ChangeLog   [plain text]


2017-11-03  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r224405. rdar://problem/35296405

    2017-11-03  Ryosuke Niwa  <rniwa@webkit.org>

            Crash inside ChildListMutationAccumulator::enqueueMutationRecord()
            https://bugs.webkit.org/show_bug.cgi?id=179234
            <rdar://problem/35287748>

            Reviewed by Darin Adler.

            Fixed the crash by keeping MutationObserver referenced by MutationObserverInterestGroup alive.

            Also added hasCallback() virtual function on MutationObserver to check whether the callback is alive
            to work around the bug that JS function referenced by MutationObserver isn't kept alive.
            We'll address this bug separately in https://webkit.org/b/179224.

            Test: fast/dom/MutationObserver/disconnect-observer-while-mutation-records-are-enqueued-crash.html

            * bindings/scripts/CodeGeneratorJS.pm:
            (GenerateCallbackHeaderContent): Added an override for the newly added virtual hasCallback().
            * dom/MutationCallback.h:
            * dom/MutationObserver.cpp:
            (WebCore::MutationObserver::deliver): Added the aforementioned workaround.
            * dom/MutationObserverInterestGroup.cpp:
            (WebCore::MutationObserverInterestGroup::MutationObserverInterestGroup): Fixed the crash by using Ref.
            (WebCore::MutationObserverInterestGroup::enqueueMutationRecord): Ditto.
            * dom/MutationObserverInterestGroup.h:
            * dom/NativeNodeFilter.cpp:
            (WebCore::NativeNodeFilter::hasCallback const): Always return true here. This function is never called
            but we still need to implement it since NodeFilter has a pure virtual hasCallback() now.
            * dom/NativeNodeFilter.h:
            * dom/Node.cpp:
            (WebCore::collectMatchingObserversForMutation): Use Ref to fix the crash.
            (WebCore::Node::registeredMutationObservers): Ditto.
            * dom/Node.h:
            * dom/NodeFilter.h:

2017-11-03  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r224398. rdar://problem/35329714

    2017-11-03  Daniel Bates  <dabates@apple.com>

            Invalidate node list when associated form control element is removed
            https://bugs.webkit.org/show_bug.cgi?id=179232
            <rdar://problem/35308269>

            Reviewed by Ryosuke Niwa.

            A node list represents a live view of the DOM. Invalidate the node list
            associated with a form element whenever one of its associated form control
            elements is removed.

            Test: fast/forms/node-list-remove-button-from-form.html

            * html/HTMLFormElement.cpp:
            (WebCore::HTMLFormElement::removeFormElement):

2017-10-29  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r224134. rdar://problem/35143359

    2017-10-27  Daniel Bates  <dabates@apple.com>

            Only allow non-mixed content protected subresources to ask for credentials
            https://bugs.webkit.org/show_bug.cgi?id=178919
            <rdar://problem/35015245>

            Reviewed by Alex Christensen.

            Only allow non-mixed content protected subresources to ask for credentials. It is not meaningful
            to allow protected mixed-content subresources to ask for credentials.

            Tests: http/tests/security/mixedContent/insecure-image-redirects-to-basic-auth-secure-image.html
                   http/tests/security/mixedContent/insecure-script-redirects-to-basic-auth-secure-script.html
                   http/tests/security/mixedContent/insecure-stylesheet-redirects-to-basic-auth-secure-stylesheet.html
                   http/tests/security/mixedContent/secure-redirect-to-insecure-redirect-to-basic-auth-secure-image.https.html
                   http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-insecure-image.https.html
                   http/tests/security/mixedContent/secure-redirect-to-secure-redirect-to-basic-auth-secure-image.https.html

            * loader/ResourceLoader.cpp:
            (WebCore::ResourceLoader::ResourceLoader): Initialize m_canAskClientForCredentials based on the
            specified resource loader options.
            (WebCore::ResourceLoader::init): Update m_canAskClientForCredentials based on the URL of the initial
            request.
            (WebCore::ResourceLoader::isMixedContent const): Helper function to check if the specified URL
            represents a mixed content resource.
            (WebCore::ResourceLoader::willSendRequestInternal): If the original request or the redirect request
            is mixed content then update state such that we will disallow asking for credentials.
            (WebCore::ResourceLoader::isAllowedToAskUserForCredentials const): Modified to use m_canAskClientForCredentials
            when determining whether the request is allowed to ask for credentials.
            * loader/ResourceLoader.h:

2017-10-27  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221233. rdar://problem/35228663

    2017-08-27  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS WK2] Web process crashes after changing selection to the end of the document when speaking a selection
            https://bugs.webkit.org/show_bug.cgi?id=176011
            <rdar://problem/32614095>

            Reviewed by Ryosuke Niwa.

            Adds a null check to visiblePositionForPositionWithOffset. This is a crash point for accessibility codepaths,
            since indexForVisiblePosition is not guaranteed to set the given `root` outparam to a non-null value, yet
            visiblePositionForIndex requires root to be non-null. This causes a crash when selecting some text, hitting
            'Speak', and then changing the selection to somewhere near the end of the document, since accessibility code
            will attempt to speak words at an offset past the end of the document. While this is a bug in and of itself, the
            web process should still handle this case gracefully and not crash. To fix this, we simply bail and return a
            null VisiblePosition if a root container node was not found.

            Currently, visiblePositionForPositionWithOffset is implemented twice, in WebCore (AXObjectCache.cpp) and also in
            WebKit (WebPageIOS.mm), as identical static functions. This patch moves this helper into Editing.cpp and removes
            it from AXObjectCache and WebPageIOS.

            Tests: AccessibilityTests.RectsForSpeakingSelectionBasic
                   AccessibilityTests.RectsForSpeakingSelectionWithLineWrapping
                   AccessibilityTests.RectsForSpeakingSelectionDoNotCrashWhenChangingSelection

            * accessibility/AXObjectCache.cpp:
            (WebCore::visiblePositionForPositionWithOffset): Deleted.
            * editing/Editing.cpp:
            (WebCore::visiblePositionForPositionWithOffset):
            * editing/Editing.h:

2017-10-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223974. rdar://problem/35178887

    2017-10-25  Jer Noble  <jer.noble@apple.com>

            UNPACK_FLIP_Y is broken for MSE-backed videos
            https://bugs.webkit.org/show_bug.cgi?id=178774

            Reviewed by Dean Jackson.

            The global GLSL variable gl_Position can apparently only be set once, and any modifications
            made after that initial set are ignored. So rather than implement flipping by changing
            gl_Position.y, flip the texture coordinates instead.

            Drive-by fix: some of the constants used in VideoTextureCopierCV are not defined on older
            macOS versions, so make them optional.

            Tests: fast/canvas/webgl/texImage2D-mse-flipY-false.html
                   fast/canvas/webgl/texImage2D-mse-flipY-true.html

            * platform/graphics/cv/VideoTextureCopierCV.cpp:
            (WebCore::transferFunctionFromString):
            (WebCore::VideoTextureCopierCV::initializeUVContextObjects):
            * platform/cocoa/CoreVideoSoftLink.cpp:
            * platform/cocoa/CoreVideoSoftLink.h:

2017-10-25  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223960. rdar://problem/35178892

    2017-10-25  Jer Noble  <jer.noble@apple.com>

            Autoplay muted videos still stop playback of other streaming apps in the background
            https://bugs.webkit.org/show_bug.cgi?id=177920

            Reviewed by Eric Carlson.

            When creating a new <video> or <audio> element, the global AudioSession can sometimes have
            its sessionCategory() set to "MediaPlayback", even if the element does not yet have a
            source. This is because the constructor for the MediaElementSession is called before
            m_isPlayingToWirelessTarget is initialized, and so in the MediaElementSession constructor,
            the media element's m_isPlayingToWirelessTarget ivar is sometimes (uninitialized) true.

            We could move the MediaElementSession ivar to the very end of the header, so it's
            initialized last, but that still leaves the possibility of the MediaElementSession et. all
            calling into the HTMLMediaElement before it's subclass's constructors have a chance to
            initialize their own ivars (much less their vtables). So instead, we'll create and set the
            MediaElementSession in a finishInitialization() method called from the HTMLVideoElement and
            HTMLAudioElement's create() factory methods.

            * html/HTMLAudioElement.cpp:
            (WebCore::HTMLAudioElement::create):
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::HTMLMediaElement):
            (WebCore::HTMLMediaElement::finishInitialization):
            * html/HTMLMediaElement.h:
            * html/HTMLVideoElement.cpp:
            (WebCore::HTMLVideoElement::create):

2017-10-21  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223578. rdar://problem/34891313

    2017-10-17  Myles C. Maxfield  <mmaxfield@apple.com>

            Delete button doesn't fully delete certain emoji
            https://bugs.webkit.org/show_bug.cgi?id=178096
            <rdar://problem/34785106>

            Reviewed by Simon Fraser.

            System infrastructure for handling emoji changes every year. Instead of having
            custom code to specifically walk over codepoints, we should delegate to the
            system handling.

            Tests: editing/deleting/delete-emoji.html
                   editing/deleting/delete-emoji-1.html
                   editing/deleting/delete-emoji-2.html
                   editing/deleting/delete-emoji-3.html
                   editing/deleting/delete-emoji-4.html
                   editing/deleting/delete-emoji-5.html
                   editing/deleting/delete-emoji-6.html
                   editing/deleting/delete-emoji-7.html
                   editing/deleting/delete-emoji-8.html
                   editing/deleting/delete-emoji-9.html

            * rendering/RenderText.cpp:
            (WebCore::RenderText::previousOffset const):
            (WebCore::RenderText::previousOffsetForBackwardDeletion const):
            (WebCore::RenderText::nextOffset const):
            (WebCore::isHangulLVT): Deleted.
            (WebCore::isMark): Deleted.
            (WebCore::isRegionalIndicator): Deleted.
            (WebCore::isInArmenianToLimbuRange): Deleted.

2017-10-20  Dean Jackson  <dino@apple.com>

        Cherry-pick r223707 and r223711. rdar://problem/35099869

    2017-10-19  Dean Jackson  <dino@apple.com>

            Avoid duplicate multisample resolve before WebGL compositing
            https://bugs.webkit.org/show_bug.cgi?id=178537
            <rdar://problem/35080724>

            Fix iOS build.

            * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
            (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):

    2017-10-19  Dean Jackson  <dino@apple.com>

            Avoid duplicate multisample resolve before WebGL compositing
            https://bugs.webkit.org/show_bug.cgi?id=178537
            <rdar://problem/35080724>

            Reviewed by Jer Noble.

            Both endPaint and prepareTexture were doing the MSAA resolve
            into the renderbuffer, and being called on macOS before compositing.
            Without that step, endPaint became unnecessary on iOS so I renamed
            it presentRenderbuffer.

            Covered by existing tests.

            * platform/graphics/GraphicsContext3D.h:
            * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
            (WebCore::GraphicsContext3D::presentRenderbuffer):
            (WebCore::GraphicsContext3D::endPaint): Deleted.
            * platform/graphics/cocoa/WebGLLayer.mm:
            (-[WebGLLayer display]):

2017-10-20  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223708. rdar://problem/34771406

    2017-10-19  Tim Horton  <timothy_horton@apple.com>

            Expand r209943 to suppress paste during provisional navigation as well
            https://bugs.webkit.org/show_bug.cgi?id=178429
            <rdar://problem/33952830>

            Reviewed by Dean Jackson.

            No new tests; adjusted an existing test to cover this case.

            * editing/Editor.cpp:
            (WebCore::Editor::canPaste const):
            Disable pasting during provisional navigation, like r209943 did for
            various other forms of text input.

            (WebCore::Editor::shouldInsertText const):
            * dom/EventDispatcher.cpp:
            (WebCore::shouldSuppressEventDispatchInDOM):
            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::shouldSuppressTextInputFromEditing const):
            (WebCore::FrameLoader::shouldSuppressKeyboardInput const): Deleted.
            * loader/FrameLoader.h:
            * page/Settings.in:
            Rename the setting to be about editing-related text input, not "keyboard" input.

            * editing/EditorCommand.cpp:
            (WebCore::allowExecutionWhenDisabled):
            (WebCore::doNotAllowExecutionWhenDisabled):
            (WebCore::allowExecutionWhenDisabledCopyCut):
            (WebCore::allowExecutionWhenDisabledPaste):
            (WebCore::createCommandMap):
            (WebCore::Editor::Command::allowExecutionWhenDisabled const):
            Completely disable execution of paste events when in no-text-input-from-editing mode.
            Otherwise, even though canPaste was false and we wouldn't do a default paste action,
            we would still dispatch the paste event to the DOM.

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223442. rdar://problem/34745623

    2017-10-16  Maureen Daum  <mdaum@apple.com>

            If an origin doesn't have databases in the Databases table we should still remove its information from disk in DatabaseTracker::deleteOrigin()
            https://bugs.webkit.org/show_bug.cgi?id=178281
            <rdar://problem/34576132>

            Reviewed by Brent Fulgham.

            New test:
            DatabaseTracker.DeleteOriginWithMissingEntryInDatabasesTable

            * Modules/webdatabase/DatabaseTracker.cpp:
            (WebCore::DatabaseTracker::deleteOrigin):
            If databaseNames is empty, don't bail early. Instead, delete everything in the directory
            containing the databases for this origin. This condition indicates that we previously
            tried to remove the origin but didn't get all of the way through the deletion process.
            Because we have lost track of the databases for this origin, we can assume that no
            other process is accessing them. This means it should be safe to delete them outright.

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223438. rdar://problem/34745623

    2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>

            Unreviewed attempt to fix the Windows debug build.

            * Modules/webdatabase/DatabaseTracker.cpp:
            (WebCore::DatabaseTracker::deleteOrigin):

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223427. rdar://problem/34745623

    2017-10-16  Maureen Daum  <mdaum@apple.com>

            If we fail to delete any database file, don't remove its information from the tracker database
            <rdar://problem/34576132> and https://bugs.webkit.org/show_bug.cgi?id=178251

            Reviewed by Brady Eidson.

            New tests:
            DatabaseTracker.DeleteDatabase
            DatabaseTracker.DeleteDatabaseWhenDatabaseDoesNotExist
            DatabaseTracker.DeleteOrigin
            DatabaseTracker.DeleteOriginWhenDeletingADatabaseFails
            DatabaseTracker.DeleteOriginWhenDatabaseDoesNotExist

            * Modules/webdatabase/DatabaseTracker.cpp:
            (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
            If the database doesn't exist, we previously deleted it but failed to remove the
            information from the tracker database. We still want to delete all of the information
            associated with this database from the tracker database, so add it to databaseNamesToDelete.
            (WebCore::DatabaseTracker::deleteOrigin):
            If a database doesn't exist, don't try to delete it. We don't need to, but more
            importantly, deleteDatabaseFile() will fail if the database doesn't exist, which
            will cause us to incorrectly think we failed to remove database information from disk.
            If we actually fail to delete any database file, return before we remove the origin
            information from the tracker database so we don't lose track of the database.
            (WebCore::DatabaseTracker::deleteDatabase):
            If a database doesn't exist, don't try to delete it. We don't need to, but also it
            will cause us to incorrectly think that we were unable to delete a database, so we
            would bail before we remove the database information from the tracker database. We
            want to remove the database information from the tracker database because the database
            doesn't exist.
            * Modules/webdatabase/DatabaseTracker.h:
            Expose fullPathForDatabase() for use by tests.
            * platform/Logging.h:
            Add a logging channel.

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223565. rdar://problem/35041490

    2017-10-17  John Wilander  <wilander@apple.com>

            Add and remove cookie partition accordingly in intermediary redirect requests
            https://bugs.webkit.org/show_bug.cgi?id=178369
            <rdar://problem/34467603>

            Reviewed by Brent Fulgham.

            Tests: http/tests/resourceLoadStatistics/add-partitioning-to-redirect.html
                   http/tests/resourceLoadStatistics/remove-partitioning-from-redirect.html

            * loader/ResourceLoadObserver.h:
                Now exposes notifyObserver() so that it can be triggered
                by the TestRunner.
                Removed unimplemented ResourceLoadObserver::setShouldThrottleObserverNotifications().

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223253. rdar://problem/35077489

    2017-10-12  John Wilander  <wilander@apple.com>

            ResourceLoadObserver::logFrameNavigation() should use redirectResponse.url()
            https://bugs.webkit.org/show_bug.cgi?id=175257
            <rdar://problem/33359866>

            Reviewed by Brent Fulgham.

            This patch was joint work between Michael Specter and John Wilander.

            Tests: http/tests/resourceLoadStatistics/non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
                   http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
                   http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/non-sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
                   http/tests/resourceLoadStatistics/sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
                   http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html
                   http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html
                   http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-sandboxed-iframe-redirect-localhost-to-ip-to-localhost.html

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::willSendRequest):
                Now sends redirectResponse.url() to WebCore::ResourceLoadObserver::logFrameNavigation().
            * loader/ResourceLoadObserver.cpp:
            (WebCore::ResourceLoadObserver::logFrameNavigation):
                Now receives the redirect response URL from WebCore::DocumentLoader().
            (WebCore::ResourceLoadObserver::nonNullOwnerURL const):
                New function to traverse the frame chain upward and find the first non-null URL.
            * loader/ResourceLoadObserver.h:

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223451. rdar://problem/34985194

    2017-10-12  Matt Rajca  <mrajca@apple.com>

            Add API support for quirk that lets an arbitrary click allow auto-play.
            https://bugs.webkit.org/show_bug.cgi?id=178227

            Reviewed by Alex Christensen.

            Added API test.

            Instead of hardcoding sites in WebCore, let API clients control which websites opt into the quirk that lets
            an arbitrary click allow auto-play via website policies.

            * html/MediaElementSession.cpp:
            (WebCore::needsArbitraryUserGestureAutoplayQuirk):
            * loader/DocumentLoader.h:

2017-10-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223436. rdar://problem/35061711

    2017-10-16  Chris Dumez  <cdumez@apple.com>

            Log using differential privacy domains where the WebContent process crashes
            https://bugs.webkit.org/show_bug.cgi?id=178346
            <rdar://problem/33293830>

            Reviewed by Alex Christensen.

            Add new diagnostic logging key for domain causing crashes.

            * page/DiagnosticLoggingKeys.cpp:
            (WebCore::DiagnosticLoggingKeys::domainCausingCrashKey):
            * page/DiagnosticLoggingKeys.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221921. rdar://problem/35041482

    2017-09-12  Daniel Bates  <dabates@apple.com>

            REGRESSION (r215784): The title of right-to-left pages are empty
            https://bugs.webkit.org/show_bug.cgi?id=176746
            <rdar://problem/34211419>

            Reviewed by Brent Fulgham.

            Left truncate a long right-to-left title.

            Right-to-left text represents the visual ordering of text. Internally WebKit stores
            right-to-left text identically to left-to-right text in memory. So, we can use the
            same string operation to truncate right-to-left text as we do to truncate left-to-right
            text.

            * platform/text/StringWithDirection.h:
            (WebCore::truncateFromEnd):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223589. rdar://problem/34771462

    2017-10-17  Myles C. Maxfield  <mmaxfield@apple.com>

            [Regression] Webkit "-apple-system" font fallback token handles font weights of PingFang incorrectly.
            https://bugs.webkit.org/show_bug.cgi?id=177345
            <rdar://problem/32975942>

            Reviewed by Jon Lee.

            This bug has a fairly insideous cause. In particular, the system font fallback path follows
            system conventions, which are not the same as the CSS fallback path. For example, the Chinese
            fallback of San Francisco weight 600 is Ping Fang weight 500. This doesn't match our
            assumptions in CSS, because Ping Fang does have a 600 weight, which CSS would think is closer.
            However, the whole point of system-ui is that it follows the system fallback path, not CSS's.
            Therefore, falling back from a bold system-ui request to a non-bold fallback font is correct
            and expected, and we shouldn't synthesize bold in this situation.

            Test: fast/text/system-ui-chinese-bold-fallback.html

            * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
            (WebCore::FontFamilySpecificationCoreText::fontRanges const):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223580. rdar://problem/34958773

    2017-10-16  Andy Estes  <aestes@apple.com>

            [Apple Pay] Add subLocality and subAdministrativeArea to ApplePayPaymentContact and ApplePayError
            https://bugs.webkit.org/show_bug.cgi?id=178191
            <rdar://problem/34906367>

            Reviewed by Tim Horton.

            Added test cases to http/tests/ssl/applepay/ApplePaySession.html.

            * Modules/applepay/ApplePayError.idl:
            * Modules/applepay/ApplePayPaymentContact.h:
            * Modules/applepay/ApplePayPaymentContact.idl:
            * Modules/applepay/ApplePaySessionPaymentRequest.h:
            * Modules/applepay/cocoa/PaymentContactCocoa.mm:
            (WebCore::subLocality):
            (WebCore::setSubLocality):
            (WebCore::subAdministrativeArea):
            (WebCore::setSubAdministrativeArea):
            (WebCore::convert):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223424. rdar://problem/34745623

    2017-10-16  Alex Christensen  <achristensen@webkit.org>

            Fix iOS build after r223422
            https://bugs.webkit.org/show_bug.cgi?id=178251

            * Modules/webdatabase/DatabaseManager.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223423. rdar://problem/34745623

    2017-10-16  Maureen Daum  <mdaum@apple.com>

            We should wrap the removal of information from the tracker database in a transaction in DatabaseTracker::deleteOrigin()
            https://bugs.webkit.org/show_bug.cgi?id=178274
            <rdar://problem/34576132>

            Reviewed by Tim Horton.

            * Modules/webdatabase/DatabaseTracker.cpp:
            (WebCore::DatabaseTracker::deleteOrigin):
            Wrap the removal of information from the tracker database in a transaction so that
            we don't end up in a case where only one of the tables contains information about
            an origin.
            If anything goes wrong when we're modifying the tracker database, rollback the transaction
            before bailing.

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223420. rdar://problem/34745623

    2017-10-16  Ryan Haddad  <ryanhaddad@apple.com>

            Unreviewed, rolling out r223419.

            This change broke the Windows build.

            Reverted changeset:

            "If we fail to delete any database file, don't remove its
            information from the tracker database"
            https://bugs.webkit.org/show_bug.cgi?id=178251
            https://trac.webkit.org/changeset/223419

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223419. rdar://problem/34745623

    2017-10-16  Maureen Daum  <mdaum@apple.com>

            If we fail to delete any database file, don't remove its information from the tracker database
            <rdar://problem/34576132> and https://bugs.webkit.org/show_bug.cgi?id=178251

            Reviewed by Brady Eidson.

            New tests:
            DatabaseTracker.DeleteDatabase
            DatabaseTracker.DeleteDatabaseWhenDatabaseDoesNotExist
            DatabaseTracker.DeleteOrigin
            DatabaseTracker.DeleteOriginWhenDeletingADatabaseFails
            DatabaseTracker.DeleteOriginWhenDatabaseDoesNotExist

            * Modules/webdatabase/DatabaseTracker.cpp:
            (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
            If the database doesn't exist, we previously deleted it but failed to remove the
            information from the tracker database. We still want to delete all of the information
            associated with this database from the tracker database, so add it to databaseNamesToDelete.
            (WebCore::DatabaseTracker::deleteOrigin):
            If a database doesn't exist, don't try to delete it. We don't need to, but more
            importantly, deleteDatabaseFile() will fail if the database doesn't exist, which
            will cause us to incorrectly think we failed to remove database information from disk.
            If we actually fail to delete any database file, return before we remove the origin
            information from the tracker database so we don't lose track of the database.
            (WebCore::DatabaseTracker::deleteDatabase):
            If a database doesn't exist, don't try to delete it. We don't need to, but also it
            will cause us to incorrectly think that we were unable to delete a database, so we
            would bail before we remove the database information from the tracker database. We
            want to remove the database information from the tracker database because the database
            doesn't exist.
            * Modules/webdatabase/DatabaseTracker.h:
            Expose fullPathForDatabase() for use by tests.
            * platform/Logging.h:
            Add a logging channel.

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223228. rdar://problem/35061705

    2017-10-11  Brent Fulgham  <bfulgham@apple.com>

            Correct nullptr deref in selection handling.
            https://bugs.webkit.org/show_bug.cgi?id=178189
            <rdar://problem/33833012>

            Reviewed by Ryosuke Niwa.

            The VisibleSelection::toNormalizedRange returns nullptr for certain conditions (e.g., 'isNone'
            and 'isOrphaned' cases). It's possible to crash the WebProcess by executing a code path with
            an orphaned selection range.

            The return value of 'toNormalizedRange' is checked for nullptr in many places, but not everywhere.
            This patch adds those missing nullptr checks.

            * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
            (-[WebAccessibilityObjectWrapper textMarkerRangeForSelection]):
            * editing/DeleteSelectionCommand.cpp:
            (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
            * editing/EditingStyle.cpp:
            (WebCore::EditingStyle::styleAtSelectionStart):
            * editing/Editor.cpp:
            (WebCore::Editor::misspelledWordAtCaretOrRange const):
            * page/DOMSelection.cpp:
            (WebCore::DOMSelection::containsNode const):
            * page/DragController.cpp:
            (WebCore::DragController::concludeEditDrag):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223210. rdar://problem/34820936

    2017-10-11  Simon Fraser  <simon.fraser@apple.com>

            Avoid triggering layout from style change
            https://bugs.webkit.org/show_bug.cgi?id=178184
            rdar://problem/34699113

            Reviewed by Zalan Bujtas.

            It's bad for RenderBox::styleDidChange() to scroll RenderLayers, because that
            can trigger layout via FrameView::updateWidgetPositions() and ScrollingCoordinator::absoluteEventTrackingRegions().
            So postpone the scrolling until after layout.

            Test: fast/scrolling/adjust-scroll-offset-on-zoom.html

            * rendering/RenderBox.cpp:
            (WebCore::RenderBox::styleDidChange):
            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::updateLayerPositions):
            (WebCore::RenderLayer::setPostLayoutScrollPosition):
            (WebCore::RenderLayer::applyPostLayoutScrollPositionIfNeeded):
            * rendering/RenderLayer.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222471. rdar://problem/35061708

    2017-09-25  Youenn Fablet  <youenn@apple.com>

            MediaStreamTrack.getSettings should compute its deviceId/groupId like enumerateDevices
            https://bugs.webkit.org/show_bug.cgi?id=177433

            Reviewed by Jer Noble.

            Covered by improved test.

            Hash the deviceId returned by getSettings as done by enumerateDevices/getUserMedia.
            Do the same thing for groupId.
            Make sure mock sources have their deviceId set consistently with mock devices.

            * Modules/mediastream/MediaStreamTrack.cpp:
            (WebCore::MediaStreamTrack::getSettings const):
            * Modules/mediastream/MediaStreamTrack.h:
            * Modules/mediastream/MediaStreamTrack.idl:
            * platform/mediastream/mac/MockRealtimeAudioSourceMac.h:
            * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
            (WebCore::MockRealtimeAudioSource::create):
            (WebCore::MockRealtimeAudioSourceMac::MockRealtimeAudioSourceMac):
            * platform/mediastream/mac/MockRealtimeVideoSourceMac.h:
            * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
            (WebCore::MockRealtimeVideoSource::create):
            (WebCore::MockRealtimeVideoSourceMac::MockRealtimeVideoSourceMac):
            * platform/mock/MockRealtimeAudioSource.cpp:
            (WebCore::MockRealtimeAudioSource::create):
            (WebCore::MockRealtimeAudioSource::createMuted):
            (WebCore::MockRealtimeAudioSource::MockRealtimeAudioSource):
            * platform/mock/MockRealtimeAudioSource.h:
            * platform/mock/MockRealtimeVideoSource.cpp:
            (WebCore::MockRealtimeVideoSource::create):
            (WebCore::MockRealtimeVideoSource::createMuted):
            (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource):
            * platform/mock/MockRealtimeVideoSource.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221971. rdar://problem/34958928

    2017-09-13  Ms2ger  <Ms2ger@igalia.com>

            Make WebGLRenderingContextBase::TypedList::data() const-correct.
            https://bugs.webkit.org/show_bug.cgi?id=176833

            Reviewed by Sam Weinig.

            No change of behavior.

            * html/canvas/WebGLRenderingContextBase.cpp:
            (WebCore::WebGLRenderingContextBase::validateUniformMatrixParameters):
            * html/canvas/WebGLRenderingContextBase.h:
            (WebCore::WebGLRenderingContextBase::TypedList::data const):
            * platform/graphics/GraphicsContext3D.h:
            * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
            (WebCore::GraphicsContext3D::uniform1fv):
            (WebCore::GraphicsContext3D::uniform2fv):
            (WebCore::GraphicsContext3D::uniform3fv):
            (WebCore::GraphicsContext3D::uniform4fv):
            (WebCore::GraphicsContext3D::uniform1iv):
            (WebCore::GraphicsContext3D::uniform2iv):
            (WebCore::GraphicsContext3D::uniform3iv):
            (WebCore::GraphicsContext3D::uniform4iv):
            (WebCore::GraphicsContext3D::uniformMatrix2fv):
            (WebCore::GraphicsContext3D::uniformMatrix3fv):
            (WebCore::GraphicsContext3D::uniformMatrix4fv):
            (WebCore::GraphicsContext3D::vertexAttrib1fv):
            (WebCore::GraphicsContext3D::vertexAttrib2fv):
            (WebCore::GraphicsContext3D::vertexAttrib3fv):
            (WebCore::GraphicsContext3D::vertexAttrib4fv):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223315. rdar://problem/34985202

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Performance: Skip texture upload if source image and destination texture haven't changed
            https://bugs.webkit.org/show_bug.cgi?id=178254
            <rdar://problem/34968181>

            Reviewed by Dean Jackson.

            Update GraphicsContext3D to track which texture is bound to which texture unit, and also to
            track when those bound textures have their backing stores modified. This new "seed" value
            will be used to determine whether a given texture which has previously had image data
            uploaded to it needs to be re-updated.

            In VideoTextureCopierCV, track whether the texture's seed changed, whether the IOSurface is
            the same,  whether the IOSurface's seed has changed, and whether the "flipY" parameter
            changed since the last time the copier was asked to upload to the texture.

            * platform/graphics/GraphicsContext3D.h:
            (WebCore::GraphicsContext3D::textureSeed):
            (WebCore::GraphicsContext3D::GraphicsContext3DState::currentBoundTexture):
            (WebCore::GraphicsContext3D::GraphicsContext3DState::boundTexture):
            (WebCore::GraphicsContext3D::GraphicsContext3DState::setBoundTexture):
            * platform/graphics/cv/VideoTextureCopierCV.cpp:
            (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
            * platform/graphics/cv/VideoTextureCopierCV.h:
            (WebCore::VideoTextureCopierCV::lastTextureSeed):
            * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
            (WebCore::GraphicsContext3D::prepareTexture):
            (WebCore::GraphicsContext3D::bindTexture):
            (WebCore::GraphicsContext3D::texStorage2D):
            (WebCore::GraphicsContext3D::texStorage3D):
            (WebCore::GraphicsContext3D::framebufferTexture2D):
            (WebCore::GraphicsContext3D::texSubImage2D):
            (WebCore::GraphicsContext3D::compressedTexImage2D):
            (WebCore::GraphicsContext3D::compressedTexSubImage2D):
            (WebCore::GraphicsContext3D::createTexture):
            (WebCore::GraphicsContext3D::deleteTexture):
            (WebCore::GraphicsContext3D::texImage2DDirect):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223298. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix; wrap more functions in USE(IOSURFACE) so that
            they do not generate "unused function" errors.

            * platform/graphics/cv/VideoTextureCopierCV.cpp:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223297. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            One last unreviewed build fix; since the IOSurface APIs don't exist at
            all on the simulator, just wrap the entirety of the implementation of
            copyImageToPlatformTexture() in a #if USE(IOSURFACE) check.

            * platform/graphics/cv/VideoTextureCopierCV.cpp:
            (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223295. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix for the previous build fix; use the right PAL path for IOSurfaceSPI.h.

            * platform/graphics/cv/VideoTextureCopierCV.cpp:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223294. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix; add definitions for IOSurface methods missing on some platforms.

            * platform/graphics/cv/VideoTextureCopierCV.cpp:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223289. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix; forward declare the type of IOSurfaceRef.

            * platform/cocoa/CoreVideoSoftLink.cpp:
            * platform/cocoa/CoreVideoSoftLink.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223287. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix; add soft link macros for newly called CoreVideo methods.

            * platform/cocoa/CoreVideoSoftLink.cpp:
            * platform/cocoa/CoreVideoSoftLink.h:

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223285. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Unreviewed build fix; add UNUSED_PARAM macros.

            * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
            (WebCore::GraphicsContext3D::texImageIOSurface2D):

2017-10-18  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223280. rdar://problem/34958928

    2017-10-13  Jer Noble  <jer.noble@apple.com>

            Performance: do pixel conformance and texturing in a single step.
            https://bugs.webkit.org/show_bug.cgi?id=178219
            <rdar://problem/34937237>

            Reviewed by Dean Jackson.

            No new tests; performance improvements should have no behavior change.

            Rather than asking the VTDecompressionSession to conform the output CVPixelBuffer into a
            pixel format compatible with OpenGL (& ES), don't constrain the output at all, and only do a
            conformance step if the output is not already compatible with OpenGL. This eliminates one
            copy (in hardware) operation.

            Move the TextureCacheCV object into VideoTextureCopierCV; it will be conditionally used to
            create the texture if the pixel buffer is compatible.

            Refactor copyVideoTextureToPlatformTexture(CVOpenGLTextureRef) in VideoTextureCopierCV. The
            new entry point, copyImageToPlatformTexture(), will attempt to use the texture cache first,
            and call a new common copyVideoTextureToPlatformTexture(Platform3DObject) with the result.

            The new copyImageToPlatformTexture() will pull planar YUV frames into two textures, and combine
            the two with a color transfer function when drawing to the output texture.

            * platform/graphics/GraphicsContext3D.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::copyVideoTextureToPlatformTexture):
            * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
            (WebCore::GraphicsContext3D::texImageIOSurface2D):
            * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
            (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
            * platform/graphics/cv/TextureCacheCV.h:
            * platform/graphics/cv/TextureCacheCV.mm:
            (WebCore::TextureCacheCV::textureFromImage):
            * platform/graphics/cv/VideoTextureCopierCV.cpp:
            (WebCore::pixelRangeFromPixelFormat):
            (WebCore::transferFunctionFromString):
            (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):
            (WebCore::VideoTextureCopierCV::~VideoTextureCopierCV):
            (WebCore::VideoTextureCopierCV::initializeUVContextObjects):
            (WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
            (WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):
            * platform/graphics/cv/VideoTextureCopierCV.h:

2017-10-18  Dean Jackson  <dino@apple.com>

        Cherry-pick r223640. rdar://problem/35063901

    2017-10-18  Dean Jackson  <dino@apple.com>

            Some older hardware can't actually use renderbuffers at the size they advertise
            https://bugs.webkit.org/show_bug.cgi?id=178417
            <rdar://problem/35042291>

            Reviewed by Tim Horton.

            The change in r223567 caused some older hardware to fail, because even though
            they claimed to support a maximum renderbuffer and viewport of 16K, they were
            unable to actually handle one. Rather than trying to identify such hardware,
            clamp all buffers to a maximum of 8192. This is bigger than the previous value
            of 4096, and large enough to have a full-screen buffer on a Retina 5K iMac.

            * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
            (WebCore::GraphicsContext3D::getIntegerv):

2017-10-17  Dean Jackson  <dino@apple.com>

        Cherry-pick r223567. rdar://problem/35041476

    2017-10-16  Dean Jackson  <dino@apple.com>

            WebGL clamps drawingBufferWidth to 4096 pixels on a 5120 monitor/canvas
            https://bugs.webkit.org/show_bug.cgi?id=178223
            <rdar://problem/34597567>

            Reviewed by Antoine Quint.

            Remove the limit of 4k on the width/height of the renderbuffer.

            Test: fast/canvas/webgl/large-drawing-buffer-resize.html

            * html/canvas/WebGLRenderingContextBase.cpp:
            (WebCore::WebGLRenderingContextBase::reshape):

2017-10-17  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223313. rdar://problem/35042269

    2017-10-13  Brent Fulgham  <bfulgham@apple.com>

            Protect FrameView during style calculations
            https://bugs.webkit.org/show_bug.cgi?id=178300
            <rdar://problem/34869329>

            Reviewed by Ryosuke Niwa.

            Protect the FrameView during layout and style updates in case arbitrary script
            is run that might clear it.

            Test: fast/html/marquee-reparent-check.html

            * page/FrameView.cpp:
            (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):

2017-10-12  Jason Marcell  <jmarcell@apple.com>

        Apply patch. rdar://problem/34891297

    Cherry-pick of r222803 <rdar://problem/34745579>
    
        2017-10-03  Jer Noble  <jer.noble@apple.com>
    
        Implement quality-of-service tiers in WebCoreDecompressionSession
        https://bugs.webkit.org/show_bug.cgi?id=177769
    
        Reviewed by Dean Jackson.
    
        VTDecompressionSession will suggest quality-of-service tiers to be used when decompression
        can't keep up with playback speed. Use a simple exponential-moving-average heuristic to
        determine when to move up and down the tiers.
    
        Drive-by fix: When frames are so late that they miss the display deadline, mark them as
        dropped rather than just delayed.
    
        * platform/graphics/cocoa/WebCoreDecompressionSession.h:
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
        (WebCore::WebCoreDecompressionSession::decodeSample):
        (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
        (WebCore::WebCoreDecompressionSession::automaticDequeue):
        (WebCore::WebCoreDecompressionSession::enqueueDecodedSample):
        (WebCore::WebCoreDecompressionSession::resetQosTier):
        (WebCore::WebCoreDecompressionSession::increaseQosTier):
        (WebCore::WebCoreDecompressionSession::decreaseQosTier):
        (WebCore::WebCoreDecompressionSession::updateQosWithDecodeTimeStatistics):
        * platform/cocoa/VideoToolboxSoftLink.cpp:
        * platform/cocoa/VideoToolboxSoftLink.h:

    2017-10-12  Jer Noble  <jer.noble@apple.com>

            Cherry-pick of r222803 <rdar://problem/34745579>

        2017-10-03  Jer Noble  <jer.noble@apple.com>

                Implement quality-of-service tiers in WebCoreDecompressionSession
                https://bugs.webkit.org/show_bug.cgi?id=177769

                Reviewed by Dean Jackson.

                VTDecompressionSession will suggest quality-of-service tiers to be used when decompression
                can't keep up with playback speed. Use a simple exponential-moving-average heuristic to
                determine when to move up and down the tiers.

                Drive-by fix: When frames are so late that they miss the display deadline, mark them as
                dropped rather than just delayed.

                * platform/graphics/cocoa/WebCoreDecompressionSession.h:
                * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
                (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
                (WebCore::WebCoreDecompressionSession::decodeSample):
                (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
                (WebCore::WebCoreDecompressionSession::automaticDequeue):
                (WebCore::WebCoreDecompressionSession::enqueueDecodedSample):
                (WebCore::WebCoreDecompressionSession::resetQosTier):
                (WebCore::WebCoreDecompressionSession::increaseQosTier):
                (WebCore::WebCoreDecompressionSession::decreaseQosTier):
                (WebCore::WebCoreDecompressionSession::updateQosWithDecodeTimeStatistics):
                * platform/cocoa/VideoToolboxSoftLink.cpp:
                * platform/cocoa/VideoToolboxSoftLink.h:

2017-10-12  Jason Marcell  <jmarcell@apple.com>

        Apply patch. rdar://problem/34891297

    Partial cherry-pick of r222225 <rdar://problem/34745579>, only the changes to WebCoreDecompressionSession.
    
        2017-09-19  Jer Noble  <jer.noble@apple.com>
    
        [Cocoa] Add an ImageDecoder subclass backed by AVFoundation
        https://bugs.webkit.org/show_bug.cgi?id=176825
    
        Reviewed by Eric Carlson.
    
        Modify WebCoreDecompressionSession so that it can emit frames which have been converted from
        YUV -> RGB as part of the decode operation. Also, add a synchronous decoding operation
        method, for use in ImageDecoderAVFObjC.
    
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession):
        * platform/graphics/cocoa/WebCoreDecompressionSession.h:
        (WebCore::WebCoreDecompressionSession::createOpenGL):
        (WebCore::WebCoreDecompressionSession::createRGB):
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession):
        (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
        (WebCore::WebCoreDecompressionSession::decodeSample):
        (WebCore::WebCoreDecompressionSession::decodeSampleSync):

    2017-10-12  Jer Noble  <jer.noble@apple.com>

            Partial cherry-pick of r222225 <rdar://problem/34745579>, only the changes to WebCoreDecompressionSession.

        2017-09-19  Jer Noble  <jer.noble@apple.com>

                [Cocoa] Add an ImageDecoder subclass backed by AVFoundation
                https://bugs.webkit.org/show_bug.cgi?id=176825

                Reviewed by Eric Carlson.

                Modify WebCoreDecompressionSession so that it can emit frames which have been converted from
                YUV -> RGB as part of the decode operation. Also, add a synchronous decoding operation
                method, for use in ImageDecoderAVFObjC.

                * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
                (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession):
                * platform/graphics/cocoa/WebCoreDecompressionSession.h:
                (WebCore::WebCoreDecompressionSession::createOpenGL):
                (WebCore::WebCoreDecompressionSession::createRGB):
                * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
                (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession):
                (WebCore::WebCoreDecompressionSession::ensureDecompressionSessionForSample):
                (WebCore::WebCoreDecompressionSession::decodeSample):
                (WebCore::WebCoreDecompressionSession::decodeSampleSync):

2017-10-12  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r223144. rdar://problem/34958765

    2017-10-10  Matt Rajca  <mrajca@apple.com>

            Respect audio rate change restrictions in HTMLMediaElement::setVolume.
            https://bugs.webkit.org/show_bug.cgi?id=178140

            Reviewed by Eric Carlson.

            Tests: media/audio-playback-volume-changes-with-restrictions-and-user-gestures.html
                   media/audio-playback-volume-changes-with-restrictions.html

            It's currently possible for a website to start auto-playing media with a zero volume and then
            programmatically set the volume to a non-zero value without a user gesture. This code path didn't
            have to be considered previously because volume changes are not supported on iOS.

            We currently pause media when an audio track comes in after an element has already started playing silently
            in mediaPlayerDidAddAudioTrack. This patch does the same when a non-zero volume is set after a media
            element already began playing silently and there is an audio rate change restriction.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::setVolume):

2017-10-12  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222627. rdar://problem/34938437

    2017-09-28  Tim Horton  <timothy_horton@apple.com>

            Remove constant() in favor of env()
            https://bugs.webkit.org/show_bug.cgi?id=177581
            <rdar://problem/34701321>

            Reviewed by Dean Jackson.

            No new tests, removing a feature.

            * css/CSSValueKeywords.in:
            * css/CSSVariableData.cpp:
            (WebCore::CSSVariableData::checkVariablesForCyclesWithRange const):
            (WebCore::CSSVariableData::resolveTokenRange const):
            * css/parser/CSSVariableParser.cpp:
            (WebCore::classifyBlock):

2017-10-13  Dean Jackson  <dino@apple.com>

        Cherry-pick r223063. rdar://problem/34921832

    2017-10-09  Dean Jackson  <dino@apple.com>

            [WebGL] Third IOSurface buffer might be allocated with the wrong size
            https://bugs.webkit.org/show_bug.cgi?id=178092
            <rdar://problem/34893173>

            Reviewed by Jer Noble.

            If the WebGL canvas resizes after the third buffer was allocated, it
            was never getting told that its backing store should be thrown away.

            * platform/graphics/cocoa/WebGLLayer.mm: Allocate the third buffer at
            the same time as the first two.
            (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]):
            (-[WebGLLayer bindFramebufferToNextAvailableSurface]):

2017-10-13  Dean Jackson  <dino@apple.com>

        Cherry-pick r222961. rdar://problem/34891070

    2017-10-05  Dean Jackson  <dino@apple.com>

            Lots of missing frames in YouTube360 when fullscreen on MacBook
            https://bugs.webkit.org/show_bug.cgi?id=177903
            <rdar://problem/33273300>

            Reviewed by Sam Weinig.

            Our compositing path for WebGL on macOS was too slow, requiring a copy
            of the framebuffer into another GL context. Replace this by having
            WebGL render into a texture that is backed by an IOSurface, and then
            set the WebGLLayer to use the IOSurface as contents.

            Covered by the existing WebGL tests.

            * platform/graphics/GraphicsContext3D.h:
            (WebCore::GraphicsContext3D::platformTexture const): We no longer use the
            framebuffer object outside the class, so change this to return the GL texture
            that the framebuffer is rendering in to. It was kind-of strange that it was
            named this way originally.
            Also make endPaint available on macOS, and add the definitions for
            createIOSurfaceBackingStore and updateFramebufferTextureBackingStoreFromLayer.

            * platform/graphics/cocoa/GraphicsContext3DCocoa.mm:
            (WebCore::GraphicsContext3D::GraphicsContext3D): Now that we're using an IOSurface,
            we're binding to a new attachment point, GL_TEXTURE_RECTANGLE.
            (WebCore::GraphicsContext3D::endPaint): This is now being called on macOS and iOS,
            so add a comment that explains the extra work that iOS needs to do. At some future
            point it would be nice to make this slightly cleaner, so that iOS and macOS are
            more similar.
            (WebCore::GraphicsContext3D::allocateIOSurfaceBackingStore): New function that calls
            into the corresponding WebGLLayer function.
            (WebCore::GraphicsContext3D::updateFramebufferTextureBackingStoreFromLayer): Ditto.

            * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
            (WebCore::wipeAlphaChannelFromPixels): Both readPixels and drawing a WebGL context
            into another buffer need to fill out the alpha channel if this context was
            created without one, otherwise the IOSurface backing store will happily provide
            what might be non-zero values.
            (WebCore::GraphicsContext3D::readPixelsAndConvertToBGRAIfNecessary): Call the helper above.
            (WebCore::GraphicsContext3D::reshapeFBOs): Add more code to call into the macOS-specific
            function to use an IOSurface as the framebuffer texture.
            (WebCore::GraphicsContext3D::readPixels): Call the helper above.

            * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
            (PlatformCALayerCocoa::copyContentsFromLayer): Replace the use of the
            deprecated setContentsChanged with reloadValueForKeyPath.

            * platform/graphics/cocoa/WebGLLayer.h: The macOS implementation now
            inherits from CALayer directly rather than CAOpenGLLayer. It also adds
            a few member variables to handle the IOSurfaces used for triple buffering.

            * platform/graphics/cocoa/WebGLLayer.mm:
            (-[WebGLLayer initWithGraphicsContext3D:]): If we were created without an
            alpha channel, tell CA that we're an opaque layer. Also set the layer's transform
            to identity, so that it calls into the code below to flip the contents.
            (-[WebGLLayer setTransform:]): Because an IOSurface is used for the layer contents,
            we don't get a chance to flip the drawing the way we do via the drawInContext delegate.
            Instead we have to apply a scale(1, -1) transform on top of the layer transform to
            make sure the layer is rendered right-way up.
            (-[WebGLLayer setAnchorPoint:]): Ditto, except we have to assume the anchor point is
            at the bottom of the layer, so flip the Y value.
            (-[WebGLLayer display]): Swap between the drawing buffer and the contents buffer, and
            then get a new buffer ready for display.
            (createAppropriateIOSurface): Helper.
            (-[WebGLLayer allocateIOSurfaceBackingStoreWithSize:usingAlpha:]): Initializes the
            IOSurfaces used for drawing buffers.
            (-[WebGLLayer bindFramebufferToNextAvailableSurface]): Take the next available IOSurface and
            make it the drawing buffer (binding in to WebGL at the same time).
            (-[WebGLLayer copyCGLPixelFormatForDisplayMask:]): Deleted.
            (-[WebGLLayer copyCGLContextForPixelFormat:]): Deleted.
            (-[WebGLLayer drawInCGLContext:pixelFormat:forLayerTime:displayTime:]): Deleted.

            * platform/graphics/mac/WebLayer.mm: Remove the definition of reloadValueForKeyPath.

2017-10-11  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222963. rdar://problem/34891307

    2017-10-05  Dean Jackson  <dino@apple.com>

            [WebGL] Safari performance is slow due to high MSAA usage
            https://bugs.webkit.org/show_bug.cgi?id=177949
            <rdar://problem/34835619>

            Reviewed by Sam Weinig.

            On some hardware, typically integrated GPUs, using MSAA with a sample
            count above 4 produces bad performance. Limit the number of samples to
            4 universally.

            * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
            (WebCore::GraphicsContext3D::reshapeFBOs):

2017-10-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222788. rdar://problem/34771440

    2017-10-03  Daniel Bates  <dabates@apple.com>

            [CSP] Check policy before opening a new window to a JavaScript URL
            https://bugs.webkit.org/show_bug.cgi?id=176815
            <rdar://problem/34400057>

            Reviewed by Brent Fulgham.

            Ensure that the Content Security Policy of the page allows navigation to a JavaScript URL
            before opening a new window to it.

            Test: http/tests/security/contentSecurityPolicy/window-open-javascript-url-blocked.html

            * loader/FrameLoader.cpp:
            (WebCore::createWindow):

2017-10-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221937. rdar://problem/34893195

    2017-09-12  Jer Noble  <jer.noble@apple.com>

            [MSE] Don't increase the reported totalFrameDelay for non-displayed frames (or frames coming in while paused).
            https://bugs.webkit.org/show_bug.cgi?id=175900

            Reviewed by Eric Carlson.

            When seeking to a specific time, the decompression session necessarily needs to be fed samples from before that
            time (i.e., all samples from the previous I-frame forward). These shouldn't contribute to the "total frame
            delay" metric. Neither should samples delivered when the video is paused (like, during seeking), as a frame can't
            be "late" if time is not moving forward.

            * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
            (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
            * platform/cf/CoreMediaSoftLink.cpp:
            * platform/cf/CoreMediaSoftLink.h:

2017-10-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221872. rdar://problem/34891288

    2017-09-11  Dean Jackson  <dino@apple.com>

            [WebGL macOS] No need to multisample when blitting into WebGLLayer
            https://bugs.webkit.org/show_bug.cgi?id=176666
            <rdar://problem/27774626>

            Reviewed by Sam Weinig.

            We were seeing performance profiles suggesting WebGL was
            doing 8x MSAA, even though we explicitly set it to only
            use 4 samples in the GLPixelFormatObj used to create
            the WebGL CGLContextObj. However, that same CGLPixelFormatObj
            was also used for the WebGLLayer's CGLContextObj, meaning the
            blit of the WebGL FBO into the WebGLLayer's backing store was
            multisampling as well -- so an extra 4 samples on top of the
            original 4, making it look like we were doing 8x.

            This was obviously unnecessary, since we already have the
            multisampled FBO and just want to copy it, as is, into the layer.

            Now, instead of copying the CGLPixelFormatObj, we create
            a new one and copy most of the attributes, leaving out
            the multisample flags (and the depth buffer, since we're
            only doing 2d blits).

            Covered by existing WebGL tests, since there should be no
            visible change.

            * platform/graphics/cocoa/WebGLLayer.mm:
            (-[WebGLLayer copyCGLPixelFormatForDisplayMask:]): Create a new
            CGLPixelFormatObj that copies most of the values from
            the corresponding object on the WebGL's backing CGLContextObj.

2017-10-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221831. rdar://problem/34891283

    2017-09-08  Dean Jackson  <dino@apple.com>

            gl.detachShader breaks shader program
            https://bugs.webkit.org/show_bug.cgi?id=137689
            <rdar://problem/34025056>

            Reviewed by Sam Weinig.

            It should be possible to compile shaders, attach them to a program,
            link the program, detach the shaders, delete the shaders, and then
            ask for the uniform and attribute locations. That is, once you've
            linked, the shaders can be thrown away.

            We were using the attached shaders to look up uniform locations, so
            we now keep around a separate map that remembers what shaders were
            attached when the program links.

            This fixes the bug, but the whole area is still a bit messy. For one,
            we're keeping around all the shader information even after it is
            no longer used.
            See https://bugs.webkit.org/show_bug.cgi?id=98204

            Test: fast/canvas/webgl/detachShader-before-accessing-uniform.html

            * platform/graphics/GraphicsContext3D.h: Add another map to remember
            what shaders were used when a program was linked.
            * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
            (WebCore::GraphicsContext3D::mappedSymbolInShaderSourceMap): New helper
            to look up a name in our source maps.
            (WebCore::GraphicsContext3D::mappedSymbolName): Use the helper, and look
            at linked shaders if there are no attached shaders.
            (WebCore::GraphicsContext3D::originalSymbolInShaderSourceMap): Does the
            reverse of the above.
            (WebCore::GraphicsContext3D::originalSymbolName):
            (WebCore::GraphicsContext3D::linkProgram): Add to the new map.
            (WebCore::GraphicsContext3D::deleteProgram): Delete the program from
            our shader entries.

2017-10-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222478. rdar://problem/34771020

    2017-09-25  Youenn Fablet  <youenn@apple.com>

            WebRTC video does not resume receiving when switching back to Safari 11 on iOS
            https://bugs.webkit.org/show_bug.cgi?id=175472
            <rdar://problem/33860863>

            Reviewed by Darin Adler.

            Test: webrtc/video-interruption.html and manual testing.

            Using new SetActive method from libwebrtc encoder/decoder to enable/disable them based on interuptions.
            For that purpose, LibWebRTCProvider is now storing the peer connection factory and keeping track of the encoder/decoder factories.
            LibWebRTCProvider is then notified by WebPage when backgrounded/foregrounded.

            * WebCore.xcodeproj/project.pbxproj:
            * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
            (WebCore::staticFactoryAndThreads):
            (WebCore::initializePeerConnectionFactoryAndThreads):
            (WebCore::LibWebRTCProvider::factory):
            (WebCore::LibWebRTCProvider::setPeerConnectionFactory):
            (WebCore::LibWebRTCProvider::createPeerConnection):
            (WebCore::LibWebRTCProvider::setActive):
            (WebCore::LibWebRTCProvider::webRTCAvailable):
            (WebCore::LibWebRTCProvider::mayResumePlayback): Deleted.
            (WebCore::LibWebRTCProvider::suspendPlayback): Deleted.
            * platform/mediastream/libwebrtc/LibWebRTCProvider.h:
            * platform/mediastream/libwebrtc/VideoToolBoxDecoderFactory.cpp: Copied from Source/WebCore/platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.cpp.
            (WebCore::VideoToolboxVideoDecoderFactory::setActive):
            (WebCore::VideoToolboxVideoDecoderFactory::CreateVideoDecoder):
            (WebCore::VideoToolboxVideoDecoderFactory::DestroyVideoDecoder):
            * platform/mediastream/libwebrtc/VideoToolBoxDecoderFactory.h: Copied from Source/WebCore/platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.h.
            * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.cpp:
            (WebCore::VideoToolboxVideoEncoderFactory::setActive):
            (WebCore::VideoToolboxVideoEncoderFactory::CreateSupportedVideoEncoder):
            (WebCore::VideoToolboxVideoEncoderFactory::DestroyVideoEncoder):
            * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.h:
            * testing/Internals.cpp:
            (WebCore::Internals::resetToConsistentState):
            * testing/MockLibWebRTCPeerConnection.cpp:
            (WebCore::useRealRTCPeerConnectionFactory):
            (WebCore::useMockRTCPeerConnectionFactory):
            * testing/MockLibWebRTCPeerConnection.h:

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221430. rdar://problem/34770998

    2017-08-31  Jer Noble  <jer.noble@apple.com>

            MSE-to-Canvas painting can become "stuck" during heavy workloads
            https://bugs.webkit.org/show_bug.cgi?id=176170

            Reviewed by Eric Carlson.

            During heavy workloads, the trigger from CMBufferQueue notifying us that we have dipped below
            the "low-water mark" of decoded (and decoding) frames will not fire. Instead of using a trigger
            (since it will not fire when the number of "frames being decoded" changes, just the number of
            decoded frames), just call maybeBecomeReadyForMoreMediaData() whenever the number of frames in
            the decoded queue decreases, or when the number of frames being decoded decreases.

            * platform/graphics/cocoa/WebCoreDecompressionSession.h:
            * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
            (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData):
            (WebCore::WebCoreDecompressionSession::enqueueSample):
            (WebCore::WebCoreDecompressionSession::decodeSample):
            (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
            (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
            (WebCore::WebCoreDecompressionSession::automaticDequeue):
            (WebCore::WebCoreDecompressionSession::imageForTime):
            (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaDataCallback): Deleted.

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222995. rdar://problem/34891302

    2017-10-06  Jer Noble  <jer.noble@apple.com>

            Netflix playback fails with S7353 error
            https://bugs.webkit.org/show_bug.cgi?id=178023

            Reviewed by Dean Jackson.

            On certain platforms, WebCoreDecompressionSession will fail to produce CVImageBuffers when presented with
            encrypted content. On those platforms, the seek() command will fail, because frames at the destination time
            cannot be decoded. This occurs for Netflix because the <video> element is not in the DOM at decode time.

            Only create a WebCoreDecompressionSession in MediaPlayerPrivateMediaSourceAVFObjC when we have explicitly
            been asked to paint into a WebGL canvas.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222786. rdar://problem/34820881

    2017-10-03  Brent Fulgham  <bfulgham@apple.com>

            Unreviewed test fix after r222779.

            * testing/cocoa/WebArchiveDumpSupport.mm:
            (WebCoreTestSupport::createCFURLResponseFromResponseData): Setting NSSecureCoding in this test code should be
            done based on build system, just like it is in the actual WebArchive handling code.

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222779. rdar://problem/34820881

    2017-10-03  Brent Fulgham  <bfulgham@apple.com>

            [Mac] Use safer decoding practices for NSKeyedUnarchiver
            https://bugs.webkit.org/show_bug.cgi?id=175887
            <rdar://problem/33435281>

            Reviewed by Daniel Bates.

            * loader/archive/cf/LegacyWebArchiveMac.mm:
            (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Use NSSecureCoding to unarchive.
            (WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto for archiving.
            * testing/cocoa/WebArchiveDumpSupport.mm:
            (WebCoreTestSupport::createCFURLResponseFromResponseData): Update to use NSSecureCoding if possible.

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221098. rdar://problem/34771028

    2017-08-23  Jer Noble  <jer.noble@apple.com>

            Track VideoPlaybackQuality metrics when using WebCoreDecompressionSession.
            https://bugs.webkit.org/show_bug.cgi?id=175835
            <rdar://problem/34022234>

            Reviewed by Eric Carlson.

            Test: platform/mac/media/media-source/videoplaybackquality-decompressionsession.html

            Track the total number of frames decoded, dropped, & corrupted, as well as the total
            delay imposed by decoding in the WebCoreDecompressionSession.

            Drive-by fix: implement frame dropping by skipping frames whose presentation times are
            before the video's current time and which aren't depended upon by other frames.

            * platform/cf/CoreMediaSoftLink.cpp:
            * platform/cf/CoreMediaSoftLink.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::videoPlaybackQualityMetrics):
            * platform/graphics/cocoa/WebCoreDecompressionSession.h:
            (WebCore::WebCoreDecompressionSession::totalVideoFrames):
            (WebCore::WebCoreDecompressionSession::droppedVideoFrames):
            (WebCore::WebCoreDecompressionSession::corruptedVideoFrames):
            (WebCore::WebCoreDecompressionSession::totalFrameDelay):
            * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
            (WebCore::WebCoreDecompressionSession::shouldDecodeSample):
            (WebCore::WebCoreDecompressionSession::decodeSample):
            (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221046. rdar://problem/34891067

    2017-08-22  Jer Noble  <jer.noble@apple.com>

            Refactor videoPerformanceQuality() MediaPlayer methods into single call.
            https://bugs.webkit.org/show_bug.cgi?id=175830

            Reviewed by Eric Carlson.

            Allow MediaPlayerPrivate subclasses to return all the metrics required for VideoPerformanceQuality in
            a single call. For clients which incur significant overhead to request this data, this reduces the cost
            of requesting data by the number of calls removed.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::getVideoPlaybackQuality):
            * platform/graphics/MediaPlayer.cpp:
            (WebCore::MediaPlayer::videoPlaybackQualityMetrics):
            (WebCore::MediaPlayer::totalVideoFrames): Deleted.
            (WebCore::MediaPlayer::droppedVideoFrames): Deleted.
            (WebCore::MediaPlayer::corruptedVideoFrames): Deleted.
            (WebCore::MediaPlayer::totalFrameDelay): Deleted.
            * platform/graphics/MediaPlayer.h:
            (WebCore::PlatformVideoPlaybackQualityMetrics::PlatformVideoPlaybackQualityMetrics):
            * platform/graphics/MediaPlayerPrivate.h:
            (WebCore::MediaPlayerPrivateInterface::videoPlaybackQualityMetrics):
            (WebCore::MediaPlayerPrivateInterface::totalVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateInterface::droppedVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateInterface::corruptedVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateInterface::totalFrameDelay): Deleted.
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::videoPlaybackQualityMetrics):
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::totalVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::droppedVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::corruptedVideoFrames): Deleted.
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::totalFrameDelay): Deleted.
            * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
            * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
            (WebCore::MockMediaPlayerMediaSource::videoPlaybackQualityMetrics):
            (WebCore::MockMediaPlayerMediaSource::totalVideoFrames): Deleted.
            (WebCore::MockMediaPlayerMediaSource::droppedVideoFrames): Deleted.
            (WebCore::MockMediaPlayerMediaSource::corruptedVideoFrames): Deleted.
            (WebCore::MockMediaPlayerMediaSource::totalFrameDelay): Deleted.
            * platform/mock/mediasource/MockMediaPlayerMediaSource.h:
            * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
            (WebCore::MockMediaSourcePrivate::videoPlaybackQualityMetrics):
            * platform/mock/mediasource/MockMediaSourcePrivate.h:

2017-10-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222402. rdar://problem/34770839

    2017-09-22  Tim Horton  <timothy_horton@apple.com>

            Add env() as an alias of constant()
            https://bugs.webkit.org/show_bug.cgi?id=177371

            Reviewed by Simon Fraser.

            * css/CSSValueKeywords.in:
            * css/CSSVariableData.cpp:
            (WebCore::CSSVariableData::checkVariablesForCyclesWithRange const):
            (WebCore::CSSVariableData::resolveTokenRange const):
            * css/parser/CSSVariableParser.cpp:
            (WebCore::classifyBlock):
            Add env() as an alias of constant() everywhere it is mentioned.

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Apply patch. rdar://problem/34770842

    Cherry-pick r221083. rdar://problem/34770842, rdar://problem/34770849

    2017-10-02  Mark Lam  <mark.lam@apple.com>

            Cherry-pick r221083. rdar://problem/34770842, rdar://problem/34770849

        2017-08-23  Yusuke Suzuki  <utatane.tea@gmail.com>

                Race condition in StartWebThread causing crash
                https://bugs.webkit.org/show_bug.cgi?id=175852

                Reviewed by Mark Lam.

                When starting web thread, the main thread waits for completion of web thread initialization
                by using pthread_cond_t. However, the main thread may be woken up due to the existence of
                the spurious wake up of pthread_cond_t.

                Instead, we should use WTF::Lock and WTF::Condition. Since our StartWebThread already calls
                WTF::initializeThreading, it is safe to use WTF::Lock and WTF::Condition. And our WTF::Condition
                does not have the spurious wake up problem as described in Condition.h.

                * platform/ios/wak/WebCoreThread.mm:
                (RunWebThread):
                (StartWebThread):

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222190. rdar://problem/34771470

    2017-09-18  Tim Horton  <timothy_horton@apple.com>

            Support min() and max() in calc()
            https://bugs.webkit.org/show_bug.cgi?id=167000
            <rdar://problem/30153481>

            Reviewed by David Hyatt.
            Patch originally by Myles Maxfield.

            Add two new toplevel functions to CSS, min() and max(), which take an
            arbirary number of arguments and resolve to the minimum and maximum of
            the resolved value of the arguments, respectively. It is also possible
            to use min() and max() inside calc(), and to use calc()-like math
            inside min() and max().

            * css/CSSCalculationValue.cpp:
            (WebCore::determineCategory):
            min and max operators don't use determineCategory; we have a specific
            implementation for them in createMinOrMax.

            (WebCore::resolvedTypeForMinOrMax):
            The spec says that min() and max() should be marked as invalid if they
            have values of more than one type, but that percentages should resolve
            against the destination type before making this determination. So,
            if the destination type is length, percent turns into percent-length,
            and similarly for number.

            (WebCore::isIntegerResult):
            Add an n-way implementation of isIntegerResult.

            (WebCore::isSamePair):
            (WebCore::CSSCalcOperation::createMinOrMax): Create a min() or max()
            operation, as long as the types of arguments are all the same. Allow
            lengths to upgrade the whole operation to percent-length, and numbers
            to percent-number, which will cause us to use CalculationValue and friends
            in order to do proper resolution of all of the parameters instead of
            just comparing their numeric values.

            (WebCore::CSSCalcOperation::createCalcExpression):
            (WebCore::CSSCalcOperation::doubleValue):
            (WebCore::CSSCalcOperation::computeLengthPx):
            (WebCore::CSSCalcOperation::customCSSText):
            (WebCore::CSSCalcOperation::primitiveType):
            (WebCore::CSSCalcOperation::CSSCalcOperation):
            (WebCore::CSSCalcOperation::evaluate):
            (WebCore::CSSCalcOperation::evaluateOperator):
            Adapt to child counts greater than two.

            (WebCore::CSSCalcOperation::buildCssText):
            Add support for min() and max().

            (WebCore::CSSCalcExpressionNodeParser::parseCalc):
            parseCalc now accepts a CSSValueID parameter indicating which calc function
            it should parse (calc, webkit-calc, min, or max), and delegates to either
            parseValueExpression or parseMinMaxExpression.

            (WebCore::CSSCalcExpressionNodeParser::operatorValue):
            (WebCore::CSSCalcExpressionNodeParser::parseValue):
            If min() or max() are found while parsing a value (i.e. nested inside
            either calc or themselves), use parseMinMaxExpression on that subtree.

            (WebCore::CSSCalcExpressionNodeParser::parseValueTerm):
            (WebCore::CSSCalcExpressionNodeParser::parseValueMultiplicativeExpression):
            (WebCore::CSSCalcExpressionNodeParser::parseAdditiveValueExpression):
            Adjust to the CSSCalcBinaryOperation->CSSCalcOperation rename.

            (WebCore::CSSCalcExpressionNodeParser::parseMinMaxExpression):
            Added. Parse an arbitrary number of comma-and-whitespace-separated children.

            (WebCore::createBlendHalf):
            Adjust to the CSSCalcBinaryOperation->CSSCalcOperation rename.

            (WebCore::createCSS):
            Build the CSSCalcOperation for the platform-independent min and max operations.

            (WebCore::CSSCalcValue::create):
            Pass the function being parsed and the destination calc category for the
            property being parsed for into create, and then into the parser so that
            it can know which function it is parsing for, and what kind of result it
            needs (as previously mentioned above in resolvedTypeForMinOrMax).

            * css/CSSCalculationValue.h:
            * css/CSSValueKeywords.in:
            Add min and max functions as CSS keywords.

            * css/StyleBuilderConverter.h:
            (WebCore::StyleBuilderConverter::convertLength):
            (WebCore::StyleBuilderConverter::convertTo100PercentMinusLength):
            * platform/Length.cpp:
            (WebCore::convertTo100PercentMinusLength):
            Adapt to the CalcExpressionOperation constructor taking a vector of
            arguments instead of two.

            * css/parser/CSSPropertyParserHelpers.cpp:
            (WebCore::CSSPropertyParserHelpers::CalcParser::CalcParser):
            Store and pass the specific function being parsed down into CSSCalcValue.

            (WebCore::CSSPropertyParserHelpers::consumeInteger):
            (WebCore::CSSPropertyParserHelpers::consumePositiveIntegerRaw):
            (WebCore::CSSPropertyParserHelpers::consumeNumberRaw):
            (WebCore::CSSPropertyParserHelpers::consumeNumber):
            (WebCore::CSSPropertyParserHelpers::consumeFontWeightNumber):
            (WebCore::CSSPropertyParserHelpers::consumeLength):
            (WebCore::CSSPropertyParserHelpers::consumePercent):
            (WebCore::CSSPropertyParserHelpers::consumeLengthOrPercent):
            (WebCore::CSSPropertyParserHelpers::consumeAngle):
            (WebCore::CSSPropertyParserHelpers::consumeTime):
            Pass the destination type into each calc parser.

            * platform/CalculationValue.cpp:
            (WebCore::CalcExpressionOperation::evaluate const):
            (WebCore::CalcExpressionOperation::operator== const):
            (WebCore::CalcExpressionOperation::dump const):
            (WebCore::operator<<):
            (WebCore::CalcExpressionBinaryOperation::evaluate const): Deleted.
            (WebCore::CalcExpressionBinaryOperation::operator== const): Deleted.
            (WebCore::CalcExpressionBinaryOperation::dump const): Deleted.
            * platform/CalculationValue.h:
            (WebCore::CalcExpressionOperation::CalcExpressionOperation):
            (WebCore::operator==):
            (WebCore::toCalcExpressionOperation):
            (WebCore::CalcExpressionBinaryOperation::CalcExpressionBinaryOperation): Deleted.
            (WebCore::toCalcExpressionBinaryOperation): Deleted.
            Adjust to the CSSCalcBinaryOperation->CSSCalcOperation rename.
            Adjust to having n>2 children.
            Support min() and max() operators in various places.


2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221100. rdar://problem/34771028

    2017-08-23  Jer Noble  <jer.noble@apple.com>

            Build fix for 32-bit Mac after r221098. Make sure constant used in WebCoreDecompressionSession is SoftLinked.

            * platform/cf/CoreMediaSoftLink.cpp:
            * platform/cf/CoreMediaSoftLink.h:

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221016. rdar://problem/34770830

    2017-08-22  Jer Noble  <jer.noble@apple.com>

            Autoplay Muted Videos Don't Play When Outside Viewport
            https://bugs.webkit.org/show_bug.cgi?id=175748
            <rdar://problem/33974383>

            Reviewed by Eric Carlson.

            Test: media/video-restricted-invisible-autoplay-not-allowed-source.html

            The media session is notified that its client (the media element) will begin autoplaying inside
            prepareForLoad(), where the m_autoplaying flag is also set. But loading via <source> elements does not go
            through prepareForLoad(); the HTML standard states that the <source> element loading path does not trigger the
            "media element load algorithm" which is implemented in prepareForLoad(). Since the m_autoplaying flag is
            initially set to true, notify the media session that the element will begin autoplaying inside the element's
            constructor.

            Drive-by fix: Doing the above causes other tests to crash, as purturbing play state during style change can cause
            re-entrancy in the native controls code, or fail, since we will transition from autoplay -> play even if there's
            not yet a src or source to the media element. Add a task queue for updating the autoplay state and check the ready
            state before allowing autoplay to transition to play.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::HTMLMediaElement):
            (WebCore::HTMLMediaElement::~HTMLMediaElement):
            (WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay const):
            (WebCore::HTMLMediaElement::isVisibleInViewportChanged):

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220484. rdar://problem/34770810

    2017-08-09  Commit Queue  <commit-queue@webkit.org>

            Unreviewed, rolling out r219334.
            https://bugs.webkit.org/show_bug.cgi?id=175398

            Caused bug 175023 (Requested by ap on #webkit).

            Reverted changeset:

            "[SVG] Leak in SVGAnimatedListPropertyTearOff"
            https://bugs.webkit.org/show_bug.cgi?id=172545
            http://trac.webkit.org/changeset/219334

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220302. rdar://problem/34770803

    2017-08-04  John Wilander  <wilander@apple.com>

            Resource Load Statistics: Report user interaction immediately, but only when needed
            https://bugs.webkit.org/show_bug.cgi?id=175090
            <rdar://problem/33685546>

            Reviewed by Chris Dumez.

            Test: http/tests/loading/resourceLoadStatistics/user-interaction-only-reported-once-within-short-period-of-time.html

            * loader/ResourceLoadObserver.cpp:
            (WebCore::ResourceLoadObserver::ResourceLoadObserver):
            (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
                Now tells the UI process immediately but also records that it has
                done so to avoid doing it when not needed.
            (WebCore::ResourceLoadObserver::scheduleNotificationIfNeeded):
                Conditional throttling gone, now always throttles.
            (WebCore::ResourceLoadObserver::notifyObserver):
                Renamed from ResourceLoadObserver::notificationTimerFired().
            (WebCore::ResourceLoadObserver::clearState):
                New function to allow the test runner to reset the web process'
                statistics state now that we keep track of whether or not we've
                reported user interaction to the UI process.
            (WebCore::ResourceLoadObserver::setShouldThrottleObserverNotifications): Deleted.
            (WebCore::ResourceLoadObserver::notificationTimerFired): Deleted.
            * loader/ResourceLoadObserver.h:
            (): Deleted.
            * testing/Internals.cpp:
            (WebCore::Internals::resetToConsistentState):
            (WebCore::Internals::setResourceLoadStatisticsShouldThrottleObserverNotifications): Deleted.
                No longer needed since user interaction is always communicated
                immediately.
            * testing/Internals.h:
            * testing/Internals.idl:

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221128. rdar://problem/34771005

    2017-08-23  Wenson Hsieh  <wenson_hsieh@apple.com>

            DeleteSelectionCommand should be robust when starting and ending editable positions cannot be found
            https://bugs.webkit.org/show_bug.cgi?id=175914
            <rdar://problem/29792688>

            Reviewed by Ryosuke Niwa.

            DeleteSelectionCommand can cause a null dereference if editable start and end positions are not found. This can
            happen when attempting to delete after selecting the contents within a canvas or output element with `read-write`
            `-webkit-user-modify` style. To fix this, we make the initialization step of the DeleteSelectionCommand robust
            when editable start and end positions are missing.

            Test: editing/execCommand/forward-delete-read-write-canvas.html

            * editing/DeleteSelectionCommand.cpp:
            (WebCore::DeleteSelectionCommand::initializePositionData):

            Make this initialization helper indicate failure via a bool return value. DeleteSelectionCommand::doApply bails
            early if initializePositionData returned false.

            (WebCore::DeleteSelectionCommand::doApply):
            * editing/DeleteSelectionCommand.h:

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221116. rdar://problem/34771068

    2017-08-23  Jer Noble  <jer.noble@apple.com>

            [EME] WebCoreDecompressionSession should only report having an available frame if it has one for the current time.
            https://bugs.webkit.org/show_bug.cgi?id=175901

            Reviewed by Eric Carlson.

            The WebCoreDecompressionSession will trigger the hasAvailableFrame callback whenever a frame is decoded,
            regardless of its presentation time. For formats which have out-of-order decoding, the newly decoded frame could
            have a presentation time far in the future. Instead, only fire the callback if the decoded frame's presentation
            times contains the timebase's current time.

            * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
            (WebCore::WebCoreDecompressionSession::enqueueDecodedSample):

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220718. rdar://problem/34771041

    2017-08-14  Andy Estes  <aestes@apple.com>

            [Apple Pay] Add support for phonetic contact names
            https://bugs.webkit.org/show_bug.cgi?id=175537
            <rdar://problem/32002644>

            Reviewed by Tim Horton.

            * Modules/applepay/ApplePayError.idl: Defined "phoneticName" in ApplePayErrorContactField.
            * Modules/applepay/ApplePayPaymentContact.h: Defined phoneticGivenName and phoneticFamilyName
            in ApplePayPaymentContact.
            * Modules/applepay/ApplePayPaymentContact.idl: Ditto.
            * Modules/applepay/ApplePayPaymentRequest.h: Defined PhoneticName in
            ApplePayPaymentRequest::ContactField.
            * Modules/applepay/ApplePayPaymentRequest.idl: Defined "phoneticName" in ApplePayContactField.
            * Modules/applepay/ApplePaySession.cpp:
            (WebCore::convertAndValidate): Added a version parameter. Added code to convert
            ContactField::PhoneticName, throwing an exception if version is less than 3.
            * Modules/applepay/PaymentContact.h: Added a version parameter to fromApplePayPaymentContact().
            * Modules/applepay/PaymentRequest.h: Defined phoneticName in PaymentRequest::ContactFields
            and defined PhoneticName in PaymentError::ContactField.
            * Modules/applepay/cocoa/PaymentContactCocoa.mm:
            (WebCore::convert): Added a version parameter. Set a phoneticRepresentation on the
            PKContact's name if there are non-empty phonetic names and version is 3 or greater.
            (WebCore::PaymentContact::fromApplePayPaymentContact): Passed version to convert().

2017-10-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220496. rdar://problem/34770816

    2017-08-09  Jeremy Jones  <jeremyj@apple.com>

            Use MPAVRoutingController instead of deprecated versions.
            https://bugs.webkit.org/show_bug.cgi?id=175063

            Reviewed by Tim Horton.

            No new tests because no behavior change. This uses a different platform class to present
            an interface.

            Remove deprecated MPAudioVideoRoutingPopoverController and MPAVRoutingSheet
            Add MPMediaControlsViewController.

            * platform/spi/ios/MediaPlayerSPI.h:

2017-10-04  Kocsen Chung  <kocsen_chung@apple.com>

        Revert r222779. rdar://problem/34706688

2017-10-04  Kocsen Chung  <kocsen_chung@apple.com>

        Revert r222786. rdar://problem/34706688

2017-10-03  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222786. rdar://problem/34706688

    2017-10-03  Brent Fulgham  <bfulgham@apple.com>

            Unreviewed test fix after r222779.

            * testing/cocoa/WebArchiveDumpSupport.mm:
            (WebCoreTestSupport::createCFURLResponseFromResponseData): Setting NSSecureCoding in this test code should be
            done based on build system, just like it is in the actual WebArchive handling code.

2017-10-03  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222779. rdar://problem/34706688

    2017-10-03  Brent Fulgham  <bfulgham@apple.com>

            [Mac] Use safer decoding practices for NSKeyedUnarchiver
            https://bugs.webkit.org/show_bug.cgi?id=175887
            <rdar://problem/33435281>

            Reviewed by Daniel Bates.

            * loader/archive/cf/LegacyWebArchiveMac.mm:
            (WebCore::LegacyWebArchive::createResourceResponseFromMacArchivedData): Use NSSecureCoding to unarchive.
            (WebCore::LegacyWebArchive::createPropertyListRepresentation): Ditto for archiving.
            * testing/cocoa/WebArchiveDumpSupport.mm:
            (WebCoreTestSupport::createCFURLResponseFromResponseData): Update to use NSSecureCoding if possible.

2017-10-01  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222588. rdar://problem/34717517

    2017-09-27  Myles C. Maxfield  <mmaxfield@apple.com>

            Minimum font size may cause elements to have an infinite line-height
            https://bugs.webkit.org/show_bug.cgi?id=177573
            <rdar://problem/34573792>

            Reviewed by Dan Bernstein.

            When minimum font size is specified, we were trying to preserve the ratio of specified font-size
            and specified line-height in order to boost the computed font size proportionately to the font-size
            boost. However, this doesn't work when the specified font-size is 0, because the ratio between
            line-height and font-size is infinite.

            The most straightforward solution is just to make small font-sizes opt out of the line-height
            adjustment because the result would be too big.

            Test: fast/text/line-height-minimumFontSize-text-small-font-size.html

            * css/StyleBuilderCustom.h:
            (WebCore::computeLineHeightMultiplierDueToFontSize):
            (WebCore::StyleBuilderCustom::applyValueLineHeight):

2017-09-27  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222576. rdar://problem/34553953

    2017-09-27  Myles C. Maxfield  <mmaxfield@apple.com>

            "Tag" codepoints require the complex text codepath
            https://bugs.webkit.org/show_bug.cgi?id=177251
            <rdar://problem/34384001>

            Reviewed by David Hyatt.

            Previously, Tag codepoints (U+E0000 - U+E007F) weren't triggering the
            complex text codepath.

            Eventually, we should migrate the default from simple to complex. I'll do
            that in a separate patch.

            Test: fast/text/flag-codepoint.html

            * platform/graphics/FontCascade.cpp:
            (WebCore::FontCascade::characterRangeCodePath):

2017-09-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222539. rdar://problem/34205774

    2017-09-26  Zalan Bujtas  <zalan@apple.com>

            Fall back to normal line layout position, when simple line layout fails to find one.
            https://bugs.webkit.org/show_bug.cgi?id=176220
            <rdar://problem/34205774>

            Reviewed by Brent Fulgham.

            In case of empty content, let's just fall back to normal line layout and try to
            find the visually correct one.

            Test: fast/text/invalid-positionForPoint-offset.html

            * rendering/RenderText.cpp:
            (WebCore::RenderText::positionForPoint):
            * rendering/SimpleLineLayoutResolver.cpp:
            (WebCore::SimpleLineLayout::RunResolver::runForPoint const):

2017-09-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222474. rdar://problem/34646376

    2017-09-25  Per Arne Vollan  <pvollan@apple.com>

            Crash in WebCore::TreeScope::documentScope
            https://bugs.webkit.org/show_bug.cgi?id=176159

            Reviewed by Ryosuke Niwa.

            When all children are replaced with a new node in ContainerNode::replaceAllChildren,
            the treescope of the new node should be set after the call to willRemoveChildren,
            since this call can fire events, and execute JS code, which might change the treescope
            of the container node.

            Test: fast/dom/crash-moving-subtree-between-documents.html

            * dom/ContainerNode.cpp:
            (WebCore::ContainerNode::replaceAllChildren):

2017-09-25  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222304. rdar://problem/34646370

    2017-09-20  Said Abou-Hallawa  <sabouhallawa@apple.com>

            REGRESSION(r191731): SVGPatternElement can only reference another SVGPatternElement in the same SVG document
            https://bugs.webkit.org/show_bug.cgi?id=176221

            Reviewed by Tim Horton.

            According to the specs:

            https://www.w3.org/TR/SVG11/filters.html#FilterElementHrefAttribute
            https://www.w3.org/TR/SVG11/pservers.html#LinearGradientElementHrefAttribute
            https://www.w3.org/TR/SVG11/pservers.html#RadialGradientElementHrefAttribute
            https://www.w3.org/TR/SVG11/pservers.html#PatternElementHrefAttribute

            The xlink:href attribute of the SVG filter, gradient and pattern elements
            must reference another element within the current SVG of the same type.

            In r191731, the code of SVGPatternElement::collectPatternAttributes() was
            removed and replaced by RenderSVGResourcePattern::collectPatternAttributes()
            to avoid cyclic reference in the pattern element. The problem is the old
            code used to check whether the referenced element is<SVGPatternElement>
            before casting it. This code was not copied to the new function. So we
            now allow the SVGPatternElement to reference any SVG resource element.

            To fix this issue, we need to prevent SVGResources from chaining an incorrect
            type of element to the SVG filter, gradient and pattern elements.

            We also need to use the SVGResources for getting the referenced element
            when collecting the attributes for the gradient elements. SVGResources solves
            the cyclic referencing issue so there is no need to repeat the same code
            in many places. Also, from now on the SVGResources will have valid linked
            resource only. So casting the referenced element should always be valid.

            Tests: svg/custom/pattern-invalid-content-inheritance.svg

            * rendering/svg/RenderSVGResourcePattern.cpp:
            (WebCore::RenderSVGResourcePattern::collectPatternAttributes const): Asserts
            the linkedResource is of type RenderSVGResourcePattern.
            * rendering/svg/SVGResources.cpp:
            (WebCore::SVGResources::SVGResources):
            (WebCore::isChainableResource): Ensure that an SVG resource can reference
            only an SVG resource with the valid type.
            (WebCore::SVGResources::buildCachedResources):
            * rendering/svg/SVGResources.h:

2017-09-20  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222097. rdar://problem/34508516

    2017-09-15  Brent Fulgham  <bfulgham@apple.com>

            Make DocumentLoader a FrameDestructionObserver
            https://bugs.webkit.org/show_bug.cgi?id=176364
            <rdar://problem/34254780>

            Reviewed by Alex Christensen.

            The DocumentLoader needs to know when its Frame is destroyed so that it can
            perform properly cleanup.

            Test: fast/events/beforeunload-dom-manipulation-crash.html

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::DocumentLoader): Call FrameDestructionObserver constructor.
            (WebCore::DocumentLoader::responseReceived): Drive-by fix. Make sure the current
            object is valid during the callback.
            (WebCore::DocumentLoader::attachToFrame): Use FrameDestructionObserver::observerFrame rather
            than setting the m_frame variable directly.
            (WebCore::DocumentLoader::detachFromFrame): Ditto.
            * loader/DocumentLoader.h:
            (WebCore::DocumentLoader::frame const): Deleted, as this is provided by the FrameDestructionObserver.

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222226. rdar://problem/34534758

    2017-09-19  Zalan Bujtas  <zalan@apple.com>

            AXObjectCache::performDeferredCacheUpdate is called recursively through FrameView::layout.
            https://bugs.webkit.org/show_bug.cgi?id=176218
            <rdar://problem/34205612>

            Reviewed by Simon Fraser.

            There are certain cases when we might re-enter performDeferredCacheUpdate through recursive
            layout calls (see webkit.org/b/177176) and mutate m_deferredTextChangedList multiple times.

            Test: accessibility/crash-table-recursive-layout.html

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::performDeferredCacheUpdate):
            * accessibility/AXObjectCache.h:

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222220. rdar://problem/34534766

    2017-09-15  Wenson Hsieh  <wenson_hsieh@apple.com>

            createMarkupInternal should protect its pointer to the Range's common ancestor
            https://bugs.webkit.org/show_bug.cgi?id=177033
            <rdar://problem/34265390>

            Reviewed by Tim Horton.

            Adds basic safeguarding to codepaths hit while executing an outdent command.

            Test: editing/execCommand/outdent-with-media-query-listener-in-iframe.html

            * editing/IndentOutdentCommand.cpp:
            (WebCore::IndentOutdentCommand::outdentRegion):

            Avoid an infinite loop if endOfCurrentParagraph is a null position.

            * editing/markup.cpp:
            (WebCore::createMarkupInternal):

            Protect the raw pointer to the Range's common ancestor node.

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222214. rdar://problem/34534751

    2017-09-19  Zalan Bujtas  <zalan@apple.com>

            Do not mutate RenderText content during layout.
            https://bugs.webkit.org/show_bug.cgi?id=176219
            <rdar://problem/34205724>

            Reviewed by David Hyatt.

            Update combined text when the style/content change as opposed to lazily, during layout.
            -content mutation during layout might make the inline tree go out of sync.

            Test: fast/text/international/dynamic-text-combine-crash.html

            * rendering/RenderBlockFlow.cpp:
            (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths const):
            * rendering/RenderCombineText.cpp:
            (WebCore::RenderCombineText::styleDidChange):
            (WebCore::RenderCombineText::setRenderedText):
            (WebCore::RenderCombineText::combineTextIfNeeded):
            (WebCore::RenderCombineText::combineText): Deleted.
            * rendering/RenderCombineText.h:
            * rendering/RenderText.h:
            * rendering/line/BreakingContext.h:
            (WebCore::BreakingContext::handleText):
            * rendering/line/LineBreaker.cpp:
            (WebCore::LineBreaker::skipLeadingWhitespace):

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221978. rdar://problem/34508522

    2017-09-13  Daniel Bates  <dabates@apple.com>

            Make history.pushState()/replaceState() more closely aligned to the HTML standard
            https://bugs.webkit.org/show_bug.cgi?id=176730
            <rdar://problem/33839265>

            Reviewed by Alex Christensen.

            Update history.pushState()/replaceState() to more closely align with the algorithm
            specified in <https://html.spec.whatwg.org/multipage/history.html#dom-history-pushstate-2> (9 September 2017).

