/MediaTrackConstraints.cpp: Removed. * Modules/mediastream/MediaTrackConstraints.h: Removed. * Modules/mediastream/MediaTrackConstraints.idl: Removed. * Modules/mediastream/NavigatorUserMedia.idl: Use the type names from the latest getUserMedia specification for the arguments to webkitGetUserMedia; not sure they are precisely correct for this legacy function, but since this is a JSBuiltin, it's all ignored anyway. Just important not to call anything "Dictionary". * WebCore.xcodeproj/project.pbxproj: Removed MediaTrackConstraint, MediaTrackConstraintSet, and MediaTrackConstraints. * bindings/js/JSApplePaySessionCustom.cpp: (WebCore::JSApplePaySession::completeShippingMethodSelection): Use uncheckedArgument, since the code explicitly checks the number of arguments. (WebCore::JSApplePaySession::completeShippingContactSelection): Ditto. (WebCore::JSApplePaySession::completePaymentMethodSelection): Ditto. * bindings/js/JSFontFaceCustom.cpp: Removed include of Dictionary.h. * dom/Document.cpp: Ditto. * dom/Element.cpp: Ditto. * dom/Element.h: Removed forward declaration of Dictionary. 2016-12-06 Wenson Hsieh <wenson_hsieh@apple.com> After preventing a beforeinput event, an input event is fired when formatting rich text https://bugs.webkit.org/show_bug.cgi?id=165435 <rdar://problem/29522314> Reviewed by Ryosuke Niwa. This regressed after I refactored some input event event dispatch logic when formatting text in r208461. I moved the logic for dispatching input events when applying styles into Editor::applyStyle, but left out an early return after firing the beforeinput event if the default behavior was prevented, which caused us to continue on and dispatch an input event. The fix is to bail from applyStyle if default was prevented. Augmented an existing layout test to cover this case. * editing/Editor.cpp: (WebCore::Editor::applyStyle): (WebCore::Editor::applyParagraphStyle): 2016-12-06 Antoine Quint <graouts@apple.com> [Modern Media Controls] Instantiate iOS media controls https://bugs.webkit.org/show_bug.cgi?id=165498 Reviewed by Dean Jackson. Add support for the modern media controls runtime flags in RenderThemeIOS and, when instantiating iOS controls, return an IOSInlineMediaControls class. * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._controlsClass): (MediaController): * rendering/RenderThemeIOS.h: * rendering/RenderThemeIOS.mm: (WebCore::RenderThemeIOS::mediaControlsStyleSheet): (WebCore::RenderThemeIOS::mediaControlsScript): (WebCore::RenderThemeIOS::mediaControlsBase64StringForIconAndPlatform): 2016-12-06 Dean Jackson <dino@apple.com> Apply styling to media documents with modern controls https://bugs.webkit.org/show_bug.cgi?id=165499 <rdar://problems/29543847> Reviewed by Antoine Quint. Existing MediaDocuments got styling from the injected style sheet, which had rules for such documents. The modern media controls use a scoped style rule, so we can't touch the document style. Instead, inline the style directly from MediaDocument. Test: media/modern-media-controls/media-documents/background-color-and-centering.html * html/MediaDocument.cpp: (WebCore::MediaDocumentParser::createDocumentStructure): 2016-12-06 Zalan Bujtas <zalan@apple.com> Move RenderElement::rendererForRootBackground to RenderView. https://bugs.webkit.org/show_bug.cgi?id=165454 Reviewed by Simon Fraser. Currently RenderElement::rendererForRootBackground can only be called on document element's renderer. This patch removes this limitation and moves the functionality from RenderElement to RenderView. No change in functionality. * page/FrameView.cpp: (WebCore::FrameView::calculateExtendedBackgroundMode): * rendering/RenderBox.cpp: (WebCore::RenderBox::paintRootBoxFillLayers): * rendering/RenderElement.cpp: (WebCore::RenderElement::rendererForRootBackground): Deleted. * rendering/RenderElement.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::rendererBackgroundColor): * rendering/RenderView.cpp: (WebCore::RenderView::rendererForRootBackground): (WebCore::rendererObscuresBackground): (WebCore::RenderView::paintBoxDecorations): (WebCore::RenderView::rootBackgroundIsEntirelyFixed): * rendering/RenderView.h: 2016-12-05 Jiewen Tan <jiewen_tan@apple.com> [Part 1 of 2] Add support for SPKI format while doing SubtleCrypto.importKey/exportKey https://bugs.webkit.org/show_bug.cgi?id=129978 <rdar://problem/21799829> This is part 1 of Bug 129978. In this patch, it adds the SPKI format support for SubtleCrypto.importKey/exportKey. Currently support algorithms are RSAES-PKCS1-v1_5, RSASSA-PKCS1-v1_5 and RSA-OAEP. Reviewed by Brent Fulgham. Tests: crypto/subtle/rsa-import-jwk-key-export-spki-key.html crypto/subtle/rsa-import-spki-key-export-jwk-key.html crypto/subtle/rsa-import-spki-key-export-spki-key.html crypto/subtle/rsa-import-spki-small-key.html crypto/subtle/rsa-oaep-generate-export-key-spki.html crypto/subtle/rsa-oaep-import-spki-key.html crypto/subtle/rsaes-pkcs1-v1_5-generate-export-key-spki.html crypto/subtle/rsaes-pkcs1-v1_5-import-spki-key.html crypto/subtle/rsassa-pkcs1-v1_5-generate-export-key-spki.html crypto/subtle/rsassa-pkcs1-v1_5-import-spki-key.html crypto/workers/subtle/rsa-export-spki-key.html crypto/workers/subtle/rsa-import-spki-key.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::toKeyData): * crypto/CommonCryptoUtilities.h: * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::importKey): (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::exportKey): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::importKey): (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::exportKey): * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::importKey): (WebCore::CryptoAlgorithmRSA_OAEP::exportKey): * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp: (WebCore::CryptoKeyRSA::importSpki): (WebCore::CryptoKeyRSA::exportSpki): * crypto/keys/CryptoKeyRSA.h: * crypto/mac/CryptoKeyRSAMac.cpp: (WebCore::bytesUsedToEncodedLength): (WebCore::bytesNeededForEncodedLength): (WebCore::addEncodedASN1Length): (WebCore::CryptoKeyRSA::importSpki): (WebCore::CryptoKeyRSA::exportSpki): 2016-12-06 Simon Fraser <simon.fraser@apple.com> Fix editing text flakiness introduced in r209411 https://bugs.webkit.org/show_bug.cgi?id=165500 Reviewed by Dean Jackson. The "insideFixed" out param was left uninitialized sometimes. This affected FrameSelection's m_caretInsidePositionFixed, which caused problems in these tests. Tested by editing tests in WK1. * editing/htmlediting.cpp: (WebCore::absoluteBoundsForLocalCaretRect): 2016-12-06 Alexey Proskuryakov <ap@apple.com> Correct SDKROOT values in xcconfig files https://bugs.webkit.org/show_bug.cgi?id=165487 rdar://problem/29539209 Reviewed by Dan Bernstein. Fix suggested by Dan Bernstein. * Configurations/DebugRelease.xcconfig: 2016-12-06 Saam Barati <sbarati@apple.com> Remove old Wasm object model https://bugs.webkit.org/show_bug.cgi?id=165481 Reviewed by Keith Miller and Mark Lam. * testing/Internals.cpp: (WebCore::Internals::parserMetaData): 2016-12-06 Antoine Quint <graouts@apple.com> [Modern Media Controls] Media controls use the fullscreen layout after going from inline to fullscreen to PiP to inline https://bugs.webkit.org/show_bug.cgi?id=165494 Reviewed by Dean Jackson. We would only call _updateControlsIfNeeded() when entering or leaving fullscreen, so we going from fullscreen to PiP to inline would retain fullscreen controls since we would not check for the event that indicates we went back from PiP to inline. On platforms that support it, we listen to the "webkitpresentationmodechanged" event to update the controls, and only "webkitfullscreenchange" on others (ie. Yosemite). Test: media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline.html * Modules/modern-media-controls/media/media-controller.js: (MediaController): (MediaController.prototype.handleEvent): (MediaController.prototype._returnMediaLayerToInlineIfNeeded): 2016-12-06 Antoine Quint <graouts@apple.com> [Modern Media Controls] Rendering issues with controls bar when captions are on https://bugs.webkit.org/show_bug.cgi?id=165390 Reviewed by Dean Jackson. We would face some layout issues with captions due to RenderImage::layoutShadowControls() expecting a single RenderBox in the media controls shadow root, which was the case with legacy media controls, but no longer the case with modern media controls. We now host both the captions and the media controls elements under a single container, and add an asertion in RenderImage to check that a single RenderBox child exists. Test: media/modern-media-controls/media-controller/media-controller-single-container.html * Modules/modern-media-controls/controls/media-controls.css: (.media-controls-container): (.media-controls-container,): (.media-controls-container > *): (.media-controls): * Modules/modern-media-controls/controls/text-tracks.css: (video::-webkit-media-text-track-container): * Modules/modern-media-controls/media/media-controller.js: (MediaController): (MediaController.prototype._updateControlsIfNeeded): * rendering/RenderImage.cpp: (WebCore::RenderImage::layoutShadowControls): 2016-12-06 Antoine Quint <graouts@apple.com> [Modern Media Controls] Automatically hide the controls bar when the mouse is idle https://bugs.webkit.org/show_bug.cgi?id=165492 Reviewed by Dean Jackson. We now automatically hide the controls bar. When the media is no longer paused, the controls remain visible for 4 seconds, regardless of where the mouse pointer is located. When the user mouses over the media, the controls become visible and automatically hide 4 seconds after the last time the user has moved his mouse over the media. When the user mouses out of the media, the controls automatically hide. When the mouse is over the controls bar, it remains visible. When the media is paused, the controls bar remain visible regardless of the mouse position. Tests: media/modern-media-controls/media-controller/media-controller-auto-hide-mouse-enter-and-mouse-leave.html media/modern-media-controls/media-controller/media-controller-auto-hide-mouse-enter-over-controls-bar.html media/modern-media-controls/media-controller/media-controller-auto-hide-mouse-leave-after-play.html media/modern-media-controls/media-controller/media-controller-auto-hide-pause.html media/modern-media-controls/media-controller/media-controller-auto-hide-rewind-with-mouse-enter.html media/modern-media-controls/media-controller/media-controller-auto-hide.html * Modules/modern-media-controls/controls/controls-bar.css: Added. (.controls-bar): (.controls-bar.faded): * Modules/modern-media-controls/controls/controls-bar.js: (ControlsBar.prototype.get userInteractionEnabled): (ControlsBar.prototype.set userInteractionEnabled): (ControlsBar.prototype.get fadesWhileIdle): (ControlsBar.prototype.set fadesWhileIdle): (ControlsBar.prototype.get visible): (ControlsBar.prototype.set visible): (ControlsBar.prototype.get faded): (ControlsBar.prototype.set faded): (ControlsBar.prototype.handleEvent): (ControlsBar.prototype.commitProperty): (ControlsBar.prototype._cancelAutoHideTimer): (ControlsBar.prototype._rewindAutoHideTimer): (ControlsBar.prototype._autoHideTimerFired): * Modules/modern-media-controls/controls/media-controls.js: * Modules/modern-media-controls/media/controls-visibility-support.js: (ControlsVisibilitySupport.prototype.get mediaEvents): (ControlsVisibilitySupport.prototype.syncControl): (ControlsVisibilitySupport): * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._updateControlsIfNeeded): 2016-12-06 Zalan Bujtas <zalan@apple.com> Can not select whole line when using flexbox https://bugs.webkit.org/show_bug.cgi?id=165299 Reviewed by David Hyatt. RootInlineBox::selectionTopAdjustedForPrecedingBlock assumes that the preceding block is always above the current line. However in certain layout contexts (flex as an example) the block before could just be on the same line as the current one. This patch checks if we actually need to adjust the selection top to avoid vertical selection overlap. Test: fast/flexbox/flexbox-fail-to-select-same-line.html * rendering/RenderBlock.cpp: (WebCore::RenderBlock::blockBeforeWithinSelectionRoot): Deleted. * rendering/RenderBlock.h: * rendering/RootInlineBox.cpp: (WebCore::blockBeforeWithinSelectionRoot): (WebCore::RootInlineBox::selectionTopAdjustedForPrecedingBlock): 2016-12-06 Ryosuke Niwa <rniwa@webkit.org> Add more assertions to ElementQueue diagnose a bug https://bugs.webkit.org/show_bug.cgi?id=164814 Reviewed by Alexey Proskuryakov. Set m_invoking in release builds now that assertions are also run in release builds. * dom/CustomElementReactionQueue.cpp: (WebCore::CustomElementReactionStack::ElementQueue::invokeAll): 2016-12-06 Jer Noble <jer.noble@apple.com> YouTube sometimes pauses when switching tabs https://bugs.webkit.org/show_bug.cgi?id=165468 Reviewed by Eric Carlson. Test: media/media-session-restrictions.html The bitfield which represents the restrictions for "VideoAudio" media type was unititialized, leading to what was effectively a random set of restrictions at runtime. * platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::resetRestrictions): * testing/Internals.cpp: (WebCore::mediaTypeFromString): (WebCore::Internals::setMediaSessionRestrictions): (WebCore::Internals::mediaSessionRestrictions): * testing/Internals.h: * testing/Internals.idl: 2016-12-06 Mark Lam <mark.lam@apple.com> Introduce the concept of Immutable Prototype Exotic Objects to comply with the spec. https://bugs.webkit.org/show_bug.cgi?id=165227 <rdar://problem/29442665> Reviewed by Saam Barati. Make all objects in window.__proto__'s prototype chain immutable prototype exotic objects. This gives us roughly equivalent behavior to other browsers. Firefox's behavior differ slightly in that Firefox will fail any attempted assignment their __proto__, while the immutable prototype exotic objects will only fail if the assignment is of a different value. See https://tc39.github.io/ecma262/#sec-immutable-prototype-exotic-objects. Chrome differs in that assignment to window.__proto__ is also handled like an immutable prototype exotic object. Instead we adhere to the current HTML spec that says that the assignment should fail unconditionally. See https://html.spec.whatwg.org/#the-windowproxy-exotic-object and https://html.spec.whatwg.org/#windowproxy-setprototypeof. If the HTML spec is changed to make the WindowProxy and Location objects into immutable prototype exotic objects later, we can update to match the spec then. Test: js/prototype-assignment.html * bindings/js/JSDOMWindowProperties.h: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GeneratePrototypeDeclaration): * bindings/scripts/IDLAttributes.txt: * dom/EventTarget.idl: * page/DOMWindow.idl: 2016-12-06 Andreas Kling <akling@apple.com> [Cocoa] Add some memory usage related information to sysdiagnose state dumps <https://webkit.org/b/165375> <rdar://problem/29057243> Reviewed by Darin Adler. Follow-up to address two more review comments. * page/PerformanceLogging.cpp: (WebCore::PerformanceLogging::javaScriptObjectCounts): Use WTFMove() when returning the HashCountedSet to avoid making an extra copy. 2016-12-06 Dave Hyatt <hyatt@apple.com> REGRESSION (Safari 10): Scrolling not working inside height 100% table https://bugs.webkit.org/show_bug.cgi?id=164366 <rdar://problem/29095535> Reviewed by Zalan Bujtas. Added fast/table/overflow-percent-height-regression.html * rendering/RenderBox.cpp: (WebCore::RenderBox::computePercentageLogicalHeight): This patch wasn't merged correctly from Blink. The value returned needed to be 0, not unset. 2016-12-06 Sam Weinig <sam@webkit.org> REGRESSION: media/track LayoutTests are flaky failures https://bugs.webkit.org/show_bug.cgi?id=165432 Reviewed by Antoine Quint. RenderThemeMac was caching the media controls script / style sheets and not being invalidated when the RuntimeEnabledFeatures changed. So, we can just cache both. * bindings/generic/RuntimeEnabledFeatures.h: Initialize m_areModernMediaControlsEnabled to false. * rendering/RenderThemeMac.h: * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::mediaControlsStyleSheet): (WebCore::RenderThemeMac::mediaControlsScript): Have separate caches for the modern and legacy media control scripts/style sheets. 2016-12-06 Sam Weinig <sam@webkit.org> DumpRenderTree crashed in com.apple.WebCore: WebCore::MockMediaEndpoint::generateDtlsInfo const + 23 https://bugs.webkit.org/show_bug.cgi?id=165486 <rdar://problem/29149588> Reviewed by Tim Horton. The MockMediaEndpoint can be destroyed before the task created in MockMediaEndpoint::generateDtlsInfo() gets a chance to run, so guard it with a weak pointer. * platform/mock/MockMediaEndpoint.cpp: (WebCore::MockMediaEndpoint::MockMediaEndpoint): (WebCore::MockMediaEndpoint::generateDtlsInfo): * platform/mock/MockMediaEndpoint.h: 2016-12-06 Chris Dumez <cdumez@apple.com> Add HTML interactive form validation blacklist for some WebKit-specific sites https://bugs.webkit.org/show_bug.cgi?id=165470 <rdar://problem/29509424> Reviewed by Simon Fraser. Add HTML interactive form validation blacklist for some WebKit-specific sites expecting our old behavior, until they get a chance to be updated. * html/HTMLFormElement.cpp: (WebCore::isURLBlacklistedForInteractiveFormValidation): (WebCore::HTMLFormElement::prepareForSubmission): 2016-12-06 Chris Dumez <cdumez@apple.com> Unreviewed, rollout r209050. This change may impact other popovers than the HTML validation one. The previous code is safer. * platform/ValidationBubble.h: * platform/ios/ValidationBubbleIOS.mm: (-[WebValidationBubbleDelegate adaptivePresentationStyleForPresentationController:traitCollection:]): (WebCore::ValidationBubble::setAnchorRect): * platform/spi/ios/UIKitSPI.h: 2016-12-05 Simon Fraser <simon.fraser@apple.com> Improve the behavior of scroll-into-view when the target is inside position:fixed https://bugs.webkit.org/show_bug.cgi?id=165354 Reviewed by Zalan Bujtas. The existing RenderLayer::scrollRectToVisible() code paid no heed to whether the target was inside position:fixed, resulting in unwanted scrolls. Fix this by plumbing through from the call sites a "insideFixed" flag which we get when we call localToAbsolute(), and use this flag to avoid scrolling at all if unzoomed. If zoomed and we're focussing something inside position:fixed, and if visual viewports are enabled, we can compute the visual viewport required to reveal the target rect, which gives us the ideal scroll position. Fix a bug on non-iOS platforms when zoomed, which is to scale the viewRect since frameView.visibleContentRect() gives an unscaled rect on those platforms. Not all callers of scrollRectToVisible() are fixed, but those that are not will get the current behavior. Tests: fast/overflow/scroll-anchor-in-position-fixed.html fast/visual-viewport/zoomed-scroll-into-view-fixed.html fast/visual-viewport/zoomed-scroll-to-anchor-in-position-fixed.html * dom/Element.cpp: (WebCore::Element::scrollIntoView): (WebCore::Element::scrollIntoViewIfNeeded): (WebCore::Element::scrollIntoViewIfNotVisible): (WebCore::Element::updateFocusAppearance): * editing/FrameSelection.cpp: (WebCore::FrameSelection::FrameSelection): (WebCore::FrameSelection::absoluteCaretBounds): (WebCore::FrameSelection::recomputeCaretRect): (WebCore::FrameSelection::revealSelection): * editing/FrameSelection.h: * editing/VisiblePosition.cpp: (WebCore::VisiblePosition::absoluteCaretBounds): * editing/VisiblePosition.h: * editing/htmlediting.cpp: (WebCore::absoluteBoundsForLocalCaretRect): * editing/htmlediting.h: * page/FrameView.cpp: (WebCore::FrameView::scrollElementToRect): (WebCore::FrameView::scrollToAnchor): * page/PrintContext.cpp: (WebCore::PrintContext::outputLinkedDestinations): * rendering/RenderElement.cpp: (WebCore::RenderElement::getLeadingCorner): (WebCore::RenderElement::getTrailingCorner): (WebCore::RenderElement::absoluteAnchorRect): (WebCore::RenderElement::anchorRect): Deleted. * rendering/RenderElement.h: * rendering/RenderLayer.cpp: (WebCore::RenderLayer::scrollRectToVisible): (WebCore::RenderLayer::getRectToExpose): (WebCore::RenderLayer::autoscroll): * rendering/RenderLayer.h: * rendering/RenderObject.cpp: (WebCore::RenderObject::scrollRectToVisible): * rendering/RenderObject.h: 2016-12-06 Myles C. Maxfield <mmaxfield@apple.com> [Cocoa] REGRESSION(r205396): Intermediate CTRuns with initial advances get double counted when glyph origins are enabled https://bugs.webkit.org/show_bug.cgi?id=165084 Reviewed by Simon Fraser. When glyph origins are not enabled, an intermediate CTRun's initial advance is simply added to the previous glyph's advance. However, when glyph origins are enabled, this shouldn't occur. Test: fast/text/initial-advance-in-intermediate-run-complex.html * platform/graphics/mac/ComplexTextController.cpp: (WebCore::ComplexTextController::adjustGlyphsAndAdvances): 2016-12-06 Simon Fraser <simon.fraser@apple.com> Enable visual viewports by default on Mac, and iOS Wk2 https://bugs.webkit.org/show_bug.cgi?id=165452 Reviewed by Zalan Bujtas. Some tests revealed an issue where, during scrollbar updates, the visual viewport would be 15px wider than the layout viewport, which results in the layout viewport shifting 15px to the right. Prevent this by disallowing viewport updates during the AdjustViewSize phase; we'll be called again in postLayoutTasks. * page/FrameView.cpp: (WebCore::FrameView::updateLayoutViewport): 2016-12-06 Daniel Bates <dabates@apple.com> Cleanup: Rename some HTTP 0.9-specific functions to conform to WebKit Code Style Guidelines https://bugs.webkit.org/show_bug.cgi?id=165451 Reviewed by Alex Christensen. Rename Document::shouldEnforceHTTP0_9Sandbox() and ResourceResponseBase::isHttpVersion0_9() to Document::shouldEnforceHTTP09Sandbox() and ResourceResponseBase::isHTTP09, respectively, to conform to the WebKit Code Style Guidelines. * dom/Document.cpp: (WebCore::Document::initSecurityContext): (WebCore::Document::shouldEnforceHTTP09Sandbox): Renamed; formerly named shouldEnforceHTTP0_9Sandbox * dom/Document.h: * platform/network/ResourceHandle.cpp: (WebCore::ResourceHandle::didReceiveResponse): * platform/network/ResourceResponseBase.cpp: (WebCore::ResourceResponseBase::isHTTP09): Renamed; formerly named isHttpVersion0_9. * platform/network/ResourceResponseBase.h: 2016-12-06 Daniel Bates <dabates@apple.com> Use Vector::uncheckedAppend() in more places https://bugs.webkit.org/show_bug.cgi?id=164952 Reviewed by Darin Adler. We can use Vector::uncheckedAppend() whenever the number of items that will be appended to a vector is equal to or less than its capacity. Using Vector::uncheckedAppend() is more efficient than Vector::append() as it avoids checking the capacity of the vector before appending a value to the end of it. * bindings/js/SerializedScriptValue.cpp: (WebCore::SerializedScriptValue::SerializedScriptValue): * contentextensions/DFABytecodeCompiler.cpp: (WebCore::ContentExtensions::DFABytecodeCompiler::extractJumpTable): * contentextensions/DFAMinimizer.cpp: * css/StyleProperties.cpp: (WebCore::StyleProperties::copyPropertiesInSet): Use Vector::uncheckedAppend() and inline the assignment of the temporary variable value into the if condition to limit its scope as it is referenced exactly once in the loop body. * css/StyleRule.cpp: (WebCore::StyleRuleGroup::StyleRuleGroup): Use Vector::uncheckedAppend() and write for-loop using a C++11 range-based for-loop. * css/parser/CSSParserValues.cpp: (WebCore::CSSParserSelector::setLangArgumentList): * cssjit/SelectorCompiler.cpp: (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChildOf): * dom/DocumentMarkerController.cpp: (WebCore::updateRenderedRectsForMarker): * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm: (WebCore::convertToLayoutUnits): * platform/audio/AudioBus.cpp: (WebCore::AudioBus::AudioBus): * platform/graphics/FontCache.cpp: (WebCore::FontCache::purgeInactiveFontData): * platform/graphics/PathUtilities.cpp: (WebCore::polygonsForRect): * platform/mediastream/CaptureDeviceManager.cpp: (CaptureDeviceManager::bestSourcesForTypeAndConstraints): * platform/mediastream/RealtimeMediaSource.cpp: (WebCore::RealtimeMediaSource::fitnessDistance): * platform/network/cf/FormDataStreamCFNet.cpp: (WebCore::formCreate): 2016-12-04 Darin Adler <darin@apple.com> Use ASCIICType more, and improve it a little bit https://bugs.webkit.org/show_bug.cgi?id=165360 Reviewed by Sam Weinig. * css/CSSGrammar.y.in: Use isASCIIDigit. * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseFontFaceUnicodeRange): Use isASCIIHexDigit and toASCIIHexValue. (WebCore::isEqualToCSSIdentifier): Use isASCIILower. * html/FormController.cpp: (WebCore::isNotFormControlTypeCharacter): Use isASCIILower. * html/parser/CSSPreloadScanner.cpp: (WebCore::CSSPreloadScanner::tokenize): Use isASCIIAlpha. * platform/Decimal.cpp: (WebCore::Decimal::fromString): Use isASCIIDigit. * platform/FileSystem.cpp: (WebCore::decodeFromFilename): Use isASCIIHexDigit and toASCIIHexValue. * platform/URL.cpp: (WebCore::isLetterMatchIgnoringCase): Deleted. (WebCore::isSchemeCharacterMatchIgnoringCase): Deleted. (WebCore::assertProtocolIsGood): Use isASCIIUpper. (WebCore::URL::protocolIs): Use isASCIIAlphaCaselessEqual. (WebCore::URL::parse): Ditto. (WebCore::protocolIs): Ditto. (WebCore::protocolIsInHTTPFamily): Ditto. * platform/URLParser.cpp: (WeCore::URLParser::parseIPv4Piece): Use isASCIIDigit. * platform/mac/WebCoreNSURLExtras.mm: (WebCore::isRussianDomainNameCharacter): Use isASCIIDigit. (WebCore::allCharactersAllowedByTLDRules): Ditto. (WebCore::dataWithUserTypedString): Use upperNibbleToASCIIHexDigit and lowerNibbleToASCIIHexDigit. (WebCore::dataForURLComponentType): Ditto. (WebCore::createStringWithEscapedUnsafeCharacters): Ditto. (WebCore::userVisibleString): Use isASCIIHexDigit, toASCIIHexValue, upperNibbleToASCIIHexDigit, and lowerNibbleToASCIIHexDigit. (WebCore::isUserVisibleURL): Use isASCIIHexDigit and toASCIIHexValue. * platform/network/FormDataBuilder.cpp: (WebCore::FormDataBuilder::encodeStringAsFormData): Use isASCIIAlphanumeric. * rendering/mathml/RenderMathMLToken.cpp: (WebCore::mathVariant): Use isASCIIUpper, isASCIILower, and isASCIIDigit. * svg/SVGParserUtilities.cpp: (WebCore::genericParseNumber): Use isASCIIDigit. * svg/SVGPathStringSource.cpp: (WebCore::nextCommandHelper): Ditto. * xml/XPathParser.cpp: (WebCore::XPath::Parser::lexNumber): Ditto. (WebCore::XPath::Parser::nextTokenInternal): Ditto. 2016-12-06 Ryan Haddad <ryanhaddad@apple.com> Rebaseline bindings tests after r209390. Unreviewed test gardening. * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::convertDictionaryToJS): * bindings/scripts/test/JS/JSTestObj.h: 2016-12-06 Tim Horton <timothy_horton@apple.com> PDF markup/annotations visible in Mail on macOS but not on iOS https://bugs.webkit.org/show_bug.cgi?id=165444 <rdar://problem/28942896> Reviewed by Simon Fraser. No new tests, but enabled an existing test for this feature. * platform/graphics/cg/PDFDocumentImage.cpp: (WebCore::PDFDocumentImage::drawPDFPage): * platform/spi/cg/CoreGraphicsSPI.h: Make use of CGContextDrawPDFPageWithAnnotations where available, to paint the page with annotations. 