            Test: http/tests/security/history-pushState-replaceState-from-sandboxed-iframe.html

            * page/History.cpp:
            (WebCore::History::stateObjectAdded):
            * page/SecurityOrigin.cpp:
            (WebCore::SecurityOrigin::extractInnerURL): Use URL constructor that takes a base URL as opposed
            to using the special ParsedURLString-variant because the latter can only be used to parse a string
            returned from URL::string(). And the extracted inner URL does not meet this criterion. Using the
            ParsedURLString-variant of the URL constructor with a string that is not the result of URL::string()
            will cause an assertion failure in a debug build.

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222167. rdar://problem/34508525

    2017-09-18  Antti Koivisto  <antti@apple.com>

            Avoid style resolution when clearing focused element.
            https://bugs.webkit.org/show_bug.cgi?id=176224
            <rdar://problem/34206409>

            Reviewed by Zalan Bujtas.

            Test: fast/dom/focus-style-resolution.html

            * dom/Document.cpp:
            (WebCore::Document::setFocusedElement):

                Don't do synchronous style resolution with FocusRemovalEventsMode::DoNotDispatch.
                Style resolution may dispatch events.

            * html/HTMLInputElement.cpp:
            (WebCore::HTMLInputElement::didBlur):

                Move resolveStyleIfNeeded call to setFocusedElement. It is the only client for didBlur.

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222163. rdar://problem/34508516

    2017-09-18  Per Arne Vollan  <pvollan@apple.com>

            [WK1] Layout Test fast/events/beforeunload-dom-manipulation-crash.html is crashing.
            https://bugs.webkit.org/show_bug.cgi?id=177071

            Reviewed by Brent Fulgham.

            The Page pointer in the history controller's frame is null. Add a null pointer check before
            accessing the page.

            No new tests, covered by exiting tests.

            * loader/HistoryController.cpp:
            (WebCore::HistoryController::updateForStandardLoad):
            (WebCore::HistoryController::updateForRedirectWithLockedBackForwardList):
            (WebCore::HistoryController::updateForClientRedirect):

2017-09-19  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222114. rdar://problem/34508510

    2017-09-15  Wenson Hsieh  <wenson_hsieh@apple.com>

            Avoid style recomputation when forwarding a focus event to an text field's input type
            https://bugs.webkit.org/show_bug.cgi?id=176160
            <rdar://problem/34184820>

            Reviewed by Ryosuke Niwa.

            Currently, TextFieldInputType::forwardEvent synchronously triggers style recomputation, for the purpose of
            scrolling to the origin upon handling a blur event, and also for updating caps lock state after a blur or focus.
            In synchronously triggering style recomputation, we may end up running arbitrary JavaScript, which may change
            the HTMLInputElement's type and cause the current TextFieldInputType to be destroyed.

            To mitigate this, we only update caps lock state when forwarding a focus or blur event to the InputType, and
            instead scroll blurred text fields to the origin later, in HTMLInputElement::didBlur (invoked from
            Document::setFocusedElement after blur and focusout events have fired). Instead of having the InputType update
            style, lift the call to Document::updateStyleIfNeeded up into HTMLInputElement so that we gracefully handle the
            case where the page destroys and sets a new InputType within the scope of this style update.

            Test: fast/forms/change-input-type-in-focus-handler.html

            * dom/Document.cpp:
            (WebCore::Document::setFocusedElement):
            * html/HTMLInputElement.cpp:
            (WebCore::HTMLInputElement::didBlur):
            * html/HTMLInputElement.h:
            * html/InputType.h:
            (WebCore::InputType::elementDidBlur):
            * html/TextFieldInputType.cpp:
            (WebCore::TextFieldInputType::forwardEvent):
            (WebCore::TextFieldInputType::elementDidBlur):
            * html/TextFieldInputType.h:

2017-09-14  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222008. rdar://problem/34426473

    2017-09-13  Zalan Bujtas  <zalan@apple.com>

            Switch multicolumn's spanner map from raw over to weak pointers.
            https://bugs.webkit.org/show_bug.cgi?id=176367
            <rdar://problem/34254896>

            Reviewed by Antti Koivisto.

            Test: fast/multicol/spanner-crash-when-adding-summary.html

            * rendering/RenderMultiColumnFlowThread.cpp:
            (WebCore::RenderMultiColumnFlowThread::evacuateAndDestroy):
            (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
            (WebCore::RenderMultiColumnFlowThread::handleSpannerRemoval):
            * rendering/RenderMultiColumnFlowThread.h:
            * rendering/RenderMultiColumnSet.cpp:
            (WebCore::RenderMultiColumnSet::firstRendererInFlowThread const):
            (WebCore::RenderMultiColumnSet::lastRendererInFlowThread const):
            * rendering/RenderMultiColumnSpannerPlaceholder.cpp:
            (WebCore::RenderMultiColumnSpannerPlaceholder::RenderMultiColumnSpannerPlaceholder):
            * rendering/RenderMultiColumnSpannerPlaceholder.h:

2017-09-14  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r222005. rdar://problem/34426487

    2017-09-13  Wenson Hsieh  <wenson_hsieh@apple.com>

            Submitting a form can cause HTMLFormElement's associated elements vector to be mutated during iteration
            https://bugs.webkit.org/show_bug.cgi?id=176368
            <rdar://problem/34254998>

            Reviewed by Ryosuke Niwa.

            In the process of iterating over form.associatedElements() during form submission in FormSubmission::create, the
            page may cause us to clobber the vector of FormAssociatedElements* we're currently iterating over by inserting
            new form controls beneath the form element we're in the process of submitting. This happens because
            FormSubmission::create calls HTMLTextAreaElement::appendFormData, which requires layout to be up to date, which
            in turn makes us updateLayout() and set focus, which fires a `change` event, upon which the page's JavaScript
            inserts additonal DOM nodes into the form, modifying the vector of associated elements.

            To mitigate this, instead of iterating over HTMLFormElement::associatedElements(), which returns a reference to
            the HTMLFormElement's actual m_associatedElements vector, we iterate over a new vector of
            Ref<FormAssociatedElement>s created from m_associatedElements.

            This patch also removes an event dispatch assertion added in r212026. This assertion was added to catch any
            other events dispatched in this scope, since dispatching events there would have had security implications, but
            after making iteration over associated elements robust, this NoEventDispatchAssertion is no longer useful.

            Test: fast/forms/append-children-during-form-submission.html

            * loader/FormSubmission.cpp:
            (WebCore::FormSubmission::create):

2017-09-14  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221968. rdar://problem/34169683

    2017-09-12  Matt Rajca  <mrajca@apple.com>

            Ensure the user interacted with the page before setting m_userHasInteractedWithMediaElement
            https://bugs.webkit.org/show_bug.cgi?id=176816

            Reviewed by Eric Carlson.

            Currently, when the user presses a keyboard shortcut in the client to reload a page, that may
            get registered as a user gesture on the reloaded page. Before setting the
            m_userHasInteractedWithMediaElement flag, we should check if a user gesture was actually handled
            by checking the userDidInteractWithPage flag. In case of key events that aren't handled by the
            page, this will be set to false by EventHandler:

                // If the key event was not handled, do not treat it as user interaction with the page.
                if (topDocument && !wasHandled)
                    topDocument->setUserDidInteractWithPage(savedUserDidInteractWithPage);

            We need to revisit this in the future in webkit.org/b/176817 and ensure user gesture tokens
            don't carry over across reloads of the page.

            Tests: I wasn't able to trigger the pathological scenario this aims to fix with a test that calls
            window.location.reload() from a synthetic keyDown event.

            * dom/Document.cpp:
            (WebCore::Document::noteUserInteractionWithMediaElement):

2017-09-12  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221917. rdar://problem/34404461

    2017-09-12  Brent Fulgham  <bfulgham@apple.com>

            Show punycode to user if a URL mixes Armenian Seh or Vo with other scripts
            https://bugs.webkit.org/show_bug.cgi?id=176578
            <rdar://problem/33906231>

            Reviewed by Alex Christensen.

            Revise our "lookalike character" logic to include the Armenian Vo and Seh
            characters, which can be mistaken for 'n' and 'v' when displayed in
            certain fonts.

            Tested by new API tests.

            * platform/mac/WebCoreNSURLExtras.mm:
            (WebCore::isArmenianLookalikeCharacter): Added utility function.
            (WebCore::isArmenianScriptCharacter): Ditto.
            (WebCore::isLookalikeCharacter): Handle Armenian-lookalike cases.

2017-09-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221709. rdar://problem/34169683

    2017-09-05  Matt Rajca  <mrajca@apple.com>

            Support new autoplay quirk for arbitrary user gestures.
            https://bugs.webkit.org/show_bug.cgi?id=176402

            Reviewed by Eric Carlson.

            This quirk allows any user gesture to allow autoplay in a document.

            No new tests because this specifically targets one host.

            * html/MediaElementSession.cpp:
            (WebCore::needsArbitraryUserGestureAutoplayQuirk):
            (WebCore::MediaElementSession::playbackPermitted const):

2017-09-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221386. rdar://problem/34169683

    2017-08-22  Matt Rajca  <mrajca@apple.com>

            Opt all Mac clients into document-level media user gesture quirks.
            https://bugs.webkit.org/show_bug.cgi?id=175831

            This un-breaks many of the sites that take a long time to load video ad elements on-demand.

            Reviewed by Eric Carlson.

            Test: media/document-level-media-user-gesture-quirk.html

            * html/MediaElementSession.cpp:
            (WebCore::MediaElementSession::playbackPermitted const):
            (WebCore::needsDocumentLevelMediaUserGestureQuirk): Deleted.

2017-09-10  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r221014. rdar://problem/34169683

    2017-08-21  Matt Rajca  <mrajca@apple.com>

            Call updateIsPlayingMedia whenever m_userHasInteractedWithMediaElement changes
            https://bugs.webkit.org/show_bug.cgi?id=175796

            Reviewed by Eric Carlson.

            Test: media/video-user-gesture-tracking.html

            The page media state depends on m_userHasInteractedWithMediaElement, so force it to update
            as soon as m_userHasInteractedWithMediaElement changes. This fixes an issue where the media
            state would not reflect the user interaction flag until a call to updateIsPlayingMedia was made.

            * dom/Document.cpp:
            (WebCore::Document::noteUserInteractionWithMediaElement):
            * dom/Document.h:
            (WebCore::Document::noteUserInteractionWithMediaElement): Deleted.
            * testing/Internals.cpp:
            (WebCore::Internals::pageMediaState):

2017-09-05  Matthew Hanson  <matthew_hanson@apple.com>

        Cherry-pick r221444. rdar://problem/34215746

    2017-08-31  David Quesada  <david_quesada@apple.com>

            WKNavigationDelegatePrivate client redirect SPI needs to be able to detect redirects scheduled before the document finishes loading
            https://bugs.webkit.org/show_bug.cgi?id=176128
            rdar://problem/34068476

            Reviewed by Brady Eidson.

            Removed FrameLoaderClient::dispatchDidPerformClientRedirect() since no client cares about this event anymore.
            Also removed FrameLoader::performClientRedirect() since it wouldn't do anything but call changeLocation().

            No new tests - no change in functionality.

            * loader/FrameLoader.cpp:
            * loader/FrameLoader.h:
            * loader/FrameLoaderClient.h:
            * loader/NavigationScheduler.cpp:

2017-08-21  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220940. rdar://problem/33994308

    2017-08-18  Tim Horton  <timothy_horton@apple.com>

            Remove classic mode screen scale clamping
            https://bugs.webkit.org/show_bug.cgi?id=175739
            <rdar://problem/33894531>

            Reviewed by Andy Estes.

            * platform/ios/PlatformScreenIOS.mm:
            (WebCore::screenScaleFactor):
            This code is no longer needed.

2017-08-15  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220723. rdar://problem/33901127

    2017-08-14  Jer Noble  <jer.noble@apple.com>

            Obj-C exception crash in AVStreamSession when using EME in Private Browsing mode
            https://bugs.webkit.org/show_bug.cgi?id=175547

            Reviewed by Eric Carlson.

            When the storagePath() is empty, do not use those AVStreamSession APIs which require a valid file path to stored
            proof-of-key-release data.

            Drive-by fix: return emptyString() from HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory() when in Private
            Browsing mode, to match the behavior of WebKitMediaKeySession.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::mediaPlayerMediaKeysStorageDirectory const):
            * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
            (WebCore::CDMSessionAVStreamSession::releaseKeys):
            (WebCore::CDMSessionAVStreamSession::update):
            (WebCore::CDMSessionAVStreamSession::generateKeyReleaseMessage):

2017-08-15  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r217197. rdar://problem/33890650

    2017-05-21  Antti Koivisto  <antti@apple.com>

            matchMedia('print').addListener() fires in WK1 but never in WK2 when printing (breaks printing Google maps, QuickLooks)
            https://bugs.webkit.org/show_bug.cgi?id=172361
            <rdar://problem/28777408>

            Reviewed by Sam Weinig.

            Test: fast/media/matchMedia-print.html

            * page/FrameView.cpp:
            (WebCore::FrameView::layout):

                Evaluate matchMedia queries unconditionally. No idea why it wasn't like that.

            * testing/Internals.cpp:
            (WebCore::Internals::setPrinting):

                Add testing support. The existing ways to do printing testing were unable to hit this bug as
                they had too much additional gunk.

            * testing/Internals.h:
            * testing/Internals.idl:

2017-08-15  Matthew Hanson  <matthew_hanson@apple.com>

        Cherry-pick r220722. rdar://problem/33890577

    2017-08-14  Andy Estes  <aestes@apple.com>

            REGRESSION (r220456): Crash in PreviewLoader::shouldCreateForMIMEType() when a ResourceResponse has a null MIME type
            https://bugs.webkit.org/show_bug.cgi?id=175548
            <rdar://problem/33866206>

            Reviewed by Brady Eidson.

            New API test: QuickLook.ShouldCreateForMIMEType

            * WebCore.xcodeproj/project.pbxproj:
            * loader/ios/PreviewLoader.h:
            * loader/ios/PreviewLoader.mm:
            (WebCore::PreviewLoader::shouldCreateForMIMEType): Check if mimeType is a null String before
            calling HashSet::contains().

2017-08-14  Jason Marcell  <jmarcell@apple.com>

        Revert r217197. rdar://problem/33890650

2017-08-14  Jason Marcell  <jmarcell@apple.com>

        Revert r220112. rdar://problem/33890661

2017-08-13  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220551. rdar://problem/33843388

    2017-08-10  Nan Wang  <n_wang@apple.com>

            AX: crash at WebCore::AccessibilityObject::supportsARIALiveRegion() const + 24
            https://bugs.webkit.org/show_bug.cgi?id=175340
            <rdar://problem/33782159>

            Reviewed by Chris Fleizach.

            The issue here is that we manualy set the parent object of the AccessibilitySVGRoot object
            and there are chances that the parent doesn't detach it properly during the parent's destroying
            process. Accessing the stale parent object will lead to a crash.
            Fixed this by making the parent object a weak pointer so we don't access an invalid memory.

            Test: accessibility/add-children-pseudo-element.html

            * accessibility/AccessibilityRenderObject.cpp:
            (WebCore::AccessibilityRenderObject::AccessibilityRenderObject):
            * accessibility/AccessibilityRenderObject.h:
            (WebCore::AccessibilityRenderObject::createWeakPtr):
            * accessibility/AccessibilitySVGRoot.cpp:
            (WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):
            (WebCore::AccessibilitySVGRoot::setParent):
            (WebCore::AccessibilitySVGRoot::parentObject const):
            * accessibility/AccessibilitySVGRoot.h:

2017-08-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220459. rdar://problem/33820790

    2017-08-09  Daniel Bates  <dabates@apple.com>

            REGRESSION (r219013): OAuth flows are broken when redirecting back to application after authentication
            https://bugs.webkit.org/show_bug.cgi?id=175247
            <rdar://problem/33679804>

            Reviewed by Brady Eidson.

            Add SPI so that Safari can differentiate between a form submission and a redirected form submission
            and have PolicyCheck notify the frame loader client if the navigation was in response to receiving a
            redirect response. This is the WebKit portion to fix an issue when a native app makes use of an OAuth
            OAuth flow that bounces to Safari for user login and then bounce back to the app. Microsoft Graph's
            OAuth flow is one example.

            Safari was differentiating between a form submission and a redirected form submission based on the
            nullity of WKNavigationAction.sourceFrame because in both cases the navigation type was WKNavigationTypeFormSubmitted.
            The navigation type is the same for both navigations because WebKit always used the navigation
            action from the original request for the redirect request when the original request redirected.
            Prior to r219013, WKNavigationAction.sourceFrame would be nil for a form submission that redirects.
            Following r219013, WKNavigationAction.sourceFrame is non-nil unless the navigation was initiated by
            API. In particular, WKNavigationAction.sourceFrame is non-nil for the redirect navigation corresponding
            to a form submission that redirects.

            * loader/EmptyClients.cpp:
            (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
            * loader/FrameLoaderClient.h:
            Have dispatchDecidePolicyForNavigationAction() take a boolean as to whether the navigation was in
            response to receiving a redirect response.
            * loader/PolicyChecker.cpp:
            (WebCore::PolicyChecker::checkNavigationPolicy): Notify the frame loader client whether the navigation
            is in response to receiving a redirect response.

2017-08-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220473. rdar://problem/33810961

    2017-08-09  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS DnD] ENABLE_DRAG_SUPPORT should be turned off for iOS 10 and enabled by default
            https://bugs.webkit.org/show_bug.cgi?id=175392
            <rdar://problem/33783207>

            Reviewed by Tim Horton and Megan Gardner.

            Tweak FeatureDefines to enable drag and drop by default, and disable only on unsupported platforms (i.e. iOS 10).
            No change in behavior.

            * Configurations/FeatureDefines.xcconfig:

2017-08-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220456. rdar://problem/33810950

    2017-08-09  Andy Estes  <aestes@apple.com>

            [QuickLook] Use case-insensitive comparison of preview MIME types
            https://bugs.webkit.org/show_bug.cgi?id=175350
            <rdar://problem/33761159>

            Reviewed by Brady Eidson.

            MIME types are case-insensitive, but PreviewLoader was using a case-sensitive comparison to
            determine if a MIME type was supported by QLPreviewConverter. As a result we would fail to
            preview Excel macro-enabled workbooks, since CFNetwork would sniff a MIME type of
            "application/vnd.ms-excel.sheet.macroEnabled.12" but QuickLook contained
            "application/vnd.ms-excel.sheet.macroenabled.12" in its set of supported MIME type strings.

            Fix this by copying the QuickLook supported MIME type set into a HashSet using
            ASCIICaseInsensitiveHash and using that HashSet for MIME type checks.

            Test: quicklook/excel-macro-enabled.html

            * loader/ios/PreviewLoader.mm:
            (WebCore::PreviewLoader::shouldCreateForMIMEType):

2017-08-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220333. rdar://problem/33810934

    2017-08-07  Antti Koivisto  <antti@apple.com>

            REGRESSION (r219121): Airmail 3 prints header part only.
            https://bugs.webkit.org/show_bug.cgi?id=175258
            <rdar://problem/33601173>

            Reviewed by Andreas Kling.

            When a WK1 WebViw is printed via AppKit view hierarchy it won't explictly set the page width
            but uses the existing width. r219121 assumes that all printing code paths set the page width.

            No test, there appears to be no good way to test AppKit printing behaviors without adding complicated
            new testing infrastructure.

            * rendering/RenderView.cpp:
            (WebCore::RenderView::layout):

                If we are in printing layout and don't have page width set yet then use the current view width.
                This matches the behavior prior r219121.

2017-08-09  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220289. rdar://problem/33810941

    2017-08-04  Said Abou-Hallawa  <sabouhallawa@apple.com>

            RenderImageResourceStyleImage::image() should return the nullImage() if the image is not available
            https://bugs.webkit.org/show_bug.cgi?id=174874
            <rdar://problem/33530130>

            Reviewed by Simon Fraser.

            If an <img> element has a non-CachedImage content data, e.g. -webkit-named-image,
            RenderImageResourceStyleImage will be created and  attached to the RenderImage.
            RenderImageResourceStyleImage::m_cachedImage will be set to null at the
            beginning because the m_styleImage->isCachedImage() is false in this case.
            When ImageLoader finishes loading the url of the src attribute,
            RenderImageResource::setCachedImage() will be called to set m_cachedImage.

            A crash will happen when the RenderImage is destroyed. Destroying the
            RenderImage calls RenderImageResourceStyleImage::shutdown() which checks
            m_cachedImage and finds it not null, so it calls RenderImageResourceStyleImage::image()
            which ends up calling CSSNamedImageValue::image() which returns a null pointer
            because the size is empty. RenderImageResourceStyleImage::shutdown() calls
            image()->stopAnimation() without checking the return value of image().

            Another crash will happen later when deleting the CachedImage from the memory
            cache if CachedImage::canDestroyDecodedData() is called because the client
            it gets from m_clients is a freed pointer. This happens because RenderImageResourceStyleImage
            has m_styleImage of type StyleGeneratedImage but its m_cachedImage is set
            by RenderImageResource::setCachedImage(). When RenderImageResourceStyleImage::shutdown()
            is called, it calls  StyleGeneratedImage::removeClient() which does not
            know anything about RenderImageResourceStyleImage::m_cachedImage. So we
            end up having a freed pointer in the m_clients of the CachedImage.

            Test: fast/images/image-element-image-content-data.html

            * rendering/RenderImageResourceStyleImage.cpp:
            (WebCore::RenderImageResourceStyleImage::shutdown):  Revert back the changes
            of r208511 in this function. Add a call to image()->stopAnimation() without
            checking the return of image() since it will return the nullImage() if
            the image not available. There is no need to check m_cachedImage before
            calling image() because image() does not check or access m_cachedImage.

            If m_styleImage is not a CachedStyleImage but m_cachedImage is not null,
            we need to remove m_renderer from the set of the clients of this m_cachedImage.

            (WebCore::RenderImageResourceStyleImage::image const): The base class method
            RenderImageResource::image() returns the nullImage() if the image not
            available. This is because CachedImage::imageForRenderer() returns
            the nullImage() if the image is not available; see CachedImage.h. We should
            do the same for the derived class for consistency.

2017-08-08  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220248. rdar://problem/33754458

    2017-08-03  Jeremy Jones  <jeremyj@apple.com>

            Improve WebKitLegacy video fullscreen animation begin and end rects.
            https://bugs.webkit.org/show_bug.cgi?id=175152
            rdar://problem/32840576

            Reviewed by Eric Carlson.

            No new tests, becuase this change has no effect on the DOM.

            This change uses different rects for fullscreen animation to prevent the animation
            from failing, and to improve the aesthetics of the animation.

            * platform/mac/WebVideoFullscreenController.mm:
            (frameExpandedToRatioOfFrame):
            (-[WebVideoFullscreenController enterFullscreen:]):
            (-[WebVideoFullscreenController exitFullscreen]):
            (-[WebVideoFullscreenWindow animateFromRect:toRect:withSubAnimation:controllerAction:]):
            (constrainFrameToRatioOfFrame): Deleted.

2017-08-08  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220247. rdar://problem/33754443

    2017-08-03  Jer Noble  <jer.noble@apple.com>

            [EME][Mac] SecureStop left on disk in Private Browsing mode.
            https://bugs.webkit.org/show_bug.cgi?id=175162

            Reviewed by Eric Carlson.

            Return an empty string from mediaKeysStorageDirectory() when the page indicates that storage should
            be ephemeral(). Previously, an empty string in this case would be treated as an error. Instead, treat
            an empty string as valid, and do not try to store or retrieve session information to disk in that case.

            * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
            (WebCore::WebKitMediaKeySession::mediaKeysStorageDirectory const):
            * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
            (WebCore::CDMSessionAVContentKeySession::releaseKeys):
            (WebCore::CDMSessionAVContentKeySession::update):
            (WebCore::CDMSessionAVContentKeySession::generateKeyReleaseMessage):
            (WebCore::CDMSessionAVContentKeySession::contentKeySession):
            * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
            (WebCore::CDMSessionMediaSourceAVFObjC::storagePath const):

2017-08-07  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220163. rdar://problem/33711032

    2017-08-02  Andy Estes  <aestes@apple.com>

            REGRESSION (r207155): Unable to switch sheets when previewing Numbers '09 spreadsheets
            https://bugs.webkit.org/show_bug.cgi?id=175098
            <rdar://problem/31416763>

            Reviewed by Daniel Bates.

            r207155 enabled sandboxing on the frame displaying a QuickLook preview. This restricted
            frames within the sandbox from navigating their sandboxed siblings or ancestors, which
            breaks the functionality of multi-sheet Numbers '09 spreadsheet previews. These previews
            contain a frameset with a table of contents frame and a content frame, and the table of
            contents frame needs to be able to navigate the content frame when the sheet selection
            changes.

            Fix this by disabling the SandboxNavigation flag in the QuickLook sandbox. Frames within the
            sandbox will be able to navigate each other, but will not be able to navigate the top frame
            (due to SandboxTopNavigation still being enabled), nor will they be able to navigate any
            other ancestor frame outside the sandbox (due to QuickLook previews being in a different
            origin than the hosting frame). These two cases are covered by existing tests.

            Test: quicklook/multi-sheet-numbers-09.html

            * dom/Document.cpp:
            (WebCore::Document::applyQuickLookSandbox): Added a call to
            disableSandboxFlags(SandboxNavigation) after applying the content security policy.
            * dom/SecurityContext.h:
            (WebCore::SecurityContext::disableSandboxFlags): Defined disableSandboxFlags().

2017-08-07  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220153. rdar://problem/33711047

    2017-08-02  Jer Noble  <jer.noble@apple.com>

            [MSE] Removing samples when presentation order does not match decode order can cause bad behavior.
            https://bugs.webkit.org/show_bug.cgi?id=175091

            Reviewed by Eric Carlson.

            Address follow-up comments to r219519.

            * Modules/mediasource/SourceBuffer.cpp:
            (WebCore::SourceBuffer::removeCodedFrames):

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220112. rdar://problem/33692164

    2017-08-01  Zalan Bujtas  <zalan@apple.com>

            REGRESSION (r217197): New Yorker website hangs for a long time on load, lots of blank tiles
            https://bugs.webkit.org/show_bug.cgi?id=175009
            <rdar://problem/33505791>

            Reviewed by Simon Fraser.

            This patch ensures that we report the desktop, non-frame-flattened frame size for media queries in subframes.
            Some websites don't expect the iframes to be expanded to the size of the content and when the media query
            callback mutates the content (triggering frame resize), they might end up getting into a never ending layout.

            Test: fast/frames/flattening/media-query-growing-content.html

            * css/MediaQueryEvaluator.cpp:
            (WebCore::orientationEvaluate):
            (WebCore::aspectRatioEvaluate):
            (WebCore::heightEvaluate):
            (WebCore::widthEvaluate):
            * page/FrameView.cpp:
            (WebCore::FrameView::layout):
            (WebCore::FrameView::layoutSizeForMediaQuery const):
            (WebCore::FrameView::evaluateMediaQueryList):
            * page/FrameView.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220085. rdar://problem/33692157

    2017-07-31  Matt Rajca  <mrajca@apple.com>

            Support quirk for letting media autoplay if the user interacted with at least one media element.
            https://bugs.webkit.org/show_bug.cgi?id=175005
            <rdar://problem/33476038>

            Reviewed by Eric Carlson.

            If the user has interacted with at least one media element, let other media elements auto-play
            as a quirk.

            * dom/Document.cpp:
            (WebCore::Document::updateIsPlayingMedia):
            * dom/Document.h:
            (WebCore::Document::noteUserInteractionWithMediaElement):
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture):
            * html/MediaElementSession.cpp:
            (WebCore::needsDocumentLevelMediaUserGestureQuirk):
            (WebCore::MediaElementSession::playbackPermitted const):
            * page/MediaProducer.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220084. rdar://problem/33692167

    2017-07-31  Nan Wang  <n_wang@apple.com>

            AX: CFEqual is failing on text markers with exact same data
            https://bugs.webkit.org/show_bug.cgi?id=175002
            <rdar://problem/33636985>

            Reviewed by Chris Fleizach.

            We should zero the memory of the TextMarkerData instance so that it
            can be tested for byte-equivalence.

            Made sure this change won't break any of the existing tests.

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
            (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220077. rdar://problem/33692157

    2017-07-28  Matt Rajca  <mrajca@apple.com>

            Propagate user gesture tokens when script elements are loaded.
            https://bugs.webkit.org/show_bug.cgi?id=174959

            Reviewed by Eric Carlson.

            Propagate user gesture tokens when script elements are loaded (i.e. between the time an
            element is created and its onload handler is invoked).

            * dom/ScriptElement.cpp:
            (WebCore::ScriptElement::ScriptElement):
            (WebCore::ScriptElement::dispatchLoadEventRespectingUserGestureIndicator):
            (WebCore::ScriptElement::executeScriptAndDispatchEvent):
            (WebCore::ScriptElement::executePendingScript):
            * dom/ScriptElement.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220035. rdar://problem/33692157

    2017-07-28  Matt Rajca  <mrajca@apple.com>

            Don't add autoplay restrictions to media elements created in response to user gestures.
            https://bugs.webkit.org/show_bug.cgi?id=174947

            Reviewed by Eric Carlson.

            Test: media/video-create-with-user-gesture.html

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::HTMLMediaElement):

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220112. rdar://problem/33687415

    2017-08-01  Zalan Bujtas  <zalan@apple.com>

            REGRESSION (r217197): New Yorker website hangs for a long time on load, lots of blank tiles
            https://bugs.webkit.org/show_bug.cgi?id=175009
            <rdar://problem/33505791>

            Reviewed by Simon Fraser.

            This patch ensures that we report the desktop, non-frame-flattened frame size for media queries in subframes.
            Some websites don't expect the iframes to be expanded to the size of the content and when the media query
            callback mutates the content (triggering frame resize), they might end up getting into a never ending layout.

            Test: fast/frames/flattening/media-query-growing-content.html

            * css/MediaQueryEvaluator.cpp:
            (WebCore::orientationEvaluate):
            (WebCore::aspectRatioEvaluate):
            (WebCore::heightEvaluate):
            (WebCore::widthEvaluate):
            * page/FrameView.cpp:
            (WebCore::FrameView::layout):
            (WebCore::FrameView::layoutSizeForMediaQuery const):
            (WebCore::FrameView::evaluateMediaQueryList):
            * page/FrameView.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220085. rdar://problem/33687398

    2017-07-31  Matt Rajca  <mrajca@apple.com>

            Support quirk for letting media autoplay if the user interacted with at least one media element.
            https://bugs.webkit.org/show_bug.cgi?id=175005
            <rdar://problem/33476038>

            Reviewed by Eric Carlson.

            If the user has interacted with at least one media element, let other media elements auto-play
            as a quirk.

            * dom/Document.cpp:
            (WebCore::Document::updateIsPlayingMedia):
            * dom/Document.h:
            (WebCore::Document::noteUserInteractionWithMediaElement):
            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture):
            * html/MediaElementSession.cpp:
            (WebCore::needsDocumentLevelMediaUserGestureQuirk):
            (WebCore::MediaElementSession::playbackPermitted const):
            * page/MediaProducer.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220084. rdar://problem/33687425

    2017-07-31  Nan Wang  <n_wang@apple.com>

            AX: CFEqual is failing on text markers with exact same data
            https://bugs.webkit.org/show_bug.cgi?id=175002
            <rdar://problem/33636985>

            Reviewed by Chris Fleizach.

            We should zero the memory of the TextMarkerData instance so that it
            can be tested for byte-equivalence.

            Made sure this change won't break any of the existing tests.

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
            (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220077. rdar://problem/33687398

    2017-07-28  Matt Rajca  <mrajca@apple.com>

            Propagate user gesture tokens when script elements are loaded.
            https://bugs.webkit.org/show_bug.cgi?id=174959

            Reviewed by Eric Carlson.

            Propagate user gesture tokens when script elements are loaded (i.e. between the time an
            element is created and its onload handler is invoked).

            * dom/ScriptElement.cpp:
            (WebCore::ScriptElement::ScriptElement):
            (WebCore::ScriptElement::dispatchLoadEventRespectingUserGestureIndicator):
            (WebCore::ScriptElement::executeScriptAndDispatchEvent):
            (WebCore::ScriptElement::executePendingScript):
            * dom/ScriptElement.h:

2017-08-02  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220035. rdar://problem/33687398

    2017-07-28  Matt Rajca  <mrajca@apple.com>

            Don't add autoplay restrictions to media elements created in response to user gestures.
            https://bugs.webkit.org/show_bug.cgi?id=174947

            Reviewed by Eric Carlson.

            Test: media/video-create-with-user-gesture.html

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::HTMLMediaElement):

2017-08-02  Matthew Hanson  <matthew_hanson@apple.com>

        Cherry-pick r219602. rdar://problem/33537767

    2017-07-17  Konstantin Tokarev  <annulen@yandex.ru>

            [cmake] Set library types before their targets are created
            https://bugs.webkit.org/show_bug.cgi?id=174600

            Reviewed by Michael Catanzaro.

            Since r219560 library targets are created before PlatformXXX.cmake
            files are processed, however library type must be passed in
            add_library() call and cannot be changed afterwards. Set these
            variables in OptionsXXX.cmake.

            No new tests needed.

            * PlatformMac.cmake:

2017-07-31  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220048. rdar://problem/33619591

    2017-07-30  Said Abou-Hallawa  <sabouhallawa@apple.com>

            RenderImageResourceStyleImage::image() should return the nullImage() if the image is not available
            https://bugs.webkit.org/show_bug.cgi?id=174874
            <rdar://problem/33530130>

            Reviewed by Darin Adler.

            If an <img> element has image content data for a none cached image, e.g.
            -webkit-named-image, RenderImageResourceStyleImage will be created and
            attached to the RenderImage. RenderImageResourceStyleImage::m_cachedImage
            will be set to null because the m_styleImage->isCachedImage() is false in
            this case. When ImageLoader finishes loading the url of the src attribute,
            RenderImageResource::setCachedImage() will be called to set m_cachedImage.

            A crash will happen when the RenderImage is destroyed. Destroying the
            RenderImage calls RenderImageResourceStyleImage::shutdown() which checks
            m_cachedImage and finds it not null, so it calls RenderImageResourceStyleImage::image()
            which ends up calling CSSNamedImageValue::image() which returns a null pointer
            because the size is empty. RenderImageResourceStyleImage::shutdown() calls
            image()->stopAnimation() without checking the return value of image().

            Like the base class virtual method RenderImageResource::image(),
            RenderImageResourceStyleImage::image() should return the nullImage() if
            the image is not available.

            Test: fast/images/image-element-image-content-data.html

            * css/CSSCrossfadeValue.cpp:
            * css/CSSFilterImageValue.cpp:
            * page/EventHandler.cpp:
            * page/PageSerializer.cpp:
            * rendering/RenderElement.cpp:
            * rendering/RenderImageResource.cpp:
            * rendering/RenderImageResourceStyleImage.cpp:
            (WebCore::RenderImageResourceStyleImage::initialize):

            (WebCore::RenderImageResourceStyleImage::shutdown): Revert back the changes
            of r208511 in this function. Add a call to image()->stopAnimation() without
            checking the return of image() since it will return the nullImage() if
            the image not available. There is no need to check m_cachedImage before
            calling image() because image() does not check or access m_cachedImage.

            (WebCore::RenderImageResourceStyleImage::image): The base class method
            RenderImageResource::image() returns the nullImage() if the image not
            available. This is because CachedImage::imageForRenderer() returns
            the nullImage() if the image is not available; see CachedImage.h. We should
            do the same for the derived class for consistency.

            * rendering/style/ContentData.cpp:
            * rendering/style/StyleCachedImage.cpp:
            * style/StylePendingResources.cpp:

2017-07-31  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220042. rdar://problem/33619586

    2017-07-29  Nan Wang  <n_wang@apple.com>

            AX: findMatchingObjects doesn't work when the startObject is ignored
            https://bugs.webkit.org/show_bug.cgi?id=174965

            Reviewed by Chris Fleizach.

            findMatchingObjects would return a wrong element if we pass in an ignored
            start object. To fix this, we should use the closest accessible sibling as
            the start object.

            Test: accessibility/mac/search-predicate-from-ignored-element.html

            * accessibility/AccessibilityObject.cpp:
            (WebCore::appendChildrenToArray):

2017-07-31  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220009. rdar://problem/33619585

    2017-07-28  Myles C. Maxfield  <mmaxfield@apple.com>

            [macOS] Reeder's defaults font is Times instead of San Francisco
            https://bugs.webkit.org/show_bug.cgi?id=174885
            <rdar://problem/33462483>

            Reviewed by Simon Fraser.

            Reeder uses explicit dot-prefixed names in its source code. Within Core Text,
            dot-prefixed names cannot be matched case insensitively. The solution is to
            not case-fold these family names, and to make our caches case sensitive for
            these special names.

            Tests: fast/text/font-lookup-dot-prefix-case-sensitive-2.html
                   fast/text/font-lookup-dot-prefix-case-sensitive.html

            * platform/graphics/FontCache.cpp:
            (WebCore::FontPlatformDataCacheKey::operator==):
            (WebCore::FontPlatformDataCacheKeyHash::hash):
            * platform/graphics/FontCascade.cpp:
            (WebCore::keysMatch):
            (WebCore::computeFontCascadeCacheHash):
            * platform/graphics/FontDescription.cpp:
            (WebCore::FontCascadeDescription::familyNamesAreEqual):
            (WebCore::FontCascadeDescription::familyNameHash):
            (WebCore::FontCascadeDescription::foldedFamilyName):
            * platform/graphics/FontDescription.h:
            * platform/graphics/cocoa/FontCacheCoreText.cpp:
            (WebCore::FontDatabase::fontForPostScriptName):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r220003. rdar://problem/33595572

    2017-07-28  Myles C. Maxfield  <mmaxfield@apple.com>

            REGRESSION(r216944): Fallback fonts erroneously visible when the primary font is loading
            https://bugs.webkit.org/show_bug.cgi?id=174772
            <rdar://problem/33267643>

            Reviewed by Simon Fraser.

            During a font load, we try pretty hard to find a font to use that isn't the
            last resort font (which happens to be Times). We do this by iterating through
            all the fonts in the font-family list, as well as through all the relevant
            @font-face blocks which share the requested font family name.

            Unfortunately, if we find one of these fallback fonts, we were simply using it
            directly, which means that it was being drawn as visible (because the
            visibility setting lives inside the Font object). Instead, we should carry the
            invisibility setting from the interstitial font to this used fallback font.

            This patch is an extension of r219221, which fixed the problem only for system
            fallback fonts. This patch adopts the same methodology to all fallback fonts.

            Test: http/tests/webfont/font-loading-system-fallback-visibility-FontRanges.html

            * platform/graphics/FontCascadeFonts.cpp:
            (WebCore::FontCascadeFonts::glyphDataForVariant):
            (WebCore::glyphPageFromFontRanges):
            * platform/graphics/FontRanges.cpp:
            (WebCore::FontRanges::glyphDataForCharacter):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219998. rdar://problem/33595610

    2017-07-28  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS DnD] [WK1] Snapshots generated using -[DOMRange renderImageForcingBlackText:] are upside down
            https://bugs.webkit.org/show_bug.cgi?id=174928
            <rdar://problem/33584280>

            Reviewed by Tim Horton.

            Pulls the implementation of createDragImageForRange out into DragImageIOS, and use TextIndicator to generate a
            snapshot instead of FrameSelection's snapshotting utilities. This makes snapshotting a DOMRange behave the same
            way as snapshotting a dragged selection.

            No way of testing TextIndicator-based snapshotting yet.

            * platform/DragImage.cpp:

            Guard createDragImageForRange for !PLATFORM(IOS).

            * platform/ios/DragImageIOS.mm:
            (WebCore::createDragImageForSelection):

            Add a FIXME to point out that having an additional context flip inside the UIGraphicsImageRenderer block results
            in an upside-down drag image being returned from createDragImageFromImage. This image is being flipped elsewhere
            in drag initiation code, which eventually results in the correct orientation; we'll need further investigation
            to remove this extraneous flip.

            (WebCore::createDragImageForRange):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219992. rdar://problem/33595621

    2017-07-27  Jeremy Jones  <jeremyj@apple.com>

            Don't override _allowsMediaDocumentInlinePlayback in MediaDocument with playsinlineAttr.
            https://bugs.webkit.org/show_bug.cgi?id=174850
            rdar://problem/33449903

            Reviewed by Jon Lee.

            This change removes playsinlineAttr from MediaDocument so that it doesn't override the setting
            from _allowsMediaDocumentInlinePlayback. In its place is an update to requiresFullscreenForVideoPlayback
            that implements the details of exactly which media documents are still allowed to play inlne.

            Media documents always use a video element; but when there are no video tracks, it has behavior like
            an audio element. See media-controller.js isAudio().

            This change preserves this behavior with respect to fullscreen requirements for media document by
            mirroring the isAudio() check in requiresFullscreenForVideoPlayback.

            * html/MediaDocument.cpp:
            (WebCore::MediaDocumentParser::createDocumentStructure):
            * html/MediaElementSession.cpp:
            (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219991. rdar://problem/33595570

    2017-07-27  Jeremy Jones  <jeremyj@apple.com>

            MediaDocument fullscreen pinch gesture should trigger navigate back.
            https://bugs.webkit.org/show_bug.cgi?id=174914

            Reviewed by Jon Lee.

            No new tests because only effect is from interaction with platform.

            For media documents, pressing the "done" button on fullscreen video navigates back
            to the previous page. The same should happen for other gestures that pause playback
            when returning to inline. This allows the gesture to have the same behavior as the
            button.

            * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
            (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219950. rdar://problem/33595459

    2017-07-26  Chris Dumez  <cdumez@apple.com>

            Pressing the Escape key should not be a valid user gesture to enter fullscreen
            https://bugs.webkit.org/show_bug.cgi?id=174864
            <rdar://problem/33009088>

            Reviewed by Geoffrey Garen.

            Pressing the Escape key should not be a valid user gesture to enter fullscreen since this
            is the gesture to exit fullscreen already.

            Test: fullscreen/requestFullscreen-escape-key.html

            * dom/Document.cpp:
            (WebCore::Document::requestFullScreenForElement):
            * dom/UserGestureIndicator.cpp:
            (WebCore::UserGestureIndicator::UserGestureIndicator):
            * dom/UserGestureIndicator.h:
            (WebCore::UserGestureToken::create):
            (WebCore::UserGestureToken::gestureType):
            (WebCore::UserGestureToken::UserGestureToken):
            * page/EventHandler.cpp:
            (WebCore::EventHandler::internalKeyEvent):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219949. rdar://problem/33595616

    2017-07-26  Nan Wang  <n_wang@apple.com>

            AX: Incorrect range from index and length in contenteditable with <p> tags
            https://bugs.webkit.org/show_bug.cgi?id=174856

            Reviewed by Chris Fleizach.

            When asking for the string inside a text control with a given range, we sometimes get
            a wrong string at the line boundary due to a bad plain range to text marker conversion.
            To fix this, we should use the exsisting method on text controls to avoid this issue.

            Updated the test to test the problematic case.

            * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
            (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219906. rdar://problem/33595387

    2017-07-26  Nan Wang  <n_wang@apple.com>

            AX: should dispatch accessibilityPerformPressAction async on MacOS
            https://bugs.webkit.org/show_bug.cgi?id=174849

            Reviewed by Chris Fleizach.

            If performing the accessibility press action results in a modal alert being displayed,
            it can cause VoiceOver to hang. To fix it, we should dispatch the action asynchronously.

            Updated tests to adapt to this change.

            * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
            (-[WebAccessibilityObjectWrapper accessibilityPerformPressAction]):
            (-[WebAccessibilityObjectWrapper _accessibilityPerformPressAction]):

2017-07-28  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219891. rdar://problem/33595436

    2017-07-25  Per Arne Vollan  <pvollan@apple.com>

            Dragged links are blurry on 1x displays.
            https://bugs.webkit.org/show_bug.cgi?id=174831
            <rdar://problem/33519698>

            Reviewed by Simon Fraser.

            When the width and height of the drag image is a multiple of 2, the drag image is not blurry
            on a 1x display. This is a workaround which should be removed when <rdar://problem/33059739>
            is fixed.

            No new tests, since this is not straightforward to test with a layout test.

            * platform/mac/DragImageMac.mm:
            (WebCore::LinkImageLayout::LinkImageLayout):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219876. rdar://problem/33523847

    2017-07-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

            Async image decoding for large images should be disabled after the first time a tile is painted
            https://bugs.webkit.org/show_bug.cgi?id=174451
            <rdar://problem/31246421>

            Reviewed by Simon Fraser.

            Flashing because of DOM mutation can be fixed by disabling the asynchronous
            image decoding after the first time a tile was painted.

            We can detect this by consulting the tile repaintCount. If it is zero, then
            it is safe to use asynchronous image decoded. If the tile repaintCount is
            greater than zero, we are not sure if the renderer rectangle has an image
            drawn in it already or not. In this case we have to use the synchronous
            image decoding to avoid causing a flash.

            Tests: fast/images/async-image-background-change.html
                   fast/images/async-image-src-change.html
                   http/tests/multipart/multipart-async-image.html

            * html/shadow/MediaControlElements.cpp:
            (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
            * page/FrameView.cpp:
            (WebCore::FrameView::willPaintContents):
            (WebCore::FrameView::paintContentsForSnapshot):
            * page/PageOverlayController.cpp:
            (WebCore::PageOverlayController::paintContents):
            * page/PageOverlayController.h:
            * page/linux/ResourceUsageOverlayLinux.cpp:
            * page/mac/ServicesOverlayController.h:
            * page/mac/ServicesOverlayController.mm:
            (WebCore::ServicesOverlayController::Highlight::paintContents):
            * platform/graphics/BitmapImage.cpp:
            (WebCore::BitmapImage::draw):
            * platform/graphics/BitmapImage.h:
            * platform/graphics/GraphicsLayer.cpp:
            (WebCore::GraphicsLayer::paintGraphicsLayerContents):
            * platform/graphics/GraphicsLayer.h:
            * platform/graphics/GraphicsLayerClient.h:
            (WebCore::GraphicsLayerClient::paintContents):
            * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
            (WebCore::LayerClient::platformCALayerPaintContents):
            * platform/graphics/ca/GraphicsLayerCA.cpp:
            (WebCore::GraphicsLayerCA::platformCALayerPaintContents):
            * platform/graphics/ca/GraphicsLayerCA.h:
            * platform/graphics/ca/PlatformCALayer.h:
            * platform/graphics/ca/PlatformCALayerClient.h:
            (WebCore::PlatformCALayerClient::platformCALayerRepaintCount):
            * platform/graphics/ca/TileCoverageMap.cpp:
            (WebCore::TileCoverageMap::platformCALayerPaintContents):
            * platform/graphics/ca/TileCoverageMap.h:
            * platform/graphics/ca/TileGrid.cpp:
            (WebCore::TileGrid::platformCALayerPaintContents):
            (WebCore::TileGrid::platformCALayerRepaintCount):
            * platform/graphics/ca/TileGrid.h:
            * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
            (PlatformCALayer::drawLayerContents):
            * platform/graphics/ca/win/PlatformCALayerWin.cpp:
            (PlatformCALayer::drawLayerContents):
            * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
            (PlatformCALayerWinInternal::displayCallback):
            * platform/graphics/ca/win/WebTiledBackingLayerWin.cpp:
            (WebTiledBackingLayerWin::displayCallback):
            * platform/graphics/mac/WebLayer.mm:
            (-[WebLayer drawInContext:]):
            (-[WebSimpleLayer drawInContext:]):
            * rendering/PaintPhase.h:
            * rendering/RenderBoxModelObject.cpp:
            (WebCore::RenderBoxModelObject::decodingModeForImageDraw):
            * rendering/RenderElement.h:
            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::paintLayerContents):
            (WebCore::RenderLayer::paintForegroundForFragments):
            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::paintContents):
            * rendering/RenderLayerBacking.h:
            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::paintContents):
            * rendering/RenderLayerCompositor.h:
            * rendering/RenderWidget.cpp:
            (WebCore::RenderWidget::paintContents):
            * testing/Internals.cpp:
            (WebCore::imageFromImageElement):
            (WebCore::bitmapImageFromImageElement):
            (WebCore::Internals::imageFrameIndex):
            (WebCore::Internals::setImageFrameDecodingDuration):
            (WebCore::Internals::resetImageAnimation):
            (WebCore::Internals::isImageAnimating):
            (WebCore::Internals::setClearDecoderAfterAsyncFrameRequestForTesting):
            (WebCore::Internals::imageDecodeCount):
            (WebCore::Internals::setLargeImageAsyncDecodingEnabledForTesting):
            * testing/Internals.h:
            * testing/Internals.idl:

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219620. rdar://problem/33523847

    2017-07-18  Matt Lewis  <jlewis3@apple.com>

            Unreviewed, rolling out r219610.

            This caused an api failure on all platforms for the test
            SnapshotImageLargeAsyncDecoding

            Reverted changeset:

            "Async image decoding for large images should be disabled
            after the first time a tile is painted"
            https://bugs.webkit.org/show_bug.cgi?id=174451
            http://trac.webkit.org/changeset/219610

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219762. rdar://problem/33523889

    2017-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>

            REGRESSION(r219045): A partially loaded image may not be repainted when its complete frame finishes decoding
            https://bugs.webkit.org/show_bug.cgi?id=174230

            Reviewed by Simon Fraser.

            Because of r219045, we now only repaint the CachedImageClinets which tried
            to draw the image but they could not because they have to wait for the image
            decoding to finish. This was done by keeping a HashSet of these clients
            and make CachedImage own it. This HashSet is cleared once the image frame
            finishes decoding and all the waited clients are repainted.

            But Multiple asynchronous image decoding requests are allowed for the same
            frame if new data is added to the image source. If we tried to draw the
            same image twice before it finishes decoding the first request, we will
            not be to record this second request since the HashSet will not add the
            same client twice. When he second request finishes decoding, CachedImage
            will not repaint any client since its HashSet is empty.

            To fix this problem we can do the following. When an image frame finishes
            decoding, CachedImage will keep its HashSet of pending drawing clients as
            long as the image frame is a partially loaded frame.

            * loader/cache/CachedImage.cpp:
            (WebCore::CachedImage::CachedImageObserver::imageFrameAvailable):
            (WebCore::CachedImage::imageFrameAvailable):
            * loader/cache/CachedImage.h:
            * platform/graphics/BitmapImage.cpp:
            (WebCore::BitmapImage::destroyDecodedData):
            (WebCore::BitmapImage::dataChanged):
            (WebCore::BitmapImage::setCurrentFrameDecodingStatusIfNecessary):
            (WebCore::BitmapImage::draw):
            (WebCore::BitmapImage::internalStartAnimation):
            (WebCore::BitmapImage::internalAdvanceAnimation):
            (WebCore::BitmapImage::imageFrameAvailableAtIndex):
            * platform/graphics/BitmapImage.h:
            * platform/graphics/ImageFrame.cpp:
            (WebCore::ImageFrame::decodingStatus):
            * platform/graphics/ImageFrame.h: Move DecodingStatus out of this class
            to ImageTypes.h to avoid adding other header files to ImageObvsever.h
            * platform/graphics/ImageFrameCache.cpp:
            (WebCore::ImageFrameCache::setNativeImage):
            (WebCore::ImageFrameCache::cacheMetadataAtIndex):
            (WebCore::ImageFrameCache::cacheNativeImageAtIndex):
            (WebCore::ImageFrameCache::cacheNativeImageAtIndexAsync):
            (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex):
            (WebCore::ImageFrameCache::frameDecodingStatusAtIndex):
            * platform/graphics/ImageFrameCache.h:
            * platform/graphics/ImageObserver.h:
            * platform/graphics/ImageSource.h:
            (WebCore::ImageSource::frameDecodingStatusAtIndex):
            * platform/graphics/ImageTypes.h:
            * platform/image-decoders/bmp/BMPImageReader.cpp:
            (WebCore::BMPImageReader::decodeBMP):
            * platform/image-decoders/gif/GIFImageDecoder.cpp:
            (WebCore::GIFImageDecoder::frameComplete):
            (WebCore::GIFImageDecoder::initFrameBuffer):
            * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
            (WebCore::JPEGImageDecoder::outputScanlines):
            (WebCore::JPEGImageDecoder::jpegComplete):
            * platform/image-decoders/png/PNGImageDecoder.cpp:
            (WebCore::PNGImageDecoder::rowAvailable):
            (WebCore::PNGImageDecoder::pngComplete):
            (WebCore::PNGImageDecoder::frameComplete):
            * platform/image-decoders/webp/WEBPImageDecoder.cpp:
            (WebCore::WEBPImageDecoder::decode):
            * rendering/RenderBoxModelObject.cpp:
            (WebCore::RenderBoxModelObject::decodingModeForImageDraw):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219738. rdar://problem/33523826

    2017-07-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

            [CG] An image should not invoke many system calls before confirming its format is supported
            https://bugs.webkit.org/show_bug.cgi?id=174692

            Reviewed by Tim Horton.

            We should be careful when invoking system calls before confirming that the
            image type is available and it is one of the whitelist formats. Otherwise
            we will be calling the parsers of the unsupported formats.

            * loader/cache/CachedImage.cpp:
            (WebCore::CachedImage::setImageDataBuffer): The check isAllowedImageUTI()
            is now done in ImageDecoder::encodedDataStatus() which will return Error
            if there is an error in the data or "isAllowedImageUTI() returns false."

            * platform/graphics/BitmapImage.cpp:
            (WebCore::BitmapImage::dataChanged): Avoid calling canUseAsyncDecodingForLargeImages()
            before confirming the image type is available and it's supported by WebKit.
            canUseAsyncDecodingForLargeImages() tries to cache the first frame of the
            image to know its size. Asking the ImageFrameCache to destroy its decoded
            frames is not needed unless ImageFrameCache::decodedSize() is not zero.

            * platform/graphics/cg/ImageDecoderCG.cpp:
            (WebCore::ImageDecoder::encodedDataStatus): Avoid calling CGImageSourceGetStatus()
            before knowing the UTI of the image. When knowing it, we call CGImageSourceGetStatus()
            and if it returns kCGImageStatusIncomplete or kCGImageStatusComplete, we
            check whether isAllowedImageUTI() or not. If isAllowedImageUTI() returns
            false, return Error which will make the CachedImage cancel loading the
            rest of the image.

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219829. rdar://problem/33523803

    2017-07-24  Simon Fraser  <simon.fraser@apple.com>

            Change "client" coordinates back to match scrolling coordinates
            https://bugs.webkit.org/show_bug.cgi?id=174734
            rdar://problem/33336930

            Reviewed by Tim Horton.

            Baidu.com (which uses jQuery), and various iOS apps make the assumption that getBoundingClientRect() returns a rectangle
            that can be used to set or compare with the scroll position. With visual viewports, that assumption is no longer valid
            when the page is zoomed, or when the keyboard has caused the visual viewport to detach from the layout viewport.

            At this point the compatibility cost of shipping layout viewport-based client rects seems higher than the gain, so revert
            to the shipping behavior. This reverts r216803, and will re-introduce bugs that occurred on zoomed pages on macOS,
            many of which are noted in webkit.org/b/170981.

            * page/FrameView.cpp:
            (WebCore::FrameView::documentToClientOffset):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219761. rdar://problem/33523829

    2017-07-22  Timothy Horton  <timothy_horton@apple.com>

            Drag and Drop preview image for Twitter link is the wrong shape
            ​https://bugs.webkit.org/show_bug.cgi?id=174731
            <rdar://problem/33335616>

            * dom/Range.cpp:
            (WebCore::Range::absoluteRectsForRangeInText):
            * page/TextIndicator.cpp:
            (WebCore::initializeIndicator):
            Apply some post-landing review feedback for r219756.

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219756. rdar://problem/33523829

    2017-07-21  Timothy Horton  <timothy_horton@apple.com>

            Drag and Drop preview image for Twitter link is the wrong shape
            https://bugs.webkit.org/show_bug.cgi?id=174731
            <rdar://problem/33335616>

            Reviewed by Zalan Bujtas.

            TextIndicator uses Range::borderAndTextQuads and ::absoluteTextRects
            in order to get the rects of the indicated text. Currently, these
            functions do not respect clipping, so clipped-out text (e.g. as seen
            inside links on Twitter) generates lots of meaningless indicated rects.

            * page/TextIndicator.cpp:
            (WebCore::estimatedBackgroundColorForRange):
            (WebCore::hasAnyIllegibleColors):
            Change adjustTextIndicatorDataOptionsForEstimatedColorsIfNecessary
            to instead be hasAnyIllegibleColors, and referred to in the same place
            as hasNonInlineOrReplacedElements, so that it follows the same
            upgrade path (leaving textRects empty, so that it is later filled in
            with the absoluteBoundingRect). This was a mistake in r219033, which
            instead would end up painting all content, but filling in textRects
            with the actual individual text rects.

            This alone changes the behavior on Twitter from lots of jagged misplaced
            rects to a too-large bounding rect. Combined with the following changes,
            the bounding rect is reduced to the right size:

            (WebCore::initializeIndicator):
            Adopt the new Range::borderAndTextQuads and ::absoluteTextRects parameter
            and opt-in to respecting clipping for text rects.

            * dom/DOMRectList.cpp:
            (WebCore::DOMRectList::DOMRectList):
            * dom/DOMRectList.h:
            (WebCore::DOMRectList::create):
            Add a DOMRectList constructor and create() that take FloatRects, similar
            to the one that takes FloatQuads, but without the boundingRect() calls.

            * dom/Document.h:
            * dom/Document.cpp:
            (WebCore::Document::convertAbsoluteToClientRects):
            Add convertAbsoluteToClientRects, similar to covertAbsoluteToClientQuads,
            except acting on rects instead of quads.

            * dom/Range.cpp:
            (WebCore::Range::absoluteRectsForRangeInText):
            (WebCore::Range::absoluteTextRects):
            (WebCore::Range::getClientRects):
            (WebCore::Range::borderAndTextRects):
            (WebCore::Range::boundingRect):
            (WebCore::Range::absoluteBoundingRect):
            (WebCore::Range::borderAndTextQuads): Deleted.
            * dom/Range.h:
            Replace borderAndTextQuads with borderAndTextRects, because all callers
            just ended up calling boundingBox() on the quads.

            Factor absoluteRectsForRangeInText out of absoluteTextRects and
            borderAndTextQuads, and teach it to optionally intersect the text rects
            with their renderer's absoluteClippedOverflowRect.

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219755. rdar://problem/33523843

    2017-07-21  Per Arne Vollan  <pvollan@apple.com>

            Round-tripping stroke-width styles through getComputedStyle cause the text to gain a stroke.
            https://bugs.webkit.org/show_bug.cgi?id=174701
            <rdar://problem/32903679>

            Reviewed by Simon Fraser.

            The initial value of stroke-color should be transparent, see https://www.w3.org/TR/fill-stroke-3/#stroke-color.
            Also, there is no need to set the graphics context in text stroke mode, if the stroke color is not visible.

            Test: fast/css/round-trip-stroke-width-using-computed-style.html

            * rendering/TextPaintStyle.cpp:
            (WebCore::updateGraphicsContext):
            * rendering/style/RenderStyle.h:
            (WebCore::RenderStyle::initialStrokeWidth):
            (WebCore::RenderStyle::initialStrokeColor):
            * rendering/style/StyleRareInheritedData.cpp:
            (WebCore::StyleRareInheritedData::StyleRareInheritedData):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219752. rdar://problem/33524766

    2017-07-21  Timothy Horton  <timothy_horton@apple.com>

            TextIndicator::estimatedTextColorsForRange asserts inside HashSet code (inserting reserved value)
            https://bugs.webkit.org/show_bug.cgi?id=174733

            Reviewed by Wenson Hsieh.

            * page/TextIndicator.cpp:
            (WebCore::estimatedTextColorsForRange):
            (WebCore::adjustTextIndicatorDataOptionsForEstimatedColorsIfNecessary):
            RGBA32 isn't a valid hash key, because we have no traits that define the
            empty or deleted values, nor do we have any bits we could feasibly
            use -- the full range of RGBA32 is easy to reach with various colors.

            Instead, hash Color directly.

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219751. rdar://problem/33523861

    2017-07-21  Nan Wang  <n_wang@apple.com>

            AX: Expose form validation on iOS as hint
            https://bugs.webkit.org/show_bug.cgi?id=174722
            <rdar://problem/33459761>

            Reviewed by Chris Fleizach.

            Adding the validation message to the hint of the form control element.

            Test: accessibility/ios-simulator/form-control-validation-message.html

            * accessibility/AccessibilityObject.cpp:
            (WebCore::AccessibilityObject::isShowingValidationMessage):
            (WebCore::AccessibilityObject::validationMessage):
            * accessibility/AccessibilityObject.h:
            * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
            (-[WebAccessibilityObjectWrapper accessibilityHint]):
            (-[WebAccessibilityObjectWrapper accessibilityIsShowingValidationMessage]):
            * html/HTMLFormControlElement.cpp:
            (WebCore::HTMLFormControlElement::isShowingValidationMessage):
            * html/HTMLFormControlElement.h:

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219742. rdar://problem/33523798

    2017-07-21  Zalan Bujtas  <zalan@apple.com>

            iBooks: Overlapping/missing content at beginning/end of paragraph.
            https://bugs.webkit.org/show_bug.cgi?id=174717
            <rdar://problem/33117912>

            Reviewed by Simon Fraser.

            By definiton simple and normal line layout should always produce the exact same lineboxes. It enables us not
            to force repaint while swapping between these 2 line layouts.
            However in certain cases (font size pixel rounding as an example) they don't agree on how much content fits the line and
            that could result in missing/overlapping content due to the lack of repaint.

            Unable to test.

            * rendering/RenderBlockFlow.cpp:
            (WebCore::RenderBlockFlow::ensureLineBoxes):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219737. rdar://problem/33523854

    2017-07-21  Jeremy Jones  <jeremyj@apple.com>

            AudioTrackPrivateMediaStreamCocoa shouldn't set AudioSession::setPreferredBufferSize
            https://bugs.webkit.org/show_bug.cgi?id=174707
            rdar://problem/33446809

            Reviewed by Eric Carlson.

            Manually tested for audio side effects.

            AudioChannel::copyFrom fails when AudioChannel lengths don't match.

            This happens because PlatformMediaSessionManager::updateSessionState() owns and sets
            AudioSession::setPreferredBufferSize().

            However, AudioTrackPrivateMediaStreamCocoa::createAudioUnit, when it creates an input
            audio unit is setting AudioSession::setPreferredBufferSize() directly to its own arbitrary value.

            AudioSession::setPreferredBufferSize() should be managed by the higher level
            PlatformMediaSessionManager, and not modified by audio unit creation, in order to keep harmony
            within the audio pipeline.

            * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
            (WebCore::AudioTrackPrivateMediaStreamCocoa::createAudioUnit):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219736. rdar://problem/33523835

    2017-07-21  Jeremy Jones  <jeremyj@apple.com>

            Noise when AudioChannel lengths don't match.
            https://bugs.webkit.org/show_bug.cgi?id=174706
            rdar://problem/33389856

            Reviewed by Eric Carlson.

            When AudioChannel lengths don't match, copyFrom() returns early leaving uninitialized data in the audio buffer.
            This change zeros out the data, so there isn't objectionable noise sent to the speaker.

            * platform/audio/AudioChannel.cpp:
            (WebCore::AudioChannel::copyFrom):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219638. rdar://problem/33523787

    2017-07-18  Ryosuke Niwa  <rniwa@webkit.org>

            REGRESSION(r218910): Crash when password field changes to text field
            https://bugs.webkit.org/show_bug.cgi?id=174560

            Reviewed by Zalan Bujtas.

            The crash was caused by textMarkerDataForFirstPositionInTextControl accessing a nullptr returned by getOrCreate.
            Unfortunately, in order to this fix bug while preserving the exact behavior would require synchronously creating
            a renderer for the editing host when the input type changed since we can't create an accessbility object out of
            a renderer-less node.

            Instead, revert back to pre-r218910 behavior of always using the text control element's axID when notifying
            the value change. While this is inconsistent with the way editing commands report content changes, I've since
            learned that VoiceOver has code to deal with this exact situation.

            Test: accessibility/mac/input-type-change-crash-2.html

            * accessibility/AXObjectCache.cpp:
            (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219610. rdar://problem/33523847

    2017-07-18  Said Abou-Hallawa  <sabouhallawa@apple.com>

            Async image decoding for large images should be disabled after the first time a tile is painted
            https://bugs.webkit.org/show_bug.cgi?id=174451

            Reviewed by Simon Fraser.

            Flashing because of DOM mutation can be fixed by disabling the asynchronous
            image decoding after the first time a tile was painted.

            We can detect this by consulting the tile repaintCount. If it is zero, then
            it is safe to use asynchronous image decoded. If the tile repaintCount is
            greater than zero, we are not sure if the renderer rectangle has an image
            drawn in it already or not. In this case we have to use the synchronous
            image decoding to avoid causing a flash.

            Tests: fast/images/async-image-background-change.html
                   fast/images/async-image-src-change.html
                   http/tests/multipart/multipart-async-image.html

            * page/PageOverlayController.cpp:
            (WebCore::PageOverlayController::paintContents):
            * page/PageOverlayController.h:
            * page/linux/ResourceUsageOverlayLinux.cpp:
            * page/mac/ServicesOverlayController.h:
            * page/mac/ServicesOverlayController.mm:
            (WebCore::ServicesOverlayController::Highlight::paintContents):
            * platform/graphics/BitmapImage.h:
            * platform/graphics/GraphicsLayer.cpp:
            (WebCore::GraphicsLayer::paintGraphicsLayerContents):
            * platform/graphics/GraphicsLayer.h:
            * platform/graphics/GraphicsLayerClient.h:
            (WebCore::GraphicsLayerClient::paintContents):
            * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
            (WebCore::LayerClient::platformCALayerPaintContents):
            * platform/graphics/ca/GraphicsLayerCA.cpp:
            (WebCore::GraphicsLayerCA::platformCALayerPaintContents):
            * platform/graphics/ca/GraphicsLayerCA.h:
            * platform/graphics/ca/PlatformCALayer.h:
            * platform/graphics/ca/PlatformCALayerClient.h:
            (WebCore::PlatformCALayerClient::platformCALayerRepaintCount):
            * platform/graphics/ca/TileCoverageMap.cpp:
            (WebCore::TileCoverageMap::platformCALayerPaintContents):
            * platform/graphics/ca/TileCoverageMap.h:
            * platform/graphics/ca/TileGrid.cpp:
            (WebCore::TileGrid::platformCALayerPaintContents):
            (WebCore::TileGrid::platformCALayerRepaintCount):
            * platform/graphics/ca/TileGrid.h:
            * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
            (PlatformCALayer::drawLayerContents):
            * platform/graphics/ca/win/PlatformCALayerWin.cpp:
            (PlatformCALayer::drawLayerContents):
            * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
            (PlatformCALayerWinInternal::displayCallback):
            * platform/graphics/ca/win/WebTiledBackingLayerWin.cpp:
            (WebTiledBackingLayerWin::displayCallback):
            * platform/graphics/mac/WebLayer.mm:
            (-[WebLayer drawInContext:]):
            (-[WebSimpleLayer drawInContext:]):
            * rendering/RenderBoxModelObject.cpp:
            (WebCore::RenderBoxModelObject::decodingModeForImageDraw):
            * rendering/RenderElement.h:
            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::paintContents):
            * rendering/RenderLayerBacking.h:
            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::paintContents):
            * rendering/RenderLayerCompositor.h:
            * testing/Internals.cpp:
            (WebCore::imageFromImageElement):
            (WebCore::bitmapImageFromImageElement):
            (WebCore::Internals::imageFrameIndex):
            (WebCore::Internals::setImageFrameDecodingDuration):
            (WebCore::Internals::resetImageAnimation):
            (WebCore::Internals::isImageAnimating):
            (WebCore::Internals::setClearDecoderAfterAsyncFrameRequestForTesting):
            (WebCore::Internals::imageDecodeCount):
            (WebCore::Internals::setLargeImageAsyncDecodingEnabledForTesting):
            * testing/Internals.h:
            * testing/Internals.idl:

2017-07-26  Jason Marcell  <jmarcell@apple.com>

        Revert r219342. rdar://problem/33523803

2017-07-24  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219665.

    2017-07-19  Myles C. Maxfield  <mmaxfield@apple.com>

            Setting the minimum font size preference doesn’t affect absolute line-height values, so lines overlap
            https://bugs.webkit.org/show_bug.cgi?id=174406

            Reviewed by Simon Fraser.
            <rdar://problem/10139227>

            Reviewed by NOBODY.

            When the minimumFontSize API preference is set, we will increase the font size without increasing
            the line height. If the content specifies line-height as an absolute value, there can be two
            unfortunate results:

            - Adjacent lines in a paragraph can overlap
            - If the paragraph (or containin block or whatever) uses overflow: hidden, the first and last lines
            can be cut off and potentially indecipherable.

            Instead, we should use the minimum font size preference as a signal that we should increase the
            line-height as well as the font-size. Eventually, we will want to increase it by an amount
            proportional to the increase in font-size (which can be due to minimumFontSize, minimumLogicalFontSize,
            text autosizing, etc.). However, because minimumLogicalFontSize is on by default, this would cause
            a behavior change on many webpages which use small text, so such a change would be too risky right now.
            Instead, we can pretend that minimumFontSize is the only cause that text increases, and use this as the
            only signal to boost the corresponding line-height.

            Tests: fast/text/line-height-minimumFontSize-text-zoom.html
                   fast/text/line-height-minimumFontSize-visual.html
                   fast/text/line-height-minimumFontSize-zoom.html
                   fast/text/line-height-minimumFontSize.html
                   fast/text/line-height-minimumFontSize-autosize.html

            * css/StyleBuilderCustom.h:
            (WebCore::computeBaseSpecifiedFontSize):
            (WebCore::computeLineHeightMultiplierDueToFontSize):
            (WebCore::StyleBuilderCustom::applyValueLineHeight):
            (WebCore::StyleBuilderCustom::applyValueFill):
            (WebCore::StyleBuilderCustom::applyValueStroke):
            (WebCore::StyleBuilderCustom::applyValueContent):
            * rendering/TextAutoSizing.cpp:

2017-07-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Setting the minimum font size preference doesn’t affect absolute line-height values, so lines overlap
        https://bugs.webkit.org/show_bug.cgi?id=174406
        <rdar://problem/10139227>

        Reviewed by Simon Fraser.

        When the minimumFontSize API preference is set, we will increase the font size without increasing
        the line height. If the content specifies line-height as an absolute value, there can be two
        unfortunate results:

        - Adjacent lines in a paragraph can overlap
        - If the paragraph (or containin block or whatever) uses overflow: hidden, the first and last lines
        can be cut off and potentially indecipherable.

        Instead, we should use the minimum font size preference as a signal that we should increase the
        line-height as well as the font-size. Eventually, we will want to increase it by an amount
        proportional to the increase in font-size (which can be due to minimumFontSize, minimumLogicalFontSize,
        text autosizing, etc.). However, because minimumLogicalFontSize is on by default, this would cause
        a behavior change on many webpages which use small text, so such a change would be too risky right now.
        Instead, we can pretend that minimumFontSize is the only cause that text increases, and use this as the
        only signal to boost the corresponding line-height.

        Tests: fast/text/line-height-minimumFontSize-text-zoom.html
               fast/text/line-height-minimumFontSize-visual.html
               fast/text/line-height-minimumFontSize-zoom.html
               fast/text/line-height-minimumFontSize.html
               fast/text/line-height-minimumFontSize-autosize.html

        * css/StyleBuilderCustom.h:
        (WebCore::computeBaseSpecifiedFontSize):
        (WebCore::computeLineHeightMultiplierDueToFontSize):
        (WebCore::StyleBuilderCustom::applyValueLineHeight):
        (WebCore::StyleBuilderCustom::applyValueFill):
        (WebCore::StyleBuilderCustom::applyValueStroke):
        (WebCore::StyleBuilderCustom::applyValueContent):
        * rendering/TextAutoSizing.cpp:

2017-07-23  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219571. rdar://problem/33464710

    2017-07-17  Simon Fraser  <simon.fraser@apple.com>

            clientX/clientY on TouchEvent.touches are wrong
            https://bugs.webkit.org/show_bug.cgi?id=174561
            rdar://problem/33336041

            Reviewed by Tim Horton.

            Do some refactoring so that WebKitAdditions code that computes Touch coordinates can use
            the same code that MouseRelatedEvent uses.

            There is no behavior change in this patch, but the test exercises a behavior change in
            WebKitAdditions code.

            Test: fast/events/touch/ios/touches-client-coords-after-zoom.html

            * dom/MouseRelatedEvent.cpp:
            (WebCore::MouseRelatedEvent::init):
            (WebCore::MouseRelatedEvent::frameViewFromDOMWindow):
            (WebCore::MouseRelatedEvent::pagePointToClientPoint):
            (WebCore::MouseRelatedEvent::pagePointToAbsolutePoint):
            (WebCore::MouseRelatedEvent::initCoordinates):
            (WebCore::MouseRelatedEvent::documentToAbsoluteScaleFactor):
            (WebCore::MouseRelatedEvent::computePageLocation):
            (WebCore::MouseRelatedEvent::locationInRootViewCoordinates):
            (WebCore::MouseRelatedEvent::frameView): Deleted.
            * dom/MouseRelatedEvent.h:

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219662. rdar://problem/33464110

    2017-07-19  Antoine Quint  <graouts@apple.com>

            [iOS] REGRESSION: Scrubbing media using built-in controls does not pause media
            https://bugs.webkit.org/show_bug.cgi?id=174650
            <rdar://problem/33401877>

            Reviewed by Dean Jackson.

            We would only pause when scrubbing on macOS because we only listened to "mousedown" events on the
            scrubber's backing <input> element to identify that the user had started interacting with the
            scrubber.

            Implementing the same technique on iOS required a little more work than just listening to "touchstart"
            events on the same element. On top of that, we needed to make sure that we would only respond to
            "touchstart" events on the slider's thumb, and not on the track, since only on macOS should the user
            be able to click anywhere on the track to scrub. So we turn off pointer-events for the <input> on iOS
            only, and turn them back on specifically for the thumb.

            There is also some finessing when dealing with touch events where we need to track the identifier of
            the touch that started the user interaction. So we keep track of it in an ivar and wait until we get
            a "touchend" event where the changedTouches list contains a touch with that same identifier to ensure
            the same touch that initiates and ends the scrubbing interaction.

            Finally, we fix another issue that was uncovered while turning back on the ScrubbingSupport tests
            where we would not trash the cached _value ivar when we initiated scrubbing, which was important since
            we would mistakenly use the pre-srubbing value during a scrub.

            * Modules/modern-media-controls/controls/slider.css:
            (.ios .slider > input):
            (.slider > input::-webkit-slider-thumb):
            * Modules/modern-media-controls/controls/slider.js:
            (Slider.prototype.handleEvent):
            (Slider.prototype._handleMousedownEvent):
            (Slider.prototype._interactionEndTarget):
            (Slider.prototype._handleTouchstartEvent):
            (Slider.prototype._valueWillStartChanging):
            (Slider.prototype._valueDidStopChanging):
            (Slider.prototype._handleMouseupEvent):
            (Slider.prototype._handleTouchendEvent):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219711. rdar://problem/33465715

    2017-07-20  Chris Dumez  <cdumez@apple.com>

            Hook up ITP quirks to the needsSiteSpecificQuirks setting
            https://bugs.webkit.org/show_bug.cgi?id=174691

            Reviewed by Darin Adler.

            Hook up ITP quirks to the needsSiteSpecificQuirks setting to make it easier for
            Web-developers to test their fixes.

            * loader/ResourceLoadObserver.cpp:
            (WebCore::shouldEnableSiteSpecificQuirks):
            (WebCore::areDomainsAssociated):
            (WebCore::ResourceLoadObserver::logFrameNavigation):
            (WebCore::resourceNeedsSSOQuirk):
            (WebCore::ResourceLoadObserver::logSubresourceLoading):
            (WebCore::ResourceLoadObserver::logWebSocketLoading):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219709. rdar://problem/33462692

    2017-07-20  David Quesada  <david_quesada@apple.com>

            Add SPI to notify WKNavigationDelegate about client redirects
            https://bugs.webkit.org/show_bug.cgi?id=174680
            rdar://problem/33184886

            Reviewed by Brady Eidson.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::performClientRedirect):
            * loader/FrameLoader.h:
            Add a convenience method for NavigationScheduler that handles a FrameLoadRequest
            as a client redirect. Currently this means loading the request and informing the
            client about it.

            * loader/FrameLoaderClient.h:
            Add FrameLoaderClient::dispatchDidPerformClientRedirect() to inform the client when
            a client redirect occurs.

            * loader/NavigationScheduler.cpp:
            Removed ScheduledURLNavigation::fire(). This class was never instantiated directly,
            and all subclasses override fire(), so this was unused code.
            For ScheduledRedirects and ScheduledLocationChange, use FrameLoader's new method to
            load the request as a client redirect.

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219703. rdar://problem/33462696

    2017-07-20  Chris Dumez  <cdumez@apple.com>

            Regression(ITP): May get frequently logged out of wsj.com
            https://bugs.webkit.org/show_bug.cgi?id=174661
            <rdar://problem/32343256>

            Reviewed by Geoffrey Garen.

            Add the concept of associated domains in the ResourceLoadObserver. We
            previously ignore loads to and from the same domains. We now do the same
            if the to and from domains are associated (i.e. owned by the same entity).

            For now, only add domains owned by Dow Jones & Company, Inc. to the list,
            to address login issues on wsj.com.

            No new tests, verified manually on wsj.com.

            * loader/ResourceLoadObserver.cpp:
            (WebCore::areDomainsAssociated):
            (WebCore::ResourceLoadObserver::logFrameNavigation):
            (WebCore::ResourceLoadObserver::logSubresourceLoading):
            (WebCore::ResourceLoadObserver::logWebSocketLoading):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219701. rdar://problem/33465715

    2017-07-20  Chris Dumez  <cdumez@apple.com>

            Regression(ITP): Can no longer log in on abc.go.com
            https://bugs.webkit.org/show_bug.cgi?id=174533
            <rdar://problem/33325881>

            Reviewed by Geoffrey Garen.

            Add quirk for sp.auth.adobe.com which is used for SSO by web sites such as
            abc.go.com. This would otherwise cause adobe.com to be identified as a
            tracker and log in on abc.go.com would break.

            No new tests, tested manually on abc.go.com.

            * loader/ResourceLoadObserver.cpp:
            (WebCore::resourceNeedsSSOQuirk):
            (WebCore::ResourceLoadObserver::logSubresourceLoading):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219683. rdar://problem/33464463

    2017-07-20  Brady Eidson  <beidson@apple.com>

            WKHTTPCookieStore API tests fail on High Sierra.
            <rdar://problem/33410271> and https://bugs.webkit.org/show_bug.cgi?id=174666

            Reviewed by Andy Estes.

            Covered by existing API tests.

            In r219567 I'd moved cookie storage observation off of NSHTTPCookieStorage and NSNotificationCenter
            to CFHTTPCookieStorage observation callbacks.

            This is because notifications were only sent for the default [NSHTTPCookieStorage sharedHTTPCookieStorage]
            and not any of the other ones we keep in flight.

            Unfortunately that SPI has been disabled in High Sierra.
            Fortunately we found a way we can get non-shared NSHTTPCookieStorages to send notifications that works everywhere.

            * platform/network/cocoa/CookieStorageObserver.h:
            * platform/network/cocoa/CookieStorageObserver.mm:
            (-[WebCookieObserverAdapter initWithObserver:]):
            (-[WebCookieObserverAdapter cookiesChangedNotificationHandler:]):
            (WebCore::CookieStorageObserver::create):
            (WebCore::CookieStorageObserver::CookieStorageObserver):
            (WebCore::CookieStorageObserver::~CookieStorageObserver):
            (WebCore::CookieStorageObserver::startObserving): Use a trick to call some SPI on non-shared NSHTTPCookieStorages
              to get them to send notifications.
            (WebCore::CookieStorageObserver::stopObserving):
            (WebCore::cookiesChanged): Deleted.

            * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
            (WebCore::NetworkStorageSession::cookieStorageObserver):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219668. rdar://problem/33462676

    2017-07-19  Simon Fraser  <simon.fraser@apple.com>

            getBoundingClientRects not updated for programmatic scrolls
            https://bugs.webkit.org/show_bug.cgi?id=174538
            rdar://problem/33049012

            Reviewed by Tim Horton.

            Baidu.com has two event handlers on its <input>, and both query the input location with getBoundingClientRect()
            and the current pageYOffset (via jQuery), then try to scroll the input to the top of the screen. The bug is that
            programmatic scrolls did not immediately update the layout viewport rect, so the second call to
            getBoundingClientRect() would return stale coordinates, triggering an extra scroll.

            To fix this, undo the fix for r219320 which tried to keep getBoundingClientRect() current during unstable scroll
            updates by adding a shadow layout viewport rect. Instead, almost always update the layout viewport rect on
            FrameView, even during unstable visible rect updates, but not if content insets are being changed interactively,
            since changing viewport heights cause problems with bottom-fixed elements. Also, we need to compute a new layout
            viewport rect in FrameView::updateLayoutViewport() for programmatic scrolls.

            However, always updating the layout viewport triggered issues with the scrolling tree. The scrolling state tree
            fossilizes layer positions relative to a specific viewport rect, and that relationship has to be maintained.
            There are code paths that recompute fixed/sticky viewport constraints when the layout viewport has changed but
            we haven't done layout or recomputed layer positions (e.g. updating viewport-constrained layers via
            updateScrollCoordinatedLayersAfterFlush()) and in these cases using a new layout viewport for those computations
            results in an inconsistent scrolling tree.

            Fix this by not updating scrolling constraints every time we have to re-register scrolling nodes.
            updateScrollCoordinatedLayersAfterFlush() only needs to update the layer on the scrolling node (to handle
            tiled/non-tiled switches), so make updateScrollCoordinatedLayer() a little more fine-grained, and only update
            constraints when we've just computed layer geometry. This allows for different scrolling nodes to have
            constraints computed at different times, with different layout viewports, which happens.

            Two additional fixes were required to make bottom-fixed bars behave correctly.

            First, FrameView::computeLayoutViewportOrigin() had a bug where rounding of half-pixel values would cause it to
            fall into the if (visualViewport.height() > layoutViewport.height()) clause, but then fail to clamp for
            rubber-banding.

            Second, the FrameView::unscaledMaximumScrollPosition() was wrong after zooming on iOS, since it uses visibleSize()
            which is affected by page scale on iOS only (and the function wants scale-independent values). Fix with a hack that
            should be cleaned up via webkit.org/b/174648.

            Tested by existing tests.

            * page/FrameView.cpp:
            (WebCore::FrameView::computeUpdatedLayoutViewportRect):
            (WebCore::FrameView::computeLayoutViewportOrigin):
            (WebCore::FrameView::setLayoutViewportOverrideRect):
            (WebCore::FrameView::updateLayoutViewport):
            (WebCore::FrameView::unscaledMaximumScrollPosition):
            (WebCore::FrameView::documentToClientOffset):
            (WebCore::FrameView::setUnstableLayoutViewportRect): Deleted.
            * page/FrameView.h:
            * page/scrolling/AsyncScrollingCoordinator.cpp:
            (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
            (WebCore::AsyncScrollingCoordinator::reconcileScrollingState):
            (WebCore::AsyncScrollingCoordinator::reconcileViewportConstrainedLayerPositions):
            (WebCore::AsyncScrollingCoordinator::updateNodeLayer):
            (WebCore::AsyncScrollingCoordinator::updateNodeViewportConstraints):
            (WebCore::AsyncScrollingCoordinator::updateViewportConstrainedNode): Deleted.
            * page/scrolling/AsyncScrollingCoordinator.h:
            * page/scrolling/ScrollingCoordinator.cpp:
            (WebCore::operator<<):
            * page/scrolling/ScrollingCoordinator.h:
            (WebCore::ScrollingCoordinator::reconcileScrollingState):
            (WebCore::ScrollingCoordinator::updateNodeLayer):
            (WebCore::ScrollingCoordinator::updateNodeViewportConstraints):
            (WebCore::ScrollingCoordinator::updateViewportConstrainedNode): Deleted.
            * page/scrolling/ScrollingStateFixedNode.cpp:
            (WebCore::ScrollingStateFixedNode::updateConstraints):
            * page/scrolling/ScrollingStateStickyNode.cpp:
            (WebCore::ScrollingStateStickyNode::updateConstraints):
            (WebCore::ScrollingStateStickyNode::reconcileLayerPositionForViewportRect):
            * page/scrolling/ScrollingTree.cpp:
            (WebCore::ScrollingTree::commitTreeState):
            * page/scrolling/mac/ScrollingTreeFixedNode.mm:
            (WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange):
            * page/scrolling/mac/ScrollingTreeStickyNode.mm:
            (WebCore::ScrollingTreeStickyNode::updateLayersAfterAncestorChange):
            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::updateGeometry):
            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayersAfterFlush):
            (WebCore::RenderLayerCompositor::updateBacking):
            (WebCore::RenderLayerCompositor::fixedRootBackgroundLayerChanged):
            (WebCore::RenderLayerCompositor::requiresCompositingForPosition):
            (WebCore::RenderLayerCompositor::updateScrollCoordinatedStatus):
            (WebCore::RenderLayerCompositor::computeFixedViewportConstraints):
            (WebCore::RenderLayerCompositor::computeStickyViewportConstraints):
            (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
            (WebCore::RenderLayerCompositor::didAddScrollingLayer):
            * rendering/RenderLayerCompositor.h:

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219666. rdar://problem/33464328

    2017-07-19  Megan Gardner  <megan_gardner@apple.com>

            Don't write file URLs to iOS Pasteboard
            https://bugs.webkit.org/show_bug.cgi?id=174647
            <rdar://problem/33199730>

            Reviewed by Wenson Hsieh.

            Tests updated to reflect the changes. We are no longer vending file URLs in Drag & Drop and Copy/Paste.

            * editing/ios/EditorIOS.mm:
            (WebCore::Editor::writeImageToPasteboard):
            * platform/ios/PlatformPasteboardIOS.mm:
            (WebCore::PlatformPasteboard::write):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219661. rdar://problem/33465132

    2017-07-19  Nan Wang  <n_wang@apple.com>

            AX: Web page reloaded when a node is labelling multiple childnodes
            https://bugs.webkit.org/show_bug.cgi?id=174655

            Reviewed by Chris Fleizach.

            When we are asking for the aria-labelledby attribute of a node and its
            sibling is also labelled by the same node, we get into an infinite loop
            in textUnderElement since we only ignore one child. Added checks for
            siblings to avoid such loop.

            Test: accessibility/mac/aria-labelledby-multiple-child-crash.html

            * accessibility/AccessibilityNodeObject.cpp:
            (WebCore::AccessibilityNodeObject::textUnderElement):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219645. rdar://problem/33464440

    2017-07-18  Zalan Bujtas  <zalan@apple.com>

            Media controls are missing content in fullscreen when document has scroll offset.
            https://bugs.webkit.org/show_bug.cgi?id=174644
            <rdar://problem/32415323>

            Reviewed by Simon Fraser.

            If a non-user initiated scrolling (result of resize for example) is processed asynchronously, it might
            leapfrog other, programatic scrollings and trigger unintentional scroll offsets (and turn into unwanted clippings).
            This patch ensures that both resize and top content inset change are translated into programatic scrolling.

            Unable to test full screen video.

            * page/FrameView.cpp:
            (WebCore::FrameView::setFrameRect):
            (WebCore::FrameView::topContentInsetDidChange):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219641. rdar://problem/33464325

    2017-07-18  Chris Dumez  <cdumez@apple.com>

            HysteresisActivity cannot be used in the UIProcess
            https://bugs.webkit.org/show_bug.cgi?id=174643
            <rdar://problem/33086442>

            Reviewed by Tim Horton.

            Port HysteresisActivity to RunLoop::Timer so that it can safely be used in
            the UIProcess as well.

            * platform/HysteresisActivity.h:

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219625. rdar://problem/33465689

    2017-07-18  Antoine Quint  <graouts@apple.com>

            [macOS] Mouse pointer does not hide during fullscreen playback
            https://bugs.webkit.org/show_bug.cgi?id=174638
            <rdar://problem/33244399>

            Reviewed by Dean Jackson.

            Test: media/modern-media-controls/css/webkit-cursor-visibility-auto-hide.html

            The user-agent stylesheet sets the "-webkit-cursor-visibility" to "auto-hide" for fullscreen <video>
            elements. Since we reset the page styles, including UA styles, on .media-controls-container, we need
            to explicitly inherit this style property from the page to ensure the mouse pointer automatically
            hides in fullscreen.

            * Modules/modern-media-controls/controls/media-controls.css:
            (.media-controls-container):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219621. rdar://problem/33465059

    2017-07-18  Antoine Quint  <graouts@apple.com>

            [iOS] WebKit media controls are sometimes shown after exiting full screen on vimeo.com
            https://bugs.webkit.org/show_bug.cgi?id=174627
            <rdar://problem/33301005>

            Reviewed by Dean Jackson, provisionally reviewed by Jeremy Jones.

            On iOS 11, both the WebKit media controls and the Vimeo custom controls would appear sometimes when exiting
            from fullscreen when the video was playing and the user would tap the X button, which would pause the video
            as well as exit fullscreen.

            The reason this happens is that the ControlsVisibilitySupport object, which governs whether the WebKit media
            controls should be displayed for a given video, woud listen to "pause" and "webkitfullscreenchange" events
            and determine whether to show the WebKit media controls. We listen to the "pause" event because when media
            pauses, and the video has the "controls" attribute set, we should show the controls and suspend the controls
            auto-hide timer. And we're interested in knowing when we enter and exit fullscreen because we want to override
            the "controls" attribute not being set when we enter fullscreen.

            However, on iOS 11, it appears that the "webkitfullscreenchange" event is not reliably fired as the user enters
            and exits fullscreen, which is tracked by webkit.org/b/174626. So, when the user exits fullscreen, we would be
            informed of the video being paused via a "pause" event, but not of the video exiting fullscreen. And because
            media events are asynchronous, the "pause" event would sometimes be fired before we exited fullscreen, and when
            the _updateControls() would run, we would sometimes determine that we are in fullscreen still and determine
            that the WebKit media controls should be shown.

            Of course, on iOS, the WebKit media controls are not shown and instead we delegate to AVKit to display media controls.
            So we could simply disregard this whole logic in iOS. But we choose to instead use the "webkitpresentationmodechanged"
            when the presentation mode API is supported, as is the case on iOS 11, to determine changes of media fullscreen state.
            This way, should we ever choose to support fullscreen media controls provided by WebKit on iOS, this logic is already
            correct and we write less platform-specific code.

            This, alas, cannot be tested since we can't force the X button to be tapped within the AVKit fullscreen controls.

            * Modules/modern-media-controls/media/controls-visibility-support.js:
            (ControlsVisibilitySupport.prototype.get mediaEvents):
            * Modules/modern-media-controls/media/media-controller.js:
            (MediaController):
            * Modules/modern-media-controls/media/start-support.js:
            (StartSupport.prototype.get mediaEvents):

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219591. rdar://problem/33464112

    2017-07-17  Brady Eidson  <beidson@apple.com>

            REGRESSION(r219298): imported/w3c/IndexedDB-private-browsing/idbfactory_open.html is crashing occassionaly (UniqueIDBDatabase being taken from the IDBServer set twice).
            <rdar://problem/33294987> and https://bugs.webkit.org/show_bug.cgi?id=174354

            Reviewed by Alex Christensen.

            No new tests (Covered by existing tests).

            * Modules/indexeddb/server/IDBServer.cpp:
            (WebCore::IDBServer::IDBServer::postDatabaseTaskReply): Remove a now invalid ASSERT

            * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
            (WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose): Add a RELEASE_ASSERT.
            (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore): Instead of an ad-hoc main thread dispatch, use the "schedule task reply" system
              to keep dispatch ordering in tact.
            (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply): Remove a now invalid ASSERT
            (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete): Only take the owning pointer if the object doesn't already own itself.

2017-07-22  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219585. rdar://problem/33465177

    2017-07-17  Wenson Hsieh  <wenson_hsieh@apple.com>

            [iOS DnD] Web process uses too much memory when beginning a drag on a very large image
            https://bugs.webkit.org/show_bug.cgi?id=174585
            <rdar://problem/33302541>

            Reviewed by Tim Horton.

            Currently, attempting to drag a very large image fails, either due to us telling CoreGraphics to create an image
            buffer that is too large, or because the web process exceeds its memory limit and gets jetsamed. There are two
            places where we can optimize our memory use during the drag initialization sequence, and this patch improves
            both.

            First, on iOS, we attempt to encode and send over a WebCore::Image in the PasteboardImage when writing to the
            item providers upon starting a drag. Currently, this Image is only used in the drag and drop codepath, in
            PlatformPasteboard::writeObjectRepresentations, to grab the size of the image being written for the purpose of
            specifying estimated display size. Serializing and deserializing an Image calls into Image::nativeImage, which
            attempts to draw the contents of the image into a buffer so that it can be shipped across to the UI process.
            Instead, we can simply compute the size in the web process while we already have the Image, and simply send that
            across. For copy/paste, this doesn't result in any behavior change, since we don't use the PasteboardImage's
            image in the first place.

            Secondly, when starting a drag, we try to allocate create an image buffer the size of the WebCore::Image for the
            purpose of generating the drag preview. Instead, this patch establishes a limit on the size of this drag preview
            image, such that if the Image's size is larger, we'll scale down the drag preview image to be the maximum
            allowed size.

            Test: DataInteractionTests.CanStartDragOnEnormousImage.

            * editing/ios/EditorIOS.mm:
            (WebCore::Editor::writeImageToPasteboard):
            * platform/Pasteboard.h:
            * platform/graphics/GeometryUtilities.cpp:
            (WebCore::sizeWithAreaAndAspectRatio):

            Introduce a new helper function to compute a size with the given aspect ratio and area.

            * platform/graphics/GeometryUtilities.h:
            * platform/ios/DragImageIOS.mm:
            (WebCore::createDragImageFromImage):
            * platform/ios/PlatformPasteboardIOS.mm:
            (WebCore::PlatformPasteboard::writeObjectRepresentations):

2017-07-17  Jason Marcell  <jmarcell@apple.com>

        Cherry-pick r219413. rdar://problem/33337335

    2017-06-29  Dean Jackson  <dino@apple.com>

            Disable some features on this release branch.
            <rdar://problem/32913370>

            * Configurations/FeatureDefines.xcconfig:
            * page/Settings.in:

2017-07-17  Brady Eidson  <beidson@apple.com>

        WKHTTPCookieStore observing only works on the default cookie store.
        <rdar://problem/33330724> and https://bugs.webkit.org/show_bug.cgi?id=174580

        Reviewed by Sam Weinig.

        Covered by new API tests.
        
        startObservingCookieChanges and stopObservingCookieChanges are passed a NetworkStorageSession to observe.
        On Mac/iOS, the passed-in storage session was ignored and the shared cookie storage was assumed.
        Let's fix that.
        
        Also, since using NSNotification based observing only works reliably for the shared cookie storage,
        switch to direct CFHTTPCookieStorageRef observing.

        * WebCore.xcodeproj/project.pbxproj:
        
        * platform/network/NetworkStorageSession.h:
        
        * platform/network/cocoa/CookieStorageObserver.h: Added.
        * platform/network/cocoa/CookieStorageObserver.mm: Added.
        (WebCore::cookiesChanged):
        (WebCore::CookieStorageObserver::create):
        (WebCore::CookieStorageObserver::CookieStorageObserver):
        (WebCore::CookieStorageObserver::~CookieStorageObserver):
        (WebCore::CookieStorageObserver::startObserving):
        (WebCore::CookieStorageObserver::stopObserving):
        (WebCore::CookieStorageObserver::cookiesDidChange):
        
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::cookieStorageObserver):
        
        * platform/network/mac/CookieStorageMac.mm:
        (WebCore::startObservingCookieChanges):
        (WebCore::stopObservingCookieChanges):
        (-[WebCookieStorageObjCAdapter notifyCookiesChangedOnMainThread]): Deleted.
        (-[WebCookieStorageObjCAdapter cookiesChangedNotificationHandler:]): Deleted.
        (-[WebCookieStorageObjCAdapter startListeningForCookieChangeNotificationsWithCallback:]): Deleted.
        (-[WebCookieStorageObjCAdapter stopListeningForCookieChangeNotifications]): Deleted.
        
        * platform/spi/cf/CFNetworkSPI.h:

2017-07-17  Sam Weinig  <sam@webkit.org>

        [WebIDL] Rename JSCSSValueCustom.cpp to JSDeprecatedCSSOMValueCustom.cpp to match the underlying class
        https://bugs.webkit.org/show_bug.cgi?id=174550

        Reviewed by Brady Eidson.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSCSSValueCustom.cpp: Removed.
        * bindings/js/JSDeprecatedCSSOMValueCustom.cpp: Renamed from bindings/js/JSCSSValueCustom.cpp.
        Rename file and update references.

2017-07-17  Antoine Quint  <graouts@apple.com>

        REGRESSION: order of AirPlay and volume controls is inconsistent between <audio> and <video>
        https://bugs.webkit.org/show_bug.cgi?id=174581
        <rdar://problem/33297519>

        Reviewed by Sam Weinig.

        We had an inconsistency between <audio> and <video> controls for the relative order of the
        volume and AirPlay buttons. The <video> layout was correct (volume first and AirPlay after)
        and the <audio> layout now is the same.

        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype._rightContainerButtons):

2017-07-17  Konstantin Tokarev  <annulen@yandex.ru>

        [CMake] Create targets before WEBKIT_INCLUDE_CONFIG_FILES_IF_EXISTS is called
        https://bugs.webkit.org/show_bug.cgi?id=174557

        Reviewed by Michael Catanzaro.

        No new tests needed.

        * CMakeLists.txt:

2017-07-17  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, rolling out r219556.

        Broke build without WebCrypto

        Reverted changeset:

        "[CMake] Clean up Web Crypto build targets"
        https://bugs.webkit.org/show_bug.cgi?id=174253
        http://trac.webkit.org/changeset/219556

2017-07-17  Antoine Quint  <graouts@apple.com>

        Media controls draw behind captions
        https://bugs.webkit.org/show_bug.cgi?id=174579
        <rdar://problem/33295427>

        Reviewed by Dean Jackson.

        Ensure the captions container is added as a previous sibling to the controls container.

        Test: media/modern-media-controls/media-controls/media-controls-display-above-captions.html

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):

2017-07-17  Zan Dobersek  <zdobersek@igalia.com>

        [CMake] Clean up Web Crypto build targets
        https://bugs.webkit.org/show_bug.cgi?id=174253

        Reviewed by Michael Catanzaro.

        Gather the common WebCrypto source files in CMakeLists.txt, including them
        in the build unconditionally and instead relying on ENABLE_SUBTLE_CRYPTO
        build guards to exclude the code from compilation if the feature is disabled.

        PlatformGTK.cmake, PlatformMac.cmake and PlatformWPE.cmake can then remove
        duplicated build targets. PlatformMac.cmake still lists all the Mac-specific
        Web Crypto build targets.

        PlatformGTK.cmake and PlatformWPE.cmake now include GCrypt.cmake if the build
        was configured to enable the use of libgcrypt. The new CMake file adds the
        libgcrypt-specific Web Crypto build targets to the build if the feature was
        enabled, and also sets up libgcrypt include directiories and libraries.

        No new tests -- no change in behavior.

        * CMakeLists.txt:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWPE.cmake:
        * platform/GCrypt.cmake: Added.

2017-07-16  Michael Catanzaro  <mcatanzaro@igalia.com>

        -Wreorder warning caused by GraphicsContext3D cleanup
        https://bugs.webkit.org/show_bug.cgi?id=174511

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2017-07-16  Antoine Quint  <graouts@apple.com>

        Dismissing the captions panel using the mouse is too eager to remove the captions panel and media controls
        https://bugs.webkit.org/show_bug.cgi?id=174571
        <rdar://problem/33294968>

        Reviewed by Eric Carlson.

        We did several things wrong when dismissing the tracks panel:

            - we did not check whether we were hosted in a shadow root when figuring if a click was on the tracks panel
            - we did not check whether we clicked over the media when dismissing the tracks panel
            - we did not check whether auto-hide was on before fading the media controls out when we clicked outside
              the media controls bounds

        We now correctly account for all of those cases and implement the following behavior when clickng as the tracks
        panel is presented:
        
            - dismiss the panel if the click is outside of the panel
            - dismiss the panel and the media controls if the click is outside the video and the media controls have
              auto-hide on (ie. media is playing)
            - dismiss the panel and the media controls after the track selection animation is finished if a track is selected

        Tests: media/modern-media-controls/tracks-panel/tracks-panel-up-click-outside-media-does-not-dimiss-media-controls-when-media-is-paused.html
               media/modern-media-controls/tracks-panel/tracks-panel-up-click-over-media-does-not-dimiss-media-controls-when-media-is-playing.html

        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.hideTracksPanel): Only hide the media controls if we clicked outside of the media
        controls bounds and if we have auto-hide on when idle (ie. the media is playing).
        (MediaControls.prototype.isPointInControls): Add an option to specify whether the container should be
        considered when checking if a point is contained within the media controls bounds.
        * Modules/modern-media-controls/controls/tracks-panel.js:
        (TracksPanel.prototype._handleMousedown):
        (TracksPanel.prototype._isPointInTracksPanel): Correctly check whether the element that we started pressing
        on is contained within the tracks panel, accounting for the case where we are presented within a shadow root
        (ie. always when runing inside a Web page).

2017-07-16  Ali Juma  <ajuma@chromium.org>

        DisallowUserAgentShadowContent moves out of non-UA shadow roots
        https://bugs.webkit.org/show_bug.cgi?id=165647

        Reviewed by Ryosuke Niwa.

        Make rect-based hit-testing include nodes in non-UA shadow trees when the
        HitTestRequest has type DisallowUserAgentShadowContent.

        Test: fast/dom/nodesFromRect/nodesFromRect-shadow.html

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::addNodeToRectBasedTestResult):
        * testing/Internals.cpp:
        (WebCore::Internals::nodesFromRect):
        * testing/Internals.h:

2017-07-16  Antoine Quint  <graouts@apple.com>

        Clicking edges of media control buttons changes visual state of button (pressed) but doesn't execute action
        https://bugs.webkit.org/show_bug.cgi?id=174565
        <rdar://problem/33294833>

        Reviewed by Dean Jackson.

        WebCore doesn't dispatch a "click" event to a parent element when a child that was the original target when
        the "mousedown" occured is no longer hit-testing at the location where the mouse pointer is at when the "mouseup"
        occurs (see webkit.org/b/174564). Since button icons, which are a <picture> element that is a child of the
        <button> element for media controls buttons, shrink to 89% of their size when the ":active" pseudo-class matches,
        clicking on the edges of the media controls buttons would not trigger the expected action.

        Test: media/modern-media-controls/button/button-click-on-edges.html

        * Modules/modern-media-controls/controls/button.css:
        (button > picture):

2017-07-16  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Make the decision for asynchronously decoding an image be in one place
        https://bugs.webkit.org/show_bug.cgi?id=174479

        Reviewed by Tim Horton.

        Move all the logic of whether a large image should be asynchronously decoded 
        or not be in one place: RenderBoxModelObject::decodingModeForImageDraw().

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addPendingImageDrawingClient): Fixing unrelated 
        spelling error.
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isIBooks):
        (WebCore::IOSApplication::isIBooksStorytime):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::updateFromSettings): Remove reading the setting
        largeImageAsyncDecodingEnabled from this function because it will be read
        by RenderBoxModelObject::decodingModeForImageDraw().
        (WebCore::BitmapImage::dataChanged):
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::shouldAnimate):
        (WebCore::BitmapImage::canAnimate):
        (WebCore::BitmapImage::canUseAsyncDecodingForLargeImages):
        (WebCore::BitmapImage::shouldUseAsyncDecodingForAnimatedImages):
        (WebCore::BitmapImage::canDestroyDecodedData):
        (WebCore::BitmapImage::shouldUseAsyncDecodingForLargeImages): Deleted.
        * platform/graphics/BitmapImage.h:
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::canUseAsyncDecoding): It is okay to keep the 
        decoded frame if canUseAsyncDecodingForLargeImages() is true by the setting
        largeImageAsyncDecodingEnabled is false.
        (WebCore::ImageSource::shouldUseAsyncDecoding): Deleted.
        * platform/graphics/ImageSource.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::decodingModeForImageDraw): The plan is to
        add a new Internal settings to force asynchronous image decoding regardless
        of the image size and the settings.
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):

2017-07-16  Michael Catanzaro  <mcatanzaro@igalia.com>

        [CMake] Raise minimum CMake requirement
        https://bugs.webkit.org/show_bug.cgi?id=174545

        Reviewed by Konstantin Tokarev.

        * WebCoreMacros.cmake:

2017-07-15  Brady Eidson  <beidson@apple.com>

        Make sure all CFHTTPCookieStorageRefs we create are scheduled.
        <rdar://problem/33221110> and https://bugs.webkit.org/show_bug.cgi?id=174513

        Reviewed by Tim Horton.

        * platform/spi/cf/CFNetworkSPI.h:

2017-07-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Rename RenderStyle::fontSize() to RenderStyle::computedFontPixelSize()
        https://bugs.webkit.org/show_bug.cgi?id=174509

        Reviewed by Simon Fraser.

        We have three font size functions:
        - computedFontSize(): returns a float
        - specifiedFontSize(): also returns a float
        - fontSize(): returns the rounded computedFontSize()

        FontDescription uses the convention of labelling rounded values as "pixel",
        so a better name font fontSize() is computedFontPixelSize().

        Also, because font sizes can never be negative, switch the type from an int
        to an unsigned.

        No new tests because there is no behavior change.

        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (getAttributeSetForAccessibilityObject):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::computedPixelSize):
        (WebCore::FontDescription::fontSelectionRequest):
        * rendering/RenderBlock.cpp:
        (WebCore::styleForFirstLetter):
        * rendering/RenderRubyRun.cpp:
        (WebCore::shouldOverhang):
        (WebCore::RenderRubyRun::getOverhang):
        * rendering/RenderRubyText.cpp:
        (WebCore::RenderRubyText::adjustInlineDirectionLineBounds):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::adjustSearchFieldIconStyle):
        (WebCore::paintSearchFieldIcon):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::adjustCheckboxStyle):
        (WebCore::RenderThemeIOS::adjustRadioStyle):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::controlSizeForFont):
        (WebCore::RenderThemeMac::controlSizeForSystemFont):
        (WebCore::RenderThemeMac::paintMenuListButtonDecorations):
        (WebCore::RenderThemeMac::popupInternalPaddingBox):
        (WebCore::RenderThemeMac::adjustMenuListButtonStyle):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle):
        * rendering/TextDecorationPainter.cpp:
        (WebCore::TextDecorationPainter::paintTextDecoration):
        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::computeLineVerticalStretch):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::computedFontPixelSize):
        (WebCore::RenderStyle::computedLineHeight):
        (WebCore::RenderStyle::fontSize): Deleted.
        * rendering/style/RenderStyle.h:
        * style/InlineTextBoxStyle.cpp:
        (WebCore::visualOverflowForDecorations):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveElement):
        * svg/SVGLengthContext.cpp:
        (WebCore::SVGLengthContext::convertValueFromUserUnitsToEMS):
        (WebCore::SVGLengthContext::convertValueFromEMSToUserUnits):

2017-07-15  Myles C. Maxfield  <mmaxfield@apple.com>

        line-height: <number> gets visually applied twice when text autosizing is in effect
        https://bugs.webkit.org/show_bug.cgi?id=174536
        <rdar://problem/33338259>

        Reviewed by Simon Fraser.

        StyleBuilderConverter::convertLineHeight() converts line-height: <number> into a
        "percentage" length. Then, when layout needs to know what the computed value of
        line-height is, RenderStyle::computedLineHeight() multiplies this percentage by
        the computed font size.

        With autosizing, the computed font size already incorporates the autosizing
        multiplier, so we shouldn't also incorporate this multiplier into the percentage
        value itself. getComputedStyle()'s lineHeightFromStyle() was compensating for
        this double application by multiplying the percentage by the font-size's specified
        value instead of its computed value, which is incorrect.

        Test: fast/text-autosizing/line-height-number.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::lineHeightFromStyle):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertLineHeight):

2017-07-15  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS WK2] Presenting an action sheet on an image map prevents selection UI from updating
        https://bugs.webkit.org/show_bug.cgi?id=174539
        <rdar://problem/33307395>

        Reviewed by Darin Adler.

        Currently, if TextIndicator fails to take a snapshot in TextIndicator::createWithRange, we will enter an
        inconsistent state in the web process where Editor will continue to ignore selection changes until the next time
        Editor::setIgnoreSelectionChanges(false) is called. This causes us to indefinitely defer EditorState updates to
        the UI process, which leads to selection UI appearing unresponsive.

        To fix this, we introduce a new TemporarySelectionChange object to simplify selection changes and/or
        EditorState-update-ignoring behaviors within the scope of a single function. The constructor applies these
        temporary changes, and the destructor reverts them as needed to their prior values.

        This patch only adopts TemporarySelectionChange in order to fix this bug, but future patches will replace the
        remaining places where we temporarily change selection and/or ignore selection with this helper.

        Test: ActionSheetTests.ImageMapDoesNotDestroySelection.

        * editing/Editor.cpp:
        (WebCore::TemporarySelectionChange::TemporarySelectionChange):
        (WebCore::TemporarySelectionChange::~TemporarySelectionChange):
        * editing/Editor.h:
        * editing/FrameSelection.h:
        (WebCore::FrameSelection::isUpdateAppearanceEnabled):
        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithRange):

2017-07-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Clean up line-height and minimumFontSize functions
        https://bugs.webkit.org/show_bug.cgi?id=174535

        Reviewed by Simon Fraser.

        No behavior change.

        No new tests because there is no behavior change.

        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertLineHeight):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::adjustRenderStyle):
        (WebCore::StyleResolver::pseudoStyleRulesForElement):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::cascadedPropertiesForRollback):
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::checkForZoomChange):
        (WebCore::StyleResolver::createFilterOperations):
        (WebCore::StyleResolver::CascadedProperties::set):
        (WebCore::StyleResolver::applyCascadedProperties):
        * style/StyleFontSizeFunctions.cpp:
        (WebCore::Style::computedFontSizeFromSpecifiedSize):
        (WebCore::Style::computedFontSizeFromSpecifiedSizeForSVGInlineText):
        (): Deleted.

2017-07-14  Jonathan Bedard  <jbedard@apple.com>

        Add iOS 11 SPI
        https://bugs.webkit.org/show_bug.cgi?id=174430
        <rdar://problem/33269288>

        Reviewed by Tim Horton.

        * WebCore.xcodeproj/project.pbxproj: Add sqlite3SPI.h header.
        * platform/ios/PlatformPasteboardIOS.mm: Move UIKit SPI to UIKitSPI.h.
        * platform/ios/WebItemProviderPasteboard.mm: Ditto.
        * platform/network/cf/FormDataStreamCFNet.cpp: Explicitly define fnfErr and remove
        MacErrors.h header for iOS.
        * platform/spi/cocoa/IOSurfaceSPI.h: IOSurface is no longer SPI in iOS 11.
        * platform/spi/cocoa/PassKitSPI.h: Do not re-define setRequiredShippingContactFields
        and setRequiredBillingContactFields in iOS 11.
        * platform/spi/cocoa/QuartzCoreSPI.h: Added QuartzCoreSPI used in iOS 11.
        * platform/spi/ios/UIKitSPI.h: Add drag-and-drop SPI.
        * platform/spi/ios/sqlite3SPI.h: Define required sqlite3 macros.
        * platform/sql/SQLiteFileSystem.cpp: Use sqlite3SPI.h.

2017-07-14  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyRSA PKCS#8 exports
        https://bugs.webkit.org/show_bug.cgi?id=173697

        Reviewed by Jiewen Tan.

        Implement the PKCS#8 import operation for RSA keys for platforms that use
        libgcrypt.

        In CryptoKeyRSA::exportPkcs8(), we bail early with an invalid access exception if
        this export is not being done for a private key. Otherwise, we start with creating
        the `RSAPrivateKey` ASN.1 structure, writing out '0' under the `version` element
        and then retrieving the modulus, public and private exponent and both primes.
        MPI data for those parameters is written out into corresponding elements in the
        `RSAPrivateKey` structure. We then manually compute values of both exponents and
        the coefficient parameters, using the private exponent's and both primes' MPI
        values. The p and q parameters (i.e. the primes) are switched in libgcrypt,
        deviating from the standard practice, so we have to operate with those two
        accordingly. We eliminate the optional `otherPrimeInfos` attribute on the
        `RSAPrivateKey` structure. Support for this attribute will be added later.

        We then create the `PrivateKeyInfo` ASN.1 structure, and write out '0' under the
        `version` element. The id-rsaEncryption object identifier is written out under
        the `algorithm.algorithm` element. In the future, an object identifier that
        matches this key's algorithm will have to be written out here (id-RSASSA-PSS or
        id-RSAES-OAEP), along with the appropriate parameters structure, but no test in
        WebKit or the web-platform-tests suite covers this detail. For now, a null value
        is written out under the `algorithm.parameters` element.

        Data for the `RSAPrivateKey` structure is retrieved and written out under the
        `privateKey` element.  The optional `attributes` element on the `PrivateKeyInfo`
        structure is eliminated.

        Data that was encoded through the `PrivateKeyInfo` structure is then retrieved
        and returned from the exportPkcs8() method.

        No new tests -- related tests are now passing and are unskipped.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::exportPkcs8):

2017-07-14  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyRSA PKCS#8 imports
        https://bugs.webkit.org/show_bug.cgi?id=173696

        Reviewed by Jiewen Tan.

        Implement the PKCS#8 import operation for RSA keys for platforms that use
        libgcrypt.

        In CryptoKeyRSA::importPkcs8(), the provided key data is decoded against the
        'PrivateKeyInfo` ASN.1 structure. We then validate the `version` element and
        check that the `privateKeyAlgorithm.algorithm` element contains a supported
        object identifier. This check is for now mostly superficial, only ensuring
        that the object identifier is either id-rsaEncryption, id-RSAES-OAEP or
        id-RSASSA-PSS. This has to be further extended to also check the
        id-sha{1,256,384,512}WithRSAEncryption identifiers as well as decoding the
        `privateKeyAlgorithm.parameters` element against a specific ASN.1 structure, if
        necessary (RSASSA-PSS-params or RSAES-OAEP-params), and cross-checking the
        specified digest algorithm with the algorithm that's specified through the main
        object identifier or the structure contained in `privateKeyAlgorithm.parameters`.
        This is avoided for now because no test in WebKit or the web-platform-tests
        suite covers this detail of the specification.

        Data under the `privateKey` element is decoded against the `RSAPrivateKey` ASN.1
        structure, and the `version` element of that structure is validated. We then
        retrieve data from that structure for the modulus, public exponent, private
        exponent, both primes, both exponents and the coefficient parameters, bailing if
        any of them is missing. Because libgcrypt switches the use of p and q parameters,
        deviating from the standard use, we have to recompute the u parameter (the
        coefficient). With that calculated, we're then able to construct the `private-key`
        s-expression, embedding into it all the necessary parameters, and transferring
        the ownership of this object to the new CryptoKeyRSA object that's then returned
        from the importPkcs8() method.

        No new tests -- related tests are now passing and are unskipped.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::importPkcs8):

2017-07-14  Chris Dumez  <cdumez@apple.com>

        Possible crash in ~UserGestureIndicator() when on non-main thread
        https://bugs.webkit.org/show_bug.cgi?id=174522
        <rdar://problem/30283071>

        Reviewed by Sam Weinig.

        UserGestureIndicator objects may be constructed / destructed in worker thread
        (e.g. in DOMTimer::fired()). The UserGestureIndicator constructor / destructor
        are supposed to be no-op on non-main threads so that it is safe. However,
        we were mistakenly initializing m_previousToken data member in the constructor
        on background thread, which meant that we could crash later on in the
        UserGestureIndicator destructor when destroying m_previousToken.

        Test: fast/workers/worker-user-gesture.html

        * dom/UserGestureIndicator.cpp:
        (WebCore::currentToken):
        (WebCore::UserGestureIndicator::UserGestureIndicator):

2017-07-14  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219516.

        This caused an API failure on macOS.

        Reverted changeset:

        "Make sure all CFHTTPCookieStorageRefs we create are
        scheduled."
        https://bugs.webkit.org/show_bug.cgi?id=174513
        http://trac.webkit.org/changeset/219516

2017-07-14  Jer Noble  <jer.noble@apple.com>

        Allow clients to override their own hardware media requirements where no fallback media exists.
        https://bugs.webkit.org/show_bug.cgi?id=174426
        <rdar://problem/32537704>

        Reviewed by Eric Carlson.

        Add a new setting which allows clients to specify their own mediaContentTypesRequiringHardwareSupport should be
        ignared in the case where no fallback exists, such as the case of a single <source> element, or setting the src
        attribute directly.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::havePotentialSourceChild):
        (WebCore::HTMLMediaElement::selectNextSourceChild):
        (WebCore::HTMLMediaElement::sourceWasAdded):
        (WebCore::HTMLMediaElement::sourceWasRemoved):
        (WebCore::HTMLMediaElement::mediaPlayerShouldCheckHardwareSupport):
        * html/HTMLMediaElement.h:
        * page/Settings.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::shouldCheckHardwareSupport):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerShouldCheckHardwareSupport):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::assetStatus):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):

2017-07-14  Chris Dumez  <cdumez@apple.com>

        Possible crash under NetworkSocketStream::didFailSocketStream()
        https://bugs.webkit.org/show_bug.cgi?id=174526
        <rdar://problem/32831441>

        Reviewed by Brent Fulgham.

        Call m_client.didFailSocketStream() asynchronously in the constructor as our
        caller (the client) is also being initialized at this point.

        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::SocketStreamHandleImpl::SocketStreamHandleImpl):

2017-07-14  Youenn Fablet  <youenn@apple.com>

        WebRTC: silence data not sent for disabled audio track
        https://bugs.webkit.org/show_bug.cgi?id=174456
        <rdar://problem/33284623>

        Reviewed by Eric Carlson.

        Test: webrtc/audio-muted-stats.html
              webrtc/audio-muted-stats2.html

        Adding a timer-based approach to send 10ms of silence every second.
        This is consistent with how muted video tracks are implemented.
        In case the audio track is muted at the time it is added, no silence data is sent.

        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::RealtimeOutgoingAudioSource):
        (WebCore::RealtimeOutgoingAudioSource::initializeConverter):
        (WebCore::RealtimeOutgoingAudioSource::stop):
        (WebCore::RealtimeOutgoingAudioSource::sourceMutedChanged):
        (WebCore::RealtimeOutgoingAudioSource::sourceEnabledChanged):
        (WebCore::RealtimeOutgoingAudioSource::handleMutedIfNeeded):
        (WebCore::RealtimeOutgoingAudioSource::sendSilence):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:

2017-07-14  Michael Catanzaro  <mcatanzaro@igalia.com>

        [CMake] Unclear distinction between WebKitHelpers and WebKitMacros
        https://bugs.webkit.org/show_bug.cgi?id=153189

        Reviewed by Antonio Gomes.

        * CMakeLists.txt: Include WebCoreMacros.cmake.
        * WebCoreMacros.cmake: Added.

2017-07-14  Jeremy Jones  <jeremyj@apple.com>

        Fix style for name of class alloc function in WebVideoFullscreenInterfaceAVKit.
        https://bugs.webkit.org/show_bug.cgi?id=174476

        Reviewed by Alex Christensen.

        No new tests because no behavior change.

        This is a rename for per style requirements.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (allocWebAVPictureInPicturePlayerLayerViewInstance):
        (WebAVPlayerLayerView_pictureInPicturePlayerLayerView):
        (allocWebAVPlayerLayerViewInstance):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (getWebAVPictureInPicturePlayerLayerViewClass): Deleted.
        (getWebAVPlayerLayerViewClass): Deleted.

2017-07-14  Jer Noble  <jer.noble@apple.com>

        [MSE] Removing samples when presentation order does not match decode order can cause bad behavior.
        https://bugs.webkit.org/show_bug.cgi?id=174514

        Reviewed by Sam Weinig.

        Test: media/media-source/media-source-remove-decodeorder-crash.html

        Fix the algorithm in removeCodedFrames() so that it's not possible to have a removePresentationStart >
        removePresentationEnd (and also removeDecodeStart > removeDecodeEnd).

        * Modules/mediasource/SampleMap.cpp:
        (WebCore::PresentationOrderSampleMap::findSampleContainingOrAfterPresentationTime):
        (WebCore::PresentationOrderSampleMap::findSampleStartingAfterPresentationTime):
        * Modules/mediasource/SampleMap.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::removeCodedFrames):

2017-07-14  Youenn Fablet  <youenn@apple.com>

        Increase CoreAudio render audio buffer sizes for WebRTC
        https://bugs.webkit.org/show_bug.cgi?id=174508

        Reviewed by Eric Carlson.

        Covered by manually testing audio rendering through WebRTC sites.

        * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
        (WebCore::AudioTrackPrivateMediaStreamCocoa::createAudioUnit): Setting audio buffer size equivalent to 20 ms.

2017-07-14  Brady Eidson  <beidson@apple.com>

        Make sure all CFHTTPCookieStorageRefs we create are scheduled.
        <rdar://problem/33221110> and https://bugs.webkit.org/show_bug.cgi?id=174513

        Reviewed by Tim Horton.

        * platform/spi/cf/CFNetworkSPI.h:

2017-07-14  Youenn Fablet  <youenn@apple.com>

        Remove CoreAudioCaptureSource speaker configuration
        https://bugs.webkit.org/show_bug.cgi?id=174512

        Reviewed by Eric Carlson.

        Covered by manually testing audio rendering through WebRTC sites.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setupAudioUnit):

2017-07-14  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Limit the number of remote video samples queued
        https://bugs.webkit.org/show_bug.cgi?id=174505
        <rdar://problem/33223015>

        Reviewed by Youenn Fablet.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::removeOldSamplesFromPendingQueue): Only
        enqueue a fixed number of frames with invalid or negative decode times.

2017-07-14  Youenn Fablet  <youenn@apple.com>

        Report CoreAudioCaptureSource failure in case shared unit stops working properly
        https://bugs.webkit.org/show_bug.cgi?id=174494

        Reviewed by Eric Carlson.

        Manual test by interrupting an audio capture on Mac.

        This patch adds a timer to CoreAudioSharedUnit.
        In case the capture callback is not called after one second, the shared unit is said to fail.
        Each source is notified that capture is failing.
        This will in turn trigger onend track event so that web pages can remedy capture failure.

        Timer starts with 10 seconds for audio data to start being captured.
        It is then decreased to 2 seconds.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::captureFailed):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::CoreAudioSharedUnit):
        (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):
        (WebCore::CoreAudioSharedUnit::startInternal):
        (WebCore::CoreAudioSharedUnit::verifyIsCapturing):
        (WebCore::CoreAudioSharedUnit::stopInternal):

2017-07-14  Jer Noble  <jer.noble@apple.com>

        Adding the 'autoplay' attribute to a media element during a user gesture should remove user gesture restrictions.
        https://bugs.webkit.org/show_bug.cgi?id=174373

        Reviewed by Eric Carlson.

        Test: media/video-add-autoplay-user-gesture.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):

2017-07-14  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219500.

        The test is consistently failing on iOS simulator.

        Reverted changeset:

        "AX: VoiceOver silent or skipping over time values on media
        player."
        https://bugs.webkit.org/show_bug.cgi?id=174324
        http://trac.webkit.org/changeset/219500

2017-07-14  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] error 'm_compositorTexture': undeclared identifier since Bug 174345
        https://bugs.webkit.org/show_bug.cgi?id=174493

        Reviewed by Alex Christensen.

        Compilation errors are reported by the code using a member
        m_compositorTexture of GraphicsContext3D which exists only if
        USE(COORDINATED_GRAPHICS_THREADED). WinCairo port doesn't use it.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        Use m_compositorTexture only if USE(COORDINATED_GRAPHICS_THREADED).
        (WebCore::GraphicsContext3D::~GraphicsContext3D): Ditto.
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        (WebCore::GraphicsContext3D::reshapeFBOs):
        Ditto. Fix the wrong indentation level.

2017-07-14  Fujii Hironori  <Hironori.Fujii@sony.com>

        [HarfBuzz] Decomposed Vietnamese characters are rendered incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=174418

        Reviewed by Michael Catanzaro.

        HarfBuzzShaper should normalize the input text before collecting
        HarfBuzzRuns. Actually, HarfBuzzShaper::setNormalizedBuffer does
        the task. But, this function hasn't been called from anywhere
        since Bug 108077.

        Test: fast/text/international/vietnamese-nfd.html

        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::HarfBuzzShaper::HarfBuzzShaper):
        Call setNormalizedBuffer instead of normalizeCharacters.
        (WebCore::normalizeCharacters): Deleted.

2017-07-14  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] Build broken "Cannot open include file: 'GL/glext.h'" since Bug 172104
        https://bugs.webkit.org/show_bug.cgi?id=174492

        Reviewed by Žan Doberšek.

        WinCairo port uses GLES. OpenGLShims.h shouldn't be included.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        Include "OpenGLShims.h" only if !USE(OPENGL_ES_2) instead of USE(OPENGL).

2017-07-14  Chris Dumez  <cdumez@apple.com>

        PageCache::removeAllItemsForPage(Page&) may reenter itself and cause crashes
        https://bugs.webkit.org/show_bug.cgi?id=174473
        <rdar://problem/32177485>

        Reviewed by Antti Koivisto.

        This could happen when a Page containing an SVGImage is removed from PageCache and
        this resulted in the destruction of the SVGImage. Because the SVGImage has an internal
        utility Page, it will also call PageCache::removeAllItemsForPage(WebCore::Page&) upon
        destruction, causing us to reenter.

        Address the issue by not calling PageCache::removeAllItemsForPage() for utility pages
        since those cannot be in PageCache in the first place.

        Also add assertions to make sure:
        1. We never insert a utility page into PageCache
        2. PageCache::removeAllItemsForPage() does not reenter

        No new tests, because I was unable to write a test which reproduced the crash. This
        is in theory testable using an API test which enables PageCache, loads a page
        containing an SVGImage, navigates away from this page so that it goes into PageCache,
        and then calls [WebView _close]. However, when I tried writing such test, I could
        not get the SVGImage to get destroyed while PageCache::removeAllItemsForPage() is
        called for the top-level page for some reason. Something seems to be keeping the
        SVGImage alive longer. I tried disabling the MemoryCache but it did not help.

        * history/PageCache.cpp:
        (WebCore::PageCache::addIfCacheable):
        (WebCore::PageCache::removeAllItemsForPage):
        * history/PageCache.h:
        * page/Page.cpp:
        (WebCore::Page::~Page):

2017-07-14  Aaron Chu  <aaron_chu@apple.com>

        AX: VoiceOver silent or skipping over time values on media player.
        https://bugs.webkit.org/show_bug.cgi?id=174324
        <rdar://problem/32021784>

        Reviewed by Antoine Quint.

        Added role attribute to modern media controls time lable class so that VoiceOver can access the time label when the media is playing.

        Updated: media/modern-media-controls/time-label/time-label.html

        * Modules/modern-media-controls/controls/time-label.js:

2017-07-13  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fix compiler warnings when building with GCC 7
        https://bugs.webkit.org/show_bug.cgi?id=174463

        Reviewed by Darin Adler.

        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::setShouldManageAudioSessionCategory):

2017-07-13  Michael Catanzaro  <mcatanzaro@igalia.com>

        Incorrect call to StyledElement::setInlineStyleProperty in ImageDocument::createDocumentStructure
        https://bugs.webkit.org/show_bug.cgi?id=174470

        Reviewed by Darin Adler.

        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::createDocumentStructure):

2017-07-13  Dean Jackson  <dino@apple.com>

        Fix iOS build.

        * platform/graphics/GraphicsContext3D.h:

2017-07-12  Dean Jackson  <dino@apple.com>

        Rename GraphicsContext[3D]Mac to Cocoa and move things into graphics/cocoa
        https://bugs.webkit.org/show_bug.cgi?id=174453
        <rdar://problem/33281481>

        Reviewed by Simon Fraser.

        Two renames, two moves:
        graphics/mac/GraphicsContext3DMac.mm -> graphics/cocoa/GraphicsContext3DCocoa.mm
        graphics/mac/GraphicsContext.mm -> graphics/cocoa/GraphicsContextCocoa.mm
        graphics/mac/WebGLLayer.h -> graphics/cocoa/WebGLLayer.h
        graphics/mac/WebGLLayer.mm -> graphics/cocoa/WebGLLayer.mm

        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/cocoa/GraphicsContext3DCocoa.mm: Renamed from Source/WebCore/platform/graphics/mac/GraphicsContext3DMac.mm.
        * platform/graphics/cocoa/GraphicsContextCocoa.mm: Renamed from Source/WebCore/platform/graphics/mac/GraphicsContextMac.mm.
        * platform/graphics/cocoa/WebGLLayer.h: Renamed from Source/WebCore/platform/graphics/mac/WebGLLayer.h.
        * platform/graphics/cocoa/WebGLLayer.mm: Renamed from Source/WebCore/platform/graphics/mac/WebGLLayer.mm.

2017-07-12  Dean Jackson  <dino@apple.com>

        Clean-up some things in GraphicsContext3D
        https://bugs.webkit.org/show_bug.cgi?id=174452
        <rdar://problem/33281257>

        Reviewed by Simon Fraser.

        General clean-up in GC3D.

        Covered by existing tests.

        * platform/graphics/GraphicsContext3D.h: Use initial values where possible.
        (WebCore::GraphicsContext3D::GraphicsContext3DState::GraphicsContext3DState): Deleted.
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D): Nearly everything can come from the
        initial values now.
        (WebCore::GraphicsContext3D::~GraphicsContext3D): Remove code that won't be enabled
        on this platform.
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas): While unlikely to happen,
        and possibly harmless in this case, add some checked arithmetic to make sure we don't overflow
        when working out how big a buffer to create.
        (WebCore::GraphicsContext3D::paintRenderingResultsToImageData): Ditto.
        (WebCore::GraphicsContext3D::reshape): Do nothing if we are ever given negative
        width or height. Again unlikely.

2017-07-13  Dean Jackson  <dino@apple.com>

        Avoid unnecessary copy of framebuffer into WebGL Layer
        https://bugs.webkit.org/show_bug.cgi?id=174345
        <rdar://problem/33228950>

        Reviewed by Sam Weinig.

        On macOS, we're unnecessarily copying the framebuffer into another
        texture before pushing it into the compositing layer. Instead we
        should simply render the FBO into the CALayer we use to draw on
        the screen.

        Covered by the existing WebGL tests.

        * platform/graphics/GraphicsContext3D.h:
        (WebCore::GraphicsContext3D::platformTexture): Return the FBO texture instead.
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D): No need to have a compositing
        texture.
        (WebCore::GraphicsContext3D::~GraphicsContext3D):
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::reshapeFBOs):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::prepareTexture): Don't copy the pixels from
        the FBO into the compositing texture

2017-07-13  Mark Lam  <mark.lam@apple.com>

        Implementors of memoryCost() need to be thread-safe.
        https://bugs.webkit.org/show_bug.cgi?id=172738
        <rdar://problem/32474881>

        Reviewed by Keith Miller.

        No new tests. This patch fixes a race condition bug that can result in random
        crashes (and other unpredictable behavior), and is very difficult to test for.

        * Modules/webaudio/AudioBuffer.cpp:
        (WebCore::AudioBuffer::releaseMemory):
        (WebCore::AudioBuffer::memoryCost):
        * Modules/webaudio/AudioBuffer.h:
        * dom/ChildNodeList.h:
        * dom/CollectionIndexCache.h:
        (WebCore::CollectionIndexCache::memoryCost):
        * dom/LiveNodeList.h:
        * html/CachedHTMLCollection.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::memoryCost):
        (WebCore::HTMLCanvasElement::externalMemoryCost):
        (WebCore::HTMLCanvasElement::setImageBuffer):
        * html/HTMLCanvasElement.h:
        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::invalidateNamedElementCache):
        * html/HTMLCollection.h:
        (WebCore::CollectionNamedElementCache::memoryCost):
        (WebCore::HTMLCollection::memoryCost):
        (WebCore::HTMLCollection::setNamedItemCache):
        * platform/graphics/ImageBuffer.cpp:
        (WebCore::ImageBuffer::memoryCost):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::memoryCost):
        (WebCore::ImageBuffer::externalMemoryCost):

2017-07-13  Jeremy Jones  <jeremyj@apple.com>

        Fix style. Use #pragma once in VideoFullscreen and PlaybackSession headers.
        https://bugs.webkit.org/show_bug.cgi?id=174448

        Reviewed by Eric Carlson.

        No behavior change.

        * platform/cocoa/WebPlaybackSessionInterface.h:
        * platform/cocoa/WebVideoFullscreenChangeObserver.h:
        * platform/cocoa/WebVideoFullscreenModel.h:
        * platform/cocoa/WebVideoFullscreenModelVideoElement.h:
        * platform/ios/WebPlaybackSessionInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenControllerAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/mac/WebVideoFullscreenInterfaceMac.h:

2017-07-13  Alex Christensen  <achristensen@webkit.org>

        Deleting last URLSearchParams key should remove trailing ? in associated URL
        https://bugs.webkit.org/show_bug.cgi?id=174465

        Reviewed by Chris Dumez.

        This makes us match the behavior of Chrome and Firefox, and the spec after https://github.com/whatwg/url/issues/332 is approved.
        This will be covered by an upcoming web platform test, and I updated fast/dom/DOMURL/searchparams.html to cover it now.

        * platform/URLParser.cpp:
        (WebCore::URLParser::serialize):
        If there are no tuples, serialize to the null string instead of a non-null empty string.
        This makes it so URL::setQuery removes the ?

2017-07-13  Jeremy Jones  <jeremyj@apple.com>

        Style fix. Replace strongThis with protectedThis.
        https://bugs.webkit.org/show_bug.cgi?id=174444

        Reviewed by Eric Carlson.

        Rename, no behavior change.

        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::finish):
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData):
        (WebCore::WebCoreDecompressionSession::enqueueSample):
        (WebCore::WebCoreDecompressionSession::handleDecompressionOutput):
        (WebCore::WebCoreDecompressionSession::enqueueDecodedSample):
        (WebCore::WebCoreDecompressionSession::requestMediaDataWhenReady):
        (WebCore::WebCoreDecompressionSession::flush):

2017-07-13  Jeremy Jones  <jeremyj@apple.com>

        Fix block style in WebVideoFullscreen classes.
        https://bugs.webkit.org/show_bug.cgi?id=174446

        Reviewed by Eric Carlson.

        No behavior change.

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::setVideoLayerFrame):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerLayer layoutSublayers]):
        (getWebAVPictureInPicturePlayerLayerViewClass):
        (getWebAVPlayerLayerViewClass):

2017-07-13  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Remove unused and untested Page domain commands
        https://bugs.webkit.org/show_bug.cgi?id=174429

        Reviewed by Timothy Hatcher.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::disable):
        (WebCore::InspectorPageAgent::didClearWindowObjectInWorld):
        (WebCore::InspectorPageAgent::addScriptToEvaluateOnLoad): Deleted.
        (WebCore::InspectorPageAgent::removeScriptToEvaluateOnLoad): Deleted.
        * inspector/InspectorPageAgent.h:

2017-07-13  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyRSA SPKI exports
        https://bugs.webkit.org/show_bug.cgi?id=173695

        Reviewed by Jiewen Tan.

        Implement the SPKI export operation for RSA keys for platforms that use
        libgcrypt.

        In CryptoKeyRSA::exportSpki(), we bail early with an invalid access exception if
        this export is not being done for a public key. Otherwise, we start with creating
        the `RSAPublicKey` ASN.1 structure, filling in the modulus and public exponent
        data that's retrieved from the `public-key` s-expression in the signed MPI format.

        We then create the `SubjectPublicKeyInfo` ASN.1 structure and fill it out with
        the necessary data. The id-rsaEncryption object identifier is written out under
        the `algorithm.algorithm` element, and a null value is written out under the
        `algorithm.parameters` element. This doesn't follow the specification at the
        moment, since id-RSASSA-PSS would have to be written for the RSA-PSS algorithm,
        and id-RSAES-OAEP for the RSA-OAEP algorithm, along with specific parameter
        structures. But no test in WebKit or the web-platform-tests suite covers this,
        so this deviation should be addressed later.

        Data of the previously-constructed `RSAPublicKey` structure is retrieved and
        written out under the `subjectPublicKey` element, before finally retrieving
        data of the `SubjectPublicKeyInfo` structure and returning that to the caller.

        A helper mpiSignedData() function is added, providing overloads for gcry_mpi_t
        and gcry_sexp_t parameters. MPI data for that parameter is retrieved and the
        first byte of that data is tested, inserting an additional 0x00 byte at the
        beginning of the Vector if that first byte has the first bit set, avoiding this
        data accidentally being interpreted as a signed integer.

        No new tests -- related tests are now passing and are unskipped.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::exportSpki):
        * crypto/gcrypt/GCryptUtilities.h:
        (WebCore::mpiSignedData):

2017-07-13  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyRSA SPKI imports
        https://bugs.webkit.org/show_bug.cgi?id=173694

        Reviewed by Jiewen Tan.

        Implement the SPKI import operation for RSA keys for platforms that use
        libgcrypt.

        The passed-in key data is decoded against the `SubjectPublicKeyInfo` ASN.1
        structure. We then validate the `algorithm.algorithm` element, ensuring that
        the value under that represents a supported object identifier. This check is
        for now mostly superficial, only ensuring that the object identifier is either
        id-rsaEncryption, id-RSAES-OAEP or id-RSASSA-PSS. This has to be further extended
        to also check the id-sha{1,256,384,512}WithRSAEncryption identifiers as well as
        decoding the `algorithm.parameters` element against a specific ASN.1 structure,
        if necessary (RSASSA-PSS-params or RSAES-OAEP-params), and cross-checking the
        specified digest algorithm with the algorithm that's specified through the main
        object identifier or the structure contained in `algorithm.parameters`. This is
        avoided for now because no test in WebKit or the web-platform-tests suite covers
        this detail of the specification.

        After the algorithm is identified as supported, we proceed with decoding the
        `subjectPublicKey` data against the `RSAPublicKey` ASN.1 structure. From there,
        we retrieve the `modulus` and `publicExponent` data from which we can construct
        an RSA `public-key` s-expression that can be used through libgcrypt. A new
        CryptoKeyRSA object is then created, taking over ownership of the `public-key`
        s-expression, and returned.

        No new tests -- related tests are now passing and are unskipped.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::supportedAlgorithmIdentifier):
        (WebCore::CryptoKeyRSA::importSpki):

2017-07-12  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        REGRESSION(r219332): [GTK] 9 new failures on fast/forms spinbutton related tests
        https://bugs.webkit.org/show_bug.cgi?id=174395

        Reviewed by Carlos Garcia Campos.

        Covered by existing tests.

        Before r219332 the height of the spin button widget was
        calculated as the maximum value between the individual button
        ( the [+] or [-] ) width (33 pixels) and height (16 pixels).
        And r219332 caused the height of the widget to be calculated as
        the height of the button (16 pixels), which was incorrect as
        each button should be first expanded vertically to fit the
        preferred size of the widget.

        Fix this by making the calculations about the spin button widget
        on a new function spinButtonSize() that takes this into account,
        and use this values both for adjusting the style of the input
        field and the spin button widget itself.

        * rendering/RenderThemeGtk.cpp:
        (WebCore::spinButtonSize):
        (WebCore::RenderThemeGtk::adjustTextFieldStyle):
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):

2017-07-13  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] border-radius with non visible border doesn't work on images that have their own RenderLayer
        https://bugs.webkit.org/show_bug.cgi?id=174157

        Reviewed by Carlos Garcia Campos.

        Do not allow direct compositing of images when they have a border-radius property on WebKitGTK+ and WPE.
        These platforms don't support clipping using rounded rectangles during composition, which is required
        when using border-radius and the border is not visible. Due to this, they need to perform the clippping
        with cairo.

        This is a temporal fix, until appropriate clipping is implemented in the TextureMapper.

        No new tests.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::isDirectlyCompositedImage):

2017-07-13  Chris Fleizach  <cfleizach@apple.com>

        AX: WebView crashes app after opening VoiceOver context box menu from modal dialog
        https://bugs.webkit.org/show_bug.cgi?id=163999
        <rdar://problem/28949013>

        Reviewed by Joanmarie Diggs.

        Protect when m_object goes away.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):

2017-07-12  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Async image decoding for large images should be disabled by default
        https://bugs.webkit.org/show_bug.cgi?id=174432

        Reviewed by Simon Fraser.

        -- Rename GraphicsLayerPaintFlags::Snapshotting to AllowAsyncImageDecoding.
        -- Replace every reference to GraphicsLayerPaintFlags::Snapshotting by
           GraphicsLayerPaintFlags::None and every GraphicsLayerPaintFlags::None
           by AllowAsyncImageDecoding.
        -- Rename PaintBehaviorSnapshotting to PaintBehaviorAllowAsyncImageDecoding.
        -- Propagate PaintBehaviorAllowAsyncImageDecoding from a parent view to 
           a child view instead of propagating PaintBehaviorSnapshotting.
        -- Remove setting the bit PaintBehaviorSnapshotting in any new PaintBehavoir.
        -- Replace setting the bit PaintBehaviorSnapshotting in an existing PaintBehavoir
           by resetting the bit PaintBehaviorAllowAsyncImageDecoding.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
        * page/FrameView.cpp:
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::paintContentsForSnapshot):
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/mac/WebLayer.mm:
        (-[WebLayer drawInContext:]):
        (-[WebSimpleLayer drawInContext:]):
        * rendering/PaintPhase.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::decodingModeForImageDraw):
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintForegroundForFragments):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintContents):
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents): We need to propagate the 
        PaintBehaviorAllowAsyncImageDecoding from RenderWidget to the FrameView.
        We did not need to do that for PaintBehaviorSnapshotting because 
        FrameView was setting it in its m_paintBehavior if (document->printing())
        in FrameView::willPaintContents().

2017-07-12  Timothy Hatcher  <timothy@hatcher.name>

        REGRESSION(r219391): Broke the USE(OPENGL_ES_2) build
        https://bugs.webkit.org/show_bug.cgi?id=174442

        Unreviewed build fix.

        * platform/graphics/egl/GLContextEGL.cpp: Fix typo of OPENGL_ES2.

2017-07-12  Youenn Fablet  <youenn@apple.com>

        Recreate the AudioUnit when restarting capture
        https://bugs.webkit.org/show_bug.cgi?id=174439

        Reviewed by Jer Noble.

        Sometimes other applications in the system like FaceTime may make the audio unit not functional.
        Reloading the tab capturing audio will trigger a call to stop the audio shared unit.
        When the tab requests again audio, the shared unit will restart.
        At that time, the AudioUnit shared unit will be fully recreated.

        Manually tested by doing a webrtc call and then doing a FaceTime call.
        Remote WebRTC endpoints may not receive any audio.
        With the patch, reloading the web page will get back the audio.
        Previously, restarting the UIProcess was the only way.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::startProducingData): Cleaning the audio unit when starting to produce data if there is a preexisting audio unit.

2017-07-12  Youenn Fablet  <youenn@apple.com>

        Accessing localDescription, remoteDescription, etc. after setTimeout raises EXC_BAD_ACCESS
        https://bugs.webkit.org/show_bug.cgi?id=174323
        <rdar://problem/33267876>

        Reviewed by Eric Carlson.

        Test: webrtc/calling-peerconnection-once-closed.html

        In case the libwebrtc backend is null, we should not use it to get description from it.
        Return null in that case.

        Adding ASSERT to other calls where the layer above LibWebRTCMediaEndpoint should protect
        from calling a function on a null libwebrtc backend.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::currentLocalDescription):
        (WebCore::LibWebRTCMediaEndpoint::currentRemoteDescription):
        (WebCore::LibWebRTCMediaEndpoint::pendingLocalDescription):
        (WebCore::LibWebRTCMediaEndpoint::pendingRemoteDescription):
        (WebCore::LibWebRTCMediaEndpoint::localDescription):
        (WebCore::LibWebRTCMediaEndpoint::remoteDescription):
        (WebCore::LibWebRTCMediaEndpoint::doSetLocalDescription):
        (WebCore::LibWebRTCMediaEndpoint::doSetRemoteDescription):
        (WebCore::LibWebRTCMediaEndpoint::addTrack):
        (WebCore::LibWebRTCMediaEndpoint::removeTrack):
        (WebCore::LibWebRTCMediaEndpoint::doCreateOffer):
        (WebCore::LibWebRTCMediaEndpoint::doCreateAnswer):
        (WebCore::LibWebRTCMediaEndpoint::createDataChannel):

2017-07-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r219176.
        https://bugs.webkit.org/show_bug.cgi?id=174436

        "Can cause infinite recursion on iOS" (Requested by mlam on
        #webkit).

        Reverted changeset:

        "WTF::Thread should have the threads stack bounds."
        https://bugs.webkit.org/show_bug.cgi?id=173975
        http://trac.webkit.org/changeset/219176

2017-07-12  Nan Wang  <n_wang@apple.com>

        AX: [iOS] Implement a way to retrieve a text marker range with desired text that is closest to a position
        https://bugs.webkit.org/show_bug.cgi?id=174393
        <rdar://problem/33248006>

        Reviewed by Chris Fleizach.

        Used the existing findClosestPlainText function to search the range on iOS.
        Also exposed a function on the iOS wrapper to return the selection rects of
        the result range from the searching. 

        Test: accessibility/ios-simulator/text-marker-range-matches-text.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::visiblePositionForPositionWithOffset):
        (WebCore::AXObjectCache::rangeMatchesTextNearRange):
        * accessibility/AXObjectCache.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper rangeFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper textRectsFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper rectsForSelectionRects:]):

2017-07-12  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219409.

        The revision caused the Windows builds to fail.

        Reverted changeset:

        "AX: [iOS] Implement a way to retrieve a text marker range
        with desired text that is closest to a position"
        https://bugs.webkit.org/show_bug.cgi?id=174393
        http://trac.webkit.org/changeset/219409

2017-07-12  Alicia Boya García  <aboya@igalia.com>

        [FreeType] Enable BCI on webfonts
        https://bugs.webkit.org/show_bug.cgi?id=174403

        Reviewed by Michael Catanzaro.

        The FreeType BCI hinter used to be disabled on webfonts in favor of
        the autohinter.

        FreeType BCI hinter has improved considerably in the past and now most
        other browsers enable it too. Given the old reasons no longer apply,
        the BCI has now been enabled in order to get better text rendering when
        embedded hints are available.

        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData):

2017-07-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r219361.
        https://bugs.webkit.org/show_bug.cgi?id=174434

        Huge PLUM memory regression on iOS (Requested by kling on
        #webkit).

        Reverted changeset:

        "[WebIDL] Convert MutationCallback to be a normal generate
        callback"
        https://bugs.webkit.org/show_bug.cgi?id=174140
        http://trac.webkit.org/changeset/219361

2017-07-12  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] a capture source failure should end the MediaStreamTrack
        https://bugs.webkit.org/show_bug.cgi?id=174375

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/media-stream-track-source-failure.html

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::captureFailed): New, signal observers that the source has ended.
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::setupSession): Call captureFailed if setupCaptureSession fails.

        * platform/mediastream/mac/AVVideoCaptureSource.h:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::setupCaptureSession): Return false on failure.
        (WebCore::AVVideoCaptureSource::shutdownCaptureSession): Delete unused instance variable.
        (WebCore::AVVideoCaptureSource::processNewFrame): Ditto.

        * testing/Internals.cpp:
        (WebCore::Internals::endMediaStreamTrackCaptureSource): Call track.source.captureFailed().
        * testing/Internals.h:
        * testing/Internals.idl:

2017-07-12  Timothy Hatcher  <timothy@hatcher.name>

        Improve font matching with FontConfig and FreeType
        https://bugs.webkit.org/show_bug.cgi?id=174374

        Reviewed by Michael Catanzaro.

        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::createFontPlatformData): Loop through all family name matches from FcFontMatch.

2017-07-12  Youenn Fablet  <youenn@apple.com>

        Reactivate audio ducking when restarting the shared unit
        https://bugs.webkit.org/show_bug.cgi?id=174428

        Reviewed by Eric Carlson.

        Currently, when another application ducks WebKit, there is no other way than to quit the UIProcess and restart it.
        By again audio ducking when starting the audio unit, reloading the page will be enough.
        Testing by launching a tab with audio capture and audio playing.
        Then make a FaceTime call and hear the tab volume go down.
        End the call to FaceTime and the tab volume remains low.
        Reload the tab and the volume has a normal level.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setupAudioUnit):
        (WebCore::CoreAudioSharedUnit::startInternal):

2017-07-12  Antoine Quint  <graouts@apple.com>

        Playback controls should not hide while AirPlay is active
        https://bugs.webkit.org/show_bug.cgi?id=174422
        <rdar://problem/33011477>

        Reviewed by Eric Carlson.

        We now also track changes in AirPlay playback status and account for it when identifying whether we
        ought to let media controls automatically hide, which should only happen if the media is playing and
        not playing back through AirPlay.

        * Modules/modern-media-controls/media/controls-visibility-support.js:
        (ControlsVisibilitySupport.prototype.get mediaEvents):
        (ControlsVisibilitySupport.prototype._updateControls):
        (ControlsVisibilitySupport):

2017-07-12  Daniel Bates  <dabates@apple.com>

        Attempt to fix the build following <https://trac.webkit.org/changeset/219407>
        (https://bugs.webkit.org/show_bug.cgi?id=174386)

        Fix bad merge after <https://trac.webkit.org/changeset/219404>.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:

2017-07-12  Nan Wang  <n_wang@apple.com>

        AX: [iOS] Implement a way to retrieve a text marker range with desired text that is closest to a position
        https://bugs.webkit.org/show_bug.cgi?id=174393
        <rdar://problem/33248006>

        Reviewed by Chris Fleizach.

        Used the existing findClosestPlainText function to search the range on iOS.
        Also exposed a function on the iOS wrapper to return the selection rects of
        the result range from the searching. 

        Test: accessibility/ios-simulator/text-marker-range-matches-text.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::visiblePositionForPositionWithOffset):
        (WebCore::AXObjectCache::rangeMatchesTextNearRange):
        * accessibility/AXObjectCache.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper rangeFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper textRectsFromMarkers:withText:]):
        (-[WebAccessibilityObjectWrapper rectsForSelectionRects:]):

2017-07-12  Daniel Bates  <dabates@apple.com>

        NavigationAction should track whether the navigation was initiated by the main frame
        https://bugs.webkit.org/show_bug.cgi?id=174386
        <rdar://problem/33245267>

        Reviewed by Brady Eidson.

        Although we added state to NavigationAction to track whether the navigation was
        initiated by the main frame in r219170 it is not possible to initialize this state
        when instantiating a NavigationAction. Having NavigationAction track this state
        will be useful to ensure that we can always compute the source frame information
        when asking the embedding client whether to allow a navigation. We will make use
        of it in the fix for <https://bugs.webkit.org/show_bug.cgi?id=174385>.

        No behavior changed. So, no new tests.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL): Pass whether the load was initiated by the main frame
        when instantiating the NavigationAction.
        (WebCore::FrameLoader::load): For now, pass InitiatedByMainFrame::Unknown when instantiating
        the NavigationAction as we do not know if the load was initiated by the main frame.
        (WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
        (WebCore::FrameLoader::reload): Ditto
        (WebCore::FrameLoader::loadDifferentDocumentItem): Ditto.
        (WebCore::createWindow): Pass whether the load was initiated by the main frame when
        instantiating the NavigationAction.
        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction): Modified to take argument of type InitiatedByMainFrame
        that indicates whether the navigation was initiated by the main frame.
        * loader/NavigationAction.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy): For now, pass InitiatedByMainFrame::Unknown
        when instantiating the NavigationAction as we do not know if the load was initiated by the
        main frame.
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow): Pass whether the load was initiated by the main frame when
        instantiating the NavigationAction.

2017-07-12  Daniel Bates  <dabates@apple.com>

        Rename NavigationInitiatedByMainFrame to InitiatedByMainFrame
        https://bugs.webkit.org/show_bug.cgi?id=174427

        Rubber-stamped by Brady Eidson.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        (WebCore::FrameLoadRequest::initiatedByMainFrame):
        (WebCore::FrameLoadRequest::navigationInitiatedByMainFrame): Deleted.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::shouldOpenExternalURLsPolicyToApply):
        (WebCore::applyShouldOpenExternalURLsPolicyToNewDocumentLoader):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoader.h:
        * loader/FrameLoaderTypes.h:
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::initiatedByMainFrame):
        (WebCore::NavigationAction::navigationInitiatedByMainFrame): Deleted.
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledNavigation::ScheduledNavigation):
        (WebCore::ScheduledNavigation::initiatedByMainFrame):
        (WebCore::NavigationScheduler::scheduleLocationChange):
        (WebCore::ScheduledNavigation::navigationInitiatedByMainFrame): Deleted.
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2017-07-12  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219401.

        This revision rolled out the previous patch, but after talking
        with reviewer, a rebaseline is what was needed.Rolling back in
        before rebaseline.

        Reverted changeset:

        "Unreviewed, rolling out r219379."
        https://bugs.webkit.org/show_bug.cgi?id=174400
        http://trac.webkit.org/changeset/219401

2017-07-12  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219379.

        This revision caused a consistent failure in the test
        fast/dom/Window/property-access-on-cached-window-after-frame-
        removed.html.

        Reverted changeset:

        "Remove NAVIGATOR_HWCONCURRENCY"
        https://bugs.webkit.org/show_bug.cgi?id=174400
        http://trac.webkit.org/changeset/219379

2017-07-12  Zalan Bujtas  <zalan@apple.com>

        Paginated mode: Infinite recursion in RenderTable::layout
        https://bugs.webkit.org/show_bug.cgi?id=174413

        Reviewed by Simon Fraser.

        This patch is a workaround for avoiding infinite recursion when the table layout does not stabilize.
        Apparently we leak some context (computed padding in this case) from the current to the subsequent layout.
        The subsequent layouts always end up producing different line heights for some of the cells in the <thead>.
        In paginated mode, when the section moves (<thead>, <tbody> etc) we call layout again recursively.
        This could lead to infinite recursion for unstable table layout.

        Unable to come up with a reduction yet.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):
        * rendering/RenderTable.h:

2017-07-12  Youenn Fablet  <youenn@apple.com>

        WebRTC: Incorrect sdpMLineIndex for video breaks Firefox interop
        https://bugs.webkit.org/show_bug.cgi?id=173530

        Reviewed by Alex Christensen.

        Test: webrtc/ice-candidate-sdpMLineIndex.html

        Reading missing parameter from libwebrtc backend and setting it when firing the RTCIceCandidate event.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::disableICECandidateFiltering):
        (WebCore::PeerConnectionBackend::newICECandidate):
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::OnIceCandidate):

2017-07-12  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyEC PKCS#8 exports
        https://bugs.webkit.org/show_bug.cgi?id=173648

        Reviewed by Jiewen Tan.

        Implement the PKCS#8 export operation for EC keys for platforms that use
        libgcrypt.

        First, the `ECParameters` and the `ECPrivateKey` ASN.1 structures are created
        and filled out accordingly. For the former, the appropriate object identifier
        is written under the `namedCurve` element of the structure. For the latter, we
        write out '1' under `version`, and eliminate the optional `parameters` element.
        An libgcrypt EC context is then used to retrieve the private and public key
        MPIs that are then written out under the `privateKey` and `publicKey` elements,
        respectively.

        After that, we can proceed to create and fill out the `PrivateKeyInfo` structure.
        0 is written out under the `version` element, and the id-ecPublicKey object
        identifier is written out under the `privateKeyAlgorithm.algorithm` element. This
        doesn't strictly follow the specification, since the id-ecDH identifier should be
        used for ECDH keys, but no test in WebKit or the web-platform-tests suite covers
        this, so this specific detail should be revisited later.

        Data of the previously-constructed `ECParameters` structure is retrieved and
        written out under the `privateKeyAlgorithm.parameters` element. Similarly is done
        for the `ECPrivateKey` structure, writing out its data under the `privateKey`
        element. Finally, the optional `attributes` element of the `PrivateKeyInfo`
        structure is eliminated, and the encoded data of this structure is retrieved and
        returned.

        No new tests -- relevant tests are now passing and are unskipped.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::CryptoKeyEC::platformExportPkcs8):

2017-07-12  Zan Dobersek  <zdobersek@igalia.com>

        [WPE] Use libepoxy
        https://bugs.webkit.org/show_bug.cgi?id=172104

        Reviewed by Michael Catanzaro.

        No new tests -- no changes in behavior.

        Implement the proper libepoxy header inclusion for ports that enable it.

        The library acts as a loading facility working on top of the system-provided
        OpenGL and EGL libraries, with the headers providing a complete collection of
        specification-defined OpenGL and EGL types, constants and entrypoints.

        Support is added through the USE(LIBEPOXY) build guard. Note that this guard
        isn't exclusive with USE(OPENGL), USE(OPENGL_ES_2) or USE(EGL), so the
        USE(LIBEPOXY) condition is tested before those.

        In case of OpenGL headers, the <epoxy/gl.h> header is included, and in
        case of EGL headers, the <epoxy/egl.h> header. <epoxy/egl.h> includes
        <epoxy/gl.h> on its own, so in some cases the inclusion of the latter is
        omitted.

        EpoxyShims.h header is added, doing a job similar to OpenGLESShims.h. The
        EXT-suffixed GL entrypoints are redefined to the non-suffixed versions.
        No suffixed constants are defined because those are defined by the libepoxy
        headers to the well-known values.

        * CMakeLists.txt:
        * PlatformWPE.cmake:
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/EpoxyShims.h: Added.
        * platform/graphics/GLContext.cpp:
        (WebCore::initializeOpenGLShimsIfNeeded):
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        * platform/graphics/PlatformDisplay.cpp:
        * platform/graphics/cairo/CairoUtilities.cpp:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::create):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/egl/GLContextEGL.cpp:
        * platform/graphics/egl/GLContextEGLWPE.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLES.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        * platform/graphics/opengl/TemporaryOpenGLSetting.cpp:
        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
        * platform/graphics/wpe/PlatformDisplayWPE.cpp:

2017-07-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        ImageDecoder: Gifs with infinite animation only play once very often
        https://bugs.webkit.org/show_bug.cgi?id=173403

        Reviewed by Michael Catanzaro.

        It doesn't always happen, it's easier to reproduce when loading big files from the network, but it also depends
        on every file. The problem is that ImageFrameCache is caching the repetition count value always when the size is
        already available. In the case of gif files, the loop count value can be at any point of the image stream, so
        having the size available doesn't mean we also have the loop count. So, if the value is queried before it's
        available, the default value is cached (repeat once) and then always used. We should clear the cached value when
        new data is added to the decoder, like we do with other cached values that can change when more data is decoded.

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::clearMetadata): Clear m_repetitionCount.

2017-07-12  Adrian Perez de Castro  <aperez@igalia.com>

        [SOUP] Do not use C linkage for functions using C++ features
        https://bugs.webkit.org/show_bug.cgi?id=174392

        Reviewed by Michael Catanzaro.

        No new tests because there is no behavior change.

        * platform/network/soup/WebKitSoupRequestGeneric.h: Move G_END_DECLS
        to leave functions which use C++ features outside of the block it
        delimits.

2017-07-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crashes in WebCore::PasteboardHelper::fillSelectionData when source file of drag is unavailable
        https://bugs.webkit.org/show_bug.cgi?id=174161

        Reviewed by Michael Catanzaro.

        It seems selection data could contain an empty string, in which case gtk_selection_data_get_data() returns a
        valid pointer, but gtk_selection_data_get_length() returns 0. When this happens we end up trying to split an
        empty string resulting in an empty vector, but we unconditionally access the first element of the vector.

        * platform/gtk/PasteboardHelper.cpp:
        (WebCore::selectionDataToUTF8String): Return a null string in case selection data length is 0.
        (WebCore::PasteboardHelper::fillSelectionData): Return early if selection data length is 0, instead of checking
        the selection data pointer.

2017-07-11  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][WPE] Enable FILE_LOCK and implement lockFile and unlockFile
        https://bugs.webkit.org/show_bug.cgi?id=174357

        Reviewed by Michael Catanzaro.

        Implement lockFile and unlockFile using flock().

        * PlatformWPE.cmake:
        * platform/glib/FileSystemGlib.cpp:
        (WebCore::lockFile):
        (WebCore::unlockFile):

2017-07-11  Yusuke Suzuki  <utatane.tea@gmail.com>

        Use FastAllocator in STL containers
        https://bugs.webkit.org/show_bug.cgi?id=174366

        Rubber stamped by Sam Weinig.

        This patch uses FastAllocator for STL containers including std::set and std::map.
        STL can take a template parameter to be used as allocator for containers.
        We prepare FastAllocator, which uses fastMalloc for allocation.
        This allows us to use bmalloc (if supported) for STL containers which offers
        functionalities that is not supported in WTF containers.

        * Modules/indexeddb/IDBKeyData.h:
        * Modules/indexeddb/server/IndexValueEntry.cpp:
        (WebCore::IDBServer::IndexValueEntry::IndexValueEntry):
        (WebCore::IDBServer::IndexValueEntry::Iterator::Iterator):
        (WebCore::IDBServer::IndexValueEntry::reverseFind):
        * Modules/indexeddb/server/IndexValueEntry.h:
        * Modules/indexeddb/server/IndexValueStore.cpp:
        (WebCore::IDBServer::IndexValueStore::lowestIteratorInRange):
        (WebCore::IDBServer::IndexValueStore::highestReverseIteratorInRange):
        (WebCore::IDBServer::IndexValueStore::Iterator::Iterator):
        * Modules/indexeddb/server/IndexValueStore.h:
        * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
        (WebCore::IDBServer::MemoryBackingStoreTransaction::objectStoreCleared):
        * Modules/indexeddb/server/MemoryBackingStoreTransaction.h:
        * Modules/indexeddb/server/MemoryObjectStore.cpp:
        (WebCore::IDBServer::MemoryObjectStore::replaceKeyValueStore):
        (WebCore::IDBServer::MemoryObjectStore::addRecord):
        (WebCore::IDBServer::MemoryObjectStore::updateCursorsForPutRecord):
        * Modules/indexeddb/server/MemoryObjectStore.h:
        (WebCore::IDBServer::MemoryObjectStore::orderedKeys):
        * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
        (WebCore::IDBServer::MemoryObjectStoreCursor::keyAdded):
        (WebCore::IDBServer::MemoryObjectStoreCursor::setFirstInRemainingRange):
        (WebCore::IDBServer::MemoryObjectStoreCursor::setForwardIteratorFromRemainingRange):
        (WebCore::IDBServer::MemoryObjectStoreCursor::setReverseIteratorFromRemainingRange):
        (WebCore::IDBServer::MemoryObjectStoreCursor::incrementForwardIterator):
        (WebCore::IDBServer::MemoryObjectStoreCursor::incrementReverseIterator):
        * Modules/indexeddb/server/MemoryObjectStoreCursor.h:
        * Modules/mediasource/SampleMap.h:
        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::deferTestsForReason):
        (WebCore::dumpState):
        * page/WheelEventTestTrigger.h:
        * platform/graphics/cv/VideoTextureCopierCV.cpp:
        (WebCore::enumToStringMap):
        * rendering/OrderIterator.h:

2017-07-11  Per Arne Vollan  <pvollan@apple.com>

        [Win] Build error when building WebKit.dll from WebKit.proj project file.
        https://bugs.webkit.org/show_bug.cgi?id=174410

        Reviewed by Brent Fulgham.

        Copy required header files to forwarding headers folder.

        * PlatformWin.cmake:

2017-07-11  Dean Jackson  <dino@apple.com>

        Remove NAVIGATOR_HWCONCURRENCY
        https://bugs.webkit.org/show_bug.cgi?id=174400

        Reviewed by Sam Weinig.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:
        * page/NavigatorBase.cpp:
        (WebCore::NavigatorBase::hardwareConcurrency): Deleted.
        * page/NavigatorBase.h:
        * page/NavigatorConcurrentHardware.idl: Removed.

2017-07-11  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingAudioSource should not push more audio data if the WebRTC thread is not able to process it
        https://bugs.webkit.org/show_bug.cgi?id=174383

        Reviewed by Eric Carlson.

        This patch adds support to check for pending-processing audio data.
        If the amount of audio data is bigger than a high water mark of 0.5 seconds,
        we stop pushing new audio data until buffered audio data is lower than a low water mark of 0.1 seconds.
        Patch is tested by adding breakpoints to trigger the high water mark, verifying that low water mark is triggered
        and receiving audio is fine on the other connection endpoint.

        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::isReachingBufferedAudioDataHighLimit):
        (WebCore::RealtimeOutgoingAudioSource::isReachingBufferedAudioDataLowLimit):
        (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:

2017-07-11  Dean Jackson  <dino@apple.com>

        Rolling out r219372.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:
        * page/NavigatorBase.cpp:
        (WebCore::NavigatorBase::hardwareConcurrency):
        * page/NavigatorBase.h:
        * page/NavigatorConcurrentHardware.idl: Added.

2017-07-11  Dean Jackson  <dino@apple.com>

        Remove NAVIGATOR_HWCONCURRENCY
        https://bugs.webkit.org/show_bug.cgi?id=174400

        Reviewed by Sam Weinig.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:
        * page/NavigatorBase.cpp:
        (WebCore::NavigatorBase::hardwareConcurrency): Deleted.
        * page/NavigatorBase.h:
        * page/NavigatorConcurrentHardware.idl: Removed.

2017-07-11  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] CryptoKeyECMac::Custom OpenSSL tag is actually tagged type [1]
        https://bugs.webkit.org/show_bug.cgi?id=174382
        <rdar://problem/33244871>

        Reviewed by Brent Fulgham.

        No change of behaviour.

        * crypto/mac/CryptoKeyECMac.cpp:
        (WebCore::CryptoKeyEC::platformImportPkcs8):
        (WebCore::CryptoKeyEC::platformExportPkcs8):
        Replace CustomECParameters with TaggedType1 according to X.690(08/2015) section 8.14:
        https://www.itu.int/rec/T-REC-X.690-201508-I/en
        and RFC 5915 Appendix A:
        http://www.ietf.org/rfc/rfc5915.txt.

2017-07-11  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r219045): The <body> element does not get repainted when its background image finishes decoding
        https://bugs.webkit.org/show_bug.cgi?id=174376

        Reviewed by Simon Fraser.

        When adding a CachedImageClient to CachedImage::m_pendingImageDrawingClients
        and the CachedImageClient is not one of the CachedImage::m_clients, we
        should cancel the repaint optimization in CachedImage::imageFrameAvailable().
        This can be done by adding all the CachedImage::m_clients to CachedImage::
        m_pendingImageDrawingClients.

        Test: fast/images/async-image-body-background-image.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addPendingImageDrawingClient):

2017-07-11  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix Windows build after r219355.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::addCrossOriginWindowPropertyNames):
        (WebCore::addCrossOriginWindowOwnPropertyNames):
        (WebCore::JSDOMWindow::getOwnPropertyNames):
        (WebCore::addCrossOriginPropertyNames): Deleted.
        (WebCore::addCrossOriginOwnPropertyNames): Deleted.
        * bindings/js/JSLocationCustom.cpp:
        (WebCore::addCrossOriginLocationPropertyNames):
        (WebCore::addCrossOriginLocationOwnPropertyNames):
        (WebCore::JSLocation::getOwnPropertyNames):
        (WebCore::addCrossOriginPropertyNames): Deleted.
        (WebCore::addCrossOriginOwnPropertyNames): Deleted.

2017-07-10  Sam Weinig  <sam@webkit.org>

        [WebIDL] Convert MutationCallback to be a normal generate callback
        https://bugs.webkit.org/show_bug.cgi?id=174140

        Reviewed by Chris Dumez.

        To make this work more nicely, I:
        - Added the ability to for non-nullable interfaces in sequences to be passed
          via a Ref<> rather than a RefPtr<> as a parameter to a callback function.
          (e.g. callback MyCallback = void (sequence<Foo> foos) will now have the 
          signature, CallbackResult<void> handleEvent(const Vector<Ref<Foo>>&) rather
          than CallbackResult<void> handleEvent(const Vector<RefPtr<Foo>>&).
        - Added a new extended attribute for callback functions called [CallbackNeedsCanInvoke]
          that adds a virtual function called canInvoke() to the generated callback.
          All it does is forward to ActiveDOMCallback's canInvokeCallback, but it
          allows the implementation to get to it. We may one day want to move the 
          inheritance of ActiveDOMCallback from the generated source to the base class.
        - Added a new extended attribute for callback functions called [CallbackThisObject=Type]
          which allows you to specify that the callback needs a this object in addition
          to its arguments. When specified, the first argument of the C++ implementation
          function will now correspond to the this object, with the remaining arguments
          shifted over one.

        * DerivedSources.make:
        Add MutationCallback.

        * WebCore.xcodeproj/project.pbxproj:
        Remove non-generated JSMutationCallback.cpp, and add generated JSMutationCallback.cpp.

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::filterDeviceList):
        (WebCore::MediaDevicesRequest::start):
        * Modules/mediastream/MediaDevicesRequest.h:
        Switch to using Ref.

        * bindings/IDLTypes.h:
        Add InnerParameterType and NullableInnerParameterType type hooks
        and specialize wrappers to use Ref for InnerParameterType, and RefPtr
        for NullableInnerParameterType.

        * bindings/js/JSCallbackData.cpp:
        * bindings/js/JSCallbackData.h:
        Add support for passing a this object.

        * bindings/js/JSMutationCallback.cpp: Removed.
        * bindings/js/JSMutationCallback.h: Removed.
        Remove custom callback code.

        * bindings/js/JSMutationObserverCustom.cpp:
        (WebCore::constructJSMutationObserver): Deleted.
        Remove no longer needed custom constructor.

        * bindings/scripts/CodeGenerator.pm:
        (ParseType):
        Add helper to parse a type and cache the result.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateCallbackHeaderContent):
        (GenerateCallbackImplementationContent):
        Add support for [CallbackNeedsCanInvoke] and [CallbackThisObject]. When [CallbackThisObject]
        is not specified, use jsUndefined() as the this object as specified by WebIDL.

        * bindings/scripts/IDLAttributes.json:
        Add [CallbackNeedsCanInvoke] and [CallbackThisObject].

        * bindings/scripts/IDLParser.pm:
        (ParseType):
        Add entry point to parse a single type.

        * css/FontFaceSet.h:
        Switch to using Ref.

        * dom/MutationCallback.h:
        Update signatures.

        * dom/MutationCallback.idl: Added.
    
        * dom/MutationObserver.cpp:
        (WebCore::MutationObserver::canDeliver):
        (WebCore::MutationObserver::deliver):
        Switch to new signatures.

        * dom/MutationObserver.idl:
        Remove CustomConstructor.

        * page/IntersectionObserverCallback.h:
        Switch to using Ref.

        * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithThisObject.cpp: Added.
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithThisObject.h: Added.
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp:
        Add / update bindings tests.

2017-07-11  Said Abou-Hallawa  <sabouhallawa@apple.com>

        RenderImage should not add itself as a RelevantRepaintedObject if its image frame is being decoded
        https://bugs.webkit.org/show_bug.cgi?id=174336

        Reviewed by Simon Fraser.

        Since nothing will be drawn till the image frame finishes decoding we should
        treat returning ImageDrawResult::DidRequestDecoding from BitmapImage::draw
        the same as we do when the image is still loading.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintReplaced):
        (WebCore::RenderImage::paintIntoRect):
        * rendering/RenderImage.h:

2017-07-11  Youenn Fablet  <youenn@apple.com>

        [WebRTC] Hanging under LibWebRTCMediaEndpoint::getStats
        https://bugs.webkit.org/show_bug.cgi?id=174377

        Reviewed by Eric Carlson.

        No change of behavior.
        Moving calls to libwebrtc getStats in the signalling thread since doing it in the main thread
        would block the main thread until the signalling thread is ready to handle getStats.
        Reducing stat logging since this may be too much for some devices.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::getStats):
        (WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):
        (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered):
        (WebCore::LibWebRTCMediaEndpoint::startLoggingStats):

2017-07-11  Michael Catanzaro  <mcatanzaro@igalia.com>

        Remove unused OpenGL files
        https://bugs.webkit.org/show_bug.cgi?id=174371

        Reviewed by Timothy Hatcher.

        * platform/graphics/opengl/GLPlatformContext.cpp: Removed.
        * platform/graphics/opengl/GLPlatformContext.h: Removed.
        * platform/graphics/opengl/GLPlatformSurface.h: Removed.

2017-07-11  Chris Dumez  <cdumez@apple.com>

        Window's [[OwnPropertyKeys]] is wrong for cross origin windows
        https://bugs.webkit.org/show_bug.cgi?id=174364
        <rdar://problem/33238056>

        Reviewed by Brent Fulgham.

        Window's [[OwnPropertyKeys]] should not list descendant frame names
        when the window is cross-origin:
        - https://github.com/whatwg/html/pull/2777

        This aligns our behavior with Firefox and Chrome.

        No new tests, updated existing test.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::addCrossOriginPropertyNames):
        (WebCore::addCrossOriginOwnPropertyNames):
        (WebCore::JSDOMWindow::getOwnPropertyNames):

2017-07-11  Timothy Hatcher  <timothy@hatcher.name>

        Fix broken build when ENABLE_VIDEO is disabled.
        https://bugs.webkit.org/show_bug.cgi?id=174368

        Reviewed by Alex Christensen.

        * dom/Document.cpp:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::texSubImage2D):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:
        * testing/Internals.cpp:
        (WebCore::Internals::mediaResponseSources):
        (WebCore::Internals::mediaResponseContentRanges):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-07-11  Ali Juma  <ajuma@chromium.org>

        elementFromPoint() should consider x and y to be in client (layout viewport) coordinates
        https://bugs.webkit.org/show_bug.cgi?id=172019

        Reviewed by Simon Fraser.

        When visual viewports are enabled, this makes TreeScope::nodeFromPoint consider its
        input to be in client coordinates, and clips this input to the layout viewport. This change
        affects the behavior of document.elementFromPoint() and document.caretRangeFromPoint.

        No new tests. Modified an existing test, and made a previously-failing test pass on ios.

        * dom/TreeScope.cpp:
        (WebCore::TreeScope::nodeFromPoint):
        * page/FrameView.cpp:
        (WebCore::FrameView::layoutViewportToAbsoluteRect):
        (WebCore::FrameView::layoutViewportToAbsolutePoint):
        (WebCore::FrameView::clientToLayoutViewportPoint):
        * page/FrameView.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTest):

2017-07-11  Timothy Hatcher  <timothy@hatcher.name>

        Broken build when !USE(REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR)
        https://bugs.webkit.org/show_bug.cgi?id=174369

        Reviewed by Alex Christensen.

        * dom/ScriptedAnimationController.h: Include PlatformScreen.h.

2017-07-11  Wenson Hsieh  <wenson_hsieh@apple.com>

        Address post-review feedback after http://trac.webkit.org/r219310
        https://bugs.webkit.org/show_bug.cgi?id=174300
        <rdar://problem/33030639>

        Reviewed by Simon Fraser.