2016-12-06 Dave Hyatt <hyatt@apple.com> [CSS Parser] Turn on the new CSS parser https://bugs.webkit.org/show_bug.cgi?id=165213 Reviewed by Zalan Bujtas. * page/Settings.in: 2016-12-06 Dan Bernstein <mitz@apple.com> Tried to fix the USE(APPLE_INTERNAL_SDK) build after r209385. * platform/spi/cocoa/NSTouchBarSPI.h: 2016-12-05 Jer Noble <jer.noble@apple.com> [pointer-lock] Cursor should become visible when exiting pointer-lock via ESC key. https://bugs.webkit.org/show_bug.cgi?id=165377 Reviewed by Darin Adler. Introduce the concept of "force cursor to become visible" when requesting the pointer be unlocked. ESC events will cause the pointer to become visible, while normal key events will not. * page/EventHandler.cpp: (WebCore::EventHandler::keyEvent): * page/PointerLockController.cpp: (WebCore::PointerLockController::requestPointerUnlock): (WebCore::PointerLockController::requestPointerUnlockAndForceCursorVisible): (WebCore::PointerLockController::documentDetached): (WebCore::PointerLockController::didLosePointerLock): * page/PointerLockController.h: Drive-by fix: apply Darin's feedback to existing functions: * dom/Document.cpp: (WebCore::Document::prepareForDestruction): * dom/Element.cpp: (WebCore::Element::removedFrom): * page/PointerLockController.cpp: (WebCore::PointerLockController::elementRemoved): (WebCore::PointerLockController::documentDetached): 2016-12-06 Sam Weinig <sam@webkit.org> [WebIDL] Add support for converting dictionaries to JS https://bugs.webkit.org/show_bug.cgi?id=165367 Reviewed by Darin Adler and Alex Christensen. - Adds support for converting dictionary types to JSValues via JSDOMConvert. - Adopts that functionality to correct the CryptoKeyPair implementation, which is supposed to be a dictionary. (While doing this, I also update places that were passing both a CryptoKey and CryptoKeyPair to use a Variant, since they always only wanted one.) - Re-works DOMPromise and DeferredPromise to be based on JSDOMConvert and IDLTypes. * CMakeLists.txt: * PlatformEfl.cmake: * PlatformGTK.cmake: * PlatformMac.cmake: * WebCore.xcodeproj/project.pbxproj: Remove JSCryptoKeyPairCustom.cpp and CryptoKeyPair.cpp. * Modules/encryptedmedia/legacy/WebKitMediaKeys.cpp: * Modules/mediasource/MediaSource.cpp: * Modules/mediasource/SourceBuffer.cpp: * bindings/js/JSMediaDevicesCustom.cpp: * html/MediaController.cpp: * html/track/TextTrack.cpp: Add some missing includes. * Modules/applepay/ApplePaySession.cpp: (WebCore::ApplePaySession::canMakePaymentsWithActiveCard): (WebCore::ApplePaySession::openPaymentSetup): * Modules/fetch/FetchBody.cpp: (WebCore::FetchBody::text): (WebCore::FetchBody::consume): (WebCore::FetchBody::loadingFailed): * Modules/fetch/FetchBodyConsumer.cpp: (WebCore::FetchBodyConsumer::resolveWithData): (WebCore::FetchBodyConsumer::resolve): * Modules/fetch/FetchBodyOwner.cpp: (WebCore::FetchBodyOwner::blob): (WebCore::FetchBodyOwner::formData): (WebCore::FetchBodyOwner::text): * Modules/fetch/FetchResponse.h: * Modules/mediastream/MediaDevices.h: * Modules/mediastream/MediaEndpointPeerConnection.cpp: (WebCore::MediaEndpointPeerConnection::replaceTrack): (WebCore::MediaEndpointPeerConnection::replaceTrackTask): * Modules/mediastream/MediaEndpointPeerConnection.h: * Modules/mediastream/MediaStreamTrack.cpp: (WebCore::MediaStreamTrack::applyConstraints): * Modules/mediastream/PeerConnectionBackend.cpp: (WebCore::PeerConnectionBackend::setLocalDescription): (WebCore::PeerConnectionBackend::setRemoteDescription): (WebCore::PeerConnectionBackend::addIceCandidate): * Modules/mediastream/PeerConnectionBackend.h: * Modules/mediastream/RTCPeerConnection.cpp: (WebCore::RTCPeerConnection::queuedSetLocalDescription): (WebCore::RTCPeerConnection::queuedSetRemoteDescription): (WebCore::RTCPeerConnection::queuedAddIceCandidate): (WebCore::RTCPeerConnection::replaceTrack): * Modules/mediastream/RTCPeerConnection.h: * Modules/mediastream/RTCRtpSender.cpp: (WebCore::RTCRtpSender::replaceTrack): * Modules/mediastream/RTCRtpSender.h: * Modules/mediastream/UserMediaRequest.cpp: (WebCore::UserMediaRequest::deny): * Modules/webaudio/AudioContext.cpp: (WebCore::AudioContext::suspend): (WebCore::AudioContext::resume): * bindings/js/JSCustomElementRegistryCustom.cpp: (WebCore::whenDefinedPromise): * bindings/js/ScriptModuleLoader.cpp: (WebCore::ScriptModuleLoader::resolve): (WebCore::ScriptModuleLoader::notifyFinished): * css/FontFace.h: * css/FontFaceSet.cpp: (WebCore::FontFaceSet::load): * css/FontFaceSet.h: * dom/CustomElementRegistry.cpp: (WebCore::CustomElementRegistry::addElementDefinition): * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::rejectPendingPlayPromises): * html/HTMLMediaElement.h: Update to use new IDLType based promises. * bindings/generic/IDLTypes.h: Add a new type, ParameterType, to use as the parameter to DOMPromise/DeferredPromise. * bindings/js/JSCryptoKeyPairCustom.cpp: Removed. * bindings/js/JSDOMConvert.h: (WebCore::JSConverter<IDLDictionary<T>>::convert): Add JSConverter specialization for IDLDictionary. Have it simply forward to a generated convertDictionaryToJS function, following the convention set in place by IDLEnumeration. * bindings/js/JSDOMPromise.cpp: * bindings/js/JSDOMPromise.h: Re-write to be based on IDLTypes and JSDOMConvert, simplifying the implementation. * bindings/js/JSSubtleCryptoCustom.cpp: * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Update for variant based KeyOrKeyPair. * bindings/scripts/CodeGeneratorJS.pm: (GenerateDictionaryHeaderContent): (GenerateDictionaryImplementationContent): Add generation of the convertDictionaryToJS function. I made it require the JSGenerateToJSObject extended attribute for now, as the majority of dictionaries do not need this code generated for them. * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::convertDictionaryToJS): * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/TestObj.idl: Add JSGenerateToJSObject to a dictionary to test generation in bindings tests. * crypto/CryptoAlgorithm.h: Change KeyOrKeyPairCallback to take a Variant<RefPtr<CryptoKey>, CryptoKeyPair>, rather than two separate arguments. * crypto/CryptoKeyPair.cpp: Removed. * crypto/CryptoKeyPair.h: Convert to a struct. * crypto/CryptoKeyPair.idl: Convert to a dictionary. * crypto/algorithms/CryptoAlgorithmAES_CBC.cpp: (WebCore::CryptoAlgorithmAES_CBC::generateKey): * crypto/algorithms/CryptoAlgorithmAES_KW.cpp: (WebCore::CryptoAlgorithmAES_KW::generateKey): * crypto/algorithms/CryptoAlgorithmHMAC.cpp: (WebCore::CryptoAlgorithmHMAC::generateKey): * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey): * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::generateKey): * crypto/keys/CryptoKeyRSA.h: * crypto/mac/CryptoKeyRSAMac.cpp: (WebCore::CryptoKeyRSA::generatePair): Update for new signature of KeyOrKeyPairCallback. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Reject invalid hex colors on the fast path https://bugs.webkit.org/show_bug.cgi?id=165461 Reviewed by Zalan Bujtas. * css/parser/CSSParserFastPaths.cpp: (WebCore::fastParseColorInternal): Make sure to check for success. There was even a FIXME in the code about this! Matches our old parser's behavior. 2016-12-05 Antoine Quint <graouts@apple.com> [Modern Media Controls] Controls bar in fullscreen cannot be dragged https://bugs.webkit.org/show_bug.cgi?id=165448 Reviewed by Simon Fraser. We weren't listening to mousemove and mouseup events on the right event target, window in the context of a fullscreen shadow root makes no sense. We now listen to those events on the media controls, which we size to fit the whole of the media element's bounds. We then apply a transform to the controls bar to apply the dragging distance. Test: media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-drag.html * Modules/modern-media-controls/controls/controls-bar.js: (ControlsBar.prototype.get translation): (ControlsBar.prototype.set translation): (ControlsBar.prototype.commitProperty): (ControlsBar): Deleted. * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: (.media-controls.mac.fullscreen): (.media-controls.mac.fullscreen > .controls-bar): * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js: (MacOSFullscreenMediaControls.prototype._handleMousedown): (MacOSFullscreenMediaControls.prototype._handleMousemove): (MacOSFullscreenMediaControls.prototype._handleMouseup): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Allow calc in SVG attributes https://bugs.webkit.org/show_bug.cgi?id=165459 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::consumeLength): 2016-12-05 Brady Eidson <beidson@apple.com> Build fix followup to r209379: STP 19 fails to launch on 16B255 https://bugs.webkit.org/show_bug.cgi?id=165388 -and corresponding- rdar://problem/29514476 Rubberstamped by Tim Horton. No new tests (No behavior change). * platform/spi/cocoa/NSTouchBarSPI.h: Strategically relocate NS_ASSUME_NONNULL* macros. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure the SVGPaint URI and currentColor style still paints using the URI https://bugs.webkit.org/show_bug.cgi?id=165457 Reviewed by Zalan Bujtas. * rendering/svg/SVGResources.cpp: (WebCore::paintingResourceFromSVGPaint): Add support for this paint type. The old parser doesn't use it. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix dashboard region parsing https://bugs.webkit.org/show_bug.cgi?id=165456 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeWebkitDashboardRegion): Make sure to reject whitespace by itself as well as unclosed dashboard-region functions. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Properly reject large numeric values https://bugs.webkit.org/show_bug.cgi?id=165455 Reviewed by Zalan Bujtas. The new parser clamped numeric values in both the slow and fast paths to the max and min float values. The old parser simply allowed the values to be inf, and then had std::isinf checks to reject. Blink rejects also even though it clamps, but I could not discern the mechanism by which they did so. Therefore I am changing the new parser to exactly match the old parser. Numeric values are no longer clamped, but instead are allowed to be inf, and isinf checks now exist in the new parser in the same places they do in the old parser. * css/parser/CSSParserFastPaths.cpp: (WebCore::parseSimpleLength): (WebCore::parseSimpleLengthValue): * css/parser/CSSParserToken.cpp: (WebCore::CSSParserToken::CSSParserToken): * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::consumeLength): (WebCore::CSSPropertyParserHelpers::consumePercent): 2016-12-05 Ricky Mondello <rmondello@apple.com> STP 19 fails to launch on 16B255 https://bugs.webkit.org/show_bug.cgi?id=165388 -and corresponding- rdar://problem/29514476 Reviewed by Tim Horton. * platform/spi/cocoa/NSTouchBarSPI.h: Re-declare the SPI symbols as weak. The cited crash itself is for a symbol we weren't handling here, but is part of the same group. Re-declare all four of these symbols to be safe. 2016-12-05 Antoine Quint <graouts@apple.com> ERROR: post-layout: dirty renderer(s) - Encountered with LayoutTest media/modern-media-controls/media-controller/media-controller-fullscreen-ltr.html https://bugs.webkit.org/show_bug.cgi?id=165312 Reviewed by Simon Fraser. Reverting part of the code added in https://bugs.webkit.org/show_bug.cgi?id=165287 that triggered an assertion. We go back to removing previous media controls as we add new ones when the fullscreen status changes, and simply hide the controls during the animated transition using a CSS pseudo-class. This also fixes an issue where we wouldn't have removed the previous controls should we have entered fullscreen in a different way than clicking on the fullscreen button in the media controls. We restore testing coverage that was fixed due to this assertion. * Modules/modern-media-controls/controls/media-controls.css: (:host(:-webkit-animating-full-screen-transition) .media-controls): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.prototype.fadeIn): (MediaControls.prototype.presentInElement): Deleted. * Modules/modern-media-controls/media/fullscreen-support.js: (FullscreenSupport.prototype.buttonWasClicked): * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._updateControlsIfNeeded): 2016-12-05 Dean Jackson <dino@apple.com> MediaDocuments crash with modern media controls https://bugs.webkit.org/show_bug.cgi?id=165446 <rdar://problem/29524959> Reviewed by Antoine Quint. The modern media controls inject a <style> element into the document, which exposed a bug when used in MediaDocuments. Such documents were not getting a charset, and the hash table for the CSSParserContexts was crashing. Test: media/modern-media-controls/media-documents/insert-style-should-not-crash.html * css/parser/CSSParserMode.h: Guard against an empty charset. (WebCore::CSSParserContextHash::hash): * dom/InlineStyleSheetOwner.cpp: Ask for the charset with fallback. (WebCore::parserContextForElement): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] shape-rendering supports crispEdges rather than crisp-edges https://bugs.webkit.org/show_bug.cgi?id=165443 Reviewed by Tim Horton. * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support setting of custom properties from the CSS OM https://bugs.webkit.org/show_bug.cgi?id=165442 Reviewed by Tim Horton. * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseCustomPropertyValue): Call in to a new function in CSSParserImpl that can handle custom property parsing. * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::parseCustomPropertyValue): New function that is similar to parseValue, but handling custom properties. (WebCore::CSSParserImpl::consumeDeclaration): (WebCore::CSSParserImpl::consumeCustomPropertyValue): (WebCore::CSSParserImpl::consumeVariableValue): Deleted. * css/parser/CSSParserImpl.h: Rename consumeVariableValue to consumeCustomPropertyValue, since that is more clear. consumeVariableValue sounds like you might be resolving a variable reference rather than parsing a custom property's value. 2016-12-05 Tim Horton <timothy_horton@apple.com> Adopt CAMachPort-as-layer-contents https://bugs.webkit.org/show_bug.cgi?id=141687 <rdar://problem/19393233> Reviewed by Darin Adler. No new tests, just a performance bump. * platform/spi/cocoa/QuartzCoreSPI.h: Add some SPI. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] calcs on column-width that resolve to 0 should be discarded https://bugs.webkit.org/show_bug.cgi?id=165439 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeColumnWidth): 2016-12-05 Dean Jackson <dino@apple.com> pointer lock needs to be feature detectable https://bugs.webkit.org/show_bug.cgi?id=165426 <rdar://problem/29486715> Reviewed by Antoine Quint. Annotate the public-facing API for pointer-lock, so that it is hidden when not available. Also move the Setting to a RuntimeEnabledFeature, since pointer-lock is exposed from WebKit as a feature. Tests: pointer-lock/pointerlock-interface-disabled.html pointer-lock/pointerlock-interface.html * bindings/generic/RuntimeEnabledFeatures.h: (WebCore::RuntimeEnabledFeatures::setPointerLockEnabled): (WebCore::RuntimeEnabledFeatures::pointerLockEnabled): * dom/Document.idl: * dom/Element.idl: * page/PointerLockController.cpp: (WebCore::PointerLockController::requestPointerLock): (WebCore::PointerLockController::requestPointerUnlock): * page/Settings.in: 2016-12-05 Keith Rollin <krollin@apple.com> Reduce number of platformMemoryUsage calls https://bugs.webkit.org/show_bug.cgi?id=164375 Reviewed by Darin Adler. Removed the calls to WTF::releaseFastMallocFreeMemory (it's already called elsewhere in the free-all-memory pipeline) and malloc_zone_pressure_relief (it should be called by the OS on its own terms). No new tests -- no new or changed features. * platform/cocoa/MemoryPressureHandlerCocoa.mm: (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Leave the Animation type alone when the property is invalid https://bugs.webkit.org/show_bug.cgi?id=165418 Reviewed by Dean Jackson. * css/CSSToStyleMap.cpp: (WebCore::CSSToStyleMap::mapAnimationProperty): 2016-12-05 Antti Koivisto <antti@apple.com> keyframes do not work when defined inside a style in a shadowRoot https://bugs.webkit.org/show_bug.cgi?id=164608 <rdar://problem/29210251> Reviewed by Darin Adler. With :host and ::slotted rules a keyframe animation affecting an element can be defined in a style scope different from the element's own scope. Style resolver loses the scope information when building the RenderStyle so there is no way to find out the correct scope. Fix by passing style scope through to style builder and including a scope association with the animation name. Find the correct scope when resolving keyframes. Test: fast/shadow-dom/shadow-host-animation.html * css/CSSToStyleMap.cpp: (WebCore::CSSToStyleMap::mapAnimationName): Include scope with the name. * css/ElementRuleCollector.cpp: (WebCore::MatchRequest::MatchRequest): (WebCore::ElementRuleCollector::addMatchedRule): (WebCore::ElementRuleCollector::sortAndTransferMatchedRules): (WebCore::ElementRuleCollector::matchAuthorRules): (WebCore::ElementRuleCollector::matchAuthorShadowPseudoElementRules): (WebCore::ElementRuleCollector::matchHostPseudoClassRules): (WebCore::ElementRuleCollector::matchSlottedPseudoElementRules): (WebCore::ElementRuleCollector::collectMatchingRulesForList): Replace treeContextOrdinal int with Style::ScopeOrdinal enum carrying the same information. Simplify the code removing unnecessary use of MatchRequest struct. (WebCore::compareRules): * css/ElementRuleCollector.h: * css/StyleResolver.cpp: (WebCore::StyleResolver::MatchResult::addMatchedProperties): (WebCore::StyleResolver::CascadedProperties::setPropertyInternal): (WebCore::StyleResolver::CascadedProperties::set): (WebCore::StyleResolver::CascadedProperties::setDeferred): Pass styleScopeOrdinal through the cascade mechanism (WebCore::cascadeLevelForIndex): (WebCore::StyleResolver::CascadedProperties::addMatch): (WebCore::StyleResolver::CascadedProperties::addImportantMatches): (WebCore::StyleResolver::CascadedProperties::Property::apply): Set styleScopeOrdinal in State when applying style. (WebCore::StyleResolver::CascadedProperties::addStyleProperties): Deleted. Move the code to the only caller. * css/StyleResolver.h: (WebCore::StyleResolver::State::styleScopeOrdinal): (WebCore::StyleResolver::State::setStyleScopeOrdinal): * page/animation/CompositeAnimation.cpp: (WebCore::KeyframeAnimation::KeyframeAnimation): (WebCore::KeyframeAnimation::resolveKeyframeStyles): Find the correct scope for resolving keyframes based on the scope ordinal. * platform/animation/Animation.cpp: * platform/animation/Animation.h: Add m_nameStyleScopeOrdinal that tells the scope where the name is defined. * style/StyleScope.cpp: (WebCore::Style::Scope::forOrdinal): Find the scope for ordinal. * style/StyleScope.h: Define ScopeOrdinal types. (WebCore::Style::operator++): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support glyph-orientation-horizontal and glyph-orientation-vertical https://bugs.webkit.org/show_bug.cgi?id=165414 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeGlyphOrientation): (WebCore::CSSPropertyParser::parseSingleValue): Add support for the glyph-orientation-horizontal and glyph-orientation-vertical properties. They take an angle and allow unitless values. * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::consumeAngle): Fix a bug in the handling of unitless values for angles. Make sure to actually pass in the value instead of always doing 0. Blink does not accept unitless values for angles at all, so this is another difference to investigate for SVG in the future. 2016-12-05 Ryan Haddad <ryanhaddad@apple.com> Unreviewed, rolling out r209299. This change appears to have caused LayoutTest failures on Sierra WK1. Reverted changeset: "Improve the behavior of scroll-into-view when the target is inside position:fixed" https://bugs.webkit.org/show_bug.cgi?id=165354 http://trac.webkit.org/changeset/209299 2016-12-05 Andreas Kling <akling@apple.com> [Cocoa] Add some memory usage related information to sysdiagnose state dumps <https://webkit.org/b/165375> <rdar://problem/29057243> Reviewed by Darin Adler. Add a flag to memoryUsageStatistics() to allow gathering of slightly more expensive information. This mode is used when capturing a state dump for sysdiagnose. The more expensive information added in this patch relates to information about live objects and memory on the JavaScript heap. * WebCore.xcodeproj/project.pbxproj: * page/PerformanceLogging.cpp: (WebCore::PerformanceLogging::memoryUsageStatistics): (WebCore::PerformanceLogging::javaScriptObjectCounts): (WebCore::PerformanceLogging::didReachPointOfInterest): * page/PerformanceLogging.h: 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure the transform fast path uses WebKitCSSTransformValue https://bugs.webkit.org/show_bug.cgi?id=165399 Reviewed by Dean Jackson. * css/parser/CSSParserFastPaths.cpp: (WebCore::parseTransformTranslateArguments): (WebCore::parseTransformNumberArguments): (WebCore::parseSimpleTransformValue): (WebCore::parseSimpleTransformList): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix calc() with -webkit-line-clamp https://bugs.webkit.org/show_bug.cgi?id=165398 Reviewed by Zalan Bujtas. Remove the aggressive token type checking up front, since it was causing calc() to not be allowed. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeLineClamp): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support -webkit-text-decoration https://bugs.webkit.org/show_bug.cgi?id=165391 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::parseShorthand): 2016-12-05 Beth Dakin <bdakin@apple.com> STP 19 fails to launch on 16B255 https://bugs.webkit.org/show_bug.cgi?id=165388 -and corresponding- rdar://problem/29514476 Rubber-stamped by Brady Eidson. * platform/spi/cocoa/NSTouchBarSPI.h: 2016-12-05 Beth Dakin <bdakin@apple.com> STP 19 fails to launch on 16B255 https://bugs.webkit.org/show_bug.cgi?id=165388 -and corresponding- rdar://problem/29514476 Reviewed by Tim Horton. Speculative fix. * platform/spi/cocoa/NSTouchBarSPI.h: 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support the 'alphabetic' keyword for text-underline-position https://bugs.webkit.org/show_bug.cgi?id=165387 Reviewed by Simon Fraser. Fixes fast/css3-text/css3-text-decoration/getComputedStyle/getComputedStyle-text-underline-position.html * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::parseSingleValue): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix assert when unknown properties are encountered. https://bugs.webkit.org/show_bug.cgi?id=165385 Reviewed by Zalan Bujtas. * css/CSSToStyleMap.cpp: (WebCore::CSSToStyleMap::mapAnimationProperty): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix rx and ry parsing https://bugs.webkit.org/show_bug.cgi?id=165383 Reviewed by Dean Jackson. * css/parser/CSSParserFastPaths.cpp: (WebCore::isSimpleLengthPropertyID): rx and ry can be negative in the slow path, so make sure they can be negative in the fast path too. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeRxOrRy): Disallow auto as a value since we are not equipped to handle it, and it's not clear if it's even valid. 2016-12-05 Konstantin Tokarev <annulen@yandex.ru> Add __STDC_FORMAT_MACROS before inttypes.h is included https://bugs.webkit.org/show_bug.cgi?id=165374 We need formatting macros like PRIu64 to be available in all places where inttypes.h header is used. All these usages get inttypes.h definitions via wtf/Assertions.h header, except SQLiteFileSystem.cpp where formatting macros are not used anymore since r185129. This patch fixes multiple build errors with MinGW and reduces number of independent __STDC_FORMAT_MACROS uses in the code base. Reviewed by Darin Adler. No new tests needed. * platform/sql/SQLiteFileSystem.cpp: Removed unused inttypes.h inclusion. 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Properly fail on bad values for -webkit-clip-path https://bugs.webkit.org/show_bug.cgi?id=165382 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeBasicShapeOrBox): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] The page-break-* properties are only keyword props for old parser. https://bugs.webkit.org/show_bug.cgi?id=165381 Reviewed by Dean Jackson. * css/parser/CSSParser.cpp: (WebCore::isKeywordPropertyID): * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isKeywordPropertyID): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Don't use CSS_PARSER_INTEGER unit for resolved integer calcs. https://bugs.webkit.org/show_bug.cgi?id=165379 Reviewed by Dean Jackson. * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::CalcParser::consumeNumber): 2016-12-05 Dave Hyatt <hyatt@apple.com> [CSS Parser] Add parseValue support to new parser. Use new parser for UA sheet too if useNewParser is set. https://bugs.webkit.org/show_bug.cgi?id=165376 Reviewed by Zalan Bujtas. * css/StyleColor.cpp: (WebCore::StyleColor::isColorKeyword): Include system colors when using the fast parseValue path. * css/parser/CSSParser.cpp: (WebCore::CSSParser::setupParser): Add an assert to catch any code path using the old parser when the new parser flag is set. (WebCore::CSSParser::parseSheet): (WebCore::CSSParser::parseRule): (WebCore::CSSParser::parseKeyframeRule): (WebCore::CSSParser::parseSupportsCondition): (WebCore::CSSParser::parseValue): (WebCore::CSSParser::parseSelector): (WebCore::CSSParser::parseDeclaration): Patched to use the new parser in UASheetMode as well as other modes when the new parser flag is set. parseValue is patched to use the new parser's fast paths and to call into CSSParserImpl's parseValue. * css/parser/CSSParserFastPaths.cpp: (WebCore::isSimpleLengthPropertyID): Support CSSPropertyShapeMargin in the fast path since the old parser did in its fast path. (WebCore::parseSimpleLengthValue): Don't ever return unitless numbers. If we accept a unitless number, convert the unit to PX still. (WebCore::CSSParserFastPaths::parseColor): Use the CSSValuePool when creating colors on the fast path. * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::parseValue): * css/parser/CSSParserImpl.h: Change the return type to be compatible with the old parser's ParseResult flag. 2016-12-05 Konstantin Tokarev <annulen@yandex.ru> Removed MediaPlayerPrivateTaskTimer https://bugs.webkit.org/show_bug.cgi?id=165373 Reviewed by Sam Weinig. It is not used anywhere since QTSDK removal in r165476. No new tests needed. * platform/graphics/win/MediaPlayerPrivateTaskTimer.cpp: Removed. * platform/graphics/win/MediaPlayerPrivateTaskTimer.h: Removed. 2016-12-04 Dave Hyatt <hyatt@apple.com> [CSS Parser] Eliminate in-place lowercasing in the parser. https://bugs.webkit.org/show_bug.cgi?id=165368 Reviewed by Darin Adler. Replace the in-place lowercasing that the parser does with new mechanisms. In-place lowercasing ruins serialization and doesn't work on CSS parsed from static strings. It also has the side effect of mutating strings passed in from JavaScript like for querySelectorAll. For class/id selectors, we now check if the string is lowercase or not. If it contains uppercase ASCII characters, then we allocate the RareData for the selector. RareData now has two fields instead of one for the value, a matching value (all lowercase in quirks mode), and a serializing value (the original string). Because this is done at the CSSSelector level, the old parser has been patched as well for these cases. In addition, in-place lowercasing was done for pseudo-elements, for media query features, and for attr(). In all of these cases we do lowercase converting by first checking if it's needed. Serialization will not retain the original string in these cases, so we may want to revisit these cases in the future and apply a solution similar to what we did for selectors. * css/CSSGrammar.y.in: * css/CSSSelector.cpp: (WebCore::CSSSelector::createRareData): (WebCore::CSSSelector::selectorText): (WebCore::CSSSelector::RareData::RareData): (WebCore::CSSSelector::RareData::~RareData): * css/CSSSelector.h: (WebCore::CSSSelector::RareData::create): (WebCore::CSSSelector::setValue): (WebCore::CSSSelector::value): (WebCore::CSSSelector::serializingValue): * css/MediaQueryExp.cpp: (WebCore::MediaQueryExpression::MediaQueryExpression): * css/parser/CSSParserToken.cpp: (WebCore::convertToASCIILowercaseInPlace): Deleted. (WebCore::CSSParserToken::convertToASCIILowercaseInPlace): Deleted. * css/parser/CSSParserToken.h: * css/parser/CSSParserValues.h: (WebCore::CSSParserSelector::setValue): * css/parser/CSSPropertyParser.cpp: (WebCore::consumeAttr): * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumeId): (WebCore::CSSSelectorParser::consumeClass): (WebCore::CSSSelectorParser::consumePseudo): * css/parser/MediaQueryParser.cpp: (WebCore::MediaQueryParser::readFeature): 2016-12-04 Gyuyoung Kim <gyuyoung.kim@webkit.org> Fix a build break on EFL since r209303. Unreviewed build fix. * bindings/js/SerializedScriptValue.cpp: (WebCore::exceptionForSerializationFailure): Add a return in the end of function. 2016-12-03 Dan Bernstein <mitz@apple.com> [Cocoa] Expose InjectedBundlePageEditorClient via the Objective-C bundle SPI https://bugs.webkit.org/show_bug.cgi?id=165276 <rdar://problem/29467040> Reviewed by Darin Adler. * platform/ios/PlatformPasteboardIOS.mm: (WebCore::PlatformPasteboard::write): Make sure to put the client data on the pasteboard, like we do on macOS. 2016-12-03 Dave Hyatt <hyatt@apple.com> [CSS Parser] Remove line numbers from StyleRule. https://bugs.webkit.org/show_bug.cgi?id=165361 Reviewed by Simon Fraser. StyleRules have a concept of a source line that is eventually passed to the inspector. This was only ever used by normal rules, i.e., ones with selectors, and set to 0 for all other rules. This line was set to the line number at which the end of the selector text occurred. Because Inspector already computes the start and end range for the selector text, storing a source line on StyleRule ends up being redundant. This patch gets rid of the source line and uses the end line of the selector text instead. * css/CSSGrammar.y.in: Remove the code that updates the last seen selector line. * css/CSSKeyframeRule.cpp: (WebCore::StyleKeyframe::StyleKeyframe): * css/CSSKeyframesRule.cpp: (WebCore::StyleRuleKeyframes::StyleRuleKeyframes): No longer need to pass in a 0 line number. * css/StyleRule.cpp: (WebCore::StyleRule::StyleRule): (WebCore::StyleRule::create): (WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount): (WebCore::StyleRuleFontFace::StyleRuleFontFace): (WebCore::StyleRuleGroup::StyleRuleGroup): (WebCore::StyleRuleCharset::StyleRuleCharset): (WebCore::StyleRuleNamespace::StyleRuleNamespace): * css/StyleRule.h: (WebCore::StyleRuleBase::StyleRuleBase): (WebCore::StyleRuleBase::sourceLine): Deleted. * css/StyleRuleImport.cpp: (WebCore::StyleRuleImport::StyleRuleImport): Remove m_sourceLine and change the create methods and constructors to not require a line number. * css/parser/CSSParser.cpp: (WebCore::CSSParser::createStyleRule): Line number no longer needed. (WebCore::CSSParser::updateLastSelectorLineAndPosition): Deleted. * css/parser/CSSParser.h: Got rid of the function that tracks and updates the last seen selector line. * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::consumeStyleRule): Fix the rule creation in the new parser to not pass in a 0 line number. * inspector/InspectorStyleSheet.cpp: (WebCore::buildSourceRangeObject): (WebCore::InspectorStyleSheet::buildObjectForSelectorList): (WebCore::InspectorStyleSheet::buildObjectForRule): * inspector/InspectorStyleSheet.h: Patch the methods that build up the selector range to return the end line information for selector text so that it can be set as the source line for the rule (thus eliminating the need to store the line number on the style rule itself). 