        Removes pan-gesture-related plumbing introduced in r219310 that is no longer necessary.

        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::scrollingTreeNodeWillStartPanGesture):
        (WebCore::ScrollingTree::scrollingTreeNodeDidEndPanGesture): Deleted.

2017-07-11  Alex Christensen  <achristensen@webkit.org>

        Reduce URL size
        https://bugs.webkit.org/show_bug.cgi?id=174319

        Reviewed by Andreas Kling.

        m_fragmentEnd is redundant information. If a URL is valid, then it is always m_string.length().
        If a URL is not valid, then it is always 0. Rather than storing additional information,
        deduce the fragment end from the validity of the URL and the String's length.

        No change in behavior.  This reduces sizeof(URL) from 56 to 48 and reduces operations when parsing.

        * platform/URL.cpp:
        (WebCore::URL::invalidate):
        (WebCore::URL::fragmentIdentifier):
        (WebCore::URL::hasFragmentIdentifier):
        (WebCore::URL::removeFragmentIdentifier):
        * platform/URL.h:
        (WebCore::URL::encode):
        (WebCore::URL::decode):
        (WebCore::URL::hasFragment):
        * platform/URLParser.cpp:
        (WebCore::URLParser::urlLengthUntilPart):
        (WebCore::URLParser::copyURLPartsUntil):
        (WebCore::URLParser::parse):
        (WebCore::URLParser::allValuesEqual):
        (WebCore::URLParser::internalValuesConsistent):

2017-07-11  Alex Christensen  <achristensen@webkit.org>

        SharedBuffer::size should return a size_t
        https://bugs.webkit.org/show_bug.cgi?id=174328

        Reviewed by Andreas Kling.

        No change in behaviour.

        * html/FTPDirectoryDocument.cpp:
        (WebCore::createTemplateDocumentData):
        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::handleProvisionalLoadFailure):
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::loadDataURL):
        * loader/ResourceLoader.h:
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::store):
        * loader/cache/CachedScript.cpp:
        (WebCore::CachedScript::script):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::tryCreateArrayBuffer):
        * platform/SharedBuffer.h:

2017-07-11  Per Arne Vollan  <pvollan@apple.com>

        [Win] Build error when building WebCore from WebCore.proj project file.
        https://bugs.webkit.org/show_bug.cgi?id=174330

        Reviewed by Brent Fulgham.

        The CMake variable PAL_DIR should be set in the project file.

        * WebCore.vcxproj/WebCore.proj:

2017-05-24  Sergio Villar Senin  <svillar@igalia.com>

        [SVG] Leak in SVGAnimatedListPropertyTearOff
        https://bugs.webkit.org/show_bug.cgi?id=172545

        Reviewed by Said Abou-Hallawa.

        SVGAnimatedListPropertyTearOff maintains a vector m_wrappers with references to
        SVGPropertyTraits<PropertyType>::ListItemTearOff. Apart from that SVGPropertyTearOff has a
        reference to SVGAnimatedProperty.

        When SVGListProperty::getItemValuesAndWrappers() is called, it creates a
        SVGPropertyTraits<PropertyType>::ListItemTearOff pointing to the same SVGAnimatedProperty (a
        SVGAnimatedListPropertyTearOff) which stores the m_wrappers vector where the ListItemTearOff
        is going to be added to. This effectively creates a reference cycle between the
        SVGAnimatedListPropertyTearOff and all the ListItemTearOff it stores in m_wrappers.

        We should detach those wrappers in propertyWillBeDeleted() in order to break the cycle.

        * svg/properties/SVGAnimatedListPropertyTearOff.h:

2017-07-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] Spin buttons on input type number appear over the value itself for small widths
        https://bugs.webkit.org/show_bug.cgi?id=173572

        Reviewed by Carlos Garcia Campos.

        When drawing the spin buttons, override the width of the input
        element to increment it with the width of the spin button.
        This ensures that we don't end up covering the input values with
        the spin buttons.

        Do this also for user controlled styles, because most web authors
        won't test how their site renders on WebKitGTK+, and they will
        assume spin buttons in the order of 13 pixels wide (that is what
        most browsers use), but the GTK+ spin button is much wider (66 pixels).

        Test: platform/gtk/fast/forms/number/number-size-spinbutton-nocover.html

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::adjustTextFieldStyle): Call the theme's adjustTextFieldStyle() also for user controlled styles.
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):

2017-07-11  Youenn Fablet  <youenn@apple.com>

        We should do ICE candidate filtering at the Document level
        https://bugs.webkit.org/show_bug.cgi?id=173861
        <rdar://problem/33122058>

        Reviewed by Eric Carlson.

        Tests: http/tests/webrtc/filtering-ice-candidate-cross-origin-frame.html
               http/tests/webrtc/filtering-ice-candidate-same-origin-frame.html
               http/tests/webrtc/filtering-ice-candidate-same-origin-frame2.html
               webrtc/filtering-ice-candidate-after-reload.html

        Making UserMediaRequest disable the ICE candidate filtering for the page RTCController.
        All RTCPeerConnection of the page that are created on a document that are same-origin as the top document
        are now registered to the RTCController.
        This allows disabling filtering to only these RTCPeerConnection.

        The page keeps the default ICE candidate filtering policy.
        This policy allows disabling ICE candidate filtering for all RTCPeerConnection.

        When the top document is changing, the RTCController filtering policy is reset
        and its list of RTCPeerConnection is emptied.

        Internals no longer disables ICE candidate filtering by default.
        This allows finer grained testing.
        ICE candidate filtering is disabled for tests including testharnessreport.js
        to enable web-platform-tests to run without modifications.

        * Modules/mediastream/RTCController.cpp:
        (WebCore::RTCController::reset):
        * Modules/mediastream/RTCController.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        * page/Frame.cpp:
        (WebCore::Frame::setDocument):
        * page/Page.cpp:
        (WebCore::Page::disableICECandidateFiltering):
        * page/Page.h:
        (WebCore::Page::shouldEnableICECandidateFilteringByDefault):
        (WebCore::Page::disableICECandidateFiltering): Deleted.
        (WebCore::Page::enableICECandidateFiltering): Deleted.
        (WebCore::Page::isICECandidateFilteringEnabled): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::setICECandidateFiltering):
        (WebCore::Internals::setEnumeratingAllNetworkInterfacesEnabled):
        (WebCore::Internals::isICECandidateFilteringEnabled): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-07-11  Sergio Villar Senin  <svillar@igalia.com>

        Unreviewed, rolling out r219325.

        The test is still flaky

        Reverted changeset:

        "[SVG] Leak in SVGAnimatedListPropertyTearOff"
        https://bugs.webkit.org/show_bug.cgi?id=172545
        http://trac.webkit.org/changeset/219325

2017-05-24  Sergio Villar Senin  <svillar@igalia.com>

        [SVG] Leak in SVGAnimatedListPropertyTearOff
        https://bugs.webkit.org/show_bug.cgi?id=172545

        Reviewed by Said Abou-Hallawa.

        SVGAnimatedListPropertyTearOff maintains a vector m_wrappers with references to
        SVGPropertyTraits<PropertyType>::ListItemTearOff. Apart from that SVGPropertyTearOff has a
        reference to SVGAnimatedProperty.

        When SVGListProperty::getItemValuesAndWrappers() is called, it creates a
        SVGPropertyTraits<PropertyType>::ListItemTearOff pointing to the same SVGAnimatedProperty (a
        SVGAnimatedListPropertyTearOff) which stores the m_wrappers vector where the ListItemTearOff
        is going to be added to. This effectively creates a reference cycle between the
        SVGAnimatedListPropertyTearOff and all the ListItemTearOff it stores in m_wrappers.

        We should detach those wrappers in propertyWillBeDeleted() in order to break the cycle.

        * svg/properties/SVGAnimatedListPropertyTearOff.h:

2017-07-10  Simon Fraser  <simon.fraser@apple.com>

        [WK2 iOS] REGRESSION (r216803) During momentum scroll, getBoundingClientRect returns wrong coordinates (missing images on pinterest, elle.com and many other sites)
        https://bugs.webkit.org/show_bug.cgi?id=174286
        rdar://problem/32864180

        Reviewed by Dean Jackson.

        r216803 made getBoundingClientRects relative to the layout viewport, but when scrolling we
        only update that on stable viewport updates (at the end of the scroll). This meant that during
        unstable updates, getBoundingClientRects() used a "frozen" viewport origin so things on-screen
        would appear to be off-screen, causing sites to fail to dynamically load images etc. when
        scrolling.

        Fix by pushing an optional "unstable" layout viewport rect onto FrameView, which gets used by
        FrameView::documentToClientOffset(). This is cleared when we do a stable update.

        This is a short-term solution. Longer term, I would prefer to always call setLayoutViewportOverrideRect(),
        but fix the scrolling tree logic to work correctly in this case.

        Add a bit more scrolling logging.

        Test: fast/visual-viewport/ios/get-bounding-client-rect-unstable.html

        * page/FrameView.cpp:
        (WebCore::FrameView::setUnstableLayoutViewportRect):
        (WebCore::FrameView::documentToClientOffset):
        * page/FrameView.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::reconcileScrollingState):
        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::updateConstraints):
        (WebCore::ScrollingStateFixedNode::reconcileLayerPositionForViewportRect):

2017-07-10  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Prune statistics in orders of importance
        https://bugs.webkit.org/show_bug.cgi?id=174215
        <rdar://problem/33164403>

        Reviewed by Chris Dumez.

        Test: http/tests/loading/resourceLoadStatistics/prune-statistics.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::reduceTimeResolution):
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
            Now all set the new statistics field lastSeen.
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode):
        (WebCore::ResourceLoadStatistics::decode):
        (WebCore::ResourceLoadStatistics::toString):
        (WebCore::ResourceLoadStatistics::merge):
            Handling of the new statistics field lastSeen.
        * loader/ResourceLoadStatistics.h:

2017-07-10  Devin Rousso  <drousso@apple.com>

        Web Inspector: Highlight matching CSS canvas clients when hovering contexts in the Resources tab
        https://bugs.webkit.org/show_bug.cgi?id=174279

        Reviewed by Matt Baker.

        Test: inspector/dom/highlightNodeList.html

        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::highlightNodeList):

2017-07-10  Javier Fernandez  <jfernandez@igalia.com>

        [css-align][css-flex][css-grid] 'auto' values of align-self and justify-self must not be resolved
        https://bugs.webkit.org/show_bug.cgi?id=172707

        Reviewed by Antti Koivisto.

        The CSS Box Alignment specification has been changed recently so that
        now all the propeties have the specificed value as computed value. The
        rationale of this change are at the associated W3C github issue [1].

        This change implies that we don't need to execute the StyleAdjuter
        logic we implemented specifically for supporting 'auto' values
        resolution for computed style. We can live now with resolution at
        layout time only.

        [1] https://github.com/w3c/csswg-drafts/issues/440

        No new tests, just updating the already defined tests.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): Removed
        * css/StyleResolver.h:
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::resolveCustomStyle):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::columnFlexItemHasStretchAlignment):
        (WebCore::RenderBox::hasStretchedLogicalWidth):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::styleDidChange): Added
        (WebCore::RenderFlexibleBox::alignmentForChild):
        * rendering/RenderFlexibleBox.h:

2017-07-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Ignore touch events that interrupt platform-driven momentum scrolling
        https://bugs.webkit.org/show_bug.cgi?id=174300
        <rdar://problem/33030639>

        Reviewed by Simon Fraser.

        See Source/WebKit2/ChangeLog for more detail.

        Tests: fast/events/ios/no-touch-events-when-stopping-momentum-scroll-in-mainframe.html
               fast/events/ios/no-touch-events-when-stopping-momentum-scroll-in-overflow.html
               fast/events/ios/touch-events-during-scroll-deceleration-in-overflow.html

        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::scrollingTreeNodeDidEndPanGesture):

2017-07-10  Jeremy Jones  <jeremyj@apple.com>

        Captions and subtitles not showing up in picture-in-picture for MSE content
        https://bugs.webkit.org/show_bug.cgi?id=174317
        rdar://problem/33188591

        Reviewed by Eric Carlson.

        Reverts a regression created by r218403.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):

2017-07-10  Per Arne Vollan  <pvollan@apple.com>

        [Win] Link error when building WTF from WTF.proj project file.
        https://bugs.webkit.org/show_bug.cgi?id=174316
        <rdar://problem/33178200>

        Reviewed by Brent Fulgham.

        WTF_CPU_X86 cmake variable needs to be set for link libraries directories to be correct.

        * WebCore.vcxproj/WebCore.proj:

2017-07-10  Jeremy Jones  <jeremyj@apple.com>

        media element handle adding source immediately before src.
        https://bugs.webkit.org/show_bug.cgi?id=174284
        rdar://problem/33115439

        Reviewed by David Kilzer.

        Test: media/video-source-before-src.html

        Adding a source causes a selectMediaResource block to be enqueued.
        If dataLoadingPermitted prevents creating the m_player but sets the srcAttr, then
        the enqueued selectMediaResource will be in a bad state, with a srcAttr but no m_player.

        This fix prevents selectMediaResource from being called, if data loading is not permitted
        when adding a source element, to match how it prevents player creation when setting srcAttr.

        This fix also adds a debug assert to catch the problem earlier and adds an early return to
        prevent the crash in release builds.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::selectMediaResource):
        (WebCore::HTMLMediaElement::sourceWasAdded):

2017-07-10  Megan Gardner  <megan_gardner@apple.com>

        Add location to NavigationActionData
        https://bugs.webkit.org/show_bug.cgi?id=174233
        <rdar://problem/29165518>

        Reviewed by Simon Fraser.
        
        Add the root view location of a tap to a NavigationAction to vend to Safari.

        Test: small enough change to not be tested alone.

        * dom/MouseRelatedEvent.cpp:
        (WebCore::MouseRelatedEvent::absoluteLocationConvertedToRootView):
        * dom/MouseRelatedEvent.h:

2017-07-10  Sam Weinig  <sam@webkit.org>

        [WebIDL] Move plugin object customization into the generator
        https://bugs.webkit.org/show_bug.cgi?id=174238

        Reviewed by Chris Dumez.

        - Added [Plugin] extended attribute to forward the necessary hooks
          for get/set/delete to the plugin code.
        - Removed [CustomNamedSetter] and replaced it's remaining uses
          [CustomPut] (formally called [CustomPutFunction]).
        - Renamed [CustomNamedGetterOnPrototype] to [CustomPutOnPrototype]
          because that is actually what it does.
        - Removed [CustomGetOwnPropertySlotByIndex] and made 
          [CustomGetOwnPropertySlot] imply it, as the other custom hooks
          do.
        - Renamed [CustomEnumerateProperty] to [CustomGetOwnPropertyNames]
          to conform with other attribute names.
        - Renamed [CustomCall] to [CustomGetCallData] to conform with other 
          attribute names.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSHTMLAppletElementCustom.cpp: Removed.
        * bindings/js/JSHTMLEmbedElementCustom.cpp: Removed.
        * bindings/js/JSHTMLObjectElementCustom.cpp: Removed.
        Remove custom bindings.

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::putCommon):
        (WebCore::JSCSSStyleDeclaration::put):
        (WebCore::JSCSSStyleDeclaration::putByIndex):
        (WebCore::JSCSSStyleDeclaration::putDelegate): Deleted.
        Use [CustomPut] rather than [CustomNamedSetter] to allow us
        to get rid of [CustomNamedSetter]. Reuse put delegate as
        common code to share between put and putByIndex.

        * bindings/js/JSLocationCustom.cpp:
        (WebCore::getOwnPropertySlotCommon):
        (WebCore::JSLocation::getOwnPropertySlot):
        (WebCore::JSLocation::getOwnPropertySlotByIndex):
        Replace [CustomGetOwnPropertySlotAndDescriptor] with [CustomGetOwnPropertySlot]
        which is more clear and reduces the number of variants of this hook override
        we need.

        (WebCore::putCommon):
        (WebCore::JSLocation::put):
        (WebCore::JSLocation::putByIndex):
        Use [CustomPut] rather than [CustomNamedSetter] to allow us
        to get rid of [CustomNamedSetter]. Reuse put delegate as
        common code to share between put and putByIndex.

        (WebCore::JSLocationPrototype::put):
        [CustomPutOnPrototype] (which weirdly used incorrectly be called 
        [CustomNamedGetterOnPrototype]) now works like [CustomPut] meaning
        you need to call Base.

        * bindings/js/JSPluginElementFunctions.cpp:
        (WebCore::pluginElementPropertyGetter):
        (WebCore::pluginElementCustomGetOwnPropertySlot):
        (WebCore::pluginElementCustomPut):
        * bindings/js/JSPluginElementFunctions.h:
        (WebCore::pluginElementCustomGetOwnPropertySlot): Deleted.
        Remove templatized pluginElementCustomGetOwnPropertySlot, which was 
        completely unnecessary and merge its functionality into the out of
        line overload. Remove pluginElementPropertyGetter from the header,
        since it is only used in implementation, and unify the naming and
        argument position (JSHTMLElement* comes first) of the hooks.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateIndexedGetter):
        (GenerateNamedGetter):
        (GenerateGetOwnPropertySlot):
        (GenerateGetOwnPropertySlotByIndex):
        (GenerateGetOwnPropertyNames):
        (GeneratePut):
        (GeneratePutByIndex):
        (GenerateDeleteProperty):
        (GenerateDeletePropertyByIndex):
        (GenerateNamedDeleterDefinition):
        (InstanceOverridesGetOwnPropertySlot):
        (InstanceOverridesGetOwnPropertyNames):
        (InstanceOverridesPut):
        (InstanceOverridesDeleteProperty):
        (GenerateHeader):
        (GenerateImplementation):
        (GenerateGetCallData):
        (GeneratePluginCall):
        (GenerateLegacyCallerDefinitions):
        (GenerateLegacyCallerDefinition):
        (GeneratePrototypeDeclaration):
        (InstanceOverridesGetCallData):
        (HeaderNeedsPrototypeDeclaration):
        - Add support for [Plugin]
        - Remove support for [CustomNamedSetter]
        - Replace [CustomGetOwnPropertySlotByIndex] with [CustomGetOwnPropertySlot]
        - Replace [CustomEnumerateProperty] with [CustomGetOwnPropertyNames]
        - Replace [CustomPutFunction] with [CustomPut].
        - Make subroutine names more consistent (remove a few Definition suffixes)

        * bindings/scripts/IDLAttributes.json:
        Update for new / removed attributes.

        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestPluginInterface.cpp: Added.
        * bindings/scripts/test/JS/JSTestPluginInterface.h: Added.
        * bindings/scripts/test/TestInterface.idl:
        * bindings/scripts/test/TestPluginInterface.idl: Added.
        Update / add tests.

        * css/CSSStyleDeclaration.idl:
        * html/HTMLAppletElement.idl:
        * html/HTMLEmbedElement.idl:
        * html/HTMLObjectElement.idl:
        * page/DOMWindow.idl:
        * page/Location.idl:
        * storage/Storage.idl:
        Update for new / renamed attributes.

2017-07-03  Brian Burg  <bburg@apple.com>

        Web Replay: remove some unused code
        https://bugs.webkit.org/show_bug.cgi?id=173903

        Rubber-stamped by Joseph Pecoraro.

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig:
        * DerivedSources.make:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::lastModified):
        (WebCore::Document::inputCursor): Deleted.
        (WebCore::Document::setInputCursor): Deleted.
        * dom/Document.h:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willDispatchEventImpl):
        (WebCore::InspectorInstrumentation::willDispatchEventOnWindowImpl):
        (WebCore::InspectorInstrumentation::frameDetachedFromParentImpl):
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::sessionCreatedImpl): Deleted.
        (WebCore::InspectorInstrumentation::sessionLoadedImpl): Deleted.
        (WebCore::InspectorInstrumentation::sessionModifiedImpl): Deleted.
        (WebCore::InspectorInstrumentation::segmentCreatedImpl): Deleted.
        (WebCore::InspectorInstrumentation::segmentCompletedImpl): Deleted.
        (WebCore::InspectorInstrumentation::segmentLoadedImpl): Deleted.
        (WebCore::InspectorInstrumentation::segmentUnloadedImpl): Deleted.
        (WebCore::InspectorInstrumentation::captureStartedImpl): Deleted.
        (WebCore::InspectorInstrumentation::captureStoppedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackStartedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackPausedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackHitPositionImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackFinishedImpl): Deleted.
        (WebCore::InspectorInstrumentation::replayAgentEnabled): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::sessionCreated): Deleted.
        (WebCore::InspectorInstrumentation::sessionLoaded): Deleted.
        (WebCore::InspectorInstrumentation::sessionModified): Deleted.
        (WebCore::InspectorInstrumentation::segmentCreated): Deleted.
        (WebCore::InspectorInstrumentation::segmentCompleted): Deleted.
        (WebCore::InspectorInstrumentation::segmentLoaded): Deleted.
        (WebCore::InspectorInstrumentation::segmentUnloaded): Deleted.
        (WebCore::InspectorInstrumentation::captureStarted): Deleted.
        (WebCore::InspectorInstrumentation::captureStopped): Deleted.
        (WebCore::InspectorInstrumentation::playbackStarted): Deleted.
        (WebCore::InspectorInstrumentation::playbackPaused): Deleted.
        (WebCore::InspectorInstrumentation::playbackFinished): Deleted.
        (WebCore::InspectorInstrumentation::playbackHitPosition): Deleted.
        * inspector/InspectorReplayAgent.cpp: Removed.
        * inspector/InspectorReplayAgent.h: Removed.
        * inspector/InstrumentingAgents.cpp:
        (WebCore::InstrumentingAgents::reset):
        * inspector/InstrumentingAgents.h:
        (WebCore::InstrumentingAgents::inspectorReplayAgent): Deleted.
        (WebCore::InstrumentingAgents::setInspectorReplayAgent): Deleted.
        * page/EventHandler.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::replayController): Deleted.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::synchronousScrollingReasons):
        (WebCore::ScrollingCoordinator::replaySessionStateDidChange): Deleted.
        * page/scrolling/ScrollingCoordinator.h:
        * platform/Logging.h:
        * plugins/DOMMimeTypeArray.cpp:
        (WebCore::DOMMimeTypeArray::getPluginData):
        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::pluginData):
        * replay/AllReplayInputs.h: Removed.
        * replay/CapturingInputCursor.cpp: Removed.
        * replay/CapturingInputCursor.h: Removed.
        * replay/EventLoopInput.cpp: Removed.
        * replay/EventLoopInput.h: Removed.
        * replay/EventLoopInputDispatcher.cpp: Removed.
        * replay/EventLoopInputDispatcher.h: Removed.
        * replay/FunctorInputCursor.h: Removed.
        * replay/MemoizedDOMResult.cpp: Removed.
        * replay/MemoizedDOMResult.h: Removed.
        * replay/ReplayController.cpp: Removed.
        * replay/ReplayController.h: Removed.
        * replay/ReplayInputCreationMethods.cpp: Removed.
        * replay/ReplayInputDispatchMethods.cpp: Removed.
        * replay/ReplaySession.cpp: Removed.
        * replay/ReplaySession.h: Removed.
        * replay/ReplaySessionSegment.cpp: Removed.
        * replay/ReplaySessionSegment.h: Removed.
        * replay/ReplayingInputCursor.cpp: Removed.
        * replay/ReplayingInputCursor.h: Removed.
        * replay/SegmentedInputStorage.cpp: Removed.
        * replay/SegmentedInputStorage.h: Removed.
        * replay/SerializationMethods.cpp: Removed.
        * replay/SerializationMethods.h: Removed.
        * replay/WebInputs.json: Removed.

2017-07-10  Brady Eidson  <beidson@apple.com>

        Cleanup lifetime issues of UniqueIDBDatabase and IDBBackingStore.
        <rdar://problem/32908525> and https://bugs.webkit.org/show_bug.cgi?id=174244

        Reviewed by David Kilzer and Alex Christensen. 

        No targeted test possible, implicitly covered by all IDB tests.

        The original idea behind UniqueIDBDatabase lifetime was that they are ThreadSafeRefCounted and
        we take protector Refs when any operation that needs it alive is in flight.
        
        This added variability to their lifetime which made it difficult to enforce a few different 
        design invariants, namely:
            - UniqueIBDDatabase objects are always created and destroyed only on the main thread.
            - IDBBackingStore objects are always created and destroyed only on the database thread.
        
        This patch removes the ref counting and instead ties UniqueIDBDatabase lifetime to a
        std::unique_ptr that is owned by the IDBServer.
        
        Whenever any operations on the UniqueIDBDatabase are in flight it is kept alive by virtue
        of that unique_ptr in the IDBServer. Once a UniqueIDBDatabase is completely done with all of
        its work, the following happens:
            - On the main thread the IDBServer removes the unique_ptr owning the UniqueIDBDatabase
              from its map.
            - It hands the unique_ptr to the UniqueIDBDatabase itself, which schedules one final 
              database thread task.
            - That database thread task is to destroy the IDBBackingStore, kill its message queues,
              and then message back to the main thread for one final task.
            - That main thread task is to release the unique_ptr, resulting in destruction of the
              UniqueIDBDatabase object.
        
        This is safe, predictable, solves the lifetime issues that r218516 originally tried to solve,
        and solves the lifetime issues that r218516 introduced.

        (This patch also adds many more assertions to cover various design invariants throughout the
        lifecycle of a particular UniqueIDBDatabase)

        ASSERT that IDBBackingStores are only ever created and destroyed on the background thread:
        * Modules/indexeddb/server/IDBBackingStore.h:
        (WebCore::IDBServer::IDBBackingStore::~IDBBackingStore):
        (WebCore::IDBServer::IDBBackingStore::IDBBackingStore):
        
        Transition UniqueIDBDatabase ownership from a RefPtr to a std::unique_ptr:
        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::getOrCreateUniqueIDBDatabase):
        (WebCore::IDBServer::IDBServer::closeAndTakeUniqueIDBDatabase):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
        (WebCore::IDBServer::IDBServer::closeUniqueIDBDatabase): Deleted.
        * Modules/indexeddb/server/IDBServer.h:
        
        Make all the other changes mentioned above:
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase): Bulk up on ASSERTs
        (WebCore::IDBServer::UniqueIDBDatabase::openDatabaseConnection): 
        (WebCore::IDBServer::UniqueIDBDatabase::performUnconditionalDeleteBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose):
        (WebCore::IDBServer::UniqueIDBDatabase::shutdownForClose):
        (WebCore::IDBServer::UniqueIDBDatabase::didShutdownForClose):
        (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::handleCurrentOperation):
        (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::performPrefetchCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired):
        (WebCore::IDBServer::UniqueIDBDatabase::activateTransactionInBackingStore):
        (WebCore::IDBServer::UniqueIDBDatabase::transactionCompleted):
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTask):
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply):
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
        (WebCore::IDBServer::UniqueIDBDatabase::maybeFinishHardClose):
        (WebCore::IDBServer::UniqueIDBDatabase::isDoneWithHardClose):
        (WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformUnconditionalDeleteBackingStore): Deleted.
        * Modules/indexeddb/server/UniqueIDBDatabase.h:
        (WebCore::IDBServer::UniqueIDBDatabase::create): Deleted.

2017-07-10  Chris Dumez  <cdumez@apple.com>

        Further WebResourceLoadStatisticsStore / ResourceLoadStatisticsStore clean up
        https://bugs.webkit.org/show_bug.cgi?id=174301

        Reviewed by Brent Fulgham.

        Moved some generic file system utility functions down to platform's FileSystem.h.

        * platform/FileSystem.cpp:
        (WebCore::openAndLockFile):
        (WebCore::unlockAndCloseFile):
        * platform/FileSystem.h:

2017-07-10  Andreas Kling  <akling@apple.com>

        REGRESSION(r210226): Keyboard-focused element not preserved when navigating back through page cache, causing multiple elements to have focus
        https://bugs.webkit.org/show_bug.cgi?id=174302
        <rdar://problem/33204273>

        Reviewed by Antti Koivisto.

        Don't clear the active/hovered/focused elements when destroying the render tree,
        since we might need to reconstruct it later, and would like to remember which
        elements those were.

        Only the focused state actually stuck when going in and out of the page cache,
        but this patch removes all the element pointer clearing for consistency.

        Test: fast/history/page-cache-element-state-focused.html

        * dom/Document.cpp:
        (WebCore::Document::destroyRenderTree):

2017-07-10  Daniel Bates  <dabates@apple.com>

        REGRESSION (r218616): Cannot build WebCore for macOS 10.12 with macOS 10.13 SDK
        https://bugs.webkit.org/show_bug.cgi?id=173939

        Reviewed by Dan Bernstein.

        (The code in this change was either suggested or written by Dan Bernstein with a very
        minor adjustment to get it to build).

        Allow WebCore to link even though CTFontCreatePhysicalFontForCharactersWithLanguage() is
        undefined when building against the macOS 10.13 SDK targeting macOS 10.12. Let the dynamic
        linker resolve the undefined symbol.

        For completeness the SPI CTFontCreatePhysicalFontForCharactersWithLanguage() was removed
        from the macOS 10.13 SDK.

        * Configurations/WebCore.xcconfig: Tell the linker that CTFontCreatePhysicalFontForCharactersWithLanguage()
        can be undefined when building against macOS 10.13 or later SDK.
        * platform/spi/cocoa/CoreTextSPI.h: Annotate CTFontCreatePhysicalFontForCharactersWithLanguage()
        with its availability information.

2017-07-10  Zalan Bujtas  <zalan@apple.com>

        Block of text is missing in iBooks sample books.
        https://bugs.webkit.org/show_bug.cgi?id=174295
        <rdar://problem/32955620>

        Reviewed by Antti Koivisto.

        In the simple line layout context, translating y coordinate to a line index is
        normally just a (y / line height) operation. However in case of strut offsets (pagination)
        we need to take these extra paddings into account while resolving the line index.
        This patch fixes the boundary checking for a given line by using the font size only
        when the font is taller than the line.

        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::adjustLineIndexForStruts):

2017-07-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] SoupCookieJar is never released (resulting in sqlite temp files lying around)
        https://bugs.webkit.org/show_bug.cgi?id=166029

        Reviewed by Michael Catanzaro.

        Add clearSoupNetworkSessionAndCookieStorage() to clear the SoupNetworkSession and cookie storage of the main
        network session, ensuring the cookies database is properly closed.

        * platform/network/NetworkStorageSession.h:
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::clearSoupNetworkSessionAndCookieStorage):

2017-07-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        Move make-js-file-arrays.py from WebCore to JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=174024

        Reviewed by Michael Catanzaro.

        * CMakeLists.txt: Explicitly add files generated by MAKE_JS_FILE_ARRAYS to the build, since the macro no longer
        does it.
        * DerivedSources.make: Updated to use make-js-file-arrays.py from JavaScriptCore. It's no longer needed to set
        PYTHON_PATH to find jsmin.py.

2017-07-10  Charlie Turner  <cturner@igalia.com>

        [GTK] http/tests/media/video-redirect.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=174260

        Reviewed by Carlos Garcia Campos.

        Make sure we're testing new URLs within the same security origin.

        Covered by existing tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::convertToInternalProtocol): Factor out setting our
        internal URL schema.
        (WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL): Use the
        refactored helper.
        (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation): Use
        refactored helper to ensure both URLs have the same origin.

2017-07-08  John Wilander  <wilander@apple.com>

        Resource Load Statistics: User interaction should always go to top document
        https://bugs.webkit.org/show_bug.cgi?id=174120
        <rdar://problem/33117899>

        Reviewed by Chris Dumez.

        Test: http/tests/loading/resourceLoadStatistics/user-interaction-in-cross-origin-sub-frame.html

        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):
            Now logs user interaction for the top document.
        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setThrottledObserverNotifications):
            Test infrastructure.
        (WebCore::ResourceLoadObserver::setNotificationCallback):
            Callback now takes a ResourceLoadObserver::NotificationType.
        (WebCore::ResourceLoadObserver::logFrameNavigation):
            Submits the configured ResourceLoadObserver::NotificationType.
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
            Submits the configured ResourceLoadObserver::NotificationType.
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
            Submits the configured ResourceLoadObserver::NotificationType.
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
            Submits the configured ResourceLoadObserver::NotificationType.
        * loader/ResourceLoadObserver.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
            Resets to throttled notifications.
        (WebCore::Internals::setResourceLoadStatisticsThrottledObserverNotifications):
            Test infrastructure.
        * testing/Internals.h:
        * testing/Internals.idl:
            Added internals.setResourceLoadStatisticsThrottledObserverNotifications().

2017-07-09  Brady Eidson  <beidson@apple.com>

        Remove some obsolete WebKitVersionChecks.
        https://bugs.webkit.org/show_bug.cgi?id=174294

        Reviewed by Dan Bernstein.

        No new tests (No change to testable behavior)

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::dispatchErrorEvent):
        
        * page/Settings.in:
        
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isOkCupid): Deleted.
        (WebCore::IOSApplication::isFacebook): Deleted.
        
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::layoutOverflowRectForPropagation):

2017-07-08  Brady Eidson  <beidson@apple.com>

        Remove some obsolete RuntimeApplicationChecks.
        https://bugs.webkit.org/show_bug.cgi?id=174293

        Reviewed by Dan Bernstein.

        No new tests (No change to testable behavior)

        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::parametersForPlugin):
        (WebCore::shouldNotPerformURLAdjustment): Deleted.

        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isDaijisenDictionary): Deleted.
        (WebCore::IOSApplication::isNASAHD): Deleted.
        (WebCore::IOSApplication::isTheEconomistOnIphone): Deleted.

        * platform/ios/wak/WebCoreThread.h:
        * platform/ios/wak/WebCoreThread.mm:
        (StartWebThread):
        (WebThreadSetDelegateSourceRunLoopMode): Deleted.

2017-07-08  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Safe access and life cycle management of bare Curl handle
        by wrapping with C++ class
        https://bugs.webkit.org/show_bug.cgi?id=174002

        Reviewed by Alex Christensen.

        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::setCookiesFromDOM):
        (WebCore::cookiesForSession):
        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlContext::CurlContext):
        (WebCore::CurlContext::~CurlContext):
        (WebCore::CurlContext::initCookieSession):
        (WebCore::CurlShareHandle::CurlShareHandle):
        (WebCore::CurlShareHandle::~CurlShareHandle):
        (WebCore::CurlShareHandle::lockCallback):
        (WebCore::CurlShareHandle::unlockCallback):
        (WebCore::CurlShareHandle::mutexFor):
        (WebCore::CurlMultiHandle::CurlMultiHandle):
        (WebCore::CurlMultiHandle::~CurlMultiHandle):
        (WebCore::CurlMultiHandle::addHandle):
        (WebCore::CurlMultiHandle::removeHandle):
        (WebCore::CurlMultiHandle::getFdSet):
        (WebCore::CurlMultiHandle::perform):
        (WebCore::CurlMultiHandle::readInfo):
        (WebCore::CurlHandle::CurlHandle):
        (WebCore::CurlHandle::~CurlHandle):
        (WebCore::CurlHandle::perform):
        (WebCore::CurlHandle::pause):
        (WebCore::CurlHandle::enableShareHandle):
        (WebCore::CurlHandle::setPrivateData):
        (WebCore::CurlHandle::setUrl):
        (WebCore::CurlHandle::clearUrl):
        (WebCore::CurlHandle::clearRequestHeaders):
        (WebCore::CurlHandle::appendRequestHeader):
        (WebCore::CurlHandle::enableRequestHeaders):
        (WebCore::CurlHandle::enableHttpGetRequest):
        (WebCore::CurlHandle::enableHttpHeadRequest):
        (WebCore::CurlHandle::enableHttpPostRequest):
        (WebCore::CurlHandle::setPostFields):
        (WebCore::CurlHandle::setPostFieldLarge):
        (WebCore::CurlHandle::enableHttpPutRequest):
        (WebCore::CurlHandle::setInFileSizeLarge):
        (WebCore::CurlHandle::setHttpCustomRequest):
        (WebCore::CurlHandle::enableAcceptEncoding):
        (WebCore::CurlHandle::enableAllowedProtocols):
        (WebCore::CurlHandle::enableFollowLocation):
        (WebCore::CurlHandle::enableAutoReferer):
        (WebCore::CurlHandle::enableHttpAuthentication):
        (WebCore::CurlHandle::setHttpAuthUserPass):
        (WebCore::CurlHandle::enableCAInfoIfExists):
        (WebCore::CurlHandle::setSslVerifyPeer):
        (WebCore::CurlHandle::setSslVerifyHost):
        (WebCore::CurlHandle::setSslCert):
        (WebCore::CurlHandle::setSslCertType):
        (WebCore::CurlHandle::setSslKeyPassword):
        (WebCore::CurlHandle::enableCookieJarIfExists):
        (WebCore::CurlHandle::setCookieList):
        (WebCore::CurlHandle::getCookieList):
        (WebCore::CurlHandle::clearCookieList):
        (WebCore::CurlHandle::enableProxyIfExists):
        (WebCore::CurlHandle::enableTimeout):
        (WebCore::CurlHandle::setHeaderCallbackFunction):
        (WebCore::CurlHandle::setWriteCallbackFunction):
        (WebCore::CurlHandle::setReadCallbackFunction):
        (WebCore::CurlHandle::setSslCtxCallbackFunction):
        (WebCore::CurlHandle::getEffectiveURL):
        (WebCore::CurlHandle::getPrimaryPort):
        (WebCore::CurlHandle::getResponseCode):
        (WebCore::CurlHandle::getContentLenghtDownload):
        (WebCore::CurlHandle::getHttpAuthAvail):
        (WebCore::CurlHandle::getTimes):
        (WebCore::CurlHandle::maxCurlOffT):
        (WebCore::CurlHandle::expectedSizeOfCurlOffT):
        (WebCore::CurlHandle::enableVerboseIfUsed):
        (WebCore::CurlHandle::enableStdErrIfUsed):
        (WebCore::CurlContext::getEffectiveURL): Deleted.
        (WebCore::CurlContext::createMultiHandle): Deleted.
        (WebCore::CurlContext::mutexFor): Deleted.
        (WebCore::CurlContext::lock): Deleted.
        (WebCore::CurlContext::unlock): Deleted.
        * platform/network/curl/CurlContext.h:
        (WebCore::CurlGlobal::CurlGlobal):
        (WebCore::CurlGlobal::~CurlGlobal):
        (WebCore::CurlShareHandle::handle):
        (WebCore::CurlContext::shareHandle):
        (WebCore::CurlHandle::handle):
        (WebCore::CurlHandle::url):
        (WebCore::CurlContext::curlShareHandle): Deleted.
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::~CurlDownload):
        (WebCore::CurlDownload::init):
        (WebCore::CurlDownload::start):
        (WebCore::CurlDownload::cancel):
        (WebCore::CurlDownload::getUrl):
        (WebCore::CurlDownload::addHeaders):
        (WebCore::CurlDownload::didReceiveHeader):
        (WebCore::CurlDownload::writeCallback):
        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/CurlJobManager.cpp:
        (WebCore::CurlJobManager::CurlJobManager):
        (WebCore::CurlJobManager::~CurlJobManager):
        (WebCore::CurlJobManager::addToCurl):
        (WebCore::CurlJobManager::removeFromCurl):
        (WebCore::CurlJobManager::workerThread):
        * platform/network/curl/CurlJobManager.h:
        (WebCore::CurlJobManager::getMultiHandle): Deleted.
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandleInternal::~ResourceHandleInternal):
        (WebCore::ResourceHandle::platformSetDefersLoading):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
        (WebCore::calculateWebTimingInformations):
        (WebCore::handleLocalReceiveResponse):
        (WebCore::writeCallback):
        (WebCore::getProtectionSpace):
        (WebCore::headerCallback):
        (WebCore::readCallback):
        (WebCore::setupFormData):
        (WebCore::ResourceHandle::setupPUT):
        (WebCore::ResourceHandle::setupPOST):
        (WebCore::ResourceHandle::dispatchSynchronousJob):
        (WebCore::ResourceHandle::applyAuthentication):
        (WebCore::ResourceHandle::initialize):
        (WebCore::ResourceHandle::handleCurlMsg):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::ResourceHandleManager):
        (WebCore::ResourceHandleManager::~ResourceHandleManager):
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        (WebCore::ResourceHandleManager::removeFromCurl):
        (WebCore::ResourceHandleManager::startJob):
        * platform/network/curl/ResourceHandleManager.h:
        * platform/network/curl/SSLHandle.cpp:
        (WebCore::setSSLClientCertificate):
        (WebCore::certVerifyCallback):
        (WebCore::setSSLVerifyOptions):

2017-07-08  Antoine Quint  <graouts@apple.com>

        REGRESSION: "visibility:hidden" does not hide play button for video elements
        https://bugs.webkit.org/show_bug.cgi?id=174258
        <rdar://problem/33181452>

        Reviewed by Dean Jackson.

        In order to not have most styles from the page affect the shadow root, we set "all: initial" on the
        media controls container. However, we need to still make the "visibility" property inherit from its
        host such that "visibility: hidden" on the host won't be overridden by setting the property back to
        its initial value, which is "visible".

        Test: media/modern-media-controls/css/visibility-hidden.html

        * Modules/modern-media-controls/controls/media-controls.css:
        (.media-controls-container):

2017-07-08  Yusuke Suzuki  <utatane.tea@gmail.com>

        Drop NOSNIFF compile flag
        https://bugs.webkit.org/show_bug.cgi?id=174289

        Reviewed by Michael Catanzaro.

        * Configurations/FeatureDefines.xcconfig:
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        (WebCore::StyleSheetContents::notifyLoadedSheet):
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::mimeTypeAllowedByNosniff):
        (WebCore::CachedCSSStyleSheet::canUseSheet):
        * loader/cache/CachedCSSStyleSheet.h:
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseContentTypeOptionsHeader):
        * platform/network/HTTPParsers.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::isScriptAllowedByNosniff):
        * platform/network/ResourceResponseBase.h:
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::didReceiveResponse):

2017-07-07  Brent Fulgham  <bfulgham@apple.com>

        [WK2] Use a rolling 30-day uptime for processing statistics
        https://bugs.webkit.org/show_bug.cgi?id=174235
        <rdar://problem/33164381>

        Reviewed by Chris Dumez.

        Add a KeyedDecoder specialization for Deque.

        * platform/KeyedCoding.h:
        (WebCore::KeyedDecoder::decodeObjects):

2017-07-07  Daniel Bates  <dabates@apple.com>

        [AppCache] Ignore fallback entries whose namespace is not prefixed with manifest path
        https://bugs.webkit.org/show_bug.cgi?id=174273
        <rdar://problem/33011682>

        Reviewed by Brent Fulgham.

        As per <https://html.spec.whatwg.org/multipage/offline.html#parsing-cache-manifests> (07/06/2017)
        we should ignore fallback entires whose fallback namespace URL is not prefixed with
        the manifest path. For now we only apply this policy when the manifest is served with
        a non-standard Content-Type to minimize web compatibility risk.

        Test: http/tests/appcache/fallback-namespace-outside-manifest-path.html

        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::didFinishLoadingManifest): Pass the MIME type of the manifest.
        * loader/appcache/ManifestParser.cpp:
        (WebCore::manifestPath): Computes the manifest path from a manifest URL.
        (WebCore::parseManifest): Modified to take the MIME type of the manifest. If the MIME type is
        non-standard (i.e. not text/cached-manifest) then skip fallback entries whose namespace is not
        prefixed with the manifest path. Otherwise, process fallback entries as we do now. Also cleaned
        up the code a bit while I was here, including renaming a local variable to be more descriptive
        and using a const character array for the manifest signature to avoid the need to document the
        length of the manifest signature in a comment.
        * loader/appcache/ManifestParser.h:

2017-07-07  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] For cross-app drags, 'drop' event handlers are never invoked if dataTransfer.dropEffect is not set while dragging
        https://bugs.webkit.org/show_bug.cgi?id=174219
        <rdar://problem/32083177>

        Reviewed by Ryosuke Niwa.

        Currently, in DragController.cpp, defaultOperationForDrag maps a drag source operation mask of
        DragOperationGeneric to DragOperationMove across all platforms. However, on iOS, where cross-app drag moves do
        not trigger a drop, this means drop handlers won't fire unless the dropEffect is explicitly set to copy.

        To fix this, we introduce DragController::platformGenericDragOperation(), which returns DragOperationCopy on iOS
        and DragOperationMove (the existing behavior) elsewhere. defaultOperationForDrag then maps a drag source
        operation mask of DragOperationGeneric to platformGenericDragOperation().

        Tests:  DataInteractionTests.ExternalSourceHTMLToUploadArea
                DataInteractionTests.ExternalSourceImageAndHTMLToUploadArea
                DataInteractionTests.ExternalSourceMoveOperationNotAllowed

        * page/DragController.cpp:
        (WebCore::DragController::platformGenericDragOperation):
        (WebCore::defaultOperationForDrag):
        * page/DragController.h:
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::platformGenericDragOperation):

2017-07-07  Devin Rousso  <drousso@apple.com>

        Web Inspector: Show all elements currently using a given CSS Canvas
        https://bugs.webkit.org/show_bug.cgi?id=173965

        Reviewed by Joseph Pecoraro.

        Test: inspector/canvas/css-canvas-clients.html

        * css/CSSImageGeneratorValue.cpp:
        (WebCore::CSSImageGeneratorValue::addClient):
        (WebCore::CSSImageGeneratorValue::removeClient):
        * css/CSSImageGeneratorValue.h:
        (WebCore::CSSImageGeneratorValue::clients):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::addObserver):
        (WebCore::HTMLCanvasElement::removeObserver):
        (WebCore::HTMLCanvasElement::cssCanvasClients):
        Each time an observer is added/removed for a given HTMLCanvasElement, send an event to the
        inspector frontend that the CSS canvas client nodes have changed. Additionally, anytime a
        client/use is added/removed from one of the observing CSSCanvasValue, fire the same event.

        * css/CSSCanvasValue.h:
        (isType):
        * html/HTMLCanvasElement.h:
        (WebCore::CanvasObserver::isCSSCanvasValueObserver):
        Allows type traits to distinguish CanvasObserver from CSSCanvasValue::CanvasObserverProxy.

        * inspector/InspectorCanvasAgent.h:
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::requestCSSCanvasClientNodes):
        (WebCore::InspectorCanvasAgent::didChangeCSSCanvasClientNodes):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodes):
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didChangeCSSCanvasClientNodesImpl):
        Notify the frontend that the list of client nodes has changed for the given canvas. Let the
        frontend request the actual list of node IDs when it needs, possibly at a later time.

2017-07-07  Jer Noble  <jer.noble@apple.com>

        AVPlayer can continue to be active after released by MediaPlayerPrivateAVFoundationObjC.
        https://bugs.webkit.org/show_bug.cgi?id=174264

        Reviewed by Eric Carlson.

        If the AVPlayer is retained (by an autorelease pool, or internally by other objects in
        AVFoundation), releasing the AVPlayer is not enough to cancel loading or playback. So before
        releasing the AVPlayer, make sure to disassociate the current AVPlayerItem, which should
        cancel all activity in the AVPlayer.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):

2017-07-07  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Remove data url handler for async load
        https://bugs.webkit.org/show_bug.cgi?id=174263

        data url is handled by ResourceLoader. No need for specific handling
        in platform dependent layer.

        Reviewed by Alex Christensen.

        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::startJob):

2017-07-07  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219257.

        The test added in the revision was still extreamly flaky on
        all testers.

        Reverted changeset:

        "[SVG] Leak in SVGAnimatedListPropertyTearOff"
        https://bugs.webkit.org/show_bug.cgi?id=172545
        http://trac.webkit.org/changeset/219257

2017-07-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r219238, r219239, and r219241.
        https://bugs.webkit.org/show_bug.cgi?id=174265

        "fast/workers/dedicated-worker-lifecycle.html is flaky"
        (Requested by yusukesuzuki on #webkit).

        Reverted changesets:

        "[WTF] Implement WTF::ThreadGroup"
        https://bugs.webkit.org/show_bug.cgi?id=174081
        http://trac.webkit.org/changeset/219238

        "Unreviewed, build fix after r219238"
        https://bugs.webkit.org/show_bug.cgi?id=174081
        http://trac.webkit.org/changeset/219239

        "Unreviewed, CLoop build fix after r219238"
        https://bugs.webkit.org/show_bug.cgi?id=174081
        http://trac.webkit.org/changeset/219241

2017-05-24  Sergio Villar Senin  <svillar@igalia.com>

        [SVG] Leak in SVGAnimatedListPropertyTearOff
        https://bugs.webkit.org/show_bug.cgi?id=172545

        Reviewed by Said Abou-Hallawa.

        SVGAnimatedListPropertyTearOff maintains a vector m_wrappers with references to
        SVGPropertyTraits<PropertyType>::ListItemTearOff. Apart from that SVGPropertyTearOff has a
        reference to SVGAnimatedProperty.

        When SVGListProperty::getItemValuesAndWrappers() is called, it creates a
        SVGPropertyTraits<PropertyType>::ListItemTearOff pointing to the same SVGAnimatedProperty (a
        SVGAnimatedListPropertyTearOff) which stores the m_wrappers vector where the ListItemTearOff
        is going to be added to. This effectively creates a reference cycle between the
        SVGAnimatedListPropertyTearOff and all the ListItemTearOff it stores in m_wrappers.

        We should detach those wrappers in propertyWillBeDeleted() in order to break the cycle.

        * svg/properties/SVGAnimatedListPropertyTearOff.h:

2017-07-07  Charlie Turner  <cturner@igalia.com>

        [GStreamer] vid.me videos do not play
        https://bugs.webkit.org/show_bug.cgi?id=172240

        Reviewed by Xabier Rodriguez-Calvar.

        In r142251, code to hide the WK HTTP source elements from elsewhere in
        the pipeline was removed. This has the nasty side-effect of
        auto-plugging the WK HTTP source into things it really should not be
        used in, especially the adaptive streaming demuxers. The reasons this
        is bad are documented in several places on Bugzilla, see the parent
        bug report for more details. The high-level issue is that the WK HTTP
        source and its use of WebCore is not thread-safe. Although work has
        been recently done to improve this situation, it's still not perfect.

        Another issue is the interface hlsdemux expects its HTTP source to
        implement, specifically seeking in READY.

        This does rely on HTTP context sharing being available in GStreamer,
        upstream bug is here:
        https://bugzilla.gnome.org/show_bug.cgi?id=761099. The failing case
        can be demonstrated with
        https://github.com/thiagoss/adaptive-test-server but manual testing on
        popular video hosting sites, including vid.me, shows that this doesn't
        bite us at the moment, just something else to fix in the future.

        There are some QoS issues with the adaptive streaming code in
        GStreamer, but it seems much better to offer a below par QoS in lieu
        of crashing/livelocking when playing certain streams, and issues can be
        raised upstream when they arise.

        This patch does take us further away from the future goal of having all
        networking operations go through the network process, but in return it
        solves some nasty crashes and livelocks that have been irritating
        users for some time. With the pressure off on this issue, work can be
        planned to consider how to make the WK HTTP source a better citizen
        inside the GStreamer pipeline when we migrate the netcode to go
        through the network process.

        A new test is added to check that the single file HLS playlists
        (new in version 4) can be played, which was the primary cause of
        this bug report.

        Test: http/tests/media/hls/range-request.html

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL): Perform
        some trickery to make sure that we only ever fetch URLs handed to
        us by WebCore. Any further URLs discovered inside the pipeline
        will not get WKWS auto-plugged, since they'll be plain https?
        schemas.
        (WebCore::MediaPlayerPrivateGStreamer::load): Refactor to use the
        setPlaybinURL helper method.
        (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Add
        the setPlaybinURL helper method.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcGetProtocols): Only advertise webkit+https?, this
        ensures we won't get auto-plugged by pipeline elements asking for
        an element to fetch https? resources (like adaptive demuxers).
        (convertPlaybinURI): Undo the trick when another element asks us
        for our URI.

2017-07-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Implement WTF::ThreadGroup
        https://bugs.webkit.org/show_bug.cgi?id=174081

        Reviewed by Mark Lam.

        * page/ResourceUsageThread.h:

2017-07-06  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Clean up StringStatics.cpp by using LazyNeverDestroyed<> for Atoms
        https://bugs.webkit.org/show_bug.cgi?id=174150

        Reviewed by Mark Lam.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::captionDisplayMode):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::binaryType):
        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer):
        * accessibility/AccessibilityMediaControls.cpp:
        (WebCore::AccessibilityMediaControl::controlTypeName):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::language):
        (WebCore::AccessibilityObject::defaultLiveRegionStatusForRole):
        (WebCore::AccessibilityObject::actionVerb):
        (WebCore::AccessibilityObject::getAttribute):
        (WebCore::AccessibilityObject::placeholderValue):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::accessKey):
        (WebCore::AccessibilityObject::ariaLiveRegionRelevant):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::accessKey):
        (WebCore::AccessibilityRenderObject::actionVerb):
        * bindings/js/JSCustomElementInterface.cpp:
        (WebCore::JSCustomElementInterface::constructElementWithFallback):
        * bindings/js/JSCustomElementRegistryCustom.cpp:
        (WebCore::JSCustomElementRegistry::define):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDefaultValue):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringIsEmptyStringBody):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::selectorText):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::valueName):
        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorSpecificityInternal):
        (WebCore::CSSSelector::specificityForPage):
        (WebCore::CSSSelector::RareData::RareData):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::argument):
        * css/CSSSelectorList.cpp:
        (WebCore::SelectorNeedsNamespaceResolutionFunctor::operator()):
        * css/PageRuleCollector.cpp:
        (WebCore::checkPageSelectorComponents):
        * css/RuleSet.cpp:
        (WebCore::computeMatchBasedOnRuleHash):
        (WebCore::RuleSet::addRule):
        * css/SelectorChecker.cpp:
        (WebCore::tagMatches):
        * css/SelectorFilter.cpp:
        (WebCore::collectDescendantSelectorIdentifierHashes):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertStringOrAuto):
        (WebCore::StyleBuilderConverter::convertStringOrNone):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueWebkitLocale):
        (WebCore::StyleBuilderCustom::applyValueWebkitTextEmphasisStyle):
        (WebCore::StyleBuilderCustom::applyValueContent):
        (WebCore::StyleBuilderCustom::applyValueAlt):
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::StyleSheetContents):
        (WebCore::StyleSheetContents::namespaceURIFromPrefix):
        * css/makeprop.pl:
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::parsePageSelector):
        * css/parser/CSSSelectorParser.cpp:
        (WebCore::CSSSelectorParser::consumeCompoundSelector):
        (WebCore::CSSSelectorParser::consumeName):
        (WebCore::CSSSelectorParser::consumeAttribute):
        (WebCore::CSSSelectorParser::defaultNamespace):
        (WebCore::CSSSelectorParser::determineNamespace):
        (WebCore::CSSSelectorParser::prependTypeSelectorIfNeeded):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::attributeNameTestingRequiresNamespaceRegister):
        (WebCore::SelectorCompiler::equalTagNames):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasTagName):
        * dom/Attr.cpp:
        (WebCore::Attr::setPrefix):
        (WebCore::Attr::attachToElement):
        * dom/Attribute.h:
        (WebCore::Attribute::nameMatchesFilter):
        * dom/ConstantPropertyMap.cpp:
        (WebCore::ConstantPropertyMap::nameForProperty):
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getElementsByTagName):
        (WebCore::ContainerNode::getElementsByTagNameNS):
        * dom/CustomElementReactionQueue.cpp:
        (WebCore::CustomElementReactionQueue::enqueuePostUpgradeReactions):
        * dom/DatasetDOMStringMap.cpp:
        (WebCore::convertPropertyNameToAttributeName):
        * dom/Document.cpp:
        (WebCore::createUpgradeCandidateElement):
        (WebCore::Document::createElementForBindings):
        (WebCore::Document::importNode):
        (WebCore::Document::hasValidNamespaceForElements):
        (WebCore::Document::processBaseElement):
        (WebCore::Document::dir):
        (WebCore::Document::bgColor):
        (WebCore::Document::fgColor):
        (WebCore::Document::alinkColor):
        (WebCore::Document::linkColorForBindings):
        (WebCore::Document::vlinkColor):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::setBooleanAttribute):
        (WebCore::Element::synchronizeAttribute):
        (WebCore::Element::getAttribute):
        (WebCore::Element::getAttributeNS):
        (WebCore::Element::setAttribute):
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::didMoveToNewDocument):
        (WebCore::Element::setPrefix):
        (WebCore::Element::insertedInto):
        (WebCore::Element::removedFrom):
        (WebCore::Element::removeAttributeInternal):
        (WebCore::Element::addAttributeInternal):
        (WebCore::Element::removeAttributeNS):
        (WebCore::Element::getAttributeNodeNS):
        (WebCore::Element::hasAttributeNS):
        (WebCore::Element::computeInheritedLanguage):
        (WebCore::Element::updateNameForDocument):
        (WebCore::Element::updateIdForDocument):
        (WebCore::Element::didAddAttribute):
        (WebCore::Element::didRemoveAttribute):
        (WebCore::Element::cloneAttributesFromElement):
        * dom/Element.h:
        (WebCore::Element::attributeWithoutSynchronization):
        (WebCore::Element::idForStyleResolution):
        (WebCore::Element::getIdAttribute):
        (WebCore::Element::getNameAttribute):
        * dom/EventTarget.cpp:
        (WebCore::legacyType):
        * dom/MutationRecord.h:
        (WebCore::MutationRecord::attributeName):
        (WebCore::MutationRecord::attributeNamespace):
        * dom/NamedNodeMap.cpp:
        (WebCore::NamedNodeMap::removeNamedItemNS):
        * dom/Node.cpp:
        (WebCore::Node::prefix):
        (WebCore::Node::localName):
        (WebCore::Node::namespaceURI):
        (WebCore::Node::checkSetPrefix):
        (WebCore::locateDefaultNamespace):
        (WebCore::Node::isDefaultNamespace):
        (WebCore::Node::lookupNamespaceURI):
        (WebCore::locateNamespacePrefix):
        (WebCore::Node::lookupPrefix):
        * dom/NodeRareData.h:
        (WebCore::NodeListsNodeData::addCachedTagCollectionNS):
        (WebCore::NodeListsNodeData::addCachedCollection):
        (WebCore::NodeListsNodeData::cachedCollection):
        (WebCore::NodeListsNodeData::removeCacheWithAtomicName):
        (WebCore::NodeListsNodeData::removeCachedTagCollectionNS):
        (WebCore::NodeListsNodeData::removeCachedCollection):
        * dom/PseudoElement.cpp:
        (WebCore::pseudoElementTagName):
        * dom/QualifiedName.cpp:
        (WebCore::QualifiedName::init):
        (WebCore::nullQName):
        (WebCore::createQualifiedName):
        * dom/QualifiedName.h:
        (WebCore::QualifiedName::hasPrefix):
        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::executeSingleTagNameSelectorData):
        * dom/SlotAssignment.cpp:
        (WebCore::slotNameFromAttributeValue):
        * dom/SlotAssignment.h:
        (WebCore::SlotAssignment::defaultSlotName):
        (WebCore::ShadowRoot::didRemoveAllChildrenOfShadowHost):
        (WebCore::ShadowRoot::didChangeDefaultSlot):
        * dom/TagCollection.cpp:
        (WebCore::TagCollection::TagCollection):
        (WebCore::HTMLTagCollection::HTMLTagCollection):
        * dom/TagCollection.h:
        (WebCore::TagCollectionNS::elementMatches):
        * dom/make_names.pl:
        (printNamesCppFile):
        (printDefinitions):
        (printFactoryCppFile):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::removeNodeAttribute):
        * editing/Editing.cpp:
        (WebCore::createHTMLElement):
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
        (WebCore::MarkupAccumulator::shouldAddNamespaceElement):
        (WebCore::MarkupAccumulator::shouldAddNamespaceAttribute):
        (WebCore::MarkupAccumulator::appendNamespace):
        (WebCore::MarkupAccumulator::appendOpenTag):
        (WebCore::MarkupAccumulator::appendAttribute):
        * editing/gtk/EditorGtk.cpp:
        (WebCore::elementURL):
        * editing/markup.cpp:
        (WebCore::AttributeChange::AttributeChange):
        * html/Autocapitalize.cpp:
        (WebCore::stringForAutocapitalizeType):
        * html/Autofill.cpp:
        (WebCore::AutofillData::createFromHTMLFormControlElement):
        * html/DOMTokenList.h:
        (WebCore::DOMTokenList::item):
        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::name):
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::formControlType):
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::toggleOpen):
        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::isCaseSensitiveAttribute):
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::eventNameForEventHandlerAttribute):
        (WebCore::toValidDirValue):
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::name):
        (WebCore::HTMLInputElement::updateType):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::doesHaveAttribute):
        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::createForJSConstructor):
        * html/HTMLParamElement.cpp:
        (WebCore::HTMLParamElement::name):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::setMultiple):
        * html/HTMLTableCellElement.cpp:
        (WebCore::HTMLTableCellElement::scope):
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
        * html/LabelableElement.cpp:
        (WebCore::LabelableElement::labels):
        * html/LabelsNodeList.cpp:
        (WebCore::LabelsNodeList::~LabelsNodeList):
        * html/MediaController.cpp:
        (MediaController::playbackState):
        (eventNameForReadyState):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):
        * html/parser/AtomicHTMLToken.h:
        (WebCore::AtomicHTMLToken::initializeAttributes):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createElement):
        (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
        * html/parser/HTMLParserIdioms.cpp:
        (WebCore::stripLeadingAndTrailingHTMLSpaces):
        (WebCore::parseHTMLHashNameReference):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::createForeignAttributesMap):
        * html/track/InbandTextTrack.cpp:
        (WebCore::InbandTextTrack::InbandTextTrack):
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::id):
        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::captionMenuOffItem):
        (WebCore::TextTrack::captionMenuAutomaticItem):
        * html/track/TrackBase.cpp:
        (WebCore::MediaTrackBase::setKindInternal):
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::scroll):
        * html/track/WebVTTElement.cpp:
        (WebCore::nodeTypeToTagName):
        * html/track/WebVTTElement.h:
        * html/track/WebVTTToken.h:
        (WebCore::WebVTTToken::StartTag):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        * loader/FrameLoader.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::clearFailedLoadURL):
        * loader/NavigationAction.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::showModalDialog):
        * page/EventHandler.cpp:
        (WebCore::eventNameForTouchPointState):
        * page/FrameTree.cpp:
        (WebCore::FrameTree::setName):
        (WebCore::FrameTree::clearName):
        * page/Page.cpp:
        (WebCore::Page::groupName):
        * platform/graphics/ComplexTextController.cpp:
        (WebCore::ComplexTextController::offsetForPosition):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::alternateFamilyName):
        * platform/graphics/FontDescription.h:
        (WebCore::FontCascadeDescription::initialLocale):
        * platform/graphics/FontGenericFamilies.cpp:
        (WebCore::genericFontFamilyForScript):
        * platform/graphics/InbandTextTrackPrivate.h:
        (WebCore::InbandTextTrackPrivate::inBandMetadataTrackDispatchType):
        * platform/graphics/TrackPrivateBase.h:
        (WebCore::TrackPrivateBase::id):
        (WebCore::TrackPrivateBase::label):
        (WebCore::TrackPrivateBase::language):
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::id):
        (WebCore::AVTrackPrivateAVFObjCImpl::label):
        (WebCore::AVTrackPrivateAVFObjCImpl::language):
        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.h:
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
        (WebCore::InbandTextTrackPrivateAVCF::label):
        (WebCore::InbandTextTrackPrivateAVCF::language):
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.cpp:
        (WebCore::InbandTextTrackPrivateLegacyAVCF::label):
        (WebCore::InbandTextTrackPrivateLegacyAVCF::language):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
        (WebCore::InbandTextTrackPrivateAVFObjC::label):
        (WebCore::InbandTextTrackPrivateAVFObjC::language):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
        (WebCore::InbandTextTrackPrivateLegacyAVFObjC::label):
        (WebCore::InbandTextTrackPrivateLegacyAVFObjC::language):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::metadataType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/graphics/gstreamer/InbandMetadataTextTrackPrivateGStreamer.h:
        (WebCore::InbandMetadataTextTrackPrivateGStreamer::create):
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/mediastream/AudioTrackPrivateMediaStream.h:
        * platform/mediastream/RealtimeMediaSourceSettings.cpp:
        (WebCore::RealtimeMediaSourceSettings::facingMode):
        * platform/mediastream/VideoTrackPrivateMediaStream.h:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::linkSuggestedFilename):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::markerText):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::previousOffset):
        (WebCore::RenderText::nextOffset):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextAndEmphasisMarksIfNeeded):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::textEmphasisMarkString):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::initialHyphenationString):
        (WebCore::RenderStyle::initialTextEmphasisCustomMark):
        (WebCore::RenderStyle::initialContentAltText):
        (WebCore::RenderStyle::initialLineGrid):
        (WebCore::RenderStyle::initialFlowThread):
        (WebCore::RenderStyle::initialRegionThread):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::collectActiveStyleSheets):
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::getPresentationAttribute):
        * svg/SVGElement.h:
        (WebCore::SVGAttributeHashTranslator::hash):
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::transferSizeAttributesToTargetClone):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::constructAttributeName):
        * testing/MockCDMFactory.cpp:
        (WebCore::MockCDMInstance::requestLicense):
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        * xml/XPathStep.cpp:
        (WebCore::XPath::nodeMatchesBasicTest):
        (WebCore::XPath::Step::nodesInAxis):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::XMLDocumentParser):
        (WebCore::handleNamespaceAttributes):
        (WebCore::handleElementAttributes):

2017-07-06  Chris Dumez  <cdumez@apple.com>

        Drop unnecessary uses of targetStatistics.dataRecordsRemoved in ResourceLoadObserver
        https://bugs.webkit.org/show_bug.cgi?id=174234

        Reviewed by Brent Fulgham.

        Drop unnecessary uses of targetStatistics.dataRecordsRemoved in ResourceLoadObserver. It is
        always 0 since this member is only initialized later on, in the UIProcess.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):

2017-07-06  Yoav Weiss  <yoav@yoav.ws>

        [preload] Avoid reflecting "video" and "audio" when they are not supported `as` value
        https://bugs.webkit.org/show_bug.cgi?id=174199

        Reviewed by Youenn Fablet.

        No new tests as video/audio is supported in tests. I tested this manually.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::as): Make sure "video" and "audio" will not be reflected when they are not supported.

2017-07-06  Chris Dumez  <cdumez@apple.com>

        Drop unused ResourceLoadStatistics members
        https://bugs.webkit.org/show_bug.cgi?id=174226

        Reviewed by Brent Fulgham.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::isPrevalentResource): Deleted.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode):
        (WebCore::ResourceLoadStatistics::decode):
        (WebCore::ResourceLoadStatistics::toString):
        (WebCore::ResourceLoadStatistics::merge):
        * loader/ResourceLoadStatistics.h:

2017-07-06  Youenn Fablet  <youenn@apple.com>

        Rendering of WebRTC audio in AudioSampleDataSource may trigger crackles
        https://bugs.webkit.org/show_bug.cgi?id=174223

        Reviewed by Eric Carlson.

        We try reading too quickly and need to back off a little bit if we do not enough data.
        This only affects real audio and not web audio, hence validated through manual testing only.

        * platform/audio/mac/AudioSampleDataSource.mm:
        (WebCore::AudioSampleDataSource::pullSamplesInternal):

2017-07-06  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove custom bindings for WebGL code dealing with WebGL extensions
        https://bugs.webkit.org/show_bug.cgi?id=174186

        Reviewed by Alex Christensen.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Update files. Categorize some of the remaining custom bindings into groups.

        * bindings/IDLTypes.h:
        Add a IDLWebGLExtension type, to model the special WebGLExtension type. In
        the future, WebGLExtension can probably be replaced by a Variant.
        
        * bindings/js/JSDOMConvertWebGL.cpp: Added.
        Move WebGLAny's convertToJSValue and add a convertToJSValue for WebGLExtension.

        * bindings/js/JSDOMConvertWebGL.h:
        (WebCore::convertToJSValue):
        Since WebGLExtension is a wrapper type, we need both a pointer and reference variant
        of the conversion.

        (WebCore::JSConverter<IDLWebGLExtension>::convert):
        Added.

        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        (WebCore::toJS): Deleted.
        (WebCore::JSWebGL2RenderingContext::getExtension): Deleted.
        Remove custom operation and converter.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::toJS): Deleted.
        (WebCore::JSWebGLRenderingContext::getExtension): Deleted.
        Remove custom operation and converter.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (NativeToJSValueDOMConvertNeedsState):
        (NativeToJSValueDOMConvertNeedsGlobalObject):
        Add support for IDLWebGLExtension.

        * html/canvas/WebGLAny.cpp: Removed.
        * html/canvas/WebGLAny.h:
        Moved convertToJSValue to the bindings where it belongs.

        * html/canvas/WebGLRenderingContextBase.idl:
        Annotate getExtension with [OverrideIDLType=IDLWebGLExtension].

2017-07-06  Joseph Pecoraro  <pecoraro@apple.com>

        [Cocoa] CTParagraphStyle leak under WebCore::LinkImageLayout::LinkImageLayout
        https://bugs.webkit.org/show_bug.cgi?id=174228

        Reviewed by Andreas Kling.

        * platform/mac/DragImageMac.mm:
        (WebCore::LinkImageLayout::LinkImageLayout):

2017-07-06  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Improve performance of font lookups
        https://bugs.webkit.org/show_bug.cgi?id=173960
        <rdar://problem/31996891>

        Reviewed by Darin Adler.

        Looking up kCTFontPostScriptNameAttribute is faster than kCTFontNameAttribute.

        No new tests because there is no behavior change.

        * platform/spi/cocoa/CoreTextSPI.h:
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::fontForPostScriptName):

2017-07-06  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r216944): Font loads can cause Chinese characters to draw as .notdef
        https://bugs.webkit.org/show_bug.cgi?id=173962
        <rdar://problem/32925318>

        Reviewed by Simon Fraser.

        Previously, there was no signalling between our font loading code
        which determined whether or not a font should be invisible (because
        its in the middle of loading) and our system fallback code which
        created fonts when we fall off the end of the fallback list. Because
        of this, we were doing two things wrong:

        1. When we started downloading a font, we would try to use a fallback
        font. However, if the fallback font didn't suppor the character we're
        trying to render, we would just bail and draw .notdef
        2. Even if we continued down the fallback list, and fell of the end,
        we wouldn't realize that the system fallback font should also be drawn
        as invisible.

        This patch solves these two problems by:
        1. Performing a search to find the best (local) fallback font with
        which to fall systemFallbackFontForCharacter(). This way, if you say
        "font-family: 'RemoteFont', 'Helvetica'" we will use Helvetica as
        the lookup to ask the system to search for.
        2. Give the Font class an accessor which can create a duplicate, but
        invisible font. Give FontCascadeFonts::glyphDataForVariant() the
        correct tracking to know when to use this invisible duplicate.

        Tests: fast/text/font-loading-system-fallback.html
               http/tests/webfont/font-loading-system-fallback-visibility.html

        * platform/graphics/Font.cpp:
        (WebCore::Font::invisibleFont):
        * platform/graphics/Font.h:
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::findBestFallbackFont):
        (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
        (WebCore::FontCascadeFonts::glyphDataForVariant):
        * platform/graphics/FontCascadeFonts.h:

2017-07-06  Chris Dumez  <cdumez@apple.com>

        FileMonitor should not be ref counted
        https://bugs.webkit.org/show_bug.cgi?id=174166

        Reviewed by Brent Fulgham.

        Update FileMonitor to no longer be refcounted. It was previously easy to leak it
        because the object would ref itself in various lambdas. The client would have to
        explicitely call FileMonitor::stopMonitoring() which was fragile.

        This patch also simplifies the code and API a bit since no longer actually
        requires startMonitoring() / stopMonitoring() API.

        No new tests, covered by API tests.

        * platform/FileMonitor.cpp:
        (WebCore::FileMonitor::FileMonitor):
        (WebCore::FileMonitor::~FileMonitor):
        (WebCore::FileMonitor::create): Deleted.
        (WebCore::FileMonitor::startMonitoring): Deleted.
        (WebCore::FileMonitor::stopMonitoring): Deleted.
        * platform/FileMonitor.h:
        * platform/cocoa/FileMonitorCocoa.mm:
        (WebCore::FileMonitor::FileMonitor):
        (WebCore::FileMonitor::~FileMonitor):
        (WebCore::FileMonitor::startMonitoring): Deleted.
        (WebCore::FileMonitor::stopMonitoring): Deleted.

2017-07-06  Matt Rajca  <mrajca@apple.com>

        Fix build with VIDEO support disabled.
        https://bugs.webkit.org/show_bug.cgi?id=174217

        Unreviewed build fix.

        * page/Page.cpp:

2017-07-06  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219193.

        The tests added with this revision were extreamly flaky on all
        platforms.

        Reverted changeset:

        "[SVG] Leak in SVGAnimatedListPropertyTearOff"
        https://bugs.webkit.org/show_bug.cgi?id=172545
        http://trac.webkit.org/changeset/219193

2017-07-06  Zalan Bujtas  <zalan@apple.com>

        Use WTFLogAlways for debug logging so that it shows up in device system logs
        https://bugs.webkit.org/show_bug.cgi?id=173450

        Reviewed by Simon Fraser.

        If you want to showRenderTree() on-device, the result doesn't show in system log so you can't see it.
        Switch to WTFLogAlways to fix this, for showRenderTree and its dependencies.
        
        * platform/text/TextStream.cpp:
        (WebCore::writeIndent):
        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::showLineTreeAndMark):
        (WebCore::InlineBox::showLineBox):
        * rendering/InlineBox.h:
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::showLineTreeAndMark):
        * rendering/InlineFlowBox.h:
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::showLineBox):
        * rendering/InlineTextBox.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::showLineTreeAndMark):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderObject.cpp:
        (WebCore::showRenderTreeLegend):
        (WebCore::RenderObject::showRenderTreeForThis):
        (WebCore::RenderObject::showLineTreeForThis):
        (WebCore::RenderObject::showRegionsInformation):
        (WebCore::RenderObject::showRenderObject):
        (WebCore::RenderObject::showRenderSubTreeAndMark):
        * rendering/RenderObject.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::printPrefix):
        (WebCore::SimpleLineLayout::showLineLayoutForFlow):
        * rendering/SimpleLineLayoutFunctions.h:

2017-07-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Unify FontCascadeFonts::glyphDataForVariant() and FontCascadeFonts::glyphDataForNormalVariant()
        https://bugs.webkit.org/show_bug.cgi?id=174213

        Reviewed by Zalan Bujtas.

        They have almost identical code. This is in preparation for https://bugs.webkit.org/show_bug.cgi?id=173962

        No new tests because there is no behavior change.

        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::FontCascadeFonts::glyphDataForVariant):
        (WebCore::FontCascadeFonts::glyphDataForCharacter):
        (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Deleted.
        * platform/graphics/FontCascadeFonts.h:

2017-07-06  Don Olmstead  <don.olmstead@sony.com>

        [PAL] Move KillRing into PAL
        https://bugs.webkit.org/show_bug.cgi?id=173900

        Reviewed by Myles C. Maxfield.

        No new tests. No change in functionality.

        * Configurations/WebCore.xcconfig:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWPE.cmake:
        * PlatformWin.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::Editor):
        * editing/Editor.h:
        (WebCore::Editor::killRing):
        * editing/EditorCommand.cpp:

2017-07-06  Devin Rousso  <drousso@apple.com>

        Web Inspector: Support getting the content of WebGL/WebGL2 contexts
        https://bugs.webkit.org/show_bug.cgi?id=173569
        <rdar://problem/33112420>

        Reviewed by Joseph Pecoraro.

        Tests: inspector/canvas/requestContent-2d.html
               inspector/canvas/requestContent-webgl.html
               inspector/canvas/requestContent-webgl2.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::clearIfComposited):
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::WebGLRenderingContextBase::preventBufferClearForInspector):
        (WebCore::WebGLRenderingContextBase::setPreventBufferClearForInspector):
        Add a flag that will prevent the context buffer from being cleared, allowing it to be copied
        within a toDataURL call. This is currently only used by InspectorCanvasAgent::requestContent.

        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::requestContent):
        Since toDataURL attempts to force the canvas to redraw, we can preserve the buffer after it
        finishes drawing so that it can be copied, instead of it normally being swapped out.

2017-07-06  Chris Dumez  <cdumez@apple.com>

        Move ResourceLoadObserver notification throttling logic from WebProcess class to ResourceLoadObserver
        https://bugs.webkit.org/show_bug.cgi?id=174194

        Reviewed by Brent Fulgham.

        Move ResourceLoadObserver notification throttling logic from WebProcess class to
        ResourceLoadObserver. This makes more sense and decreases the complexity of the
        WebProcess class.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setNotificationCallback):
        (WebCore::ResourceLoadObserver::ResourceLoadObserver):
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::scheduleNotificationIfNeeded):
        (WebCore::ResourceLoadObserver::notificationTimerFired):
        * loader/ResourceLoadObserver.h:

2017-07-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r208511): RenderImageResourceStyleImage should not assume image() won't return null if its m_cachedImage is valid
        https://bugs.webkit.org/show_bug.cgi?id=174168

        Reviewed by Simon Fraser.

        RenderImageResourceStyleImage::image() may return a null pointer even if
        its m_cachedImage is not null. The revision r208511, changed the function
        RenderImageResourceStyleImage::shutdown() so it calls Image::stopAnimation().
        But this change assumes that if m_cachedImage is not null then image() will
        return a valid pointer. This is not true because StyleCachedImage::isPending()
        can return true and hence, RenderImageResourceStyleImage::image() will return
        a null pointer.

        * rendering/RenderImageResourceStyleImage.cpp:
        (WebCore::RenderImageResourceStyleImage::image): Like what RenderImageResource
        does, return Image::nullImage() if m_styleImage->isPending().

2017-07-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r219201.
        https://bugs.webkit.org/show_bug.cgi?id=174211

        "Causes crashes on Release builds and API tests" (Requested by
        ddkilzer on #webkit).

        Reverted changeset:

        "Add release assert to explore crash for
        <rdar://problem/32908525>"
        http://trac.webkit.org/changeset/219201

2017-07-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r219194.
        https://bugs.webkit.org/show_bug.cgi?id=174207

        it broke some layout tests (Requested by clopez on #webkit).

        Reverted changeset:

        "[GStreamer] vid.me videos do not play"
        https://bugs.webkit.org/show_bug.cgi?id=172240
        http://trac.webkit.org/changeset/219194

2017-07-06  David Kilzer  <ddkilzer@apple.com>

        Add release assert to explore crash for <rdar://problem/32908525>

        Reviewed by Brady Eidson.

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase): Add
        release assert to catch cases when the IDBBackingStore is not
        deleted before the UniqueIDBDatabase is destroyed.  The
        IDBBackingStore should always be released on the database
        thread.

2017-07-06  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219178.

        This caused a consistent failure with the API test
        StringBuilderTest.ToAtomicStringOnEmpty on all Debug testers.

        Reverted changeset:

        "[WTF] Clean up StringStatics.cpp by using
        LazyNeverDestroyed<> for Atoms"
        https://bugs.webkit.org/show_bug.cgi?id=174150
        http://trac.webkit.org/changeset/219178

2017-07-06  Charlie Turner  <cturner@igalia.com>

        [GStreamer] vid.me videos do not play
        https://bugs.webkit.org/show_bug.cgi?id=172240

        Reviewed by Xabier Rodriguez-Calvar.

        In r142251, code to hide the WK HTTP source elements from elsewhere in
        the pipeline was removed. This has the nasty side-effect of
        auto-plugging the WK HTTP source into things it really should not be
        used in, especially the adaptive streaming demuxers. The reasons this
        is bad are documented in several places on Bugzilla, see the parent
        bug report for more details. The high-level issue is that the WK HTTP
        source and its use of WebCore is not thread-safe. Although work has
        been recently done to improve this situation, it's still not perfect.

        Another issue is the interface hlsdemux expects its HTTP source to
        implement, specifically seeking in READY.

        This does rely on HTTP context sharing being available in GStreamer,
        upstream bug is here:
        https://bugzilla.gnome.org/show_bug.cgi?id=761099. The failing case
        can be demonstrated with
        https://github.com/thiagoss/adaptive-test-server but manual testing on
        popular video hosting sites, including vid.me, shows that this doesn't
        bite us at the moment, just something else to fix in the future.

        There are some QoS issues with the adaptive streaming code in
        GStreamer, but it seems much better to offer a below par QoS in lieu
        of crashing/livelocking when playing certain streams, and issues can be
        raised upstream when they arise.

        This patch does take us further away from the future goal of having all
        networking operations go through the network process, but in return it
        solves some nasty crashes and livelocks that have been irritating
        users for some time. With the pressure off on this issue, work can be
        planned to consider how to make the WK HTTP source a better citizen
        inside the GStreamer pipeline when we migrate the netcode to go
        through the network process.

        A new test is added to check that the single file HLS playlists
        (new in version 4) can be played, which was the primary cause of
        this bug report.

        Test: http/tests/media/hls/range-request.html

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL): Perform
        some trickery to make sure that we only ever fetch URLs handed to
        us by WebCore. Any further URLs discovered inside the pipeline
        will not get WKWS auto-plugged, since they'll be plain https?
        schemas.
        (WebCore::MediaPlayerPrivateGStreamer::load): Refactor to use the
        setPlaybinURL helper method.
        (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Add
        the setPlaybinURL helper method.
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcGetProtocols): Only advertise webkit+https?, this
        ensures we won't get auto-plugged by pipeline elements asking for
        an element to fetch https? resources (like adaptive demuxers).
        (convertPlaybinURI): Undo the trick when another element asks us
        for our URI.

2017-05-24  Sergio Villar Senin  <svillar@igalia.com>

        [SVG] Leak in SVGAnimatedListPropertyTearOff
        https://bugs.webkit.org/show_bug.cgi?id=172545

        Reviewed by Said Abou-Hallawa.

        SVGAnimatedListPropertyTearOff maintains a vector m_wrappers with references to
        SVGPropertyTraits<PropertyType>::ListItemTearOff. Apart from that SVGPropertyTearOff has a
        reference to SVGAnimatedProperty.

        When SVGListProperty::getItemValuesAndWrappers() is called, it creates a
        SVGPropertyTraits<PropertyType>::ListItemTearOff pointing to the same SVGAnimatedProperty (a
        SVGAnimatedListPropertyTearOff) which stores the m_wrappers vector where the ListItemTearOff
        is going to be added to. This effectively creates a reference cycle between the
        SVGAnimatedListPropertyTearOff and all the ListItemTearOff it stores in m_wrappers.

        We should detach those wrappers in propertyWillBeDeleted() in order to break the cycle.

        * svg/properties/SVGAnimatedListPropertyTearOff.h:

2017-07-05  Don Olmstead  <don.olmstead@sony.com>

        [WTF] Move SoftLinking.h into WTF
        https://bugs.webkit.org/show_bug.cgi?id=174000

        Reviewed by Alex Christensen.

        No new tests. No change in functionality

        * Modules/applepay/PaymentRequest.cpp:
        * Modules/applepay/cocoa/PaymentContactCocoa.mm:
        * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
        * Modules/encryptedmedia/legacy/LegacyCDMPrivateMediaPlayer.cpp:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/cocoa/EditorCocoa.mm:
        * editing/cocoa/HTMLConverter.mm:
        * editing/ios/EditorIOS.mm:
        * page/CaptionUserPreferencesMediaAF.cpp:
        * page/cocoa/SettingsCocoa.mm:
        * page/ios/UserAgentIOS.mm:
        * page/mac/ServicesOverlayController.mm:
        * platform/audio/ios/AudioDestinationIOS.cpp:
        * platform/audio/ios/AudioFileReaderIOS.cpp:
        * platform/audio/ios/AudioSessionIOS.mm:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/cf/MediaAccessibilitySoftLink.cpp:
        * platform/cf/MediaAccessibilitySoftLink.h:
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        * platform/cocoa/CoreVideoSoftLink.cpp:
        * platform/cocoa/CoreVideoSoftLink.h:
        * platform/cocoa/DataDetectorsCoreSoftLink.h:
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        * platform/cocoa/ParentalControlsContentFilter.mm:
        * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
        * platform/cocoa/VideoToolboxSoftLink.cpp:
        * platform/cocoa/VideoToolboxSoftLink.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
        * platform/gamepad/cocoa/GameControllerGamepadProvider.mm:
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        * platform/graphics/avfoundation/MediaPlaybackTargetMac.mm:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h:
        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp:
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.cpp:
        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
        * platform/graphics/cv/PixelBufferConformerCV.cpp:
        * platform/graphics/ios/FontCacheIOS.mm:
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        * platform/graphics/mac/FontCacheMac.mm:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        * platform/graphics/mac/MediaTimeQTKit.mm:
        * platform/graphics/mac/PDFDocumentImageMac.mm:
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        * platform/ios/DragImageIOS.mm:
        * platform/ios/PlatformPasteboardIOS.mm:
        * platform/ios/PlatformScreenIOS.mm:
        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        * platform/ios/QuickLookSoftLink.h:
        * platform/ios/QuickLookSoftLink.mm:
        * platform/ios/RemoteCommandListenerIOS.mm:
        * platform/ios/ThemeIOS.mm:
        * platform/ios/ValidationBubbleIOS.mm:
        * platform/ios/WebCoreMotionManager.mm:
        * platform/ios/WebItemProviderPasteboard.mm:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        * platform/mac/DragImageMac.mm:
        * platform/mac/MediaRemoteSoftLink.cpp:
        * platform/mac/MediaRemoteSoftLink.h:
        * platform/mac/SerializedPlatformRepresentationMac.mm:
        * platform/mac/WebPlaybackControlsManager.mm:
        * platform/mac/WebVideoFullscreenController.mm:
        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.mm:
        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        * platform/network/cf/CookieJarCFNet.cpp:
        * platform/network/ios/NetworkStateNotifierIOS.mm:
        * platform/network/ios/PreviewConverter.mm:
        * platform/network/mac/BlobDataFileReferenceMac.mm:
        * platform/spi/cocoa/AVKitSPI.h:
        (-[AVTouchBarPlaybackControlsControlling NS_ENUM]): Deleted.
        * platform/spi/cocoa/NSAttributedStringSPI.h:
        * platform/spi/ios/DataDetectorsUISPI.h:
        * platform/spi/mac/AVFoundationSPI.h:
        * platform/spi/mac/DataDetectorsSPI.h:
        * platform/spi/mac/LookupSPI.h:
        * platform/spi/mac/TUCallSPI.h:
        * platform/win/ScrollbarThemeWin.cpp:
        * rendering/RenderThemeCocoa.mm:
        * rendering/RenderThemeIOS.mm:
        * rendering/RenderThemeWin.cpp:
        * testing/Internals.mm:
        * xml/XSLStyleSheetLibxslt.cpp:
        * xml/XSLTExtensions.cpp:
        * xml/XSLTProcessorLibxslt.cpp:
        * xml/XSLTUnicodeSort.cpp:

2017-07-05  Zalan Bujtas  <zalan@apple.com>

        REGRESSION: Stack overflow in RenderBlockFlow::layoutBlock after increasing the font size to max in some RTL vertical books.
        https://bugs.webkit.org/show_bug.cgi?id=174144
        <rdar://problem/32781038>

        Reviewed by Simon Fraser.

        We set the start/end margin on the ruby renderer to support overhanging content. The margins ensure that
        adjacent boxes on the line are placed properly respecting the overhanging content.
        The line breaking algorithm also takes this value into account as it affects the line's available width.
        We need to reset this value before laying out the lines, otherwise we might end up using this value on the line twice;
        first as the renderer's margins (as the result of the previous layout) and second as the renderer's overhanging value.
        Since this is not strictly part of the renderer's layout context (i.e. we set them during the line layout and not at
        RenderRubyRun::layout) we can't rely on the ruby's layout logic to reset them.