2016-12-02 Sam Weinig <sam@webkit.org> optional sequence values not handled correctly by binding generator https://bugs.webkit.org/show_bug.cgi?id=142562 Also fixes: Remove non-standard postMessage overload https://bugs.webkit.org/show_bug.cgi?id=161911 and Wrong argument order in window.postMessage https://bugs.webkit.org/show_bug.cgi?id=63141 Reviewed by Darin Adler. * WebCore.xcodeproj/project.pbxproj: Remove no longer needed files. * bindings/generic/IDLTypes.h: * bindings/js/JSDOMConvert.h: (WebCore::Converter<IDLObject>::convert): Add support for the WebIDL object type. * bindings/js/JSDOMBinding.cpp: (WebCore::createDOMException): Add support for throwing stack overflow errors. * bindings/js/JSDOMWindowCustom.cpp: (WebCore::handlePostMessage): Deleted. (WebCore::JSDOMWindow::postMessage): Deleted. * bindings/js/JSDedicatedWorkerGlobalScopeCustom.cpp: Removed. * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::postMessage): Deleted. (WebCore::extractTransferables): Deleted. * bindings/js/JSMessagePortCustom.h: Removed. * bindings/js/JSWorkerCustom.cpp: (WebCore::JSWorker::postMessage): Deleted. Remove custom bindings for postMessage. * bindings/js/SerializedScriptValue.h: Switch to using enum class. * bindings/js/SerializedScriptValue.cpp: (WebCore::SerializedScriptValue::transferArrayBuffers): (WebCore::SerializedScriptValue::create): Add new create function that takes the transfer list, processes it, and returns MessagePorts and SerializedScriptValue / exception. (WebCore::CloneBase::throwStackOverflow): Deleted. (WebCore::CloneDeserializer::throwValidationError): Deleted. Remove uncalled functions. * bindings/scripts/CodeGenerator.pm: (IsRefPtrType): (IsBuiltinType): * bindings/scripts/CodeGeneratorJS.pm: (AddToIncludesForIDLType): (GetBaseIDLType): Add support for the WebIDL 'object' type. * bindings/scripts/test/JS/JSTestObj.cpp: * bindings/scripts/test/TestObj.idl: Add tests for 'object'. * dom/ExceptionCode.h: Add two new ExceptionCodes: - ExistingExceptionError, to indicate that implementation code threw a JS exception. - StackOverflowError, to indicate that a stack overflow exception should be thrown. * dom/MessagePort.cpp: (WebCore::MessagePort::postMessage): * dom/MessagePort.h: * dom/MessagePort.idl: * page/DOMWindow.cpp: (WebCore::DOMWindow::postMessage): * page/DOMWindow.h: * page/DOMWindow.idl: * workers/DedicatedWorkerGlobalScope.cpp: (WebCore::DedicatedWorkerGlobalScope::postMessage): * workers/DedicatedWorkerGlobalScope.h: * workers/DedicatedWorkerGlobalScope.idl: * workers/Worker.cpp: (WebCore::Worker::postMessage): * workers/Worker.h: * workers/Worker.idl: Update to call new SerializedScriptValue create function. 2016-12-03 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support Dashboard Regions https://bugs.webkit.org/show_bug.cgi?id=165357 Reviewed by Daniel Bates. * css/CSSValueKeywords.in: * css/parser/CSSPropertyParser.cpp: (WebCore::consumeWebkitDashboardRegion): (WebCore::CSSPropertyParser::parseSingleValue): 2016-12-02 Simon Fraser <simon.fraser@apple.com> Improve the behavior of scroll-into-view when the target is inside position:fixed https://bugs.webkit.org/show_bug.cgi?id=165354 Reviewed by Zalan Bujtas. The existing RenderLayer::scrollRectToVisible() code paid no heed to whether the target was inside position:fixed, resulting in unwanted scrolls. Fix this by plumbing through from the call sites a "insideFixed" flag which we get when we call localToAbsolute(), and use this flag to avoid scrolling at all if unzoomed. If zoomed and we're focussing something inside position:fixed, and if visual viewports are enabled, we can compute the visual viewport required to reveal the target rect, which gives us the ideal scroll position. Fix a bug on non-iOS platforms when zoomed, which is to scale the viewRect since frameView.visibleContentRect() gives an unscaled rect on those platforms. Not all callers of scrollRectToVisible() are fixed, but those that are not will get the current behavior. Tests: fast/overflow/scroll-anchor-in-position-fixed.html fast/visual-viewport/zoomed-scroll-into-view-fixed.html fast/visual-viewport/zoomed-scroll-to-anchor-in-position-fixed.html * dom/Element.cpp: (WebCore::Element::scrollIntoView): (WebCore::Element::scrollIntoViewIfNeeded): (WebCore::Element::scrollIntoViewIfNotVisible): (WebCore::Element::updateFocusAppearance): * editing/FrameSelection.cpp: (WebCore::FrameSelection::FrameSelection): (WebCore::FrameSelection::absoluteCaretBounds): (WebCore::FrameSelection::recomputeCaretRect): (WebCore::FrameSelection::revealSelection): * editing/FrameSelection.h: * editing/VisiblePosition.cpp: (WebCore::VisiblePosition::absoluteCaretBounds): * editing/VisiblePosition.h: * editing/htmlediting.cpp: (WebCore::absoluteBoundsForLocalCaretRect): * editing/htmlediting.h: * page/FrameView.cpp: (WebCore::FrameView::scrollElementToRect): (WebCore::FrameView::scrollToAnchor): * page/PrintContext.cpp: (WebCore::PrintContext::outputLinkedDestinations): * rendering/RenderElement.cpp: (WebCore::RenderElement::getLeadingCorner): (WebCore::RenderElement::getTrailingCorner): (WebCore::RenderElement::absoluteAnchorRect): (WebCore::RenderElement::anchorRect): Renamed to absoluteAnchorRect(). * rendering/RenderElement.h: * rendering/RenderLayer.cpp: (WebCore::RenderLayer::scrollRectToVisible): (WebCore::RenderLayer::getRectToExpose): (WebCore::RenderLayer::autoscroll): * rendering/RenderLayer.h: * rendering/RenderObject.cpp: (WebCore::RenderObject::scrollRectToVisible): * rendering/RenderObject.h: 2016-11-30 Simon Fraser <simon.fraser@apple.com> localToAbsolute() does incorrect conversion for elements inside position:fixed with zooming https://bugs.webkit.org/show_bug.cgi?id=165244 Reviewed by Zalan Bujtas. RenderView::mapLocalToContainer() and RenderView::mapAbsoluteToLocalPoint() handle the coordinate mapping through the RenderView's transform (when zoomed), and apply the scroll offset for position:fixed elements. They did this in the wrong order; "local to absolute" applied the zoom scale, and then adjusted for the scroll position, and "absolute to local" applied the scroll position and then the transform. However that scroll position adjustment should be in unzoomed coordinates, since it's accounting for the layout adjustment that position:fixed receives (which actually occurs via the localToAbsolute() call in RenderLayer's accumulateOffsetTowardsAncestor()). "local to absolute" should therefore apply the scroll adjustment first before the transform, and "absolute to local" the reverse. In both visual viewport mode, and legacy drifty fixed mode FrameView::scrollPositionForFixedPosition() returns a scroll offset that is unaffected by zoom, which is correct and confirms this change. [Confusingly, ScrollView scroll positions _are_ affected by zoom, as the entire document gets bigger.] RenderGeometryMap::mapToContainer(), which is an optimization on top of RenderView::mapLocalToContainer(), gets a similar fix. Test: fast/zooming/client-rect-in-fixed-zoomed.html * rendering/RenderGeometryMap.cpp: (WebCore::RenderGeometryMap::mapToContainer): * rendering/RenderView.cpp: (WebCore::RenderView::mapLocalToContainer): (WebCore::RenderView::mapAbsoluteToLocalPoint): 2016-12-02 Simon Fraser <simon.fraser@apple.com> Put names on layers in release builds https://bugs.webkit.org/show_bug.cgi?id=165347 Reviewed by Tim Horton. Put names on GraphicsLayers (and therefore CALayers) in release builds. Release names are a simpler, truncated version of debug names, with <tagname> id class names. Non-primary layer names converted to lowercase and "layer" removed. Fix comments that refer to gdb. Use ENABLE(TREE_DEBUGGING) in more places. * dom/Node.h: * dom/Position.h: * dom/Range.h: * editing/FrameSelection.h: * editing/VisiblePosition.h: * editing/VisibleSelection.h: * history/HistoryItem.h: * page/FrameTree.h: * platform/graphics/GraphicsLayer.h: * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::setName): (WebCore::GraphicsLayerCA::setContentsToSolidColor): (WebCore::GraphicsLayerCA::updateNames): (WebCore::GraphicsLayerCA::updateBackdropFilters): (WebCore::GraphicsLayerCA::updateContentsImage): (WebCore::GraphicsLayerCA::updateClippingStrategy): (WebCore::GraphicsLayerCA::updateContentsRects): (WebCore::GraphicsLayerCA::changeLayerTypeTo): * platform/graphics/ca/TileController.cpp: (WebCore::TileController::tileGridContainerLayerName): (WebCore::TileController::zoomedOutTileGridContainerLayerName): (WebCore::TileController::createTileLayer): * rendering/CounterNode.h: * rendering/InlineBox.h: * rendering/InlineFlowBox.h: * rendering/RenderCounter.h: * rendering/RenderLayer.cpp: (WebCore::RenderLayer::name): * rendering/RenderLayer.h: * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::createGraphicsLayer): (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): (WebCore::RenderLayerBacking::updateAncestorClippingLayer): (WebCore::RenderLayerBacking::updateDescendantClippingLayer): (WebCore::RenderLayerBacking::updateForegroundLayer): (WebCore::RenderLayerBacking::updateBackgroundLayer): (WebCore::RenderLayerBacking::updateMaskingLayer): (WebCore::RenderLayerBacking::updateChildClippingStrategy): (WebCore::RenderLayerBacking::updateScrollingLayers): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea): (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea): (WebCore::RenderLayerCompositor::updateLayerForHeader): (WebCore::RenderLayerCompositor::updateLayerForFooter): (WebCore::RenderLayerCompositor::updateOverflowControlsLayers): (WebCore::RenderLayerCompositor::ensureRootLayer): * rendering/RenderObject.h: 2016-12-02 Antoine Quint <graouts@apple.com> [Modern Media Controls] Update the media controls size as the media element is resized https://bugs.webkit.org/show_bug.cgi?id=165346 Reviewed by Dean Jackson. The "resize" event dispatched by HTMLMediaElement indicates a change in the media's intrinsic size, while the "resize" event dispatched by the HTMLMediaElement's ShadowRoot indicates that the layout size of the media element has changed. We now use the latter. * Modules/modern-media-controls/media/media-controller.js: (MediaController): (MediaController.prototype.handleEvent): 2016-12-02 Andy Estes <aestes@apple.com> [Cocoa] Adopt the PRODUCT_BUNDLE_IDENTIFIER build setting https://bugs.webkit.org/show_bug.cgi?id=164492 Reviewed by Dan Bernstein. * Configurations/WebCore.xcconfig: Set PRODUCT_BUNDLE_IDENTIFIER to com.apple.$(PRODUCT_NAME:rfc1034identifier). * Info.plist: Changed CFBundleIdentifier's value from com.apple.${PRODUCT_NAME} to ${PRODUCT_BUNDLE_IDENTIFIER}. 2016-12-02 Chris Dumez <cdumez@apple.com> HTML Interactive Form Validation popovers do not show in iOS WKWebViews https://bugs.webkit.org/show_bug.cgi?id=165340 <rdar://problem/29489966> Reviewed by Simon Fraser. HTML Interactive Form Validation popovers do not show in iOS WKWebViews, only in MobileSafari. To address the issue try to find an appropriate UIViewController to present the popover when the client does not provide a presenting view controller. * platform/ValidationBubble.h: * platform/ios/ValidationBubbleIOS.mm: (WebCore::fallbackViewController): (WebCore::ValidationBubble::setAnchorRect): * platform/spi/ios/UIKitSPI.h: 2016-12-02 Zalan Bujtas <zalan@apple.com> Remove redundant LayoutUnit conversions. https://bugs.webkit.org/show_bug.cgi?id=165338 Reviewed by Simon Fraser. RenderBlockFlow::computeColumnCountAndWidth has some redundant LayoutUnti <-> unsigned conversions. No change in functionality. * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::computeColumnCountAndWidth): 2016-12-02 Antoine Quint <graouts@apple.com> [Modern Media Controls] Add rewind and fast-forward support https://bugs.webkit.org/show_bug.cgi?id=165294 Reviewed by Dean Jackson. We implement support for rewinding and fast-forwarding the media by pressing dedicated buttons in fullscreen on macOS. We introduce a new SeekButton class that the existing RewindButton and ForwardButton classes now extend and which provides handling of "mousedown" and "mouseup" events to indicate that a button is being pressed to the UI delegate. We also introduce a new SeekSupport class from which SeekBackwardSupport and SeekForwardSupport inherit to integrate with those controls and update the media time. Tests: media/modern-media-controls/layout-node/layout-node-parent-of-type.html media/modern-media-controls/seek-backward-support/seek-backward-support.html media/modern-media-controls/seek-forward-support/seek-forward-support.html * Modules/modern-media-controls/controls/forward-button.js: * Modules/modern-media-controls/controls/layout-node.js: (LayoutNode.prototype.parentOfType): * Modules/modern-media-controls/controls/rewind-button.js: * Modules/modern-media-controls/controls/seek-button.js: Added. (SeekButton): (SeekButton.prototype.handleEvent): (SeekButton.prototype._didStartPressing): (SeekButton.prototype._didStopPressing): (SeekButton.prototype._notifyDelegateOfPressingState): * Modules/modern-media-controls/js-files: * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._updateControlsIfNeeded): * Modules/modern-media-controls/media/seek-backward-support.js: Added. (SeekBackwardSupport.prototype.get control): (SeekBackwardSupport.prototype.get multiplier): (SeekBackwardSupport): * Modules/modern-media-controls/media/seek-forward-support.js: Added. (SeekForwardSupport.prototype.get control): (SeekForwardSupport.prototype.get multiplier): (SeekForwardSupport): * Modules/modern-media-controls/media/seek-support.js: Added. (SeekSupport.prototype.get multiplier): (SeekSupport.prototype.buttonPressedStateDidChange): (SeekSupport.prototype._startSeeking): (SeekSupport.prototype._stopSeeking): (SeekSupport.prototype._seek): (SeekSupport): * WebCore.xcodeproj/project.pbxproj: 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Need to set edit flags properly when user-modify/select are used. https://bugs.webkit.org/show_bug.cgi?id=165334 Reviewed by Dean Jackson. The old parser calls parserSetUsesStyleBasedEditability on StyleSheetContents* from inside isValidKeywordPropertyAndValue. This is pretty lame, but we have to do the same in order to pass editing layout tests. All of the functions below have been patched with the sole purpose of propagating StyleSheetContents* through to isValidKeywordPropertyAndValue in the new parser. * css/parser/CSSParser.cpp: (WebCore::CSSParser::parseValueWithVariableReferences): * css/parser/CSSParser.h: * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): (WebCore::parseKeywordValue): (WebCore::CSSParserFastPaths::maybeParseValue): * css/parser/CSSParserFastPaths.h: * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::consumeDeclarationValue): * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::CSSPropertyParser): (WebCore::CSSPropertyParser::parseValue): (WebCore::CSSPropertyParser::parseSingleValue): (WebCore::CSSPropertyParser::parseFontFaceDescriptor): (WebCore::CSSPropertyParser::consumeFont): (WebCore::CSSPropertyParser::parseShorthand): * css/parser/CSSPropertyParser.h: 2016-12-02 Beth Dakin <bdakin@apple.com> REGRESSION (r208802): TouchBar pause button doesn't work https://bugs.webkit.org/show_bug.cgi?id=165333 -and corresponding- rdar://problem/29487187 Reviewed by Wenson Hsieh. The previous code got this right by using self.playing. _playing was totally un- used, so this patch just removes it. * platform/mac/WebPlaybackControlsManager.h: * platform/mac/WebPlaybackControlsManager.mm: (-[WebPlaybackControlsManager setPlaying:]): 2016-12-02 John Wilander <wilander@apple.com> Require preflight for non-standard CORS-safelisted request headers Accept, Accept-Language, and Content-Language https://bugs.webkit.org/show_bug.cgi?id=165178 <rdar://problem/18792250> Reviewed by Youenn Fablet. Fetch currently only restricts the header Content-Type for simple requests: https://fetch.spec.whatwg.org/#cors-safelisted-request-header This means simple CORS requests can send unexpected characters in Accept, Accept-Language, and Content-Language header values. RFC 7231 implies restrictions on these header values: - Accept https://tools.ietf.org/html/rfc7231#section-5.3.2 - Accept-Language https://tools.ietf.org/html/rfc7231#section-5.3.5 - Content-Language https://tools.ietf.org/html/rfc7231#section-3.1.3.2 As per discussions in the W3C WebAppSec group we should try to restrict these header values to help protect servers that do not expect simple CORS requests. Non-standard, safelisted header values should trigger a preflight and require the headers to be whitelisted in the response's Access-Control-Allow-Headers. For Fetch in no-cors mode this change means non-standard header values are not allowed to be set. Test: http/tests/xmlhttprequest/cors-non-standard-safelisted-headers-should-trigger-preflight.html * loader/CrossOriginAccessControl.cpp: (WebCore::isSimpleCrossOriginAccessRequest): Now calls WebCore::isCrossOriginSafeRequestHeader() instead of WebCore::isOnAccessControlSimpleRequestHeaderWhitelist(). (WebCore::isOnAccessControlSimpleRequestHeaderWhitelist): Deleted. It was a duplicate of WebCore::isCrossOriginSafeRequestHeader(). * loader/CrossOriginAccessControl.h: * loader/CrossOriginPreflightResultCache.cpp: (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders): Now calls WebCore::isCrossOriginSafeRequestHeader() instead of WebCore::isOnAccessControlSimpleRequestHeaderWhitelist(). * platform/network/HTTPParsers.cpp: (WebCore::isValidAcceptHeaderValue): Basic check that the characters are all ASCII alphanumeric, ' ', '*', '.', '/', ';', or '='. (WebCore::isValidLanguageHeaderValue): Basic check that the characters are all ASCII alphanumeric, ' ', '*', '-', '.', ';', or '='. (WebCore::isSimpleHeader): Removed duplicate code. Now calls WebCore::isCrossOriginSafeRequestHeader(). (WebCore::isCrossOriginSafeRequestHeader): Now makes a call to WebCore::isValidAcceptHeaderValue() for Accept headers and WebCore::isValidLanguageHeaderValue() for Accept-Language and Content-Language headers. * platform/network/HTTPParsers.h: 2016-12-02 Zalan Bujtas <zalan@apple.com> ASSERTION FAILED: flowThread->regionInRange(region, startRegion, endRegion) in WebCore::RenderBox::borderBoxRectInRegion https://bugs.webkit.org/show_bug.cgi?id=152113 <rdar://problem/27720221> Reviewed by David Hyatt. In a nested column context, do not process a spanner if it belongs to an inner column. While populating a flow, we search for possible spanners and construct multicolumnsets accordingly. However due to the top-down nature of populating flows, a descendant spanner could belong to an inner flow which hasn't been populated yet. This patch checks if a potential spanner has an ancestor (which is also a descendant of the flow that we are populating -> nested) that will eventually create a flow context. Test: fast/multicol/assert-with-nested-columns-and-spanner.html * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::computeColumnCountAndWidth): (WebCore::RenderBlockFlow::willCreateColumns): * rendering/RenderBlockFlow.h: * rendering/RenderMultiColumnFlowThread.cpp: (WebCore::isValidColumnSpanner): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure the z-component of transform-origin can be implicit https://bugs.webkit.org/show_bug.cgi?id=165326 Reviewed by Tim Horton. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeTransformOrigin): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix :any/:host to allow pseudo-elements. Support -webkit-border-radius. https://bugs.webkit.org/show_bug.cgi?id=165323 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::parseShorthand): * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumePseudo): 2016-12-02 Chris Dumez <cdumez@apple.com> [iOS] Tapping on an HTML validation bubble should dismiss it https://bugs.webkit.org/show_bug.cgi?id=165122 <rdar://problem/29429372> Reviewed by Simon Fraser. Tapping on an HTML validation bubble should dismiss it. Previously it did nothing. No new tests, I tried writing one but the validation popover does not show in the simulator, only on device. I believe at least one reason is that _presentingViewControllerForWebView() is required and is currently not implemented by WKTR. I'll look into this issue separately. * platform/ValidationBubble.h: * platform/ios/ValidationBubbleIOS.mm: (-[WebValidationBubbleTapRecognizer initWithPopoverController:withPopoverView:]): (-[WebValidationBubbleTapRecognizer dismissPopover]): (WebCore::ValidationBubble::ValidationBubble): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Add support for the SVG 'kerning' property https://bugs.webkit.org/show_bug.cgi?id=165315 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeKerning): (WebCore::CSSPropertyParser::parseSingleValue): 2016-12-02 Sam Weinig <sam@webkit.org> [WebIDL] Remove support for the 'Nondeterministic' extended attribute https://bugs.webkit.org/show_bug.cgi?id=165307 Reviewed by Chris Dumez. We are not currently using the WebReplay functionality that the Nondeterministic extended attribute is intended to aide. If we come back to WebReplay in the future, we can bring it back. * bindings/scripts/CodeGeneratorJS.pm: (GenerateImplementation): (GenerateImplementationFunctionCall): (GetNativeTypeForMemoization): Deleted. * bindings/scripts/IDLAttributes.txt: * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Removed. * bindings/scripts/test/JS/JSTestNondeterministic.h: Removed. * bindings/scripts/test/TestNondeterministic.idl: Removed. * page/Navigator.idl: * page/Screen.idl: 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support the -webkit-letterpress value for text-decoration https://bugs.webkit.org/show_bug.cgi?id=165313 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeTextDecorationLine): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix the color-gamut media query evaluator https://bugs.webkit.org/show_bug.cgi?id=165309 Reviewed by Zalan Bujtas). * css/MediaQueryEvaluator.cpp: (WebCore::colorGamutEvaluate): Unknown values should result in a failed match, not a successful match. 2016-12-02 Darin Adler <darin@apple.com> Remove use of WebCore::Dictionary in MediaSession https://bugs.webkit.org/show_bug.cgi?id=165296 Reviewed by Chris Dumez. I am not exactly sure of the status of this code. When I enabled it to test my changes it did not compile until I fixed some things, and it's far out of date of the latest draft of the Media Session Standard. But despite that I updated it. * DerivedSources.make: Removed a line that was breaking the build for some configurations, perhaps only for programmers from Apple, after r209198. * Modules/mediasession/MediaSession.cpp: (WebCore::MediaSession::MediaSession): Fixed so it compiles. (WebCore::MediaSession::setMetadata): Changed argument to use a struct rather htan a WebCore::Dictionary. * Modules/mediasession/MediaSession.h: Added a Metadata struct, and used it. Also fixed the arguments to the constructor. * Modules/mediasession/MediaSession.idl: Added MediaMetadata and used it instead of Dictionary. 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure margin and font set the implicit flag properly https://bugs.webkit.org/show_bug.cgi?id=165306 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeFont): (WebCore::CSSPropertyParser::consume4Values): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure the templatized consumeIdent uses CSSValuePool https://bugs.webkit.org/show_bug.cgi?id=165302 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParserHelpers.h: (WebCore::CSSPropertyParserHelpers::consumeIdent): 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix font-variant parsing https://bugs.webkit.org/show_bug.cgi?id=165301 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeFontVariantEastAsian): (WebCore::CSSPropertyParser::consumeFontVariantShorthand): Fix a bug with font-variant-east-asian parsing where the id was getting improperly consumed even when it didn't match. 2016-12-02 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix animation property parsing https://bugs.webkit.org/show_bug.cgi?id=165305 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeAnimationPropertyList): Match the old parser by only creating a list for animation properties if there are two or more comma-separated values. Otherwise just return the CSSValue for the singleton without creating a list. 2016-12-02 Gustavo Sverzut Barbieri <barbieri@profusion.mobi> Fix build break when disabling some features. https://bugs.webkit.org/show_bug.cgi?id=165254 Reviewed by Michael Catanzaro. If we disable SVG_FONTS or XSLT, then WebCore::CachedResource::isCORSSameOrigin() would have assertions on non-existent members. These should be isolated within "#if" as the other places. If we're in DEVELOPER_MODE but did not provide TEST_HYPHENATAION_PATH, then we must mark UNUSED_PARAM() if we're not on GTK port (ie: EFL). No new tests as this is a build fix. * loader/cache/CachedResource.cpp: (WebCore::CachedResource::isCORSSameOrigin): - missing #if ENABLED(SVG_FONTS) - missing #if ENABLED(XSLT) * platform/text/hyphen/HyphenationLibHyphen.cpp: (WebCore::scanTestDictionariesDirectoryIfNecessary): - missing UNUSED_PARAM() 2016-12-02 Miguel Gomez <magomez@igalia.com> [GTK] Use an OpenGL < 3.0 compliant way to request the OpenGL version https://bugs.webkit.org/show_bug.cgi?id=165253 Reviewed by Carlos Garcia Campos. Use glGetString(GL_VERSION) to get the OpenGL version, as glGetIntegerv with GL_MAJOR_VERSION and GL_MINOR_VERSION is only supported from 3.0 on. Covered by existent tests. * platform/graphics/GLContext.cpp: (WebCore::GLContext::version): 2016-12-02 Alex Christensen <achristensen@webkit.org> Fix WinCairo build after r208997 https://bugs.webkit.org/show_bug.cgi?id=165283 Reviewed by Carlos Garcia Campos. * platform/graphics/GLContext.cpp: glGetIntegerv is defined in gl2.h. GL_MAJOR_VERSION is defined in gl3.h. These are not included in the WinCairo build. 2016-11-30 Darin Adler <darin@apple.com> Stop using WebCore::Dictionary in bindings for Fetch https://bugs.webkit.org/show_bug.cgi?id=165241 Reviewed by Chris Dumez. * Modules/fetch/DOMWindowFetch.idl: Use RequestInit instead of Dictionary. No effect on code generated since this is a JSBuiltin. * Modules/fetch/FetchRequest.cpp: (WebCore::setReferrerPolicy): Deleted. Bindings handle this now. (WebCore::setMode): Ditto. (WebCore::setCredentials): Ditto. (WebCore::setCache): Ditto. (WebCore::setRedirect): Ditto. (WebCore::setReferrer): Changed argument from Dictionary to String. (WebCore::buildOptions): Changed argument from Dictionary to FetchRequest::Init, and simplified the code accordingly. (WebCore::FetchRequest::initializeOptions): Ditto. (WebCore::FetchRequest::initializeWith): Ditto. * Modules/fetch/FetchRequest.h: Updated for above changes. Also added the Init struct. * Modules/fetch/FetchRequest.idl: Added missing "only-if-cached" value to RequestCache. Added RequestInit dictionary and used it instead of Dictionary. Used more-specific string types for the method and referrer attributes; no effect at runtime, since the code for getters is the same for ByteString, USVString, and DOMString and these are read-only. * Modules/fetch/WorkerGlobalScopeFetch.idl: Use RequestInit instead of Dictionary. No effect on code generated since this is a JSBuiltin. 2016-12-01 Jiewen Tan <jiewen_tan@apple.com> Add a runtime flag for SubtleCrypto https://bugs.webkit.org/show_bug.cgi?id=164982 Reviewed by Brent Fulgham. * bindings/generic/RuntimeEnabledFeatures.h: (WebCore::RuntimeEnabledFeatures::setSubtleCryptoEnabled): (WebCore::RuntimeEnabledFeatures::subtleCryptoEnabled): * page/Crypto.idl: 2016-12-01 Saam Barati <sbarati@apple.com> Rename CallFrame::callee() to CallFrame::jsCallee() https://bugs.webkit.org/show_bug.cgi?id=165293 Reviewed by Keith Miller. * bindings/js/JSDOMConstructor.h: (WebCore::JSBuiltinConstructor<JSClass>::construct): * bindings/js/JSDataCueCustom.cpp: (WebCore::constructJSDataCue): * bindings/js/JSHTMLAllCollectionCustom.cpp: (WebCore::callHTMLAllCollection): * bindings/js/JSHTMLElementCustom.cpp: (WebCore::constructJSHTMLElement): * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::construct): * bindings/js/JSMutationObserverCustom.cpp: (WebCore::constructJSMutationObserver): * bindings/js/JSPluginElementFunctions.cpp: (WebCore::callPlugin): * bindings/js/JSWorkerCustom.cpp: (WebCore::constructJSWorker): * bindings/scripts/CodeGeneratorJS.pm: (GenerateConstructorDefinition): * bindings/scripts/test/JS/JSFloat64Array.cpp: (WebCore::JSFloat64ArrayConstructor::constructJSFloat64Array): * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructorConstructor::construct): * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::JSTestInterfaceConstructor::construct): * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: (WebCore::JSTestNamedConstructorNamedConstructor::construct): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodeConstructor::construct): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObjConstructor::construct): * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::constructJSTestOverloadedConstructors1): (WebCore::constructJSTestOverloadedConstructors2): (WebCore::constructJSTestOverloadedConstructors3): (WebCore::constructJSTestOverloadedConstructors4): (WebCore::constructJSTestOverloadedConstructors5): * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: (WebCore::constructJSTestOverloadedConstructorsWithSequence1): (WebCore::constructJSTestOverloadedConstructorsWithSequence2): * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefsConstructor::construct): * bridge/objc/objc_runtime.mm: (JSC::Bindings::callObjCFallbackObject): * bridge/runtime_method.cpp: (JSC::callRuntimeMethod): * bridge/runtime_object.cpp: (JSC::Bindings::callRuntimeObject): (JSC::Bindings::callRuntimeConstructor): 2016-12-01 Antoine Quint <graouts@apple.com> [Modern Media Controls] Fade controls in when entering and exiting fullscreen https://bugs.webkit.org/show_bug.cgi?id=165287 Reviewed by Dean Jackson. Fade controls in when we enter and leave fullscreen. Test: media/modern-media-controls/media-controller/media-controller-fade-controls-when-entering-fullscreen.html * Modules/modern-media-controls/controls/media-controls.css: (.media-controls.fade-in): (@keyframes fade-in): (to): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.prototype.presentInElement): * Modules/modern-media-controls/media/fullscreen-support.js: (FullscreenSupport.prototype.buttonWasClicked): * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._updateControlsIfNeeded): 2016-12-01 Antoine Quint <graouts@apple.com> [Modern Media Controls] Show and populate the tracks panel https://bugs.webkit.org/show_bug.cgi?id=165284 Reviewed by Dean Jackson. We added a TracksPanel in https://bugs.webkit.org/show_bug.cgi?id=165239 which allows to show a list of media tracks and text tracks to choose from. We now show this panel when clicking on the tracks button in the controls bar and populate its content with the list of audio and text tracks for the media element. As an item is picked from the tracks panel, we toggle the represented track's enabled state and dismiss the panel. We also pick up the text track container display mostly unchanged from current media controls. Tests: media/modern-media-controls/tracks-support/tracks-support-click-track-in-panel.html media/modern-media-controls/tracks-support/tracks-support-show-and-populate-panel.html * Modules/modern-media-controls/controls/macos-inline-media-controls.js: (MacOSInlineMediaControls.prototype.showTracksPanel): * Modules/modern-media-controls/controls/text-tracks.css: Added. (video::-webkit-media-text-track-container): (video::cue): (video::-webkit-media-text-track-display): (video::-webkit-media-text-track-display-backdrop): (video::cue(:future)): (video::-webkit-media-text-track-container b): (video::-webkit-media-text-track-container u): (video::-webkit-media-text-track-container i): (video::-webkit-media-text-track-container .hidden): * Modules/modern-media-controls/media/media-controller.js: (MediaController): * Modules/modern-media-controls/media/tracks-support.js: (TracksSupport): (TracksSupport.prototype.destroy): (TracksSupport.prototype.buttonWasClicked): (TracksSupport.prototype.tracksPanelNumberOfSections): (TracksSupport.prototype.tracksPanelTitleForSection): (TracksSupport.prototype.tracksPanelNumberOfTracksInSection): (TracksSupport.prototype.tracksPanelTitleForTrackInSection): (TracksSupport.prototype.tracksPanelIsTrackInSectionSelected): (TracksSupport.prototype.tracksPanelSelectionDidChange): (TracksSupport.prototype.syncControl): (TracksSupport.prototype._textTracks): (TracksSupport.prototype._audioTracks): (TracksSupport.prototype._canPickAudioTracks): (TracksSupport.prototype._canPickTextTracks): (TracksSupport.prototype._sortedTrackList): 2016-12-01 Brent Fulgham <bfulgham@apple.com> Rare crash when preparing to print https://bugs.webkit.org/show_bug.cgi?id=165280 <rdar://problem/28240254> Reviewed by Dean Jackson. * page/Frame.cpp: (WebCore::Frame::setPrinting): Only manipulate the FrameView if it is non-null. (WebCore::Frame::documentAtPoint): Drive-by fix to change a 0 return to nullptr. 2016-12-01 Simon Fraser <simon.fraser@apple.com> Put an obvious debug border on layers with backdrop filters https://bugs.webkit.org/show_bug.cgi?id=165291 Reviewed by Tim Horton. Put a wide magenta border on layers with backdrop filters, to highlight their performance impact. Change the "contents layer" color (used by WebGL, video etc) to blue. Make the clipping layer border slightly narrower. * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::getDebugBorderInfo): * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::setBackdropFilters): 2016-12-01 Brian Burg <bburg@apple.com> Fix the Windows Release build after r209198 https://bugs.webkit.org/show_bug.cgi?id=165285 Unreviewed build fix. * Modules/webdriver/NavigatorWebDriver.cpp: Brute force include all the inlines to work around a JSC issue. 2016-12-01 Dave Hyatt <hyatt@apple.com> [CSS Parser] Only allow a single font-family in @font-face https://bugs.webkit.org/show_bug.cgi?id=165278 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeFontFamilyDescriptor): (WebCore::CSSPropertyParser::parseFontFaceDescriptor): 2016-12-01 Beth Dakin <bdakin@apple.com> Blacklist Netflix for TouchBar support https://bugs.webkit.org/show_bug.cgi?id=165104 Rubber-stamped by Tim Horton. Meant to not have the www. in the first case because that is covered by the second case. * html/HTMLMediaElement.cpp: (WebCore::needsPlaybackControlsManagerQuirk): 2016-12-01 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support -webkit-overflow-scrolling: touch https://bugs.webkit.org/show_bug.cgi?id=165275 Reviewed by Zalan Bujtas. * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): 2016-12-01 Jiewen Tan <jiewen_tan@apple.com> Update SubtleCrypto::unwrapKey to match the latest spec https://bugs.webkit.org/show_bug.cgi?id=164747 <rdar://problem/29258198> Reviewed by Brent Fulgham. This patch does following few things: 1. It updates the SubtleCrypto::unwrapKey method to match the latest spec: https://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-unwrapKey. It also refers to the latest Editor's Draft to a certain degree: https://w3c.github.io/webcrypto/Overview.html#SubtleCrypto-method-unwrapKey. 2. It implements unwrapKey operations of the following algorithms: AES-KW. Tests: crypto/subtle/aes-cbc-import-key-unwrap-jwk-rsa-key-private.html crypto/subtle/aes-cbc-import-key-uwrap-jwk-rsa-key-public.html crypto/subtle/aes-kw-generate-key-wrap-key-unwrap-key.html crypto/subtle/aes-kw-import-key-unwrap-raw-key.html crypto/subtle/rsa-oaep-import-key-unwrap-jwk-oct-key.html crypto/subtle/unwrapKey-malformed-parameters.html crypto/workers/subtle/aes-cbc-import-key-unwrap-key.html crypto/workers/subtle/aes-kw-import-key-unwrap-key.html crypto/workers/subtle/rsa-oaep-import-key-unwrap-key.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::jsSubtleCryptoFunctionWrapKeyPromise): Add some comments. (WebCore::jsSubtleCryptoFunctionUnwrapKeyPromise): (WebCore::JSSubtleCrypto::unwrapKey): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::unwrapKey): * crypto/CryptoAlgorithm.h: * crypto/SubtleCrypto.idl: * crypto/algorithms/CryptoAlgorithmAES_KW.cpp: (WebCore::CryptoAlgorithmAES_KW::unwrapKey): * crypto/algorithms/CryptoAlgorithmAES_KW.h: * crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp: (WebCore::CryptoAlgorithmAES_KW::platformUnwrapKey): * crypto/mac/CryptoAlgorithmAES_KWMac.cpp: (WebCore::unwrapKeyAES_KW): (WebCore::CryptoAlgorithmAES_KW::platformUnwrapKey): (WebCore::CryptoAlgorithmAES_KW::platformDecrypt): 2016-12-01 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix font-variant parsing https://bugs.webkit.org/show_bug.cgi?id=165266 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeFontVariantEastAsian): (WebCore::consumeFontVariantAlternates): (WebCore::consumeFontVariantPosition): (WebCore::CSSPropertyParser::parseSingleValue): (WebCore::CSSPropertyParser::parseFontFaceDescriptor): (WebCore::CSSPropertyParser::consumeFontVariantShorthand): (WebCore::consumeFontVariantList): Deleted. 2016-12-01 Brian Burg <bburg@apple.com> Web Automation: expose navigator.webdriver if the page is controlled by automation https://bugs.webkit.org/show_bug.cgi?id=165245 <rdar://problem/29449874> Reviewed by Joseph Pecoraro. Move the implementation into OpenSource. It's in Modules/webdriver/. * CMakeLists.txt: * DerivedSources.make: Add new paths and files. * Modules/webdriver/NavigatorWebDriver.cpp: Added. (WebCore::NavigatorWebDriver::NavigatorWebDriver): (WebCore::NavigatorWebDriver::~NavigatorWebDriver): (WebCore::NavigatorWebDriver::supplementName): (WebCore::NavigatorWebDriver::isControlledByAutomation): (WebCore::NavigatorWebDriver::from): (WebCore::JSNavigator::webdriver): * Modules/webdriver/NavigatorWebDriver.h: Added. * Modules/webdriver/NavigatorWebDriver.idl: Added. * WebCore.xcodeproj/project.pbxproj: 2016-12-01 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Implement IDBObjectStore.getKey(). https://bugs.webkit.org/show_bug.cgi?id=165256 Reviewed by Alex Christensen. Tests: storage/indexeddb/modern/idbobjectstore-getkey-1-private.html storage/indexeddb/modern/idbobjectstore-getkey-1.html * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::get): (WebCore::IDBObjectStore::getKey): * Modules/indexeddb/IDBObjectStore.h: * Modules/indexeddb/IDBObjectStore.idl: * Modules/indexeddb/IDBRequest.cpp: (WebCore::IDBRequest::createObjectStoreGet): (WebCore::IDBRequest::IDBRequest): (WebCore::IDBRequest::requestedObjectStoreRecordType): * Modules/indexeddb/IDBRequest.h: * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::requestGetRecord): (WebCore::IDBTransaction::requestIndexRecord): (WebCore::IDBTransaction::didGetRecordOnServer): * Modules/indexeddb/IndexedDB.h: * Modules/indexeddb/server/IDBBackingStore.h: * Modules/indexeddb/server/MemoryIDBBackingStore.cpp: (WebCore::IDBServer::MemoryIDBBackingStore::getRecord): * Modules/indexeddb/server/MemoryIDBBackingStore.h: * Modules/indexeddb/server/MemoryObjectStore.h: * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord): * Modules/indexeddb/server/SQLiteIDBBackingStore.h: * Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::getRecord): (WebCore::IDBServer::UniqueIDBDatabase::performGetRecord): * Modules/indexeddb/server/UniqueIDBDatabase.h: * Modules/indexeddb/shared/IDBGetRecordData.cpp: (WebCore::IDBGetRecordData::isolatedCopy): * Modules/indexeddb/shared/IDBGetRecordData.h: (WebCore::IDBGetRecordData::encode): (WebCore::IDBGetRecordData::decode): 2016-12-01 Joseph Pecoraro <pecoraro@apple.com> Misc. cleanup in Modules/fetch https://bugs.webkit.org/show_bug.cgi?id=165240 Reviewed by Darin Adler. * Modules/fetch/DOMWindowFetch.h: * Modules/fetch/FetchBody.cpp: * Modules/fetch/FetchBody.h: * Modules/fetch/FetchBodyConsumer.cpp: * Modules/fetch/FetchBodyOwner.cpp: * Modules/fetch/FetchBodyOwner.h: * Modules/fetch/FetchInternals.js: (consumeStream): * Modules/fetch/FetchLoader.cpp: * Modules/fetch/FetchResponse.h: Remove unnecessary includes and forward declarations. * Modules/fetch/DOMWindowFetch.js: (fetch): * Modules/fetch/FetchResponse.js: (initializeFetchResponse): * Modules/fetch/WorkerGlobalScopeFetch.js: (fetch): Improve style. 2016-12-01 Antoine Quint <graouts@apple.com> [Modern Media Controls] Turn off text selection https://bugs.webkit.org/show_bug.cgi?id=165261 Reviewed by Dean Jackson. We turn off text selection and force a non-text cursor for all text in media controls. Tests: media/modern-media-controls/airplay-placard/airplay-placard-text-section.html media/modern-media-controls/pip-placard/pip-placard-text-section.html media/modern-media-controls/status-label/status-label-text-selection.html * Modules/modern-media-controls/controls/media-controls.css: (.media-controls): 2016-12-01 Chris Dumez <cdumez@apple.com> Parameter to DOMStringList.contains() should be mandatory https://bugs.webkit.org/show_bug.cgi?id=165257 Reviewed by Alex Christensen. Parameter to DOMStringList.contains() should be mandatory. Gecko and Blink have it mandatory but WebKit had it optional and the string 'undefined" was used by default, which is not helpful. No new tests, updated existing test. * dom/DOMStringList.idl: 2016-12-01 Jiewen Tan <jiewen_tan@apple.com> SubtleCrypto::deriveBits always return NOT_SUPPORTED_ERR for now https://bugs.webkit.org/show_bug.cgi?id=164745 <rdar://problem/29258118> Reviewed by Darin Adler. Since we don't support any cryptography algorithms that has deriveBits operations, SubtleCrypto::deriveBits will always return NOT_SUPPORTED_ERR for now. Test: crypto/subtle/deriveBits-malformed-parameters.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::jsSubtleCryptoFunctionDeriveBitsPromise): (WebCore::JSSubtleCrypto::deriveBits): * crypto/SubtleCrypto.idl: 2016-12-01 Eric Carlson <eric.carlson@apple.com> [MediaStream][Mac] Video presets sometimes don't work https://bugs.webkit.org/show_bug.cgi?id=165214 <rdar://problem/29444533> Reviewed by Jer Noble. * platform/mediastream/mac/AVVideoCaptureSource.h: * platform/mediastream/mac/AVVideoCaptureSource.mm: (WebCore::AVVideoCaptureSource::setPreset): Set videoSettings width and height. (WebCore::AVVideoCaptureSource::setupCaptureSession): Store videoSettings object for later use. Set videoSettings width and height. (WebCore::AVVideoCaptureSource::bestSessionPresetForVideoDimensions): (WebCore::AVVideoCaptureSource::sizeForPreset): New. 2016-12-01 Antoine Quint <graouts@apple.com> [Modern Media Controls] Promote the "on" property from AirPlayButton to IconButton https://bugs.webkit.org/show_bug.cgi?id=165260 Reviewed by Dean Jackson. With the fix for https://bugs.webkit.org/show_bug.cgi?id=165239 we now set the "on" property for the TracksButton as well, so it makes sense to provide that property for all IconButton subclasses, not just AirplayButton. Test: media/modern-media-controls/icon-button/icon-button-on.html * Modules/modern-media-controls/controls/airplay-button.css: (button.airplay.on): * Modules/modern-media-controls/controls/airplay-button.js: (AirplayButton): (AirplayButton.prototype.get on): Deleted. (AirplayButton.prototype.set on): Deleted. * Modules/modern-media-controls/controls/icon-button.css: (button.icon:active,): (button.icon:active): Deleted. * Modules/modern-media-controls/controls/icon-button.js: (IconButton.prototype.get on): (IconButton.prototype.set on): 2016-11-30 Sam Weinig <sam@webkit.org> [WebIDL] Remove custom bindings for File and Blob constructors https://bugs.webkit.org/show_bug.cgi?id=165218 Reviewed by Darin Adler. * CMakeLists.txt: * DerivedSources.make: * WebCore.xcodeproj/project.pbxproj: Add/remove new files. * bindings/js/JSBlobCustom.cpp: (WebCore::constructJSBlob): Deleted. * bindings/js/JSFileCustom.cpp: Removed. Remove custom constructors. * bindings/scripts/CodeGeneratorJS.pm: (GenerateDefaultValue): (GenerateDictionaryImplementationContent): (GenerateParametersCheck): Add support for optional sequences without default values. Move string default value optimizations into GenerateDefaultValue. * fileapi/Blob.cpp: (WebCore::Blob::Blob): * fileapi/Blob.h: (WebCore::Blob::create): * fileapi/Blob.idl: * fileapi/File.cpp: (WebCore::File::File): * fileapi/File.h: * fileapi/File.idl: Add support for the generated constructors. * fileapi/BlobBuilder.cpp: Copied from Source/WebCore/fileapi/WebKitBlobBuilder.cpp. * fileapi/BlobBuilder.h: Copied from Source/WebCore/fileapi/WebKitBlobBuilder.h. * fileapi/WebKitBlobBuilder.cpp: Removed. * fileapi/WebKitBlobBuilder.h: Removed. Rename WebKitBlobBuilder to BlobBuilder, and update to work with generated constructor. * fileapi/BlobPropertyBag.h: Added. * fileapi/BlobPropertyBag.idl: Added. Added. * fileapi/ThreadableBlobRegistry.cpp: (WebCore::ThreadableBlobRegistry::registerBlobURL): * fileapi/ThreadableBlobRegistry.h: * platform/network/BlobRegistry.h: * platform/network/BlobRegistryImpl.cpp: (WebCore::BlobRegistryImpl::registerBlobURL): * platform/network/BlobRegistryImpl.h: Avoid copies of the BlobPart Vector. * platform/network/BlobPart.h: Replace header-guards with #pragma once. 2016-12-01 Antoine Quint <graouts@apple.com> [Modern Media Controls] Provide a UI object to show a list of tracks https://bugs.webkit.org/show_bug.cgi?id=165239 Reviewed by Dean Jackson. We add a new TracksPanel object which we will be using to display a list of audio and text tracks. The tracks panel can be shown by calling showTracksPanel() on a MacOSMediaControls object and will be dismissed by hitting the Escape key or mousing down outside of the panel's bounds. While the tracks panel is up, arrows can be used to focus individual tracks which can be activated by either pressing the Space bar or Enter key. Activating a track will briefly animate its background to indicate selection and dismissing the tracks panel is also animated with a quick fade-out animation. Data for the tracks panel is provided by specifying a dataSource property and implementing the required methods to provide the number of sections in the panel, the number of tracks in each section, etc. Tests: media/modern-media-controls/tracks-panel/tracks-panel-hide-click-outside.html media/modern-media-controls/tracks-panel/tracks-panel-hide-esc-key.html media/modern-media-controls/tracks-panel/tracks-panel-hide.html media/modern-media-controls/tracks-panel/tracks-panel-population.html media/modern-media-controls/tracks-panel/tracks-panel-right-x.html media/modern-media-controls/tracks-panel/tracks-panel-select-track-with-keyboard.html media/modern-media-controls/tracks-panel/tracks-panel-select-track-with-mouse.html media/modern-media-controls/tracks-panel/tracks-panel.html * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: (.media-controls.mac.fullscreen): (.media-controls.mac.fullscreen > .controls-bar): (.media-controls.mac.fullscreen .tracks-panel): * Modules/modern-media-controls/controls/macos-inline-media-controls.css: (.media-controls.mac.inline .tracks-panel): * Modules/modern-media-controls/controls/macos-media-controls.js: (MacOSMediaControls.prototype.showTracksPanel): (MacOSMediaControls.prototype.hideTracksPanel): (MacOSMediaControls): * Modules/modern-media-controls/controls/media-controls.css: (.media-controls): * Modules/modern-media-controls/controls/placard.css: (.placard): * Modules/modern-media-controls/controls/status-label.css: (.status-label): * Modules/modern-media-controls/controls/tracks-panel.css: Added. (.tracks-panel): (.tracks-panel *): (.tracks-panel.fade-out): (.tracks-panel-section): (.tracks-panel-section:first-of-type): (.tracks-panel-section > h3): (.tracks-panel-section > ul): (.tracks-panel-section > ul > li): (.tracks-panel-section > ul > li:focus): (.tracks-panel-section > ul > li.selected:before): (.tracks-panel-section > ul > li.animated): (@keyframes tracks-panel-item-selection): (22.22%): * Modules/modern-media-controls/controls/tracks-panel.js: Added. (TracksPanel.prototype.get presented): (TracksPanel.prototype.presentInParent): (TracksPanel.prototype.hide): (TracksPanel.prototype.get rightX): (TracksPanel.prototype.set rightX): (TracksPanel.prototype.trackNodeSelectionAnimationDidEnd): (TracksPanel.prototype.mouseMovedOverTrackNode): (TracksPanel.prototype.mouseExitedTrackNode): (TracksPanel.prototype.commitProperty): (TracksPanel.prototype.handleEvent): (TracksPanel.prototype._childrenFromDataSource.): (TracksPanel.prototype._childrenFromDataSource): (TracksPanel.prototype._handleMousedown): (TracksPanel.prototype._handleKeydown): (TracksPanel.prototype._dismiss): (TracksPanel.prototype._focusTrackNode): (TracksPanel.prototype._focusPreviousTrackNode): (TracksPanel.prototype._focusNextTrackNode): (TracksPanel.prototype._focusFirstTrackNode): (TracksPanel.prototype._focusLastTrackNode): (TrackNode): (TrackNode.prototype.activate): (TrackNode.prototype.handleEvent): (TrackNode.prototype._animationDidEnd): * Modules/modern-media-controls/js-files: * WebCore.xcodeproj/project.pbxproj: 2016-12-01 Andreas Kling <akling@apple.com> Log some basic memory usage stats at interesting points in time <https://webkit.org/b/165206> Reviewed by Antti Koivisto. This patch adds a mechanism to mark points of interests where we might want to do performance-related logging: class PerformanceLogging { enum PointOfInterest { MainFrameLoadStarted, MainFrameLoadCompleted, } void didReachPointOfInterest(PointOfInterest) } You get to this object via MainFrame::performanceLogging(). We respond to these callbacks by logging some basic data about memory usage to the PerformanceLogging channel. More PointOfInterest values will be added soon. * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * loader/FrameLoader.cpp: (WebCore::FrameLoader::loadWithDocumentLoader): (WebCore::FrameLoader::setState): * page/MainFrame.cpp: (WebCore::MainFrame::MainFrame): * page/MainFrame.h: * page/PerformanceLogging.cpp: Added. (WebCore::toString): (WebCore::getMemoryUsageStatistics): (WebCore::PerformanceLogging::PerformanceLogging): (WebCore::writeLog): (WebCore::PerformanceLogging::didReachPointOfInterest): (WebCore::PerformanceLogging::getPlatformMemoryUsageStatistics): * page/PerformanceLogging.h: Added. * page/cocoa/PerformanceLoggingCocoa.mm: Added. (WebCore::PerformanceLogging::getPlatformMemoryUsageStatistics): * platform/Logging.h: 2016-11-28 Sergio Villar Senin <svillar@igalia.com> [css-grid] Move more attributes from RenderGrid to the new Grid class https://bugs.webkit.org/show_bug.cgi?id=165094 Reviewed by Darin Adler. Moved more attributes from RenderGrid to Grid as they are not really part of the state of the RenderGrid object. In particular m_autoRepeat{Columns|Rows}, m_autoRepeatEmpty{Columns|Rows} and m_orderIterator. All of them are now private attributes of the Grid class so clients should use the getters/setters provided by this patch. This change allows to definitely remove the grid{Column|Row}Count() methods from RenderGrid. These two became Grid::numTracks() which returns the number of tracks in the data structure used to represent the grid (currently a matrix). Contrary to that, RenderGrid::numTracks() returns the actual size of the grid. No new tests as this is a refactoring. * rendering/RenderGrid.cpp: (WebCore::RenderGrid::Grid::numTracks): (WebCore::RenderGrid::Grid::ensureGridSize): (WebCore::RenderGrid::Grid::setAutoRepeatTracks): (WebCore::RenderGrid::Grid::autoRepeatTracks): (WebCore::RenderGrid::Grid::setAutoRepeatEmptyColumns): (WebCore::RenderGrid::Grid::setAutoRepeatEmptyRows): (WebCore::RenderGrid::Grid::hasAutoRepeatEmptyTracks): (WebCore::RenderGrid::Grid::isEmptyAutoRepeatTrack): (WebCore::RenderGrid::Grid::autoRepeatEmptyTracks): (WebCore::RenderGrid::Grid::gridItemSpan): (WebCore::RenderGrid::Grid::clear): (WebCore::RenderGrid::RenderGrid): (WebCore::RenderGrid::computeTrackSizesForDirection): (WebCore::RenderGrid::guttersSize): (WebCore::RenderGrid::computeIntrinsicLogicalHeight): (WebCore::RenderGrid::computeUsedBreadthOfGridTracks): (WebCore::RenderGrid::rawGridTrackSize): (WebCore::RenderGrid::gridTrackSize): (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions): (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): (WebCore::RenderGrid::placeItemsOnGrid): (WebCore::RenderGrid::populateExplicitGridAndOrderIterator): (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid): (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid): (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid): (WebCore::RenderGrid::trackSizesForComputedStyle): (WebCore::RenderGrid::offsetAndBreadthForPositionedChild): (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild): (WebCore::RenderGrid::gridAreaBreadthForChild): (WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets): (WebCore::RenderGrid::populateGridPositionsForDirection): (WebCore::RenderGrid::columnAxisOffsetForChild): (WebCore::RenderGrid::rowAxisOffsetForChild): (WebCore::RenderGrid::numTracks): (WebCore::RenderGrid::paintChildren): (WebCore::RenderGrid::gridColumnCount): Deleted. (WebCore::RenderGrid::gridRowCount): Deleted. (WebCore::RenderGrid::hasAutoRepeatEmptyTracks): Deleted. (WebCore::RenderGrid::isEmptyAutoRepeatTrack): Deleted. (WebCore::RenderGrid::cachedGridSpan): Deleted. * rendering/RenderGrid.h: (WebCore::RenderGrid::autoRepeatCountForDirection): Deleted. 2016-11-30 Brady Eidson <beidson@apple.com> Unreviewed, rolling out r209168. Caused 2 API tests to fail Reverted changeset: "IndexedDB: When doing puts, don't "updateAllIndexesForAddRecord" if there are no indexes." https://bugs.webkit.org/show_bug.cgi?id=165215 http://trac.webkit.org/changeset/209168 2016-11-30 Gyuyoung Kim <gyuyoung.kim@webkit.org> Build break when using --minimal https://bugs.webkit.org/show_bug.cgi?id=165238 Reviewed by Darin Adler. * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumePseudo): Use #if ENABLE(VIDEO_TRACK) guard. 2016-11-30 Antoine Quint <graouts@apple.com> [Modern Media Controls] Add support for right-to-left layouts https://bugs.webkit.org/show_bug.cgi?id=165229 Reviewed by Dean Jackson. We implement the "usesLTRUserInterfaceLayoutDirection" property which is set by HTMLMediaElement and set a CSS class when the layout is left-to-right, flipping the fullscreen volume slider in the case that it would not be present (right-to-left). Test: media/modern-media-controls/media-controller/media-controller-fullscreen-ltr.html * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: (.media-controls.mac.fullscreen:not(.uses-ltr-user-interface-layout-direction) .volume.slider): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.prototype.get usesLTRUserInterfaceLayoutDirection): (MediaControls.prototype.set usesLTRUserInterfaceLayoutDirection): * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype.set usesLTRUserInterfaceLayoutDirection): (MediaController.prototype._updateControlsIfNeeded): 2016-11-30 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Remove unused parameter of InspectorInstrumentation::didFinishXHRLoading https://bugs.webkit.org/show_bug.cgi?id=165233 Reviewed by Brian Burg. * inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::didFinishXHRLoadingImpl): * inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::didFinishXHRLoading): * inspector/InspectorNetworkAgent.cpp: (WebCore::InspectorNetworkAgent::didFinishXHRLoading): * inspector/InspectorNetworkAgent.h: * xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::didFinishLoading): Remove unused ThreadableLoaderClient parameter. 2016-11-30 Brady Eidson <beidson@apple.com> IndexedDB: When doing puts, don't "updateAllIndexesForAddRecord" if there are no indexes. https://bugs.webkit.org/show_bug.cgi?id=165215 Reviewed by Alex Christensen. No new tests (No observable behavior change). * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord): Don't "updateAllIndexesForAddRecord" if there are no indexes. Avoiding this saved us some IDBKey serialization and Javascript object manipulation. 2016-11-30 Antoine Quint <graouts@apple.com> [Modern Media Controls] LayoutNode: only mark properties as dirty if different than current value https://bugs.webkit.org/show_bug.cgi?id=165236 Reviewed by Simon Fraser. Check that the new value is different than the current value before marking the property as dirty. * Modules/modern-media-controls/controls/layout-node.js: (LayoutNode.prototype.set x): (LayoutNode.prototype.set y): (LayoutNode.prototype.set width): (LayoutNode.prototype.set height): (LayoutNode.prototype.set visible): (performScheduledLayout): * Modules/modern-media-controls/controls/scheduler.js: (const.scheduler.new.prototype.get hasScheduledLayoutCallbacks): 2016-11-30 Jiewen Tan <jiewen_tan@apple.com> SubtleCrypto::deriveKey always return NOT_SUPPORTED_ERR for now https://bugs.webkit.org/show_bug.cgi?id=164744 <rdar://problem/29258083> Reviewed by Darin Adler. Since we don't support any cryptography algorithms that has deriveKey operations, SubtleCrypto::deriveKey will always return NOT_SUPPORTED_ERR for now. Test: crypto/subtle/deriveKey-malformed-parameters.