        Test: fast/ruby/ruby-overhang-margin-crash.html

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::layoutLineBoxes):

2017-07-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        Upgrade GCC baseline
        https://bugs.webkit.org/show_bug.cgi?id=174155

        Reviewed by Michael Catanzaro.

        Remove workaround for old GCC.

        * CMakeLists.txt:

2017-07-05  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix iOS build after r219177.

        * page/ios/UserAgentIOS.mm:
        * platform/spi/ios/UIKitSPI.h:

2017-07-05  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix iOS build after r219177.

        * page/ios/UserAgentIOS.mm:
        * platform/spi/ios/UIKitSPI.h:

2017-07-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        Use std::lock_guard instead of std::unique_lock if move semantics and try_lock is not necessary
        https://bugs.webkit.org/show_bug.cgi?id=174148

        Reviewed by Mark Lam.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::~AudioSourceProviderAVFObjC):

2017-07-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Clean up StringStatics.cpp by using LazyNeverDestroyed<> for Atoms
        https://bugs.webkit.org/show_bug.cgi?id=174150

        Reviewed by Mark Lam.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::captionDisplayMode):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::binaryType):
        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer):
        * accessibility/AccessibilityMediaControls.cpp:
        (WebCore::AccessibilityMediaControl::controlTypeName):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::language):
        (WebCore::AccessibilityObject::defaultLiveRegionStatusForRole):
        (WebCore::AccessibilityObject::actionVerb):
        (WebCore::AccessibilityObject::getAttribute):
        (WebCore::AccessibilityObject::placeholderValue):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::accessKey):
        (WebCore::AccessibilityObject::ariaLiveRegionRelevant):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::accessKey):
        (WebCore::AccessibilityRenderObject::actionVerb):
        * bindings/js/JSCustomElementInterface.cpp:
        (WebCore::JSCustomElementInterface::constructElementWithFallback):
        * bindings/js/JSCustomElementRegistryCustom.cpp:
        (WebCore::JSCustomElementRegistry::define):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDefaultValue):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringIsNullBody):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalAtomicStringIsEmptyStringBody):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::selectorText):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::valueName):
        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorSpecificityInternal):
        (WebCore::CSSSelector::specificityForPage):
        (WebCore::CSSSelector::RareData::RareData):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::argument):
        * css/CSSSelectorList.cpp:
        (WebCore::SelectorNeedsNamespaceResolutionFunctor::operator()):
        * css/PageRuleCollector.cpp:
        (WebCore::checkPageSelectorComponents):
        * css/RuleSet.cpp:
        (WebCore::computeMatchBasedOnRuleHash):
        (WebCore::RuleSet::addRule):
        * css/SelectorChecker.cpp:
        (WebCore::tagMatches):
        * css/SelectorFilter.cpp:
        (WebCore::collectDescendantSelectorIdentifierHashes):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertStringOrAuto):
        (WebCore::StyleBuilderConverter::convertStringOrNone):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueWebkitLocale):
        (WebCore::StyleBuilderCustom::applyValueWebkitTextEmphasisStyle):
        (WebCore::StyleBuilderCustom::applyValueContent):
        (WebCore::StyleBuilderCustom::applyValueAlt):
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::StyleSheetContents):
        (WebCore::StyleSheetContents::namespaceURIFromPrefix):
        * css/makeprop.pl:
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::parsePageSelector):
        * css/parser/CSSSelectorParser.cpp:
        (WebCore::CSSSelectorParser::consumeCompoundSelector):
        (WebCore::CSSSelectorParser::consumeName):
        (WebCore::CSSSelectorParser::consumeAttribute):
        (WebCore::CSSSelectorParser::defaultNamespace):
        (WebCore::CSSSelectorParser::determineNamespace):
        (WebCore::CSSSelectorParser::prependTypeSelectorIfNeeded):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::attributeNameTestingRequiresNamespaceRegister):
        (WebCore::SelectorCompiler::equalTagNames):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasTagName):
        * dom/Attr.cpp:
        (WebCore::Attr::setPrefix):
        (WebCore::Attr::attachToElement):
        * dom/Attribute.h:
        (WebCore::Attribute::nameMatchesFilter):
        * dom/ConstantPropertyMap.cpp:
        (WebCore::ConstantPropertyMap::nameForProperty):
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getElementsByTagName):
        (WebCore::ContainerNode::getElementsByTagNameNS):
        * dom/CustomElementReactionQueue.cpp:
        (WebCore::CustomElementReactionQueue::enqueuePostUpgradeReactions):
        * dom/DatasetDOMStringMap.cpp:
        (WebCore::convertPropertyNameToAttributeName):
        * dom/Document.cpp:
        (WebCore::createUpgradeCandidateElement):
        (WebCore::Document::createElementForBindings):
        (WebCore::Document::importNode):
        (WebCore::Document::hasValidNamespaceForElements):
        (WebCore::Document::processBaseElement):
        (WebCore::Document::dir):
        (WebCore::Document::bgColor):
        (WebCore::Document::fgColor):
        (WebCore::Document::alinkColor):
        (WebCore::Document::linkColorForBindings):
        (WebCore::Document::vlinkColor):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::setBooleanAttribute):
        (WebCore::Element::synchronizeAttribute):
        (WebCore::Element::getAttribute):
        (WebCore::Element::getAttributeNS):
        (WebCore::Element::setAttribute):
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::didMoveToNewDocument):
        (WebCore::Element::setPrefix):
        (WebCore::Element::insertedInto):
        (WebCore::Element::removedFrom):
        (WebCore::Element::removeAttributeInternal):
        (WebCore::Element::addAttributeInternal):
        (WebCore::Element::removeAttributeNS):
        (WebCore::Element::getAttributeNodeNS):
        (WebCore::Element::hasAttributeNS):
        (WebCore::Element::computeInheritedLanguage):
        (WebCore::Element::updateNameForDocument):
        (WebCore::Element::updateIdForDocument):
        (WebCore::Element::didAddAttribute):
        (WebCore::Element::didRemoveAttribute):
        (WebCore::Element::cloneAttributesFromElement):
        * dom/Element.h:
        (WebCore::Element::attributeWithoutSynchronization):
        (WebCore::Element::idForStyleResolution):
        (WebCore::Element::getIdAttribute):
        (WebCore::Element::getNameAttribute):
        * dom/EventTarget.cpp:
        (WebCore::legacyType):
        * dom/MutationRecord.h:
        (WebCore::MutationRecord::attributeName):
        (WebCore::MutationRecord::attributeNamespace):
        * dom/NamedNodeMap.cpp:
        (WebCore::NamedNodeMap::removeNamedItemNS):
        * dom/Node.cpp:
        (WebCore::Node::prefix):
        (WebCore::Node::localName):
        (WebCore::Node::namespaceURI):
        (WebCore::Node::checkSetPrefix):
        (WebCore::locateDefaultNamespace):
        (WebCore::Node::isDefaultNamespace):
        (WebCore::Node::lookupNamespaceURI):
        (WebCore::locateNamespacePrefix):
        (WebCore::Node::lookupPrefix):
        * dom/NodeRareData.h:
        (WebCore::NodeListsNodeData::addCachedTagCollectionNS):
        (WebCore::NodeListsNodeData::addCachedCollection):
        (WebCore::NodeListsNodeData::cachedCollection):
        (WebCore::NodeListsNodeData::removeCacheWithAtomicName):
        (WebCore::NodeListsNodeData::removeCachedTagCollectionNS):
        (WebCore::NodeListsNodeData::removeCachedCollection):
        * dom/PseudoElement.cpp:
        (WebCore::pseudoElementTagName):
        * dom/QualifiedName.cpp:
        (WebCore::QualifiedName::init):
        (WebCore::nullQName):
        (WebCore::createQualifiedName):
        * dom/QualifiedName.h:
        (WebCore::QualifiedName::hasPrefix):
        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::executeSingleTagNameSelectorData):
        * dom/SlotAssignment.cpp:
        (WebCore::slotNameFromAttributeValue):
        * dom/SlotAssignment.h:
        (WebCore::SlotAssignment::defaultSlotName):
        (WebCore::ShadowRoot::didRemoveAllChildrenOfShadowHost):
        (WebCore::ShadowRoot::didChangeDefaultSlot):
        * dom/TagCollection.cpp:
        (WebCore::TagCollection::TagCollection):
        (WebCore::HTMLTagCollection::HTMLTagCollection):
        * dom/TagCollection.h:
        (WebCore::TagCollectionNS::elementMatches):
        * dom/make_names.pl:
        (printNamesCppFile):
        (printDefinitions):
        (printFactoryCppFile):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::removeNodeAttribute):
        * editing/Editing.cpp:
        (WebCore::createHTMLElement):
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
        (WebCore::MarkupAccumulator::shouldAddNamespaceElement):
        (WebCore::MarkupAccumulator::shouldAddNamespaceAttribute):
        (WebCore::MarkupAccumulator::appendNamespace):
        (WebCore::MarkupAccumulator::appendOpenTag):
        (WebCore::MarkupAccumulator::appendAttribute):
        * editing/gtk/EditorGtk.cpp:
        (WebCore::elementURL):
        * editing/markup.cpp:
        (WebCore::AttributeChange::AttributeChange):
        * html/Autocapitalize.cpp:
        (WebCore::stringForAutocapitalizeType):
        * html/Autofill.cpp:
        (WebCore::AutofillData::createFromHTMLFormControlElement):
        * html/DOMTokenList.h:
        (WebCore::DOMTokenList::item):
        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::name):
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::formControlType):
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::toggleOpen):
        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::isCaseSensitiveAttribute):
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::eventNameForEventHandlerAttribute):
        (WebCore::toValidDirValue):
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::name):
        (WebCore::HTMLInputElement::updateType):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::doesHaveAttribute):
        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::createForJSConstructor):
        * html/HTMLParamElement.cpp:
        (WebCore::HTMLParamElement::name):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::setMultiple):
        * html/HTMLTableCellElement.cpp:
        (WebCore::HTMLTableCellElement::scope):
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
        * html/LabelableElement.cpp:
        (WebCore::LabelableElement::labels):
        * html/LabelsNodeList.cpp:
        (WebCore::LabelsNodeList::~LabelsNodeList):
        * html/MediaController.cpp:
        (MediaController::playbackState):
        (eventNameForReadyState):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):
        * html/parser/AtomicHTMLToken.h:
        (WebCore::AtomicHTMLToken::initializeAttributes):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createElement):
        (WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
        * html/parser/HTMLParserIdioms.cpp:
        (WebCore::stripLeadingAndTrailingHTMLSpaces):
        (WebCore::parseHTMLHashNameReference):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::createForeignAttributesMap):
        * html/track/InbandTextTrack.cpp:
        (WebCore::InbandTextTrack::InbandTextTrack):
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::id):
        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::captionMenuOffItem):
        (WebCore::TextTrack::captionMenuAutomaticItem):
        * html/track/TrackBase.cpp:
        (WebCore::MediaTrackBase::setKindInternal):
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::scroll):
        * html/track/WebVTTElement.cpp:
        (WebCore::nodeTypeToTagName):
        * html/track/WebVTTElement.h:
        * html/track/WebVTTToken.h:
        (WebCore::WebVTTToken::StartTag):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        * loader/FrameLoader.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::clearFailedLoadURL):
        * loader/NavigationAction.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::showModalDialog):
        * page/EventHandler.cpp:
        (WebCore::eventNameForTouchPointState):
        * page/FrameTree.cpp:
        (WebCore::FrameTree::setName):
        (WebCore::FrameTree::clearName):
        * page/Page.cpp:
        (WebCore::Page::groupName):
        * platform/graphics/ComplexTextController.cpp:
        (WebCore::ComplexTextController::offsetForPosition):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::alternateFamilyName):
        * platform/graphics/FontDescription.h:
        (WebCore::FontCascadeDescription::initialLocale):
        * platform/graphics/FontGenericFamilies.cpp:
        (WebCore::genericFontFamilyForScript):
        * platform/graphics/InbandTextTrackPrivate.h:
        (WebCore::InbandTextTrackPrivate::inBandMetadataTrackDispatchType):
        * platform/graphics/TrackPrivateBase.h:
        (WebCore::TrackPrivateBase::id):
        (WebCore::TrackPrivateBase::label):
        (WebCore::TrackPrivateBase::language):
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::id):
        (WebCore::AVTrackPrivateAVFObjCImpl::label):
        (WebCore::AVTrackPrivateAVFObjCImpl::language):
        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.h:
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
        (WebCore::InbandTextTrackPrivateAVCF::label):
        (WebCore::InbandTextTrackPrivateAVCF::language):
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.cpp:
        (WebCore::InbandTextTrackPrivateLegacyAVCF::label):
        (WebCore::InbandTextTrackPrivateLegacyAVCF::language):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
        (WebCore::InbandTextTrackPrivateAVFObjC::label):
        (WebCore::InbandTextTrackPrivateAVFObjC::language):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
        (WebCore::InbandTextTrackPrivateLegacyAVFObjC::label):
        (WebCore::InbandTextTrackPrivateLegacyAVFObjC::language):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::metadataType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/graphics/gstreamer/InbandMetadataTextTrackPrivateGStreamer.h:
        (WebCore::InbandMetadataTextTrackPrivateGStreamer::create):
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/mediastream/AudioTrackPrivateMediaStream.h:
        * platform/mediastream/RealtimeMediaSourceSettings.cpp:
        (WebCore::RealtimeMediaSourceSettings::facingMode):
        * platform/mediastream/VideoTrackPrivateMediaStream.h:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::linkSuggestedFilename):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::markerText):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::previousOffset):
        (WebCore::RenderText::nextOffset):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextAndEmphasisMarksIfNeeded):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::textEmphasisMarkString):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::initialHyphenationString):
        (WebCore::RenderStyle::initialTextEmphasisCustomMark):
        (WebCore::RenderStyle::initialContentAltText):
        (WebCore::RenderStyle::initialLineGrid):
        (WebCore::RenderStyle::initialFlowThread):
        (WebCore::RenderStyle::initialRegionThread):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::collectActiveStyleSheets):
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::getPresentationAttribute):
        * svg/SVGElement.h:
        (WebCore::SVGAttributeHashTranslator::hash):
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::transferSizeAttributesToTargetClone):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::constructAttributeName):
        * testing/MockCDMFactory.cpp:
        (WebCore::MockCDMInstance::requestLicense):
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        * xml/XPathStep.cpp:
        (WebCore::XPath::nodeMatchesBasicTest):
        (WebCore::XPath::Step::nodesInAxis):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::XMLDocumentParser):
        (WebCore::handleNamespaceAttributes):
        (WebCore::handleElementAttributes):

2017-07-05  Chris Dumez  <cdumez@apple.com>

        [iOS] User agent string incorrectly says "iPhone" instead of "iPad" on newer iPads
        https://bugs.webkit.org/show_bug.cgi?id=174182
        <rdar://problem/32868369>

        Reviewed by Tim Horton.

        In deviceNameForUserAgent() on iOS, we were forcefully returning "iPhone" if
        [UIApplication _isClassic] returns true. Update check to return "iPad" if
        [UIApplication _isClassic] returns true but [UIApplication _classMode] returns
        UIApplicationSceneClassicModeOriginalPad.

        * page/ios/UserAgentIOS.mm:
        (WebCore::isClassicPad):
        (WebCore::isClassicPhone):
        (WebCore::osNameForUserAgent):
        (WebCore::deviceNameForUserAgent):
        * platform/spi/ios/UIKitSPI.h:

2017-07-05  Yusuke Suzuki  <utatane.tea@gmail.com>

        WTF::Thread should have the threads stack bounds.
        https://bugs.webkit.org/show_bug.cgi?id=173975

        Reviewed by Keith Miller.

        When creating WebThread, we first allocate WebCore::ThreadGlobalData in UI thread
        and share it with WebThread.
        The problem is that WebCore::ThreadGlobalData has CachedResourceRequestInitiators.
        It allocates AtomicString, which requires WTFThreadData.

        Before this patch, it was OK because WTFThreadData does not touch threading related
        things except for ThreadSpecific<>. However, after this patch, it touches
        WTF::Thread::current() which requires WTF::initializeThreading().

        In this patch, we call WTF::initializeThreading() before allocating WebCore::ThreadGlobalData.
        And we also call AtomicString::init() before calling WebCore::ThreadGlobalData since
        WebCore::ThreadGlobalData allocates AtomicString.

        This fixes crashes in the iOS web threading environment (UIWebView).

        * platform/ios/wak/WebCoreThread.mm:
        (StartWebThread):

2017-07-05  Myles C. Maxfield  <mmaxfield@apple.com>

        CSSFontStyleValue::isItalic seems a bit bogus.
        https://bugs.webkit.org/show_bug.cgi?id=174149

        Reviewed by Tim Horton.

        Simple typo.

        Test: editing/execCommand/italicizeByCharacter-normal.html

        * css/CSSFontStyleValue.h:

2017-07-05  Brady Eidson  <beidson@apple.com>

        Allow navigations in subframes to get a ShouldOpenExternalURLsPolicy of "ShouldAllow".
        <rdar://problem/22485589> and https://bugs.webkit.org/show_bug.cgi?id=174178

        Reviewed by Alex Christensen.

        Test: loader/navigation-policy/should-open-external-urls/subframe-navigated-programatically-by-main-frame.html

        This patch introduces a new flag to FrameLoadRequest to track when it is known with certainty that a 
        FrameLoadRequest originates from the main frame.
        
        Later, when calculating the final ShouldOpenExternalURLsPolicy, main frames navigating iframes get to propagate
        their permissions to the iframe.
        
        * bindings/js/CommonVM.cpp:
        (WebCore::lexicalFrameFromCommonVM): Helper to grab the current frame associated with the current JS callstack.
        * bindings/js/CommonVM.h:

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):

        Add the new flag to FrameLoadRequest (and force almost everybody to explicitly include the flag):
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        (WebCore::FrameLoadRequest::navigationInitiatedByMainFrame):

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::shouldOpenExternalURLsPolicyToApply): Helper that takes the new flag into account when deciding
          what the final ShouldOpenExternalURLsPolicy will be.
        (WebCore::applyShouldOpenExternalURLsPolicyToNewDocumentLoader):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        (WebCore::createWindow):
        (WebCore::FrameLoader::applyShouldOpenExternalURLsPolicyToNewDocumentLoader): Deleted.
        * loader/FrameLoader.h:

        * loader/FrameLoaderTypes.h:

        * loader/NavigationAction.h:
        (WebCore::NavigationAction::navigationInitiatedByMainFrame):
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledNavigation::ScheduledNavigation): Grab the "initiating frame" at the time the 
          ScheduledNavigation is created, as it dictates the policy we decide later.
        (WebCore::ScheduledNavigation::navigationInitiatedByMainFrame):
        (WebCore::NavigationScheduler::scheduleLocationChange):

        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2017-07-05  Simon Fraser  <simon.fraser@apple.com>

        Another build fix, for Mac.

        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::surfaceID):

2017-07-05  Simon Fraser  <simon.fraser@apple.com>

        Further attempts to fix the iOS public SDK build.

        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::surfaceID):
        * platform/spi/cocoa/IOSurfaceSPI.h:

2017-07-05  Don Olmstead  <don.olmstead@sony.com>

        [WinCairo] Consolidate CMake code related to CURL
        https://bugs.webkit.org/show_bug.cgi?id=170860

        Reviewed by Alex Christensen.

        No new tests. No change in functionality.

        * PlatformWinCairo.cmake:
        * platform/Curl.cmake: Added.

2017-07-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove copy of ICU headers from WebKit
        https://bugs.webkit.org/show_bug.cgi?id=116407

        Reviewed by Alex Christensen.

        Use WTF's copy of ICU headers.

        No new tests because there is no behavior change.

        * Configurations/WebCore.xcconfig:
        * icu/unicode/bytestream.h: Removed.
        * icu/unicode/localpointer.h: Removed.
        * icu/unicode/parseerr.h: Removed.
        * icu/unicode/platform.h: Removed.
        * icu/unicode/ptypes.h: Removed.
        * icu/unicode/putil.h: Removed.
        * icu/unicode/rep.h: Removed.
        * icu/unicode/std_string.h: Removed.
        * icu/unicode/strenum.h: Removed.
        * icu/unicode/stringpiece.h: Removed.
        * icu/unicode/ubrk.h: Removed.
        * icu/unicode/uchar.h: Removed.
        * icu/unicode/ucnv.h: Removed.
        * icu/unicode/ucnv_err.h: Removed.
        * icu/unicode/ucol.h: Removed.
        * icu/unicode/uconfig.h: Removed.
        * icu/unicode/ucurr.h: Removed.
        * icu/unicode/uenum.h: Removed.
        * icu/unicode/uiter.h: Removed.
        * icu/unicode/uloc.h: Removed.
        * icu/unicode/umachine.h: Removed.
        * icu/unicode/unistr.h: Removed.
        * icu/unicode/unorm.h: Removed.
        * icu/unicode/unorm2.h: Removed.
        * icu/unicode/uobject.h: Removed.
        * icu/unicode/urename.h: Removed.
        * icu/unicode/uscript.h: Removed.
        * icu/unicode/uset.h: Removed.
        * icu/unicode/ustring.h: Removed.
        * icu/unicode/utext.h: Removed.
        * icu/unicode/utf.h: Removed.
        * icu/unicode/utf16.h: Removed.
        * icu/unicode/utf8.h: Removed.
        * icu/unicode/utf_old.h: Removed.
        * icu/unicode/utypes.h: Removed.
        * icu/unicode/uvernum.h: Removed.
        * icu/unicode/uversion.h: Removed.
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionKey::makeFlagsKey):

2017-07-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        When dragging a selection, clearing the selection in dragstart should not crash the web process
        https://bugs.webkit.org/show_bug.cgi?id=174142
        <rdar://problem/33067501>

        Reviewed by Tim Horton.

        Currenly, if the page clears the current selection after dragging starts on selected content, the web process
        will crash while attempting to write pasteboard data for a nonexistent selection. This patch adds a trivial
        check for this case, bailing if no DHTML dragging data was specified by the page during a selection drag and the
        selection has been cleared.

        Also removes some unused code for estimating the bounds of the current selection. On iOS, dragging was actually
        crashing earlier, in this codepath. However, this information isn't even used anymore, since the drag anchor
        point is no longer necessary on iOS.

        Test: DataInteractionTests.DoNotCrashWhenSelectionIsClearedInDragStart

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

2017-07-05  Simon Fraser  <simon.fraser@apple.com>

        Try to fix iOS 10.3 public SDK builds.

        * platform/spi/cocoa/IOSurfaceSPI.h:

2017-07-05  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r217522): "Show My Relationship" link in familysearch.org does not work.
        https://bugs.webkit.org/show_bug.cgi?id=174070
        <rdar://problem/32940653>

        Reviewed by Simon Fraser.

        Decouple in- and out-of-flow computed position values. Now we match blink's implementation on
        in-flow values.
        This also fixes the flickering content while scrolling on hbr.org.  

        Covered by existing test cases.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::positionOffsetValue):

2017-07-05  Devin Rousso  <drousso@apple.com>

        Web Inspector: Allow users to log any tracked canvas context
        https://bugs.webkit.org/show_bug.cgi?id=173397
        <rdar://problem/33111581>

        Reviewed by Joseph Pecoraro.

        Tests: inspector/canvas/resolveCanvasContext-2d.html
               inspector/canvas/resolveCanvasContext-webgl.html
               inspector/canvas/resolveCanvasContext-webgl2.html
               inspector/canvas/resolveCanvasContext-webgpu.html

        * inspector/InspectorCanvasAgent.h:
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::InspectorCanvasAgent):
        (WebCore::contextAsScriptValue):
        (WebCore::InspectorCanvasAgent::resolveCanvasContext):

2017-07-05  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Style sharing check for fullscreen element seems bogus.
        https://bugs.webkit.org/show_bug.cgi?id=160196

        Reviewed by Antti Koivisto.

        No new tests (no easy way to test this reliably).

        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::canShareStyleWithElement):

2017-07-05  Simon Fraser  <simon.fraser@apple.com>

        Add a logging channel for IOSurface allocations
        https://bugs.webkit.org/show_bug.cgi?id=174167

        Reviewed by Tim Horton.

        Add an "IOSurface" log channel, make IOSurface TextStream-loggable, and log cached
        and new IOSurface allocations. Do some namespace-related cleanup.

        * platform/Logging.h:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::WebCore::IOSurface::create):
        (WebCore::WebCore::IOSurface::surfaceID):
        (WebCore::operator<<):

2017-07-05  Antti Koivisto  <antti@apple.com>

        Low memory notification shouldn't cause style recalc
        https://bugs.webkit.org/show_bug.cgi?id=173574
        <rdar://problem/32616997>

        Reviewed by Andreas Kling.

        Patch mostly by Myles.

        When we receive a low memory warning, we clear the style resolver. Previously, we were using
        this as an opportunity to also purge the CSSFontSelector. However, purging the font selector
        is wasteful, since the exact same set of CSSFontFace objects will be recreated as soon as the
        CSSFontSelector is recreated. It's also harmful because this purge operation causes fonts to
        be removed from the document's working set, and therefore triggers a relayout. Instead, this
        call should be softened to only delete any transitory caches the CSSFontSelector owns.

        We can simply delay the rebuild of the CSSFontSelector to
        StyleResolver::appendAuthorStyleSheets(), when it's really needed. This way, we can sidestep
        this whole problem.

        There's also an added benefit: Now, buildStarted() doesn't have to be idempotent, so we can
        enforce a stricter calling sequence with ASSERT()s.

        * css/CSSFontFaceSet.cpp:
        (WebCore::CSSFontFaceSet::emptyCaches):
        * css/CSSFontFaceSet.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::emptyCaches):

            Add a separate function to clear font selector caches.

        (WebCore::CSSFontSelector::buildStarted):
        (WebCore::CSSFontSelector::buildCompleted):
        (WebCore::CSSFontSelector::addFontFaceRule):
        (WebCore::CSSFontSelector::fontModified):

            No need to invalidate while building.

        (WebCore::CSSFontSelector::fontRangesForFamily):
        * css/CSSFontSelector.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::addCurrentSVGFontFaceRules):

            Factor into a function from the constructor.

        (WebCore::StyleResolver::appendAuthorStyleSheets):

            Font selector build is now started and finished by StyleScope.

        * css/StyleResolver.h:
        * dom/Document.cpp:
        (WebCore::Document::resolveStyle):

            Call FrameView::styleDidChange() to update any custom scrollbars.
            This bug was hidden by spurious style recalcs, tested by fast/css/scrollbar-dynamic-style-change.html

        (WebCore::Document::userAgentShadowTreeStyleResolver):
        (WebCore::Document::didClearStyleResolver):

            Don't start the font selector rebuild after clearing the resolver. It would cause style recalc trashing.
            Instead the build starts when the new resolver is constructed.

        * page/MemoryRelease.cpp:
        (WebCore::releaseCriticalMemory):

            Release font selector caches.

        * style/StyleScope.cpp:
        (WebCore::Style::Scope::resolver):

2017-07-05  Brent Fulgham  <bfulgham@apple.com>

        [WK2] Prevent ResourceLoadStatistics from triggering a cascade of read/write events
        https://bugs.webkit.org/show_bug.cgi?id=174062\
        <rdar://problem/33086744>

        Reviewed by Chris Dumez.

        Treat DISPATCH_VNODE_DELETE, DISPATCH_VNODE_RENAME, and DISPATCH_VNODE_REVOKE as equivalent
        "file is unavailable" events, and act as though the file was deleted. Don't listen for
        DISPATCH_VNODE_EXTEND, since we always get a DISPATCH_VNODE_WRITE as well, and we only
        want to read once.

        Finally, add some logging to support future investigations.

        * platform/FileMonitor.h:
        (WebCore::FileMonitor::platformMonitor): Expose dispatch_source_t for logging purposes.
        * platform/cocoa/FileMonitorCocoa.mm:
        (WebCore::FileMonitor::startMonitoring): Add logging.
        (WebCore::FileMonitor::stopMonitoring): Ditto.

2017-07-05  Jonathan Bedard  <jbedard@apple.com>

        Add WebKitPrivateFrameworkStubs for iOS 11
        https://bugs.webkit.org/show_bug.cgi?id=173988

        Reviewed by David Kilzer.

        * Configurations/WebCore.xcconfig: iphoneos and iphonesimulator should use the
        same directory for private framework stubs.

2017-07-05  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Don't resolve an extra computed style for getComputedStyle in a display: none subtree.
        https://bugs.webkit.org/show_bug.cgi?id=174145

        Before this, we were also resolving the first ancestor's style as
        inheriting from itself, which felt pretty wrong (though I think it's
        not observable).

        Reviewed by Antti Koivisto.

        No new tests (non-observable behavior).

        * dom/Element.cpp:
        (WebCore::Element::resolveComputedStyle):

2017-07-05  Frederic Wang  <fwang@igalia.com>

        Move ScrolledContentsLayer property to ScrollingStateScrollingNode
        https://bugs.webkit.org/show_bug.cgi?id=174134

        Reviewed by Simon Fraser.

        ScrollingStateFrameScrollingNode and ScrollingStateOverflowScrollingNode both use a
        ScrolledContentsLayer property for the same purpose. This commit moves that property into
        their parent class ScrollingStateScrollingNode, so that more code is shared between the two
        classes. This will also help the refactoring in bug 174130.

        No new tests, only dumped tree may change a bit.

        * page/scrolling/ScrollingStateFrameScrollingNode.cpp: Remove scrolled contents layer.
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
        (WebCore::ScrollingStateFrameScrollingNode::setScrolledContentsLayer): Deleted.
        * page/scrolling/ScrollingStateFrameScrollingNode.h: Ditto.
        * page/scrolling/ScrollingStateOverflowScrollingNode.cpp: Ditto.
        (WebCore::ScrollingStateOverflowScrollingNode::ScrollingStateOverflowScrollingNode):
        (WebCore::ScrollingStateOverflowScrollingNode::dumpProperties):
        (WebCore::ScrollingStateOverflowScrollingNode::setScrolledContentsLayer): Deleted.
        * page/scrolling/ScrollingStateOverflowScrollingNode.h: Ditto.
        (): Deleted.
        (WebCore::ScrollingStateOverflowScrollingNode::scrolledContentsLayer): Deleted.
        * page/scrolling/ScrollingStateScrollingNode.cpp: Add scrolled contents layer.
        (WebCore::ScrollingStateScrollingNode::ScrollingStateScrollingNode):
        (WebCore::ScrollingStateScrollingNode::setScrolledContentsLayer):
        (WebCore::ScrollingStateScrollingNode::dumpProperties): Use the label from the overflow class
        which is different from the frame class. The dumping order may change a bit too.
        * page/scrolling/ScrollingStateScrollingNode.h: Add ScrolledContentsLayer to the enum and
        scrolled contents layer.
        (WebCore::ScrollingStateScrollingNode::scrolledContentsLayer):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateBeforeChildren): Adjust enum value
        to use ScrollingStateScrollingNode::ScrolledContentsLayer.

2017-07-05  Emilio Cobos Álvarez  <ecobos@igalia.com>

        ProcessingInstruction::clearExistingCachedSheet doesn't really exist.
        https://bugs.webkit.org/show_bug.cgi?id=174146

        Reviewed by Chris Dumez.

        No new tests (no functionality change).

        * dom/ProcessingInstruction.h: Remove dead declaration.

2017-07-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219128.

        Spoke with engineer who originally submitted, Patch for APi
        test to follow.

        Reverted changeset:

        "Unreviewed, rolling out r219070."
        https://bugs.webkit.org/show_bug.cgi?id=174082
        http://trac.webkit.org/changeset/219128

2017-07-05  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219070.

        This revision caused consistent failures of the API test
        UIPasteboardTests.DoNotPastePlainTextAsURL on iOS.

        Reverted changeset:

        "Pasting single words copied to UIPasteboard inserts URLs in
        editable areas"
        https://bugs.webkit.org/show_bug.cgi?id=174082
        http://trac.webkit.org/changeset/219070

2017-07-05  Youenn Fablet  <youenn@apple.com>

        Receiving tracks should be ended when peer connection is being closed
        https://bugs.webkit.org/show_bug.cgi?id=174109

        Reviewed by Eric Carlson.

        Test: webrtc/peer-connection-track-end.html

        As per https://www.w3.org/TR/webrtc/#dom-rtcpeerconnection-close, tracks should be ended when peer connection is closed.
        Also updating transceiver stopped state.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::doClose):
        * Modules/mediastream/RTCRtpReceiver.cpp:
        (WebCore::RTCRtpReceiver::stop):
        * Modules/mediastream/RTCRtpReceiver.h:

2017-07-04  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Unreviewed, review follow-up after r218961

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::updateFromSettings):

2017-07-04  Antti Koivisto  <antti@apple.com>

        RenderThemeCocoa::mediaControlsFormattedStringForDuration is leaking NSDateComponentsFormatters
        https://bugs.webkit.org/show_bug.cgi?id=174138

        Reviewed by Ryosuke Niwa.

        Saw a random spin here during media playback. Looks like we are leaking.

        * rendering/RenderThemeCocoa.h:
        * rendering/RenderThemeCocoa.mm:
        (WebCore::RenderThemeCocoa::mediaControlsFormattedStringForDuration):

            Reuse NSDateComponentsFormatter.

2017-07-04  Antti Koivisto  <antti@apple.com>

        FrameView should not set RenderView::logicalWidth directly for printing
        https://bugs.webkit.org/show_bug.cgi?id=174135

        Reviewed by Zalan Bujtas.

        Renderer logicalWidth should be set by layout. Direct override by RenderView when printing means
        that we don't layout children in all cases when the width changes. This is currently mostly hidden
        by spurious layouts but causes problems when trying to fix other things that reduces those.

        * page/FrameView.cpp:
        (WebCore::FrameView::forceLayoutForPagination):

            Instead of calling setLogicalWidth directly call the new setPageLogicalSize that sets both the width
            and the height uniformly.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::updateLogicalWidth):

            Use pageLogicalSize->width() in printing state instead of skipping the logical width update entirely.
            This ensures that the layout will progress to children when the page logical width changes.

        (WebCore::RenderView::initializeLayoutState):
        (WebCore::RenderView::layout):
        (WebCore::RenderView::pageOrViewLogicalHeight):
        (WebCore::RenderView::setPageLogicalSize):
        * rendering/RenderView.h:

            Replace the existing m_pageLogicalHeight with std::optional m_pageLogicalSize.

2017-07-04  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [EME] Solve a couple of compiler warnings
        https://bugs.webkit.org/show_bug.cgi?id=174020

        Reviewed by Michael Catanzaro.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::isPersistentType): Added default return and
        assertion.
        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::updateKeyStatuses): This warning was
        already solved but I think adding an assertion for the default
        case can help catch errors in the future.

2017-07-04  Joseph Pecoraro  <pecoraro@apple.com>

        Cleanup some StringBuilder use
        https://bugs.webkit.org/show_bug.cgi?id=174118

        Reviewed by Andreas Kling.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::filterICECandidate):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::compileGlobalDisplayNoneStyleSheet):
        * css/CSSFontStyleRangeValue.cpp:
        (WebCore::CSSFontStyleRangeValue::customCSSText):
        * css/CSSFontStyleValue.cpp:
        (WebCore::CSSFontStyleValue::customCSSText):
        * css/CSSGridAutoRepeatValue.cpp:
        (WebCore::CSSGridAutoRepeatValue::customCSSText):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseFontFaceDescriptor):
        * dom/Attr.cpp:
        * html/canvas/WebGPURenderingContext.cpp:
        * html/parser/HTMLParserIdioms.cpp:
        * platform/network/ParsedContentType.cpp:
        * platform/network/cocoa/CookieCocoa.mm:
        * platform/text/mac/LocaleMac.mm:
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::getAllResponseHeaders):

2017-07-03  Andreas Kling  <akling@apple.com>

        Null RenderLayer* deref in FrameView::adjustTiledBackingCoverage()
        https://bugs.webkit.org/show_bug.cgi?id=174106
        <rdar://problem/33085838>

        Reviewed by Tim Horton.

        I haven't been able to reproduce this crash locally, but I have seen
        video of someone who can, so here's a null check for the RenderView::layer()
        which could be null if we're called between RenderView construction
        and the first callback to RenderLayerModelObject::styleDidChange().

        * page/FrameView.cpp:
        (WebCore::FrameView::adjustTiledBackingCoverage):

2017-07-03  Matt Rajca  <mrajca@apple.com>

        Add/remove appropriate media element behavior restrictions when updateWebsitePolicies is called
        https://bugs.webkit.org/show_bug.cgi?id=174103

        Reviewed by Alex Christensen.

        Test: Added API test.

        Added support for updating rate change behavior restrictions on media elements that have already
        been created.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateRateChangeRestrictions):
        * html/HTMLMediaElement.h:
        * page/Page.cpp:
        (WebCore::Page::updateMediaElementRateChangeRestrictions):
        * page/Page.h:

2017-07-03  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219103.

        Caused multiple build failures.

        Reverted changeset:

        "Remove copy of ICU headers from WebKit"
        https://bugs.webkit.org/show_bug.cgi?id=116407
        http://trac.webkit.org/changeset/219103

2017-07-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove copy of ICU headers from WebKit
        https://bugs.webkit.org/show_bug.cgi?id=116407

        Reviewed by Alex Christensen.

        Use WTF's copy of ICU headers.

        No new tests because there is no behavior change.

        * Configurations/WebCore.xcconfig:
        * icu/unicode/bytestream.h: Removed.
        * icu/unicode/localpointer.h: Removed.
        * icu/unicode/parseerr.h: Removed.
        * icu/unicode/platform.h: Removed.
        * icu/unicode/ptypes.h: Removed.
        * icu/unicode/putil.h: Removed.
        * icu/unicode/rep.h: Removed.
        * icu/unicode/std_string.h: Removed.
        * icu/unicode/strenum.h: Removed.
        * icu/unicode/stringpiece.h: Removed.
        * icu/unicode/ubrk.h: Removed.
        * icu/unicode/uchar.h: Removed.
        * icu/unicode/ucnv.h: Removed.
        * icu/unicode/ucnv_err.h: Removed.
        * icu/unicode/ucol.h: Removed.
        * icu/unicode/uconfig.h: Removed.
        * icu/unicode/ucurr.h: Removed.
        * icu/unicode/uenum.h: Removed.
        * icu/unicode/uiter.h: Removed.
        * icu/unicode/uloc.h: Removed.
        * icu/unicode/umachine.h: Removed.
        * icu/unicode/unistr.h: Removed.
        * icu/unicode/unorm.h: Removed.
        * icu/unicode/unorm2.h: Removed.
        * icu/unicode/uobject.h: Removed.
        * icu/unicode/urename.h: Removed.
        * icu/unicode/uscript.h: Removed.
        * icu/unicode/uset.h: Removed.
        * icu/unicode/ustring.h: Removed.
        * icu/unicode/utext.h: Removed.
        * icu/unicode/utf.h: Removed.
        * icu/unicode/utf16.h: Removed.
        * icu/unicode/utf8.h: Removed.
        * icu/unicode/utf_old.h: Removed.
        * icu/unicode/utypes.h: Removed.
        * icu/unicode/uvernum.h: Removed.
        * icu/unicode/uversion.h: Removed.

2017-07-03  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(Variation Fonts): Specifying Skia by PostScript name does not yield the expected result
        https://bugs.webkit.org/show_bug.cgi?id=174079
        <rdar://problem/33040854>

        Reviewed by Alex Christensen.

        Because Skia is a variation font, its PostScript name contains values to apply to its variation
        axes. However, WebKit's variation code was overwriting these intrinsive values with ones specified
        by CSS. Therefore, the intrinsic ones were being ignored. The solution is just to pass a flag from
        the lookup code to the variations code describing if the font was created via a PostScript name,
        and to not apply the CSS properties to it if it was.

        Test: fast/text/variations/skia-postscript-name.html

        * platform/graphics/FontCache.h:
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        (WebCore::platformFontLookupWithFamily):
        (WebCore::fontWithFamily):

2017-07-03  Brady Eidson  <beidson@apple.com>

        Switch all WebKit API related to favicons from WebIconDatabase over to new WebCore::IconLoader mechanism.
        https://bugs.webkit.org/show_bug.cgi?id=174073

        Reviewed by Andy Estes.

        Covered by existing API test.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startIconLoading):
        * loader/EmptyClients.cpp:
        * loader/FrameLoaderClient.h:

2017-07-03  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove more unnecessary uses of the preprocessor in idl files
        https://bugs.webkit.org/show_bug.cgi?id=174083

        Reviewed by Alex Christensen.

        Purge as much preprocessor use as possible.

        * Configurations/FeatureDefines.xcconfig:
        Add ENABLE_NAVIGATOR_STANDALONE.

        * animation/Animatable.idl:
        Remove unnecessary check for LANGUAGE_OBJECTIVE_C. We no longer generate those bindings.

        * html/MediaError.idl:
        Use [Conditional] rather than the preprocessor.

        * page/Navigator.idl:
        Use [Conditional] rather than the preprocessor with the new ENABLE_NAVIGATOR_STANDALONE.

        * testing/Internals.cpp:
        * testing/Internals.h:
        Expose setQuickLookPassword on all platforms, as it doesn't hurt since it is only for testing,
        but make the implementation do nothing.

        * testing/Internals.idl:
        Use [Conditional] rather than the preprocessor.

2017-07-03  Daewoong Jang  <daewoong.jang@navercorp.com>

        [Curl] Fix compilation errors
        https://bugs.webkit.org/show_bug.cgi?id=174085

        Reviewed by Alex Christensen.

        * platform/network/curl/CurlContext.cpp:
        (WebCore::CurlContext::initCookieSession):
        * platform/network/curl/CurlContext.h:

2017-07-03  Youenn Fablet  <youenn@apple.com>

        WebAudioSourceProviderAVFObjC should not reconfigure for each data call
        https://bugs.webkit.org/show_bug.cgi?id=174101

        Reviewed by Eric Carlson.

        Covered by manual testing, in particular
        https://webrtc.github.io/samples/src/content/peerconnection/webaudio-output/
        and https://webrtc.github.io/samples/src/content/getusermedia/volume/.
        Also improved LayoutTests web audio peer connection tests to make them more robust.

        Before the patch, reconfiguration of the web audio provider was happening for every audioSamplesAvailable call.
        It is now happening only when the format of the audio samples is changing.
        Changed some member fields from uinque_ptr to optional as a minor improvement.

        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::provideInput):
        (WebCore::WebAudioSourceProviderAVFObjC::prepare):
        (WebCore::WebAudioSourceProviderAVFObjC::unprepare):
        (WebCore::WebAudioSourceProviderAVFObjC::audioSamplesAvailable):

2017-06-30  Alex Christensen  <achristensen@webkit.org>

        Stop using dispatch_async in ResourceHandleCFURLConnectionDelegateWithOperationQueue
        https://bugs.webkit.org/show_bug.cgi?id=174059

        Reviewed by Andy Estes.

        Use dispatch_async_f and callOnMainThread instead.
        No change in behavior.
        This will allow me to use this code on Windows.

        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFinishLoading):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFail):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveChallenge):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):

2017-07-03  Andy Estes  <aestes@apple.com>

        [Xcode] Add an experimental setting to build with ccache
        https://bugs.webkit.org/show_bug.cgi?id=173875

        Reviewed by Tim Horton.

        * Configurations/DebugRelease.xcconfig: Included ccache.xcconfig.

2017-07-02  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r218910): Crash inside textMarkerDataForFirstPositionInTextControl
        https://bugs.webkit.org/show_bug.cgi?id=174077
        <rdar://problem/33083972>

        Reviewed by Chris Fleizach.

        The bug was caused by textMarkerDataForFirstPositionInTextControl assuming that
        there is always a root editable element (a.k.a. editing host) in the text control.
        When the text control is readonly or disabled, this is not the case.

        Fixed the bug by adding an early exit when there is no editing host.

        Test: accessibility/mac/input-type-change-crash.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):

2017-07-03  Devin Rousso  <drousso@apple.com>

        Web Inspector: Support listing WebGL2 and WebGPU contexts
        https://bugs.webkit.org/show_bug.cgi?id=173396

        Reviewed by Joseph Pecoraro.

        Tests: inspector/canvas/create-context-2d.html
               inspector/canvas/create-context-webgl.html
               inspector/canvas/create-context-webgl2.html
               inspector/canvas/create-context-webgpu.html

        Split "inspector/canvas/create-canvas-contexts.html" into a test for each context type.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContextWebGPU):
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):

2017-07-03  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r215096) Queries of URLs with non-special schemes should not percent-encode single quotes
        https://bugs.webkit.org/show_bug.cgi?id=174051

        Reviewed by Tim Horton.

        In r215096 I added ' to the set of characters to be percent-encoded in queries,
        but for interoperability and compatibility we need to do this only for special schemes, like http.

        Covered by new API tests.

        * platform/URLParser.cpp:
        (WebCore::isC0Control):
        (WebCore::shouldPercentEncodeQueryByte):
        (WebCore::URLParser::utf8QueryEncode):
        (WebCore::URLParser::encodeQuery):

2017-07-03  Chris Fleizach  <cfleizach@apple.com>

        AX: role="none" (or presentation) does not work on iframes
        https://bugs.webkit.org/show_bug.cgi?id=173930
        <rdar://problem/33034347>

        Reviewed by Ryosuke Niwa.

        Support setting a presentational role on an iframe so that the AXWebArea disappears from the hierarchy.
        Accomplish this by adding children for attachment and scroll view elements the way other children are added.
        That is, only add the non-ignored children directly (which means move the addChild logic into AccessibilityObject.)

        Test: accessibility/presentation-role-iframe.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::AccessibilityNodeObject):
        (WebCore::AccessibilityNodeObject::insertChild): Deleted.
        (WebCore::AccessibilityNodeObject::addChild): Deleted.
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::AccessibilityObject):
        (WebCore::AccessibilityObject::insertChild):
        (WebCore::AccessibilityObject::addChild):
        (WebCore::nodeHasPresentationRole):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::addChild): Deleted.
        (WebCore::AccessibilityObject::insertChild): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::webAreaIsPresentational):
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::addAttachmentChildren):
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::addChildren):

2017-07-03  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r219024.

        This patch cause 3 didferent test to fail.

        Reverted changeset:

        "REGRESSION(r215096) Queries of URLs with non-special schemes
        should not percent-encode single quotes"
        https://bugs.webkit.org/show_bug.cgi?id=174051
        http://trac.webkit.org/changeset/219024

2017-07-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        Pasting single words copied to UIPasteboard inserts URLs in editable areas
        https://bugs.webkit.org/show_bug.cgi?id=174082
        <rdar://problem/33046992>

        Reviewed by Tim Horton.

        Currently, our heuristics for coercing plain text to URLs when reading URLs off of the UIPasteboard allows URLs
        to be created as long as -[UIPasteboard valuesForPasteboardType:inItemSet:] returns a non-null NSURL. However,
        UIPasteboard automatically coerces any NSString into an NSURL if it initializes an NSURL via +URLWithString:.
        Thus, single-word strings such as "hello" that are written to the pasteboard as "public.utf8-plain-text" can
        be read back as NSURLs for "public.url". This currently causes bugs in shipping software: e.g. copying and
        pasting a single word from an editable input or textarea and pasting into a rich contenteditable area using
        WebKit1 inserts a link. However, when combined with another change in WebKit that attempts to read "public.url"
        before "public.text" when reading plain text from the pasteboard, this now also affects pasting in plain text
        areas, where pasted plain-text strings that are not URLs will paste as URL-encoded strings anyways (for
        instance, replacing "[hello]" with "%5Bhello%5D").

        To fix this, and existing issues with pasting single words in contenteditables, we make
        PlatformPasteboard::readString and PlatformPasteboard::readURL only accept a coerced NSURL as an URL if it also
        parses as a valid URL in WebKit (otherwise, we return an empty string).

        Tests:
            UIPasteboardTests.DoNotPastePlainTextAsURL
            UIPasteboardTests.PastePlainTextAsURL
            UIPasteboardTests.PasteURLWithPlainTextAsURL

        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::allowReadingURLAtIndex):

        Allow an URL to be read if either (1) an URL was explicitly specified in the UIPasteboard, or (2) the "proposed"
        URL returned from -valuesForPasteboardType: is valid.

        (WebCore::PlatformPasteboard::readString):
        (WebCore::PlatformPasteboard::readURL):

        Consult allowReadingURLAtIndex here (in the case of ::readString, only if the given pasteboard type is
        "public.url").

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard itemProviders]):
        (-[WebItemProviderPasteboard setItemProviders:]):

2017-07-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyEC SPKI exports
        https://bugs.webkit.org/show_bug.cgi?id=173646

        Reviewed by Jiewen Tan.

        No new tests -- affected tests are now passing and are unskipped.

        Implement libgcrypt-based support for SPKI exports of EC keys.

        Initially, the ECParameters structure is created so that it will be later embedded
        into the SubjectPublicKeyInfo structure. First the root element of this structure
        is written into, specifying namedCurve as the chosen member (even if other choices
        are not really available). We then write out the object identifier into this
        namedCurve member that properly represents this key's curve type.

        The SubjectPublicKeyInfo structure is created next. We write out id-ecPublicKey
        identifier as the chosen algorithm identifier. Web Crypto specification demands
        that the id-ecDH identifier is used in case of ECDH keys, but no existing test in
        the W3C test suite expects this, so this should be revisited later. Data of the
        previously-constructed ECParameters structure is written out into the
        AlgorithmIdentifier's parameters member.

        The `q` MPI data is then retrieved. Its size is validated, as well as the first
        byte of data in order to ensure the MPI represents an uncompressed EC point.
        The data is then written into the subjectPublicKey member.

        Finally the encoded SubjectPublicKeyInfo structure data is extracted and returned
        from the platformExportSpki() function, completion the export operation.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::curveIdentifier):
        (WebCore::CryptoKeyEC::platformExportSpki):

2017-07-02  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove special casing for RegExp which is no longer required by the spec
        https://bugs.webkit.org/show_bug.cgi?id=174025

        Reviewed by Chris Dumez.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDictionaryImplementationContent):
        (GenerateOverloadDispatcher):
        Remove special casing.

        * bindings/scripts/IDLParser.pm:
        (parseNonAnyType):
        Remove parsing of RegExp.

        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        Update test results.

2017-07-02  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingVideoSource should pass frame timestamp
        https://bugs.webkit.org/show_bug.cgi?id=174055

        Reviewed by Eric Carlson.

        Covered by manual testing since this only affects video encoding quality.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendFrame):

2017-07-01  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/33096441> r219055 broke non-iOS builds.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::lookupFallbackFont):

2017-07-01  Dan Bernstein  <mitz@apple.com>

        [iOS] Remove code only needed when building for iOS 9.x
        https://bugs.webkit.org/show_bug.cgi?id=174068

        Reviewed by Tim Horton.

        * Configurations/FeatureDefines.xcconfig:
        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::isDataDetectorLink):
        (WebCore::DataDetection::shouldCancelDefaultAction):
        (WebCore::constructURLStringForResult):
        (WebCore::DataDetection::detectContentInRange):
        * page/cocoa/ResourceUsageThreadCocoa.mm:
        (WebCore::vmPageSize):
        * platform/cocoa/DataDetectorsCoreSoftLink.h:
        * platform/cocoa/DataDetectorsCoreSoftLink.mm:
        * platform/graphics/FontPlatformData.cpp:
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (layerContentsFormat):
        (PlatformCALayerCocoa::updateContentsFormat):
        (PlatformCALayerCocoa::backingStoreBytesPerPixel):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::extendedSRGBColorSpaceRef):
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::drawPDFPage):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::lookupFallbackFont):
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::variantCapsSupportsCharacterForSynthesis):
        (WebCore::Font::platformWidthForGlyph):
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::ctFont):
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::sinkIntoImage):
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::setTimebase):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::systemFontModificationAttributes):
        (WebCore::systemFontDescriptor):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::supportsFormat):
        * platform/ios/LegacyTileGridTile.mm:
        (WebCore::LegacyTileGridTile::LegacyTileGridTile):
        * platform/ios/PlatformScreenIOS.mm:
        (WebCore::screenSupportsExtendedColor):
        * platform/ios/RemoteCommandListenerIOS.mm:
        (WebCore::RemoteCommandListenerIOS::RemoteCommandListenerIOS):
        (WebCore::RemoteCommandListenerIOS::~RemoteCommandListenerIOS):
        (WebCore::RemoteCommandListenerIOS::updateSupportedCommands):
        * platform/spi/cf/CFNetworkSPI.h:
        * platform/spi/cg/CoreGraphicsSPI.h:
        * platform/spi/cocoa/DataDetectorsCoreSPI.h:
        * platform/spi/cocoa/QuartzCoreSPI.h:
        * platform/spi/mac/AVFoundationSPI.h:

2017-07-01  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r218371): Reeder's default font is Times instead of San Francisco
        https://bugs.webkit.org/show_bug.cgi?id=173617
        <rdar://problem/32969819>

        Reviewed by Simon Fraser.

        On systems where USE_PLATFORM_SYSTEM_FALLBACK_LIST is set to true, the code in
        platformFontWithFamilySpecialCase() is still used when @font-face blocks specify
        src:local(system-ui), which made the assertion erroneously fire.

        Unfortunately, our architecture is such that an @font-face block represents a
        single entry in the font-family fallback list, which means it would be quite
        difficult to make local(system-ui) in an @font-face block expand at the level
        of the font cascade. So, this patch simply reverts to the previous behavior for
        local(system-ui) (which doesn't include the entire Core Text cascade list).
        This means that "font-family: system-ui" and "src: local(system-ui)" have
        different behavior, which is undesirable, but architecturally difficult to
        solve. I've added some FIXMEs to the code in the relevant places and filed
        https://bugs.webkit.org/show_bug.cgi?id=174023.

        Test: fast/text/font-face-local-system.html

        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::systemFontDescriptor):
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2017-07-01  Ryosuke Niwa  <rniwa@webkit.org>

        Frame.h doesn't need to include FrameLoader.h, IntRect.h, and NavigationScheduler.h
        https://bugs.webkit.org/show_bug.cgi?id=174004

        Reviewed by Simon Fraser.

        Made FrameLoader and NavigationScheduler UniqueRef in Frame so that we can forward declare them,
        and forward declared IntPoint and IntRect to avoid including FrameLoader.h, IntRect.h,
        and NavigationScheduler.h in Frame.h

        * Modules/mediastream/MediaStream.cpp:
        * Modules/webaudio/AudioContext.cpp:
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect): Avoid calling loader().mixedContentChecker().canRunInsecureContent(~)
        on a nullptr even though this used to work because we weren't de-referencing it.
        * bindings/js/ScriptController.cpp:
        * dom/Document.cpp:
        * dom/EventDispatcher.cpp:
        * editing/Editor.cpp:
        * editing/cocoa/EditorCocoa.mm:
        * editing/ios/EditorIOS.mm:
        * editing/mac/EditorMac.mm:
        * history/CachedPage.cpp:
        * html/HTMLObjectElement.cpp:
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::DocumentLoader::~DocumentLoader): Check !isLoading() before accessing frameLoader to avoid
        accessing m_frame->loader() inside ~FrameLoader.
        * html/parser/XSSAuditor.cpp:
        * html/parser/XSSAuditorDelegate.cpp:
        * inspector/InspectorInstrumentation.h:
        * loader/CrossOriginPreflightChecker.cpp:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::setOpener): Avoid accessing this FrameLoader via m_opener->loader() when it's
        this FrameLoader inside ~FrameLoader since UniqueRef<FrameLoader> is clears itself before calling
        the destructor of FrameLoader.
        * loader/ImageLoader.cpp:
        * loader/LinkLoader.cpp:
        * loader/SubframeLoader.cpp:
        * loader/appcache/ApplicationCacheGroup.cpp:
        * loader/appcache/DOMApplicationCache.cpp:
        * mathml/MathMLElement.cpp:
        * page/DOMWindow.cpp:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::init): Moved here from Frame.h
        (WebCore::Frame::setDocument):
        * page/Frame.h:
        (WebCore::Frame::loader):
        (WebCore::Frame::navigationScheduler):
        * page/History.cpp:
        * page/Location.cpp:
        * page/PerformanceLogging.cpp:
        * page/PerformanceNavigation.cpp:
        * page/UserContentProvider.cpp:
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::initWithSimpleHTMLDocument):
        * plugins/PluginInfoProvider.cpp:
        * replay/ReplayInputCreationMethods.cpp:
        * replay/UserInputBridge.cpp:
        * xml/XSLTProcessorLibxslt.cpp:
        * xml/parser/XMLDocumentParserLibxml2.cpp:

2017-07-01  Dan Bernstein  <mitz@apple.com>

        [macOS] Remove code only needed when building for OS X Yosemite
        https://bugs.webkit.org/show_bug.cgi?id=174067

        Reviewed by Tim Horton.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::setEnhancedUserInterfaceAccessibility):
        * html/HTMLCanvasElement.cpp:
        * page/WheelEventDeltaFilter.cpp:
        (WebCore::WheelEventDeltaFilter::create):
        * page/mac/WheelEventDeltaFilterMac.h:
        * page/mac/WheelEventDeltaFilterMac.mm:
        * page/scrolling/ScrollingMomentumCalculator.cpp:
        * page/scrolling/mac/ScrollingMomentumCalculatorMac.h:
        * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm:
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (replacementDataFromDecisionInfo):
        (WebCore::NetworkExtensionContentFilter::initialize):
        (WebCore::NetworkExtensionContentFilter::willSendRequest):
        (WebCore::NetworkExtensionContentFilter::responseReceived):
        (WebCore::NetworkExtensionContentFilter::addData):
        (WebCore::NetworkExtensionContentFilter::finishedAddingData):
        (WebCore::NetworkExtensionContentFilter::unblockHandler):
        * platform/graphics/ComplexTextController.h:
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
        (PlatformCAAnimationCocoa::setTimingFunction):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::platformAlternateFamilyName):
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit):
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::sinkIntoImage):
        * platform/graphics/cocoa/WebGPULayer.mm:
        (-[WebGPULayer initWithGPUDevice:]):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
        * platform/graphics/mac/WebGLLayer.mm:
        (-[WebGLLayer initWithGraphicsContext3D:]):
        * platform/mac/BlacklistUpdater.mm:
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screenSupportsExtendedColor):
        * platform/mac/ValidationBubbleMac.mm:
        (WebCore::ValidationBubble::ValidationBubble):
        * platform/mac/WebGLBlacklist.mm:
        (WebCore::WebGLBlacklist::create):
        * platform/network/cocoa/WebCoreNSURLSession.h:
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate):
        * platform/network/mac/CookieJarMac.mm:
        (WebCore::setCookiesFromDOM):
        * platform/spi/cf/CFNetworkSPI.h:
        * platform/spi/cg/CoreGraphicsSPI.h:
        * platform/spi/cocoa/NEFilterSourceSPI.h:
        * platform/spi/cocoa/NSURLConnectionSPI.h:
        * platform/spi/cocoa/QuartzCoreSPI.h:
        * platform/spi/mac/NSScrollingInputFilterSPI.h:
        * platform/spi/mac/NSScrollingMomentumCalculatorSPI.h:
        * platform/spi/mac/TUCallSPI.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::levelIndicatorFor):
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendKERNTable):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):

2017-06-30  Said Abou-Hallawa  <sabouhallawa@apple.com>

        If an image appears more than once on a page, decoding for painting one instance repaints them all
        https://bugs.webkit.org/show_bug.cgi?id=169944

        Reviewed by Simon Fraser.

        Make the Image::draw*() and GraphicsContext::draw*() functions return an
        ImageDrawResult which indicates whether the image is drawn or has requested
        an asynchronous image decoding.

        If the image requested an asynchronous image decoding, the issuer of the
        Image::draw(), which is of type CachedImageClient, will add itself to a
        set of m_pendingImageDrawingClients, which owned by CachedImage.

        When receiving the imageFrameAvailable() notification for a lrage image 
        from the decoding thread, CachedImage will loop through the clients that
        are only in m_pendingImageDrawingClients to ask them to repaint their
        rectangles.

        Test: fast/images/async-image-multiple-clients-repaint.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didRemoveClient):
        (WebCore::CachedImage::addPendingImageDrawingClient):
        (WebCore::CachedImage::allClientsRemoved):
        (WebCore::CachedImage::clear):
        (WebCore::CachedImage::imageFrameAvailable):
        * loader/cache/CachedImage.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/CrossfadeGeneratedImage.cpp:
        (WebCore::CrossfadeGeneratedImage::draw):
        * platform/graphics/CrossfadeGeneratedImage.h:
        * platform/graphics/GeneratedImage.h:
        * platform/graphics/GradientImage.cpp:
        (WebCore::GradientImage::draw):
        * platform/graphics/GradientImage.h:
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::drawImage):
        (WebCore::GraphicsContext::drawTiledImage):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/Image.cpp:
        (WebCore::Image::drawTiled):
        * platform/graphics/Image.h:
        * platform/graphics/ImageTypes.h:
        * platform/graphics/NamedImageGeneratedImage.cpp:
        (WebCore::NamedImageGeneratedImage::draw):
        * platform/graphics/NamedImageGeneratedImage.h:
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::draw):
        * platform/graphics/cg/PDFDocumentImage.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawForContainer):
        (WebCore::SVGImage::draw):
        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageForContainer.cpp:
        (WebCore::SVGImageForContainer::draw):
        * svg/graphics/SVGImageForContainer.h:

2017-06-30  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r214194): Safari leaves a popup window open opened during before unload
        https://bugs.webkit.org/show_bug.cgi?id=174016

        Reviewed by Chris Dumez.

        Address Dan's review comments.

        * loader/NavigationDisabler.h:
        (WebCore::NavigationDisabler::NavigationDisabler):
        (WebCore::NavigationDisabler::~NavigationDisabler):

2017-06-30  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Text indicators for dragged links should always be legible if the link is legible
        https://bugs.webkit.org/show_bug.cgi?id=173860
        <rdar://problem/32974385>

        Reviewed by Tim Horton.

        Currently, TextIndicatorOptionUseBoundingRectAndPaintAllContentForComplexRanges ensures that links backed by a
        RenderReplaced element don't render blank text indicators by additionally forcing the
        TextIndicatorOptionPaintAllContent option in order to capture the RenderReplaced content. If estimated
        background color is requested, this patch adds an additional path for "upgrading" the text indicator to paint
        all content: if the text color is not legible against the estimated background color, then it is likely that the
        background color estimate failed or the link itself was not legible in the first place; in the former case, to
        ensure that the link is still legible, we upgrade the given TextIndicatorOptions to paint all contents in the
        range.

        There is currently no way to test this, and also no simple way to introduce infrastructure to test text
        indicators.

        * page/TextIndicator.cpp:
        (WebCore::estimatedTextColorsForRange):

        Estimates all text colors that appear in a range by iterating over the text node renderers and consulting their
        render styles.

        (WebCore::adjustTextIndicatorDataOptionsForEstimatedColorsIfNecessary):

        If foreground text color is deemed not legible, force TextIndicatorOptionPaintAllContent instead of
        TextIndicatorOptionUseBoundingRectAndPaintAllContentForComplexRanges.

        (WebCore::initializeIndicator):
        * rendering/TextPaintStyle.cpp:
        (WebCore::textColorIsLegibleAgainstBackgroundColor):
        (WebCore::adjustColorForVisibilityOnBackground):

        Allow other parts of WebCore to check the legibility of text against a background color.

        * rendering/TextPaintStyle.h:

2017-06-30  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r215096) Queries of URLs with non-special schemes should not percent-encode single quotes
        https://bugs.webkit.org/show_bug.cgi?id=174051
        <rdar://problem/33002846>

        Reviewed by Tim Horton.

        In r215096 I added ' to the set of characters to be percent-encoded in queries,
        but for interoperability and compatibility we need to do this only for special schemes, like http.

        Covered by new API tests.

        * platform/URLParser.cpp:
        (WebCore::isC0Control):
        (WebCore::shouldPercentEncodeQueryByte):
        (WebCore::URLParser::utf8QueryEncode):
        (WebCore::URLParser::encodeQuery):

2017-06-30  Daniel Bates  <dabates@apple.com>

        Attempt to fix the build following <https://trac.webkit.org/changeset/219019>
        (https://bugs.webkit.org/show_bug.cgi?id=165160)

        Export the FrameLoadRequest move constructor and move operator so that they
        can be used from WebKit.

        * loader/FrameLoadRequest.h:

2017-06-30  Don Olmstead  <don.olmstead@sony.com>

        [WebCore] Update AXObjectCache for !HAVE(ACCESSIBILITY)
        https://bugs.webkit.org/show_bug.cgi?id=174045

        Reviewed by Konstantin Tokarev.

        No new tests. No change in behavior.

        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::checkedStateChanged):
        (WebCore::AXObjectCache::childrenChanged):
        (WebCore::AXObjectCache::deferRecomputeIsIgnored):
        (WebCore::AXObjectCache::deferTextChangedIfNeeded):
        (WebCore::AXObjectCache::focusAriaModalNodeTimerFired):
        (WebCore::AXObjectCache::handleAriaExpandedChange):
        (WebCore::AXObjectCache::handleAriaRoleChanged):
        (WebCore::AXObjectCache::handleAttributeChanged):
        (WebCore::AXObjectCache::handleScrollbarUpdate):
        (WebCore::AXObjectCache::liveRegionChangedNotificationPostTimerFired):
        (WebCore::AXObjectCache::notificationPostTimerFired):
        (WebCore::AXObjectCache::passwordNotificationPostTimerFired):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        (WebCore::AXObjectCache::postNotification):
        (WebCore::AXObjectCache::postPlatformNotification):
        (WebCore::AXObjectCache::postTextReplacementNotification):
        (WebCore::AXObjectCache::postTextReplacementNotificationForTextControl):
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::recomputeIsIgnored):
        (WebCore::AXObjectCache::textChanged):
        (WebCore::AXObjectCache::updateCacheAfterNodeIsAttached):
        (WebCore::AXObjectCache::focusAriaModalNode): Deleted.

2017-06-30  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Apple Windows build following <https://trac.webkit.org/changeset/219013>
        (https://bugs.webkit.org/show_bug.cgi?id=165160)

        Make FrameLoadRequest move constructor and move operator out-of-line so that callers
        do not need to include header SecurityOrigin.h.

        * loader/FrameLoadRequest.cpp:
        * loader/FrameLoadRequest.h:

2017-06-30  Alex Christensen  <achristensen@webkit.org>

        Stop soft linking with CFNetwork
        https://bugs.webkit.org/show_bug.cgi?id=174029

        Reviewed by Jer Noble.

        We link directly with CFNetwork.  There's no reason to soft link, 
        and it is causing a problem with linking when doing interesting things with CFNetwork.

        * platform/spi/cf/CFNetworkSPI.h:

2017-06-30  Daniel Bates  <dabates@apple.com>

        API::FrameInfo should know the web page that contains the frame; add API property webView to WKFrameInfo
        https://bugs.webkit.org/show_bug.cgi?id=165160
        <rdar://problem/29451999>

        Reviewed by Brady Eidson.

        Pass the document that is requesting the load to the loader.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab): Pass the document when instantiating the FrameLoadRequest.
        Also use C++11 brace initialization to instantiate ResourceRequest.
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate): Pass the document when instantiating the FrameLoadRequest.
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest): Moved from FrameLoadRequest.h.
        (WebCore::FrameLoadRequest::requester): Added.
        (WebCore::FrameLoadRequest::requesterSecurityOrigin): Added.
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest): Marked as WEBCORE_EXPORT and modified to take
        the document that requested the load.
        (WebCore::FrameLoadRequest::requester): Deleted; made out-of-line/moved to FrameLoadRequest.cpp.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected): Pass the document when instantiating the FrameLoadRequest. Also use C++11
        brace initialization to instantiate ResourceRequest.
        (WebCore::FrameLoader::loadURLIntoChildFrame): Pass the document when instantiating the FrameLoadRequest.
        (WebCore::FrameLoader::loadFrameRequest): Substitute FrameLoadRequest::requesterSecurityOrigin() for
        FrameLoadRequest::requester() as the former replaces the latter.
        (WebCore::FrameLoader::loadURL): Pass the document when instantiating the NavigationAction.
        (WebCore::FrameLoader::load): Ditto.
        (WebCore::FrameLoader::loadWithDocumentLoader): Pass the document when instantiating the NavigationAction.
        Also use C++11 brace initialization syntax to instantiate the NavigationAction.
        (WebCore::FrameLoader::reload): Ditto.
        (WebCore::FrameLoader::loadPostRequest): Ditto.
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Pass the document when instantiating the NavigationAction.
        (WebCore::FrameLoader::loadDifferentDocumentItem): Pass the document when instantiating the NavigationAction.
        Also use C++11 brace initialization syntax to instantiate the NavigationAction.
        (WebCore::createWindow): Pass the document when instantiating the NavigationAction.
        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction): Modified to take the source document.
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::isEmpty): Consider a NavigationAction empty if does not have a source document
        or the associated ResourceRequest has an empty URL.
        (WebCore::NavigationAction::sourceDocument): Added.
        (WebCore::NavigationAction::NavigationAction): Deleted; made out-of-line/moved to NavigationAction.cpp to
        avoid the need to include the header Document.h.
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledURLNavigation::ScheduledURLNavigation): Store the document that scheduled the navigation.
        Also use C++11 brace initialization to instantiate in the member initialization list.
        (WebCore::ScheduledURLNavigation::initiatingDocument): Added. Retrieves the document that scheduled the navigation.
        (WebCore::NavigationScheduler::scheduleLocationChange): Pass the document when instantiating the FrameLoadRequest.
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy): Pass the document when instantiating the NavigationAction.
        Also use C++11 brace initialization syntax to instantiate the NavigationAction.
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected): Pass the document when instantiating the FrameLoadRequest.
        Also use C++11 brace initialization syntax to instantiate the FrameLoadRequest.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow): Pass the document when instantiating the FrameLoadRequest.

2017-06-29  Jer Noble  <jer.noble@apple.com>

        Make Legacy EME API controlled by RuntimeEnabled setting.
        https://bugs.webkit.org/show_bug.cgi?id=173994

        Reviewed by Sam Weinig.

        Add a new RuntimeEnabledFeatures setting to control the availability of the WebKit prefixed EME APIs.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/encryptedmedia/legacy/WebKitMediaKeyMessageEvent.idl:
        * Modules/encryptedmedia/legacy/WebKitMediaKeyNeededEvent.idl:
        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.idl:
        * Modules/encryptedmedia/legacy/WebKitMediaKeys.idl:
        * dom/Element.idl:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerKeyNeeded):
        (WebCore::HTMLMediaElement::webkitSetMediaKeys):
        (WebCore::HTMLMediaElement::keyAdded):
        * html/HTMLMediaElement.idl:
        * html/WebKitMediaKeyError.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setLegacyEncryptedMediaAPIEnabled):
        (WebCore::RuntimeEnabledFeatures::legacyEncryptedMediaAPIEnabled):

2017-06-30  Chris Dumez  <cdumez@apple.com>

        Move ResourceLoadStatisticsStore to WebKit2/UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=174033

        Reviewed by Brent Fulgham.

        Move ResourceLoadStatisticsStore to WebKit2/UIProcess since it is only
        used in the WebKit2 UIProcess.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/ResourceLoadObserver.cpp:
        (WebCore::primaryDomain):
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::primaryDomain):
        * loader/ResourceLoadStatistics.h:

2017-06-30  Ryosuke Niwa  <rniwa@webkit.org>

        Ran sort-Xcode-project-file.

        * WebCore.xcodeproj/project.pbxproj:

2017-06-30  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r214194): Safari leaves a popup window open opened during before unload
        https://bugs.webkit.org/show_bug.cgi?id=174016

        Reviewed by Chris Dumez.

        The bug was caused by WebKit allowing the opening of a new window via window.open but disallowing
        the initial navigation within the newly opened window while a beforeunload event is being dispatched.

        Because some websites which opens a window during a beforeunload event relies on the opened page
        to communicate back in order to close it. This resulted in a newly opened popup window with about:blank
        being left out on those websites.

        Fixed the bug by allowing the navigation of a new window as well as an existing another window.
        More concretely, we disallow navigations within the same frame tree as the one in which a beforeunload
        event is being dispatched, and allow navigations elsewhere (i.e. different window / page).
        During the destruction of a frame-less document, disallow all the navigations.

        Tests: fast/events/before-unload-navigate-different-window.html
               fast/events/before-unload-open-window.html
               fast/events/before-unload-sibling-frame.html

        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::isNavigationAllowed):
        (WebCore::FrameLoader::shouldClose):
        * loader/NavigationDisabler.h: Added. Extracted from NavigationScheduler.h
        (WebCore::NavigationDisabler::NavigationDisabler): Increment the newly added counter on MainFrame unless
        the frame is null (during the destruction of a frameless document) in which case we increment the global
        disable count.
        (WebCore::NavigationDisabler::~NavigationDisabler): Ditto for decrementation.
        (WebCore::NavigationDisabler::isNavigationAllowed): Only allow the navigation when there is no frameless
        document in destruction, and none of the frame in the same frame tree as the one given is currently in
        the process of dispatching a beforeunload event.
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::shouldScheduleNavigation):
        * loader/NavigationScheduler.h:
        (WebCore::NavigationDisabler): Moved to NavigationDisabler.h.
        * page/MainFrame.h:
        (WebCore::MainFrame): Added s_globalNavigationDisableCount.

2017-06-30  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add support for conditionally read-write attributes
        https://bugs.webkit.org/show_bug.cgi?id=173993

        Reviewed by Alex Christensen.

        The MEDIA_SOURCE feature/conditional requires changing a few readonly
        attributes into read-write attributes. In the past we handled this with
        custom bindings. This patch adds a new extended attribute, ConditionallyReadWrite
        which achieves the same result.

        * WebCore.xcodeproj/project.pbxproj:
        Move a few custom binding to the "GC / Wrapping Only" group.

        * bindings/js/JSAudioTrackCustom.cpp:
        (WebCore::JSAudioTrack::setKind): Deleted.
        (WebCore::JSAudioTrack::setLanguage): Deleted.
        * bindings/js/JSTextTrackCustom.cpp:
        (WebCore::JSTextTrack::setLanguage): Deleted.
        * bindings/js/JSVideoTrackCustom.cpp:
        (WebCore::JSVideoTrack::setKind): Deleted.
        (WebCore::JSVideoTrack::setLanguage): Deleted.
        Remove no longer needed custom bindings.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GeneratePropertiesHashTable):
        (GenerateImplementation):
        (GenerateAttributeSetterDefinition):
        (GenerateCallbackImplementationContent):
        (GenerateHashTableValueArray):
        (GenerateHashTable):
        Pipe ConditionallyReadWrite through the generator.

        * bindings/scripts/IDLAttributes.json:
        Add ConditionallyReadWrite.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/TestObj.idl:
        Add tests for ConditionallyReadWrite.

        * html/track/AudioTrack.idl:
        * html/track/TextTrack.idl:
        * html/track/VideoTrack.idl:
        Replace [Custom] with [ConditionallyReadWrite].

2017-06-30  Chris Dumez  <cdumez@apple.com>

        ResourceLoadObserver does not need a ResourceLoadStatisticsStore
        https://bugs.webkit.org/show_bug.cgi?id=174013

        Reviewed by Brent Fulgham.

        ResourceLoadObserver does not need a ResourceLoadStatisticsStore. ResourceLoadStatisticsStore is too complicated for its needs.
        ResourceLoadStatisticsStore can then be moved to WebKit2/UIProcess in a follow-up.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::shared):
        (WebCore::ResourceLoadObserver::setNotificationCallback):
        (WebCore::ResourceLoadObserver::shouldLog):
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::ensureResourceStatisticsForPrimaryDomain):
        (WebCore::ResourceLoadObserver::takeResourceStatisticsForPrimaryDomain):
        (WebCore::ResourceLoadObserver::isPrevalentResource):
        (WebCore::ResourceLoadObserver::statisticsForOrigin):
        (WebCore::ResourceLoadObserver::takeStatistics):
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        * loader/ResourceLoadStatisticsStore.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal):
        * testing/Internals.cpp:
        (WebCore::Internals::resourceLoadStatisticsForOrigin):

2017-06-30  Fujii Hironori  <Hironori.Fujii@sony.com>

        ASSERTION FAILED: !canAnimate() && !m_currentFrame
        https://bugs.webkit.org/show_bug.cgi?id=173089

        Reviewed by Said Abou-Hallawa.

        WebCore::BitmapImage::draw() has an assertion which ensures
        m_currentFrame is zero in case of async decoding. But, this
        assertion failed if an GIF animation image which have finished its
        animation was repainted. In that time, m_currentFrame was the last
        frame index of the image.

        Test: fast/images/animated-gif-paint-after-animation.html

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw): Assert m_currentFrame is zero or the animation finished.
        Call requestFrameAsyncDecodingAtIndex with m_currentFrame instead of zero.

2017-06-30  Ross Kirsling  <ross.kirsling@sony.com>

        [PAL] Move Sound into PAL
        https://bugs.webkit.org/show_bug.cgi?id=173999

        Reviewed by Alex Christensen.

        * Configurations/WebCore.xcconfig:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWPE.cmake:
        * PlatformWin.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::cut):
        (WebCore::Editor::copy):
        (WebCore::Editor::performDelete):
        * editing/EditorCommand.cpp:
        (WebCore::executeSelectToMark):
        (WebCore::executeSwapWithMark):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::takeFindStringFromSelection):
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::beep):
        * platform/Sound.h: Removed.

2017-06-30  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Drag caret rect is incorrectly computed when dropping in editable content in iframes
        https://bugs.webkit.org/show_bug.cgi?id=174017
        <rdar://problem/32959782>

        Reviewed by Simon Fraser.

        We're currenly computing the drag caret rect (for the purposes of presentation at the client layers)
        incorrectly, in per-frame document coordinates instead of root view coordinates in the mainframe. This means
        drag caret geometry from embedded iframes in the document will show up in the content view with a rect in the
        coordinate space of the iframe.

        To fix this, we need to convert the drag caret rect to root view coordinates. This patch teaches
        DragCaretController to do this, and tweaks WebKit/WebKit2 to use caretRectInRootViewCoordinates.

        Test: DataInteractionTests.ExternalSourcePlainTextToIFrame

        * editing/FrameSelection.cpp:
        (WebCore::DragCaretController::caretRectInRootViewCoordinates):
        * editing/FrameSelection.h:

2017-06-30  Sam Weinig  <sam@webkit.org>

        [WebIDL] Replace use of __is_polymorphic with standard std::is_polymorphic<>::value
        https://bugs.webkit.org/show_bug.cgi?id=174012

        Reviewed by Alex Christensen.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        Replace __is_polymorphic with standard std::is_polymorphic<>::value. Remove clang
        specific guard now that we are using something other compilers support.

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStringifier.cpp:
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

2017-06-30  Youenn Fablet  <youenn@apple.com>

       Support PeerConnectionStates::BundlePolicy::MaxBundle when setting rtc configuration
       https://bugs.webkit.org/show_bug.cgi?id=169389

       Reviewed by Alex Christensen.

       Covered by manual testing (appr.tc and https://youennf.github.io/webrtc-tests/src/content/peerconnection/trickle-ice/).
       Updated test is showing some more failing but this is due to the fact that we are no longer totally lying on the configuration of the
        underlying libwebrtc backend.

        Previously, we were creating a libwebrtc peer connection and then setting its configuration.
        libwebrtc does not like the configuration to be changed and may refuse to set the configuration.
        Instead of doing that, we are now creating the libwebrtc peer connection with the provided configuration.

        ICE candidate pool size is disabled as it is creating issues with running tests on bots.

        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::setConfiguration):
        * Modules/mediastream/MediaEndpointPeerConnection.h:
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::initializeWith):
        (WebCore::iceServersFromConfiguration):
        (WebCore::RTCPeerConnection::initializeConfiguration):
        (WebCore::RTCPeerConnection::setConfiguration):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::LibWebRTCMediaEndpoint):
        (WebCore::LibWebRTCMediaEndpoint::setConfiguration):
        (WebCore::LibWebRTCMediaEndpoint::stop):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration):
        (WebCore::LibWebRTCPeerConnectionBackend::setConfiguration):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::createActualPeerConnection):
        (WebCore::LibWebRTCProvider::createPeerConnection):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:


2017-06-30  Antoine Quint  <graouts@apple.com>

        Top controls bars should invert with right-to-left user interface layout direction locale
        https://bugs.webkit.org/show_bug.cgi?id=173989
        <rdar://problem/32863552>

        Reviewed by Dean Jackson.

        When the user interface layout direction is set by the locale to be right-to-left, we now:

            - invert the two top controls bars
            - invert the layout order for the fullscreen / PiP controls bar
            - orient the volume button the opposite direction when presented in a top controls bar

        Test: media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-rtl.html

        * Modules/modern-media-controls/controls/icon-service.js: Add new RTL variants for the mute and unmute icons.
        * Modules/modern-media-controls/controls/inline-media-controls.css: Invert the position of the two top controls
        bars when we switch user interface layout direction.
        (.media-controls.inline.uses-ltr-user-interface-layout-direction > .controls-bar.top-left,):
        (.media-controls.inline.uses-ltr-user-interface-layout-direction > .controls-bar.top-right,):
        (.media-controls.inline > .controls-bar.top-left): Deleted.
        (.media-controls.inline > .controls-bar.top-right): Deleted.
        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype.layout): Default to using the LTR variant for the mute button icon since
        it should only use the RTL variant in case the locale requires it *and* we display the mute button in a
        top controls bar rather than the bottom controls bar (ie. when width becomes constrained).
        (InlineMediaControls.prototype._topLeftContainerButtons): Invert the order of the fullscreen and PiP
        buttons based on the user interface layout direction.
        (InlineMediaControls.prototype._addTopRightBarWithMuteButtonToChildren):
        (InlineMediaControls):
        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.set usesLTRUserInterfaceLayoutDirection): Schedule a layout when the user interface
        layout direction changes.
        * Modules/modern-media-controls/controls/mute-button.js: Add a new "usesRTLIconVariant" property, false by
        default, to indicate we want to use the RTL variant of the button's icon.
        (MuteButton):
        (MuteButton.prototype.get muted):
        (MuteButton.prototype.set muted):
        (MuteButton.prototype.set usesRTLIconVariant):
        (MuteButton.prototype.layout):
        * Modules/modern-media-controls/images/iOS/Mute-RTL.svg: Added.
        * Modules/modern-media-controls/images/iOS/VolumeHi-RTL.svg: Added.
        * Modules/modern-media-controls/images/macOS/Mute-RTL.svg: Added.
        * Modules/modern-media-controls/images/macOS/VolumeHi-RTL.svg: Added.
        * Modules/modern-media-controls/media/media-controller.js: Use an ivar to track when it's worth notifying the
        media controls that the user interface layout direction has changed. This means we won't need to schedule a
        layout in case it's set to the current value.
        (MediaController):
        (MediaController.prototype.set usesLTRUserInterfaceLayoutDirection):

2017-06-29  Zalan Bujtas  <zalan@apple.com>

        BreakingContext::handleReplaced() should use replacedBox instead of m_current.renderer().
        https://bugs.webkit.org/show_bug.cgi?id=174011

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleReplaced):
        * rendering/line/LineWidth.cpp:
        (WebCore::LineWidth::applyOverhang):
        * rendering/line/LineWidth.h:

2017-06-29  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Web content process crashes when the selection is moved far offscreen in dragstart
        https://bugs.webkit.org/show_bug.cgi?id=174010
        <rdar://problem/32597802>

        Reviewed by Tim Horton.

        The TextIndicator snapshot generated in createDragImageForSelection is not guaranteed to succeed; this patch
        adds a null check following TextIndicator::createWithSelectionInFrame and bails early if the snapshot was not
        successful.

        Test: DataInteractionTests.DoNotCrashWhenSelectionMovesOffscreenAfterDragStart

        * platform/ios/DragImageIOS.mm:
        (WebCore::createDragImageForSelection):

2017-06-29  Chris Fleizach  <cfleizach@apple.com>

        AX: Cannot call setValue() on contenteditable or ARIA text controls
        https://bugs.webkit.org/show_bug.cgi?id=173520

        Reviewed by Ryosuke Niwa.

        Add support for changing the value of a contenteditable and any other aria text control in setValue().
 
        Test: accessibility/mac/set-value-editable-types.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setValue):

2017-06-28  Simon Fraser  <simon.fraser@apple.com>

        getBoundingClientRect returns wrong value for combination of page zoom and scroll
        https://bugs.webkit.org/show_bug.cgi?id=173841
        rdar://problem/32983841

        Reviewed by Dean Jackson.

        The layout viewport returned by FrameView::layoutViewportRect() is affected by page (Command-+) zooming,
        since it's computed using scroll positions, so when we use its origin to convert into client coordinates
        (which are zoom-agnostic), we need to account for page zoom, so fix FrameView::documentToClientOffset()
        to do this.

        Callers of documentToClientOffset() were checked, revealing that event client coordinates were also
        wrong with page zoom and are fixed in the same way. It was found that SimulatedClick was using an
        entirely wrong rect to compute its location: Element::clientRect() is NOT in client coordinates,
        so change this code to use getBoundingClientRect() instead.

        Minor refactoring in MouseRelatedEvent to make getting to the FrameView cleaner.

        Some geometry types enhanced to have non-mutating scale functions.

        Tests: fast/events/simulated-click-zoomed.html
               fast/visual-viewport/client-rects-relative-to-layout-viewport-zoomed.html

        * dom/MouseRelatedEvent.cpp:
        (WebCore::MouseRelatedEvent::init):
        (WebCore::MouseRelatedEvent::initCoordinates):
        (WebCore::MouseRelatedEvent::frameView):
        (WebCore::MouseRelatedEvent::documentToAbsoluteScaleFactor):
        (WebCore::MouseRelatedEvent::computePageLocation):
        (WebCore::MouseRelatedEvent::computeRelativePosition):
        (WebCore::pageZoomFactor): Deleted.
        (WebCore::frameScaleFactor): Deleted.
        * dom/MouseRelatedEvent.h:
        (WebCore::MouseRelatedEvent::absoluteLocation):
        (WebCore::MouseRelatedEvent::setAbsoluteLocation): Deleted.
        * dom/SimulatedClick.cpp:
        * page/FrameView.cpp:
        (WebCore::FrameView::layoutViewportRect): baseLayoutViewportSize() is the same as the old code.
        (WebCore::FrameView::documentToAbsoluteScaleFactor):
        (WebCore::FrameView::absoluteToDocumentScaleFactor):
        (WebCore::FrameView::absoluteToDocumentPoint):
        (WebCore::FrameView::documentToClientOffset):
        * page/FrameView.h:
        * platform/graphics/FloatPoint.h:
        (WebCore::FloatPoint::scale):
        (WebCore::FloatPoint::scaled):
        * platform/graphics/FloatSize.h:
        (WebCore::FloatSize::scaled):
        * platform/graphics/LayoutPoint.h:
        (WebCore::LayoutPoint::scaled):

2017-06-29  Megan Gardner  <megan_gardner@apple.com>

        Unreviewed, fixing Window's build after r218976

        * rendering/ScrollAlignment.cpp:
        (WebCore::operator<<):

2017-06-29  Megan Gardner  <megan_gardner@apple.com>

        Add TextStream operators for Range, VisiblePosition, VisibleSelection, and ScrollAlignment
        https://bugs.webkit.org/show_bug.cgi?id=173997

        Reviewed by Simon Fraser.

        Adding logging that can be used with TextStream-based LOG_WITH_STREAM.

        * dom/Range.cpp:
        (WebCore::operator<<):
        * dom/Range.h:
        * editing/VisiblePosition.h:
        * editing/VisibleSelection.cpp:
        (WebCore::operator<<):
        * editing/VisibleSelection.h:
        * rendering/ScrollAlignment.cpp:
        (WebCore::operator<<):
        * rendering/ScrollAlignment.h:

2017-06-29  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218903.