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::jsSubtleCryptoFunctionDeriveKeyPromise): (WebCore::JSSubtleCrypto::deriveKey): * crypto/SubtleCrypto.idl: 2016-11-26 Jiewen Tan <jiewen_tan@apple.com> Update SubtleCrypto::digest to match the latest spec https://bugs.webkit.org/show_bug.cgi?id=164742 <rdar://problem/29258037> Reviewed by Darin Adler. This patch updates the SubtleCrypto::digest method to match the latest spec: https://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-digest. It also refers to the latest Editor's Draft to a certain degree: https://w3c.github.io/webcrypto/Overview.html#SubtleCrypto-method-digest. Currently supported digest algorithms are SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. Tests: crypto/subtle/digest-malformed-parameters.html crypto/subtle/sha1-digest.html crypto/subtle/sha224-digest.html crypto/subtle/sha256-digest.html crypto/subtle/sha384-digest.html crypto/subtle/sha512-digest.html crypto/workers/subtle/sha1-digest.html crypto/workers/subtle/sha224-digest.html crypto/workers/subtle/sha256-digest.html crypto/workers/subtle/sha384-digest.html crypto/workers/subtle/sha512-digest.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::jsSubtleCryptoFunctionDigestPromise): (WebCore::JSSubtleCrypto::digest): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::digest): * crypto/CryptoAlgorithm.h: * crypto/SubtleCrypto.idl: * crypto/algorithms/CryptoAlgorithmSHA1.cpp: (WebCore::CryptoAlgorithmSHA1::digest): * crypto/algorithms/CryptoAlgorithmSHA1.h: * crypto/algorithms/CryptoAlgorithmSHA224.cpp: (WebCore::CryptoAlgorithmSHA224::digest): * crypto/algorithms/CryptoAlgorithmSHA224.h: * crypto/algorithms/CryptoAlgorithmSHA256.cpp: (WebCore::CryptoAlgorithmSHA256::digest): * crypto/algorithms/CryptoAlgorithmSHA256.h: * crypto/algorithms/CryptoAlgorithmSHA384.cpp: (WebCore::CryptoAlgorithmSHA384::digest): * crypto/algorithms/CryptoAlgorithmSHA384.h: * crypto/algorithms/CryptoAlgorithmSHA512.cpp: (WebCore::CryptoAlgorithmSHA512::digest): * crypto/algorithms/CryptoAlgorithmSHA512.h: 2016-11-30 Antoine Quint <graouts@apple.com> [Modern Media Controls] UI Library: <audio> controls https://bugs.webkit.org/show_bug.cgi?id=164619 <rdar://problem/29207215> Reviewed by Dean Jackson. Add a default size for <audio> elements (200x50). Tests: media/modern-media-controls/audio/audio-controls-buttons.html media/modern-media-controls/audio/audio-controls-metrics.html * Modules/modern-media-controls/controls/media-controls.css: (:host(audio)): 2016-11-30 Brady Eidson <beidson@apple.com> REGRESSION (r209144): API test IndexedDB.DeleteRecovery failing. https://bugs.webkit.org/show_bug.cgi?id=165216 Rubberstamped by Tim Horton. * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::closeSQLiteDB): Change invalid ASSERT into a null check. 2016-11-30 Said Abou-Hallawa <sabouhallawa@apple.com> Add separate settings and preferences to enable/disable async decoding for large images and animated images https://bugs.webkit.org/show_bug.cgi?id=165177 Reviewed by Simon Fraser. Instead of having the async image decoding be controlled by one setting, two separate settings are added: largeImageAsyncDecodingEnabled animatedImageAsyncDecodingEnabled And an existing setting is removed: asyncImageDecodingEnabled * loader/cache/CachedImage.cpp: (WebCore::CachedImage::load): * loader/cache/CachedImage.h: * page/Settings.in: * platform/graphics/BitmapImage.cpp: (WebCore::BitmapImage::internalStartAnimation): * platform/graphics/BitmapImage.h: * platform/graphics/ImageObserver.h: 2016-11-30 Zalan Bujtas <zalan@apple.com> ASSERTION FAILED: layoutState->m_renderer == this in WebCore::RenderBlock::offsetFromLogicalTopOfFirstPage https://bugs.webkit.org/show_bug.cgi?id=155364 <rdar://problem/27720461> Reviewed by David Hyatt. RenderNamedFlowThread is considered to be a root for the current renderer context so we need to bail out from the containing block traversal here (like we do for the RenderView). Test: fast/replaced/replaced-element-with-percentage-width-inside-flow-asserts.html * rendering/RenderBox.cpp: (WebCore::RenderBox::computeReplacedLogicalHeightUsing): 2016-11-30 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Send operations off to the server in batches instead of one at a time. https://bugs.webkit.org/show_bug.cgi?id=165221 Reviewed by Myles C. Maxfield. No new tests (No observable behavior change). On a profile of "Lots of writes to an IndexedDB", timer scheduling/firing presented as over 10% of the time. This patch negates much of that. * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::pendingOperationTimerFired): Send 100 operations off to the server before spinning the runloop, instead of only 1. 2016-11-30 Antoine Quint <graouts@apple.com> [Modern Media Controls] Controls are not visible when returning from picture-in-picture playback https://bugs.webkit.org/show_bug.cgi?id=165183 Reviewed by Dean Jackson. We need to call MediaControlsHost::setPreparedToReturnVideoLayerToInline() when we return from picture-in-picture playback such that the video layer is correctly stacked under the media controls. We call that function in a rAF call to ensure it's performed in sync with the next scheduled layout or the media controls would not appear in sync with the video layer. We also fix an error from a previous commit in ControlsVisibilitySupport. * Modules/modern-media-controls/media/controls-visibility-support.js: (ControlsVisibilitySupport.prototype.syncControl): (ControlsVisibilitySupport): * Modules/modern-media-controls/media/media-controller.js: (MediaController): (MediaController.prototype.handleEvent): (MediaController.prototype._returnMediaLayerToInlineIfNeeded): 2016-11-30 Jiewen Tan <jiewen_tan@apple.com> Update SubtleCrypto::wrapKey to match the latest spec https://bugs.webkit.org/show_bug.cgi?id=164746 <rdar://problem/29258160> Reviewed by Brent Fulgham. This patch does following few things: 1. It updates the SubtleCrypto::wrapKey method to match the latest spec: https://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-wrapKey. It also refers to the latest Editor's Draft to a certain degree: https://w3c.github.io/webcrypto/Overview.html#SubtleCrypto-method-wrapKey. 2. It implements wrapKey operations of the following algorithms: AES-KW. 3. It also replaces JSSubtleCrypto* with auto in all promise functions. Tests: crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-private.html crypto/subtle/aes-cbc-import-key-wrap-jwk-rsa-key-public.html crypto/subtle/aes-kw-import-key-wrap-raw-key.html crypto/subtle/aes-kw-wrap-key-malformed-parameters.html crypto/subtle/rsa-oaep-import-key-wrap-jwk-oct-key.html crypto/subtle/wrapKey-malformed-parameters.html crypto/workers/subtle/aes-cbc-import-key-wrap-key.html crypto/workers/subtle/aes-kw-import-key-wrap-key.html crypto/workers/subtle/rsa-oaep-import-key-wrap-key.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::supportExportKeyThrow): (WebCore::jsSubtleCryptoFunctionEncryptPromise): (WebCore::jsSubtleCryptoFunctionDecryptPromise): (WebCore::jsSubtleCryptoFunctionExportKeyPromise): (WebCore::jsSubtleCryptoFunctionWrapKeyPromise): (WebCore::JSSubtleCrypto::wrapKey): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::wrapKey): * crypto/CryptoAlgorithm.h: * crypto/SubtleCrypto.idl: * crypto/algorithms/CryptoAlgorithmAES_KW.cpp: (WebCore::CryptoAlgorithmAES_KW::wrapKey): * crypto/algorithms/CryptoAlgorithmAES_KW.h: * crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp: (WebCore::CryptoAlgorithmAES_KW::platformWrapKey): * crypto/mac/CryptoAlgorithmAES_KWMac.cpp: (WebCore::wrapKeyAES_KW): (WebCore::CryptoAlgorithmAES_KW::platformWrapKey): (WebCore::CryptoAlgorithmAES_KW::platformEncrypt): 2016-11-29 Sam Weinig <sam@webkit.org> [WebIDL] Add support for more missing / exotic IDLTypes https://bugs.webkit.org/show_bug.cgi?id=165156 Reviewed by Alex Christensen. - Adds JSDOMConvert support for WebIDL's 'callback interface' and 'callback function'. - Adds JSDOMConvert support for WebIDL extensions for SerializedScriptValue, Dictionary, EventListener and XPathNSResolver (moving much of their special casing out of perl and into JSDOMConvert). * DerivedSources.make: Adds $(WebCore)/testing to the list of available IDL directories to keep internals compiling. * Modules/webaudio/WaveShaperNode.cpp: * Modules/webaudio/WaveShaperNode.h: Update to take curve by reference. * bindings/generic/IDLTypes.h: (WebCore::IDLWrapper): Add helper type, IDLWrapper, which serves as a base type for all IDLTypes that are RefCounted. * bindings/js/JSDOMConvert.h: (WebCore::convert): (WebCore::Converter<IDLNullable<T>>::convert): (WebCore::Converter<IDLCallbackFunction<T>>::convert): (WebCore::JSConverter<IDLCallbackFunction<T>>::convert): (WebCore::JSConverter<IDLCallbackFunction<T>>::convertNewlyCreated): (WebCore::Converter<IDLCallbackInterface<T>>::convert): (WebCore::JSConverter<IDLCallbackInterface<T>>::convert): (WebCore::JSConverter<IDLCallbackInterface<T>>::convertNewlyCreated): (WebCore::Converter<IDLSerializedScriptValue<T>>::convert): (WebCore::JSConverter<IDLSerializedScriptValue<T>>::convert): (WebCore::Converter<IDLLegacyDictionary<T>>::convert): (WebCore::Converter<IDLEventListener<T>>::convert): (WebCore::Converter<IDLXPathNSResolver<T>>::convert): (WebCore::JSConverter<IDLXPathNSResolver<T>>::convert): (WebCore::JSConverter<IDLXPathNSResolver<T>>::convertNewlyCreated): Add converters for the new types. IDLSerializedScriptValue, IDLLegacyDictionary, IDLEventListener and IDLXPathNSResolver have been templatized to avoid including their implementation classes everywhere. We can improve this in the future by splitting JSDOMConvert up into to separate files. * bindings/scripts/CodeGenerator.pm: (IsBuiltinType): (IsInterfaceType): (IsWrapperType): (ComputeIsCallbackInterface): (ComputeIsCallbackFunction): Add new predicates, IsBuiltinType and IsInterfaceType, and re-work IsWrapperType to determine all types that have a JS wrapper (and consequently a JS{name}.h file). * bindings/scripts/CodeGeneratorJS.pm: (AddToIncludesForIDLType): Update to add include for EventListener. (GetArgumentExceptionFunction): (GetArgumentExceptionThrower): (GetAttributeExceptionFunction): (GetAttributeExceptionThrower): Add support for exceptions for callbacks. (PassArgumentExpression): Factor out logic on how to pass arguments to C++. (GenerateHeader): Make toWrapped and JSDOMWrapperConverterTraits work with XPathNSResolver. (GenerateImplementation): Update to use PassArgumentExpression and pass a global object reference to JSValueToNative. (GenerateParametersCheck): Remove special casing for callbacks. (GenerateCallbackHeaderContent): (GenerateCallbackImplementationContent): Simplify toJS functions. State and global object are not necessary. (GetBaseIDLType): Add support for new types. Add assertion so that unknown types can't get through. (ShouldPassArgumentByReference): Rename from ShouldPassWrapperByReference, and merge in CodeGenerator's ShouldPassWrapperByReference. (JSValueToNativeDOMConvertNeedsThisObject): Added. Predicate to determine types that need a this object for conversion. (JSValueToNativeDOMConvertNeedsGlobalObject): Added. Predicate to determine types that need a global object for conversion. (JSValueToNative): Remove special cases for new types. (NativeToJSValueDOMConvertNeedsState): Add SerializedScriptValue and XPathNSResolver. (NativeToJSValueDOMConvertNeedsGlobalObject): Add SerializedScriptValue and XPathNSResolver. (NativeToJSValueUsingReferences): (NativeToJSValueUsingPointers): (NativeToJSValue): Remove unused $statePointer and replace $globalObject with $globalObjectReference. Remove special cases for new types. (GenerateConstructorDefinition): Use PassArgumentExpression. * bindings/scripts/test/JS/JSTestCallbackFunction.cpp: * bindings/scripts/test/JS/JSTestCallbackFunction.h: * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp: * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h: * bindings/scripts/test/JS/JSTestCallbackInterface.cpp: * bindings/scripts/test/JS/JSTestCallbackInterface.h: * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: * bindings/scripts/test/JS/JSTestObj.cpp: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: * bindings/scripts/test/JS/JSTestTypedefs.cpp: * bindings/scripts/test/TestObj.idl: * bindings/scripts/test/TestSerializedScriptValueInterface.idl: Update tests. Remove test for a readonly attribute returning a Promise, which is not supported yet (this was caught by the assertion added to GetBaseIDLType). Add tests for passing and returning SerializedScriptValues from functions. 2016-11-30 Jiewen Tan <jiewen_tan@apple.com> Update SubtleCrypto::verify to match the latest spec https://bugs.webkit.org/show_bug.cgi?id=164741 <rdar://problem/29257935> Reviewed by Brent Fulgham. This patch does following few things: 1. It updates the SubtleCrypto::verify method to match the latest spec: https://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-verify. It also refers to the latest Editor's Draft to a certain degree: https://w3c.github.io/webcrypto/Overview.html#SubtleCrypto-method-verify. 2. It implements verify operations of the following algorithms: HMAC, and RSASSA-PKCS1-V1_5. Tests: crypto/subtle/hmac-generate-key-sign-verify.html crypto/subtle/hmac-import-key-verify-sha1.html crypto/subtle/hmac-import-key-verify-sha224.html crypto/subtle/hmac-import-key-verify-sha256.html crypto/subtle/hmac-import-key-verify-sha384.html crypto/subtle/hmac-import-key-verify-sha512.html crypto/subtle/rsassa-pkcs1-v1_5-generate-key-sign-verify.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-verify-sha1.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-verify-sha224.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-verify-sha256.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-verify-sha384.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-verify-sha512.html crypto/subtle/verify-malformed-parameters.html crypto/workers/subtle/hmac-import-key-verify.html crypto/workers/subtle/rsassa-pkcs1-v1_5-import-key-verify.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::jsSubtleCryptoFunctionVerifyPromise): (WebCore::JSSubtleCrypto::verify): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::verify): * crypto/CryptoAlgorithm.h: * crypto/SubtleCrypto.idl: * crypto/algorithms/CryptoAlgorithmHMAC.cpp: (WebCore::CryptoAlgorithmHMAC::verify): * crypto/algorithms/CryptoAlgorithmHMAC.h: * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::verify): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h: * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp: (WebCore::CryptoAlgorithmHMAC::platformVerify): * crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp: (WebCore::CryptoAlgorithmHMAC::platformVerify): * crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify): * crypto/mac/CryptoAlgorithmHMACMac.cpp: (WebCore::CryptoAlgorithmHMAC::platformVerify): * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp: (WebCore::verifyRSASSA_PKCS1_v1_5): (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify): 2016-11-30 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix columns shorthand parsing https://bugs.webkit.org/show_bug.cgi?id=165210 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeColumns): (WebCore::consumeColumnWidthOrCount): Deleted. Bring over the old parser code, since it was actually better at creating implicit values for auto. 2016-11-30 Andy Estes <aestes@apple.com> [Cocoa] Pass the embedding app's bundle ID to new instances of NEFilterSource https://bugs.webkit.org/show_bug.cgi?id=165168 <rdar://problem/29003618> Reviewed by Simon Fraser. * platform/RuntimeApplicationChecks.h: Declared applicationBundleIdentifier(). * platform/RuntimeApplicationChecks.mm: (WebCore::applicationBundleIdentifier): Made non-static. * platform/cocoa/NetworkExtensionContentFilter.mm: (WebCore::NetworkExtensionContentFilter::initialize): If the new NEFilterSource instance responds to -setSourceAppBundleID:, call it with applicationBundleIdentifier(). * platform/spi/cocoa/NEFilterSourceSPI.h: Moved NEFilterSourceOptionsRedirectURL into the !USE(APPLE_INTERNAL_SDK) section and unconditionally declared @property sourceAppBundleID in a new category on NEFilterSource. 2016-11-30 Brent Fulgham <bfulgham@apple.com> Use 'childOfType' template when retrieving Shadow DOM elements https://bugs.webkit.org/show_bug.cgi?id=165145 <rdar://problem/29331830> Reviewed by Antti Koivisto. Tests: fast/shadow-dom/color-input-element-shadow-manipulation.html fast/shadow-dom/file-input-element-shadow-manipulation.html fast/shadow-dom/keygen-shadow-manipulation.html fast/shadow-dom/media-shadow-manipulation.html fast/shadow-dom/range-input-element-shadow-manipulation.html fast/shadow-dom/textarea-shadow-manipulation.html Switch to using 'childOfType' when retrieving Shadow DOM elements, rather than relying on expected element positions, as these can be changed by JavaScript. Drive by fix: Make more use of is<> and downcast<> templates rather than blindly casting. * dom/Element.h: (WebCore::Element::isUploadButton): Added. (WebCore::Element::isSliderContainerElement): Added. * html/ColorInputType.cpp: (WebCore::ColorInputType::shadowColorSwatch): Use 'childOfType' rather than assuming the first child is the one we want. * html/FileInputType.cpp: (isType): Added. (WebCore::FileInputType::disabledAttributeChanged): Use 'childOfType' rather than assuming the first child is the one we want. (WebCore::FileInputType::multipleAttributeChanged): Ditto. * html/HTMLKeygenElement.cpp: (WebCore::HTMLKeygenElement::shadowSelect): Ditto. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::mediaControls): Ditto. (WebCore::HTMLMediaElement::hasMediaControls): Ditto. * html/HTMLTextAreaElement.cpp: (WebCore::HTMLTextAreaElement::innerTextElement): Ditto. * html/RangeInputType.cpp: (WebCore::RangeInputType::sliderTrackElement): Ditto. * html/shadow/SliderThumbElement.h: (isType): Added. * svg/SVGUseElement.cpp: (WebCore::SVGUseElement::targetClone): Use 'childOfType' rather than assuming the first child is the one we want. 2016-11-30 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Cache and reuse SQLiteStatements in the SQLite backend. https://bugs.webkit.org/show_bug.cgi?id=164974 Reviewed by Alex Christensen. No new tests (No behavior change other than being faster). Instead of building new SQLiteStatements from scratch each time they're needed and then finalizing them after they're used for a single operation, we cache them. For tests that do puts and/or gets in tight loops, this shows up as a 5%-20% speedup on profiles. * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::~SQLiteIDBBackingStore): (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::renameObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::clearObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedHasIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedPutIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::renameIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::keyExistsInObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatementForGetAllObjectStoreRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::getAllObjectStoreRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedGetKeyGeneratorValue): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedSetKeyGeneratorValue): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore): (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatement): (WebCore::IDBServer::SQLiteIDBBackingStore::closeSQLiteDB): (WebCore::IDBServer::queryForGetAllObjectStoreRecords): Deleted. * Modules/indexeddb/server/SQLiteIDBBackingStore.h: 2016-11-30 Dave Hyatt <hyatt@apple.com> [CSS Parser] Make sure -webkit-background-size coalesces identical values. https://bugs.webkit.org/show_bug.cgi?id=165207 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeBackgroundSize): 2016-11-30 Eric Carlson <eric.carlson@apple.com> [MediaStream] Sync video preview layer and parent layer sizes https://bugs.webkit.org/show_bug.cgi?id=165139 Reviewed by Jer Noble. CALayer auto-resizing doesn't work on iOS, so manually reize the video capture preview layer whenever the background layer's bounds change. * platform/mediastream/mac/AVVideoCaptureSource.mm: (WebCore::AVVideoSourcePreview::AVVideoSourcePreview): Create layer observer. (WebCore::AVVideoSourcePreview::backgroundLayerBoundsChanged): Sync preview layer and background layer sizes. (WebCore::AVVideoSourcePreview::invalidate): Invalidate and clear observer. (-[WebCoreAVVideoCaptureSourceObserver initWithParent:]): (-[WebCoreAVVideoCaptureSourceObserver setParent:]): Add KVO bounds observer. (-[WebCoreAVVideoCaptureSourceObserver observeValueForKeyPath:ofObject:change:context:]): Call parent when "bounds" changes. (-[WebCoreAVVideoCaptureSourceObserver actionForKey:]): Return nil to disable all animations. 2016-11-30 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix crash in -webkit-shape-outside parsing https://bugs.webkit.org/show_bug.cgi?id=165202 Reviewed by Dean Jackson. * css/CSSBasicShapes.cpp: (WebCore::buildSerializablePositionOffset): The old parser never passed in a singleton value ID for top/right/bottom/left. The new parser does, and it exposed a bug in the serialization code for shapes that didn't properly create the offset primitive value as a percentage in those cases. 2016-11-30 Carlos Garcia Campos <cgarcia@igalia.com> [GLIB] IndexedDB: Switch to use new encoder for IDBKeyData https://bugs.webkit.org/show_bug.cgi?id=165191 Reviewed by Sergio Villar Senin. Instead of using KeyedEncoder. * Modules/indexeddb/server/IDBSerialization.cpp: (WebCore::isLegacySerializedIDBKeyData): Helper function to check whether the given data were encoded with KeyedEncoder or not. (WebCore::serializedTypeForKeyType): Remove #ifdefs for CF and always use the new encoder. (WebCore::encodeKey): Ditto. (WebCore::serializeIDBKeyData): Ditto. (WebCore::decodeKey): Ditto. (WebCore::deserializeIDBKeyData): Ditto. 2016-11-30 Joseph Pecoraro <pecoraro@apple.com> Web Inspector: Null ResourceResponse Preflight requests cause crash https://bugs.webkit.org/show_bug.cgi?id=165120 <rdar://problem/27911350> Reviewed by Brian Burg. * loader/CrossOriginPreflightChecker.cpp: (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Only inform Web Inspector about successful responses. Informing with a null response would break the expected Inspector API contract when notifying about did receive response. Also, when informing Web Inspector include a didFinishLoading event so the frontend knows this pre-flight request is complete. 2016-11-30 Brady Eidson <beidson@apple.com> REGRESSION (209086): IDB tests crash under GuardMalloc. https://bugs.webkit.org/show_bug.cgi?id=165201 Reviewed by Chris Dumez. No new tests (Covered by literally every IDB test when run under GuardMalloc). * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::commitOnServer): "Commit on Server" operations are special, in that they are the last operation a transaction does, and they remove themselves from the protector map right away. So when we remove them from the protector map we also need to remove their raw-pointer from the "in-progress" queue. 2016-11-30 Said Abou-Hallawa <sabouhallawa@apple.com> Some animated image do not animate after reseting their animations https://bugs.webkit.org/show_bug.cgi?id=165131 Reviewed by Simon Fraser. Test: fast/images/reset-image-animation.html The bug happens because the ImageFrameCache does not reset its cached frames properly when the BitmapImage rests its animation. -- We need to ignore caching the new NativeImage of an ImageFrame if the decoding thread is terminated after asynchronously calling cacheFrameNativeImageAtIndex() on the main thread through callOnMainThread(). Although the decoding thread was terminated this call is still scheduled to be executed later on the main thread. -- We need to open the m_frameRequestQueue before starting a new decoding thread. Opening m_frameRequestQueue clears the enqueued requests from the previous decoding thread and allows enqueueing requests for the new thread. -- We need to clear the ImageFrames which were being decoded at the time the decoding queue was closing and their new NativeImages were not cached. * platform/graphics/ImageFrameCache.cpp: (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Assert the NativeImage is cached for an ImageFrame which is still being decoded. (WebCore::ImageFrameCache::startAsyncDecodingQueue): Open the m_frameRequestQueue before starting the decoding thread. Don't cache the NativeImage of an ImageFrame unless the decoding thread is still alive and it the same as the one that makes the asynchronous call to cacheFrameNativeImageAtIndex(). (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Don't request an image frame to be be asynchronously decoded if it is already being decoded. (WebCore::ImageFrameCache::stopAsyncDecodingQueue): Clear the ImageFrames that were being decoded when the decoding thread terminates. * testing/Internals.cpp: (WebCore::Internals::resetImageAnimation): * testing/Internals.h: * testing/Internals.idl: Expose BitmapImage::resetAnimation() through Internals so tests can force it. 2016-11-30 Darin Adler <darin@apple.com> Streamline and speed up tokenizer and segmented string classes https://bugs.webkit.org/show_bug.cgi?id=165003 Reviewed by Sam Weinig. Profiling Speedometer on my iMac showed the tokenizer as one of the hottest functions. This patch streamlines the segmented string class, removing various unused features, and also improves some other functions seen on the Speedometer profile. On my iMac I measured a speedup of about 3%. Changes include: - Removed m_pushedChar1, m_pushedChar2, and m_empty data members from the SegmentedString class and all the code that used to handle them. - Simplified the SegmentedString advance functions so they are small enough to get inlined in the HTML tokenizer. - Updated callers to call the simpler SegmentedString advance functions that don't handle newlines in as many cases as possible. - Cut down on allocations of SegmentedString and made code move the segmented string and the strings that are moved into it rather than copying them whenever possible. - Simplified segmented string functions, removing some branches, mostly from the non-fast paths. - Removed small unused functions and small functions used in only one or two places, made more functions private and renamed for clarity. * bindings/js/JSHTMLDocumentCustom.cpp: (WebCore::documentWrite): Moved a little more of the common code in here from the two functions belwo. Removed obsolete comment saying this was not following the DOM specification because it is. Removed unneeded special cases for 1 argument and no arguments. Take a reference instead of a pointer. (WebCore::JSHTMLDocument::write): Updated for above. (WebCore::JSHTMLDocument::writeln): Ditto. * css/parser/CSSTokenizer.cpp: Added now-needed include. * css/parser/CSSTokenizer.h: Removed unneeded include. * css/parser/CSSTokenizerInputStream.h: Added definition of kEndOfFileMarker here; this is now separate from the use in the HTMLParser. In the long run, unclear to me whether it is really needed in either. * dom/Document.cpp: (WebCore::Document::prepareToWrite): Added. Helper function used by the three different variants of write. Using this may prevent us from having to construct a SegmentedString just to append one string after future refactoring. (WebCore::Document::write): Updated to take an rvalue reference and move the value through. (WebCore::Document::writeln): Use a single write call instead of two. * dom/Document.h: Changed write to take an rvalue reference to SegmentedString rather than a const reference. * dom/DocumentParser.h: Changed insert to take an rvalue reference to SegmentedString. In the future, should probably overload to take a single string since that is the normal case. * dom/RawDataDocumentParser.h: Updated for change to DocumentParser. * html/FTPDirectoryDocument.cpp: (WebCore::FTPDirectoryDocumentParser::append): Refactored a bit, just enough so that we don't need an assignment operator for SegmentedString that can copy a String. * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::insert): Updated to take an rvalue reference, and move the value through. * html/parser/HTMLDocumentParser.h: Updated for the above. * html/parser/HTMLEntityParser.cpp: (WebCore::HTMLEntityParser::consumeNamedEntity): Updated for name changes. Changed the twao calls to advance here to call advancePastNonNewline; no change in behavior, but asserts what the code was assuming before, that the character was not a newline. * html/parser/HTMLInputStream.h: (WebCore::HTMLInputStream::appendToEnd): Updated to take an rvalue reference, and move the value through. (WebCore::HTMLInputStream::insertAtCurrentInsertionPoint): Ditto. (WebCore::HTMLInputStream::markEndOfFile): Removed the code to construct a SegmentedString, overkill since we can just append an individual string. (WebCore::HTMLInputStream::splitInto): Rewrote the move idiom here to actually use move, which will reduce reference count churn and other unneeded work. * html/parser/HTMLMetaCharsetParser.cpp: (WebCore::HTMLMetaCharsetParser::checkForMetaCharset): Removed unneeded construction of a SegmentedString, just to append a string. * html/parser/HTMLSourceTracker.cpp: (WebCore::HTMLSourceTracker::HTMLSourceTracker): Moved to the class definition. (WebCore::HTMLSourceTracker::source): Updated for function name change. * html/parser/HTMLSourceTracker.h: Updated for above. * html/parser/HTMLTokenizer.cpp: Added now-needed include. (WebCore::HTMLTokenizer::emitAndResumeInDataState): Use advancePastNonNewline, since this function is never called in response to a newline character. (WebCore::HTMLTokenizer::commitToPartialEndTag): Ditto. (WebCore::HTMLTokenizer::commitToCompleteEndTag): Ditto. (WebCore::HTMLTokenizer::processToken): Use ADVANCE_PAST_NON_NEWLINE_TO macro instead of ADVANCE_TO in cases where the character we are advancing past is known not to be a newline, so we can use the more efficient advance function that doesn't check for the newline character. * html/parser/InputStreamPreprocessor.h: Moved kEndOfFileMarker to SegmentedString.h; not sure that's a good place for it either. In the long run, unclear to me whether this is really needed. (WebCore::InputStreamPreprocessor::peek): Added UNLIKELY for the empty check. Added LIKELY for the not-special character check. (WebCore::InputStreamPreprocessor::advance): Updated for the new name of the advanceAndUpdateLineNumber function. (WebCore::InputStreamPreprocessor::advancePastNonNewline): Added. More efficient than advance for cases where the last characer is known not to be a newline character. (WebCore::InputStreamPreprocessor::skipNextNewLine): Deleted. Was unused. (WebCore::InputStreamPreprocessor::reset): Deleted. Was unused except in the constructor; added initial values for the data members to replace. (WebCore::InputStreamPreprocessor::processNextInputCharacter): Removed long FIXME comment that didn't really need to be here. Reorganized a bit. (WebCore::InputStreamPreprocessor::isAtEndOfFile): Renamed and made static. * html/track/BufferedLineReader.cpp: (WebCore::BufferedLineReader::nextLine): Updated to not use the poorly named scanCharacter function to advance past a newline. Also renamed from getLine and changed to return Optional<String> instead of using a boolean to indicate failure and an out argument. * html/track/BufferedLineReader.h: (WebCore::BufferedLineReader::BufferedLineReader): Use the default, putting initial values on each data member below. (WebCore::BufferedLineReader::append): Updated to take an rvalue reference, and move the value through. (WebCore::BufferedLineReader::scanCharacter): Deleted. Was poorly named, and easy to replace with two lines of code at its two call sites. (WebCore::BufferedLineReader::reset): Rewrote to correctly clear all the data members of the class, not just the segmented string. * html/track/InbandGenericTextTrack.cpp: (WebCore::InbandGenericTextTrack::parseWebVTTFileHeader): Updated to take an rvalue reference and move the value through. * html/track/InbandGenericTextTrack.h: Updated for the above. * html/track/InbandTextTrack.h: Updated since parseWebVTTFileHeader now takes an rvalue reference. * html/track/WebVTTParser.cpp: (WebCore::WebVTTParser::parseFileHeader): Updated to take an rvalue reference and move the value through. (WebCore::WebVTTParser::parseBytes): Updated to pass ownership of the string in to the line reader append function. (WebCore::WebVTTParser::parseCueData): Use auto and WTFMove for WebVTTCueData. (WebCore::WebVTTParser::flush): More of the same. (WebCore::WebVTTParser::parse): Changed to use nextLine instead of getLine. * html/track/WebVTTParser.h: Updated for the above. * html/track/WebVTTTokenizer.cpp: (WebCore::advanceAndEmitToken): Use advanceAndUpdateLineNumber by its new name, just advance. No change in behavior. (WebCore::WebVTTTokenizer::WebVTTTokenizer): Pass a String, not a SegmentedString, to add the end of file marker. * platform/graphics/InbandTextTrackPrivateClient.h: Updated since parseWebVTTFileHeader takes an rvalue reference. * platform/text/SegmentedString.cpp: (WebCore::SegmentedString::Substring::appendTo): Moved here from the header. The only caller is SegmentedString::toString, inside this file. (WebCore::SegmentedString::SegmentedString): Deleted the copy constructor. No longer needed. (WebCore::SegmentedString::operator=): Defined a move assignment operator rather than an ordinary assignment operator, since that's what the call sites really need. (WebCore::SegmentedString::length): Simplified since we no longer need to support pushed characters. (WebCore::SegmentedString::setExcludeLineNumbers): Simplified, since we can just iterate m_otherSubstrings without an extra check. Also changed to write directly to the data member of Substring instead of using a function. (WebCore::SegmentedString::updateAdvanceFunctionPointersForEmptyString): Added. Used when we run out of characters. (WebCore::SegmentedString::clear): Removed code to clear now-deleted members. Updated for changes to other member names. (WebCore::SegmentedString::appendSubstring): Renamed from just append to avoid ambiguity with the public append function. Changed to take an rvalue reference, and move in, and added code to set m_currentCharacter properly, so the caller doesn't have to deal with that. (WebCore::SegmentedString::close): Updated to use m_isClosed by its new name. Also removed unneeded comment about assertion that fires when trying to close an already closed string. (WebCore::SegmentedString::append): Added overloads for rvalue references of both entire SegmentedString objects and of String. Streamlined to just call appendSubstring and append to the deque. (WebCore::SegmentedString::pushBack): Tightened up since we don't allow empty strings and changed to take just a string, not an entire segmented string. (WebCore::SegmentedString::advanceSubstring): Moved logic into the advancePastSingleCharacterSubstringWithoutUpdatingLineNumber function. (WebCore::SegmentedString::toString): Simplified now that we don't need to support pushed characters. (WebCore::SegmentedString::advancePastNonNewlines): Deleted. (WebCore::SegmentedString::advance8): Deleted. (WebCore::SegmentedString::advanceWithoutUpdatingLineNumber16): Renamed from advance16. Simplified now that there are no pushed characters. Also changed to access data members of m_currentSubstring directly instead of calling a function. (WebCore::SegmentedString::advanceAndUpdateLineNumber8): Deleted. (WebCore::SegmentedString::advanceAndUpdateLineNumber16): Ditto. (WebCore::SegmentedString::advancePastSingleCharacterSubstringWithoutUpdatingLineNumber): Renamed from advanceSlowCase. Removed uneeded logic to handle pushed characters. Moved code in here from advanceSubstring. (WebCore::SegmentedString::advancePastSingleCharacterSubstring): Renamed from advanceAndUpdateLineNumberSlowCase. Simplified by calling the function above. (WebCore::SegmentedString::advanceEmpty): Broke assertion up into two. (WebCore::SegmentedString::updateSlowCaseFunctionPointers): Updated for name changes. (WebCore::SegmentedString::advancePastSlowCase): Changed name and meaning of boolean argument. Rewrote to use the String class less; it's now used only when we fail to match after the first character rather than being used for the actual comparison with the literal. * platform/text/SegmentedString.h: Moved all non-trivial function bodies out of the class definition to make things easier to read. Moved the SegmentedSubstring class inside the SegmentedString class, making it a private struct named Substring. Removed the m_ prefix from data members of the struct, removed many functions from the struct and made its union be anonymous instead of naming it m_data. Removed unneeded StringBuilder.h include. (WebCore::SegmentedString::isEmpty): Changed to use the length of the substring instead of a separate boolean. We never create an empty substring, nor leave one in place as the current substring unless the entire segmented string is empty. (WebCore::SegmentedString::advancePast): Updated to use the new member function template instead of a non-template member function. The new member function is entirely rewritten and does the matching directly rather than allocating a string just to do prefix matching. (WebCore::SegmentedString::advancePastLettersIgnoringASCIICase): Renamed to make it clear that the literal must be all non-letters or lowercase letters as with the other "letters ignoring ASCII case" functions. The three call sites all fit the bill. Implement by calling the new function template. (WebCore::SegmentedString::currentCharacter): Renamed from currentChar. (WebCore::SegmentedString::Substring::Substring): Use an rvalue reference and move the string in. (WebCore::SegmentedString::Substring::currentCharacter): Simplified since this is never used on an empty substring. (WebCore::SegmentedString::Substring::incrementAndGetCurrentCharacter): Ditto. (WebCore::SegmentedString::SegmentedString): Overload to take an rvalue reference. Simplified since there are now fewer data members. (WebCore::SegmentedString::advanceWithoutUpdatingLineNumber): Renamed from advance, since this is only safe to use if there is some reason it is OK to skip updating the line number. (WebCore::SegmentedString::advance): Renamed from advanceAndUpdateLineNumber, since doing that is the normal desired behavior and not worth mentioning in the public function name. (WebCore::SegmentedString::advancePastNewline): Renamed from advancePastNewlineAndUpdateLineNumber. (WebCore::SegmentedString::numberOfCharactersConsumed): Greatly simplified since pushed characters are no longer supported. (WebCore::SegmentedString::characterMismatch): Added. Used by advancePast. * xml/parser/CharacterReferenceParserInlines.h: (WebCore::unconsumeCharacters): Use toString rather than toStringPreserveCapacity because the SegmentedString is going to take ownership of the string. (WebCore::consumeCharacterReference): Updated to use the pushBack that takes just a String, not a SegmentedString. Also use advancePastNonNewline. * xml/parser/MarkupTokenizerInlines.h: Added ADVANCE_PAST_NON_NEWLINE_TO. * xml/parser/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::insert): Updated since this takes an rvalue reference. (WebCore::XMLDocumentParser::append): Removed unnecessary code to create a SegmentedString. * xml/parser/XMLDocumentParser.h: Updated for above. Also fixed indentation and initialized most data members. * xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::XMLDocumentParser::XMLDocumentParser): Moved most data member initialization into the class definition. (WebCore::XMLDocumentParser::resumeParsing): Removed code that copied a segmented string, but converted the whole thing into a string before using it. Now we convert to a string right away. 2016-11-30 Csaba Osztrogonác <ossy@webkit.org> Unreviewed speculative cmake buildfix after r209070. * PlatformMac.cmake: New sources added. 2016-11-29 Philippe Normand <pnormand@igalia.com> [WebRTC][OpenWebRTC] Temporary device selection support https://bugs.webkit.org/show_bug.cgi?id=165141 Reviewed by Alejandro G. Castro. Make sure the player handles only one audio and video track at most for now. The device choice can be influenced with the WEBKIT_VIDEO_DEVICE and WEBKIT_AUDIO_DEVICE environment variables. Each variable optionally holds the name of the device to use. * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: (WebCore::MediaPlayerPrivateGStreamerOwr::play): (WebCore::MediaPlayerPrivateGStreamerOwr::load): 2016-11-29 Claudio Saavedra <csaavedra@igalia.com> Build fix with !HAVE(ACCESSIBILITY) * accessibility/AXObjectCache.h: (WebCore::AccessibilityReplacedText::AccessibilityReplacedText): (WebCore::AccessibilityReplacedText::postTextStateChangeNotification): Add dummy implementations. 2016-11-29 Commit Queue <commit-queue@webkit.org> Unreviewed, rolling out r209058 and r209074. https://bugs.webkit.org/show_bug.cgi?id=165188 These changes caused API test StringBuilderTest.Equal to crash and/or fail. (Requested by ryanhaddad on #webkit). Reverted changesets: "Streamline and speed up tokenizer and segmented string classes" https://bugs.webkit.org/show_bug.cgi?id=165003 http://trac.webkit.org/changeset/209058 "REGRESSION (r209058): API test StringBuilderTest.Equal crashing" https://bugs.webkit.org/show_bug.cgi?id=165142 http://trac.webkit.org/changeset/209074 2016-11-29 Nan Wang <n_wang@apple.com> AX: ARIA tree & treeitem roles & aria-expanded state not spoken to VoiceOver iOS 10 https://bugs.webkit.org/show_bug.cgi?id=164936 <rdar://problem/29334274> Reviewed by Chris Fleizach. Added a new container type on iOS for trees. Also, since the treeitem role is ignored on iOS, we should expose the expanded status of a treeitem to its accessible children. Test: accessibility/ios-simulator/treeitem-expanded.html * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm: (-[WebAccessibilityObjectWrapper _accessibilityTreeAncestor]): (-[WebAccessibilityObjectWrapper treeItemParentForObject:]): (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]): (-[WebAccessibilityObjectWrapper accessibilityIsExpanded]): 2016-11-29 Chris Dumez <cdumez@apple.com> Unreviewed, rolling out r209096, r209104, and r209114. Caused over 200 layout test failures on the bots Reverted changesets: "IndexedDB 2.0: Cache and reuse SQLiteStatements in the SQLite backend." https://bugs.webkit.org/show_bug.cgi?id=164974 http://trac.webkit.org/changeset/209096 "Followup to:" https://bugs.webkit.org/show_bug.cgi?id=164974 http://trac.webkit.org/changeset/209104 "REGRESSION (r209104): storage/indexeddb/modern/gc-closes- database(-private).html timeout." https://bugs.webkit.org/show_bug.cgi?id=165186 http://trac.webkit.org/changeset/209114 2016-11-29 Antoine Quint <graouts@apple.com> [Modern Media Controls] Localization https://bugs.webkit.org/show_bug.cgi?id=165176 Reviewed by Dean Jackson. We add a new localization file for the purpose of modern media controls, since we may require different strings than the legacy one. * English.lproj/modern-media-controls-localized-strings.js: Added. * Modules/modern-media-controls/controls/airplay-placard.js: (AirplayPlacard): * Modules/modern-media-controls/controls/pip-placard.js: (PiPPlacard): * Modules/modern-media-controls/main.js: (UIString): * Modules/modern-media-controls/media/status-support.js: (StatusSupport.prototype.syncControl): (StatusSupport): * WebCore.xcodeproj/project.pbxproj: * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::mediaControlsScript): 2016-11-29 Antoine Quint <graouts@apple.com> [Modern Media Controls] Show an invalid placard when we fail to load a media file https://bugs.webkit.org/show_bug.cgi?id=165180 Reviewed by Dean Jackson. We now show a placard with an "invalid" icon when we fail to load the media file. Tests: media/modern-media-controls/invalid-placard/invalid-placard.html media/modern-media-controls/placard-support/placard-support-error.html * Modules/modern-media-controls/controls/icon-service.js: * Modules/modern-media-controls/controls/invalid-placard.js: Added. (InvalidPlacard): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.prototype.get showsStartButton): (MediaControls.prototype.set showsStartButton): (MediaControls.prototype.get showsPlacard): (MediaControls.prototype.hidePlacard): (MediaControls.prototype._invalidateChildren): * Modules/modern-media-controls/controls/placard.css: (.placard .icon): * Modules/modern-media-controls/images/iOS/invalid-placard@1x.png: Added. * Modules/modern-media-controls/images/iOS/invalid-placard@2x.png: Added. * Modules/modern-media-controls/images/iOS/invalid-placard@3x.png: Added. * Modules/modern-media-controls/images/macOS/invalid-placard@1x.png: Added. * Modules/modern-media-controls/images/macOS/invalid-placard@2x.png: Added. * Modules/modern-media-controls/js-files: * Modules/modern-media-controls/media/placard-support.js: (PlacardSupport.prototype.get mediaEvents): (PlacardSupport.prototype._updatePlacard): (PlacardSupport): * WebCore.xcodeproj/project.pbxproj: 2016-11-29 Antoine Quint <graouts@apple.com> [Modern Media Controls] Only show controls when the controls attribute is set https://bugs.webkit.org/show_bug.cgi?id=165175 We now respect the value of the media's "controls" attribute so that the start button and the controls bar are only shown when that attribute is set to "true". Reviewed by Dean Jackson. Tests: media/modern-media-controls/controls-visibility-support/controls-visibility-support-controls-off-audio.html media/modern-media-controls/controls-visibility-support/controls-visibility-support-controls-off.html media/modern-media-controls/controls-visibility-support/controls-visibility-support-controls-on-audio.html media/modern-media-controls/controls-visibility-support/controls-visibility-support-controls-on.html media/modern-media-controls/controls-visibility-support/controls-visibility-support-controls-toggle.html * Modules/modern-media-controls/controls/controls-bar.js: Added. (ControlsBar): * Modules/modern-media-controls/controls/media-controls.js: (MediaControls.): Deleted. * Modules/modern-media-controls/js-files: * Modules/modern-media-controls/media/controls-visibility-support.js: Added. (ControlsVisibilitySupport): (ControlsVisibilitySupport.prototype.destroy): (ControlsVisibilitySupport.prototype.get mediaEvents): (ControlsVisibilitySupport.prototype.syncControl): * Modules/modern-media-controls/media/media-controller-support.js: (MediaControllerSupport): (MediaControllerSupport.prototype.handleEvent): * Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._updateControlsIfNeeded): * WebCore.xcodeproj/project.pbxproj: 2016-11-29 Brady Eidson <beidson@apple.com> Followup to: IndexedDB 2.0: Cache and reuse SQLiteStatements in the SQLite backend. https://bugs.webkit.org/show_bug.cgi?id=164974 Unreviewed. * Modules/indexeddb/IDBTransaction.h: Until I can explore further why these operations are not protected in the map, change these raw pointers to RefPtrs. This fixes issues seen under GuardMalloc. 2016-11-29 Antoine Quint <graouts@apple.com> [Modern Media Controls] Inline controls show when entering fullscreen https://bugs.webkit.org/show_bug.cgi?id=165161 Reviewed by Dean Jackson. We would error when entering fullscreen due to the TracksSupport having its destroy() method called when tearing down the inline controls and the `mediaController` reference being incorrect. * Modules/modern-media-controls/media/tracks-support.js: (TracksSupport.prototype.destroy): 2016-11-29 Antoine Quint <graouts@apple.com> [Modern Media Controls] Status text stuck saying "Loading" after media starts playing https://bugs.webkit.org/show_bug.cgi?id=165162 Reviewed by Dean Jackson. We forgot to handle the case where none of the special messages need to be set and the status text should be just an empty string, meaning there is no status text shown in the controls bar and the scrubber appears instead. Test: media/modern-media-controls/status-support/status-support-playing.html * Modules/modern-media-controls/media/status-support.js: (StatusSupport.prototype.syncControl): (StatusSupport): 2016-11-29 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Cache and reuse SQLiteStatements in the SQLite backend. https://bugs.webkit.org/show_bug.cgi?id=164974 Reviewed by Alex Christensen. No new tests (No behavior change other than being faster). Instead of building new SQLiteStatements from scratch each time they're needed and then finalizing them after used for a single operation, cache them. For tests that do puts and/or gets in tight loops, this shows up as a 5%-20% speedup on profiles. * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::renameObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::clearObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedHasIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedPutIndexRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::renameIndex): (WebCore::IDBServer::SQLiteIDBBackingStore::keyExistsInObjectStore): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::addRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::getBlobRecordsForObjectStoreRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord): (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatementForGetAllObjectStoreRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::getAllObjectStoreRecords): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedGetKeyGeneratorValue): (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedSetKeyGeneratorValue): (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore): (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatement): (WebCore::IDBServer::SQLiteIDBBackingStore::closeSQLiteDB): (WebCore::IDBServer::queryForGetAllObjectStoreRecords): Deleted. * Modules/indexeddb/server/SQLiteIDBBackingStore.h: 2016-11-22 Jiewen Tan <jiewen_tan@apple.com> Update SubtleCrypto::sign to match the latest spec https://bugs.webkit.org/show_bug.cgi?id=164740 <rdar://problem/29257864> Reviewed by Brent Fulgham. This patch does following few things: 1. It updates the SubtleCrypto::sign method to match the latest spec: https://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-sign. It also refers to the latest Editor's Draft to a certain degree: https://w3c.github.io/webcrypto/Overview.html#SubtleCrypto-method-sign. 2. It implements sign operations of the following algorithms: HMAC, and RSASSA-PKCS1-V1_5. 3. It also replaces promise.copyRef() with WTFMove(promise) for all the capture lists of exception callbacks in promise functions. Tests: crypto/subtle/hmac-import-key-sign-sha1.html crypto/subtle/hmac-import-key-sign-sha224.html crypto/subtle/hmac-import-key-sign-sha256.html crypto/subtle/hmac-import-key-sign-sha384.html crypto/subtle/hmac-import-key-sign-sha512.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-sign-sha1.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-sign-sha224.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-sign-sha256.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-sign-sha384.html crypto/subtle/rsassa-pkcs1-v1_5-import-key-sign-sha512.html crypto/subtle/sign-malformed-parameters.html crypto/workers/subtle/hmac-import-key-sign.html crypto/workers/subtle/rsassa-pkcs1-v1_5-import-key-sign.html * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::jsSubtleCryptoFunctionDecryptPromise): Fix a minor bug. (WebCore::jsSubtleCryptoFunctionEncryptPromise): (WebCore::jsSubtleCryptoFunctionDecryptPromise): (WebCore::jsSubtleCryptoFunctionSignPromise): (WebCore::jsSubtleCryptoFunctionGenerateKeyPromise): (WebCore::jsSubtleCryptoFunctionImportKeyPromise): (WebCore::jsSubtleCryptoFunctionExportKeyPromise): (WebCore::JSSubtleCrypto::sign): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::sign): * crypto/CryptoAlgorithm.h: * crypto/SubtleCrypto.idl: * crypto/algorithms/CryptoAlgorithmHMAC.cpp: (WebCore::CryptoAlgorithmHMAC::sign): * crypto/algorithms/CryptoAlgorithmHMAC.h: * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::sign): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h: * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp: (WebCore::CryptoAlgorithmHMAC::platformSign): * crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp: (WebCore::CryptoAlgorithmHMAC::platformSign): * crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign): * crypto/mac/CryptoAlgorithmHMACMac.cpp: (WebCore::commonCryptoHMACAlgorithm): (WebCore::calculateSignature): Remove a null guardance since the depending bug is resolved. (WebCore::CryptoAlgorithmHMAC::platformSign): (WebCore::CryptoAlgorithmHMAC::platformVerify): * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp: (WebCore::signRSASSA_PKCS1_v1_5): (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign): 2016-11-29 Chris Dumez <cdumez@apple.com> Can't download move.simple.com direct deposit transition PDF: Non user-triggered activations of anchors that have a download attribute are ignored https://bugs.webkit.org/show_bug.cgi?id=165148 <rdar://problem/29421771> Reviewed by Daniel Bates. We were ignoring non user-triggered activations of anchors that have a download attribute which is stricter than Chrome and Firefox and breaks downloads on move.simple.com. This patch relaxes our policy to allow simulated clicks on such links, similarly to other browsers. Web authors can anyway already trigger downloads using script by setting window.location to a specific URL and serving to right HTTP headers to trigger a download. Note that our previous behavior matches the current version of the specification so I also filed a bug against the HTML specification to see if we can get it changed to match the behavior of browsers: - https://github.com/whatwg/html/issues/2116 No new tests, updated existing test. * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::handleClick): 2016-11-29 Andy Estes <aestes@apple.com> [Cocoa] Enable two clang warnings recommended by Xcode https://bugs.webkit.org/show_bug.cgi?id=164498 Reviewed by Mark Lam. * Configurations/Base.xcconfig: Enabled CLANG_WARN_INFINITE_RECURSION and CLANG_WARN_SUSPICIOUS_MOVE. 2016-11-29 Wenson Hsieh <wenson_hsieh@apple.com> Address post-review feedback following r209070 (AppKit momentum scrolling adoption for scroll snapping) https://bugs.webkit.org/show_bug.cgi?id=165147 Reviewed by Simon Fraser. Addresses some additional review feedback after r209070, which adopts _NSScrollingMomentumCalculator for scroll snapping. See individual changes below for more details. No new tests, since there is no behavior change. * page/EventHandler.cpp: (WebCore::handleWheelEventInAppropriateEnclosingBox): (WebCore::EventHandler::defaultWheelEventHandler): * page/Page.cpp: (WebCore::Page::ensureTestTrigger): * page/WheelEventDeltaFilter.cpp: (WebCore::WheelEventDeltaFilter::filteredVelocity): * page/WheelEventDeltaFilter.h: * page/mac/WheelEventDeltaFilterMac.mm: (WebCore::WheelEventDeltaFilterMac::updateFromDelta): * page/scrolling/AsyncScrollingCoordinator.cpp: (WebCore::AsyncScrollingCoordinator::updateExpectsWheelEventTestTriggerWithFrameView): * page/scrolling/AsyncScrollingCoordinator.h: * page/scrolling/ScrollingCoordinator.h: (WebCore::ScrollingCoordinator::updateExpectsWheelEventTestTriggerWithFrameView): Rather than force a complete layout pass when the Page first acquires a WheelEventTestTrigger, we now simply have the scrolling coordinator update its frame node to expect a wheel event test trigger. * page/scrolling/ScrollingMomentumCalculator.cpp: (WebCore::ScrollingMomentumCalculator::ScrollingMomentumCalculator): (WebCore::ScrollingMomentumCalculator::create): (WebCore::BasicScrollingMomentumCalculator::BasicScrollingMomentumCalculator): (WebCore::BasicScrollingMomentumCalculator::scrollOffsetAfterElapsedTime): (WebCore::BasicScrollingMomentumCalculator::animationDuration): (WebCore::BasicScrollingMomentumCalculator::initializeSnapProgressCurve): (WebCore::BasicScrollingMomentumCalculator::animationProgressAfterElapsedTime): * page/scrolling/ScrollingMomentumCalculator.h: * page/scrolling/mac/ScrollingMomentumCalculatorMac.h: * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm: (WebCore::ScrollingMomentumCalculator::create): (WebCore::ScrollingMomentumCalculatorMac::ScrollingMomentumCalculatorMac): (WebCore::ScrollingMomentumCalculatorMac::scrollOffsetAfterElapsedTime): (WebCore::ScrollingMomentumCalculatorMac::animationDuration): (WebCore::ScrollingMomentumCalculatorMac::ensurePlatformMomentumCalculator): * platform/PlatformWheelEvent.h: (WebCore::PlatformWheelEvent::copyWithDeltasAndVelocity): (WebCore::PlatformWheelEvent::scrollingVelocity): Change scrolling velocity in PlatformWheelEvent to be a FloatSize instead of a FloatPoint. This change propagates to the ScrollController, where state variables and arguments pertaining to scrolling velocity are also now sizes instead of points. * platform/cocoa/ScrollController.h: * platform/cocoa/ScrollController.mm: (WebCore::ScrollController::scheduleStatelessScrollSnap): * platform/cocoa/ScrollSnapAnimatorState.h: * platform/cocoa/ScrollSnapAnimatorState.mm: (WebCore::ScrollSnapAnimatorState::transitionToGlideAnimationState): (WebCore::ScrollSnapAnimatorState::setupAnimationForState): (WebCore::ScrollSnapAnimatorState::teardownAnimationForState): (WebCore::ScrollSnapAnimatorState::currentAnimatedScrollOffset): Refactor elapsed time to be Seconds instead of double. Additionally, use MonotonicTime::now() instead of monotonicallyIncreasingTime(), and MonotonicTime instead of double for keeping track of the start time. * platform/spi/mac/NSScrollingMomentumCalculatorSPI.h: 2016-11-29 Brady Eidson <beidson@apple.com> IndexedDB 2.0: The client's transaction operation queue should flush as much to the server as possible. https://bugs.webkit.org/show_bug.cgi?id=164932 Reviewed by Alex Christensen. No new tests (No new test necessary, covered extensively by all existing tests). Profiles showed that on tests with lots of rapid IDBRequests in a row, both the main thread and database threads were largely idle. The explanation was simple. Currently the client IDBTransaction queues up operations and only vends them out to the server 1 at a time, waiting for the previous operation to complete. While some operations do need to wait for the server to reply, by making the change to send most operations (all operations with an associated IDBRequest) to the server without waiting we get rid of most of the idleness. It is possible we can find a few other types of operations to send without waiting, but we haven't yet seen any test case where they would show up on profiles. Sending more than one operation at a time was actually a very small part of this change. As many "edge case" regression tests revealed, we also needed to start having IDBTransaction track all of their "in progress" operations such that they could be aborted on the client side in exceptional circumstances. * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::abortInProgressOperations): Abort's all in-progress operations (ones that have already been sent to the server) (WebCore::IDBTransaction::abortOnServerAndCancelRequests): Abort in-progress operations before pending ones. (WebCore::IDBTransaction::operationTimerFired): If we just started an operation with an associated IDBRequest, schedule the timer to send another one right away. (WebCore::IDBTransaction::operationDidComplete): (WebCore::IDBTransaction::connectionClosedFromServer): Abort in-progress operations before pending ones. * Modules/indexeddb/IDBTransaction.h: * Modules/indexeddb/client/TransactionOperation.cpp: (WebCore::IDBClient::TransactionOperation::TransactionOperation): * Modules/indexeddb/client/TransactionOperation.h: (WebCore::IDBClient::TransactionOperation::completed): (WebCore::IDBClient::TransactionOperation::hasIDBRequest): 2016-11-29 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix ::cue parsing https://bugs.webkit.org/show_bug.cgi?id=165152 Reviewed by Zalan Bujtas. * css/parser/CSSParserValues.h: (WebCore::CSSParserSelector::setPseudoElementType): * css/parser/CSSSelectorParser.cpp: (WebCore::isOnlyPseudoClassFunction): (WebCore::isOnlyPseudoElementFunction): (WebCore::CSSSelectorParser::consumePseudo): (WebCore::isPseudoClassFunction): Deleted. (WebCore::isPseudoElementFunction): Deleted. 