        This patch and its fix cause immediate flakiness on all WK2
        testers

        Reverted changeset:

        "Support PeerConnectionStates::BundlePolicy::MaxBundle when
        setting rtc configuration"
        https://bugs.webkit.org/show_bug.cgi?id=169389
        http://trac.webkit.org/changeset/218903

2017-06-29  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218963.

        This patch and its fix cause immediate flakiness on all WK2
        testers

        Reverted changeset:

        "Support PeerConnectionStates::BundlePolicy::MaxBundle when
        setting rtc configuration"
        https://bugs.webkit.org/show_bug.cgi?id=169389
        http://trac.webkit.org/changeset/218963

2017-06-29  Chris Dumez  <cdumez@apple.com>

        Split ResourceLoadObserver into 2 classes: one for WebCore and one for the UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=173990

        Reviewed by Brent Fulgham.

        Split ResourceLoadObserver into 2 classes: one for WebCore and one for the UIProcess.
        They really have different API and there is therefore close to no code duplication.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::primaryDomain):
        (WebCore::ResourceLoadObserver::setStatisticsQueue):
        (WebCore::ResourceLoadObserver::shouldLog):
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::primaryDomain):
        * loader/ResourceLoadStatisticsStore.h:
        * platform/URL.h:

2017-06-29  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove custom binding for UserMessageHandlersNamespace
        https://bugs.webkit.org/show_bug.cgi?id=173956

        Reviewed by Darin Adler.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSUserMessageHandlersNamespaceCustom.cpp: Removed.
        Remove JSUserMessageHandlersNamespaceCustom.cpp

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateNamedGetterLambda):
        Add support for calling named getters with additional arguments from [CallWith].

        (GenerateAttributeGetterBodyDefinition):
        (GenerateAttributeSetterBodyDefinition):
        (GenerateCallWithUsingReferences):
        (GenerateCallWithUsingPointers):
        (GenerateConstructorCallWithUsingPointers):
        (GenerateCallWith):
        (GenerateParametersCheck):
        Update arguments to GenerateCallWith(Using...) to no longer pass an operation,
        which was only needed for the no longer used ScriptArguments, pass a thisObject
        reference, and optionally pass an indentation.

        * bindings/scripts/IDLAttributes.json:
        Remove no longer used ScriptArguments and CallStack, add World.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjWithScriptArgumentsAndCallStackAttributeGetter): Deleted.
        (WebCore::jsTestObjWithScriptArgumentsAndCallStackAttribute): Deleted.
        (WebCore::setJSTestObjWithScriptArgumentsAndCallStackAttributeSetter): Deleted.
        (WebCore::setJSTestObjWithScriptArgumentsAndCallStackAttribute): Deleted.
        (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStackBody): Deleted.
        (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack): Deleted.
        * bindings/scripts/test/TestObj.idl:
        Remove tests of ScriptArguments and CallStack.

        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: Added.
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: Added.
        * bindings/scripts/test/TestNamedGetterCallWith.idl: Added.
        * bindings/scripts/test/TestNamedGetterNoIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedGetterWithIdentifier.idl: Added.
        Add basic named getter tests and a specific test of named getters using CallWith.

        * page/UserMessageHandlersNamespace.cpp:
        (WebCore::UserMessageHandlersNamespace::supportedPropertyNames):
        (WebCore::UserMessageHandlersNamespace::namedItem):
        (WebCore::UserMessageHandlersNamespace::handler): Deleted.
        * page/UserMessageHandlersNamespace.h:
        Rename handler to namedItem, matching convention and the expectations of the
        bindings generator and swap the order of the arguments for the same reason.

        * page/UserMessageHandlersNamespace.idl:
        Remove CustomGetOwnPropertySlotAndDescriptor, and add the anonymous named getter.

2017-06-29  Chris Dumez  <cdumez@apple.com>

        Avoid copying ResourceLoadStatistics objects
        https://bugs.webkit.org/show_bug.cgi?id=173972

        Reviewed by Brent Fulgham.

        Avoid copying ResourceLoadStatistics objects given that they are big. Make the type move-only
        to avoid such mistakes in the future.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        * loader/ResourceLoadStatistics.h:
        (WebCore::ResourceLoadStatistics::ResourceLoadStatistics):

2017-06-29  John Wilander  <wilander@apple.com>

        Fix for intermittent Layout Test fail http/tests/loading/resourceLoadStatistics/telemetry-generation.html
        https://bugs.webkit.org/show_bug.cgi?id=173940
        <rdar://problem/33018125>

        Reviewed by Brent Fulgham.

        No new tests. This change enables the exiting test to pass.

        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::sortedPrevalentResourceTelemetry):
            Added an assert.

2017-06-29  Youenn Fablet  <youenn@apple.com>

        Support PeerConnectionStates::BundlePolicy::MaxBundle when setting rtc configuration
        https://bugs.webkit.org/show_bug.cgi?id=169389

        Unreviewed.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration): Reactivating CPU overuse detection as it might be the cause of the bots regressions.

2017-06-29  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] ResourceHandleManager violate the class responsibility of ResourceHandle
        https://bugs.webkit.org/show_bug.cgi?id=173630

        Reviewed by Alex Christensen.

        * platform/network/ResourceHandle.h:
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::platformLoadResourceSynchronously):
        (WebCore::calculateWebTimingInformations):
        (WebCore::handleLocalReceiveResponse):
        (WebCore::writeCallback):
        (WebCore::isHttpInfo):
        (WebCore::isHttpRedirect):
        (WebCore::isHttpAuthentication):
        (WebCore::isHttpNotModified):
        (WebCore::isAppendableHeader):
        (WebCore::removeLeadingAndTrailingQuotes):
        (WebCore::getProtectionSpace):
        (WebCore::headerCallback):
        (WebCore::readCallback):
        (WebCore::getFormElementsCount):
        (WebCore::setupFormData):
        (WebCore::ResourceHandle::setupPUT):
        (WebCore::ResourceHandle::setupPOST):
        (WebCore::ResourceHandle::handleDataURL):
        (WebCore::ResourceHandle::dispatchSynchronousJob):
        (WebCore::ResourceHandle::applyAuthentication):
        (WebCore::ResourceHandle::initialize):
        (WebCore::ResourceHandle::handleCurlMsg):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        (WebCore::ResourceHandleManager::startJob):
        (WebCore::calculateWebTimingInformations): Deleted.
        (WebCore::isHttpInfo): Deleted.
        (WebCore::isHttpRedirect): Deleted.
        (WebCore::isHttpAuthentication): Deleted.
        (WebCore::isHttpNotModified): Deleted.
        (WebCore::handleLocalReceiveResponse): Deleted.
        (WebCore::writeCallback): Deleted.
        (WebCore::isAppendableHeader): Deleted.
        (WebCore::removeLeadingAndTrailingQuotes): Deleted.
        (WebCore::getProtectionSpace): Deleted.
        (WebCore::headerCallback): Deleted.
        (WebCore::readCallback): Deleted.
        (WebCore::getFormElementsCount): Deleted.
        (WebCore::setupFormData): Deleted.
        (WebCore::ResourceHandleManager::setupPUT): Deleted.
        (WebCore::ResourceHandleManager::setupPOST): Deleted.
        (WebCore::handleDataURL): Deleted.
        (WebCore::ResourceHandleManager::dispatchSynchronousJob): Deleted.
        (WebCore::ResourceHandleManager::applyAuthenticationToRequest): Deleted.
        (WebCore::ResourceHandleManager::initializeHandle): Deleted.
        * platform/network/curl/ResourceHandleManager.h:

2017-06-29  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Async image decoding should be disabled for iBooks on tvOS
        https://bugs.webkit.org/show_bug.cgi?id=173945

        Reviewed by Simon Fraser.

        The iBooks on tvOS is an AppStore application. We need to disable async
        image decoding for iBooks on tvOS permanently through WebKit.

        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::IOSApplication::isIBooks):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::updateFromSettings):

2017-06-29  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add a new extended attribute to model the forced return value optimization used on Node and Crypto
        https://bugs.webkit.org/show_bug.cgi?id=173961

        Reviewed by Darin Adler.

        Node and Crypto were both using custom bindings to implement an optimization
        for operations that always returned one one of the arguments passed in. The
        optimization directly returns the JSValue argument, avoiding wrapping and 
        unwrapping, and all the cache lookups that might entail. This allows that 
        optimization to work without custom bindings by adding a new extended attribute
        [ReturnValue] that can annotate an argument. When used, the implementation
        function is expected to return either void or ExceptionOr<void>.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSCryptoCustom.cpp: Removed.
        Remove JSCryptoCustom.cpp.

        * bindings/js/JSNodeCustom.cpp:
        (WebCore::JSNode::insertBefore): Deleted.
        (WebCore::JSNode::replaceChild): Deleted.
        (WebCore::JSNode::removeChild): Deleted.
        (WebCore::JSNode::appendChild): Deleted.
        Remove custom functions.

        * bindings/scripts/CodeGeneratorJS.pm:
        (OperationHasForcedReturnValue):
        Add helper to determine if an operation has [ReturnValue] on any argument.

        (NeedsExplicitPropagateExceptionCall):
        We must treat operations with a [ReturnValue] argument like we do operations
        returning void, and explicitly check for exceptions.

        (GenerateParametersCheck):
        Pull out the argument in a variable called 'returnValue' if it is annotated
        with [ReturnValue].

        (GenerateImplementationFunctionCall):
        Special case operations with a [ReturnValue] argument to return the previously
        set aside 'returnValue' variable.

        * bindings/scripts/IDLAttributes.json:
        Add [ReturnValue].

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimization):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationWithExceptionBody):
        (WebCore::jsTestObjPrototypeFunctionTestReturnValueOptimizationWithException):
        * bindings/scripts/test/TestObj.idl:
        Add tests for [ReturnValue].

        * dom/Node.idl:
        * page/Crypto.idl:
        Add [ReturnValue] annotations and remove [Custom] annotations.

2017-06-29  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r218944.

        Optimization is incorrect

        Reverted changeset:

        "Avoid copying ResourceLoadStatistics objects"
        https://bugs.webkit.org/show_bug.cgi?id=173972
        http://trac.webkit.org/changeset/218944

2017-06-29  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r218896): ASSERT in WebPageProxy::dataCallback
        https://bugs.webkit.org/show_bug.cgi?id=173968

        Reviewed by Michael Catanzaro.

        The problem is that WebPageProxy::getLoadDecisionForIcon() sends 0 as callback ID when the decision is to not
        load the icon. Since r218896 we always notify the client even when the decision is to not load the icon, in
        which case the UI doesn't really expect a callback. When WebPageProxy::dataCallback is called with a 0 callback ID,
        CallbackMap::take() crashes in RELEASE_ASSERT(callbackID).

        Fixes several GTK+ unit tests that are crashing.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::didGetLoadDecisionForIcon): Return earlier if decision is false or frame is nullptr.
        (WebCore::DocumentLoader::finishedLoadingIcon): Move RELEASE_ASSERT to notifyFinishedLoadingIcon().
        (WebCore::DocumentLoader::notifyFinishedLoadingIcon): Assert if callbackIdentifier is 0 or m_frame is nullptr,
        since it's no longer expected to happen.

2017-06-29  Chris Dumez  <cdumez@apple.com>

        statistics.mostRecentUserInteraction should be of type WallTime
        https://bugs.webkit.org/show_bug.cgi?id=173974

        Reviewed by Brent Fulgham.

        statistics.mostRecentUserInteraction should be of type WallTime for clarity.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::logUserInteraction):
        (WebCore::ResourceLoadObserver::clearUserInteraction):
        * loader/ResourceLoadStatistics.cpp:
        (WebCore::ResourceLoadStatistics::encode):
        (WebCore::ResourceLoadStatistics::decode):
        (WebCore::ResourceLoadStatistics::toString):
        (WebCore::ResourceLoadStatistics::merge):
        * loader/ResourceLoadStatistics.h:
        (WebCore::ResourceLoadStatistics::mostRecentUserInteractionTime): Deleted.
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::shouldPartitionCookies):
        (WebCore::ResourceLoadStatisticsStore::hasHadRecentUserInteraction):
        (WebCore::ResourceLoadStatisticsStore::sortedPrevalentResourceTelemetry):

2017-06-29  JF Bastien  <jfbastien@apple.com>

        WebAssembly: disable some APIs under CSP
        https://bugs.webkit.org/show_bug.cgi?id=173892
        <rdar://problem/32914613>

        Reviewed by Daniel Bates.

        This does the basic separation of eval-blocked and
        WebAssembly-blocked, but currently only blocks neither or both. I
        think we'll eventually consider allowing one to be blocked but not
        the other, so this separation makes sense and means that when we
        want to do the change it'll be tiny. At a minimum we want a
        different error message, which this patch provides (a lot of the
        code ties blocking to the error message).

        Tests: http/tests/security/contentSecurityPolicy/WebAssembly-allowed.html
               http/tests/security/contentSecurityPolicy/WebAssembly-blocked-in-about-blank-iframe.html
               http/tests/security/contentSecurityPolicy/WebAssembly-blocked-in-external-script.html
               http/tests/security/contentSecurityPolicy/WebAssembly-blocked-in-subframe.html
               http/tests/security/contentSecurityPolicy/WebAssembly-blocked.html

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::enableWebAssembly):
        (WebCore::ScriptController::disableWebAssembly):
        * bindings/js/ScriptController.h:
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::disableWebAssembly):
        * bindings/js/WorkerScriptController.h:
        * dom/Document.cpp:
        (WebCore::Document::disableWebAssembly):
        * dom/Document.h:
        * dom/ScriptExecutionContext.h:
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::didCreateWindowProxy):
        (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext):
        * page/csp/ContentSecurityPolicy.h:
        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
        (WebCore::ContentSecurityPolicyDirectiveList::create):
        * page/csp/ContentSecurityPolicyDirectiveList.h:
        (WebCore::ContentSecurityPolicyDirectiveList::webAssemblyDisabledErrorMessage):
        (WebCore::ContentSecurityPolicyDirectiveList::setWebAssemblyDisabledErrorMessage):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::disableWebAssembly):
        * workers/WorkerGlobalScope.h:

2017-06-29  Zalan Bujtas  <zalan@apple.com>

        Make InlineBox::m_topLeft and m_logicalWidth protected.
        https://bugs.webkit.org/show_bug.cgi?id=173973

        Reviewed by Simon Fraser.

        I don't think this reasoning from 10 years ago is valid anymore -> 
          "FIXME: Would like to make this protected, but methods are accessing these members over in the part."
        (comment was conveniently removed in a later commit).

        No change in functionality.

        * rendering/InlineBox.h:
        (WebCore::InlineBox::InlineBox):

2017-06-29  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Adopt +objectWithItemProviderData: for serializing NSItemProviderReading-conformant objects
        https://bugs.webkit.org/show_bug.cgi?id=173971
        <rdar://problem/33006605>

        Reviewed by Tim Horton.

        Moves off of a very-recently-deprecated API, in favor of its replacement. Guarded by a runtime check and staging
        declarations. No change in behavior.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:]):

2017-06-29  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Separate global curl settings from ResourceHandleManager as CurlContext class
        https://bugs.webkit.org/show_bug.cgi?id=173629

        Reviewed by Alex Christensen.

        * PlatformWinCairo.cmake:
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::setCookiesFromDOM):
        (WebCore::cookiesForSession):
        * platform/network/curl/CurlContext.cpp: Added.
        (WebCore::certificatePath):
        (WebCore::cookieJarPath):
        (WebCore::CurlContext::CurlContext):
        (WebCore::CurlContext::~CurlContext):
        (WebCore::CurlContext::initCookieSession):
        (WebCore::CurlContext::ProxyInfo::url):
        (WebCore::CurlContext::setProxyInfo):
        (WebCore::CurlContext::getEffectiveURL):
        (WebCore::CurlContext::createMultiHandle):
        (WebCore::CurlContext::mutexFor):
        (WebCore::CurlContext::lock):
        (WebCore::CurlContext::unlock):
        * platform/network/curl/CurlContext.h: Added.
        (WebCore::CurlContext::singleton):
        (WebCore::CurlContext::curlShareHandle):
        (WebCore::CurlContext::getCookieJarFileName):
        (WebCore::CurlContext::setCookieJarFileName):
        (WebCore::CurlContext::getCertificatePath):
        (WebCore::CurlContext::shouldIgnoreSSLErrors):
        (WebCore::CurlContext::proxyInfo):
        (WebCore::CurlContext::setProxyInfo):
        (WebCore::CurlContext::getLogFile):
        (WebCore::CurlContext::isVerbose):
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::init):
        (WebCore::CurlDownload::start):
        (WebCore::CurlDownload::cancel):
        (WebCore::CurlDownload::didReceiveHeader):
        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/CurlJobManager.cpp: Renamed from Source/WebCore/platform/network/curl/CurlManager.cpp.
        (WebCore::CurlJobManager::CurlJobManager):
        (WebCore::CurlJobManager::~CurlJobManager):
        (WebCore::CurlJobManager::add):
        (WebCore::CurlJobManager::remove):
        (WebCore::CurlJobManager::getActiveCount):
        (WebCore::CurlJobManager::getPendingCount):
        (WebCore::CurlJobManager::startThreadIfNeeded):
        (WebCore::CurlJobManager::stopThread):
        (WebCore::CurlJobManager::stopThreadIfIdle):
        (WebCore::CurlJobManager::updateHandleList):
        (WebCore::CurlJobManager::addToCurl):
        (WebCore::CurlJobManager::removeFromCurl):
        (WebCore::CurlJobManager::workerThread):
        * platform/network/curl/CurlJobManager.h: Renamed from Source/WebCore/platform/network/curl/CurlManager.h.
        (WebCore::CurlJobManager::singleton):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::ResourceHandleManager):
        (WebCore::ResourceHandleManager::~ResourceHandleManager):
        (WebCore::handleLocalReceiveResponse):
        (WebCore::getProtectionSpace):
        (WebCore::headerCallback):
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        (WebCore::ResourceHandleManager::initializeHandle):
        (WebCore::certificatePath): Deleted.
        (WebCore::cookieJarPath): Deleted.
        (WebCore::ResourceHandleManager::setCookieJarFileName): Deleted.
        (WebCore::ResourceHandleManager::getCookieJarFileName): Deleted.
        (WebCore::ResourceHandleManager::setProxyInfo): Deleted.
        (WebCore::ResourceHandleManager::initCookieSession): Deleted.
        * platform/network/curl/ResourceHandleManager.h:
        (): Deleted.

2017-06-29  Chris Dumez  <cdumez@apple.com>

        Avoid copying ResourceLoadStatistics objects
        https://bugs.webkit.org/show_bug.cgi?id=173972

        Reviewed by Geoffrey Garen.

        Avoid copying ResourceLoadStatistics objects given that they are big. Make the type move-only
        to avoid such mistakes in the future.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        * loader/ResourceLoadStatistics.h:
        (WebCore::ResourceLoadStatistics::ResourceLoadStatistics):

2017-06-29  Antoine Quint  <graouts@apple.com>

        Full stop shows to the right of the picture-in-picture localised string in Hebrew
        https://bugs.webkit.org/show_bug.cgi?id=173966
        <rdar://problem/32847376>

        Reviewed by Dean Jackson.

        We manually set the CSS "direction" property to "rtl" when we're not using an LTR language for a placard.

        Test: media/modern-media-controls/placard/placard-ltr.html

        * Modules/modern-media-controls/controls/placard.css:
        (.media-controls:not(.uses-ltr-user-interface-layout-direction) .placard):

2017-06-29  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed Apple CMake build after r218901

        I did not add 'cocoa/FileMonitorCocoa.mm' to the PlatformMac.cmake file as part of r218901.):

        * PlatformMac.cmake:

2017-06-29  Frederic Wang  <fwang@igalia.com>

        Small improvement of calls to RenderLayerBacking members
        https://bugs.webkit.org/show_bug.cgi?id=173969

        Reviewed by Simon Fraser.

        No new tests, behavior unchanged.

        * page/FrameView.cpp:
        (WebCore::FrameView::tiledBacking): Access the member with RenderLayerBacking::tiledBacking.
        (WebCore::FrameView::updateTilesForExtendedBackgroundMode): Ditto.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::usesCompositedScrolling): Use RenderLayerBacking::hasScrollingLayer as
        it better matches the intention of the check here.

2017-06-29  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Fix ReadableStream "strategy" argument handling
        https://bugs.webkit.org/show_bug.cgi?id=172716

        Reviewed by Xabier Rodriguez-Calvar.

        Aligned default strategy parameter with spec, as defined in [1].
        
        [1] https://streams.spec.whatwg.org/#rs-constructor

        Added new tests and updated some existing ones based on the newly
        expected behavior. Also updated expectations for WPT streams tests.

        * Modules/streams/ReadableStream.js:
        (initializeReadableStream): Fixed initialization of strategy.

2017-06-29  Antti Koivisto  <antti@apple.com>

        REGRESSION(r215347): NAS4Free Pop-down menus fail to appear
        https://bugs.webkit.org/show_bug.cgi?id=173967
        <rdar://problem/32690114>

        Reviewed by Andreas Kling.

        Menus on this configuration page operate by mutating visibility. We fail to trigger required
        compositing updates when visibility changes on non-composited layer. Visibility of a non-composited
        descendant may affect geometry of the composited ancestor layer.

        Test: compositing/backing/non-composited-visibility-change.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerStyleChanged):
        (WebCore::RenderLayerCompositor::needsCompositingUpdateForStyleChangeOnNonCompositedLayer): Added.

            Trigger compositing update for non-composited layers on visibility change.
            Factor tests into function.

        * rendering/RenderLayerCompositor.h:

2017-06-28  Frederic Wang  <fwang@igalia.com>

        Align Document::canNavigate on the HTM5 specification
        https://bugs.webkit.org/show_bug.cgi?id=173162

        Reviewed by Chris Dumez.

        Currently when a frame A with a sandboxed navigation flag tries and navigates another frame B
        then Document::canNavigate verifies the cases where we try to navigate A's top frame (in
        that case the allow-top-navigation flag is needed) or not (in that case, B must be a
        descendant of A). This patch refines that a bit to check the case where B is a popup (in that
        case navigation is permitted if A is the opener of B). This change aligns on the HTML5
        specification and allows to pass more W3C Web Platform tests.
        See https://html.spec.whatwg.org/multipage/browsers.html#allowed-to-navigate

        Tests: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-3.html
               imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_nonescaping-3.html

        * dom/Document.cpp:
        (WebCore::Document::canNavigate): This refines the case where the document's frame has the
        sandbox navigation flag set in order to handle popup navigation. New comments referring to
        the HTML5 specification are also added.

2017-06-28  Myles C. Maxfield  <mmaxfield@apple.com>

        Only apply font features for the particular type of font they are being applied to
        https://bugs.webkit.org/show_bug.cgi?id=172661
        <rdar://problem/31534119>
        <rdar://problem/32799624>

        Reviewed by Simon Fraser.

        There are two types of font formats which support features: AAT and OTF. Each of them has
        a different idea about what the identity of a feature is. We were specifying both types
        of feature identities to Core Text; however, this is causing Core Text to get confused.
        Instead, we should only apply AAT features to AAT fonts and OTF features to OTF fonts.

        Test: Un-marking these tests as failure on High Sierra:
              css3/font-variant-petite-caps-synthesis-coverage.html
              css3/font-variant-small-caps-synthesis-coverage.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontType::FontType):
        (WebCore::preparePlatformFont):
        (WebCore::variationCapabilitiesForFontDescriptor):
        (WebCore::isGXVariableFont): Deleted.

2017-06-28  Chris Dumez  <cdumez@apple.com>

        [ResourceLoadStatistics] Simplify PrevalentResourceTelemetry struct
        https://bugs.webkit.org/show_bug.cgi?id=173953

        Reviewed by Sam Weinig.

        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::sortedPrevalentResourceTelemetry):
        * loader/ResourceLoadStatisticsStore.h:
        (WebCore::PrevalentResourceTelemetry::PrevalentResourceTelemetry): Deleted.

2017-06-28  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange
        https://bugs.webkit.org/show_bug.cgi?id=173958

        Reviewed by Simon Fraser.

        The crashed is most likely caused by updateLayersAfterAncestorChange calling [CALayer setPosition]
        with a CGPoint which contains the x coordinate or the y coordinate of NaN.

        Simon and I inpected the code but we couldn't figure out how we get there. Detect this case and bail out.
        Also log the relevant values and debug assert when this condition is hit to help identifying the root cause.

        * page/scrolling/mac/ScrollingTreeFixedNode.mm:
        (WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange):

2017-06-28  Chris Dumez  <cdumez@apple.com>

        ResourceLoadObserver clean up
        https://bugs.webkit.org/show_bug.cgi?id=173955

        Reviewed by Sam Weinig and Brent Fulgham.

        ResourceLoadObserver clean up: Modernize code a bit and get rid of unused variables.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::clearInMemoryStore):
        (WebCore::ResourceLoadObserver::clearInMemoryAndPersistentStore):
        (WebCore::ResourceLoadObserver::shouldLog):
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::logUserInteraction):
        (WebCore::ResourceLoadObserver::setSubframeUnderTopFrameOrigin):
        (WebCore::ResourceLoadObserver::setSubresourceUnderTopFrameOrigin):
        (WebCore::ResourceLoadObserver::setSubresourceUniqueRedirectTo):
        (WebCore::ResourceLoadObserver::fireDataModificationHandler):
        (WebCore::ResourceLoadObserver::fireShouldPartitionCookiesHandler):
        (WebCore::ResourceLoadObserver::primaryDomain):
        (WebCore::ResourceLoadObserver::statisticsForOrigin):

2017-06-28  Zalan Bujtas  <zalan@apple.com>

        Move RenderEmbeddedObject::isReplacementObscured to HTMLPlugInElement
        https://bugs.webkit.org/show_bug.cgi?id=173802
        <rdar://problem/32884389>

        Reviewed by Simon Fraser.

        Hittesting could potentially destroy "this" renderer so calling it inside RenderEmbeddedObject
        could leave the caller with a stale pointer.
        This patch protects the plugin element from getting destroyed and checks if the renderer got
        deleted during the hittest to avoid nullptr dereference.

        Speculative fix.

        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::isReplacementObscured):
        * html/HTMLPlugInElement.h:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::isReplacementObscured): Deleted.
        * rendering/RenderEmbeddedObject.h:
        * testing/Internals.cpp:
        (WebCore::Internals::isPluginUnavailabilityIndicatorObscured):

2017-06-28  Chris Dumez  <cdumez@apple.com>

        Avoid copying statistics in ResourceLoadStatisticsStore::readDataFromDecoder()
        https://bugs.webkit.org/show_bug.cgi?id=173951

        Reviewed by Ryosuke Niwa.

        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):

2017-06-28  Ryosuke Niwa  <rniwa@webkit.org>

        Safari's Speedometer score massively regresses when accessibility is enabled
        https://bugs.webkit.org/show_bug.cgi?id=173912

        Reviewed by Chris Fleizach.

        The bug was caused by HTMLTextFormControlElement::setInnerTextValue triggering a synchronous layout
        via constructing VisiblePosition when the accessibility tree is present.

        Added AXObjectCache::postTextReplacementNotificationForTextControl which avoids the construction of
        VisiblePosition and other means of triggering a synchronous layout. This patch also fixes a subtle bug
        that HTMLTextFormControlElement was creating TextMarkerData with axID set to that of the text control
        element instead of the root editable element inside its shadow tree even though the typing command uses
        axID of the root editable element. While I couldn't find any user-visible behavioral change from this
        code change, new code is more self-consistent.

        Also added LayoutDisallowedScope which asserts that no synchronous layout happens in setInnerTextValue
        so that we don't introduce a new performance regression like this in the future.

        No new tests. Existing tests in accessibility directory covers this.

        * CMakeLists.txt: Added LayoutDisallowedScope.cpp.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::postTextReplacementNotificationForTextControl): Added.
        (WebCore::AXObjectCache::textMarkerDataForVisiblePosition): Modernized. Returns optional<TextMarkerData>
        instead of taking TextMarkerData as an out-argument, and returning with axID of 0.
        (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl): Added. This specialized version
        constructs TextMarkerData for the first position inside the editable region in a text control without
        triggering a synchronous layout.

        * accessibility/AXObjectCache.h:
        (WebCore::TextMarkerData): Initialize each member automatically.
        (WebCore::AXObjectCache::postTextReplacementNotificationForTextControl):

        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::postTextReplacementPlatformNotificationForTextControl): Added.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (+[WebAccessibilityTextMarker textMarkerWithVisiblePosition:cache:]):

        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::addTextMarkerFor): Extracted from textReplacementChangeDictionary. Added a new variant which
        takes a text form control instead.
        (WebCore::textReplacementChangeDictionary): Templatized this function to either take VisiblePosition
        and call textMarkerForVisiblePosition or take HTMLTextFormControlElement and call
        textMarkerForFirstPositionInTextControl.
        (WebCore::postUserInfoForChanges): Extracted from postTextReplacementPlatformNotification.
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification): 
        (WebCore::AXObjectCache::postTextReplacementPlatformNotificationForTextControl): Added.

        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (textMarkerForVisiblePosition):
        (-[WebAccessibilityObjectWrapper textMarkerForFirstPositionInTextControl:]): Added.

        * dom/Document.cpp:
        (WebCore::Document::updateLayout): Assert that LayoutDisallowedScope is not in the stack frame.

        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::setInnerTextValue): Call postTextReplacementNotificationForTextControl
        to avoid triggering a synchronous layout. Also create LayoutDisallowedScope to avoid a similar performance
        regression from being introduced in the future in this function. Finally, made innerText a RefPtr for extra
        safety since we're using it after updating the DOM tree.

        * rendering/LayoutDisallowedScope.cpp: Added.
        * rendering/LayoutDisallowedScope.h: Added.
        (WebCore::LayoutDisallowedScope::LayoutDisallowedScope):
        (WebCore::LayoutDisallowedScope::~LayoutDisallowedScope):
        (WebCore::LayoutDisallowedScope::isLayoutAllowed):

2017-06-27  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Cannot italicize or bold text rendered with text styles
        https://bugs.webkit.org/show_bug.cgi?id=173634

        Reviewed by Darin Adler.

        r218616 enabled the new cascade list codepath for "system-ui," but didn't do it for the named
        text styles (like "font: -apple-system-tall-body;"). This new codepath is better because it
        correctly specifies weights and italics (using kCTFontWeightTrait and kCTFontSlantTrait) instead
        of using symbolic traits, and because it correctly handles fonts in the Core Text fallback chain.
        This patch migrates the named text styles to this new codepath.

        Test: fast/text/ipad/bold-tall-body-text-style.html

        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParameters):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::isHashTableDeletedValue):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator==):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParametersHash::hash):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParametersHash::equal):
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::convertArray):
        (WebCore::convertArray):
        (WebCore::makeNeverDestroyed):
        (WebCore::isUIFontTextStyle):
        (WebCore::systemFontParameters):
        (WebCore::FontCascadeDescription::effectiveFamilyCount):
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::hash): Deleted.
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::equal): Deleted.
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2017-06-28  Devin Rousso  <drousso@apple.com>

        Web Inspector: Instrument active pixel memory used by canvases
        https://bugs.webkit.org/show_bug.cgi?id=173087
        <rdar://problem/32719261>

        Reviewed by Joseph Pecoraro.

        Test: inspector/canvas/memory.html

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::setImageBuffer):
        * inspector/InspectorCanvasAgent.h:
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::didChangeCanvasMemory):
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):
        * inspector/InspectorInstrumentation.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didChangeCanvasMemory):
        (WebCore::InspectorInstrumentation::didChangeCanvasMemoryImpl):

2017-06-28  Alex Christensen  <achristensen@webkit.org>

        Prevent displaying URLs with small capital letters
        https://bugs.webkit.org/show_bug.cgi?id=173949
        <rdar://problem/32952058>

        Reviewed by Brent Fulgham.

        Covered by new API tests.

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):

2017-06-28  Youenn Fablet  <youenn@apple.com>

        Support PeerConnectionStates::BundlePolicy::MaxBundle when setting rtc configuration
        https://bugs.webkit.org/show_bug.cgi?id=169389

        Reviewed by Alex Christensen.

        Covered by manual testing (appr.tc and https://youennf.github.io/webrtc-tests/src/content/peerconnection/trickle-ice/).
        Previously, we were creating a libwebrtc peer connection and then setting its configuration.
        libwebrtc does not like the configuration to be changed and may refuse to set the configuration.
        Instead of doing that, we are now creating the libwebrtc peer connection with the provided configuration.

        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::setConfiguration):
        * Modules/mediastream/MediaEndpointPeerConnection.h:
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::initializeWith):
        (WebCore::iceServersFromConfiguration):
        (WebCore::RTCPeerConnection::initializeConfiguration):
        (WebCore::RTCPeerConnection::setConfiguration):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::LibWebRTCMediaEndpoint):
        (WebCore::LibWebRTCMediaEndpoint::setConfiguration):
        (WebCore::LibWebRTCMediaEndpoint::stop):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration):
        (WebCore::LibWebRTCPeerConnectionBackend::setConfiguration):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::createActualPeerConnection):
        (WebCore::LibWebRTCProvider::createPeerConnection):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:

2017-06-28  Brent Fulgham  <bfulgham@apple.com>

        Teach ResourceLoadStatistics to recognize changes in the file system
        https://bugs.webkit.org/show_bug.cgi?id=173800
        <rdar://problem/32937842>

        Reviewed by Chris Dumez.

        We want to support the case where multiple UI processes choose to share the same
        statistics file. To support this, update the ResourceLoadStatistics logic to be aware
        that the statistics data file might change underneath it, and to take appropriate
        action when it does.

        * WebCore.xcodeproj/project.pbxproj: Update for new sources.
        * WebCore/CMakeLists.txt: Update for new FileMonitor source file.
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent): Use the new deletion
        handler for the data file instead of writing out an empty file.
        (WebCore::ResourceLoadStatisticsStore::setDeletePersistentStoreCallback): Added.
        * loader/ResourceLoadStatisticsStore.h:
        * platform/FileMonitor.cpp: Added.
        (WebCore::FileMonitor::create):
        (WebCore::FileMonitor::FileMonitor): Register handlers and begin monitoring file.
        (WebCore::FileMonitor::~FileMonitor): Stop any active file monitoring.
        (WebCore::FileMonitor::startMonitoringPath): Stub implementation.
        (WebCore::FileMonitor::stopMonitoring): Ditto.
        * platform/FileMonitor.h: Added.
        * platform/FileSystem.h: Export files needed by WebKit2. Add support for O_EVTONLY
        Darwin file handles.
        * platform/Logging.h: Add 'ResourceLoadStatistics' category.
        * platform/cocoa/FileMonitorCocoa.mm: Added.
        (WebCore::FileMonitor::startMonitoringPath): Create a new VNODE type dispatch_source
        to receive notifications when the specified file changes.
        (WebCore::FileMonitor::stopMonitoring): Cancel the dispatch_source when we are done
        monitoring the file.
        * platform/posix/FileSystemPOSIX.cpp: Update 'openFile' to understand the O_EVTONLY
        mode of file handles (Darwin-only). 

2017-06-28  Brady Eidson  <beidson@apple.com>

        DocumentLoader should always notify the client if there are pending icon loads when the load is stopped.
        https://bugs.webkit.org/show_bug.cgi?id=173874

        Reviewed by Alex Christensen.

        Covered by API tests.

        Patch started by Carlos Garcia Campos, finished by me.
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::stopLoading): Make all of the callbacks for cancelled IconLoaders.
        (WebCore::DocumentLoader::didGetLoadDecisionForIcon): Make the callback even if there's no IconLoader.
        (WebCore::DocumentLoader::finishedLoadingIcon):
        (WebCore::DocumentLoader::notifyFinishedLoadingIcon):
        * loader/DocumentLoader.h:

2017-06-28  Antoine Quint  <graouts@apple.com>

        Volume controls should be hidden when AirPlay is active
        https://bugs.webkit.org/show_bug.cgi?id=173933
        <rdar://problem/33011931>

        Reviewed by Dean Jackson.

        Ensure we don't show any volume controls during AirPlay. We set the mute button's enabled state to "false"
        when AirPlay is active and key off this enabled stated to control the display of all volume-related controls
        throughout the UI.

        Tests: media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-volume-controls-hidden-when-mute-button-disabled.html
               media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-top-right-controls-bar-hidden-when-mute-button-disabled.html

        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype._addTopRightBarWithMuteButtonToChildren):
        (InlineMediaControls):
        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js:
        (MacOSFullscreenMediaControls.prototype.layout):
        * Modules/modern-media-controls/media/airplay-support.js:
        (AirplaySupport.prototype.syncControl):
        (AirplaySupport):

2017-06-28  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive includes from WebCore/css sources
        https://bugs.webkit.org/show_bug.cgi?id=173919

        Reviewed by Simon Fraser.

        No new tests needed.

        * css/CSSCanvasValue.cpp:
        * css/CSSComputedStyleDeclaration.cpp:
        * css/CSSContentDistributionValue.cpp:
        * css/CSSCrossfadeValue.cpp:
        * css/CSSCursorImageValue.cpp:
        * css/CSSCustomPropertyValue.cpp:
        * css/CSSDefaultStyleSheets.cpp:
        * css/CSSFilterImageValue.cpp:
        * css/CSSFontFace.cpp:
        * css/CSSFontFaceSet.cpp:
        * css/CSSFontFaceSource.cpp:
        * css/CSSFontFaceSrcValue.cpp:
        * css/CSSFontFeatureValue.cpp:
        * css/CSSFontSelector.cpp:
        * css/CSSFontValue.cpp:
        * css/CSSImageGeneratorValue.cpp:
        * css/CSSImageSetValue.cpp:
        * css/CSSImageValue.cpp:
        * css/CSSImportRule.cpp:
        * css/CSSKeyframesRule.cpp:
        * css/CSSMediaRule.cpp:
        * css/CSSNamedImageValue.cpp:
        * css/CSSPrimitiveValue.cpp:
        * css/CSSProperty.cpp:
        * css/CSSPropertySourceData.cpp:
        * css/CSSReflectValue.cpp:
        * css/CSSRuleList.cpp:
        * css/CSSSegmentedFontFace.cpp:
        * css/CSSSelector.cpp:
        * css/CSSStyleRule.cpp:
        * css/CSSStyleSheet.cpp:
        * css/CSSSupportsRule.cpp:
        * css/CSSToStyleMap.cpp:
        * css/CSSValueList.cpp:
        * css/CSSValuePool.cpp:
        * css/CSSVariableData.cpp:
        * css/ElementRuleCollector.cpp:
        * css/InspectorCSSOMWrappers.cpp:
        * css/MediaList.cpp:
        * css/MediaQueryEvaluator.cpp:
        * css/MediaQueryExpression.cpp:
        * css/PropertySetCSSStyleDeclaration.cpp:
        * css/RGBColor.cpp:
        * css/SelectorChecker.cpp:
        * css/StyleProperties.cpp:
        * css/StyleResolver.cpp:
        * css/StyleRule.cpp:
        * css/StyleSheetContents.cpp:
        * css/TransformFunctions.cpp:
        * css/ViewportStyleResolver.cpp:
        * css/WebKitCSSRegionRule.cpp:
        * css/parser/CSSParser.cpp:
        * css/parser/CSSParserFastPaths.cpp:
        * css/parser/CSSParserIdioms.cpp:
        * css/parser/CSSParserSelector.cpp:
        * css/parser/CSSParserToken.cpp:
        * css/parser/CSSPropertyParser.cpp:
        * css/parser/CSSSelectorParser.cpp:
        * css/parser/MediaQueryParser.cpp:

2017-06-28  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build.

        * PlatformMac.cmake:

2017-06-28  Antoine Quint  <graouts@apple.com>

        Remove unnecessary `const double` method arguments
        https://bugs.webkit.org/show_bug.cgi?id=173925

        Reviewed by Dean Jackson.

        Addressing post-landing feedback from webkit.org/b/173858.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::formattedStringForDuration):
        * Modules/mediacontrols/MediaControlsHost.h:
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::mediaControlsFormattedStringForDuration):
        * rendering/RenderThemeCocoa.h:

2017-06-28  Zalan Bujtas  <zalan@apple.com>

        Unreviewed, rolling out r218373.

        Output is not right

        Reverted changeset:

        "Use WTFLogAlways for debug logging so that it shows up in
        device system logs"
        https://bugs.webkit.org/show_bug.cgi?id=173450
        http://trac.webkit.org/changeset/218373

2017-06-28  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Some web pages disappear immediately after rendering
        https://bugs.webkit.org/show_bug.cgi?id=173768

        Reviewed by Xabier Rodriguez-Calvar.

        This is happening with websites having a "hidden" class in HTML tag when a media element is added. In the GTK+
        port the media controls CSS contains the following code:

        .hidden {
            display: none !important;
        }

        That causes the whole HTML document to become display: none. That's why we just render a white page, and also
        the reason why it only happens with the GTK+ port and only with some specific websites. We should limit the
        scope of the hidden class to the media control elements.

        * css/mediaControlsGtk.css:
        (audio::-webkit-media-controls-panel.hidden,):
        (audio::-webkit-media-controls-panel div.mute-box.hidden,):
        (audio::-webkit-media-controls-current-time-display.hidden,):
        (audio::-webkit-media-controls-timeline.hidden,):
        (audio::-webkit-media-controls-toggle-closed-captions-button, video::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button.hidden,):
        (video::-webkit-media-controls-closed-captions-container.hidden):
        (audio::-webkit-media-controls-fullscreen-button.hidden,):
        (.hidden): Deleted.

2017-06-28  Antoine Quint  <graouts@apple.com>

        Media controls volume glyph does not have the correct material
        https://bugs.webkit.org/show_bug.cgi?id=173918
        <rdar://problem/33012697>

        Reviewed by Eric Carlson.

        Test: media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-mute-button-in-bottom-or-top-right-controls-bar.html

        All buttons were hosted in a ControlsBar save for the MuteButton, so we now host it in a controls bar as well
        to ensure compositing is similar to all other buttons.

        * Modules/modern-media-controls/controls/inline-media-controls.css:
        (.media-controls.inline > .controls-bar.top-right):
        (.media-controls.inline > button.mute): Deleted.
        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls):
        (InlineMediaControls.prototype.layout):
        (InlineMediaControls.prototype._addTopRightBarWithMuteButtonToChildren):
        * Modules/modern-media-controls/controls/macos-inline-media-controls.js:
        (MacOSInlineMediaControls.prototype.handleEvent):

2017-06-28  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r218799): [GTK][WPE] Critical warning at exit
        https://bugs.webkit.org/show_bug.cgi?id=173907

        Reviewed by Konstantin Tokarev.

        GLib-GObject-CRITICAL **: g_object_unref: assertion 'G_IS_OBJECT (object)' failed

        This is now always happening when closing the MeiniBrowser and it's causing a lot of unit tests to fail. In
        r218799, GRefPtrGtk.h include was removed from PasteboardHelper.h that contains a GRefPtr<GtkTargetList>. The
        targets are destroyed at exit, but now trying to use g_object_unref instead of gtk_target_list_unref(). I've
        found two more cases like this in r218799, that removes GUniquePtrSoup.h from ResourceHandleInternal.h and
        ResourceRequest.h that have GUniquePtr<SoupBuffer> and GUniquePtr<SoupURI>.

        Fixes several GTK+ and WPE unit tests.

        * platform/gtk/PasteboardHelper.h: Bring back GRefPtrGtk.h.
        * platform/network/ResourceHandleInternal.h: Bring back GUniquePtrSoup.h.
        * platform/network/soup/ResourceRequest.h: Ditto.

2017-06-27  Chris Dumez  <cdumez@apple.com>

        [ResourceLoadStatistics] Update minimumTimeBetweeenDataRecordsRemoval to 1 hour instead of 1 minute
        https://bugs.webkit.org/show_bug.cgi?id=173895
        <rdar://problem/32984366>

        Reviewed by Brent Fulgham.

        Update minimumTimeBetweeenDataRecordsRemoval to 1 hour instead of 1 minute to save battery.
        Also port code to modern time types.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::reduceTimeResolution):
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
        (WebCore::ResourceLoadObserver::setTimeToLiveUserInteraction):
        (WebCore::ResourceLoadObserver::setTimeToLiveCookiePartitionFree):
        (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
        (WebCore::ResourceLoadObserver::setReducedTimestampResolution):
        (WebCore::ResourceLoadObserver::setGrandfatheringTime):
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatistics.h:
        (WebCore::ResourceLoadStatistics::mostRecentUserInteractionTime):
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
        (WebCore::shouldPartitionCookies):
        (WebCore::ResourceLoadStatisticsStore::setTimeToLiveUserInteraction):
        (WebCore::ResourceLoadStatisticsStore::setTimeToLiveCookiePartitionFree):
        (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
        (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
        (WebCore::ResourceLoadStatisticsStore::hasHadRecentUserInteraction):
        (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
        (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
        (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
        (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
        * loader/ResourceLoadStatisticsStore.h:

2017-06-27  Chris Dumez  <cdumez@apple.com>

        Port HysteresisActivity to Seconds type
        https://bugs.webkit.org/show_bug.cgi?id=173902

        Reviewed by Simon Fraser.

        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::HysteresisActivity):
        (WebCore::HysteresisActivity::stop):
        * platform/ios/WebSQLiteDatabaseTrackerClient.mm:

2017-06-27  Jeremy Jones  <jeremyj@apple.com>

        MediaPlayerPrivate m_private may not yet be created when setPrivateBrowsingMode is called.
        https://bugs.webkit.org/show_bug.cgi?id=173893
        rdar://problem/32986872
        
        Reviewed by Ryosuke Niwa.

        No new tests because no reproducable case.

        setPrivateBrowsingMode can be called on MediaPlayer before the MediaPlayerPrivate is created.
        The value should only be pushed down the m_private if it has been created.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setPrivateBrowsingMode):

2017-06-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Support dragging out of contenteditable areas without a prior selection
        https://bugs.webkit.org/show_bug.cgi?id=173854
        <rdar://problem/32236827>

        Reviewed by Ryosuke Niwa and Tim Horton.

        Allows elements to be dragged from contenteditable areas for both WebKit1 and WebKit2 iOS. There are two main
        changes in WebCore: move the touch point adjustment code into EventHandler::tryToBeginDataInteractionAtPoint, so
        that the clientPosition specified will be adjusted to an appropriate clickable node if needed. This is necessary
        because UIWebDocumentView and WKContentView no longer send adjusted points to WebCore when requesting drag
        start. See <https://bugs.webkit.org/show_bug.cgi?id=173855> for a followup regarding the globalPosition and
        clientPositions passed in to the MouseEvents when performing a drag or synthetic click.

        Secondly, image elements in Mail's contenteditable area are not draggable unless the heuristic in
        DragController::draggableElement is tweaked to not reject image dragging across the board if the
        loadsImagesAutomatically setting is turned off. Instead, even if images are not automatically loaded, allow the
        image drag to commence if the image renderer already has a cached image.

        Test: DataInteractionTests.DragImageFromContentEditable

        * page/DragController.cpp:
        (WebCore::imageElementIsDraggable):
        (WebCore::DragController::draggableElement):
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::tryToBeginDataInteractionAtPoint):

2017-06-27  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Accessibility labels should be formatted using NSDateComponentsFormatter
        https://bugs.webkit.org/show_bug.cgi?id=173858
        <rdar://problem/32643171>

        Reviewed by Dean Jackson.

        We shouldn't be manually trying to create a formatted string for media controls and instead rely
        on NSDateComponentsFormatter to perform this task for us. So we remove the ad-hoc code in the JS
        media controls code and instead add a new MediaControlsHost method to format durations which calls
        into RenderTheme to provide a formatted duration string relevant to the current platform and locale.

        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::formattedStringForDuration):
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:
        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.set inputAccessibleLabel):
        * Modules/modern-media-controls/controls/time-label.js:
        (TimeLabel.prototype.commitProperty):
        * Modules/modern-media-controls/main.js:
        (createControls):
        (formattedStringForDuration):
        (formatTimeToString): Deleted.
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::mediaControlsFormattedStringForDuration):
        * rendering/RenderThemeCocoa.h:
        * rendering/RenderThemeCocoa.mm:
        (WebCore::RenderThemeCocoa::mediaControlsFormattedStringForDuration):

2017-06-27  Eric Carlson  <eric.carlson@apple.com>

        r218647 causes getUserMedia to fail on some machines
        https://bugs.webkit.org/show_bug.cgi?id=173894

        Reviewed by Youenn Fablet.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::isFrameRateSupported): Change frame rate epsilon from 0.00001
        to 0.001.

2017-06-27  Antoine Quint  <graouts@apple.com>

        Placard icons act like buttons (can get keyboard focus and shows up in VoiceOver)
        https://bugs.webkit.org/show_bug.cgi?id=173891
        <rdar://problem/33011855>

        Reviewed by Dean Jackson.

        Ensure that we disable buttons inside placards as they're only decorative and should
        not be interactive.

        * Modules/modern-media-controls/controls/placard.js:
        (Placard.):

2017-06-27  Jeremy Jones  <jeremyj@apple.com>

        Disable m_temporarilyAllowingInlinePlaybackAfterFullscreen on pause
        https://bugs.webkit.org/show_bug.cgi?id=173843
        rdar://problem/32982431

        Reviewed by Eric Carlson.

        Test: media/media-fullscreen-pause-inline.html

        Some pages may not have a fullscreen button, so disabled m_temporarilyAllowingInlinePlaybackAfterFullscreen on pause.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pause):

2017-06-27  Chris Dumez  <cdumez@apple.com>

        [iOS] Avoid taking / releasing process assertions too quickly due to database activity
        https://bugs.webkit.org/show_bug.cgi?id=173879
        <rdar://problem/32412701>

        Reviewed by Antti Koivisto.

        Add HysteresisActivity to WebSQLiteDatabaseTrackerClient to avoid taking / releasing
        process assertion too quickly due to database activity.

        * platform/ios/WebSQLiteDatabaseTrackerClient.h:
        * platform/ios/WebSQLiteDatabaseTrackerClient.mm:
        (WebCore::WebSQLiteDatabaseTrackerClient::WebSQLiteDatabaseTrackerClient):
        (WebCore::WebSQLiteDatabaseTrackerClient::willBeginFirstTransaction):
        (WebCore::WebSQLiteDatabaseTrackerClient::didFinishLastTransaction):
        (WebCore::WebSQLiteDatabaseTrackerClient::hysteresisUpdated):

2017-06-27  Youenn Fablet  <youenn@apple.com>

        Using public logging for WebRTC release logging
        https://bugs.webkit.org/show_bug.cgi?id=173881

        Reviewed by Eric Carlson.

        No change of behavior.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::PeerConnectionBackend::createOfferFailed):
        (WebCore::PeerConnectionBackend::createAnswerSucceeded):
        (WebCore::PeerConnectionBackend::createAnswerFailed):
        (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
        (WebCore::PeerConnectionBackend::addIceCandidateFailed):
        (WebCore::PeerConnectionBackend::newICECandidate):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::queuedSetLocalDescription):
        (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):
        (WebCore::RTCPeerConnection::updateIceGatheringState):
        (WebCore::RTCPeerConnection::updateIceConnectionState):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered):

2017-06-27  Don Olmstead  <don.olmstead@sony.com>

        [PAL] Add symbol export macros for PAL
        https://bugs.webkit.org/show_bug.cgi?id=171519

        Reviewed by Konstantin Tokarev.

        No new tests. No change in behavior.

        * CMakeLists.txt:
        * config.h:
        * platform/PlatformExportMacros.h:

2017-06-27  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Add telemetry
        https://bugs.webkit.org/show_bug.cgi?id=173499
        <rdar://problem/32826094>

        Reviewed by Brent Fulgham.

        Test: http/tests/loading/resourceLoadStatistics/telemetry-generation.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::fireTelemetryHandler):
            Test infrastructure.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::setFireTelemetryCallback):
        (WebCore::ResourceLoadStatisticsStore::fireTelemetryHandler):
            Test infrastructure.
        (WebCore::ResourceLoadStatisticsStore::sortedPrevalentResourceTelemetry):
            Convenience function for telemetry.
        * loader/ResourceLoadStatisticsStore.h:
            Added struct WebCore::PrevalentResourceTelemetry.
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::resourceLoadStatisticsTelemetryKey):
            Added.
        * page/DiagnosticLoggingKeys.h:

2017-06-27  Ting-Wei Lan  <lantw44@gmail.com>

        Add missing includes to fix compilation error on FreeBSD
        https://bugs.webkit.org/show_bug.cgi?id=172919

        Reviewed by Mark Lam.

        No new tests needed.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        * platform/audio/ReverbAccumulationBuffer.cpp:

2017-06-27  Zalan Bujtas  <zalan@apple.com>

        Add RenderEmbeddedObject::getReplacementTextGeometry helper.
        https://bugs.webkit.org/show_bug.cgi?id=173847

        Reviewed by Simon Fraser.

        ...and remove getReplacementTextGeometry's redundant return value. 

        No change in functionality.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::paintReplaced):
        (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
        (WebCore::RenderEmbeddedObject::unavailablePluginIndicatorBounds):
        (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
        * rendering/RenderEmbeddedObject.h:

2017-06-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Refactor drag start codepaths to plumb a DragItem to client layers
        https://bugs.webkit.org/show_bug.cgi?id=173832
        Work towards <rdar://problem/32236827>

        Reviewed by Ryosuke Niwa and Tim Horton.

        Refactor drag start logic in WebCore to set up a DragItem and propagate it to WebDragClient. No change in behavior.

        * loader/EmptyClients.cpp:
        * page/DragClient.h:
        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        (WebCore::DragController::doImageDrag):
        (WebCore::DragController::doSystemDrag):

        Refactor to pass along a DragItem. Also, remove unused drag image anchor computation.

        * page/DragController.h:
        * platform/DragImage.h:
        * platform/DragItem.h:

        Add additional information needed to begin a drag on iOS.

        (WebCore::DragItem::encode):
        (WebCore::DragItem::decode):

        Add IPC serialization/deserialization support for DragItem.

        * platform/PasteboardWriterData.cpp:
        (WebCore::PasteboardWriterData::isEmpty):
        * platform/PasteboardWriterData.h:

2017-06-27  Frederic Wang  <fwang@igalia.com>

        Some tests to verify forbidden frame navigation time out
        https://bugs.webkit.org/show_bug.cgi?id=173657

        Reviewed by Chris Dumez.

        Currently some tests try and perform a forbidden frame navigation and verify the
        corresponding console error. However, WebKit does not raise any exception for such error so
        the tests have to wait until the timeout limit to complete, which makes execution slow.
        This patch modifies the setters of window.location for which such error may happen in order
        to raise an exception so the tests behave as expected.

        No new tests, already covered by existing tests.

        * page/Location.cpp: Adjust Location::setLocation to return a security exception and pass it
        to the callers.
        (WebCore::Location::setHref): Adjust function to possibly return an exception.
        (WebCore::Location::setProtocol): Ditto.
        (WebCore::Location::setHost): Ditto.
        (WebCore::Location::setHostname): Ditto.
        (WebCore::Location::setPort): Ditto.
        (WebCore::Location::setPathname): Ditto.
        (WebCore::Location::setSearch): Ditto.
        (WebCore::Location::setHash): Ditto.
        (WebCore::Location::assign): Ditto.
        (WebCore::Location::setLocation): FrameLoader::findFrameForNavigation is really only used
        to verify whether navigating m_frame is permitted so it is more simple and clearer to do it
        directly. When navigation is not permitted, this function now raises a security exception.
        * page/Location.h: Modify some setters to return an ExceptionOr<void>.
        * page/Location.idl: Allow some setters to raise an exception.

2017-06-26  Fujii Hironori  <Hironori.Fujii@sony.com>

        [GTK] Layout Test webrtc/video.html issues "stack smashing detected"
        https://bugs.webkit.org/show_bug.cgi?id=173862

        Reviewed by Carlos Garcia Campos.

        Tests: webrtc/video.html

        Passing a bool variable to g_object_get causes out-of-bound write.
        gboolean should be used, which is 4 bytes while bool is one byte.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::muted): Use gboolean instead of bool.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp:
        (WebCore::MediaPlayerPrivateGStreamerOwr::trackEnded): Ditto.

2017-06-26  Chris Dumez  <cdumez@apple.com>

        WebsiteDataStore::fetchDataForTopPrivatelyControlledDomains() is inefficient
        https://bugs.webkit.org/show_bug.cgi?id=173850

        Reviewed by Ryosuke Niwa.

        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
        * loader/ResourceLoadStatisticsStore.h:

2017-06-26  Antti Koivisto  <antti@apple.com>

        REGRESSION (AsyncImageDecoding): A tab with the WWDC keynote paused is killed for using excessive power (Image thrashing)
        https://bugs.webkit.org/show_bug.cgi?id=173804
        <rdar://problem/32623745>

        Reviewed by Simon Fraser.

        When under memory pressure MemoryCache::singleton().pruneLiveResources(true) is called inFrameView::didPaintContents()
        after top level paint. We end up decoding and pruning bitmaps repeatedly for each tile, which is not great.

        Situation gets worse with async decoding. Painting now doesn’t actually decode the image, it just starts the decoding.
        When it completes we trigger another paint to get the bits to the tiles. The paint for the first tile then calls
        pruneLiveResources and loses the bitmap and the second tile triggers another round of async decoding. We have code
        that prevents pruning of visible images but non-visible images in tiling area can hit this bug easily.

        Test: fast/images/low-memory-decode.html

        * page/FrameView.cpp:
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::didPaintContents):

            Eliminate synchronous pruning during painting. This is an obsolete mechanism from early iOS times.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::imageFrameAvailableAtIndex):
        (WebCore::BitmapImage::decodeCountForTesting):

            Testing support.

        * platform/graphics/BitmapImage.h:
        * testing/Internals.cpp:
        (WebCore::Internals::imageDecodeCount):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-26  Chris Dumez  <cdumez@apple.com>

        ImageFrameCache::startAsyncDecodingQueue() unsafely passes Strings across threads
        https://bugs.webkit.org/show_bug.cgi?id=173842

        Reviewed by Simon Fraser.

        The URL string was passed across thread without isolated copy.

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::startAsyncDecodingQueue):

2017-06-26  Jonathan Bedard  <jbedard@apple.com>

        Unreviewed, rolling out r218783.

        Causing accessibility/mac/setting-attributes-is-
        asynchronous.html to crash consistently on mac-wk2 Debug

        Reverted changeset:

        "AX: Cannot call setValue() on contenteditable or ARIA text
        controls"
        https://bugs.webkit.org/show_bug.cgi?id=173520
        http://trac.webkit.org/changeset/218783

2017-06-26  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Drop Thread::create(obsolete things) API since we can use lambda
        https://bugs.webkit.org/show_bug.cgi?id=173825

        Reviewed by Saam Barati.

        No behavior change.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::IDBServer):
        (WebCore::IDBServer::IDBServer::databaseThreadEntry): Deleted.
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/webaudio/AsyncAudioDecoder.cpp:
        (WebCore::AsyncAudioDecoder::AsyncAudioDecoder):
        (WebCore::AsyncAudioDecoder::threadEntry): Deleted.
        * Modules/webaudio/AsyncAudioDecoder.h:
        * Modules/webaudio/OfflineAudioDestinationNode.cpp:
        (WebCore::OfflineAudioDestinationNode::startRendering):
        (WebCore::OfflineAudioDestinationNode::offlineRenderEntry): Deleted.
        * Modules/webaudio/OfflineAudioDestinationNode.h:
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::start):
        (WebCore::DatabaseThread::databaseThreadStart): Deleted.
        * Modules/webdatabase/DatabaseThread.h:
        * bindings/js/GCController.cpp:
        (WebCore::collect):
        (WebCore::GCController::gcTimerFired):
        (WebCore::GCController::garbageCollectOnAlternateThreadForDebugging):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::open):
        (WebCore::IconDatabase::iconDatabaseSyncThreadStart): Deleted.
        * loader/icon/IconDatabase.h:
        * page/ResourceUsageThread.cpp:
        (WebCore::ResourceUsageThread::createThreadIfNeeded):
        (WebCore::ResourceUsageThread::threadCallback): Deleted.
        * page/ResourceUsageThread.h:
        * page/scrolling/ScrollingThread.cpp:
        (WebCore::ScrollingThread::createThreadIfNeeded):
        (WebCore::ScrollingThread::threadCallback): Deleted.
        (WebCore::ScrollingThread::threadBody): Deleted.
        * page/scrolling/ScrollingThread.h:
        * platform/audio/HRTFDatabaseLoader.cpp:
        (WebCore::HRTFDatabaseLoader::loadAsynchronously):
        (WebCore::databaseLoaderEntry): Deleted.
        * platform/audio/HRTFDatabaseLoader.h:
        * platform/audio/ReverbConvolver.cpp:
        (WebCore::ReverbConvolver::ReverbConvolver):
        (WebCore::backgroundThreadEntry): Deleted.
        * platform/audio/ReverbConvolver.h:
        (WebCore::ReverbConvolver::useBackgroundThreads):
        * platform/network/cf/LoaderRunLoopCF.cpp:
        (WebCore::loaderRunLoop):
        (WebCore::runLoaderThread): Deleted.
        * platform/network/curl/CurlManager.cpp:
        (WebCore::CurlManager::startThreadIfNeeded):
        (WebCore::CurlManager::workerThread):
        * platform/network/curl/CurlManager.h:
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::start):
        (WebCore::WorkerThread::workerThreadStart): Deleted.
        * workers/WorkerThread.h:

2017-06-26  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Add support for aria-details and aria-errormessage
        https://bugs.webkit.org/show_bug.cgi?id=172588

        Reviewed by Chris Fleizach.

        Add methods to retrieve elements referenced by or referencing the new
        aria-details and aria-errormessage attributes. Include aria-details and
        aria-errormessage in AccessibilityObject::supportsARIAAttributes() to ensure
        elements with these attributes will be included in the accessibility tree.

        New test cases added to accessibility/gtk/relation-types.html.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIAAttributes):
        (WebCore::AccessibilityObject::ariaDetailsElements):
        (WebCore::AccessibilityObject::ariaDetailsReferencingElements):
        (WebCore::AccessibilityObject::ariaErrorMessageElements):
        (WebCore::AccessibilityObject::ariaErrorMessageReferencingElements):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (setAtkRelationSetFromCoreObject):
        * html/HTMLAttributeNames.in:

2017-06-26  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from WebCore/{Modules,animation,crypto,domjit}
        https://bugs.webkit.org/show_bug.cgi?id=173824

        Reviewed by Darin Adler.

        No new tests needed.

        * Modules/credentials/CredentialCreationOptions.h:
        * Modules/credentials/PasswordCredential.h:
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyOwner.h:
        * Modules/gamepad/GamepadManager.h:
        * Modules/geolocation/Coordinates.h:
        * Modules/geolocation/Geoposition.h:
        * Modules/indexeddb/IDBActiveDOMObject.h:
        * Modules/indexeddb/IDBCursor.h:
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBDatabaseIdentifier.h:
        * Modules/indexeddb/IDBObjectStore.cpp:
        * Modules/indexeddb/IDBObjectStore.h:
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        * Modules/indexeddb/server/UniqueIDBDatabase.h:
        * Modules/indexeddb/shared/InProcessIDBServer.h:
        * Modules/indexeddb/shared/IndexKey.h:
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediasession/WebMediaSessionManager.h:
        * Modules/mediasource/SourceBufferList.h:
        * Modules/mediasource/VideoPlaybackQuality.h:
        * Modules/notifications/Notification.h:
        * Modules/quota/WorkerNavigatorStorageQuota.h:
        * Modules/webaudio/AudioBasicProcessorNode.h:
        * Modules/webaudio/AudioContext.h:
        * Modules/webaudio/AudioDestinationNode.h:
        * Modules/webaudio/AudioParamTimeline.h:
        * Modules/webaudio/ConvolverNode.cpp:
        * Modules/webaudio/MediaStreamAudioSource.h:
        * Modules/webaudio/MediaStreamAudioSourceNode.h:
        * Modules/webaudio/PannerNode.h:
        * Modules/webaudio/PeriodicWave.h:
        * Modules/webaudio/ScriptProcessorNode.h:
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseTask.h:
        * Modules/webdatabase/SQLTransaction.h:
        * Modules/webdatabase/SQLTransactionBackend.h:
        * Modules/webdatabase/SQLTransactionStateMachine.h:
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
        * Modules/websockets/WebSocketDeflater.h:
        * Modules/websockets/WorkerThreadableWebSocketChannel.h:
        * animation/AnimationEffect.h:
        * crypto/CryptoKeyPair.h:
        * crypto/parameters/CryptoAlgorithmEcdhKeyDeriveParams.h:
        * dom/ScriptExecutionContext.h:
        * domjit/DOMJITHelpers.h:
        * domjit/DOMJITIDLConvert.h:
        * domjit/DOMJITIDLType.h:

2017-06-26  Konstantin Tokarev  <annulen@yandex.ru>

        [GTK] Unreviewed, added missing includes to fix debug build

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

2017-06-25  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from WebCore/platform
        https://bugs.webkit.org/show_bug.cgi?id=173822

        Reviewed by Tim Horton.

        No new tests needed.

        * html/ColorInputType.h:
        * html/MediaElementSession.h:
        * page/SecurityOriginData.cpp:
        * platform/CalculationValue.cpp:
        * platform/CalculationValue.h:
        * platform/ColorChooserClient.h:
        * platform/ContentType.h:
        * platform/LogMacros.h:
        * platform/PODRedBlackTree.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/PopupMenuStyle.h:
        * platform/ScrollAnimator.h:
        * platform/Theme.h:
        * platform/ThreadGlobalData.h:
        * platform/animation/AnimationList.h:
        * platform/audio/AudioArray.h:
        * platform/audio/AudioChannel.h:
        * platform/audio/DynamicsCompressor.h:
        * platform/audio/DynamicsCompressorKernel.h:
        * platform/audio/FFTFrame.h:
        * platform/audio/HRTFDatabaseLoader.cpp:
        * platform/audio/HRTFDatabaseLoader.h:
        * platform/audio/HRTFElevation.h:
        * platform/audio/MultiChannelResampler.h:
        * platform/audio/PlatformMediaSession.h:
        * platform/audio/ReverbConvolver.h:
        * platform/audio/ReverbConvolverStage.cpp:
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/BitmapImage.h:
        * platform/graphics/CrossfadeGeneratedImage.h:
        * platform/graphics/FloatPolygon.h:
        * platform/graphics/FloatSizeHash.h:
        * platform/graphics/Font.h:
        * platform/graphics/FontMetrics.h:
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/FontRanges.h:
        * platform/graphics/FontTaggedSettings.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/GraphicsContext3DPrivate.h:
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/Image.cpp:
        * platform/graphics/ImageFrame.h:
        * platform/graphics/ImageFrameCache.h:
        * platform/graphics/ImageSource.h:
        * platform/graphics/IntRectHash.h:
        * platform/graphics/IntSizeHash.h:
        * platform/graphics/MediaPlaybackTargetClient.h:
        * platform/graphics/Pattern.h:
        * platform/graphics/PlatformTimeRanges.h:
        * platform/graphics/TextRun.h:
        * platform/graphics/TiledBacking.h:
        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/filters/FEConvolveMatrix.h:
        * platform/graphics/filters/FELighting.h:
        * platform/graphics/filters/SourceAlpha.h:
        * platform/graphics/gstreamer/GStreamerUtilities.h:
        * platform/graphics/gstreamer/InbandMetadataTextTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/harfbuzz/HarfBuzzShaper.h:
        * platform/graphics/opengl/Extensions3DOpenGL.h:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperBackingStore.h:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
        * platform/graphics/texmap/TextureMapperTile.h:
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:
        * platform/graphics/transforms/TransformState.h:
        * platform/gtk/PasteboardHelper.h:
        * platform/gtk/ScrollbarThemeGtk.h:
        * platform/image-decoders/ImageDecoder.h:
        * platform/network/BlobData.h:
        * platform/network/BlobDataFileReference.h:
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        * platform/network/SocketStreamHandleClient.h:
        * platform/network/soup/ResourceRequest.h:
        * platform/network/soup/SocketStreamHandleImpl.h:
        * platform/network/soup/SoupNetworkSession.h:
        * platform/sql/SQLiteFileSystem.h:
        * platform/text/LocaleICU.h:

2017-06-25  Youenn Fablet  <youenn@apple.com>

        Remove use of mock webrtc backend factory at injected bundle reset time
        https://bugs.webkit.org/show_bug.cgi?id=173817

        Reviewed by Darin Adler.

        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState): Resetting the peer connection backend.
        * testing/MockLibWebRTCPeerConnection.cpp: Doing some clean-up
        (WebCore::useRealRTCPeerConnectionFactory):
        (WebCore::MockLibWebRTCPeerConnectionFactory::MockLibWebRTCPeerConnectionFactory):
        (WebCore::MockLibWebRTCPeerConnectionFactory::CreatePeerConnection):
        (WebCore::MockLibWebRTCPeerConnectionFactory::CreateVideoTrack):
        (WebCore::MockLibWebRTCPeerConnectionFactory::CreateAudioTrack):
        * testing/MockLibWebRTCPeerConnection.h:

2017-06-25  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=173812

        Reviewed by Darin Adler.

        No new tests needed.

        * Modules/indexeddb/IDBObjectStore.cpp:
        * bindings/js/JSDOMPromiseDeferred.h:
        * bindings/js/JSLazyEventListener.cpp:
        * bindings/js/JSMainThreadExecState.h:
        * bindings/js/ReadableStreamDefaultController.cpp:
        * bindings/js/ScriptGlobalObject.cpp:
        * bindings/js/SerializedScriptValue.cpp:
        * bridge/NP_jsobject.cpp:
        * dom/ScriptExecutionContext.cpp:
        * html/HTMLPlugInImageElement.cpp:

2017-06-25  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from WebCore/{rendering,style,svg}
        https://bugs.webkit.org/show_bug.cgi?id=173773

        Reviewed by Darin Adler.

        No new tests needed.

        * css/StyleBuilderConverter.h:
        * editing/TextIterator.cpp:
        * rendering/CounterNode.h:
        * rendering/FlexibleBoxAlgorithm.h:
        * rendering/HitTestLocation.h:
        * rendering/HitTestResult.h:
        * rendering/HitTestingTransformState.h:
        * rendering/OrderIterator.h:
        * rendering/RenderButton.h:
        * rendering/RenderCombineText.h:
        * rendering/RenderFlowThread.h:
        * rendering/RenderFullScreen.h:
        * rendering/RenderGeometryMap.h:
        * rendering/RenderListItem.h:
        * rendering/RenderMediaControlElements.cpp:
        * rendering/RenderMediaControlElements.h:
        * rendering/RenderMediaControls.h:
        * rendering/RenderMeter.h:
        * rendering/RenderMultiColumnSet.cpp:
        * rendering/RenderObject.h:
        * rendering/RenderRegion.h:
        * rendering/RenderRegionSet.cpp:
        * rendering/RenderRegionSet.h:
        * rendering/RenderTheme.h:
        * rendering/RenderVTTCue.cpp:
        * rendering/RenderVTTCue.h:
        * rendering/SimpleLineLayoutFunctions.h:
        * rendering/SimpleLineLayoutResolver.h:
        * rendering/line/BreakingContext.h:
        * rendering/line/LineBreaker.h:
        * rendering/mathml/MathMLStyle.h:
        * rendering/mathml/RenderMathMLOperator.h:
        * rendering/mathml/RenderMathMLRoot.h:
        * rendering/shapes/RectangleShape.h:
        * rendering/style/BasicShapes.h:
        * rendering/style/BorderData.h:
        * rendering/style/CounterDirectives.h:
        * rendering/style/GridArea.h:
        * rendering/style/KeyframeList.h:
        * rendering/style/RenderStyle.h:
        * rendering/style/SVGRenderStyle.h:
        * rendering/style/ShapeValue.h:
        * rendering/style/StyleCachedImage.h:
        * rendering/style/StyleMultiColData.h:
        * rendering/style/StyleRareNonInheritedData.h:
        * rendering/style/WillChangeData.h:
        * rendering/svg/RenderSVGBlock.h:
        * rendering/svg/RenderSVGRect.h:
        * rendering/svg/RenderSVGResource.h:
        * rendering/svg/RenderSVGResourceContainer.h:
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/SVGInlineFlowBox.cpp:
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGRootInlineBox.h:
        * rendering/svg/SVGTextChunk.cpp:
        * rendering/svg/SVGTextChunk.h:
        * rendering/svg/SVGTextChunkBuilder.cpp:
        * rendering/svg/SVGTextLayoutEngine.cpp:
        * rendering/svg/SVGTextLayoutEngineSpacing.h:
        * style/RenderTreePosition.cpp:
        * style/RenderTreePosition.h:
        * style/RenderTreeUpdater.h:
        * style/StyleFontSizeFunctions.h:
        * style/StyleInvalidator.h:
        * style/StyleResolveForDocument.h:
        * style/StyleScope.h:
        * style/StyleTreeResolver.cpp:
        * style/StyleTreeResolver.h:
        * style/StyleUpdate.h:
        * svg/SVGAnimationElement.h:
        * svg/SVGFEBlendElement.cpp:
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFEFloodElement.cpp:
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEImageElement.h:
        * svg/SVGFEMergeElement.cpp:
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEOffsetElement.cpp:
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFETileElement.cpp:
        * svg/SVGFETileElement.h:
        * svg/SVGParserUtilities.h:
        * svg/SVGPathByteStream.h:
        * svg/SVGPathElement.cpp:
        * svg/SVGPolyElement.cpp:
        * svg/SVGSVGElement.cpp:
        * svg/SVGTRefElement.cpp:
        * svg/SVGTextPathElement.cpp:
        * svg/SVGUseElement.cpp:
        * svg/animation/SMILTimeContainer.h:
        * svg/graphics/SVGImageCache.h:
        * svg/graphics/filters/SVGFilter.h:

2017-06-25  Antoine Quint  <graouts@apple.com>

        Remove rAf suspension logging
        https://bugs.webkit.org/show_bug.cgi?id=173821

        Reviewed by Tim Horton.

        Now that webkit.org/b/173628 is fixed, we can remove the logging code we added.

        * dom/Document.cpp:
        (WebCore::Document::requestAnimationFrame):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):
        (WebCore::ScriptedAnimationController::resume):
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        (WebCore::Page::resumeScriptedAnimations):
        (WebCore::Page::setIsVisibleInternal):
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::MacApplication::isDumpRenderTree): Deleted.

2017-06-24  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add complete support for stringifier
        https://bugs.webkit.org/show_bug.cgi?id=173724

        Reviewed by Darin Adler.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddStringifierOperationIfNeeded):
        Update AddStringifierOperationIfNeeded to support stringifier on operations and be more
        strict about the allowed types. Also copies over all extended attributes to the synthetic
        operation.

        * bindings/scripts/IDLParser.pm:
        (parseInterfaceMember):
        (parseOperationOrReadWriteAttributeOrMaplike):
        (parseReadOnlyMember):
        (parseStringifier):
        (parseStaticMember):
        (parseAttributeOrOperationForStringifierOrStatic):
        (parseReadWriteAttribute):
        (parseAttributeRest):
        (parseOperation):
        (parseSpecialOperation):
        (parseMapLikeProperties):
        (parseOperationRest):
        (parseAttributeOrOperationOrIterator): Deleted.
        (parseQualifier): Deleted.
        (parseAttributeOrOperationRest): Deleted.
        (parseAttribute): Deleted.
        (parseOperationOrIterator): Deleted.
        - Update parser to more closely resemble the WebIDL grammar, splitting out parseStringifier and
          parseStaticMember into their own subroutines. 
        - Move those and parseSerializer, parseStringifier, parseStaticMember, parseIterableRest and a split out
          parseReadOnlyMembers up into parseInterfaceMember to make it clearer that they are top level members
          and match the grammar.
        - Rename parseAttributeOrOperationOrIterator to parseOperationOrReadWriteAttributeOrMaplike to match the
          grammar language and make it clear what it does.
        - Add parseAttributeOrOperationForStringifierOrStatic which contains most of the logic for parsing stringifiers
          and static members, which have almost identical grammars.
        - Remove creator special which no longer exists in the spec.

        * css/DOMMatrixReadOnly.idl:
        * css/WebKitCSSMatrix.idl:
        * dom/Range.idl:
        * html/URLSearchParams.idl:
        Fix FIXMEs by switching to use stringifier.

        * bindings/scripts/test/JS/JSTestStringifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifier.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: Added.
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: Added.
        * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: Added.
        * bindings/scripts/test/TestStringifier.idl: Added.
        * bindings/scripts/test/TestStringifierAnonymousOperation.idl: Added.
        * bindings/scripts/test/TestStringifierNamedOperation.idl: Added.
        * bindings/scripts/test/TestStringifierOperationImplementedAs.idl: Added.
        * bindings/scripts/test/TestStringifierOperationNamedToString.idl: Added.
        * bindings/scripts/test/TestStringifierReadOnlyAttribute.idl: Added.
        * bindings/scripts/test/TestStringifierReadWriteAttribute.idl: Added.
        Add new tests.

2017-06-24  Chris Fleizach  <cfleizach@apple.com>

        AX: Cannot call setValue() on contenteditable or ARIA text controls
        https://bugs.webkit.org/show_bug.cgi?id=173520

        Reviewed by Ryosuke Niwa.

        Add support for changing the value of a contenteditable and any other aria text control in setValue().
 
        Test: accessibility/mac/set-value-editable-types.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setValue):

2017-06-23  Simon Fraser  <simon.fraser@apple.com>

        Attempt to fix an internal build after r218755.

        * bindings/js/JSMainThreadExecStateInstrumentation.h:

2017-06-23  Chris Dumez  <cdumez@apple.com>

        Add release assertion to make sure callbackIdentifier is not 0 in DocumentLoader::finishedLoadingIcon()
        https://bugs.webkit.org/show_bug.cgi?id=173792

        Reviewed by Ryosuke Niwa.

        Add release assertion to make sure callbackIdentifier is not 0 in DocumentLoader::finishedLoadingIcon()
        as this could cause HashTable corruption on WebPageProxy side.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoadingIcon):

2017-06-23  Youenn Fablet  <youenn@apple.com>

        webrtc::WebRtcSession is not handling correctly its state when setLocalDescription fails and is called again
        https://bugs.webkit.org/show_bug.cgi?id=173783

        Reviewed by Alex Christensen.

        Test: webrtc/libwebrtc/setLocalDescriptionCrash.html

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::doSetLocalDescription): Fail early if there is no pending remote description and description is for an answer.

2017-06-23  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream macOS] enumerateDevices should only return valid audio capture devices
        https://bugs.webkit.org/show_bug.cgi?id=173790
        <rdar://problem/32260334>

        Reviewed by Youenn Fablet.

        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:
        (WebCore::isValidCaptureDevice): A valid device has a name and is not an aggregate device
        created by VPIO.
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):

2017-06-23  Jer Noble  <jer.noble@apple.com>

        [WK2] Support -[WebAVPlayerController setMuted:]
        https://bugs.webkit.org/show_bug.cgi?id=173777

        Reviewed by Eric Carlson.

        Have -[WebAVPlayerController setMuted:] pass the request to its delegate (the model)
        rather than just storing the value.

        * platform/cocoa/WebPlaybackSessionModel.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::toggleMuted):
        (WebCore::WebPlaybackSessionModelMediaElement::setMuted):
        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController isMuted]):
        (-[WebAVPlayerController setMuted:]):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::setMuted):

2017-06-23  Frederic Wang  <fwang@igalia.com>

        Make RenderLayer::handleTouchEvent use usesAcceleratedScrolling()
        https://bugs.webkit.org/show_bug.cgi?id=173763

        Reviewed by Simon Fraser.

        No new tests, behavior is unchanged.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::handleTouchEvent): Call usesAcceleratedScrolling() instead of
        hasTouchScrollableOverflow() for clarity.

2017-06-23  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from WebCore/{bindings,css,dom}
        https://bugs.webkit.org/show_bug.cgi?id=173766

        Reviewed by Simon Fraser.

        No new tests needed.

        * ForwardingHeaders/runtime/ThrowScope.h: Added.
        * Modules/plugins/QuickTimePluginReplacement.mm:
        * bindings/js/CachedScriptSourceProvider.h:
        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        * bindings/js/JSCustomXPathNSResolver.cpp:
        * bindings/js/JSDOMConstructorNotConstructable.h:
        * bindings/js/JSDOMConvertBase.h:
        * bindings/js/JSDOMConvertBufferSource.h:
        * bindings/js/JSDOMConvertInterface.h:
        * bindings/js/JSDOMConvertStrings.h:
        * bindings/js/JSDOMConvertUnion.h:
        * bindings/js/JSDOMConvertVariadic.h:
        * bindings/js/JSDOMConvertWebGL.h:
        * bindings/js/JSDOMExceptionHandling.h:
        * bindings/js/JSDOMIterator.h:
        * bindings/js/JSDOMMapLike.h:
        * bindings/js/JSDOMWindowBase.cpp:
        * bindings/js/JSDOMWindowCustom.cpp:
        * bindings/js/JSDOMWindowCustom.h:
        * bindings/js/JSDOMWindowProperties.h:
        * bindings/js/JSDOMWrapperCache.h:
        * bindings/js/JSLazyEventListener.cpp:
        * bindings/js/JSMainThreadExecStateInstrumentation.h:
        * bindings/js/JSMediaListCustom.h:
        * bindings/js/JSNodeCustom.h:
        * bindings/js/JSNodeListCustom.h:
        * bindings/js/JSVideoTrackListCustom.cpp:
        * bindings/js/ScheduledAction.h:
        * bindings/js/ScriptSourceCode.h:
        * bindings/js/SerializedScriptValue.h:
        * bindings/js/WebCoreJSClientData.h:
        * css/CSSFontFeatureValue.h:
        * css/CSSPrimitiveValue.h:
        * css/CSSStyleSheet.h:
        * css/CSSValue.h:
        * css/StyleBuilderCustom.h:
        * dom/ContainerNodeAlgorithms.h:
        * dom/DataTransfer.h:
        * dom/Node.h:
        * dom/NodeRareData.h:
        * dom/Position.h:
        * dom/RenderedDocumentMarker.h:

2017-06-23  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        Fix broken WinCairo build

        [Curl] Extract CurlDownloadManager as shared background task handler
        https://bugs.webkit.org/show_bug.cgi?id=173557

        Reviewed by Joseph Pecoraro.

        * platform/network/curl/CurlManager.h:

2017-06-23  Chris Dumez  <cdumez@apple.com>

        [iOS] Potential crash under WebCore::notifyLowPowerModeChanged(WebCore::LowPowerModeNotifier*, bool)
        https://bugs.webkit.org/show_bug.cgi?id=173755
        <rdar://problem/32940942>

        Reviewed by Mark Lam.

        The crash was happening because the WebLowPowerModeObserver would dispatch
        a lambda to the main thread but the LowPowerModeNotifier object could be
        dead by the time we get to the main thread.

        To address the issue, keep a strong ref to the WebLowPowerModeObserver in
        the lambda we dispatch to the main thread to make sure it stays alive until
        we execute the lambda. In the LowPowerModeNotifier destructor, we now reset
        the WebLowPowerModeObserver's notifier pointer to nil and I added a null
        check for this notifier in the lambda.

        * platform/LowPowerModeNotifier.cpp:
        (WebCore::LowPowerModeNotifier::~LowPowerModeNotifier):
        * platform/LowPowerModeNotifier.h:
        * platform/ios/LowPowerModeNotifierIOS.mm:
        (-[WebLowPowerModeObserver initWithNotifier:]):
        (-[WebLowPowerModeObserver _didReceiveLowPowerModeChange]):
        (WebCore::LowPowerModeNotifier::LowPowerModeNotifier):
        (WebCore::LowPowerModeNotifier::~LowPowerModeNotifier):
        (WebCore::notifyLowPowerModeChanged):

2017-06-23  Alex Christensen  <achristensen@webkit.org>

        Add SPI to WKURLSchemeTask for redirection
        https://bugs.webkit.org/show_bug.cgi?id=173730

        Reviewed by Brady Eidson.

        * platform/network/CacheValidation.cpp:
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        Asserting that redirects are always http/https URLs is no longer valid.
        If there's a custom scheme redirect, give it no freshness lifetime in the cache.

2017-06-23  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive headers from WebCore/{editing,fileapi,history,html,loader,page}
        https://bugs.webkit.org/show_bug.cgi?id=173769

        Reviewed by Simon Fraser.

        No new tests needed.

        * css/CSSFontFaceSource.cpp:
        * editing/DictationCommand.cpp:
        * editing/Editor.h:
        * editing/VisiblePosition.h:
        * editing/VisibleUnits.h:
        * fileapi/BlobBuilder.h:
        * history/PageCache.h:
        * html/DOMURL.h:
        * html/HTMLCollection.h:
        * html/HTMLMediaElement.cpp:
        * html/HTMLMediaElement.h:
        * html/HTMLPlugInImageElement.cpp:
        * html/StepRange.h:
        * html/canvas/CanvasRenderingContext.h:
        * html/canvas/CanvasRenderingContext2D.h:
        * html/parser/HTMLDocumentParser.cpp:
        * html/parser/HTMLElementStack.h:
        * html/parser/HTMLInputStream.h:
        * html/shadow/MediaControlElements.cpp:
        * html/shadow/MediaControls.cpp:
        * html/shadow/MediaControls.h:
        * html/track/TrackListBase.h:
        * html/track/VTTCue.h:
        * html/track/WebVTTParser.cpp:
        * html/track/WebVTTParser.h:
        * loader/CrossOriginPreflightChecker.cpp:
        * loader/DocumentThreadableLoader.cpp:
        * loader/FrameLoaderClient.h:
        * loader/LinkPreloadResourceClients.h:
        * loader/LoadTiming.h:
        * loader/ThreadableLoaderClientWrapper.h:
        * loader/WorkerThreadableLoader.h:
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedResourceRequest.h:
        * loader/cache/CachedSVGDocument.h:
        * loader/cache/CachedTextTrack.h:
        * loader/icon/IconLoader.cpp:
        * page/AlternativeTextClient.h:
        * page/CaptionUserPreferences.cpp:
        * page/CaptionUserPreferences.h:
        * page/ContextMenuClient.h:
        * page/MainFrame.h:
        * page/Page.h:
        * page/PageGroup.h:
        * page/PerformanceEntry.h:
        * page/PerformanceResourceTiming.h:
        * page/ResourceUsageOverlay.cpp:
        * page/ResourceUsageOverlay.h:
        * page/UserContentController.h:
        * page/UserContentProvider.h:
        * page/animation/AnimationBase.h:
        * page/animation/CSSPropertyAnimation.h:
        * page/animation/CompositeAnimation.h:
        * page/scrolling/ScrollingCoordinator.h:
        * xml/XSLTProcessorLibxslt.cpp:
        * xml/parser/XMLDocumentParserLibxml2.cpp:

2017-06-23  Chris Dumez  <cdumez@apple.com>

        [mac-wk1] requestAnimationFrame callbacks may not get serviced
        https://bugs.webkit.org/show_bug.cgi?id=173628

        Reviewed by Simon Fraser.

        Page::setIsVisibleInternal() was firing the 'visibilitychange' event
        synchronously while in the middle of updating its visibility/activity
        state. This allowed the JavaScript to re-enter the method by calling
        testRunner.setPageVisibility() / resetPageVisiblity() and we would
        end up in an inconsistent state.

        No new tests, extended existing test.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged):
        Do no fire the visibilitychange event synchronously as we are in the
        middle of updating the page's activity state. Instead fire the
        event asynchronously.

        * page/Page.cpp:
        (WebCore::Page::setIsVisibleInternal):
        Move the calling of Document::visibilityStateChanged() until after we're
        done updating the page's visibility state.