2016-11-28 Gavin Barraclough <barraclough@apple.com> HTMLMediaElement::updateVolume should updateIsPlayingMedia https://bugs.webkit.org/show_bug.cgi?id=165132 Reviewed by Darin Adler & Jer Noble. HTMLMediaElement::mediaState takes the volume into account when determining whether media is playing (audio is not considered to be playing if volume is 0). As such, any change to the volume may require mediaState to be recomputed. * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::updateVolume): 2016-11-29 Daniel Bates <dabates@apple.com> Avoid ref-count churn in ShadowParseContext::commitColor() https://bugs.webkit.org/show_bug.cgi?id=165125 Reviewed by Simon Fraser. Avoid ref-count churn in ShadowParseContext::commitColor() by moving the passed color into its instance variable. Also modified ShadowParseContext::commitColor() to take a Ref<> instead of a RefPtr<> because it is never passed a nullptr. * css/parser/CSSParser.cpp: (WebCore::ShadowParseContext::commitColor): 2016-11-29 Daniel Bates <dabates@apple.com> Avoid ref-count churn in CSSParser::ValueWithCalculation::setCalculation() https://bugs.webkit.org/show_bug.cgi?id=165127 Reviewed by Simon Fraser. Use WTFMove() to move the passed RefPtr into CSSParser::ValueWithCalculation::m_calculation instead of copying it. * css/parser/CSSParser.h: (WebCore::CSSParser::ValueWithCalculation::setCalculation): 2016-11-29 Daniel Bates <dabates@apple.com> CryptoAlgorithm::generateKey() should take lvalue reference to const CryptoAlgorithmParameters https://bugs.webkit.org/show_bug.cgi?id=165111 Reviewed by Darin Adler. CryptoAlgorithm::generateKey() and its overrides always expect to receive a non-null pointer to a CryptoAlgorithmParameter object and never take ownership of it. This kind of relationship is best expressed by modifying CryptoAlgorithm::generateKey() to take a lvalue reference to a const CryptoAlgorithmParameter object. * bindings/js/JSSubtleCryptoCustom.cpp: (WebCore::jsSubtleCryptoFunctionGenerateKeyPromise): * crypto/CryptoAlgorithm.cpp: (WebCore::CryptoAlgorithm::generateKey): * crypto/CryptoAlgorithm.h: * crypto/algorithms/CryptoAlgorithmAES_CBC.cpp: (WebCore::CryptoAlgorithmAES_CBC::generateKey): * crypto/algorithms/CryptoAlgorithmAES_CBC.h: * crypto/algorithms/CryptoAlgorithmAES_KW.cpp: (WebCore::CryptoAlgorithmAES_KW::generateKey): * crypto/algorithms/CryptoAlgorithmAES_KW.h: * crypto/algorithms/CryptoAlgorithmHMAC.cpp: (WebCore::CryptoAlgorithmHMAC::generateKey): * crypto/algorithms/CryptoAlgorithmHMAC.h: * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::generateKey): * crypto/algorithms/CryptoAlgorithmRSAES_PKCS1_v1_5.h: * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp: (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::generateKey): * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h: * crypto/algorithms/CryptoAlgorithmRSA_OAEP.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::generateKey): * crypto/algorithms/CryptoAlgorithmRSA_OAEP.h: 2016-11-29 Andy Estes <aestes@apple.com> window.name leaks information across domains https://bugs.webkit.org/show_bug.cgi?id=158216 <rdar://problem/14548481> Reviewed by Brent Fulgham. When updating the history after a cross-origin navigation, the HTML Standard says: "If the browsing context is a top-level browsing context, but not an auxiliary browsing context, then set the browsing context's name to the empty string." https://html.spec.whatwg.org/multipage/browsers.html#resetBCName Tests: http/tests/security/window-name-after-cross-origin-aux-frame-navigation.html http/tests/security/window-name-after-cross-origin-main-frame-navigation.html http/tests/security/window-name-after-cross-origin-sub-frame-navigation.html http/tests/security/window-name-after-same-origin-aux-frame-navigation.html http/tests/security/window-name-after-same-origin-main-frame-navigation.html http/tests/security/window-name-after-same-origin-sub-frame-navigation.html * loader/FrameLoader.cpp: (WebCore::shouldClearWindowName): Returns true if frame is a main frame with no opener and newDocument does not have the same origin as the frame's current document. (WebCore::FrameLoader::clear): Changed to set m_frame's name to nullAtom if clearWindowProperties and shouldClearWindowName() are true. * page/SecurityOrigin.cpp: (WebCore::SecurityOrigin::canAccessStorage): Changed to call isSameOriginAs() and check m_universalAccess. (WebCore::SecurityOrigin::isSameOriginAs): Renamed from isThirdParty(); removed the check for m_universalAccess. (WebCore::SecurityOrigin::isThirdParty): Renamed to isSameOriginAs(). * page/SecurityOrigin.h: Renamed isThirdParty() to isSameOriginAs() and made it public. 2016-11-29 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix parsing of "all" in transitions https://bugs.webkit.org/show_bug.cgi?id=165144 Reviewed by Dean Jackson. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeTransitionProperty): 2016-11-29 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix @page rule parsing https://bugs.webkit.org/show_bug.cgi?id=165143 Reviewed by Zalan Bujtas. * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::parsePageSelector): 2016-11-29 Wenson Hsieh <wenson_hsieh@apple.com> Unreviewed, fix the build after r209070 -[ScrollingMomentumCalculatorMac calculateToReachDestination] is only available on Sierra. * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm: (WebCore::ScrollingMomentumCalculatorMac::ensurePlatformMomentumCalculator): * platform/spi/mac/NSScrollingMomentumCalculatorSPI.h: 2016-11-28 Wenson Hsieh <wenson_hsieh@apple.com> Scroll snapping on Mac should use AppKit animations https://bugs.webkit.org/show_bug.cgi?id=147261 <rdar://problem/29395293> Reviewed by Brent Fulgham. Refactors the scroll snapping animation logic to support arbitrary scrolling momentum calculators and introduces ScrollingMomentumCalculatorMac, which wraps AppKit's _NSScrollingMomentumCalculator. On macOS El Capitan and later, we use the platform scrolling momentum calculator and for all other cases, we fall back to the preexissting platform-invariant momentum calculator. Previously, the scroll snapping animation logic was shared between the ScrollSnapAnimatorState and ScrollController -- namely, the ScrollController would update various parameters of the ScrollSnapAnimatorState and then tell it to compute animation-specific constants and coefficients. After this patch, ScrollController will no longer directly set the ScrollSnapAnimatorState's member variables. Instead, it will tell the animator state to transition to a new ScrollSnapState with the necessary parameters, and the ScrollSnapAnimatorState is responsible for modifying itself accordingly. Furthermore, logic pertaining to computing animated scroll offsets is now split out into a new ScrollingMomentumCalculator, which may have different platform-dependent implementations. The correct calculator is initialized via ScrollingMomentumCalculator::create, which currently returns a ScrollingMomentumCalculatorMac on El Capitan and later, and a BasicScrollingMomentumCalculator otherwise. The new abstracted ScrollingMomentumCalculator is initialized with various parameters describing the scrolled content and viewport, as well as the initial and target scrolling offsets. The momentum calculator is then able to compute the animated scroll offset at any given elapsed time, as well as the total duration of the snapping animation. The ScrollController's scroll snap timer uses this information (via the ScrollSnapAnimatorState) to animate its client's scroll offset during a snap or glide. Also reenables 8 failing and/or flaky scroll snapping tests and adds a new layout test. This patch addresses two causes for failures and flakiness in these scroll snapping tests: 1. When starting or stopping the scroll snap animation timer, we call deferTestsForReason and removeTestDeferralForReason, respectively. These were actually noops for the first simulated scroll gesture on each of the failing mainframe scrolling tests due to m_expectsWheelEventTestTrigger being false. This member variable is updated when AsyncScrollingCoordinator::frameViewLayoutUpdated is invoked, wherein we call ScrollingStateFrameScrollingNode::setExpectsWheelEventTestTrigger(true) when the test has started monitoring wheel events. However, if this does not happen before scrolling begins in the test (which is the case here), then the mainframe scrolling node will not expect a wheel event test trigger even though eventSender.monitorWheelEvents() has been called. To fix this, we simply make the Page trigger a layout of the main FrameView when first ensuring the wheel event test trigger on the Page. 2. The second reason for flakiness affects both overflow and mainframe scrolling. Previously, due to the way we would wait for multiple momentum scroll events before starting to glide, we would end up starting the scroll snap timer for a snapping animation, stopping it, and then starting it again for the glide animation. Thus, if the wheel event test trigger's timer fires right after the scroll snap timer stops and before it starts again due to a glide animation, it will erroneously think that scroll snapping is complete, even though it's only just about to begin! Now that we know scrolling velocity when we receive the initial "momentum begin", we now directly transition the scroll snap state from a snapping state to a gliding state and no longer stop and start the timer during this transition, which means that the test trigger will be deferred for at least the entire duration of the scroll snapping animation (starting right after the first "drag end" wheel event). Test: tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-vertical-then-horizontal.html * WebCore.xcodeproj/project.pbxproj: * page/EventHandler.cpp: (WebCore::handleWheelEventInAppropriateEnclosingBox): (WebCore::EventHandler::defaultWheelEventHandler): * page/Page.cpp: (WebCore::Page::ensureTestTrigger): Addresses test failures by forcing the mainframe scrolling node to expect wheel event test triggers. * page/WheelEventDeltaFilter.cpp: (WebCore::WheelEventDeltaFilter::create): (WebCore::WheelEventDeltaFilter::filteredVelocity): * page/WheelEventDeltaFilter.h: * page/mac/WheelEventDeltaFilterMac.mm: (WebCore::WheelEventDeltaFilterMac::updateFromDelta): Add support for plumbing filtered scrolling velocity over to the ScrollController. * page/scrolling/ScrollingMomentumCalculator.cpp: Copied from Source/WebCore/platform/cocoa/ScrollSnapAnimatorState.mm. (WebCore::ScrollingMomentumCalculator::ScrollingMomentumCalculator): (WebCore::ScrollingMomentumCalculator::create): Creates a platform-independent BasicScrollingMomentumCalculator. (WebCore::BasicScrollingMomentumCalculator::BasicScrollingMomentumCalculator): (WebCore::BasicScrollingMomentumCalculator::linearlyInterpolatedOffsetAtProgress): (WebCore::BasicScrollingMomentumCalculator::cubicallyInterpolatedOffsetAtProgress): (WebCore::BasicScrollingMomentumCalculator::scrollOffsetAfterElapsedTime): (WebCore::BasicScrollingMomentumCalculator::animationDuration): (WebCore::BasicScrollingMomentumCalculator::initializeInterpolationCoefficientsIfNecessary): (WebCore::BasicScrollingMomentumCalculator::initializeSnapProgressCurve): (WebCore::BasicScrollingMomentumCalculator::animationProgressAfterElapsedTime): Interpolation logic ported over from ScrollSnapAnimatorState. * page/scrolling/ScrollingMomentumCalculator.h: Added. (WebCore::ScrollingMomentumCalculator::~ScrollingMomentumCalculator): * page/scrolling/mac/ScrollingMomentumCalculatorMac.h: Copied from Source/WebCore/page/WheelEventDeltaFilter.h. * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm: Added. (WebCore::ScrollingMomentumCalculator::create): Creates a ScrollingMomentumCalculatorMac. (WebCore::ScrollingMomentumCalculatorMac::ScrollingMomentumCalculatorMac): (WebCore::ScrollingMomentumCalculatorMac::scrollOffsetAfterElapsedTime): (WebCore::ScrollingMomentumCalculatorMac::animationDuration): (WebCore::ScrollingMomentumCalculatorMac::ensurePlatformMomentumCalculator): * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm: (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffset): (WebCore::ScrollingTreeFrameScrollingNodeMac::viewportSize): (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Deleted. * platform/PlatformWheelEvent.h: (WebCore::PlatformWheelEvent::copyWithDeltasAndVelocity): (WebCore::PlatformWheelEvent::scrollingVelocity): (WebCore::PlatformWheelEvent::copyWithDeltas): Deleted. * platform/ScrollAnimator.cpp: (WebCore::ScrollAnimator::scrollOffset): (WebCore::ScrollAnimator::viewportSize): (WebCore::ScrollAnimator::scrollOffsetOnAxis): Deleted. * platform/ScrollAnimator.h: * platform/cocoa/ScrollController.h: * platform/cocoa/ScrollController.mm: (WebCore::otherScrollEventAxis): (WebCore::ScrollController::ScrollController): (WebCore::ScrollController::shouldOverrideInertialScrolling): (WebCore::ScrollController::scheduleStatelessScrollSnap): (WebCore::ScrollController::statelessSnapTransitionTimerFired): (WebCore::ScrollController::startDeferringTestsDueToScrollSnapping): (WebCore::ScrollController::stopDeferringTestsDueToScrollSnapping): (WebCore::ScrollController::processWheelEventForScrollSnap): (WebCore::ScrollController::updateScrollSnapState): (WebCore::ScrollController::updateScrollSnapPoints): Update the ScrollController's ScrollSnapAnimationState for both vertical and horizontal axes. If both axes lack any snap points, the pointer to the animation state will be nulled out; otherwise, the animation state will exist. (WebCore::ScrollController::startScrollSnapTimer): (WebCore::ScrollController::stopScrollSnapTimer): (WebCore::ScrollController::scrollSnapTimerFired): (WebCore::ScrollController::activeScrollSnapIndexForAxis): (WebCore::ScrollController::setActiveScrollSnapIndexForAxis): (WebCore::ScrollController::setNearestScrollSnapIndexForAxisAndOffset): (WebCore::ScrollController::setActiveScrollSnapIndicesForOffset): (WebCore::ScrollController::scrollSnapPointState): Deleted. (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Deleted. (WebCore::ScrollController::shouldOverrideWheelEvent): Deleted. (WebCore::projectedInertialScrollDistance): Deleted. (WebCore::ScrollController::beginScrollSnapAnimation): Deleted. (WebCore::ScrollController::endScrollSnapAnimation): Deleted. (WebCore::ScrollController::initializeScrollSnapAnimationParameters): Deleted. (WebCore::ScrollController::isSnappingOnAxis): Deleted. * platform/cocoa/ScrollSnapAnimatorState.h: (WebCore::ScrollSnapAnimatorState::snapOffsetsForAxis): (WebCore::ScrollSnapAnimatorState::setSnapOffsetsForAxis): (WebCore::ScrollSnapAnimatorState::currentState): (WebCore::ScrollSnapAnimatorState::activeSnapIndexForAxis): (WebCore::ScrollSnapAnimatorState::setActiveSnapIndexForAxis): * platform/cocoa/ScrollSnapAnimatorState.mm: (WebCore::projectedInertialScrollDistance): (WebCore::ScrollSnapAnimatorState::transitionToSnapAnimationState): (WebCore::ScrollSnapAnimatorState::transitionToGlideAnimationState): (WebCore::ScrollSnapAnimatorState::transitionToUserInteractionState): (WebCore::ScrollSnapAnimatorState::transitionToDestinationReachedState): These methods are used to update the ScrollSnapAnimationState. These state transitions should (and do) encapsulate all changes that need to be made to the animation state; in other words, the ScrollController should no longer be reaching directly into the ScrollSnapAnimatorState to change member variables. (WebCore::ScrollSnapAnimatorState::setupAnimationForState): (WebCore::ScrollSnapAnimatorState::teardownAnimationForState): (WebCore::ScrollSnapAnimatorState::currentAnimatedScrollOffset): (WebCore::ScrollSnapAnimatorState::targetOffsetForStartOffset): (WebCore::ScrollSnapAnimatorState::ScrollSnapAnimatorState): Deleted. (WebCore::ScrollSnapAnimatorState::pushInitialWheelDelta): Deleted. (WebCore::ScrollSnapAnimatorState::averageInitialWheelDelta): Deleted. (WebCore::ScrollSnapAnimatorState::clearInitialWheelDeltaWindow): Deleted. (WebCore::ScrollSnapAnimatorState::isSnapping): Deleted. (WebCore::ScrollSnapAnimatorState::canReachTargetWithCurrentInitialScrollDelta): Deleted. (WebCore::ScrollSnapAnimatorState::wheelDeltaTrackingIsInProgress): Deleted. (WebCore::ScrollSnapAnimatorState::hasFinishedTrackingWheelDeltas): Deleted. (WebCore::ScrollSnapAnimatorState::interpolatedOffsetAtProgress): Deleted. (WebCore::ScrollSnapAnimationCurveState::initializeSnapProgressCurve): Deleted. (WebCore::ScrollSnapAnimationCurveState::initializeInterpolationCoefficientsIfNecessary): Deleted. (WebCore::ScrollSnapAnimationCurveState::interpolatedPositionAtProgress): Deleted. (WebCore::ScrollSnapAnimationCurveState::shouldCompleteSnapAnimationImmediatelyAtTime): Deleted. (WebCore::ScrollSnapAnimationCurveState::animationProgressAtTime): Deleted. The ScrollSnapAnimatorState now tracks state across both axes. This simplifies coordinating scroll snapping in both horizontal and vertical axes and fixes the issue of the scroll offset not snapping when performing a scroll in one direction without momentum, then scrolling with momentum in the other direction in a single gesture. * platform/spi/mac/NSScrollingMomentumCalculatorSPI.h: Added. 2016-11-29 Brady Eidson <beidson@apple.com> IndexedDB 2.0: Queue up completed requests in the client, handle them one by one. https://bugs.webkit.org/show_bug.cgi?id=165000 Reviewed by Alex Christensen. No new tests (Covered extensively by every existing test). Currently when a TransactionOperation completes on the server, it immediately completes itself on the client side, including scheduling an event dispatch if necessary. This patch changes it so that "server completed operations" instead queue up in the IDBTransaction and are "client-side completed" asynchronously, 1-by-1. Currently this is a "no behavior change" because only one operation is ever sent to the server at a time. But that will change with https://webkit.org/b/164932 And this patch is a pre-requisite for that. * Modules/indexeddb/IDBRequest.cpp: (WebCore::IDBRequest::dispatchEvent): (WebCore::IDBRequest::didOpenOrIterateCursor): (WebCore::IDBRequest::completeRequestAndDispatchEvent): (WebCore::IDBRequest::requestCompleted): Deleted. * Modules/indexeddb/IDBRequest.h: * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::IDBTransaction): (WebCore::IDBTransaction::internalAbort): (WebCore::IDBTransaction::abortOnServerAndCancelRequests): (WebCore::IDBTransaction::scheduleOperation): (WebCore::IDBTransaction::schedulePendingOperationTimer): (WebCore::IDBTransaction::pendingOperationTimerFired): (WebCore::IDBTransaction::operationCompletedOnServer): (WebCore::IDBTransaction::scheduleCompletedOperationTimer): (WebCore::IDBTransaction::completedOperationTimerFired): (WebCore::IDBTransaction::completeNoncursorRequest): (WebCore::IDBTransaction::completeCursorRequest): (WebCore::IDBTransaction::finishedDispatchEventForRequest): (WebCore::IDBTransaction::didStart): (WebCore::IDBTransaction::didOpenCursorOnServer): (WebCore::IDBTransaction::didIterateCursorOnServer): (WebCore::IDBTransaction::didGetAllRecordsOnServer): (WebCore::IDBTransaction::didGetRecordOnServer): (WebCore::IDBTransaction::didGetCountOnServer): (WebCore::IDBTransaction::didDeleteRecordOnServer): (WebCore::IDBTransaction::didClearObjectStoreOnServer): (WebCore::IDBTransaction::putOrAddOnServer): (WebCore::IDBTransaction::didPutOrAddOnServer): (WebCore::IDBTransaction::operationCompletedOnClient): (WebCore::IDBTransaction::deactivate): (WebCore::IDBTransaction::connectionClosedFromServer): (WebCore::IDBTransaction::scheduleOperationTimer): Deleted. (WebCore::IDBTransaction::operationTimerFired): Deleted. (WebCore::IDBTransaction::operationDidComplete): Deleted. * Modules/indexeddb/IDBTransaction.h: * Modules/indexeddb/client/IDBConnectionProxy.cpp: (WebCore::IDBClient::IDBConnectionProxy::completeOperation): * Modules/indexeddb/client/TransactionOperation.cpp: (WebCore::IDBClient::TransactionOperation::TransactionOperation): * Modules/indexeddb/client/TransactionOperation.h: (WebCore::IDBClient::TransactionOperation::transitionToCompleteOnThisThread): (WebCore::IDBClient::TransactionOperation::transitionToComplete): (WebCore::IDBClient::TransactionOperation::doComplete): (WebCore::IDBClient::TransactionOperation::idbRequest): (WebCore::IDBClient::TransactionOperation::performCompleteOnOriginThread): Deleted. (WebCore::IDBClient::TransactionOperation::completed): Deleted. 2016-11-29 Zalan Bujtas <zalan@apple.com> Safari (WebKit) doesn't wrap element within flex when width comes below min-width https://bugs.webkit.org/show_bug.cgi?id=136041 <rdar://problem/25569370> Reviewed by Darin Adler. While figuring out whether a particular flex item fits the current line, we need to take the min-width into account too. This matches both FF and Chrome behaviour. Tests: fast/flexbox/flex-wrap-when-min-widht-is-set-1.html fast/flexbox/flex-wrap-when-min-widht-is-set-2.html * rendering/RenderFlexibleBox.cpp: (WebCore::RenderFlexibleBox::computeNextFlexLine): 2016-11-29 Antti Koivisto <antti@apple.com> Try to fix win/gtk build. * style/StyleUpdate.h: (WebCore::Style::ElementUpdate::ElementUpdate): Add explicit constructor for compilers that don't support C++14 list initialization correctly. 2016-11-28 Antti Koivisto <antti@apple.com> Slotted nodes ignore transition https://bugs.webkit.org/show_bug.cgi?id=160866 <rdar://problem/29231901> Reviewed by Sam Weinig. The problem is that slot (display:contents) always triggers full render tree rebuild when something changes in the slotted subtree. This causes animation to jump to end (may be another bug). Test: fast/shadow-dom/shadow-host-transition.html * style/RenderTreeUpdater.cpp: (WebCore::RenderTreeUpdater::updateElementRenderer): (WebCore::RenderTreeUpdater::updateBeforeOrAfterPseudoElement): * style/StyleChange.h: Rearrange so the strongest ('Detach') is the highest. * style/StyleTreeResolver.cpp: (WebCore::Style::TreeResolver::resolveElement): (WebCore::Style::TreeResolver::createAnimatedElementUpdate): If style was display:contents and stays that way, use 'Inherit' StyleChange which doesn't force render tree rebuild. Refactor more of the functionality to createAnimatedElementUpdate. * style/StyleTreeResolver.h: 2016-11-28 Carlos Garcia Campos <cgarcia@igalia.com> [GTK] Crash in WebCore::PlatformDisplayX11::supportsXComposite when running under Wayland https://bugs.webkit.org/show_bug.cgi?id=164917 Reviewed by Michael Catanzaro. WebKitGTK+ appplications are expected to call gtk_init(), because WebKitGTK+, like GTK+ itself, requires a display to work. We currently fallback to create a X11 display when X11 is enabled in cases where GTK+ doesn't have a default display (gtk_init() wasn't called or failed). That's why we end up creating an X11 display under Wayland when both Wayland and X11 option are enabled. The code assumes X11 display creation will always work if X11 is enabled, but that's not true now that we support also Wayland at runtime. So, we should try to get a native display before creating the PlatformDisplay. Rendering will not work in any case when gtk_init() is not called, but in most of the cases those applications are not actually going to render anything, so this way at least we will not crash. * platform/graphics/PlatformDisplay.cpp: (WebCore::PlatformDisplay::createPlatformDisplay): Use create() method for X11 and Wayland if we couldn't get a native display from GTK+. If everything fails create a display with no native. (WebCore::PlatformDisplay::PlatformDisplay): Add NativeDisplayOwned parameter. * platform/graphics/PlatformDisplay.h: * platform/graphics/wayland/PlatformDisplayWayland.cpp: (WebCore::PlatformDisplayWayland::create): Try to create a native Wayland display or return nullptr. (WebCore::PlatformDisplayWayland::PlatformDisplayWayland): Initialize NativeDisplayOwned parameter. (WebCore::PlatformDisplayWayland::~PlatformDisplayWayland): Destroy the display if owned. (WebCore::PlatformDisplayWayland::initialize): Return early if native display is nullptr. * platform/graphics/wayland/PlatformDisplayWayland.h: * platform/graphics/x11/PlatformDisplayX11.cpp: (WebCore::PlatformDisplayX11::create): Try to create a native X11 display or return nullptr. (WebCore::PlatformDisplayX11::PlatformDisplayX11): Use NativeDisplayOwned now. (WebCore::PlatformDisplayX11::~PlatformDisplayX11): Ditto. * platform/graphics/x11/PlatformDisplayX11.h: 2016-11-28 Matt Baker <mattbaker@apple.com> Web Inspector: Debugger should have an option for showing asynchronous call stacks https://bugs.webkit.org/show_bug.cgi?id=163230 <rdar://problem/28698683> Reviewed by Joseph Pecoraro. Test: inspector/debugger/async-stack-trace.html * inspector/InspectorInstrumentation.cpp: (WebCore::didScheduleAsyncCall): Helper function used by by instrumentation hooks. Informs the debugger agent that an asynchronous call was scheduled for the current script execution state. (WebCore::InspectorInstrumentation::didInstallTimerImpl): (WebCore::InspectorInstrumentation::didRemoveTimerImpl): (WebCore::InspectorInstrumentation::willFireTimerImpl): (WebCore::InspectorInstrumentation::didFireTimerImpl): Asynchronous stack trace plumbing for timers (setTimeout, setInterval). (WebCore::InspectorInstrumentation::didRequestAnimationFrameImpl): (WebCore::InspectorInstrumentation::didCancelAnimationFrameImpl): (WebCore::InspectorInstrumentation::willFireAnimationFrameImpl): (WebCore::InspectorInstrumentation::didFireAnimationFrameImpl): Asynchronous stack trace plumbing for requestAnimationFrame. 