        * testing/Internals.cpp:
        (WebCore::Internals::scriptedAnimationsAreSuspended):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add test infrastructure to check if scripted animations are suspended.

2017-06-23  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Respond to AudioSession interruption and resume
        https://bugs.webkit.org/show_bug.cgi?id=173718
        <rdar://problem/32925263>

        Reviewed by Youenn Fablet.

        Tested manually.

        * WebCore.xcodeproj/project.pbxproj: Add CoreAudioCaptureSourceIOS.mm/.h

        * platform/mediastream/RealtimeMediaSource.h: Make createWeakPtr protected so derived classes
        can use it.

        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.h: Added.
        * platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm: Added.
        (-[WebCoreAudioCaptureSourceIOSListener initWithCallback:]):
        (-[WebCoreAudioCaptureSourceIOSListener invalidate]):
        (-[WebCoreAudioCaptureSourceIOSListener handleInterruption:]):
        (-[WebCoreAudioCaptureSourceIOSListener sessionMediaServicesWereReset:]):
        (WebCore::CoreAudioCaptureSourceIOS::CoreAudioCaptureSourceIOS):
        (WebCore::CoreAudioCaptureSourceIOS::~CoreAudioCaptureSourceIOS):

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::suspended): 
        (WebCore::CoreAudioSharedUnit::setupAudioUnit): Clear m_suspended.
        (WebCore::CoreAudioSharedUnit::suspend): Don't clear sources or uninitialize the audio unit,
        suspend is temporary. Set m_suspended.
        (WebCore::CoreAudioSharedUnit::resume): New, restart the audio unit.
        (WebCore::CoreAudioCaptureSource::create): Create the correct object.
        (WebCore::CoreAudioCaptureSource::scheduleReconfiguration): Dispatch to main thread if necessary.
        (WebCore::CoreAudioCaptureSource::beginInterruption): New, suspend from main thread.
        (WebCore::CoreAudioCaptureSource::endInterruption): New, resume/reconfigure from main thread.
        (WebCore::CoreAudioCaptureSource::interrupted):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-06-23  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Drop the AES-CFB support
        https://bugs.webkit.org/show_bug.cgi?id=173547

        Reviewed by Jiewen Tan.

        No new tests -- relevant test baselines are updated.

        Stop registering the AES-CFB algorithm as something that's supported by
        the libgcrypt implementation. This algorithm was previously included in
        the Web Crypto API specification, but has since been dropped from it.

        Conveniently, libgcrypt only recently gained support for the CFB8 AES
        cipher mode that's required by the specification, meaning we could only
        support this algorithm with future releases of the libgcrypt library.

        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):

2017-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [WPE] Enable PUBLIC_SUFFIX_LIST
        https://bugs.webkit.org/show_bug.cgi?id=173758

        Reviewed by Žan Doberšek.

        * PlatformWPE.cmake: Add PublicSuffixSoup.cpp to the build.

2017-06-22  Antti Koivisto  <antti@apple.com>

        REGRESSION(r217695): Offscreen/overflowed items not being rendered while translating in-frame
        https://bugs.webkit.org/show_bug.cgi?id=173732

        Reviewed by Simon Fraser.

        If an accelerated animation starts completely outside the view we fail to create backing for it
        when it moves into view.

        Fix by computing the full extent rect of the animation when it starts and doing the viewport overlap
        testing with that.

        Test: compositing/backing/transform-transition-from-outside-view.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::animationExtent):
        (WebCore::GraphicsLayer::setAnimationExtent):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::computeVisibleAndCoverageRect):

            Return the current animation transformation matrix so we can use it elsewhere without recomputing.

        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):

            If we have animation extent use it instead of bounds for visibility testing.

        (WebCore::GraphicsLayerCA::recursiveCommitChanges):

            Track if theres is a visible ancestor layer with a transition animation.

        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateCoverage):

            For simplicity create backing for all sublayers of a visible transform animated layer.

        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::VisibleAndCoverageRects::VisibleAndCoverageRects): Deleted.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):

            Pass the animation extent (including descendants) to GraphicsLayer.

2017-06-22  Chris Dumez  <cdumez@apple.com>

        ResourceLoadStatisticsStore should be ThreadSafeRefCounted
        https://bugs.webkit.org/show_bug.cgi?id=173753
        <rdar://problem/32939326>

        Reviewed by Andreas Kling.

        ResourceLoadStatisticsStore should be ThreadSafeRefCounted as it is ref'd/deref'd
        from different threads.

        * loader/ResourceLoadStatisticsStore.h:

2017-06-22  Myles C. Maxfield  <mmaxfield@apple.com>

        @font-face rules with invalid primary fonts never download their secondary fonts
        https://bugs.webkit.org/show_bug.cgi?id=173138
        <rdar://problem/32554450>

        Reviewed by Simon Fraser.

        We have logic in CSSFontAccessor::font() which disallows downloading a CSSFontFace if that CSSFontFace
        is already in the Succeeded state. However, it was possible for a succeeded CSSFontFace to still fail
        to create a font. In this situation, we wouldn't be able to use the downloaded font, and we wouldn't
        try to download the next item in the src: list because the CSSFontFace is succeeded.

        This patch strengthens the meaning of the Succeeded state. Previously, it just meant that the bytes
        in the file were downloaded successfully. This patch extends this to also mean that the bytes in the
        file can be successfully interpreted as a font. This way, the CSSFontFace in the example above won't be
        set to the Succeeded state, so we will continue follow the src: list and download the secondary fonts.

        This has an added benefit that the CSS Font Loading API's promises will be called more appropriately.
        The transition to the Succeeded state will trigger a resolve of the promise. Now, these promises will
        only be resolved if the fonts are actually parsed and understood by our text system.

        Test: fast/text/font-fallback-invalid-load.html

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::fontLoaded): Move to the failed state if we can't understand the font
        data. This is the crux of this patch.
        (WebCore::CSSFontFaceSource::font): This function should only be called if we are in the Succeeded
        state, which means now we know we should always be able to understand the bytes of the file. Therefore,
        we can change some if statements into ASSERT()s.
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::createFont): Ditto.
        (WebCore::CachedSVGFont::ensureCustomFontData): Similarly to CSSFontFaceSource::fontLoaded(), this
        adds another check to our criteria for transitioning into the Succeeded state, which will guarantee that
        later we will always be able to create the font object.

2017-06-22  Andreas Kling  <akling@apple.com>

        Rename MemoryPressureHandler::setTabCount to setPageCount
        https://bugs.webkit.org/show_bug.cgi?id=173750

        Reviewed by Daniel Bates.

        * page/Page.cpp:
        (WebCore::Page::~Page):

2017-06-22  Antoine Quint  <graouts@apple.com>

        Modern media controls localised strings are out of sync with used strings in code
        https://bugs.webkit.org/show_bug.cgi?id=173752

        Reviewed by Dean Jackson.

        Remove strings we no longer use and add strings we use but failed to add previously.

        * English.lproj/modern-media-controls-localized-strings.js:

2017-06-22  Antoine Quint  <graouts@apple.com>

        Log when scripted animations get suspended and resumed
        https://bugs.webkit.org/show_bug.cgi?id=173751

        Reviewed by Dean Jackson.

        More work toward understanding why rAF callbacks are not serviced on bots (webkit.org/b/173628).

        * dom/Document.cpp:
        (WebCore::Document::requestAnimationFrame):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):
        (WebCore::ScriptedAnimationController::resume):
        (WebCore::ScriptedAnimationController::logSuspendCount): Deleted.
        * dom/ScriptedAnimationController.h:
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        (WebCore::Page::resumeScriptedAnimations):
        (WebCore::Page::setIsVisibleInternal):

2017-06-22  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r214712): Infinite recursion in RenderTable::layout in paginated mode
        https://bugs.webkit.org/show_bug.cgi?id=173731
        <rdar://problem/32237775>

        Reviewed by Antti Koivisto.

        We should just skip bottom captions to check if section is moved, since they don't affect
        the section position (bottom <caption> is preceded by <tfoot>).

        Test: fast/table/caption-bottom-with-pagination.html

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):

2017-06-22  Dean Jackson  <dino@apple.com>

        REGRESSION (r215809): 50% regression 14E305 -> 15A293a in MotionMark Suits test
        https://bugs.webkit.org/show_bug.cgi?id=173728
        <rdar://problem/32526744>

        Reviewed by Tim Horton.

        It turns out that CGGradientCreateWithColors is much slower than
        CGGradientCreateWithColorComponents, even without colorspace variations.
        Update the gradient creation code to only use this slower path
        when it has extended colors.

        * platform/graphics/Color.h: Add a FIXME about renaming some methods.
        * platform/graphics/cg/GradientCG.cpp: Use CGGradientCreateWithColorComponents
        if we have stops that are not extended colors.
        (WebCore::Gradient::platformGradient):

2017-06-22  Youenn Fablet  <youenn@apple.com>

        Fix memory leak in LibWebRTCMediaEndpoint
        https://bugs.webkit.org/show_bug.cgi?id=173717

        Reviewed by Eric Carlson.

        No chnage of behavior.
        Making sure SessionDescription pointer get properly released.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionSucceeded):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * testing/MockLibWebRTCPeerConnection.cpp: Allocating description.

2017-06-22  Daniel Bates  <dabates@apple.com>

        Make FrameLoadRequest a move-only type
        https://bugs.webkit.org/show_bug.cgi?id=173682

        Reviewed by Alex Christensen and Darin Adler.

        A FrameLoadRequest groups together the information to perform a load into a single object
        that is more manageable to pass around than its constituent parts. Code that receives a
        FrameLoadRequest is expected to extract out the information it needs to complete its task.
        And it does not make sense to re-use the same FrameLoadRequest object for more than one
        load. Therefore, it is sufficient to make FrameLoadRequest a move-only type.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        * loader/FrameLoadRequest.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::changeLocation):
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::createWindow):
        * loader/FrameLoader.h:
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange):
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        * replay/UserInputBridge.cpp:
        (WebCore::UserInputBridge::loadRequest):
        * replay/UserInputBridge.h:

2017-06-22  Jer Noble  <jer.noble@apple.com>

        REGRESSION (r217223): [iOS] Video keeps playing after application is backgrounded
        https://bugs.webkit.org/show_bug.cgi?id=173727

        Reviewed by Eric Carlson.

        Only override media element visibility if it is in picture-in-picture mode (not fullscreen generally).

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::visibilityStateChanged):

2017-06-22  Joseph Pecoraro  <pecoraro@apple.com>

        Follow-up to r218662. Only log backtraces for DumpRenderTree.

        Rubber-stamped by Antoine Quint.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::logSuspendCount):

2017-06-22  Charlie Turner  <cturner@igalia.com>

        [GTK] Spreaker live shows won't play
        https://bugs.webkit.org/show_bug.cgi?id=173306

        Reviewed by Xabier Rodriguez-Calvar.

        This was due to removing the code that negotiated caps for Icecast
        streams based on the response headers in r191947. The problem is that
        the typefind element can sometimes squint hard enough and see an MP3
        stream and attempt to play it, resulting in garbled audio playback. More
        commonly typefind fails to recognize the Icecast stream and bails,
        resulting in no playback at all.

        r191947 also removed the emission of metadata into the pipeline. This
        patch also leaves that out since we have no use for it within WebKit.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (StreamingClient::handleResponseReceived):

2017-06-22  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218633.

        The test is failing frequently on Sierra Debug and Windows

        Reverted changeset:

        "AX: Cannot call setValue() on contenteditable or ARIA text
        controls"
        https://bugs.webkit.org/show_bug.cgi?id=173520
        http://trac.webkit.org/changeset/218633

2017-06-22  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement ReadableStreamBYOBReader read()
        https://bugs.webkit.org/show_bug.cgi?id=172714

        Reviewed by Youenn Fablet.

        Implemented read() method of ReadableStreamBYOBReader [1]. Also added code related 
        to BYOB features that were previously described as FIXMEs and that now become reachable.

        In addition, WPT tests that involve read() have allowed to identify 2 bugs not directly 
        related to read() (172716 and 172717). They will be fixed distinctly. Once done, all WPT
        tests should pass.

        [1] https://streams.spec.whatwg.org/#byob-reader-read

        WPT tests (web-platform-tests/streams/readable-byte-streams/general.js) already cover
        most cases for read() usage. Corresponding expectations have been updated. In addition,
        1 test has been added to WebKit tests (in streams/readable-stream-byob-reader.js) to 
        check that read() can only be applied to a ReadableStreamBYOBReader.

        * Modules/streams/ReadableByteStreamInternals.js:
        (readableByteStreamControllerClearPendingPullIntos): Implemented.
        (readableByteStreamControllerEnqueue): Updated with support for BYOBReader.
        (readableByteStreamControllerPullInto): Added.
        (readableStreamAddReadIntoRequest): Added.
        * Modules/streams/ReadableStreamBYOBReader.js:
        (read): Added.

2017-06-22  Youenn Fablet  <youenn@apple.com>

        [WebRTC] Prevent capturing at unconventional resolutions when using the SW encoder on Mac
        https://bugs.webkit.org/show_bug.cgi?id=172602
        <rdar://problem/32407693>

        Reviewed by Eric Carlson.

        Test: platform/mac/webrtc/captureCanvas-webrtc-software-encoder.html

        Add internal API to switch on/off hardware H264 encoder.
        Add checks for standard size. If using a software encoder and frame size is not standard,
        the session is destroyed and no frame is sent at all.

        Added tests based on captureStream.
        Fixed the case of capturing a canvas which size is changing.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasResized):
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.h:
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm:
        (WebCore::H264VideoToolboxEncoder::setHardwareEncoderForWebRTCAllowed):
        (WebCore::H264VideoToolboxEncoder::hardwareEncoderForWebRTCAllowed):
        (WebCore::isUsingSoftwareEncoder):
        (WebCore::H264VideoToolboxEncoder::CreateCompressionSession):
        (isStandardFrameSize): Added.
        (isUsingSoftwareEncoder): Added.
        * testing/Internals.cpp:
        (WebCore::Internals::setH264HardwareEncoderAllowed):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-21  Youenn Fablet  <youenn@apple.com>

        [Fetch API] TypeError when called with body === {}
        https://bugs.webkit.org/show_bug.cgi?id=173295
        <rdar://problem/32746733>

        Reviewed by Sam Weinig.

        Test: fetch/body-init.html

        Handling body of Request and Response using binding generator to correctly handle unions.
        The biggest change is that any value that is not a specific type in the union will match a String.
        This is matching WebIDL spec and Firefox behavior.

        Handling of ReadableStream bodies remains in JS builtin for Response.
        This allows easier handling cloning and consumption of body.
        Adding setBodyAsReadableStream since this is no longer handled by extractBody.

        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::extract): Using Variant instead of JSC::JSValue.
        (WebCore::FetchBody::readableStreamBody): Introduced to handle the
        case of readable stream bodies.
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::extractBody):
        * Modules/fetch/FetchBodyOwner.h:
        (WebCore::FetchBodyOwner::setBody):
        * Modules/fetch/FetchRequest.cpp:
        (WebCore::FetchRequest::setBody): Splitting setBody for ease of readability.
        (WebCore::FetchRequest::setBodyFromInputRequest):
        * Modules/fetch/FetchRequest.h:
        * Modules/fetch/FetchRequest.idl:
        * Modules/fetch/FetchRequest.js:
        (initializeFetchRequest):
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::initializeWith):
        (WebCore::FetchResponse::setBodyAsReadableStream):
        * Modules/fetch/FetchResponse.h:
        * Modules/fetch/FetchResponse.idl:
        * Modules/fetch/FetchResponse.js:
        (initializeFetchResponse):
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/WebCoreBuiltinNames.h:

2017-06-21  Simon Fraser  <simon.fraser@apple.com>

        Add z-index to compositing logging output
        https://bugs.webkit.org/show_bug.cgi?id=173684

        Reviewed by Zalan Bujtas.

        Show z-index, which is often useful to find negative z-index items.

        Log "+foreground" rather than "foreground" to indicate that this layer has an
        additional foreground/background layer, and fix spacing.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::logLayerInfo):

2017-06-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix Window Debug build after r218660.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForWithReason):

2017-06-21  Andreas Kling  <akling@apple.com>

        Increase memory kill limits for WebContent processes that manage multiple tabs.
        https://bugs.webkit.org/show_bug.cgi?id=173674

        Reviewed by Geoffrey Garen.

        Plumb the non-utility Page count down to WTF::MemoryPressureHandler.

        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):

2017-06-21  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Restore ordering of CryptoAlgorithmIdentifier in SerializedScriptValue
        https://bugs.webkit.org/show_bug.cgi?id=173678
        <rdar://problem/32879314>

        Reviewed by Sam Weinig.

        r218030 reorders the ordering of CryptoAlgorithmIdentifier in SerializedScriptValue,
        which introduces backward compatibility issues with CryptoKey objects stored in the
        IndexedDB. Hence, we should restore it back.

        No tests.

        * bindings/js/SerializedScriptValue.cpp:

2017-06-21  Daniel Bates  <dabates@apple.com>

        Change FrameLoadRequest from a struct to a class

        FrameLoadRequest is underutilizing the purpose of a struct - default visibility of
        members is public, as FrameLoadRequest explicitly groups its members under public:
        or private: sections. Maybe in the future we can make FrameLoadRequest a struct
        with only public members. For now, we should consider FrameLoadRequest a class.

        * loader/FormSubmission.h:
        * loader/FrameLoadRequest.h:
        * loader/FrameLoader.h:
        * page/Chrome.h:
        * page/ChromeClient.h:
        * replay/UserInputBridge.h:

2017-06-21  Daewoong Jang  <daewoong.jang@navercorp.com>

        Compiler error while building with !HAVE(ACCESSIBILITY)
        https://bugs.webkit.org/show_bug.cgi?id=173670

        Reviewed by Chris Fleizach.

        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::getOrCreate):
        (WebCore::AXObjectCache::childrenChanged):

2017-06-21  Antoine Quint  <graouts@apple.com>

        Build fix.

        Reviewed by Tim "Mr. T" Horton.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::logSuspendCount):
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        (WebCore::Page::resumeScriptedAnimations):

2017-06-21  Antoine Quint  <graouts@apple.com>

        Ensure DRT always logs rAF suspension debugging code
        https://bugs.webkit.org/show_bug.cgi?id=173681

        Reviewed by Tim "Mr. T" Horton.

        Instead of using a setting to check whether we should log information related to rAF
        callbacks being suspended with WK1, we now check whether we're using in DRT to avoid
        any potential issue with settings being in the incorrect state when a test is run.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::logSuspendCount):
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        (WebCore::Page::resumeScriptedAnimations):
        * page/Settings.in:
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
        (WebCore::MacApplication::isDumpRenderTree):

2017-06-21  Chris Dumez  <cdumez@apple.com>

        Allow constructing a WTF:Function from a function pointer
        https://bugs.webkit.org/show_bug.cgi?id=173660

        Reviewed by Alex Christensen.

        Construct WTF:Function directly from a function pointer when possible
        instead of constructing a lambda to do so.

        * Modules/encryptedmedia/InitDataRegistry.cpp:
        (WebCore::InitDataRegistry::InitDataRegistry):
        * page/Page.cpp:
        * page/mac/PageMac.mm:
        (WebCore::Page::platformInitialize):
        * platform/cf/MainThreadSharedTimerCF.cpp:
        (WebCore::setupPowerObserver):
        * platform/mac/WebCoreNSURLExtras.mm:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForWithReason):
        * workers/Worker.cpp:
        (WebCore::Worker::Worker):

2017-06-21  Antoine Quint  <graouts@apple.com>

        CSS text properties affect <video> shadow root
        https://bugs.webkit.org/show_bug.cgi?id=173664
        <rdar://problem/32904328>

        Reviewed by Dean Jackson.

        Ensure that we reset all inheritable styles back to their initial value for media shadow roots.

        Test: media/modern-media-controls/time-label/time-label-inherited-text-indent.html

        * Modules/modern-media-controls/controls/media-controls.css:
        (.media-controls-container):

2017-06-20  Simon Fraser  <simon.fraser@apple.com>

        Remove WILL_REVEAL_EDGE_EVENTS code
        https://bugs.webkit.org/show_bug.cgi?id=173632

        Reviewed by Sam Weinig, Beth Dakin.

        Remove will-reveal-edge events, which never took off.

        * dom/Document.cpp:
        (WebCore::Document::clearScriptedAnimationController):
        (WebCore::Document::sendWillRevealEdgeEventsIfNeeded): Deleted.
        * dom/Document.h:
        * dom/GlobalEventHandlers.idl:
        * html/HTMLBodyElement.idl:
        * html/HTMLFrameSetElement.idl:
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollPositionChanged):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):

2017-06-21  Daniel Bates  <dabates@apple.com>

        Cleanup FrameLoadRequest
        https://bugs.webkit.org/show_bug.cgi?id=173564
        <rdar://problem/32903570>

        Reviewed by Brent Fulgham.

        FrameLoadRequest has too many constructors. Use default values to reduce the number of
        constructors. Have FrameLoadRequest hold a Ref<SecurityOrigin> instead of a RefPtr<SecurityOrigin>
        as FrameLoadRequest must always hold a valid SecurityOrigin, the security origin of the
        document that initiated the request.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab): Explicitly pass the null-string for
        the target frame name as we do not have one. Use C++11 brace initialization syntax and ASCIILiteral().
        Rename local variable from request to frameLoadRequest to better describe its purpose. Fix up
        FIXME comment added in r105600 to better describe the issue we should fix as the code as
        changed since the FIXME was added.
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate): No need to pass ShouldReplaceDocumentIfJavaScriptURL::ReplaceDocumentIfJavaScriptURL
        now that the FrameLoadRequests constructor uses this policy by default. Use C++11 brace
        initialization syntax and ASCIILiteral(). Rename local variable from frameRequest to frameLoadRequest
        to better describe its purpose.
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest): Use C++11 brace initialization syntax.
        * loader/FrameLoadRequest.h: Remove many constructor overloads. Changed m_requester from
        RefPtr<SecurityOrigin> to Ref<SecurityOrigin> as we can never be instantiated with a null
        SecurityOrigin. Moved m_shouldCheckNewWindowPolicy to be under ShouldOpenExternalURLsPolicy
        to reduce the size of the class by 8 bytes.
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest): Added copy constructor as we must use Ref::copyRef()
        to copy the Ref<SecurityOrigin>.
        (WebCore::FrameLoadRequest::requester): Return a const SecurityOrigin& instead of a const SecurityOrigin*.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected): Update now that the order of the ShouldReplaceDocumentIfJavaScriptURL
        and ShouldOpenExternalURLsPolicy arguments in the FrameLoadRequest constructor has changed.
        (WebCore::FrameLoader::loadURLIntoChildFrame): Ditto. Also use C++11 brace initialization syntax
        and ASCIILiteral().
        (WebCore::FrameLoader::loadFrameRequest): Update code now that FrameLoadRequest::requester() returns a
        SecurityOrigin& instead of a SecurityOrigin*. Use C++11 brace initialization syntax.
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange): Use C++11 brace initialization syntax.
        Rename local variable from frameRequest to frameLoadRequest to better describe its purpose.
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected): ove FrameLoadRequest instantiation
        into a local variable and use C++11 brace initialization syntax to make it easier to identify
        the arguments passed to FrameLoader::loadFrameRequest().
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow): Update now that the order of the ShouldReplaceDocumentIfJavaScriptURL
        and ShouldOpenExternalURLsPolicy arguments in the FrameLoadRequest constructor has changed.
        Use C++11 brace initialization syntax and ASCIILiteral(). Rename some local variables to better
        describe their purpose.

2017-06-20  Simon Fraser  <simon.fraser@apple.com>

        svgPath.getTotalLength() freezes webkit
        https://bugs.webkit.org/show_bug.cgi?id=173566
        <rdar://problem/32866731>

        Reviewed by Dean Jackson.

        Ensure that curveLength() progresses by making split() return a bool indicating
        whether either of the resulting curves are the same as the original. This can happen
        when midPoint() on two close points returns a point that is the same as one of the
        arguments because of floating-point precision limitations.

        Test: svg/custom/path-getTotalLength-hang.html

        * platform/graphics/PathTraversalState.cpp:
        (WebCore::QuadraticBezier::operator ==):
        (WebCore::QuadraticBezier::split):
        (WebCore::CubicBezier::operator ==):
        (WebCore::CubicBezier::split):
        (WebCore::curveLength):

2017-06-21  Youenn Fablet  <youenn@apple.com>

        Fix AVVideoCaptureSource frameRate setter and getter
        https://bugs.webkit.org/show_bug.cgi?id=173637

        Reviewed by Eric Carlson.

        Covered by manual testing.

        Using activeVideoMaxFrameDuration to get the frame rate.
        Setting the frame rate according the given vale if in the allowed range.

        * platform/mediastream/mac/AVVideoCaptureSource.h:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::updateSettings):
        (WebCore::AVVideoCaptureSource::applyFrameRate):
        (WebCore::AVVideoCaptureSource::applySizeAndFrameRate):
        (WebCore::AVVideoCaptureSource::shutdownCaptureSession):
        (WebCore::AVVideoCaptureSource::processNewFrame):
        (WebCore::AVVideoCaptureSource::updateFramerate): Deleted.

2017-06-21  Youenn Fablet  <youenn@apple.com>

        Refresh libwebrtc code up to a87675d4a160e2c49c3e754cd9ca291d6c8f36ae
        https://bugs.webkit.org/show_bug.cgi?id=173602

        Reviewed by Eric Carlson.

        No feature change.

        Updated according small libwebrtc API changes.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::pixelBufferFromVideoFrame):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFramesIfNeeded):
        (WebCore::RealtimeOutgoingVideoSource::videoSampleAvailable):

2017-06-21  Sam Weinig  <sam@webkit.org>

        Add support for structured serialization of CSS Geometry types
        https://bugs.webkit.org/show_bug.cgi?id=173631

        Reviewed by Simon Fraser.

        Tests: imported/w3c/web-platform-tests/css/geometry-1/structured-serialization.html

        Adds support for serializing the new geometry types as specified by:
        https://drafts.fxtf.org/geometry-1/#structured-serialization

        * WebCore.xcodeproj/project.pbxproj:
        Move a few custom bindings into the "GC / Wrapping Only" since they have no more custom operations or attributes.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpDOMPoint):
        (WebCore::CloneSerializer::dumpDOMRect):
        (WebCore::CloneSerializer::dumpDOMMatrix):
        (WebCore::CloneSerializer::dumpDOMQuad):
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::getJSValue):
        (WebCore::CloneDeserializer::readDOMPoint):
        (WebCore::CloneDeserializer::readDOMMatrix):
        (WebCore::CloneDeserializer::readDOMRect):
        (WebCore::CloneDeserializer::readDOMPointInit):
        (WebCore::CloneDeserializer::readDOMQuad):
        (WebCore::CloneDeserializer::readTerminal):
        Add serialization/deserialization of the geometry types.

        * css/DOMMatrix.cpp:
        (WebCore::DOMMatrix::DOMMatrix):
        * css/DOMMatrix.h:
        (WebCore::DOMMatrix::create):
        * css/DOMMatrixReadOnly.cpp:
        (WebCore::DOMMatrixReadOnly::DOMMatrixReadOnly):
        * css/DOMMatrixReadOnly.h:
        (WebCore::DOMMatrixReadOnly::create):
        Add create functions and constructors that take a TransformationMatrix by r-value reference
        so they can be moved into the DOM type.

2017-06-21  Andreas Kling  <akling@apple.com>

        [iOS] Ensure that GraphicsServices is initialized before calling GSFontPurgeFontCache().
        https://bugs.webkit.org/show_bug.cgi?id=173616
        <rdar://problem/30780050>

        Reviewed by Chris Dumez.

        Fix for crash in GSFontPurgeFontCache() seen in apps embedding WebKit.
        Ensure GSFontInitialize() has been called first, since the former depends on state
        set up by this function.

        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::platformReleaseMemory):
        * platform/spi/ios/GraphicsServicesSPI.h:

2017-06-21  Antoine Quint  <graouts@apple.com>

        Add logging to identify when the Page suspends scripted animations
        https://bugs.webkit.org/show_bug.cgi?id=173626

        Reviewed by Tim Horton.

        We have a longstanding issue that some media/modern-media-controls tests time out due to
        requestAnimationFrame callbacks not being serviced, which is tracked by webkit.org/b/173628.
        We added some logging to identify when ScriptedAnimationController would get suspended in
        webkit.org/b/173326. This logging points to the fact that the reason rAF callbacks aren't
        serviced is because Document::requestAnimationFrame() suspends rAF when the page reports
        that scripted animations ought to be suspended, which is true when m_scriptedAnimationsSuspended
        is true. This patch adds logging that tracks when this flag is set, provided a new setting
        shouldLogScriptedAnimationControllerSuspensionChange is true.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::logSuspendCount):
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        (WebCore::Page::resumeScriptedAnimations):
        * page/Settings.in:

2017-06-21  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Extract CurlDownloadManager as shared background task handler
        https://bugs.webkit.org/show_bug.cgi?id=173557

        Curl resource handling should be shared by other part of Curl
        network stack. CurlDownloadManager is extracted as stand alone
        CurlManager singleton class to be ready for others
        (i.e. ResourceHandle).

        Reviewed by Alex Christensen.

        * PlatformWinCairo.cmake:
        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::setCookiesFromDOM):
        (WebCore::cookiesForSession):
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::init):
        (WebCore::CurlDownload::start):
        (WebCore::CurlDownload::cancel):
        (WebCore::CurlDownload::didReceiveHeader):
        (WebCore::CurlDownload::handleCurlMsg):
        (WebCore::CurlDownloadManager::CurlDownloadManager): Deleted.
        (WebCore::CurlDownloadManager::~CurlDownloadManager): Deleted.
        (WebCore::CurlDownloadManager::add): Deleted.
        (WebCore::CurlDownloadManager::remove): Deleted.
        (WebCore::CurlDownloadManager::getActiveDownloadCount): Deleted.
        (WebCore::CurlDownloadManager::getPendingDownloadCount): Deleted.
        (WebCore::CurlDownloadManager::startThreadIfNeeded): Deleted.
        (WebCore::CurlDownloadManager::stopThread): Deleted.
        (WebCore::CurlDownloadManager::stopThreadIfIdle): Deleted.
        (WebCore::CurlDownloadManager::updateHandleList): Deleted.
        (WebCore::CurlDownloadManager::addToCurl): Deleted.
        (WebCore::CurlDownloadManager::removeFromCurl): Deleted.
        (WebCore::CurlDownloadManager::downloadThread): Deleted.
        * platform/network/curl/CurlDownload.h:
        (WebCore::CurlDownloadManager::getMultiHandle): Deleted.
        (WebCore::CurlDownloadManager::runThread): Deleted.
        (WebCore::CurlDownloadManager::setRunThread): Deleted.
        * platform/network/curl/CurlManager.cpp: Added.
        (WebCore::CurlManager::CurlManager):
        (WebCore::CurlManager::~CurlManager):
        (WebCore::CurlManager::add):
        (WebCore::CurlManager::remove):
        (WebCore::CurlManager::getActiveCount):
        (WebCore::CurlManager::getPendingCount):
        (WebCore::CurlManager::startThreadIfNeeded):
        (WebCore::CurlManager::stopThread):
        (WebCore::CurlManager::stopThreadIfIdle):
        (WebCore::CurlManager::updateHandleList):
        (WebCore::CurlManager::addToCurl):
        (WebCore::CurlManager::removeFromCurl):
        (WebCore::CurlManager::workerThread):
        (WebCore::CurlUtils::getEffectiveURL):
        (WebCore::CurlSharedResources::mutexFor):
        (WebCore::CurlSharedResources::lock):
        (WebCore::CurlSharedResources::unlock):
        * platform/network/curl/CurlManager.h: Added.
        (WebCore::CurlManager::singleton):
        (WebCore::CurlManager::getCurlShareHandle):
        (WebCore::CurlManager::getMultiHandle):
        (WebCore::CurlManager::runThread):
        (WebCore::CurlManager::setRunThread):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::ResourceHandleManager):
        (WebCore::ResourceHandleManager::~ResourceHandleManager):
        (WebCore::handleLocalReceiveResponse):
        (WebCore::getProtectionSpace):
        (WebCore::headerCallback):
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        (WebCore::getCurlEffectiveURL): Deleted.
        (WebCore::sharedResourceMutex): Deleted.
        (WebCore::curl_lock_callback): Deleted.
        (WebCore::curl_unlock_callback): Deleted.
        (WebCore::ResourceHandleManager::getCurlShareHandle): Deleted.
        * platform/network/curl/ResourceHandleManager.h:

2017-06-21  Jeremy Jones  <jeremyj@apple.com>

        Include audio/vnd.wave as a valid mime-type for wav files.
        https://bugs.webkit.org/show_bug.cgi?id=173635
        rdar://problem/32656568

        Reviewed by Eric Carlson.

        audio/vnd.wave is a valid mime-type for wav files per https://tools.ietf.org/html/rfc2361

        Updated test and test results:
        LayoutTests/media/media-can-play-wav-audio.html

        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes):
        (WebCore::mimeTypeAssociationMap):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::staticMIMETypeList):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mimeTypeSet):

2017-06-21  Chris Fleizach  <cfleizach@apple.com>

        AX: Cannot call setValue() on contenteditable or ARIA text controls
        https://bugs.webkit.org/show_bug.cgi?id=173520

        Reviewed by Ryosuke Niwa.

        Add support for changing the value of a contenteditable and any other aria text control in setValue().
 
        Test: accessibility/set-value-editable-types.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setValue):

2017-06-20  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyEC SPKI imports
        https://bugs.webkit.org/show_bug.cgi?id=172927

        Reviewed by Jiewen Tan, Michael Catanzaro and Carlos Garcia Campos.

        No new tests -- affected tests are now passing and are unskipped.

        Implement libgcrypt-based support for SPKI imports of EC keys.

        Using libtasn1 through the utility functions and wrappers, the given key data
        is decoded against the SubjectPublicKeyInfo ASN.1 definition. The algorithm
        member is then properly validated, making sure that the key algorithm idenfitier
        is supported and that the algorithm parameters specify the correct EC curve.

        The public key bit string is then retrieved and validated, ensuring it represents
        an uncompressed EC point that is of valid size for the specified EC curve. The
        point is then tested through an EC context to make sure it's positioned on the
        specified EC curve.

        Finally, the curve name and uncompressed point data are embedded into a
        `public-key` s-expression that will be used through the libgcrypt API. This is
        then used, along with other information, to create a valid CryptoKeyEC object.

        * PlatformGTK.cmake: Use LIBTASN1_INCLUDE_DIRECTORIES and LIBTASN1_LIBRARIES.
        * PlatformWPE.cmake: Ditto.
        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::supportedAlgorithmIdentifier):
        (WebCore::curveForIdentifier):
        (WebCore::CryptoKeyEC::platformImportSpki):

2017-06-20  Devin Rousso  <drousso@apple.com>

        WebGPU contexts should have a back reference to the canvas element
        https://bugs.webkit.org/show_bug.cgi?id=173633

        Reviewed by Jon Lee.

        No tests added, as this is already implemented within other canvas types.

        * html/canvas/WebGPURenderingContext.idl:

2017-06-20  Youenn Fablet  <youenn@apple.com>

        WebAudioSourceProvider should be thread safe ref counted
        https://bugs.webkit.org/show_bug.cgi?id=173623

        Reviewed by Eric Carlson.

        No observable change of behavior.

        * platform/mediastream/WebAudioSourceProvider.h:

2017-06-20  Yoav Weiss  <yoav@yoav.ws>

        [preload] Turn on preload's feature flag by default.
        https://bugs.webkit.org/show_bug.cgi?id=173139

        Reviewed by Youenn Fablet.

        Turn on the runtime enabled feature flag for link preload by default.

        No new tests as this just turns on a feature that was already on-by-default for tests.

        * page/RuntimeEnabledFeatures.h:

2017-06-20  Myles C. Maxfield  <mmaxfield@apple.com>

        Disable font variations on macOS Sierra and iOS 10
        https://bugs.webkit.org/show_bug.cgi?id=173618
        <rdar://problem/32879164>

        Reviewed by Jon Lee.

        On macOS Sierra and iOS 10, there are some platform problems involved with font variations. They
        were previously enabled on those OSes just as a preview development tool. These platform bugs have
        been fixed in macOS High Sierra and iOS 11, so we should align our feature flags with the eventual
        configurations.

        * Configurations/FeatureDefines.xcconfig:
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::defaultVariationValues):
        (WebCore::preparePlatformFont):

2017-06-20  Devin Rousso  <drousso@apple.com>

        Web Inspector: Send context attributes for tracked canvases
        https://bugs.webkit.org/show_bug.cgi?id=173327

        Reviewed by Joseph Pecoraro.

        Test: inspector/canvas/context-attributes.html

        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):

2017-06-20  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] The system Japanese font cannot be italicized
        https://bugs.webkit.org/show_bug.cgi?id=173300
        <rdar://problem/31805407>

        Reviewed by Ryosuke Niwa.

        Items in the system font cascade list may lie about whether or not they support italics.
        In order to get the truth, we need to use the physical font underlying the font in question,
        because this one won't lie. Then, we can interrogate this physical font about its traits
        in order to synthesize italics correctly.

        Test: fast/text/system-font-japanese-synthetic-italic.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::lookupFallbackFont):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
        (WebCore::FontFamilySpecificationCoreText::fontRanges):

2017-06-20  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in more places in WebCore/
        https://bugs.webkit.org/show_bug.cgi?id=173583

        Reviewed by Darin Adler.

        Use WTF::Function instead of std::function in more places in WebCore/ to
        reduce copying.

        * page/Page.cpp:
        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::HysteresisActivity):
        * platform/Logging.cpp:
        (WebCore::registerNotifyCallback):
        * platform/Logging.h:
        * platform/MainThreadSharedTimer.cpp:
        (WebCore::MainThreadSharedTimer::setFiredFunction):
        * platform/MainThreadSharedTimer.h:
        * platform/PlatformPasteboard.h:
        * platform/ScopeGuard.h:
        (WebCore::ScopeGuard::ScopeGuard):
        (WebCore::ScopeGuard::enable):
        * platform/ScrollAnimationSmooth.cpp:
        (WebCore::ScrollAnimationSmooth::ScrollAnimationSmooth):
        * platform/ScrollAnimationSmooth.h:
        * platform/SharedTimer.h:
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::currentSessionsMatching):
        * platform/audio/PlatformMediaSessionManager.h:
        * platform/cf/MainThreadSharedTimerCF.cpp:
        (WebCore::setupPowerObserver):
        * platform/cf/RunLoopObserver.h:
        (WebCore::RunLoopObserver::RunLoopObserver):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::traverse):
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::addMediaEngine):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/Path.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::seekCompleted):
        (WebCore::MediaPlayerPrivateAVFoundation::scheduleMainThreadNotification):
        (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::Notification::Notification):
        (WebCore::MediaPlayerPrivateAVFoundation::Notification::function):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::runWithoutAnimations):
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (WebCore::IOSurface::convertToFormat):
        * platform/graphics/gstreamer/MainThreadNotifier.h:
        * platform/graphics/gstreamer/MediaPlayerRequestInstallMissingPluginsCallback.h:
        (WebCore::MediaPlayerRequestInstallMissingPluginsCallback::create):
        (WebCore::MediaPlayerRequestInstallMissingPluginsCallback::MediaPlayerRequestInstallMissingPluginsCallback):
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        (WebCore::GraphicsContext::drawWithoutShadow):
        (WebCore::GraphicsContext::drawWithShadow):
        * platform/gtk/PasteboardHelper.cpp:
        (WebCore::ClipboardSetData::ClipboardSetData):
        (WebCore::PasteboardHelper::writeClipboardContents):
        * platform/gtk/PasteboardHelper.h:
        * platform/gtk/PlatformPasteboardGtk.cpp:
        (WebCore::PlatformPasteboard::writeToClipboard):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
        (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline):
        * platform/mac/PowerObserverMac.cpp:
        (WebCore::PowerObserver::PowerObserver):
        * platform/mac/PowerObserverMac.h:
        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isSecondLevelDomainNameAllowedByTLDRules):
        * platform/mediastream/CaptureDeviceManager.cpp:
        (CaptureDeviceManager::addCaptureDeviceChangedObserver):
        * platform/mediastream/CaptureDeviceManager.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::scheduleDeferredTask):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.mm:
        (-[WebAVAudioSessionAvailableInputsListener initWithCallback:]):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mock/ScrollAnimatorMock.cpp:
        (WebCore::ScrollAnimatorMock::ScrollAnimatorMock):
        * platform/mock/ScrollAnimatorMock.h:
        * platform/network/CookieStorage.h:
        * platform/network/NetworkStateNotifier.cpp:
        (WebCore::NetworkStateNotifier::addNetworkStateChangeListener):
        * platform/network/NetworkStateNotifier.h:
        * platform/network/NetworkStorageSession.cpp:
        (WebCore::NetworkStorageSession::forEach):
        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/CookieStorageCFNet.cpp:
        (WebCore::cookieChangeCallbackMap):
        (WebCore::startObservingCookieChanges):
        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::callOnMainThreadAndWait):
        * platform/network/mac/CookieStorageMac.mm:
        (-[WebCookieStorageObjCAdapter startListeningForCookieChangeNotificationsWithCallback:]):
        (WebCore::startObservingCookieChanges):
        * platform/network/soup/CookieStorageSoup.cpp:
        (WebCore::startObservingCookieChanges):
        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::checkTLSErrors):
        * platform/network/soup/SoupNetworkSession.h:
        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::destroyCollationFunction):
        (WebCore::callCollationFunction):
        (WebCore::SQLiteDatabase::setCollationFunction):
        * platform/sql/SQLiteDatabase.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::traverseVisibleNonCompositedDescendantLayers):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::paintItem):
        * rendering/RenderListBox.h:
        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::InlineIteratorHistory::push):
        (WebCore::BreakingContext::InlineIteratorHistory::update):
        * workers/Worker.cpp:
        (WebCore::Worker::Worker):
        * workers/WorkerRunLoop.cpp:

2017-06-20  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r218524.

        This change broke internal builds.

        Reverted changeset:

        "[Cocoa] The system Japanese font cannot be italicized"
        https://bugs.webkit.org/show_bug.cgi?id=173300
        http://trac.webkit.org/changeset/218524

2017-06-20  Daniel Bates  <dabates@apple.com>

        Have FrameLoadRequest takes a Frame& instead of a Frame*
        https://bugs.webkit.org/show_bug.cgi?id=173614
        <rdar://problem/32884890>

        Reviewed by Brent Fulgham.

        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::handleProvisionalLoadFailure):
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        * page/DragController.cpp:
        (WebCore::DragController::performDragOperation):

2017-06-20  Daniel Bates  <dabates@apple.com>

        Skip Content Security Policy check for a media request using standard schemes initiated from
        an element in user agent shadow tree
        https://bugs.webkit.org/show_bug.cgi?id=155505
        <rdar://problem/25169452>

        Reviewed by Brent Fulgham.

        This change makes the following tests pass on iOS 11:
            http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html
            http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html

        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::requestResource):
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::startLoading):

2017-06-20  Andreas Kling  <akling@apple.com>

        Remove no-op calls to purge SQLite caches on memory pressure.
        <https://webkit.org/b/173604>

        Reviewed by Chris Dumez.

        The implementation of _sqlite3_purgeEligiblePagerCacheMemory() is empty
        since a few releases ago, so there's no point in calling it.

        * page/MemoryRelease.cpp:
        (WebCore::registerMemoryReleaseNotifyCallbacks):
        (WebCore::registerSQLiteMemoryPressureHandler): Deleted.
        * page/MemoryRelease.h:
        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::platformReleaseMemory):
        (WebCore::registerSQLiteMemoryPressureHandler): Deleted.
        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::initializeSQLiteIfNecessary):

2017-06-20  Devin Rousso  <drousso@apple.com>

        Web Inspector: add console messages for WebGL shader compile and program link errors/warnings
        https://bugs.webkit.org/show_bug.cgi?id=143236
        <rdar://problem/20352149>

        Reviewed by Dean Jackson.

        Test: fast/canvas/webgl/shader-compile-logging.html

        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::checkFramebufferStatus):
        (WebCore::WebGLRenderingContextBase::compileShader):
        (WebCore::WebGLRenderingContextBase::recycleContext):
        (WebCore::WebGLRenderingContextBase::checkTextureCompleteness):
        (WebCore::WebGLRenderingContextBase::printToConsole):
        (WebCore::WebGLRenderingContextBase::maybeRestoreContext):
        (WebCore::WebGLRenderingContextBase::synthesizeGLError):
        (WebCore::WebGLRenderingContextBase::printGLErrorToConsole): Deleted.
        (WebCore::WebGLRenderingContextBase::printWarningToConsole): Deleted.
        (WebCore::WebGLRenderingContextBase::printGLWarningToConsole): Deleted.
        Unify console logging helper functions to all follow the same path. Additionally, errors
        now generate stack traces. Shader compilation errors are now logged as well.

        * dom/Document.h:
        * dom/Document.cpp:
        (WebCore::Document::addConsoleMessage):
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::AddConsoleMessageTask::AddConsoleMessageTask):
        * page/PageConsoleClient.h:
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        * workers/WorkerGlobalScope.h:
        Add new path for logging to the console that accepts a ConsoleMessage.

2017-06-20  Saam Barati  <sbarati@apple.com>

        Unreviewed. Try to fix the build after r218594.

        * dom/Document.h:

2017-06-20  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218530.

        This revision caused multiple media stream test crashes on
        Debug builds.

        Reverted changeset:

        "Merge MediaDevicesRequest and MediaDevicesEnumerationRequest
        to tighten up code and object lifetime"
        https://bugs.webkit.org/show_bug.cgi?id=173527
        http://trac.webkit.org/changeset/218530

2017-06-19  Antoine Quint  <graouts@apple.com>

        Media document experience with long-loading files is poor
        https://bugs.webkit.org/show_bug.cgi?id=173575
        <rdar://problem/32178119>

        Reviewed by Dean Jackson.

        In order to avoid showing media controls at a different size than that of the video when we've
        received enough information to determine whether it's audio or video and what the video frame size
        is, we do not show any UI until we have enough information to show the controls in their correct
        initial state. This works well with local files and fast-loading files, but does not work well with
        invalid files, which never load and fail to ever show any UI, and files that load slowly where there
        is no visible feedback that content will be visible.

        Instead, we now default to showing audio controls in their loading state, which provides a seamless
        transition if we will be loading an audio file since the controls are initially in the correct state,
        and at least provide feedback that data is loading even if we eventually transition to a video layout.

        Additionally, we remove the invalid placard background in case the media is invalid, showing only the
        crossed-out play icon in the center of the page in that state.

        Tests: media/modern-media-controls/media-documents/media-document-invalid.html
               media/modern-media-controls/media-documents/media-document-video-with-initial-audio-layout.html

        * Modules/modern-media-controls/controls/media-document.css:
        (:host(.media-document)): Remove "visibility: hidden" since we want the media controls to be visible
        at all times.
        (:host(.media-document.audio)): Add a little padding on the x-axis to ensure audio controls never snap
        directly to the edges of the window.
        (:host(.media-document.audio.iphone)): Remove the iPhone-specific styling since we moved it to the
        general case.
        (:host(.media-document.video.invalid) .placard): Remove the background from the invalid placard when
        showing invalid media.
        (:host(.media-document.ready)): Deleted.
        * Modules/modern-media-controls/media/audio-support.js:
        (AudioSupport.prototype.syncControl): Make sure we invalidate the media document layout when a media
        document's media type changes.
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController): Instantiate the controls prior to creating the MediaDocumentController since the
        MediaDocumentController will need to access the controls.
        * Modules/modern-media-controls/media/media-document-controller.js:
        (MediaDocumentController): Set the default layout for media controls for a media document to be audio
        and in the waiting state.
        (MediaDocumentController.prototype.layout): Toggle the "invalid", "audio" and "video" CSS classes for
        the next possible commit to the DOM, provided we have established the media document's media type.
        (MediaDocumentController.prototype.handleEvent): Deal with the "play" and "error" events to trigger
        a layout.
        (MediaDocumentController.prototype._mediaDocumentHasMetadata): Deleted.
        (MediaDocumentController.prototype._mediaDocumentHasSize): Deleted.

2017-06-20  Daniel Bates  <dabates@apple.com>

        NavigationAction has too many constructors
        https://bugs.webkit.org/show_bug.cgi?id=173484

        Reviewed by Brady Eidson.

        A NavigationAction object is an immutable object that represents the details of a
        navigation, including the type of a navigation (e.g. link click), what triggered
        the navigation, and the external URL policy to use for the navigation. Over time
        the number of NavigationAction constructor overloads (not including copy/move
        constructors) has grown to 12 to support different combinations of details.
        We can use default values to reduce the number of constructors to 2 (not including
        copy/move constructors).

        No behavior changed. So, no new tests.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Pass NavigationType::Other when
        instantiating NavigationAction.
        (WebCore::FrameLoader::loadDifferentDocumentItem): Fix order of arguments now that
        the constructor overload that takes a NavigationType takes the Event* as the fourth argument,
        not the third. Also, use C++11 brace initialization syntax when instantiating a NavigationAction.
        (WebCore::createWindow):
        * loader/NavigationAction.cpp: Remove unnecessary #include of header ScriptController.h.
        Include header Event.h.
        (WebCore::NavigationAction::NavigationAction):
        * loader/NavigationAction.h: Forward declare class Event and remove #include of header Event.h.
        Make copy constructor, copy assignment operator, move constructor, and move assignment operator
        out-of-line to avoid the need to include header Event.h. Export the copy constructor so that it
        can be used from WebKit on the Apple Windows port. Move ShouldOpenExternalURLsPolicy to be after
        NavigationType to reduce the size of the class by 8 bytes.
        (WebCore::NavigationAction::NavigationAction):
        * loader/PolicyChecker.cpp: Include header Event.h.
        * page/Performance.cpp: Ditto.
        * replay/ReplayController.cpp: Ditto.

2017-06-20  Konstantin Tokarev  <annulen@yandex.ru>

        Rename OrientationNotifer.h to OrientationNotifier.h
        https://bugs.webkit.org/show_bug.cgi?id=173600

        Reviewed by Youenn Fablet.

        No new tests needed.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.h:
        * platform/OrientationNotifier.h: Renamed from Source/WebCore/platform/OrientationNotifer.h.
        * platform/mediastream/mac/AVVideoCaptureSource.h:
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.h:
        * testing/Internals.h:

2017-06-20  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive include directives from WTF
        https://bugs.webkit.org/show_bug.cgi?id=173553

        Reviewed by Saam Barati.

        No new tests needed.

        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h:
        Added missing include directive.

2017-06-20  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive include directives from WebCore/dom
        https://bugs.webkit.org/show_bug.cgi?id=173591

        Reviewed by Darin Adler.

        No new tests needed.

        * bindings/js/JSCustomElementRegistryCustom.cpp:
        * dom/Attr.h:
        * dom/ChildListMutationScope.h:
        * dom/ContainerNodeAlgorithms.cpp:
        * dom/ContainerNodeAlgorithms.h:
        * dom/CustomElementRegistry.h:
        * dom/DOMRect.h:
        * dom/DocumentMarkerController.h:
        * dom/ElementIteratorAssertions.h:
        * dom/ElementRareData.h:
        * dom/EventContext.h:
        * dom/EventDispatcher.h:
        * dom/ExtensionStyleSheets.h:
        * dom/GenericEventQueue.h:
        * dom/LiveNodeList.h:
        * dom/LoadableClassicScript.h:
        * dom/LoadableScript.h:
        * dom/MutationCallback.h:
        * dom/NativeNodeFilter.h:
        * dom/NodeRareData.h:
        * dom/PromiseRejectionEvent.h:
        * dom/PseudoElement.h:
        * dom/Range.h:
        * dom/RegisteredEventListener.h:
        * dom/RejectedPromiseTracker.cpp:
        * dom/ScopedEventQueue.h:
        * dom/ScriptElement.h:
        * dom/ScriptExecutionContext.h:
        * dom/ScriptedAnimationController.cpp:
        * dom/ScriptedAnimationController.h:
        * dom/SelectorQuery.h:
        * dom/StaticNodeList.h:
        * dom/StaticRange.h:
        * dom/default/PlatformMessagePortChannel.h:
        * testing/Internals.cpp:
        * workers/WorkerGlobalScope.h:

2017-06-20  Konstantin Tokarev  <annulen@yandex.ru>

        Remove excessive include directives from WebCore/css
        https://bugs.webkit.org/show_bug.cgi?id=173554

        Reviewed by Alex Christensen.

        No new tests needed.

        * css/CSSComputedStyleDeclaration.h:
        * css/CSSContentDistributionValue.h:
        * css/CSSCursorImageValue.h:
        * css/CSSFilterImageValue.h:
        * css/CSSFontFace.h:
        * css/CSSFontFeatureValue.h:
        * css/CSSFontStyleRangeValue.h:
        * css/CSSFontVariationValue.h:
        * css/CSSImageGeneratorValue.h:
        * css/CSSImageSetValue.h:
        * css/CSSInheritedValue.h:
        * css/CSSInitialValue.h:
        * css/CSSKeyframeRule.cpp:
        * css/CSSKeyframeRule.h:
        * css/CSSLineBoxContainValue.h:
        * css/CSSPrimitiveValue.h:
        * css/CSSPrimitiveValueMappings.h:
        * css/CSSPropertySourceData.h:
        * css/CSSReflectValue.h:
        * css/CSSRevertValue.h:
        * css/CSSSelector.h:
        * css/CSSStyleSheet.h:
        * css/CSSToLengthConversionData.h:
        * css/CSSUnsetValue.h:
        * css/CSSValue.h:
        * css/CSSValuePool.h:
        * css/CSSVariableData.h:
        * css/DeprecatedCSSOMCounter.h:
        * css/DeprecatedCSSOMRGBColor.h:
        * css/DeprecatedCSSOMRect.h:
        * css/DeprecatedCSSOMValue.h:
        * css/RuleSet.h:
        * css/SelectorChecker.h:
        * css/StyleBuilderConverter.h:
        * css/StyleBuilderCustom.h:
        * css/StyleProperties.h:
        * css/StyleResolver.cpp:
        * css/StyleResolver.h:
        * css/StyleSheet.h:
        * css/StyleSheetContents.h:
        * css/ViewportStyleResolver.h:
        * css/parser/CSSDeferredParser.h:
        * css/parser/CSSParserIdioms.h:
        * css/parser/CSSParserImpl.cpp:
        * css/parser/CSSParserImpl.h:
        * css/parser/CSSParserObserver.h:
        * css/parser/CSSParserSelector.h:
        * css/parser/CSSPropertyParserHelpers.h:
        * css/parser/MediaQueryParser.cpp:
        * css/parser/MediaQueryParser.h:
        * css/parser/SizesAttributeParser.cpp:
        * css/parser/SizesAttributeParser.h:
        * html/BaseCheckableInputType.cpp:
        * html/MediaController.cpp:
        * html/track/TextTrack.cpp:
        * html/track/TextTrackCue.cpp:
        * html/track/VideoTrack.cpp:
        * loader/TextTrackLoader.cpp:

2017-06-20  Miguel Gomez  <magomez@igalia.com>

        [GTK] Layout Test fast/canvas/webgl/tex-image-and-sub-image-2d-with-video.html makes the subsequent test case flaky crash.
        https://bugs.webkit.org/show_bug.cgi?id=173459

        Reviewed by Carlos Garcia Campos.

        When destructing the VideoTextureCopierGStreamer, ensure that there's a previous gl context before trying
        to make it current again. There are situations where no previous context may exist, which can trigger a crash.
        Also, add DefaultImageOrientation to the switch that handles the video frame possible orientations, as it's the
        value used when no rotation needs to be performed, and it's currently triggering an assertion.

        Covered by existent tests.

        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::~VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::updateTextureSpaceMatrix):

2017-06-19  Devin Rousso  <drousso@apple.com>

        Web Inspector: create canvas content view and details sidebar panel
        https://bugs.webkit.org/show_bug.cgi?id=138941
        <rdar://problem/19051672>

        Reviewed by Joseph Pecoraro.

        Tests: inspector/canvas/requestContent.html
               inspector/canvas/requestNode.html

        * inspector/InspectorCanvasAgent.h:
        * inspector/InspectorCanvasAgent.cpp:
        (WebCore::InspectorCanvasAgent::requestNode):
        Gets the node id of the backing canvas element.

        (WebCore::InspectorCanvasAgent::requestContent):
        Gets the current image content of the canvas.

        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        Minor fixes from r218376 <https://webkit.org/b/172623>.

        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):
        Optionally send the `nodeId` of the backing canvas element if it is available.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):

2017-06-19  Frederic Wang  <fwang@igalia.com>

        [iOS] Always include frames in the scrolling tree when async frame scrolling is enabled
        https://bugs.webkit.org/show_bug.cgi?id=173405

        Reviewed by Simon Fraser.

        Currently "async frame scrolling" is ignored on iOS. This commit changes that behavior to
        align on macOS and is a preliminary step to implement iframe scrolling on iOS (bug 149264).

        Test: compositing/iframes/compositing-for-scrollable-iframe.html
              fast/scrolling/scrolling-tree-includes-frame.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForScrollableFrame): Do not require
        compositing when "async frame scrolling" is enabled on iOS.

2017-06-19  Frederic Wang  <fwang@igalia.com>

        [Mac] Add an experimental feature setting for async frame scrolling
        https://bugs.webkit.org/show_bug.cgi?id=173359

        Reviewed by Simon Fraser.

        The necessary work to use compositing for frames and include them in the scrolling tree on
        macOS was performed in r217726 and r217730. ScrollingTreeIncludesFrames was used to
        determine when this behavior should be enabled. However, this does not work well on iOS where
        ScrollingTreeIncludesFrames defaults to true and really means "include the frames in the
        scrolling tree when necessary". Hence we instead introduce a new "async frame scrolling"
        switch to enable the behavior on macOS, which will also be used in a follow-up commit on iOS.
        This new setting is also made an "experimental feature", so that it will be more convenient
        for developer to try it.

        Test: compositing/iframes/compositing-for-scrollable-iframe.html
              fast/scrolling/scrolling-tree-includes-frame.html

        * page/Settings.in: Declare new setting for async frame scrolling.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::coordinatesScrollingForFrameView): Also include frames in
        scrolling tree when async frame scrolling is enabled.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForScrollableFrame): Rely on async frame
        scrolling to decide when compositing is needed.

2017-06-19  Zalan Bujtas  <zalan@apple.com>

        AX: Remove redundant AXObjectCache::textChanged(RenderObject*).
        https://bugs.webkit.org/show_bug.cgi?id=173579
        <rdar://problem/32865367>

        Reviewed by Antti Koivisto.

        All calls go through textChanged(Node*) method.

        * accessibility/AXObjectCache.cpp:
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::getOrCreate):

2017-06-19  Darin Adler  <darin@apple.com>

        Merge MediaDevicesRequest and MediaDevicesEnumerationRequest to tighten up code and object lifetime
        https://bugs.webkit.org/show_bug.cgi?id=173527

        Reviewed by Sam Weinig.

        * CMakeLists.txt: Removed MediaDevicesRequest.cpp.

        * Modules/mediastream/MediaDeviceInfo.cpp:
        (WebCore::MediaDeviceInfo::MediaDeviceInfo): Removed unneeded ScriptExecutionContext.
        (WebCore::MediaDeviceInfo::create): Ditto.
        * Modules/mediastream/MediaDeviceInfo.h: Removed unnecessary derivation from
        ContextDestructionObserver and ScriptExecutionContext arguments. Also removed
        unused MediaDeviceInfoVector typedef.
        * Modules/mediastream/MediaDeviceInfo.idl: Added ImplementationLacksVTable.

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::enumerateDevices): Call MediaDevicesEnumerationRequest
        directly here instead of going through MediaDevicesRequest.

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp: Moved code from
        MediaDevicesRequest in here. Put the typical counts at the top of the file.
        (WebCore::MediaDevicesEnumerationRequest::MediaDevicesEnumerationRequest):
        Marked inline and changed to take a DOM promise directly rather than having
        a separate class do the mapping to DOM promises.
        (WebCore::MediaDevicesEnumerationRequest::start): Replaced the create function
        with this. The caller doesn't actually keep a reference to the object.
        Added a FIXME about the behavior, not new, where we neither resolve nor reject
        the promise if there is no page object present. Updated to use the new version
        of UserMediaController::from.
        (WebCore::MediaDevicesEnumerationRequest::~MediaDevicesEnumerationRequest):
        Added a FIXME about the issue that we don't resolve or reject the promise if
        the client drops the last reference to the request without calling setDeviceInfo.
        (WebCore::MediaDevicesEnumerationRequest::document): Added. Private helper.
        Returns nullptr if the request is no longer active.
        (WebCore::MediaDevicesEnumerationRequest::frame): Added. For use by a caller
        that was getting to the frame. Uses the document function so it will return
        nullptr if the request is no longer active.
        (WebCore::MediaDevicesEnumerationRequest::userMediaDocumentOrigin): Changed
        to do the work using the document function.
        (WebCore::MediaDevicesEnumerationRequest::topLevelDocumentOrigin): Ditto.
        (WebCore::MediaDevicesEnumerationRequest::contextDestroyed): Simplified. We
        now can simply set a boolean when the context is destroyed, so there are no
        side effects and the code is simpler.
        (WebCore::removeAtypicalDevices): Renamed and tightened up the code a bit.
        (WebCore::MediaDevicesEnumerationRequest::setDeviceInfo): Moved the code
        here from MediaDevicesEnumerationRequest to pass the devices along.

        * Modules/mediastream/MediaDevicesEnumerationRequest.h: Made the
        ContextDestructionObserver use private inheritance. Cut down the includes
        and removed various unneeded functions.

        * Modules/mediastream/MediaDevicesRequest.cpp: Removed.
        * Modules/mediastream/MediaDevicesRequest.h: Removed.

        * Modules/mediastream/UserMediaController.cpp:
        (WebCore::UserMediaController::UserMediaController): Use reference rather
        than pointer for the client.
        (WebCore::UserMediaController::~UserMediaController): Ditto.
        (WebCore::provideUserMediaTo): Ditto.

        * Modules/mediastream/UserMediaController.h:
        Changed constructor to take a refeference, removed client function, and
        changed data member to be a reference rather than a pointer.
        (WebCore::UserMediaController::from): Take and return a reference rather
        than taking a pointer that is checked for null.
        (WebCore::UserMediaController::requestUserMediaAccess): Use reference.
        (WebCore::UserMediaController::cancelUserMediaAccessRequest): Ditto.
        (WebCore::UserMediaController::enumerateMediaDevices): Ditto.
        (WebCore::UserMediaController::cancelMediaDevicesEnumerationRequest): Ditto.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::start): Updated to use the new version
        of UserMediaController::from.

        * WebCore.xcodeproj/project.pbxproj: Updated for file removals.

        * testing/Internals.cpp: Removed unneeded include of UserMediaController.h.

2017-06-19  Sam Weinig  <sam@webkit.org>

        [WebIDL] Move Touch related bindings in Document to their own IDL file
        https://bugs.webkit.org/show_bug.cgi?id=173521

        Reviewed by Alex Christensen.

        Rather than #including in the middle of an IDL file, this moves the touch related
        bindings in Document.idl to a new partial interface for Document in DocumentTouch.idl.
        While here, remove the custom binding for createTouchList.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::JSDocument::createTouchList): Deleted.
        Remove createTouchList. It can be generated now.

        * dom/Document.cpp:
        (WebCore::Document::createTouch): Deleted.
        * dom/Document.h:
        Move touch related bindings code to DocumentTouch.h/cpp.
        Remove DocumentIOSForward as it is no longer needed.

        * dom/Document.idl:
        Move touch related bindings to DocumentTouch.idl
        
        * dom/DocumentTouch.h: Added.
        * dom/DocumentTouch.cpp: Added.
        (WebCore::DocumentTouch::createTouch):
        Moved from Document.

        (WebCore::DocumentTouch::createTouchList):
        Added to aid generated binding.

        * dom/DocumentTouch.idl: Added.
        Moved operations from Document.h

        * dom/TouchList.h:
        (WebCore::TouchList::create):
        (WebCore::TouchList::TouchList):
        Added create that works with the bindings.

        * dom/ios/TouchEvents.cpp:
        Add DocumentTouchIOS.h and sort.

2017-06-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] The system Japanese font cannot be italicized
        https://bugs.webkit.org/show_bug.cgi?id=173300
        <rdar://problem/31805407>

        Reviewed by Ryosuke Niwa.

        Items in the system font cascade list may lie about whether or not they support italics.
        In order to get the truth, we need to use the physical font underlying the font in question,
        because this one won't lie. Then, we can interrogate this physical font about its traits
        in order to synthesize italics correctly.

        Test: fast/text/system-font-japanese-synthetic-italic.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::lookupFallbackFont):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
        (WebCore::FontFamilySpecificationCoreText::fontRanges):

2017-06-19  Daewoong Jang  <daewoong.jang@navercorp.com>

        [cURL] Move file scope static variables into function scopes
        https://bugs.webkit.org/show_bug.cgi?id=173567

        Reviewed by Alex Christensen.

        * platform/network/curl/SSLHandle.cpp:
        (WebCore::allowedHosts):
        (WebCore::allowedClientHosts):
        (WebCore::allowsAnyHTTPSCertificateHosts):
        (WebCore::addAllowedClientCertificate):
        (WebCore::setSSLClientCertificate):
        (WebCore::sslIgnoreHTTPSCertificate):
        (WebCore::certVerifyCallback):

2017-06-19  Darin Adler  <darin@apple.com>

        [Cocoa] implement URLSession:task:needNewBodyStream: delegate method
        https://bugs.webkit.org/show_bug.cgi?id=173551
        rdar://problem/32250512

        Reviewed by Alex Christensen.

        Covered by http/tests/misc/form-blob-challenge.html

        * WebCore.xcodeproj/project.pbxproj: Removed NSURLRequestSPI.h.

        * platform/network/cf/FormDataStreamCFNet.cpp:
        (WebCore::createHTTPBodyCFReadStream): Factored this out from setHTTPBody.
        (WebCore::setHTTPBody): Factored out the function above.
        * platform/network/cf/FormDataStreamCFNet.h: Added createHTTPBodyCFReadStream.

        * platform/network/cocoa/ResourceRequestCocoa.mm: Use CFNetworkSPI.h.
        * platform/network/ios/ResourceRequestIOS.mm: Ditto.

        * platform/network/mac/FormDataStreamMac.h: Added createHTTPBodyNSInputStream.
        * platform/network/mac/FormDataStreamMac.mm:
        (WebCore::createHTTPBodyNSInputStream): Added/

        * platform/network/mac/ResourceHandleMac.mm: Use CFNetworkSPI.h.
        * platform/network/mac/ResourceRequestMac.mm: Ditto.
        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm: Ditto.
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm: Ditto.

        * platform/network/mac/WebCoreURLResponse.h: Moved SPI declarations from
        here into CFNetworkSPI.h.

        * platform/spi/cf/CFNetworkSPI.h: Use #pragma once, consolidated SPI that was
        defined in scattered locations.

        * platform/spi/cocoa/NSURLRequestSPI.h: Removed. Superceded by CFNetworkSPI.h.

2017-06-19  Brady Eidson  <beidson@apple.com>

        Various IndexedDB crashes as an after effect of previous test.
        <rdar://problem/31418761> and https://bugs.webkit.org/show_bug.cgi?id=170436

        Reviewed by Chris Dumez.

        No new test (No consistent test possible, in practice covered by all existing IDB tests)

        This is timing related, where a UniqueIDBDatabase can be destroyed on the main thread while
        it still has one task left to try to execute on the IDBServer thread.
        
        The background thread tasks don't Ref<> the UniqueIDBDatabase, so even though task execution
        took a Ref<> protector, there was still a small window for a race.
        
        Should be closed up by making the background thread tasks themselves protect this.
        
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTask):
        (WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply):
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

2017-06-19  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add support for serializers that have members that are themselves serializers (or inherit being a serializer from a parent)
        https://bugs.webkit.org/show_bug.cgi?id=173395

        Reviewed by Simon Fraser.

        Test: fast/css/DOMQuad-serialization.html

        * bindings/scripts/CodeGenerator.pm:
        (InheritsSerializable):
        Helper to determine if an interface inherits from any interfaces
        that are serializable. This is necessary because an attribute is
        serializable even if its interface is not marked as serializable. 

        (IsSerializableAttribute):
        Check ancestor interfaces as well to determine serializability.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateSerializerDefinition):
        Specialize attributes that are serializable interfaces to call its interfaces
        serialize function, thus allowing nested objects to be serialized.

        * dom/DOMQuad.idl:
        Add serializer.

        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp: Added.
        * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h: Added.
        * bindings/scripts/test/TestSerialization.idl:
        * bindings/scripts/test/TestSerializationIndirectInheritance.idl: Added.
        Add and update tests.

2017-06-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r218505.
        https://bugs.webkit.org/show_bug.cgi?id=173563

        "It would break internal builds" (Requested by youenn on
        #webkit).

        Reverted changeset:

        "[WebRTC] Prevent capturing at unconventional resolutions when
        using the SW encoder on Mac"
        https://bugs.webkit.org/show_bug.cgi?id=172602
        http://trac.webkit.org/changeset/218505

2017-06-19  Zalan Bujtas  <zalan@apple.com>

        Opening certain mails brings up a mail that grows indefinitely.
        https://bugs.webkit.org/show_bug.cgi?id=173562
        <rdar://problem/32766579>

        Reviewed by Tim Horton.

        This reverts the logic where m_autoSizeContentSize always reflects the final layout's.
        When the ICB's height is 100%, it causes infinite recursion.
        See also webkit.org/b/173561.

        * page/FrameView.cpp:
        (WebCore::FrameView::autoSizeIfEnabled):

2017-06-19  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Support .zip archives for file uploads via drag and drop
        https://bugs.webkit.org/show_bug.cgi?id=173511
        <rdar://problem/32521025>

        Reviewed by Tim Horton.

        Allows dropped .zip archives to be uploaded as files by accepting types conforming to either
        "public.zip-archive" or "public.content" as potential file types. Initially, I opted to accept the more general
        "public.data" type; however, this includes UTIs such as "public.url" that should not be represented as files, so
        this is a more targeted fix that allows us to very easily add additional content types in the future by adding
        more types to supportedFileUploadPasteboardTypes.

        Tests:
        DataInteractionTests.ExternalSourceZIPArchiveToUploadArea
        DataInteractionTests.ExternalSourceZIPArchiveAndURLToSingleFileInput

        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::updateSupportedTypeIdentifiersForDragHandlingMethod):
        * platform/Pasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        (WebCore::Pasteboard::supportedWebContentPasteboardTypes):
        (WebCore::Pasteboard::supportedFileUploadPasteboardTypes):

        Rename supportedPasteboardTypes to supportedWebContentPasteboardTypes, and also introduce
        supportedFileUploadPasteboardTypes which returns an list of types, such that if a type conforms to any type in
        this array, that type may be represented as a file. So far, this list contains "public.content" and
        "public.zip-archive".

        (WebCore::Pasteboard::types):
        (WebCore::Pasteboard::supportedPasteboardTypes): Deleted.
        * platform/ios/WebItemProviderPasteboard.mm:
        (typeConformsToTypes):

        Remove -typeIsAppropriateForSupportedTypes: and replace it with typeConformsToTypes. Use this both when
        determining the number of files on the pasteboard, and when determining preferred UTIs to load when dropping.

        (-[WebItemProviderPasteboard numberOfFiles]):
        (-[WebItemProviderPasteboard typeIdentifierToLoadForRegisteredTypeIdentfiers:]):
        (-[WebItemProviderPasteboard typeIsAppropriateForSupportedTypes:]): Deleted.
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsFiles):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::supportedFileUploadPasteboardTypes):

2017-06-19  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove custom binding for Document.getCSSCanvasContext()
        https://bugs.webkit.org/show_bug.cgi?id=173516

        Reviewed by Chris Dumez.

        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::JSDocument::visitAdditionalChildren):
        (WebCore::JSDocument::getCSSCanvasContext): Deleted.
        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasContext):
        * dom/Document.h:
        * dom/Document.idl:
        Use a Variant to pass the context and type to the bindings.

2017-06-19  Youenn Fablet  <youenn@apple.com>

        [WebRTC] Prevent capturing at unconventional resolutions when using the SW encoder on Mac
        https://bugs.webkit.org/show_bug.cgi?id=172602
        <rdar://problem/32407693>

        Reviewed by Eric Carlson.

        Test: platform/mac/webrtc/captureCanvas-webrtc-software-encoder.html

        Add internal API to switch on/off hardware H264 encoder.
        Add checks for standard size. If using a software encoder and frame size is not standard,
        the session is destroyed and no frame is sent at all.

        Added tests based on captureStream.
        Fixed the case of capturing a canvas which size is changing.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasResized):
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.h:
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm:
        (WebCore::H264VideoToolboxEncoder::setHardwareEncoderForWebRTCAllowed):
        (WebCore::H264VideoToolboxEncoder::hardwareEncoderForWebRTCAllowed):
        (WebCore::isUsingSoftwareEncoder):
        (WebCore::H264VideoToolboxEncoder::CreateCompressionSession):
        (isStandardFrameSize): Added.
        (isUsingSoftwareEncoder): Added.
        * testing/Internals.cpp:
        (WebCore::Internals::setH264HardwareEncoderAllowed):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-19  Brady Eidson  <beidson@apple.com>

        Cleanup IconLoader stuff when a DocumentLoader detaches from its frame.
        <rdar://problem/31418761> and https://bugs.webkit.org/show_bug.cgi?id=173473

        Reviewed by Alex Christensen.

        No new tests (No known change in behavior)

        I discovered the need to make these changes here due to a transient bug
        introduced in r218015 but already explicitly fixed in r218409.
        
        This change adds an assert to guard against a detached DocumentLoader having active IconLoaders.

        It also clears out all pending IconLoader and icon load decisions when stopLoading() is called, 
        as even attempting to start an icon load after detachment is a waste of cycles.
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::stopLoading): Also explicitly clear all IconLoaders and icons pending
          load decision.
        (WebCore::DocumentLoader::finishedLoadingIcon): Assert that this DocumentLoader is not detached.

2017-06-19  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in more places in WebCore/
        https://bugs.webkit.org/show_bug.cgi?id=173535

        Reviewed by Antti Koivisto.

        Use WTF::Function instead of std::function in more places in WebCore/ to avoid copying.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::matchedParent):
        * accessibility/AccessibilityObject.h:
        * animation/DocumentAnimation.cpp:
        (WebCore::DocumentAnimation::getAnimations):
        * animation/DocumentAnimation.h:
        (WebCore::DocumentAnimation::getAnimations):
        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/DFACombiner.cpp:
        (WebCore::ContentExtensions::DFACombiner::combineDFAs):
        * contentextensions/DFACombiner.h:
        * css/CSSCrossfadeValue.cpp:
        (WebCore::CSSCrossfadeValue::traverseSubresources):
        * css/CSSCrossfadeValue.h:
        * css/CSSFilterImageValue.cpp:
        (WebCore::CSSFilterImageValue::traverseSubresources):
        * css/CSSFilterImageValue.h:
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::traverseSubresources):
        * css/CSSFontFaceSrcValue.h:
        * css/CSSImageSetValue.cpp:
        (WebCore::CSSImageSetValue::traverseSubresources):
        * css/CSSImageSetValue.h:
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::traverseSubresources):
        * css/CSSImageValue.h:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::traverseSubresources):
        * css/CSSValue.h:
        * css/CSSValueList.cpp:
        (WebCore::CSSValueList::traverseSubresources):
        * css/CSSValueList.h:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::traverseSubresources):
        * css/StyleProperties.h:
        * css/StyleSheetContents.cpp:
        (WebCore::traverseSubresourcesInRules):
        (WebCore::StyleSheetContents::traverseSubresources):
        * css/StyleSheetContents.h:
        * dom/Element.cpp:
        (WebCore::Element::getAnimations):
        * editing/TextIterator.cpp:
        (WebCore::findPlainTextMatches):
        (WebCore::findClosestPlainText):
        (WebCore::findPlainText):
        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::showPopupOrCreateAnimationController):
        (WebCore::DictionaryLookup::showPopup):
        (WebCore::DictionaryLookup::animationControllerForPopup):
        * fileapi/AsyncFileStream.cpp:
        (WebCore::AsyncFileStream::perform):
        (WebCore::AsyncFileStream::getSize):
        (WebCore::AsyncFileStream::openForRead):
        (WebCore::AsyncFileStream::read):
        * fileapi/AsyncFileStream.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::waitForPreparedForInlineThen):
        (WebCore::HTMLMediaElement::setVideoFullscreenLayer):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::waitForPreparedForInlineThen):
        (WebCore::HTMLMediaElement::setVideoFullscreenLayer):
        * loader/EmptyClients.cpp:
        (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
        (WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
        (WebCore::EmptyFrameLoaderClient::dispatchWillSubmitForm):
        * loader/FrameLoaderClient.h:
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create):
        * loader/archive/cf/LegacyWebArchive.h:
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::forEachResource):
        (WebCore::MemoryCache::forEachSessionResource):
        * loader/cache/MemoryCache.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        (WebCore::DOMWindow::showModalDialog):
        * page/DOMWindow.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::applyRecursivelyWithVisibleRect):
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::forEachPage):
        (WebCore::Page::decrementNestedRunLoopCount):
        (WebCore::Page::whenUnnested):
        * page/Page.h:
        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::clearAllTestDeferrals):
        (WebCore::WheelEventTestTrigger::setTestCallbackAndStartNotificationTimer):
        (WebCore::WheelEventTestTrigger::triggerTestTimerFired):
        * page/WheelEventTestTrigger.h:
        * page/WindowFeatures.cpp:
        (WebCore::processFeaturesString):
        * page/WindowFeatures.h:
        * page/cocoa/ResourceUsageOverlayCocoa.mm:
        (WebCore::RingBuffer::forEach):
        * platform/cocoa/WebVideoFullscreenModelVideoElement.h:
        (WebCore::WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer):
        (WebCore::WebVideoFullscreenModelVideoElement::waitForPreparedForInlineThen):
        * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer):
        (WebVideoFullscreenModelVideoElement::waitForPreparedForInlineThen):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setVideoFullscreenLayer):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayer::setVideoFullscreenLayer):
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h:
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
        (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer):

2017-06-19  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in WebCore/Modules
        https://bugs.webkit.org/show_bug.cgi?id=173534

        Reviewed by Alex Christensen.

        Use WTF::Function instead of std::function in WebCore/Modules to avoid
        copying.

        * Modules/applepay/PaymentCoordinatorClient.h:
        * Modules/encryptedmedia/CDM.h:
        * Modules/encryptedmedia/legacy/LegacyCDM.cpp:
        (WebCore::CDMFactory::CDMFactory):
        (WebCore::CDM::registerCDMFactory):
        * Modules/encryptedmedia/legacy/LegacyCDM.h:
        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::changeActiveMediaElements):
        (WebCore::MediaSession::safelyIterateActiveMediaElements):
        * Modules/mediasession/MediaSession.h:
        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::matchTransceiver):
        * Modules/mediastream/MediaStreamRegistry.cpp:
        (WebCore::MediaStreamRegistry::forEach):
        * Modules/mediastream/MediaStreamRegistry.h:

2017-06-19  Youenn Fablet  <youenn@apple.com>

        A cloned MediaStreamTrack should mute independently other tracks using the same source
        https://bugs.webkit.org/show_bug.cgi?id=172831
        <rdar://problem/32518527>

        Reviewed by Eric Carlson.

        Test: webrtc/clone-audio-track.html

        Move enabled handling in MediaStreamTrackPrivate instead of RealtimeMediaSource.
        Move WebRTC and WebAudio customers of RealtimeMediaSource to MediaStreamTrackPrivate.
        Move creation of WebAudio provider to MediaStreamTrackPrivate.

        This allows changing some parameters of tracks having the same source independently.
        Using this for enabled track attribute.

        We no longer stop generating frames in case track is disabled.
        This should be added back as an optimization in a follow-up.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::addTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::replaceTrack):
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        * Modules/webaudio/MediaStreamAudioSource.h:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::create):
        (WebCore::MediaStreamTrackPrivate::~MediaStreamTrackPrivate):
        (WebCore::MediaStreamTrackPrivate::setEnabled):
        (WebCore::MediaStreamTrackPrivate::audioSourceProvider):
        (WebCore::MediaStreamTrackPrivate::videoSampleAvailable):
        (WebCore::MediaStreamTrackPrivate::audioSamplesAvailable):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        (WebCore::MediaStreamTrackPrivate::Observer::audioSamplesAvailable):
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::removeObserver):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
        (WebCore::MockRealtimeAudioSourceMac::render):
        * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
        (WebCore::RealtimeIncomingAudioSource::~RealtimeIncomingAudioSource):
        (WebCore::RealtimeIncomingAudioSource::OnData):
        * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::pixelBufferFromVideoFrame):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::RealtimeOutgoingAudioSource):
        (WebCore::RealtimeOutgoingAudioSource::setSource):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::RealtimeOutgoingVideoSource):
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::initializeFromSource):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::create):
        (WebCore::WebAudioSourceProviderAVFObjC::WebAudioSourceProviderAVFObjC):
        (WebCore::WebAudioSourceProviderAVFObjC::setClient):
        (WebCore::WebAudioSourceProviderAVFObjC::audioSamplesAvailable):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::generateFrame):
        * platform/spi/cocoa/PassKitSPI.h:

2017-06-19  Sam Weinig  <sam@webkit.org>

        [WebIDL] Properly model buffer source / typed arrays as their own IDL types
        https://bugs.webkit.org/show_bug.cgi?id=173513

        Reviewed by Alex Christensen.

        - Adds IDL type hierarchy for buffer source types.
        - Includes a special type, IDLArrayBufferView, which WebIDL defines as the union
          of DataView and all the typed array types, but we model as shared base class.
          This should not be observable, and allows us to avoid using a Variant for ArrayBufferView
          and instead use the existing base class.
        - Add builtin typedefs for BufferSource and DOMTimeStamp as defined in WebIDL. As noted
          above, rather than define a typedef of ArrayBufferView that maps to a union, we treat
          it as a special type.

        * bindings/IDLTypes.h:
        Add type hierarchy for buffer source types.
        - IDLBufferSource is the root
        - IDLArrayBuffer, IDLArrayBufferView, IDLDataView, IDLTypedArray derive from it.
        - And then the specific typed array types derive from IDLTypedArray, and are defined
          in JSDOMConvertBufferSource so we don't have to include a ton of typed array includes
          in this file, as they cannot be forward declared.

        * bindings/js/JSDOMConvertBufferSource.h:
        (WebCore::Detail::BufferSourceConverter::convert):
        (WebCore::Converter<IDLArrayBuffer>::convert):
        (WebCore::JSConverter<IDLArrayBuffer>::convert):
        (WebCore::Converter<IDLDataView>::convert):
        (WebCore::JSConverter<IDLDataView>::convert):
        (WebCore::Converter<IDLInt8Array>::convert):
        (WebCore::JSConverter<IDLInt8Array>::convert):
        (WebCore::Converter<IDLInt16Array>::convert):
        (WebCore::JSConverter<IDLInt16Array>::convert):
        (WebCore::Converter<IDLInt32Array>::convert):
        (WebCore::JSConverter<IDLInt32Array>::convert):
        (WebCore::Converter<IDLUint8Array>::convert):
        (WebCore::JSConverter<IDLUint8Array>::convert):
        (WebCore::Converter<IDLUint16Array>::convert):
        (WebCore::JSConverter<IDLUint16Array>::convert):
        (WebCore::Converter<IDLUint32Array>::convert):
        (WebCore::JSConverter<IDLUint32Array>::convert):
        (WebCore::Converter<IDLUint8ClampedArray>::convert):
        (WebCore::JSConverter<IDLUint8ClampedArray>::convert):
        (WebCore::Converter<IDLFloat32Array>::convert):
        (WebCore::JSConverter<IDLFloat32Array>::convert):
        (WebCore::Converter<IDLFloat64Array>::convert):
        (WebCore::JSConverter<IDLFloat64Array>::convert):
        (WebCore::Converter<IDLArrayBufferView>::convert):
        (WebCore::JSConverter<IDLArrayBufferView>::convert):
        Add native and javascript conversion for all the new types.

        * bindings/js/JSDOMConvertUnion.h:
        Add support for steps 7, 8, and 9 of the union conversion algorithm now that
        buffer source types are properly modeled.

        * bindings/js/JSSubtleCryptoCustom.cpp:
        * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
        Replace use of now repurposed IDLBufferSource, with its definition, IDLUnion<IDLArrayBufferView, IDLArrayBuffer>.

        * bindings/scripts/CodeGenerator.pm:
        (IsBufferSourceType):
        Renamed from IsTypedArrayType.

        (IsNonPointerType): Deleted.
        Was only used by DumpRenderTree and WebKitTestRunner generators. They have 
        been switched to the equivalent IsPrimitiveType.

        (IsTypedArrayType): Deleted.
        Renamed to IsBufferSourceType.

        (IsRefPtrType): Deleted. Unused.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (AddClassForwardIfNeeded):
        (GetArgumentExceptionFunction):
        (GetAttributeExceptionFunction):
        (PassArgumentExpression):
        (GenerateDefaultValue):
        (GenerateOverloadDispatcher):
        (ShouldPassArgumentByReference):
        (NativeToJSValueDOMConvertNeedsState):
        (NativeToJSValueDOMConvertNeedsGlobalObject):
        Update for rename of IsTypedArrayType -> IsBufferSourceType and remove specialized BufferSource
        condition.

        (GetBaseIDLType):
        Add mappings for new buffer source types.

        * bindings/scripts/IDLParser.pm:
        (Parse):
        Insert builtin typedefs to the typedef map before parsing.

        (addBuiltinTypedefs):
        Generate typedefs for BufferSource and DOMTimeStamp as specified by WebIDL.

        (applyTypedefs):
        Add support for applying typedefs to iterable and maplike, necessary now because BufferSource
        is used as the key to iterable in MediaKeyStatusMap.idl

        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.h:
        Update test results.

        * bindings/scripts/test/TestTypedefs.idl:
        Add tests for builtin typedefs.

        * Modules/geolocation/Geoposition.idl:
        * dom/Event.idl:
        * fileapi/Blob.idl:
        * fileapi/File.idl:
        * page/FrameView.h:
        * xml/XMLHttpRequest.idl:
        Remove typedef for DOMTimeStamp and BufferSource which are now automatically included.

2017-06-19  Adrian Perez de Castro  <aperez@igalia.com>

        Missing <functional> includes make builds fail with GCC 7.x
        https://bugs.webkit.org/show_bug.cgi?id=173544

        Unreviewed gardening.

        Fix compilation with GCC 7.

        * Modules/mediastream/MediaStreamRegistry.h:
        * animation/DocumentAnimation.h:
        * page/WheelEventTestTrigger.h:
        * page/csp/ContentSecurityPolicy.h:
        * platform/Timer.h:
        * platform/graphics/gstreamer/MainThreadNotifier.h:
        * platform/network/NetworkStorageSession.h:

2017-06-19  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed build fix after r218484.

        Properly access the GCryptCipherOperation type (now CipherOperation)
        in the PAL::GCrypt namespace. This somehow worked in local builds.

        * crypto/gcrypt/CryptoAlgorithmAES_CTRGCrypt.cpp:
        (WebCore::callOperation):
        (WebCore::gcryptAES_CTR):

2017-06-19  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] AES_CTR support
        https://bugs.webkit.org/show_bug.cgi?id=171420

        Reviewed by Michael Catanzaro.

        Implement AES_CTR support for build configurations that use libgcrypt.