2016-11-28 Jiewen Tan <jiewen_tan@apple.com> Unreviewed, followup patch after r209059. * crypto/mac/CryptoAlgorithmAES_CBCMac.cpp: (WebCore::CryptoAlgorithmAES_CBC::platformEncrypt): (WebCore::CryptoAlgorithmAES_CBC::platformDecrypt): * crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt): (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt): * crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt): (WebCore::CryptoAlgorithmRSA_OAEP::platformDecrypt): 2016-11-28 Jiewen Tan <jiewen_tan@apple.com> ASSERTION FAILED: m_scriptExecutionContext->isContextThread() seen with LayoutTest crypto/subtle/rsa-oaep-generate-key-encrypt-decrypt.html https://bugs.webkit.org/show_bug.cgi?id=165124 <rdar://problem/29413805> Reviewed by Daniel Bates. We should only dereference callbacks after being back to the Document/Worker threads as it might destroy promises in the work queue which will then trigger the assertion. Covered by existing tests. * crypto/mac/CryptoAlgorithmAES_CBCMac.cpp: (WebCore::CryptoAlgorithmAES_CBC::platformEncrypt): (WebCore::CryptoAlgorithmAES_CBC::platformDecrypt): * crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp: (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt): (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt): * crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp: (WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt): (WebCore::CryptoAlgorithmRSA_OAEP::platformDecrypt): 2016-11-28 Darin Adler <darin@apple.com> Streamline and speed up tokenizer and segmented string classes https://bugs.webkit.org/show_bug.cgi?id=165003 Reviewed by Sam Weinig. Profiling Speedometer on my iMac showed the tokenizer as one of the hottest functions. This patch streamlines the segmented string class, removing various unused features, and also improves some other functions seen on the Speedometer profile. On my iMac I measured a speedup of about 3%. Changes include: - Removed m_pushedChar1, m_pushedChar2, and m_empty data members from the SegmentedString class and all the code that used to handle them. - Simplified the SegmentedString advance functions so they are small enough to get inlined in the HTML tokenizer. - Updated callers to call the simpler SegmentedString advance functions that don't handle newlines in as many cases as possible. - Cut down on allocations of SegmentedString and made code move the segmented string and the strings that are moved into it rather than copying them whenever possible. - Simplified segmented string functions, removing some branches, mostly from the non-fast paths. - Removed small unused functions and small functions used in only one or two places, made more functions private and renamed for clarity. * bindings/js/JSHTMLDocumentCustom.cpp: (WebCore::documentWrite): Moved a little more of the common code in here from the two functions belwo. Removed obsolete comment saying this was not following the DOM specification because it is. Removed unneeded special cases for 1 argument and no arguments. Take a reference instead of a pointer. (WebCore::JSHTMLDocument::write): Updated for above. (WebCore::JSHTMLDocument::writeln): Ditto. * css/parser/CSSTokenizer.cpp: Added now-needed include. * css/parser/CSSTokenizer.h: Removed unneeded include. * css/parser/CSSTokenizerInputStream.h: Added definition of kEndOfFileMarker here; this is now separate from the use in the HTMLParser. In the long run, unclear to me whether it is really needed in either. * dom/Document.cpp: (WebCore::Document::prepareToWrite): Added. Helper function used by the three different variants of write. Using this may prevent us from having to construct a SegmentedString just to append one string after future refactoring. (WebCore::Document::write): Updated to take an rvalue reference and move the value through. (WebCore::Document::writeln): Use a single write call instead of two. * dom/Document.h: Changed write to take an rvalue reference to SegmentedString rather than a const reference. * dom/DocumentParser.h: Changed insert to take an rvalue reference to SegmentedString. In the future, should probably overload to take a single string since that is the normal case. * dom/RawDataDocumentParser.h: Updated for change to DocumentParser. * html/FTPDirectoryDocument.cpp: (WebCore::FTPDirectoryDocumentParser::append): Refactored a bit, just enough so that we don't need an assignment operator for SegmentedString that can copy a String. * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::insert): Updated to take an rvalue reference, and move the value through. * html/parser/HTMLDocumentParser.h: Updated for the above. * html/parser/HTMLEntityParser.cpp: (WebCore::HTMLEntityParser::consumeNamedEntity): Updated for name changes. Changed the twao calls to advance here to call advancePastNonNewline; no change in behavior, but asserts what the code was assuming before, that the character was not a newline. * html/parser/HTMLInputStream.h: (WebCore::HTMLInputStream::appendToEnd): Updated to take an rvalue reference, and move the value through. (WebCore::HTMLInputStream::insertAtCurrentInsertionPoint): Ditto. (WebCore::HTMLInputStream::markEndOfFile): Removed the code to construct a SegmentedString, overkill since we can just append an individual string. (WebCore::HTMLInputStream::splitInto): Rewrote the move idiom here to actually use move, which will reduce reference count churn and other unneeded work. * html/parser/HTMLMetaCharsetParser.cpp: (WebCore::HTMLMetaCharsetParser::checkForMetaCharset): Removed unneeded construction of a SegmentedString, just to append a string. * html/parser/HTMLSourceTracker.cpp: (WebCore::HTMLSourceTracker::HTMLSourceTracker): Moved to the class definition. (WebCore::HTMLSourceTracker::source): Updated for function name change. * html/parser/HTMLSourceTracker.h: Updated for above. * html/parser/HTMLTokenizer.cpp: Added now-needed include. (WebCore::HTMLTokenizer::emitAndResumeInDataState): Use advancePastNonNewline, since this function is never called in response to a newline character. (WebCore::HTMLTokenizer::commitToPartialEndTag): Ditto. (WebCore::HTMLTokenizer::commitToCompleteEndTag): Ditto. (WebCore::HTMLTokenizer::processToken): Use ADVANCE_PAST_NON_NEWLINE_TO macro instead of ADVANCE_TO in cases where the character we are advancing past is known not to be a newline, so we can use the more efficient advance function that doesn't check for the newline character. * html/parser/InputStreamPreprocessor.h: Moved kEndOfFileMarker to SegmentedString.h; not sure that's a good place for it either. In the long run, unclear to me whether this is really needed. (WebCore::InputStreamPreprocessor::peek): Added UNLIKELY for the empty check. Added LIKELY for the not-special character check. (WebCore::InputStreamPreprocessor::advance): Updated for the new name of the advanceAndUpdateLineNumber function. (WebCore::InputStreamPreprocessor::advancePastNonNewline): Added. More efficient than advance for cases where the last characer is known not to be a newline character. (WebCore::InputStreamPreprocessor::skipNextNewLine): Deleted. Was unused. (WebCore::InputStreamPreprocessor::reset): Deleted. Was unused except in the constructor; added initial values for the data members to replace. (WebCore::InputStreamPreprocessor::processNextInputCharacter): Removed long FIXME comment that didn't really need to be here. Reorganized a bit. (WebCore::InputStreamPreprocessor::isAtEndOfFile): Renamed and made static. * html/track/BufferedLineReader.cpp: (WebCore::BufferedLineReader::nextLine): Updated to not use the poorly named scanCharacter function to advance past a newline. Also renamed from getLine and changed to return Optional<String> instead of using a boolean to indicate failure and an out argument. * html/track/BufferedLineReader.h: (WebCore::BufferedLineReader::BufferedLineReader): Use the default, putting initial values on each data member below. (WebCore::BufferedLineReader::append): Updated to take an rvalue reference, and move the value through. (WebCore::BufferedLineReader::scanCharacter): Deleted. Was poorly named, and easy to replace with two lines of code at its two call sites. (WebCore::BufferedLineReader::reset): Rewrote to correctly clear all the data members of the class, not just the segmented string. * html/track/InbandGenericTextTrack.cpp: (WebCore::InbandGenericTextTrack::parseWebVTTFileHeader): Updated to take an rvalue reference and move the value through. * html/track/InbandGenericTextTrack.h: Updated for the above. * html/track/InbandTextTrack.h: Updated since parseWebVTTFileHeader now takes an rvalue reference. * html/track/WebVTTParser.cpp: (WebCore::WebVTTParser::parseFileHeader): Updated to take an rvalue reference and move the value through. (WebCore::WebVTTParser::parseBytes): Updated to pass ownership of the string in to the line reader append function. (WebCore::WebVTTParser::parseCueData): Use auto and WTFMove for WebVTTCueData. (WebCore::WebVTTParser::flush): More of the same. (WebCore::WebVTTParser::parse): Changed to use nextLine instead of getLine. * html/track/WebVTTParser.h: Updated for the above. * html/track/WebVTTTokenizer.cpp: (WebCore::advanceAndEmitToken): Use advanceAndUpdateLineNumber by its new name, just advance. No change in behavior. (WebCore::WebVTTTokenizer::WebVTTTokenizer): Pass a String, not a SegmentedString, to add the end of file marker. * platform/graphics/InbandTextTrackPrivateClient.h: Updated since parseWebVTTFileHeader takes an rvalue reference. * platform/text/SegmentedString.cpp: (WebCore::SegmentedString::Substring::appendTo): Moved here from the header. The only caller is SegmentedString::toString, inside this file. (WebCore::SegmentedString::SegmentedString): Deleted the copy constructor. No longer needed. (WebCore::SegmentedString::operator=): Defined a move assignment operator rather than an ordinary assignment operator, since that's what the call sites really need. (WebCore::SegmentedString::length): Simplified since we no longer need to support pushed characters. (WebCore::SegmentedString::setExcludeLineNumbers): Simplified, since we can just iterate m_otherSubstrings without an extra check. Also changed to write directly to the data member of Substring instead of using a function. (WebCore::SegmentedString::updateAdvanceFunctionPointersForEmptyString): Added. Used when we run out of characters. (WebCore::SegmentedString::clear): Removed code to clear now-deleted members. Updated for changes to other member names. (WebCore::SegmentedString::appendSubstring): Renamed from just append to avoid ambiguity with the public append function. Changed to take an rvalue reference, and move in, and added code to set m_currentCharacter properly, so the caller doesn't have to deal with that. (WebCore::SegmentedString::close): Updated to use m_isClosed by its new name. Also removed unneeded comment about assertion that fires when trying to close an already closed string. (WebCore::SegmentedString::append): Added overloads for rvalue references of both entire SegmentedString objects and of String. Streamlined to just call appendSubstring and append to the deque. (WebCore::SegmentedString::pushBack): Tightened up since we don't allow empty strings and changed to take just a string, not an entire segmented string. (WebCore::SegmentedString::advanceSubstring): Moved logic into the advancePastSingleCharacterSubstringWithoutUpdatingLineNumber function. (WebCore::SegmentedString::toString): Simplified now that we don't need to support pushed characters. (WebCore::SegmentedString::advancePastNonNewlines): Deleted. (WebCore::SegmentedString::advance8): Deleted. (WebCore::SegmentedString::advanceWithoutUpdatingLineNumber16): Renamed from advance16. Simplified now that there are no pushed characters. Also changed to access data members of m_currentSubstring directly instead of calling a function. (WebCore::SegmentedString::advanceAndUpdateLineNumber8): Deleted. (WebCore::SegmentedString::advanceAndUpdateLineNumber16): Ditto. (WebCore::SegmentedString::advancePastSingleCharacterSubstringWithoutUpdatingLineNumber): Renamed from advanceSlowCase. Removed uneeded logic to handle pushed characters. Moved code in here from advanceSubstring. (WebCore::SegmentedString::advancePastSingleCharacterSubstring): Renamed from advanceAndUpdateLineNumberSlowCase. Simplified by calling the function above. (WebCore::SegmentedString::advanceEmpty): Broke assertion up into two. (WebCore::SegmentedString::updateSlowCaseFunctionPointers): Updated for name changes. (WebCore::SegmentedString::advancePastSlowCase): Changed name and meaning of boolean argument. Rewrote to use the String class less; it's now used only when we fail to match after the first character rather than being used for the actual comparison with the literal. * platform/text/SegmentedString.h: Moved all non-trivial function bodies out of the class definition to make things easier to read. Moved the SegmentedSubstring class inside the SegmentedString class, making it a private struct named Substring. Removed the m_ prefix from data members of the struct, removed many functions from the struct and made its union be anonymous instead of naming it m_data. Removed unneeded StringBuilder.h include. (WebCore::SegmentedString::isEmpty): Changed to use the length of the substring instead of a separate boolean. We never create an empty substring, nor leave one in place as the current substring unless the entire segmented string is empty. (WebCore::SegmentedString::advancePast): Updated to use the new member function template instead of a non-template member function. The new member function is entirely rewritten and does the matching directly rather than allocating a string just to do prefix matching. (WebCore::SegmentedString::advancePastLettersIgnoringASCIICase): Renamed to make it clear that the literal must be all non-letters or lowercase letters as with the other "letters ignoring ASCII case" functions. The three call sites all fit the bill. Implement by calling the new function template. (WebCore::SegmentedString::currentCharacter): Renamed from currentChar. (WebCore::SegmentedString::Substring::Substring): Use an rvalue reference and move the string in. (WebCore::SegmentedString::Substring::currentCharacter): Simplified since this is never used on an empty substring. (WebCore::SegmentedString::Substring::incrementAndGetCurrentCharacter): Ditto. (WebCore::SegmentedString::SegmentedString): Overload to take an rvalue reference. Simplified since there are now fewer data members. (WebCore::SegmentedString::advanceWithoutUpdatingLineNumber): Renamed from advance, since this is only safe to use if there is some reason it is OK to skip updating the line number. (WebCore::SegmentedString::advance): Renamed from advanceAndUpdateLineNumber, since doing that is the normal desired behavior and not worth mentioning in the public function name. (WebCore::SegmentedString::advancePastNewline): Renamed from advancePastNewlineAndUpdateLineNumber. (WebCore::SegmentedString::numberOfCharactersConsumed): Greatly simplified since pushed characters are no longer supported. (WebCore::SegmentedString::characterMismatch): Added. Used by advancePast. * xml/parser/CharacterReferenceParserInlines.h: (WebCore::unconsumeCharacters): Use toString rather than toStringPreserveCapacity because the SegmentedString is going to take ownership of the string. (WebCore::consumeCharacterReference): Updated to use the pushBack that takes just a String, not a SegmentedString. Also use advancePastNonNewline. * xml/parser/MarkupTokenizerInlines.h: Added ADVANCE_PAST_NON_NEWLINE_TO. * xml/parser/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::insert): Updated since this takes an rvalue reference. (WebCore::XMLDocumentParser::append): Removed unnecessary code to create a SegmentedString. * xml/parser/XMLDocumentParser.h: Updated for above. Also fixed indentation and initialized most data members. * xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::XMLDocumentParser::XMLDocumentParser): Moved most data member initialization into the class definition. (WebCore::XMLDocumentParser::resumeParsing): Removed code that copied a segmented string, but converted the whole thing into a string before using it. Now we convert to a string right away. 2016-11-28 Chris Dumez <cdumez@apple.com> [iOS] Use UIKit SPI to force popover presentation style on iPhone for html validation popovers https://bugs.webkit.org/show_bug.cgi?id=165107 Reviewed by Simon Fraser. Use UIKit SPI to force popover presentation style on iPhone for html validation popovers as this results in simpler code and achieves the same behavior. * platform/ValidationBubble.h: * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::setAnchorRect): (-[WebValidationBubbleDelegate adaptivePresentationStyleForPresentationController:traitCollection:]): Deleted. * platform/spi/ios/UIKitSPI.h: 2016-11-28 Chris Dumez <cdumez@apple.com> [Mac] Clicking on an HTML validation bubble should dismiss it https://bugs.webkit.org/show_bug.cgi?id=165117 <rdar://problem/29409837> Reviewed by Simon Fraser. Clicking on an HTML validation bubble should dismiss it. It previously did nothing. No new tests, this is not easily testable as EventSender.keyDown() sends the event to the view, not to a particular screen location. * platform/mac/ValidationBubbleMac.mm: (-[WebValidationPopover mouseDown:]): (WebCore::ValidationBubble::ValidationBubble): 2016-11-27 Sam Weinig <sam@webkit.org> Make CanvasRenderingContext2D use WebIDL unions / Variants for createPattern and drawImage https://bugs.webkit.org/show_bug.cgi?id=165086 Reviewed by Darin Adler. * html/canvas/CanvasRenderingContext2D.cpp: (WebCore::size): Add overloads of size for each type of CanvasSource. (WebCore::CanvasRenderingContext2D::drawImage): (WebCore::CanvasRenderingContext2D::createPattern): * html/canvas/CanvasRenderingContext2D.h: * html/canvas/CanvasRenderingContext2D.idl: Use variants to reduce code duplication and match spec language in drawImage and createPattern. 2016-11-28 Beth Dakin <bdakin@apple.com> Blacklist Netflix for TouchBar support https://bugs.webkit.org/show_bug.cgi?id=165104 -and corresponding- rdar://problem/29404778 Reviewed by Tim Horton. This patch moves the algorithm to bestMediaElementForShowingPlaybackControlsManager() so that Now Playing can also use it. * html/HTMLMediaElement.cpp: (WebCore::needsPlaybackControlsManagerQuirk): (WebCore::HTMLMediaElement::bestMediaElementForShowingPlaybackControlsManager): (WebCore::HTMLMediaElement::updatePlaybackControlsManager): 2016-11-28 Mark Lam <mark.lam@apple.com> Fix exception scope verification failures in more miscellaneous files. https://bugs.webkit.org/show_bug.cgi?id=165102 Reviewed by Saam Barati. No new tests because these are fixes to failures detected by existing tests when exception check verification is enabled. * bindings/js/IDBBindingUtilities.cpp: (WebCore::toJS): * bindings/js/JSCommandLineAPIHostCustom.cpp: (WebCore::getJSListenerFunctions): * bindings/js/JSCryptoKeySerializationJWK.cpp: (WebCore::buildJSONForRSAComponents): (WebCore::addUsagesToJSON): * bindings/js/JSDOMBinding.h: (WebCore::toJS): * bridge/runtime_array.cpp: (JSC::RuntimeArray::put): 2016-11-28 Dave Hyatt <hyatt@apple.com> [CSS Parser] Fix bugs in the @supports parser https://bugs.webkit.org/show_bug.cgi?id=165115 Reviewed by Zalan Bujtas. * css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): Clean up the display property to match the old parser to ensure that @supports conditions on display are the same. * css/parser/CSSSupportsParser.cpp: (WebCore::CSSSupportsParser::consumeCondition): (WebCore::CSSSupportsParser::consumeNegation): (WebCore::CSSSupportsParser::consumeConditionInParenthesis): * css/parser/CSSSupportsParser.h: What follows are all bugs in Blink that need to be fixed to pass our tests. Fix the supports parser to allow the whitespace after not/or/and to be optional. Allow the whitespace following parenthetical conditions to be optional. With whitespace being optional, this means that "not(" will parse as a FunctionToken type, as will "or(" and "and(". Handle this situation by checking for FunctionToken along with IdentToken and parameterizing consumeConditionInParenthesis to do the right thing when it starts with a FunctionToken instead of an IdentToken. Fix the general enclosure FunctionToken for forward compatibility to require that the function still be enclosed within parentheses. 2016-11-28 Mark Lam <mark.lam@apple.com> Fix exception scope verification failures in ObjectConstructor.cpp and ObjectPrototype.cpp. https://bugs.webkit.org/show_bug.cgi?id=165051 Reviewed by Saam Barati. No new tests because this is covered by the existing test http/tests/security/cross-frame-access-object-prototype.html with the help of a new ASSERT in ObjectPrototype.cpp. Fixed jsDOMWindowGetOwnPropertySlotRestrictedAccess() to return false when it throws an exception. * bindings/js/JSDOMWindowCustom.cpp: (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess): 2016-11-28 Tim Horton <timothy_horton@apple.com> Obvious change in saturation/color when swiping to a previously visited page https://bugs.webkit.org/show_bug.cgi?id=165112 <rdar://problem/29257229> Reviewed by Simon Fraser. * platform/graphics/cocoa/IOSurface.mm: (WebCore::IOSurface::createFromImage): IOSurface::createFromImage should take into account the colorspace of the originating image, instead of just hardcoding sRGB. Otherwise, on a non-sRGB display, the display-space snapshot that we take for back-forward swipe is converted to sRGB, then the colorspace information is lost (without a way to maintain it inside the IOSurface), and displayed as layer contents interpreted as display space (instead of sRGB). 2016-11-28 Chris Dumez <cdumez@apple.com> Unreviewed, fix crashes on Yosemite after r209009 NSTextField's maximumNumberOfLines was introduced in ElCapitan so disable it at compile-time on previous OSes for now. * platform/mac/ValidationBubbleMac.mm: (WebCore::ValidationBubble::ValidationBubble): 2016-11-28 Keith Rollin <krollin@apple.com> Unreviewed, rolling out r208607. The actual changes aren't inline with what was requested. Reverted changeset: "Reduce number of platformMemoryUsage calls" https://bugs.webkit.org/show_bug.cgi?id=164375 http://trac.webkit.org/changeset/208607 2016-11-28 Beth Dakin <bdakin@apple.com> Blacklist Netflix for TouchBar support https://bugs.webkit.org/show_bug.cgi?id=165104 -and corresponding- rdar://problem/29404778 Reviewed by Darin Adler. * html/HTMLMediaElement.cpp: (WebCore::needsPlaybackControlsManagerQuirk): (WebCore::HTMLMediaElement::updatePlaybackControlsManager): 2016-11-28 Chris Dumez <cdumez@apple.com> Limit HTML Form validation popovers to 4 lines https://bugs.webkit.org/show_bug.cgi?id=165098 <rdar://problem/29403286> Reviewed by Darin Adler. Limit HTML Form validation popovers to 4 lines as per recent feedback. * platform/ios/ValidationBubbleIOS.mm: (WebCore::ValidationBubble::ValidationBubble): * platform/mac/ValidationBubbleMac.mm: (WebCore::ValidationBubble::ValidationBubble): 2016-11-28 Dave Hyatt <hyatt@apple.com> [CSS Parser] Filters and Reflections Fixes https://bugs.webkit.org/show_bug.cgi?id=165103 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::consumeReflect): Support the "none" keyword for box-reflect. * css/parser/CSSPropertyParserHelpers.cpp: (WebCore::CSSPropertyParserHelpers::isValidPrimitiveFilterFunction): (WebCore::CSSPropertyParserHelpers::consumeFilterFunction): Don't rely on range checking, since invert isn't grouped with the other function values. Actually check every keyword. 2016-11-28 Brent Fulgham <bfulgham@apple.com> ImageData does not match specification https://bugs.webkit.org/show_bug.cgi?id=164663 Reviewed by Simon Fraser. The W3C specification https://www.w3.org/TR/2dcontext/ clearly states that the width and height attributes of the ImageData type should be unsigned. Our current implementation has signed integer values. In practice, we have enforced the unsigned requirement by throwing a TypeError if you attempt to construct an ImageData with negative width or height. This change simply updates the IDL and impelemntation to match the spec. Test coverage is already provided by fast/canvas/canvas-imageData.html * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneDeserializer::readTerminal): Serialize as uint32_t values. * html/ImageData.idl: Revise width and height to be unsigned long. 2016-11-28 Dave Hyatt <hyatt@apple.com> [CSS Parser] flex-basis should be pixel units not percentages. https://bugs.webkit.org/show_bug.cgi?id=165100 Reviewed by Zalan Bujtas. * css/parser/CSSPropertyParser.cpp: (WebCore::CSSPropertyParser::consumeFlex): 2016-11-28 Daniel Bates <dabates@apple.com> Replace CSSPropertyNames.in with a JSON file https://bugs.webkit.org/show_bug.cgi?id=164691 Reviewed by Simon Fraser. Convert CSSPropertyNames.in to a structured JSON file. This is the first step towards exposing a CSS feature status dashboard and generating more of the boilerplate code for a CSS property. A side effect of this change is that makeprop.pl no longer detects duplicate CSS property definitions. We will look to bring such duplication detection back in a subsequent commit. * CMakeLists.txt: Substitute CSSProperties.json for CSSPropertyNames.in and update the invocation of makeprop.pl as we no longer need to pass the bindings/scripts/preprocessor.pm Perl module. Makeprop.pl supports conditional CSS properties and values without the need to preprocess CSSProperties.json using the C preprocessor. * DerivedSources.make: Ditto. Pass WTF_PLATFORM_IOS to makeprop.pl when building for iOS as we no longer make use of bindings/scripts/preprocessor.pm. * css/CSSProperties.json: Added. * css/CSSPropertyNames.in: Removed. * css/StyleResolver.cpp: Remove variable lastHighPriorityProperty as we now generate it. * css/makeprop.pl: Extracted the input file name, now CSSProperties.json, into a global variable and referenced this variable throughout this script instead of hardcoding the input file name at each call site. Updated code to handle CSS longhand names being encoded in a JSON array as opposed to a string of '|'-separated values. I added a FIXME comment to do the same for the codegen property "custom". Fixed Perl uninitialized variable warnings when die()-ing with error "Unknown CSS property used in all shorthand ..." or "Unknown CSS property used in longhands ...". (isPropertyEnabled): Added. Determine whether code should be generated for a property. (addProperty): Added. (sortByDescendingPriorityAndName): Added. (getScopeForFunction): Lowercase option names so that we can use a consistent case throughout the JSON file. (getNameForMethods): Ditto. (generateColorValueSetter): (generateAnimationPropertyInitialValueSetter): Ditto. (generateAnimationPropertyInheritValueSetter): Ditto. (generateFillLayerPropertyInitialValueSetter): Ditto. (generateFillLayerPropertyInheritValueSetter): Ditto. (generateSetValueStatement): Ditto. (generateInitialValueSetter): Ditto. (generateInheritValueSetter): Ditto. (generateValueSetter): Ditto. 2016-11-28 Dave Hyatt <hyatt@apple.com> [CSS Parser] Support -webkit-animation-trigger https://bugs.webkit.org/show_bug.cgi?id=165095 Reviewed by Zalan Bujtas. * css/CSSValueKeywords.in: * css/parser/CSSPropertyParser.cpp: (WebCore::consumeWebkitAnimationTrigger): (WebCore::consumeAnimationValue): (WebCore::CSSPropertyParser::parseSingleValue): 2016-11-28 Antti Koivisto <antti@apple.com> Remove FIRST_LINE_INHERITED fake pseudo style https://bugs.webkit.org/show_bug.cgi?id=165071 Reviewed by Andreas Kling. These are create during layout an then cached to the RenderStyle. Cache computed first line style to RenderObject rare data instead, avoiding style mutation an other confusing messiness. * rendering/RenderElement.cpp: (WebCore::RenderElement::RenderElement): (WebCore::RenderElement::computeFirstLineStyle): (WebCore::RenderElement::firstLineStyle): Cache the first line style. (WebCore::RenderElement::invalidateCachedFirstLineStyle): (WebCore::RenderElement::styleWillChange): Invalidate subtree if we have cached first line style. (WebCore::RenderElement::getUncachedPseudoStyle): (WebCore::RenderElement::uncachedFirstLineStyle): Deleted. (WebCore::RenderElement::cachedFirstLineStyle): Deleted. * rendering/RenderElement.h: * rendering/RenderObject.cpp: (WebCore::RenderObject::rareDataMap): (WebCore::RenderObject::rareData): (WebCore::RenderObject::ensureRareData): * rendering/RenderObject.h: Stop copying rare data objects. * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::changeRequiresLayout): Use the normal mechanism for invalidating layout for first-line instead of a hack in pseudoStyleCacheIsInvalid. * rendering/style/RenderStyleConstants.h: * style/RenderTreeUpdater.cpp: (WebCore::pseudoStyleCacheIsInvalid): Simplify. 2016-11-28 Miguel Gomez <magomez@igalia.com> [GTK] Dramatic increase on memory usage since 2.14.x https://bugs.webkit.org/show_bug.cgi?id=164049 Reviewed by Žan Doberšek. Use OpenGL version 3.2 Core for rendering when available. Update some operations that have changed when using 3.2 Core: - Use glGetStringi to get the extensions list. - Do not use GL_POINT_SPRITE. - Always use a VAO when rendering. - Use a GLSL 1.50 compatible shader. No new tests needed. * platform/graphics/GLContext.cpp: (WebCore::GLContext::version): Add a method to get OpenGL version we are using. * platform/graphics/GLContext.h: Ditto. * platform/graphics/GraphicsContext3D.h: Add an attribute to store the VAO used for rendering. * platform/graphics/OpenGLShims.cpp: (WebCore::initializeOpenGLShims): Add glGetStringi to the list of functions. * platform/graphics/OpenGLShims.h: Ditto. * platform/graphics/cairo/GraphicsContext3DCairo.cpp: (WebCore::GraphicsContext3D::GraphicsContext3D): Set appropriate output to the shader compiler and initalize the VAO if needed. (WebCore::GraphicsContext3D::~GraphicsContext3D): Delete the VAO if needed. (WebCore::GraphicsContext3D::getExtensions): Use glGetExtensionsi for OpenGL versions >= 3.2. * platform/graphics/glx/GLContextGLX.cpp: (WebCore::hasGLXARBCreateContextExtension): Check whether the GLX_ARB_create_context extension is available. (WebCore::GLContextGLX::createWindowContext): Use glXCreateContextAttribsARB() if possible to request an OpenGL 3.2 context. (WebCore::GLContextGLX::createPbufferContext): Ditto. * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp: (WebCore::Extensions3DOpenGLCommon::initializeAvailableExtensions): Enable glGetStringi for GTK. * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp: Do not use default getExtensions