        Both encryption and decryption operations are handled in a single gcryptAES_CTR() function,
        with the specific operation being passed as the first argument. The appropriate AES
        algorithm is picked, and a gcry_cipher_hd_t object is created and has the given key set.
        This key will remain the same throughout the gcry_cipher_hd_t lifetime, even after
        gcry_cipher_reset() calls.

        The encrypt/decrypt operation is wrapped into a helper lambda functor that accepts the
        given counter and input data. It resets the cipher object, sets the counter data, and
        performs the specified operation, returning the output data.

        libgcrypt doesn't support setting counter data on a gcry_cipher_hd_t object with only
        part of that data being used as the actual counter, with the rest acting as a nonce, like
        the Web Crypto specification allows. We have to implement the support for that on our own.

        We compute the number of blocks we'll be processing and the upper exclusive limit for the
        given counter length. We immediately bail if the counter limit is less than the computed
        block count, since that would mean that the counter values would be repeated.

        We short-cut to a direct operation call if the counter length matches size of the counter
        data -- we don't have to adjust the counter data in any way if that's the case.

        Otherwise we move counter data into the MPI format. The nonce and the actual counter MPIs
        can split out of the counter data MPI with the modulus operation and the counter limit MPI.

        We take another shortcut straight to the operation call if we're able to determine that the
        'counter leeway' value, i.e. the difference between the initial counter MPI and the counter
        limit MPI, is larger or equal to the predicted block size -- if that's the case, the counter
        won't wrap around and change the nonce data.

        In worst-case scenario the counter data will wrap around and we have to address that. The
        current implementation takes the slowest possible path for the moment, encrypting/decrypting
        each block separately. For each step the counter is combined with the nonce, the resulting
        MPI data retrieved and passed to the operation function, and the returned block output
        appended to the final output vector. The counter MPI is then incremented and ran through the
        modulus operation, limiting the MPI value to the previously-computed counter limit.

        No new tests -- relevant tests are passing and are unskipped.

        * crypto/gcrypt/CryptoAlgorithmAES_CTRGCrypt.cpp:
        (WebCore::callOperation):
        (WebCore::gcryptAES_CTR):
        (WebCore::CryptoAlgorithmAES_CTR::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CTR::platformDecrypt):

2017-05-14 Frederic Wang  <fwang@igalia.com>

        Add heuristic to avoid flattening "fullscreen" iframes
        https://bugs.webkit.org/show_bug.cgi?id=171914

        Reviewed by Simon Fraser.

        Some authors implement fullscreen popups as out-of-flow iframes with size set to full viewport (using vw/vh CSS units).
        When iframe flattening is enabled, such iframes may unexpectedly become larger than the viewport.
        This commit adds a simple heuristic to avoid frame flattening in that case.
        It is experimented by introducing a "enable for non-fullscreen iframes" state for the frame
        flattening setting.
        The default frame flattening is still either disabled or (fully) enabled on all platforms.
        InternalSettings is also adjusted so that the tests can still set the frame flattening setting.

        Test: fast/frames/flattening/iframe-flattening-fullscreen.html

        * page/FrameView.cpp:
        (WebCore::FrameView::frameFlatteningEnabled): Use the frame flattening enum setting.
        * page/Settings.h: Define a frame flattening enum that includes a "enable for non-fullscreen
        iframes" state.
        * page/Settings.in: Redefine frame flattening using that enum.
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::flattenFrameSet): Use the frame flattening enum setting.
        * rendering/RenderIFrame.cpp:
        (WebCore::RenderIFrame::isFullScreenIFrame): Add a heuristic when partial frame flattening
        is enabled setting is enabled.
        There is not a strict comparison against the viewport size since authors may not exactly use
        100vw/100vh.
        Anyway, it is hard to do such comparison using the resolved width & height on RenderStyle.
        (WebCore::RenderIFrame::flattenFrame): Add a comment for the existing "zero size" heuristic.
        Use isFullScreenIFrame heuristic.
        * rendering/RenderView.cpp:
        (WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower): Use the frame flattening enum setting.
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup): Add backup for frame flattening.
        (WebCore::InternalSettings::Backup::restoreTo): Ditto.
        (WebCore::internalSettingsToWebCoreValue): Helper function to cast the frame flattening values.
        (WebCore::InternalSettings::setFrameFlattening): Redefine setFrameFlattening to accept an enum.
        * testing/InternalSettings.h: Define new enum & setter for frame flattening as well as a backup value.
        * testing/InternalSettings.idl: Define new enum & setter for frame flattening.

2017-06-18  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r218253): Infinite animated gifs no longer loop
        https://bugs.webkit.org/show_bug.cgi?id=173464

        Reviewed by Carlos Alberto Lopez Perez.

        After the first loop iteration we keep rendering the same frame all the time, so it looks like if the animation
        stopped. This is because in r218253 we changed to use SharedBuffer instead of a Vector in ImageBackingStore, but
        we are not correctly copying the data in the copy constructor. We are using SharedBuffer::copy() that doesn't
        actually copy the data of the segments.

        * platform/graphics/ImageBackingStore.h:
        (WebCore::ImageBackingStore::ImageBackingStore): Copy the data of the other SharedBuffer.

2017-06-18  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] MainThreadNotifier ASSERTION FAILED: m_boundThread == currentThread() in _WebKitWebSrcPrivate::~_WebKitWebSrcPrivate
        https://bugs.webkit.org/show_bug.cgi?id=152043

        Reviewed by Xabier Rodriguez-Calvar.

        Stop using a WeakPtr in MainThreadNotifier, because it's not thread safe, which causes a crash in debug builds when
        the notifier is destroyed in a different thread. Make MainThreadNotifier thread safe refcounted instead, and add
        an invalidate() method to mark it as invalid.

        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.cpp:
        (WebCore::InbandTextTrackPrivateGStreamer::handleSample):
        (WebCore::InbandTextTrackPrivateGStreamer::streamChanged):
        * platform/graphics/gstreamer/MainThreadNotifier.h:
        (WebCore::MainThreadNotifier::MainThreadNotifier): Deleted.
        (WebCore::MainThreadNotifier::notify): Deleted.
        (WebCore::MainThreadNotifier::cancelPendingNotifications): Deleted.
        (WebCore::MainThreadNotifier::addPendingNotification): Deleted.
        (WebCore::MainThreadNotifier::removePendingNotification): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::TrackPrivateBaseGStreamer):
        (WebCore::TrackPrivateBaseGStreamer::~TrackPrivateBaseGStreamer):
        (WebCore::TrackPrivateBaseGStreamer::disconnect):
        (WebCore::TrackPrivateBaseGStreamer::activeChangedCallback):
        (WebCore::TrackPrivateBaseGStreamer::tagsChanged):
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init):
        (webKitWebSrcDispose):
        (webKitWebSrcStop):
        (webKitWebSrcStart):
        (webKitWebSrcNeedData):
        (webKitWebSrcEnoughData):
        (webKitWebSrcSeek):

2017-06-18  Ryosuke Niwa  <rniwa@webkit.org>

        Meter element doesn't respect the writing direction
        https://bugs.webkit.org/show_bug.cgi?id=173507

        Reviewed by Sam Weinig.

        The bug was caused by NSLevelIndicatorCell no longer using the value of baseWritingDirection
        to determine the direction of rendering in macOS Sierra and later. It instead relies on
        the value of userInterfaceLayoutDirection.

        Fixed the bug by setting both values. Once we dropped the support for macOS El Capitan
        and earlier, we can remove the code to set baseWritingDirection.

        Test: fast/dom/HTMLMeterElement/meter-rtl.html

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::levelIndicatorFor):

2017-06-18  Dewei Zhu  <dewei_zhu@apple.com>

        Remove 'EditCommand::isEditCommandComposition'.
        https://bugs.webkit.org/show_bug.cgi?id=173525

        Reviewed by Wenson Hsieh.

        Should remove 'isEditCommandComposition' from 'EditCommand' for:
            1. 'EditCommandComposition' is no longer a subclass of EditCommand.
            2. 'isEditCommandComposition' is not used at all.

        * editing/EditCommand.h:
        (WebCore::EditCommand::isCompositeEditCommand):
        (WebCore::EditCommand::isEditCommandComposition): Deleted.

2017-06-18  Chris Dumez  <cdumez@apple.com>

        Crash when re-entering MediaDevicesEnumerationRequest::cancel()
        https://bugs.webkit.org/show_bug.cgi?id=173522
        <rdar://problem/31185739>

        Reviewed by Darin Adler.

        When a MediaDevicesRequest is started, it creates a MediaDevicesEnumerationRequest
        object and passes a completion handler to that MediaDevicesEnumerationRequest
        object. The completion handler holds a reference to the MediaDevicesRequest object
        so that its stays alive until the MediaDevicesEnumerationRequest either completes
        or is canceled. MediaDevicesRequest also holds a reference to the
        MediaDevicesEnumerationRequest object via its m_enumerationRequest data member.

        When the document is destroyed, both MediaDevicesRequest::contextDestroyed() and
        MediaDevicesEnumerationRequest::contextDestroyed() gets called and the other is not
        pre-determined. If MediaDevicesEnumerationRequest::contextDestroyed() gets called
        first then it calls MediaDevicesEnumerationRequest::cancel(). Calling cancel() ends
        up destroying the completion handler. Destroying the completion handler ends up
        dereferencing and destroying the MediaDevicesRequest object. The MediaDevicesRequest
        destructor would call MediaDevicesEnumerationRequest::cancel() again, causing us to
        re-enter it and assign nullptr to the completion callback again. Re-entering
        std::function's operator=(nullptr_t) is not safe because of the way it is implemented
        as we end up trying to destroy the lambda twice and crashing. Using a WTF::Function
        instead fixes this particular issue because re-entering WTF::Function's operator=(nullptr_t)
        is safe.

        However, this fix is not sufficient. Calling the MediaDevicesRequest destructor also
        dereferencing and destroys the MediaDevicesEnumerationRequest object. As a result,
        when MediaDevicesEnumerationRequest::contextDestroyed() returns from its call to cancel
        |this| is already dead when we call ContextDestructionObserver::contextDestroyed().
        To address this issue, we now protect |this| in MediaDevicesEnumerationRequest::contextDestroyed().

        Test: fast/mediastream/destroy-document-while-enumerating-devices.html

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        (WebCore::MediaDevicesEnumerationRequest::contextDestroyed):
        Protect |this| as the call to cancel() may destroy |this| before calling
        ContextDestructionObserver::contextDestroyed() otherwise.

        * Modules/mediastream/MediaDevicesEnumerationRequest.h:
        Use WTF::Function instead of std::function for the completion handler as
        it is safer (in terms of re-entrency) and avoids unnecessary copying.

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::~MediaDevicesRequest):
        Stop calling MediaDevicesEnumerationRequest::cancel(). When the destructor
        is called, the MediaDevicesEnumerationRequest has either completed or been
        canceled so there is no need to cancel again. I added an assertion to
        make sure it is the case. This avoids re-entering
        MediaDevicesEnumerationRequest::cancel() is some cases, which was risky.

        (WebCore::MediaDevicesRequest::start):
        Add comment for clarity and capture a Ref<> instead of a RefPtr<> now that
        we can since we use WTF::Function.

2017-06-18  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in WTF/
        https://bugs.webkit.org/show_bug.cgi?id=173519

        Reviewed by Sam Weinig.

        Replace a few uses of std::function with WTF::Function in WebCore/
        as well. It was either this or including <functional> and I decided
        it made more sense to port the code.

        * platform/graphics/FontSelectionAlgorithm.h:
        (WebCore::FontSelectionAlgorithm::iterateActiveCapabilitiesWithReturn):
        * platform/mediastream/MediaConstraints.cpp:
        (WebCore::StringConstraint::find):
        (WebCore::MediaTrackConstraintSetMap::forEach):
        (WebCore::MediaTrackConstraintSetMap::filter):
        (WebCore::MediaConstraints::isConstraintSet):
        * platform/mediastream/MediaConstraints.h:
        (WebCore::NumericConstraint::find):
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::applyConstraint):

2017-06-18  Jer Noble  <jer.noble@apple.com>

        [MSE] Seeking or entering fullscreen can cause extreme CPU usage
        https://bugs.webkit.org/show_bug.cgi?id=173505

        Reviewed by Tim Horton.

        When support for painting MSE to WebGL was added in r217185, the implementation of
        SourceBufferPrivateAVFObjC::isReadyForMoreSamples() was modified to support asking
        the decompression session if it was ready. That change, however, caused an extreme
        performance regression in the normal playback path, where WebKit will effectively
        append samples endlessly to the AVSampleBufferDisplayLayer, which admirably enqueued
        each of them for decoding. Eventually, the cost of iterating over the CMBufferQueue
        overwhelmed the cost of decoding, and caused the extreme lag seen when seeking.

        Make sure to property query the AVSampleBufferDisplayLayer for isReadyForMoreMediaData
        before enqueuing.

        A previous version of this patch exposed some errors which caused failing tests:

        In sourceBufferPrivateDidReceiveSample(), we were using local versions of
        presentationTimestamp and decodeTimestamp as keys to the decodeQueue; those local versions
        were floating point values (because MediaTime + float = float), but the sample itself uses
        non-floating point MediaTimes. This causes samples to be left in the queue when they should
        be removed.

        In didBecomeReadyForMoreSamples(), we were getting spurious assertions when a
        AVSampleBufferDisplayLayer or a AVSampleBufferAudioRenderer would fire a callback from
        -requestMediaDataWhenReadyOnQueue:usingBlock: even after it had been told to
        -stopRequestingMediaData. Apparently it's expected behavior and so an ASSERT_NOT_REACHED is
        inappropriate here.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples):
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples):


2017-06-17  Zalan Bujtas  <zalan@apple.com>

        Addressing post-review comment after r218456.
        https://bugs.webkit.org/show_bug.cgi?id=173509

        Reviewed by Darin Adler.

        * dom/Document.cpp:
        (WebCore::Document::destroyRenderTree):

2017-06-17  Chris Dumez  <cdumez@apple.com>

        DOMQuad::getBounds() should return a Ref<>
        https://bugs.webkit.org/show_bug.cgi?id=173517

        Reviewed by Simon Fraser.

        DOMQuad::getBounds() should return a Ref<> as it cannot return
        null.

        * dom/DOMQuad.cpp:
        (WebCore::DOMQuad::getBounds):
        * dom/DOMQuad.h:

2017-06-17  Simon Fraser  <simon.fraser@apple.com>

        Implement DOMQuad
        https://bugs.webkit.org/show_bug.cgi?id=163534

        Reviewed by Sam Weinig.

        Implement DOMQuad per https://drafts.fxtf.org/geometry/#DOMQuad, other than serialization
        which requires some bindings changes.

        web-platform-tests/css/geometry-1/DOMRect-001.html tests against an older version of the spec,
        so has some failures. DOMQuad-002.html passes, other than a NaN propagation issue that requires
        spec clarification.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMQuadCustom.cpp: Added.
        (WebCore::JSDOMQuad::getBounds):
        * bindings/scripts/CodeGenerator.pm:
        (IsSerializableDOMType):
        (IsSerializableAttribute):
        * dom/DOMPoint.h:
        * dom/DOMQuad.cpp: Added.
        (WebCore::DOMQuad::DOMQuad):
        (WebCore::DOMQuad::getBounds):
        * dom/DOMQuad.h: Added.
        (WebCore::DOMQuad::create):
        (WebCore::DOMQuad::fromRect):
        (WebCore::DOMQuad::fromQuad):
        (WebCore::DOMQuad::p1):
        (WebCore::DOMQuad::p2):
        (WebCore::DOMQuad::p3):
        (WebCore::DOMQuad::p4):
        * dom/DOMQuad.idl: Added.
        * dom/DOMQuadInit.h: Added.
        * dom/DOMQuadInit.idl: Added.

2017-06-17  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in WebKit2/
        https://bugs.webkit.org/show_bug.cgi?id=173504

        Reviewed by Darin Adler.

        Use WTF::Function instead of std::function in WebKit2/ to avoid
        unnecessary copying.

        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::canMakePaymentsWithActiveCard):
        (WebCore::PaymentCoordinator::openPaymentSetup):
        * Modules/applepay/PaymentCoordinator.h:
        * Modules/applepay/PaymentCoordinatorClient.h:
        * loader/EmptyClients.cpp:
        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::willSendRequest):
        * loader/NetscapePlugInStreamLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest):
        * loader/ResourceLoader.h:

2017-06-17  Zalan Bujtas  <zalan@apple.com>

        Demote the "we have navigated away" check to an assertion.
        https://bugs.webkit.org/show_bug.cgi?id=173509

        Reviewed by Simon Fraser.

        Now that the expected behavior is that the render tree can't get to the page cache, it's ok to assert.
        TODO: We should also have view() check removed at some point.

        * dom/Document.cpp:
        (WebCore::Document::destroyRenderTree):

2017-06-17  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build

        * PlatformMac.cmake:
        * bindings/js/ScriptGlobalObject.cpp:

2017-06-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r218438.
        https://bugs.webkit.org/show_bug.cgi?id=173515

        Caused imported/w3c/web-platform-tests/media-
        source/mediasource* tests to fail (Requested by smfr on
        #webkit).

        Reverted changeset:

        "[MSE] Seeking or entering fullscreen can cause extreme CPU
        usage"
        https://bugs.webkit.org/show_bug.cgi?id=173505
        http://trac.webkit.org/changeset/218438

2017-06-17  Antti Koivisto  <antti@apple.com>

        Crash due to infinite recursion via FrameSelection::updateAppearanceAfterLayout
        https://bugs.webkit.org/show_bug.cgi?id=173468

        Reviewed by Ryosuke Niwa.

        Test: editing/selection/updateAppearanceAfterLayout-recursion.html

        Calling FrameSelection::updateAppearanceAfterLayout() from Document::resolveStyle is unsafe
        because it may cause another call to resolveStyle. We have some cases where the style
        is still unclean when updateAppearanceAfterLayout() is called. This can lead to infinite
        recursion.

        The test case is not the common stack seen in CrashTracer (couldn't quit replicate it) but
        the updateAppearanceAfterLayout/resolveStyle recursion is the same.

        * dom/Document.cpp:
        (WebCore::Document::resolveStyle):

            Normally selection appearance update is done in post-layout but not all style resolutions schedule a layout.
            Invoke it asynchronously in that case instead of the previous synchronous call.

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::FrameSelection):
        (WebCore::FrameSelection::updateAppearanceAfterLayout):
        (WebCore::FrameSelection::scheduleAppearanceUpdateAfterStyleChange):
        (WebCore::FrameSelection::appearanceUpdateTimerFired):
        (WebCore::FrameSelection::updateAppearanceAfterLayoutOrStyleChange):
        * editing/FrameSelection.h:

2017-06-17  Alex Christensen  <achristensen@webkit.org>

        Fix Mac CMake build.

        * PlatformMac.cmake:

2017-06-17  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r209495): materiauxlaverdure.com fails to load
        https://bugs.webkit.org/show_bug.cgi?id=173301
        <rdar://problem/32624850>

        Reviewed by Antti Koivisto.

        The bug was caused by WebKit wrapping CSS string values with single quotation marks instead of
        double quotation marks as spec'ed in https://drafts.csswg.org/cssom/#serialize-a-string and
        implemented in Firefox and Chrome.

        The website eval's the computed value of the `content` CSS property with the value `'{name: "flat"}'`
        after stripping single quotation marks from both ends. Prior to r209495, WebKit serialized this CSS value
        in single quotations without escaping double quotations. After r209495, double quotations are escaped
        with backslashes as `'{name: \"flat\"}'`. As a result, `eval` is invoked with `{name: \"flat\"}`
        after stripping single quotations from both ends, which resulted in an exception.

        Chrome and Firefox don't encounter this exception despite of the fact they escape double quotations
        as well because serialize with double quotations as `"{name: \"flat\"}"`. Because there is no code
        to strip double quotations, eval is invoked with the same string, resulting in the entire value as
        being parsed as string, instead of an object with a single key "name" with the value of "flat" as
        was the case in WebKit prior to r209495. While this behavior was most certainly not the intent of
        the website author, Chrome and Firefox don't encounter an exception and the website continues to work.

        This patch aligns WebKit's behavior to that of the CSS OM specification, Firefox, and Chrome by
        serializing CSS string values using double quotation marks instead of single quotation marks.

        Note: inline change log comments are added below for every call site of serializeString for clarity.

        Test: fast/css/getPropertyValue-serialization-with-double-quotes.html

        * css/CSSBasicShapes.cpp:
        (WebCore::buildPathString): Use double quotation marks in path(~) of shapes.
        * css/CSSMarkup.cpp:
        (WebCore::serializeString):
        (WebCore::serializeURL): Use double quotation marks to serialize URLs.
        (WebCore::serializeAsStringOrCustomIdent): Use double quotation marks to serialize strings. We still avoid
        using wrapping the value with double quotations when the value can be an identifier. See r209495.
        (WebCore::serializeFontFamily): Ditto for font-family names such as "San Francisco".
        * css/CSSMarkup.h:
        * css/CSSNamespaceRule.cpp:
        (WebCore::CSSNamespaceRule::cssText): Use double quotation marks to serialize namespace URIs.
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): Use double quotation marks to serialize
        the separators; e.g. counter(sectionNumber, ".") to produce "1.".
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText): Use double quotation marks to serialize attribute values.
        * css/parser/CSSParserToken.cpp:
        (WebCore::CSSParserToken::serialize): Use double quotation marks to serialize strings in @support.
        * editing/EditingStyle.cpp:
        (WebCore::StyleChange::extractTextStyles): Updated to strip double quotation marks in font family names to
        maintain the compatibility with old versions of Microsoft Outlook.
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::mapLanguageAttributeToLocale): Use double quotations marks to serialize the value
        of the lang content attribute. It doesn't matter which one is used here because it's only a temporary value
        only fed into the CSS parser to set the equivalent CSS value from the content attribute.

2017-06-16  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Instrument 2D/WebGL canvas contexts in the backend
        https://bugs.webkit.org/show_bug.cgi?id=172623
        <rdar://problem/32415986>

        Reviewed by Devin Rousso and Joseph Pecoraro.

        Test: inspector/canvas/create-canvas-contexts.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:

        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasElement):
        Instrument creation of CSS canvases. This merely registers the canvas
        element with InspectorCanvasAgent and stores the name (identifier passed
        to getCSSCanvasContext) for later use. It isn't until the context is
        actually created that the frontend receives a notification.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext2d):
        (WebCore::HTMLCanvasElement::getContextWebGL):
        Instrument creation of 2D and WebGL canvas contexts.

        * inspector/InspectorAllInOne.cpp:

        * inspector/InspectorCanvasAgent.cpp: Added.
        New backend agent for canvas inspection. Canvas creation and destruction
        are continuously monitored by the agent, regardless of the presence of
        a frontend. This is necessary since there is no way to retrieve the
        rendering contexts for with a given frame once they've been created.

        (WebCore::InspectorCanvasAgent::InspectorCanvasAgent):
        (WebCore::InspectorCanvasAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::willDestroyFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::discardAgent):
        Unregister canvas observers to prevent dangling agent pointer.
        (WebCore::InspectorCanvasAgent::enable):
        Dispatch events for existing canvases, now that the frontend exists.
        (WebCore::InspectorCanvasAgent::disable):
        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didCreateCSSCanvas):
        Register the name/identifier associated with the CSS canvas, so that it
        can be retrieved and associated with the rendering context later.

        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        (WebCore::InspectorCanvasAgent::canvasDestroyed):
        Removes the canvas from the agent, and queues it for notifying the
        frontend during the next event loop.

        (WebCore::InspectorCanvasAgent::canvasDestroyedTimerFired):
        (WebCore::InspectorCanvasAgent::clearCanvasData):
        (WebCore::InspectorCanvasAgent::getCanvasEntry):
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):
        * inspector/InspectorCanvasAgent.h: Added.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didCreateCSSCanvas):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
        These instrumentation points should not fast return when no frontend
        is attached.

        * inspector/InstrumentingAgents.cpp:
        (WebCore::InstrumentingAgents::reset):

        * inspector/InstrumentingAgents.h:
        (WebCore::InstrumentingAgents::inspectorCanvasAgent):
        (WebCore::InstrumentingAgents::setInspectorCanvasAgent):
        Plumbing for the new agent.

2017-06-16  Antoine Quint  <graouts@apple.com>

        Add a WebKit2 setting to control whether media documents should automatically enter fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=173503

        Reviewed by Tim Horton.

        New WebCore setting to specify whether a media document should automatically enter fullscreen.

        * page/Settings.in:

2017-06-16  Jer Noble  <jer.noble@apple.com>

        [MSE] Seeking or entering fullscreen can cause extreme CPU usage
        https://bugs.webkit.org/show_bug.cgi?id=173505

        Reviewed by Tim Horton.

        When support for painting MSE to WebGL was added in r217185, the implementation of
        SourceBufferPrivateAVFObjC::isReadyForMoreSamples() was modified to support asking
        the decompression session if it was ready. That change, however, caused an extreme
        performance regression in the normal playback path, where WebKit will effectively
        append samples endlessly to the AVSampleBufferDisplayLayer, which admirably enqueued
        each of them for decoding. Eventually, the cost of iterating over the CMBufferQueue
        overwhelmed the cost of decoding, and caused the extreme lag seen when seeking.

        Make sure to property query the AVSampleBufferDisplayLayer for isReadyForMoreMediaData
        before enqueuing.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples):

2017-06-16  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove custom bindings for HTMLDocument
        https://bugs.webkit.org/show_bug.cgi?id=173444

        Reviewed by Darin Adler.

        * bindings/js/JSDOMBindingSecurity.cpp:
        (WebCore::canAccessDocument):
        (WebCore::BindingSecurity::shouldAllowAccessToFrame):
        (WebCore::BindingSecurity::shouldAllowAccessToDOMWindow):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::showModalDialog):
        Pass ExecState by reference to window accessors.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::incumbentDOMWindow):
        (WebCore::activeDOMWindow):
        (WebCore::firstDOMWindow):
        (WebCore::callerDocument):
        * bindings/js/JSDOMWindowBase.h:
        Pass ExecState by reference to window accessors and add callerDocument.
    
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot): Deleted.
        (WebCore::JSHTMLDocument::all): Deleted.
        (WebCore::JSHTMLDocument::setAll): Deleted.
        (WebCore::findCallingDocument): Deleted.
        (WebCore::JSHTMLDocument::open): Deleted.
        (WebCore::documentWrite): Deleted.
        (WebCore::JSHTMLDocument::write): Deleted.
        Remove custom bindings.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateCallWith):
        Add support CallWith=CallerDocument

        * bindings/scripts/IDLAttributes.json:
        Remove CallerWindow, which has not been supported for a while. CallerDocument, despite 
        having it's support removed in the past, was still listed, so keep it.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        Update test results.

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createHTMLDocument):
        Update for new signature of Document.write().

        * dom/Document.h:
        * dom/Document.idl:
        * dom/Document.cpp:
        (WebCore::Document::open):
        Add DOMWindow returning overload that calls through to the DOMWindow.
        Add return value and currently not utilized parameters to the Document returning overload.
        Update to return exceptions as specified.

        (WebCore::Document::close):
        Update to return exceptions as specified.

        (WebCore::Document::write):
        (WebCore::Document::writeln):
        Update to take a Vector<String> argument and the caller Document first
        as per convention and return exceptions as specified.

        (WebCore::Document::bgColor):
        (WebCore::Document::setBgColor):
        (WebCore::Document::fgColor):
        (WebCore::Document::setFgColor):
        (WebCore::Document::alinkColor):
        (WebCore::Document::setAlinkColor):
        (WebCore::Document::linkColorForBindings):
        (WebCore::Document::setLinkColorForBindings):
        (WebCore::Document::vlinkColor):
        (WebCore::Document::setVlinkColor):
        (WebCore::Document::clear):
        (WebCore::Document::captureEvents):
        (WebCore::Document::releaseEvents):
        Move from HTMLDocument.

        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::bgColor): Deleted.
        (WebCore::HTMLDocument::setBgColor): Deleted.
        (WebCore::HTMLDocument::fgColor): Deleted.
        (WebCore::HTMLDocument::setFgColor): Deleted.
        (WebCore::HTMLDocument::alinkColor): Deleted.
        (WebCore::HTMLDocument::setAlinkColor): Deleted.
        (WebCore::HTMLDocument::linkColor): Deleted.
        (WebCore::HTMLDocument::setLinkColor): Deleted.
        (WebCore::HTMLDocument::vlinkColor): Deleted.
        (WebCore::HTMLDocument::setVlinkColor): Deleted.
        (WebCore::HTMLDocument::clear): Deleted.
        (WebCore::HTMLDocument::captureEvents): Deleted.
        (WebCore::HTMLDocument::releaseEvents): Deleted.
        * html/HTMLDocument.h:
        * html/HTMLDocument.idl:
        Moved operations and attributes to Document.

        * inspector/DOMPatchSupport.cpp:
        (WebCore::DOMPatchSupport::patchDocument):
        Update for new signature of Document.write().

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):
        (WebCore::DOMWindow::focus):
        * page/DOMWindow.h:
        Use the term incumbentWindow, matching IDL, and so not to be confused
        with the callerWindow, which is slightly different.

2017-06-16  Daniel Bates  <dabates@apple.com>

        Remove header OptionSet.h from FrameLoaderTypes.h
        https://bugs.webkit.org/show_bug.cgi?id=173489

        Reviewed by Joseph Pecoraro.

        Although the header FrameLoaderTypes.h defines exactly one enum class, ReloadOption, whose
        enumerators conform the power of two prerequisite for parameterizing an OptionSet for it
        FrameLoaderTypes.h does not actually make use of the functionality provided by header
        OptionSet.h. And not all source files that include FrameLoaderTypes.h need to use an OptionSet.

        * loader/DocumentLoader.h: Include <wtf/OptionSet.h>.
        * loader/FrameLoader.h: Ditto.
        * loader/FrameLoaderTypes.h: Remove header <wtf/OptionSet.h>.
        * replay/UserInputBridge.h: Include <wtf/Forward.h>.

2017-06-16  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Upstream iOS drag and drop implementation into OpenSource WebKit
        https://bugs.webkit.org/show_bug.cgi?id=173366
        <rdar://problem/32767014>

        Reviewed by Tim Horton.

        Moves all drag and drop logic previously hidden behind WebKitAdditions into the open source repository, along
        with unit test pages in TestWebKitAPI. Also removes all #includes and #imports of dragging-related files in
        WebKitAdditions from the open source repository.

        This initial upstreaming phase is only concerned with moving code out of WebKitAdditions, and attempts to
        preserve the code as-is, with the exception of trivial style changes so that the open source linter passes.
        Future patches will remove the DATA_INTERACTION feature flag altogether and unobscure all variable and function
        names referencing "data interaction".

        No change in behavior from the internal build.

        * Configurations/FeatureDefines.xcconfig:
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::createDraggingDataTransfer):
        (WebCore::EventHandler::eventLoopHandleMouseDragged):
        (WebCore::EventHandler::tryToBeginDataInteractionAtPoint):
        * platform/ios/DragImageIOS.mm:
        (WebCore::dragImageSize):
        (WebCore::scaleDragImage):
        (WebCore::createDragImageFromImage):
        (WebCore::deleteDragImage):
        (WebCore::createDragImageForLink):
        (WebCore::createDragImageIconForCachedImageFilename):
        (WebCore::platformAdjustDragImageForDeviceScaleFactor):
        (WebCore::createDragImageForSelection):
        (WebCore::dissolveDragImageToFraction):
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::Pasteboard):
        (WebCore::Pasteboard::setDragImage):
        (WebCore::Pasteboard::createForDragAndDrop):
        * platform/mac/DragDataMac.mm:
        (WebCore::rtfPasteboardType):
        (WebCore::rtfdPasteboardType):
        (WebCore::stringPasteboardType):
        (WebCore::urlPasteboardType):
        (WebCore::htmlPasteboardType):
        (WebCore::colorPasteboardType):
        (WebCore::pdfPasteboardType):
        (WebCore::tiffPasteboardType):
        (WebCore::DragData::asFilenames):
        (WebCore::DragData::containsURL):
        (rtfPasteboardType): Deleted.
        (rtfdPasteboardType): Deleted.
        (stringPasteboardType): Deleted.
        (urlPasteboardType): Deleted.
        (htmlPasteboardType): Deleted.
        (colorPasteboardType): Deleted.
        (pdfPasteboardType): Deleted.
        (tiffPasteboardType): Deleted.

2017-06-16  Youenn Fablet  <youenn@apple.com>

        addTransceiver should trigger mid generation in the SDP
        https://bugs.webkit.org/show_bug.cgi?id=173452

        Reviewed by Alex Christensen.

        Test: webrtc/video-addTransceiver.html

        Adding support for recvonly SDP based on call to addTransceiver.
        Using offer_to_receive options of libwebrtc for that purpose.

        Making sure that addTransceiver and using a real track afterwards is working too.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::enqueueReplaceTrackTask): notify the backend that a track is added in case the sender has no track.
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::shouldOfferAllowToReceiveAudio): Detect whether some audio mid should be recvonly.
        (WebCore::LibWebRTCMediaEndpoint::shouldOfferAllowToReceiveVideo): Detect whether some video mid should be recvonly.
        (WebCore::LibWebRTCMediaEndpoint::doCreateOffer):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:

2017-06-16  Youenn Fablet  <youenn@apple.com>

        WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging is crashing
        https://bugs.webkit.org/show_bug.cgi?id=173493

        Reviewed by Eric Carlson.

        Speculative preventive fix.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):

2017-06-16  Alex Christensen  <achristensen@webkit.org>

        Show punycode to user if a URL has dotless i or j followed by diacritic dot
        https://bugs.webkit.org/show_bug.cgi?id=173431

        Reviewed by Darin Adler.

        Covered by new API tests.

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):
        (WebCore::allCharactersInIDNScriptWhiteList):
        (WebCore::createStringWithEscapedUnsafeCharacters):

2017-06-16  Youenn Fablet  <youenn@apple.com>

        [iOS] Switching cameras in a WebRTC call makes black frames being sent
        https://bugs.webkit.org/show_bug.cgi?id=173486

        Reviewed by Eric Carlson.

        Test: webrtc/video-replace-muted-track.html

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::updateBlackFramesSending):
        Ensuring the timer is stopped if needed.
        (WebCore::RealtimeOutgoingVideoSource::initializeFromSource):
        Calling updateBlackFramesSending to stop sending frame if needed.

2017-06-16  Youenn Fablet  <youenn@apple.com>

        Remove replaceTrack restriction about video resolution
        https://bugs.webkit.org/show_bug.cgi?id=173490

        Reviewed by Eric Carlson.

        Covered by updated tests.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):

2017-06-16  Jeremy Jones  <jeremyj@apple.com>

        Handle timeout of prepareForPictureInPictureStopWithCompletionHandler.
        https://bugs.webkit.org/show_bug.cgi?id=173462
        rdar://problem/32128170

        Reviewed by Jer Noble.

        No new tests because no effect on the DOM.

        If WebVideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler doesn't respond fast enough,
        the caller will timeout and call will/didStopPictureInPicture.

        This is getting fullscreen state confused.

        This change keeps state consistent by handling will/didStopPictureInPicture possibly being called before
        prepareForPictureInPictureStopWithCompletionHandler calls its callback.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::willStopPictureInPicture):
        (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
        (WebVideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler):
        (WebVideoFullscreenInterfaceAVKit::watchdogTimerFired):

2017-06-16  Myles C. Maxfield  <mmaxfield@apple.com>

        Make builds faster after r218371
        https://bugs.webkit.org/show_bug.cgi?id=173453

        Reviewed by Tim Horton.

        Remove #includes from .h files.

        No new tests because there is no behavior change.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj: Add new .cpp file, and sort the project file
        * platform/graphics/FontFamilySpecificationNull.cpp: Copied from Source/WebCore/platform/graphics/FontFamilySpecificationNull.h.
        (WebCore::FontFamilySpecificationNull::fontRanges):
        * platform/graphics/FontFamilySpecificationNull.h:
        (WebCore::FontFamilySpecificationNull::fontRanges): Deleted.
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
        (WebCore::FontFamilySpecificationCoreText::FontFamilySpecificationCoreText):
        (WebCore::FontFamilySpecificationCoreText::~FontFamilySpecificationCoreText):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.h:
        (WebCore::FontFamilySpecificationCoreText::FontFamilySpecificationCoreText): Deleted.

2017-06-16  Chris Dumez  <cdumez@apple.com>

        [WK2] Add WKProcessPool SPI to efficiently reset all plugin load client policies
        https://bugs.webkit.org/show_bug.cgi?id=173472
        <rdar://problem/28858817>

        Reviewed by Brady Eidson.

        Add PluginLoadClientPolicyMaximum value to PluginLoadClientPolicy enumeration
        to facilitate input value validation on API side.

        * plugins/PluginData.h:

2017-06-16  Jer Noble  <jer.noble@apple.com>

        [iOS] Do not pause playing video when application resigns active state.
        https://bugs.webkit.org/show_bug.cgi?id=173474

        Reviewed by Tim Horton.

        Test: media/video-inactive-playback.html

        Separate out the concept of "inactive" playback from "process background" playback.
        Move the implementation of applicationDidEnterBackground() from MediaSessionManagerIOS
        into it's superclass, PlatformMediaSessionManager, and add a new set of restrictions
        for "InactiveProcessPlaybackRestricted" and "SuspendedUnderLockPlaybackRestricted".
        Leave the default restriction set for iOS as "BackgroundProcessPlaybackRestricted" and
        "SuspendedUnderLockPlaybackRestricted", to preserve the existing behavior of suspending
        playback when switching apps or when locking the device.

        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::interruptionName):
        * platform/audio/PlatformMediaSession.h:
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::applicationWillBecomeInactive):
        (WebCore::PlatformMediaSessionManager::applicationDidBecomeActive):
        (WebCore::PlatformMediaSessionManager::applicationDidEnterBackground):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterBackground): Deleted.
        (WebCore::PlatformMediaSessionManager::applicationDidEnterForeground): Deleted.
        * platform/audio/PlatformMediaSessionManager.h:
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::resetRestrictions):
        (-[WebMediaSessionHelper applicationDidBecomeActive:]):
        (-[WebMediaSessionHelper applicationWillResignActive:]):
        (WebCore::MediaSessionManageriOS::applicationDidEnterBackground): Deleted.
        (WebCore::MediaSessionManageriOS::applicationWillEnterForeground): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::applicationWillBecomeInactive):
        (WebCore::Internals::applicationDidBecomeActive):
        (WebCore::Internals::applicationWillEnterForeground):
        (WebCore::Internals::applicationDidEnterBackground):
        (WebCore::Internals::setMediaSessionRestrictions):
        (WebCore::Internals::applicationDidEnterForeground): Deleted.
        (WebCore::Internals::applicationWillEnterBackground): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-16  Alex Christensen  <achristensen@webkit.org>

        REGRESSION (r213126): Sync XHR needs partition for cache and credentials
        https://bugs.webkit.org/show_bug.cgi?id=173496
        <rdar://problem/31943596>

        Reviewed by Darin Adler.

        Test: http/tests/security/sync-xhr-partition.html

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):

2017-06-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r218402 and r218404.
        https://bugs.webkit.org/show_bug.cgi?id=173494

        Seems to have mysteriously broken the build in bizarre ways
        (Requested by thorton on #webkit).

        Reverted changesets:

        "Include a few widespread WTF headers in WebCorePrefix.h"
        https://bugs.webkit.org/show_bug.cgi?id=173481
        http://trac.webkit.org/changeset/218402

        "Fix the Windows build after r218402"
        http://trac.webkit.org/changeset/218404

2017-06-16  Brady Eidson  <beidson@apple.com>

        REGRESSION (r218015) IconLoaders for already-cached resources expect to be asynchronous, no longer are.
        <rdar://problem/32817519> and https://bugs.webkit.org/show_bug.cgi?id=173478

        Reviewed by Daniel Bates.

        Covered by API test.

        Being synchronous is actually better as it's resolved another issue or two.
        But only if we can actually deliver the data without crashing first.
        So let's do that.
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::didGetLoadDecisionForIcon): Put the IconLoader in the set of active icon loaders
          before actually starting the icon loading.

2017-06-16  Jeremy Jones  <jeremyj@apple.com>

        Don't use WebCore Timer from code that runs in the UI process.
        https://bugs.webkit.org/show_bug.cgi?id=173460
        rdar://problem/32750731

        Reviewed by Jer Noble.

        If a WebCore Timer is fired from the WebKit2 UI process, it will
        create a web thread, which can cause a crash in this instance.

        It was also causing the timer to be called back on the wrong thread.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit):

2017-06-16  Timothy Horton  <timothy_horton@apple.com>

        Fix the Windows build after r218402

        * WebCorePrefix.h:
        I typed #import instead of #include on auto-pilot, and ... it mostly worked!
        Except Windows.

2017-06-16  Jeremy Jones  <jeremyj@apple.com>

        Hide inline captions in fullscreen. Remove fullscreen captions when no longer needed.
        https://bugs.webkit.org/show_bug.cgi?id=173482

        Reviewed by Eric Carlson.

        Hide the inline captions while they are presenting to fullscreen.
        Remove the text track representation as soon as it is no longer needed.
        This allows the text track to render properly when returning to inline.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation):

2017-06-16  Tim Horton  <timothy_horton@apple.com>

        Include a few widespread WTF headers in WebCorePrefix.h
        https://bugs.webkit.org/show_bug.cgi?id=173481

        Reviewed by Alex Christensen.

        * WebCorePrefix.h:
        These are four of the headers that contribute the most pre-processed
        source to the WebCore build. They (and their dependents) change infrequently
        enough that a world rebuild of WebCore when they change seems like an
        acceptable tradeoff for the ~9% reduction in WebCore build time that I
        measure from this change.

2017-06-16  Antoine Quint  <graouts@apple.com>

        REGRESSION: AirPlay placard is not shown when in fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=173447
        <rdar://problem/32803773>

        Reviewed by Jon Lee.

        We only allowed a placard to be set on inline controls, but that was an oversight: placards
        should be displayed in fullscreen as well. As such, we move the "placard" property up from
        InlineMediaControls to MediaControls, and update the layout() logic in MacOSFullscreenMediaControls
        to display a placard.

        Test: media/modern-media-controls/placard-support/placard-support-airplay-fullscreen.html

        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls):
        (InlineMediaControls.prototype.layout):
        (InlineMediaControls.prototype.get placard): Deleted.
        (InlineMediaControls.prototype.set placard): Deleted.
        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js:
        (MacOSFullscreenMediaControls.prototype.layout):
        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.get placard):
        (MediaControls.prototype.set placard):
        (MediaControls.prototype.placardPreventsControlsBarDisplay):
        (MediaControls.prototype.layout):
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype._updatePlacard):
        (PlacardSupport):

2017-06-16  Jer Noble  <jer.noble@apple.com>

        [WebRTC] Removing a MediaStreamTrack from a MediaStream reports no recording to WebKit clients
        https://bugs.webkit.org/show_bug.cgi?id=173398
        <rdar://problem/32592961>

        Reviewed by Eric Carlson.

        API Test: Tests/WebKit2/MediaStreamTrackDetached.mm

        Move the definition of a MediaStream as a MediaProducer from the stream itself to its constituent
        MediaStreamTracks. This ensures that, even if a MediaStreamTrack is removed from its stream, the
        document (and thus the clients) are notified that media capture is still occurring.

        Though MediaStream is no longer a MediaProducer, it still uses the MediaProducer's state concept
        to determine when to fire events. However it's mediaState() implementation will be moved into
        MediaStreamTrack, and will instead simply bitwise-or together each of it's track's mediaState().

        The MediaStream notifies the document that its state has changed asynchronously, so do the same
        for MediaStreamTrack (which reduces the number of calls to the client when changes all occur
        during a single run loop).

        Because the MediaStreamTrackPrivate may be started externally (not by the MediaStreamTrack directly),
        add a new client method that notifies observers when the track has been started, and the
        MediaStreamTrack will use this notification to update the document with it's new mediaState().

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::~MediaStream):
        (WebCore::MediaStream::mediaState):
        (WebCore::MediaStream::statusDidChange):
        (WebCore::MediaStream::characteristicsChanged):
        (WebCore::MediaStream::pageMutedStateDidChange): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::MediaStreamTrack):
        (WebCore::MediaStreamTrack::~MediaStreamTrack):
        (WebCore::MediaStreamTrack::pageMutedStateDidChange):
        (WebCore::MediaStreamTrack::mediaState):
        (WebCore::MediaStreamTrack::trackStarted):
        (WebCore::MediaStreamTrack::configureTrackRendering):
        (WebCore::MediaStreamTrack::stop):
        (WebCore::MediaStreamTrack::document):
        * Modules/mediastream/MediaStreamTrack.h:
        (WebCore::MediaStreamTrack::source):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::trackStarted):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::sourceStarted):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::start):
        * platform/mediastream/RealtimeMediaSource.h:

2017-06-16  Antoine Quint  <graouts@apple.com>

        Backdrop blur missing in media controls bar on Sierra
        https://bugs.webkit.org/show_bug.cgi?id=173451

        Reviewed by Simon Fraser.

        On Sierra, we need to enforce a stacking context on controls bars to guarantee that
        the backdrop filters on the BackgroundTint are applied correctly.

        Test: media/modern-media-controls/controls-bar/controls-bar-stacking-context.html

        * Modules/modern-media-controls/controls/controls-bar.css:
        (.controls-bar):

2017-06-16  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218375.

        The API test MediaStreamTrackDetached is still timing out
        after the patch

        Reverted changeset:

        "[WebRTC] Removing a MediaStreamTrack from a MediaStream
        reports no recording to WebKit clients"
        https://bugs.webkit.org/show_bug.cgi?id=173398
        http://trac.webkit.org/changeset/218375

2017-06-15  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION: Media control glyphs appear to invert colors when video is dragged
        https://bugs.webkit.org/show_bug.cgi?id=173455
        rdar://problem/32726887

        Reviewed by Tim Horton.

        Masks on composited layers were not correctly painted in drag images, because RenderLayer::paintLayerContents()
        failed to pass the PaintBehaviorFlattenCompositingLayers flag down through the mask drawing code, causing
        RenderBox::paintMaskImages() to fall into the composited mask code path.

        Fix by making a local copy of PaintBehavior, and setting the PaintBehaviorFlattenCompositingLayers and PaintBehaviorSnapshotting
        bits on it as appropriate, and passing it into paintMaskForFragments() and paintChildClippingMaskForFragments(). This is similar
        to code above.

        Can't test drag images.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintMaskForFragments):
        (WebCore::RenderLayer::paintChildClippingMaskForFragments):
        * rendering/RenderLayer.h:

2017-06-16  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218376.

        The patch cause multiple Layout Test Crashes.

        Reverted changeset:

        "Web Inspector: Instrument 2D/WebGL canvas contexts in the
        backend"
        https://bugs.webkit.org/show_bug.cgi?id=172623
        http://trac.webkit.org/changeset/218376

2017-06-16  Daniel Bates  <dabates@apple.com>

        Use the term icon instead of favicon
        https://bugs.webkit.org/show_bug.cgi?id=173400

        Reviewed by Alex Christensen.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent):
        (WebCore::InspectorPageAgent::cachedResourceType):
        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient):
        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType):
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded):
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::CachedRawResource):
        * loader/cache/CachedRawResource.h:
        (isType):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::defaultPriorityForResourceType):
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::isMainOrMediaOrIconOrRawResource):
        (WebCore::CachedResource::ignoreForRequestCount):
        (WebCore::CachedResource::isMainOrMediaOrFaviconOrRawResource): Deleted.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource):
        (WebCore::CachedResourceLoader::requestIcon):
        (WebCore::contentTypeFromResourceType):
        (WebCore::CachedResourceLoader::checkInsecureContent):
        (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        (WebCore::CachedResourceLoader::requestFavicon): Deleted.
        * loader/cache/CachedResourceLoader.h:
        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::startLoading):

2017-06-16  Per Arne Vollan  <pvollan@apple.com>

        WebKit does not honor closed caption stroke width.
        https://bugs.webkit.org/show_bug.cgi?id=173402

        Reviewed by Eric Carlson.

        WebKit currently has an upper limit on the stroke width returned from MACaptionAppearanceCopyFontDescriptorWithStrokeForStyle.
        Since only half the stroke is visible because the stroke is drawn before the fill, double the stroke width from
        MediaAccessibility to get the correct visual stroke width. Also, the stroke width returned from this function should not be
        interpreted as CSS points, but as CSS pixels.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::updateTextStrokeStyle):
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionStrokeWidthForFont):

2017-06-16  Per Arne Vollan  <pvollan@apple.com>

        [Win] WebKit renders scrollbar wrong at 125% scale.
        https://bugs.webkit.org/show_bug.cgi?id=173363

        Reviewed by Darin Adler.

        Scrollbars are drawn with the GDI function DrawThemeBackground. Sometimes, the GDI clip
        rectangle will be too small since we clamp a FloatRect to integer values when setting the
        GDI clip rectangle.

        * platform/graphics/win/GraphicsContextWin.cpp:
        (WebCore::GraphicsContextPlatformPrivate::clip):

2017-06-15  Mark Lam  <mark.lam@apple.com>

        Add a JSRunLoopTimer registry in VM.
        https://bugs.webkit.org/show_bug.cgi?id=173429
        <rdar://problem/31287961>

        Reviewed by Filip Pizlo.

        No new tests needed because:
        1. it's already covered: it was also originally discovered by our API tests while
           running on the iOS simulator. The test was intermittently failing on a debug
           build.
        2. the issue is racy (it depends on a JSRunLoopTimer firing at the right time).
           Hence, it's non trivial to write a better test than the one we already have.

        * bindings/js/CommonVM.cpp:
        (WebCore::commonVMSlow):

2017-06-15  Antoine Quint  <graouts@apple.com>

        REGRESSION: AirPlay button is incorrectly highlighted in inline and fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=173446

        Reviewed by Dean Jackson.

        A button's color should be applied to its <picture> element, not the containing
        <button> element.

        * Modules/modern-media-controls/controls/airplay-button.css:
        (button.airplay.on > picture):
        (button.airplay.on): Deleted.

2017-06-15  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Instrument 2D/WebGL canvas contexts in the backend
        https://bugs.webkit.org/show_bug.cgi?id=172623
        <rdar://problem/32415986>

        Reviewed by Devin Rousso.

        Test: inspector/canvas/create-canvas-contexts.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:

        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasElement):
        Instrument creation of CSS canvases. This merely registers the canvas
        element with InspectorCanvasAgent and stores the name (identifier passed
        to getCSSCanvasContext) for later use. It isn't until the context is
        actually created that the frontend receives a notification.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext2d):
        (WebCore::HTMLCanvasElement::getContextWebGL):
        Instrument creation of 2D and WebGL canvas contexts.

        * inspector/InspectorAllInOne.cpp:

        * inspector/InspectorCanvasAgent.cpp: Added.
        New backend agent for canvas inspection. Canvas creation and destruction
        are continuously monitored by the agent, regardless of the presence of
        a frontend. This is necessary since there is no way to retrieve the
        rendering contexts for with a given frame once they've been created.

        (WebCore::InspectorCanvasAgent::InspectorCanvasAgent):
        (WebCore::InspectorCanvasAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::willDestroyFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::discardAgent):
        Unregister canvas observers to prevent dangling agent pointer.
        (WebCore::InspectorCanvasAgent::enable):
        Dispatch events for existing canvases, now that the frontend exists.
        (WebCore::InspectorCanvasAgent::disable):
        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didCreateCSSCanvas):
        Register the name/identifier associated with the CSS canvas, so that it
        can be retrieved and associated with the rendering context later.

        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        (WebCore::InspectorCanvasAgent::canvasDestroyed):
        Removes the canvas from the agent, and queues it for notifying the
        frontend during the next event loop.

        (WebCore::InspectorCanvasAgent::canvasDestroyedTimerFired):
        (WebCore::InspectorCanvasAgent::clearCanvasData):
        (WebCore::InspectorCanvasAgent::getCanvasEntry):
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):
        * inspector/InspectorCanvasAgent.h: Added.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didCreateCSSCanvas):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
        These instrumentation points should not fast return when no frontend
        is attached.

        * inspector/InstrumentingAgents.cpp:
        (WebCore::InstrumentingAgents::reset):

        * inspector/InstrumentingAgents.h:
        (WebCore::InstrumentingAgents::inspectorCanvasAgent):
        (WebCore::InstrumentingAgents::setInspectorCanvasAgent):
        Plumbing for the new agent.

2017-06-15  Jer Noble  <jer.noble@apple.com>

        [WebRTC] Removing a MediaStreamTrack from a MediaStream reports no recording to WebKit clients
        https://bugs.webkit.org/show_bug.cgi?id=173398
        <rdar://problem/32592961>

        Reviewed by Eric Carlson.

        API Test: Tests/WebKit2/MediaStreamTrackDetached.mm

        Move the definition of a MediaStream as a MediaProducer from the stream itself to its constituent
        MediaStreamTracks. This ensures that, even if a MediaStreamTrack is removed from its stream, the
        document (and thus the clients) are notified that media capture is still occurring.

        Though MediaStream is no longer a MediaProducer, it still uses the MediaProducer's state concept
        to determine when to fire events. However it's mediaState() implementation will be moved into
        MediaStreamTrack, and will instead simply bitwise-or together each of it's track's mediaState().

        The MediaStream notifies the document that its state has changed asynchronously, so do the same
        for MediaStreamTrack (which reduces the number of calls to the client when changes all occur
        during a single run loop).

        Because the MediaStreamTrackPrivate may be started externally (not by the MediaStreamTrack directly),
        add a new client method that notifies observers when the track has been started, and the
        MediaStreamTrack will use this notification to update the document with it's new mediaState().

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::~MediaStream):
        (WebCore::MediaStream::mediaState):
        (WebCore::MediaStream::statusDidChange):
        (WebCore::MediaStream::characteristicsChanged):
        (WebCore::MediaStream::pageMutedStateDidChange): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::MediaStreamTrack):
        (WebCore::MediaStreamTrack::~MediaStreamTrack):
        (WebCore::MediaStreamTrack::pageMutedStateDidChange):
        (WebCore::MediaStreamTrack::mediaState):
        (WebCore::MediaStreamTrack::trackStarted):
        (WebCore::MediaStreamTrack::configureTrackRendering):
        (WebCore::MediaStreamTrack::stop):
        (WebCore::MediaStreamTrack::document):
        * Modules/mediastream/MediaStreamTrack.h:
        (WebCore::MediaStreamTrack::source):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::trackStarted):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::sourceStarted):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::start):
        * platform/mediastream/RealtimeMediaSource.h:

2017-06-15  Simon Fraser  <simon.fraser@apple.com>

        Use WTFLogAlways for debug logging so that it shows up in device system logs
        https://bugs.webkit.org/show_bug.cgi?id=173450

        Reviewed by Tim Horton.

        If you want to showRenderTree() on-device, the result doesn't show in system log so you can't see it
        Switch to WTFLogAlways to fix this, for all the debug logging in WebCore.
        
        Also WKError () -> WKError() in the old WAK code, to allow for easier searching pending cleanup.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::~AudioContext):
        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::~AudioNode):
        (WebCore::AudioNode::ref):
        (WebCore::AudioNode::finishDeref):
        (WebCore::AudioNode::printNodeCounts):
        * bridge/objc/objc_instance.mm:
        (ObjcInstance::invokeObjcMethod):
        * bridge/objc/objc_utility.mm:
        (JSC::Bindings::convertObjcValueToValue):
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::showStyle):
        * dom/DocumentMarkerController.cpp:
        (DocumentMarkerController::showMarkers):
        * dom/Node.cpp:
        (WebCore::Node::showNode):
        (WebCore::Node::showNodePathForThis):
        (WebCore::traverseTreeAndMark):
        * dom/Position.cpp:
        (WebCore::Position::debugPosition):
        (WebCore::Position::showAnchorTypeAndOffset):
        * dom/Range.cpp:
        (showTree):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::debugRenderer):
        * editing/VisiblePosition.cpp:
        (WebCore::VisiblePosition::debugPosition):
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::debugPosition):
        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::showTreeWithIndent):
        * html/parser/HTMLFormattingElementList.cpp:
        (WebCore::HTMLFormattingElementList::show):
        * inspector/DOMPatchSupport.cpp:
        (WebCore::DOMPatchSupport::dumpMap):
        * page/scrolling/ScrollingStateTree.cpp:
        (showScrollingStateTree):
        * platform/audio/ios/AudioDestinationIOS.cpp:
        (WebCore::AudioDestinationIOS::frameSizeChangedProc):
        * platform/graphics/GraphicsLayer.cpp:
        (showGraphicsLayerTree):
        * platform/graphics/displaylists/DisplayList.cpp:
        (WebCore::DisplayList::DisplayList::dump):
        * platform/ios/wak/WAKView.mm:
        (+[WAKView _wrapperForViewRef:]):
        (-[WAKView displayRect:]):
        (-[WAKView displayRectIgnoringOpacity:inContext:]):
        * platform/ios/wak/WKUtilities.c:
        (WKRelease):
        * platform/ios/wak/WKView.mm:
        (_WKViewSetViewContext):
        (WKViewGetBounds):
        (WKViewGetFrame):
        (_WKViewRecursivelyInvalidateGState):
        (WKViewSetFrameOrigin):
        (WKViewSetFrameSize):
        (WKViewGetWindow):
        (WKViewGetSubviews):
        (WKViewAddSubview):
        (WKViewRemoveFromSuperview):
        (WKViewFirstChild):
        (WKViewNextSibling):
        (WKViewTraverseNext):
        (WKViewGetVisibleRect):
        (WKViewConvertRectToSuperview):
        (WKViewConvertRectToBase):
        (WKViewConvertPointToSuperview):
        (WKViewConvertPointFromSuperview):
        (WKViewConvertPointToBase):
        (_WKViewGetAncestorViewsIncludingView):
        (WKViewConvertPointFromBase):
        (WKViewConvertRectFromSuperview):
        (WKViewConvertRectFromBase):
        (WKViewGetAutoresizingMask):
        (WKViewSetAutoresizingMask):
        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::dumpTextEncodingNameMap):
        * rendering/CounterNode.cpp:
        (WebCore::showTreeAndMark):
        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::showLineBox):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::showLineBox):
        * rendering/RenderCounter.cpp:
        (showCounterRendererTree):
        * rendering/RenderLayer.cpp:
        (WebCore::showLayerTree):
        * rendering/RenderObject.cpp:
        (WebCore::showRenderTreeLegend):
        (WebCore::RenderObject::showRegionsInformation):
        (WebCore::RenderObject::showRenderObject):
        (WebCore::printRenderTreeForLiveDocuments):
        (WebCore::printLayerTreeForLiveDocuments):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::printPrefix):
        (WebCore::SimpleLineLayout::showLineLayoutForFlow):
        * rendering/svg/SVGResources.cpp:
        (WebCore::SVGResources::dump):
        * rendering/svg/SVGResourcesCycleSolver.cpp:
        (WebCore::SVGResourcesCycleSolver::resolveCycles):
        * rendering/svg/SVGTextLayoutAttributes.cpp:
        (WebCore::dumpSVGCharacterDataMapValue):
        (WebCore::SVGTextLayoutAttributes::dump):
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::dumpTextBoxes):
        (WebCore::SVGTextLayoutEngine::finishLayout):

2017-06-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Removing stray whitespace after r218371
        https://bugs.webkit.org/show_bug.cgi?id=173043

        Unreviewed.

        No new tests because there is no behavior change.

        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::shouldIgnoreRotation):
        (WebCore::glyphDataForNonCJKCharacterWithGlyphOrientation):
        * platform/graphics/FontDescription.cpp:
        * platform/graphics/FontDescription.h:
        * platform/graphics/FontFamilySpecificationNull.h:
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::systemFontParameters):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp:
        (WebCore::FontFamilySpecificationCoreText::fontRanges):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.h:

2017-06-15  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Expand system-ui to include every item in the Core Text cascade list
        https://bugs.webkit.org/show_bug.cgi?id=173043
        <rdar://problem/21125708>

        Reviewed by Simon Fraser.

        The concept of the system font on Cocoa platforms represents the entire Core Text cascade list.
        However, previously, WebKit only represented system-ui by pulling out the first item in the Core
        Text cascade list. Instead, we should make all text rendered with "system-ui" match what the
        platform would natively render.

        Previously, we walked through the strings in the font-family property and looked them up one by
        one. However, now we want to abstract this idea of a font family to possibly hold a
        CTFontDescriptorRef instead of a string. This way, we expand a font-family list of ["fontA",
        "system-ui", "fontB"] to ["fontA", ... a bunch of CTFontDescriptorRefs ..., "FontB"]. We can
        then modify the consumer of this object to have two codepaths: the old string-based codepath,
        and a new, platform-specific codepath which simply embeds the CTFontDesriptorRefs inside a Font
        object.

        We don't want to simply pull out the family name from each item in the Core Text fallback list
        because that is a lossy translation. There is more information in these font descriptors which
        cannot be represented by CSS. Therefore, we must keep the descriptors alive and add the new
        codepath for them.

        We also don't want to run the CSS font matching algorithm on each member of the Core Text
        fallback list because it may yield different results from Core Text's font matching algorithm.
        Our goal is to draw text as closely as possible to the system APIs. If we ran it, we may find
        a font which is closer to the requested traits, but it would look out of place on the system.

        This new codepath is only enabled on macOS High Sierra and iOS 11, because enabling it on all
        operating systems would make fixing https://bugs.webkit.org/show_bug.cgi?id=173300 impossible.

        Tests: fast/text/system-font-fallback-emoji.html
               fast/text/system-font-fallback.html
               fast/text/system-font-zero-size.html

        * WebCore.xcodeproj/project.pbxproj:
        * page/MemoryRelease.cpp:
        (WebCore::releaseNoncriticalMemory):
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::realizeNextFallback): The consumer of our new data type. Now uses WTF::visit().
        (WebCore::FontCascadeFonts::realizeFallbackRangesAt): Now that the number of items to test
        against the current character is larger than the number of strings in the font-family list,
        we need to update the existing code to use the correct value.
        * platform/graphics/FontDescription.cpp: Default implementation for non-Cocoa ports.
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount):
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/FontDescription.h: Our new data type is a Variant of AtomicString and a
        platform-specific class. Cocoa uses a class that holds a CTFontDescriptorRef and other ports
        use an empty non-constructable class.
        * platform/graphics/FontFamilySpecificationNull.h: Added. The empty non-constructable
        class.
        (WebCore::FontFamilySpecificationNull::fontRanges):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::fontCacheRegisteredFontsChangedNotificationCallback):
        (WebCore::FontCache::platformInit): Changing the system language will change the system font
        fallback list, so we need to listen to this notification. This also matters for
        FontCache::systemFallbackForCharacters(), so we should build off the same callback we are
        already using for font installation.
        (WebCore::invalidateFontCache):
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp: Added. The platform-specific creation of
        our CTFontDescriptorRefs. We hold them cached in a SystemFontDatabase.
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParameters):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::isHashTableDeletedValue):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator==):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash):
        (WebCore::SystemFontDatabase::singleton):
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::SystemFontDatabase::clear):
        (WebCore::SystemFontDatabase::SystemFontDatabase):
        (WebCore::SystemFontDatabase::applyWeightAndItalics):
        (WebCore::SystemFontDatabase::removeCascadeList):
        (WebCore::SystemFontDatabase::computeCascadeList):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::hash):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::equal):
        (WebCore::isSystemFontString):
        (WebCore::systemFontParameters):
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount): We don't store the result of this
        because it would probably be a bad idea to increase the size of every single FontCascade just
        in case it might ask for the system font. Most fonts never mention system-ui. Because it's so
        rare, we can just recalculate the result of this as necessary. This shouldn't be slow because
        the results are cached.
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp: Added.
        (WebCore::FontFamilySpecificationCoreText::fontRanges): Create a FontRanges from a
        CTFontDescriptorRef.
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.h: Added.
        (WebCore::FontFamilySpecificationCoreText::FontFamilySpecificationCoreText):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2017-06-15  David Kilzer  <ddkilzer@apple.com>

        Revert: [iOS] Generate a simulated crash when the WebThread starts in MobileSafari
        <https://webkit.org/b/173386>
        <rdar://problem/32776426>

        Revert r218347 and r218339 since we're going to take a different
        approach to investigating a crash on the WebThread.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/ios/CrashReporterSupportSoftLink.h: Remove.
        * platform/ios/CrashReporterSupportSoftLink.mm: Remove.
        * platform/ios/wak/WebCoreThread.mm:
        (WebThreadEnable):
        * platform/spi/ios/CrashReporterSupportSPI.h: Remove.

2017-06-15  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218365.

        The revision caused API timeouts on all builds.

        Reverted changeset:

        "[WebRTC] Removing a MediaStreamTrack from a MediaStream
        reports no recording to WebKit clients"
        https://bugs.webkit.org/show_bug.cgi?id=173398
        http://trac.webkit.org/changeset/218365

2017-06-15  Simon Fraser  <simon.fraser@apple.com>

        Allow use of Layout* TextStream operators in WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=173440

        Reviewed by Zalan Bujtas.

        Export TextStream& operator<< for LayoutPoint, LayoutSize and LayoutRect so that
        WebKit2 can log them.

        Use #pragma once in these geometry headers.

        * platform/graphics/FloatPoint.h:
        * platform/graphics/FloatRect.h:
        * platform/graphics/FloatSize.h:
        * platform/graphics/IntPoint.h:
        * platform/graphics/IntRect.h:
        * platform/graphics/IntSize.h:
        * platform/graphics/LayoutPoint.h:
        * platform/graphics/LayoutRect.h:
        * platform/graphics/LayoutSize.h:

2017-06-15  Antoine Quint  <graouts@apple.com>

        Modern media controls tests error in Button.js
        https://bugs.webkit.org/show_bug.cgi?id=173439

        Reviewed by Dean Jackson.

        Tests would sometime yield an error when commit() would be called and the _imageSource
        ivar hadn't been set. To more safely commit the mask image when it's loaded, we now use
        a markDirtyProperty() call and a commitProperty() override to ensure that we cover the
        case where we want to commit the mask image, and for other commits not to have to worry
        about the mask image being defined.

        * Modules/modern-media-controls/controls/button.js:
        (Button.prototype.commitProperty):
        (Button.prototype._updateImage):
        (Button.prototype.commit): Deleted.

2017-06-15  Jer Noble  <jer.noble@apple.com>

        [WebRTC] Removing a MediaStreamTrack from a MediaStream reports no recording to WebKit clients
        https://bugs.webkit.org/show_bug.cgi?id=173398
        <rdar://problem/32592961>

        Reviewed by Eric Carlson.

        API Test: Tests/WebKit2/MediaStreamTrackDetached.mm

        Move the definition of a MediaStream as a MediaProducer from the stream itself to its constituent
        MediaStreamTracks. This ensures that, even if a MediaStreamTrack is removed from its stream, the
        document (and thus the clients) are notified that media capture is still occurring.

        Though MediaStream is no longer a MediaProducer, it still uses the MediaProducer's state concept
        to determine when to fire events. However it's mediaState() implementation will be moved into
        MediaStreamTrack, and will instead simply bitwise-or together each of it's track's mediaState().

        The MediaStream notifies the document that its state has changed asynchronously, so do the same
        for MediaStreamTrack (which reduces the number of calls to the client when changes all occur
        during a single run loop).

        Because the MediaStreamTrackPrivate may be started externally (not by the MediaStreamTrack directly),
        add a new client method that notifies observers when the track has been started, and the
        MediaStreamTrack will use this notification to update the document with it's new mediaState().

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::~MediaStream):
        (WebCore::MediaStream::mediaState):
        (WebCore::MediaStream::statusDidChange):
        (WebCore::MediaStream::characteristicsChanged):
        (WebCore::MediaStream::pageMutedStateDidChange): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::MediaStreamTrack):
        (WebCore::MediaStreamTrack::~MediaStreamTrack):
        (WebCore::MediaStreamTrack::pageMutedStateDidChange):
        (WebCore::MediaStreamTrack::mediaState):
        (WebCore::MediaStreamTrack::trackStarted):
        (WebCore::MediaStreamTrack::configureTrackRendering):
        (WebCore::MediaStreamTrack::stop):
        (WebCore::MediaStreamTrack::document):
        * Modules/mediastream/MediaStreamTrack.h:
        (WebCore::MediaStreamTrack::source):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::trackStarted):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::sourceStarted):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::start):
        * platform/mediastream/RealtimeMediaSource.h:

2017-06-15  Jonathan Bedard  <jbedard@apple.com>

        Unreviewed build fix after r218336

        * platform/spi/cocoa/PassKitSPI.h: Add missing #ifdefs for Internal builds.

2017-06-15  Antoine Quint  <graouts@apple.com>

        Ensure we only log changes to the ScriptedAnimationController suspended state in debug builds
        https://bugs.webkit.org/show_bug.cgi?id=173423

        Reviewed by Tim Horton.

        We added logging for when the suspended state of the scripted animation controller would change in
        webkit.org/b/173326. It was meant to only be enabled in debug builds and we actually did the wrong
        thing and enabled it in non-debug builds.

        We also added a setting that wasn't used and that we are removing here.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::logSuspendCount):
        * page/Settings.in:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::shouldLogScritedAnimationControllerSuspensionChange): Deleted.
        (WebCore::InternalSettings::setShouldLogScritedAnimationControllerSuspensionChange): Deleted.
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2017-06-15  David Kilzer  <ddkilzer@apple.com>

        Build fix: [iOS] Generate a simulated crash when the WebThread starts in MobileSafari
        <https://webkit.org/b/173386>
        <rdar://problem/32776426>

        * platform/ios/CrashReporterSupportSoftLink.h:
        * platform/ios/CrashReporterSupportSoftLink.mm:
        * platform/ios/wak/WebCoreThread.mm:
        (WebThreadEnable): Log to the console on iOS Simulator.
        * platform/spi/ios/CrashReporterSupportSPI.h:
        - CrashReporterSupport.h is not available on iOS Simulator, so
          restrict to iOS hardware only.

2017-06-15  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r218318.

        Seems to have caused an 11% PLT regression. Rolling out to
        confirm.

        Reverted changeset:

        "Don't always recalc the style of display: contents elements."
        https://bugs.webkit.org/show_bug.cgi?id=172753
        http://trac.webkit.org/changeset/218318

2017-06-15  Wenson Hsieh  <wenson_hsieh@apple.com>

        Using -[WebItemProviderPasteboard setItemProviders:] to swap out item providers before a drop breaks item provider loading
        https://bugs.webkit.org/show_bug.cgi?id=173338
        <rdar://problem/32777720>

        Reviewed by Tim Horton.

        Currently, replacing the list of UIItemProviders right before a drop is handled results in
        WebItemProviderPasteboard failing to load non-"public.content"-conformant items. This is because DragController
        computes and sends to the UI process a list of UTIs to load (preferredTypeIdentifiers: one type identifier for
        each item provider in WebItemProviderPasteboard). However, if the list of item providers changes immediately
        before a drop is performed, WebItemProviderPasteboard will get into an inconsistent state where it has a
        different number of preferred type identifiers to load than available item providers. This causes
        WebItemProviderPasteboard to fail when choosing what type identifiers to load from each item provider.

        To fix this, we instead have the web process propagate a list of supported type identifiers to the UI process,
        which is a property of only the drop destination rather than both the destination and item providers. When
        performing a drop, we then use the current item providers on WebItemProviderPasteboard to consult this list of
        supported type identifiers to resolve our list of preferred type identifiers to load.

        Globally renames updatePreferredTypeIdentifiers to updateSupportedTypeIdentifiers.

        Tests:
        DataInteractionTests.ExternalSourceOverrideDropFileUpload
        DataInteractionTests.ExternalSourceOverrideDropInsertURL

        * page/DragController.cpp:
        (WebCore::DragController::dragEnteredOrUpdated):
        (WebCore::DragController::updateSupportedTypeIdentifiersForDragHandlingMethod):
        (WebCore::DragController::updatePreferredTypeIdentifiersForDragHandlingMethod): Deleted.
        * page/DragController.h:
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::updateSupportedTypeIdentifiersForDragHandlingMethod):
        (WebCore::DragController::updatePreferredTypeIdentifiersForDragHandlingMethod): Deleted.
        * platform/DragData.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::updateSupportedTypeIdentifiers):
        (WebCore::PlatformPasteboard::updatePreferredTypeIdentifiers): Deleted.
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard init]):
        (-[WebItemProviderPasteboard updateSupportedTypeIdentifiers:]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard typeIsAppropriateForSupportedTypes:]):
        (-[WebItemProviderPasteboard typeIdentifierToLoadForRegisteredTypeIdentfiers:]):

        Add logic to resolve preferred type identifiers from an item providers list of registered type identifiers.
        This formerly existed on DragData.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):
        (-[WebItemProviderPasteboard updatePreferredTypeIdentifiers:]): Deleted.
        * platform/mac/DragDataMac.mm:

        Remove preferred type identifier resolution logic from DragData.

        (WebCore::typeIsAppropriateForSupportedTypes): Deleted.
        (WebCore::DragData::updatePreferredTypeIdentifiers): Deleted.

2017-06-15  Sam Weinig  <sam@webkit.org>

        [WebIDL] Replace general inclusion of JSDOMConvert.h with inclusion of individual converter files to reduce unnecessary inclusion
        https://bugs.webkit.org/show_bug.cgi?id=173392

        Reviewed by Tim Horton.

        Stop including the umbrella header JSDOMConvert.h in every generated bindings and 
        instead only include the specific converter needed. Then, go around and add all the
        now missing includes that used to be obtained transitively.

        * Modules/indexeddb/IDBRequest.cpp:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        * bindings/js/IDBBindingUtilities.cpp:
        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
        * bindings/js/JSCustomElementInterface.cpp:
        * bindings/js/JSCustomElementRegistryCustom.cpp:
        * bindings/js/JSDOMConvertBase.h:
        * bindings/js/JSDOMConvertInterface.h:
        * bindings/js/JSDOMConvertRecord.h:
        * bindings/js/JSDOMConvertSequences.h:
        * bindings/js/JSDOMConvertUnion.h:
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSDOMWindowCustom.cpp:
        * bindings/js/JSDOMWindowProperties.cpp:
        * bindings/js/JSDocumentCustom.cpp:
        * bindings/js/JSErrorHandler.cpp:
        * bindings/js/JSEventListener.cpp:
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        * bindings/js/JSHTMLDocumentCustom.cpp:
        * bindings/js/JSHistoryCustom.cpp:
        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::JSMessageEvent::data):
        * bindings/js/JSMockContentFilterSettingsCustom.cpp:
        * bindings/js/JSMutationCallback.cpp:
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::retrieveResponse):
        * bindings/js/ScriptGlobalObject.cpp:
        * bindings/js/SerializedScriptValue.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (GetJSCAttributesForAttribute):
        (GenerateEnumerationHeader):
        (GenerateEnumerationImplementation):
        (GenerateEnumerationImplementationContent):
        (GenerateEnumerationsImplementationContent):
        (GenerateEnumerationHeaderContent):
        (GenerateEnumerationsHeaderContent):
        (GenerateDictionaryHeaderContent):
        (GenerateDictionariesHeaderContent):
        (GenerateDictionaryImplementationContent):
        (GenerateDictionariesImplementationContent):
        (GenerateHeader):
        (GeneratePropertiesHashTable):
        (GenerateOverloadDispatcher):
        (GenerateImplementation):
        (GenerateAttributeGetterDefinition):
        (GenerateSerializerDefinition):
        (GenerateDictionaryHeader):
        (JSValueToNative):
        (NativeToJSValueUsingReferences):
        (NativeToJSValueUsingPointers):
        (IsValidContextForNativeToJSValue):
        (NativeToJSValue):
        (GenerateConstructorDefinition):
        (ComputeFunctionSpecial):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.h:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.h:
        * bindings/scripts/test/JS/JSTestStandaloneEnumeration.h:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp:
        * dom/MouseEvent.cpp:
        * html/HTMLPlugInImageElement.cpp:

2017-06-14  David Kilzer  <ddkilzer@apple.com>

        [iOS] Generate a simulated crash when the WebThread starts in MobileSafari
        <https://webkit.org/b/173386>
        <rdar://problem/32776426>

        Reviewed by Andy Estes.

        * WebCore.xcodeproj/project.pbxproj: Add new files to project.
        * platform/ios/CrashReporterSupportSoftLink.h: Add.  The using
        statement is so that we don't have to write
        WebCore::SimulateCrash() in WebCoreThread.mm since it's
        functions are not defined inside a WebCore namespace.  I also
        kept the 'pid' argument despite the style checker warning
        because it matches the internal method definition.
        * platform/ios/CrashReporterSupportSoftLink.mm: Add.
        * platform/ios/wak/WebCoreThread.mm: Sort headers.  Soft link to
        CrashReporterSupport.framework.
        (WebThreadEnable): Generate a simulated crash log if the
        WebThread ever starts in MobileSafari.
        * platform/spi/ios/CrashReporterSupportSPI.h: Add.  The header
        isn't safe to include in C++ source, so wrap the import in
        extern "C" macros.

2017-06-15  Jonathan Bedard  <jbedard@apple.com>

        Build WebKit with High Sierra (Seed 1)
        https://bugs.webkit.org/show_bug.cgi?id=173371

        Reviewed by Andy Estes.

        * crypto/CommonCryptoUtilities.h: Added ccRSAPSSPadding to CCAsymmetricPading enum.
        * platform/spi/cocoa/AVKitSPI.h: Declare AVKit SPI used by WebKit in High Sierra.
        (-[AVTouchBarPlaybackControlsControlling NS_ENUM]): Added AVTouchBarMediaSelectionOptionType
        SPI used in WebPlaybackControlManager in High Sierra.
        * platform/spi/cocoa/PassKitSPI.h: Declare PassKit SPI used by WebKit in High Sierra.
        (NS_ERROR_ENUM): Added PKPaymentErrorCode used in WebPayment in High Sierra.

2017-06-15  Youenn Fablet  <youenn@apple.com>

        RTCPeerConnection returns RTCSessionDescription where RTCSessionDescriptionInit would be appropriate
        https://bugs.webkit.org/show_bug.cgi?id=173118
        <rdar://problem/32746761>

        Reviewed by Eric Carlson.

        Test: webrtc/createOfferAnswer.html

        Making the promise return a RTCSessionDescription::Init instead of a RTCSessionDescription.
        This aligns with the spec and is more optimal.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::PeerConnectionBackend::createAnswerSucceeded):
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCSessionDescription.idl:

2017-06-15 Emilio Cobos Álvarez  <ecobos@igalia.com>

        Don't always recalc the style of display: contents elements.
        https://bugs.webkit.org/show_bug.cgi?id=172753

        Reviewed by Antti Koivisto.

        No new tests (no functionality change). This only removes an
        inefficiency.

        * dom/Element.cpp:
        (WebCore::Element::existingComputedStyle):
        * dom/Element.h:
        * style/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::updateRenderTree):
        (WebCore::RenderTreeUpdater::updateElementRenderer):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveElement):
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
        (WebCore::Style::shouldResolveElement):
        (WebCore::Style::TreeResolver::resolveComposedTree):

2017-06-14  Antoine Quint  <graouts@apple.com>

        Rebaseline media/modern-media-controls/media-documents
        https://bugs.webkit.org/show_bug.cgi?id=173394

        Reviewed by Dean Jackson.

        We found two issues related to media documents while rebaselining the dedicated tests.

        First, we needed to expose the --inline-controls-bar-height CSS variable to <video>
        elements in media documents that are actually showing an audio UI. Previously we would
        only expose the variable to <audio> elements.

        Also, due to webkit.org/b/173387, we would fail to identify certain media documents as
        video because the videoTracks weren't set yet when the "loadedmetadata" event would be
        triggered. So now we also look at the videoWidth and videoHeight properties, which should
        provide accurate information in the "loadedmetadata" event handler.

        * Modules/modern-media-controls/controls/media-controls.css:
        (:host(audio), :host(video.media-document.audio), *):
        (:host(audio), *): Deleted.
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.get isAudio):

2017-06-14  Zalan Bujtas  <zalan@apple.com>

        animations-paused-in-background-page.html and animated-svg-image-removed-from-document-paused.html fail after r218284
        https://bugs.webkit.org/show_bug.cgi?id=173393

        Reviewed by Simon Fraser.

        Testing cares really about whether the animation has initiated.  

        * platform/graphics/Image.h:
        (WebCore::Image::animationPending):
        * testing/Internals.cpp:
        (WebCore::Internals::isImageAnimating):

2017-06-14  Dean Jackson  <dino@apple.com>

        Restrict filtered painting across cross-origin boundaries with transforms
        https://bugs.webkit.org/show_bug.cgi?id=173388
        <rdar://problem/27362159>

        Reviewed by Simon Fraser.

        Make sure all cases of LayerPaintingInfo maintain the security
        flag. In this case there was only one new place, and since
        everything is scalar, there was no need for a real copy constructor.

        Test: http/tests/css/filters-on-iframes-transform.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerByApplyingTransform): Make sure the cross
        origin flag is used in the call to paint the layer children.
        * rendering/RenderLayer.h: Fix some typos.

2017-06-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r218285.
        https://bugs.webkit.org/show_bug.cgi?id=173391

        API test fails on iOS (Requested by alexchristensen on
        #webkit).

        Reverted changeset:

        "Add SPI for immediate injection of user scripts"
        https://bugs.webkit.org/show_bug.cgi?id=173342
        http://trac.webkit.org/changeset/218285

2017-06-14  Jer Noble  <jer.noble@apple.com>

        Video flashes black when switching back to a tab https://www.apple.com/homepod/
        https://bugs.webkit.org/show_bug.cgi?id=173377

        Reviewed by Eric Carlson.

        Previously, we had set the background color of the video layer to black in order to make the rect
        occupied by the HTMLMediaElement fully opaque. This worked around a graphics corruption bug. Since
        then, the code in RenderVideo::foregroundIsKnownToBeOpaqueInRect(...) has been fixed to fully account
        for whether the HTMLMediaElement has a valid frame to display, making the black layer background
        unnecessary.

        Remove all the instances where we were setting the background color of the video layer to black.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
        (WebCore::VideoFullscreenLayerManager::setVideoLayer):
        (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer):

2017-06-14  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218161.

        Introduced bot API test failures and Layout Test Failures.

        Reverted changeset:

        "[Cocoa] Expand system-ui to include every item in the Core
        Text cascade list"
        https://bugs.webkit.org/show_bug.cgi?id=173043
        http://trac.webkit.org/changeset/218161

2017-06-14  Alex Christensen  <achristensen@webkit.org>

        Add SPI for immediate injection of user scripts
        https://bugs.webkit.org/show_bug.cgi?id=173342
        <rdar://problem/29202285>

        Reviewed by Brady Eidson.

        The new SPI is WKUserContentController._addUserScriptImmediately.
        It is covered by new API tests.

        * page/Frame.cpp:
        (WebCore::Frame::injectUserScripts):
        (WebCore::Frame::injectUserScriptImmediately):
        Move injection functionality to allow us to call it directly from the new SPI.
        * page/Frame.h:
        * page/Page.cpp:
        (WebCore::Page::forEachPage):
        * page/Page.h:

2017-06-14  Zalan Bujtas  <zalan@apple.com>

        Crash in WebCore::RenderStyle::colorIncludingFallback.
        https://bugs.webkit.org/show_bug.cgi?id=173347
        <rdar://problem/32675317>

        Reviewed by Chris Dumez.

        Starting an SVG image animation synchronously might trigger recursive style recalc.
        We should kick off the animation on a zero timer to reduce callstack complexity. 

        Test: svg/as-image/svg-css-animation.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didAddClient):
        * platform/graphics/Image.cpp:
        (WebCore::Image::Image):
        (WebCore::Image::startAnimationAsynchronously):
        * platform/graphics/Image.h:

2017-06-14  Brady Eidson  <beidson@apple.com>

        WKIconLoadingDelegate never gets asked about the default favicon if touch/touch-precomposed icons are in the <head>
        <rdar://problem/32614328> and https://bugs.webkit.org/show_bug.cgi?id=173376

        Reviewed by Alex Christensen.

        Covered by new API test

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startIconLoading): Previously we applied the default favicon if the set of LinkIcons was empty.
          Now, apply the default favicon if the set of LinkIcons contains no explicit favicon.

2017-06-14  Jer Noble  <jer.noble@apple.com>

        Flaky Test: media/media-source/media-source-unnecessary-seek-seeked.html
        https://bugs.webkit.org/show_bug.cgi?id=173344

        Reviewed by Eric Carlson.

        Separate the concept of "the page has asked us to seek" from "we have asked the
        media player to seek". When the media engine tells us its ready state has changed
        after the page has requested a seek, but before the media element has asked its
        player to perform the seek, we were previously firing a seeked event. Now we'll
        check this new ivar and see that we aren't expecting a seek to finish yet.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::setReadyState):
        (WebCore::HTMLMediaElement::finishSeek):
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
        * html/HTMLMediaElement.h:

2017-06-14  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r218157.

        This patch caused multiple API failures on iOS Simulator.

        Reverted changeset:

        "@font-face rules with invalid primary fonts never download
        their secondary fonts"
        https://bugs.webkit.org/show_bug.cgi?id=173138
        http://trac.webkit.org/changeset/218157

2017-06-14  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r217997): mint.com header renders incorrectly when initially loaded
        https://bugs.webkit.org/show_bug.cgi?id=173302
        <rdar://problem/32731747>

        Reviewed by Darin Adler.

        r217997 updated ImplicitAnimation::reset() to not call updateStateMachine(AnimationStateInput::RestartAnimation)
        if the compositeAnimation is suspended. If the compositeAnimation is suspended, we would call
        updateStateMachine(AnimationStateInput::AnimationStateInput::PlayStatePaused), which was expected to be a no-op.
        This was needed because otherwise, changing the style of the animated element would restart the animation
        even though it was supposed to be suspended. One thing I did not realize is that calling
        updateStateMachine(AnimationStateInput::AnimationStateInput::PlayStatePaused) on an animation that is already
        in PausedNew state, will cause it to move to PausedWaitResponse state. This is an issue because upon resuming
        we would call AnimationBase::updatePlayState(AnimPlayStatePlaying) which would return early because
        AnimationBase::paused() would return false. To address the issue, we no longer call updateStateMachine(PlayStatePaused)
        in ImplicitAnimation::reset() when the compositeAnimation is suspended, so that the animation stays in
        PausedNew state until we resume. When we resume, AnimationBase::paused() returns false and we actually resume
        the animation.

        Tests:
        fast/animation/css-animation-resuming-when-visible-with-style-change.html
        fast/animation/css-animation-resuming-when-visible-with-style-change2.html

        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::reset):

2017-06-14  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r216901): ImageDecoders: rendering of large images is broken since r216901
        https://bugs.webkit.org/show_bug.cgi?id=172502

        Reviewed by Carlos Garcia Campos.

        When using GTK and WPE image decoders, the decoded frames are stored inside a Vector of
        ImageFrames inside the decoders. These ImageFrames have and ImageBackingStore with the
        pixels. When a NativeImagePtr is requested, a cairo surface is created from the data
        in those ImageBackingStores, but the data keeps being owned by the backing stores. Due
        to this, if the decoder that created the image gets destroyed, the backing stores for
        the decoded frames get destroyed as well, causing the cairo surfaces that were using
        that data to contain garbage (and potentially cause a crash).

        To fix this, we change ImageBackingStore so the pixels are stored in a SharedBuffer. The
        buffer will be reffed everytime a cairo surface is created with it, and the cairo surfaces
        will unref the buffer when they are destroyed. This way, the pixel data won't be freed
        while there are cairo surfaces using it.

        No new tests, no behaviour change.

        * platform/graphics/ImageBackingStore.h:
        (WebCore::ImageBackingStore::setSize):
        (WebCore::ImageBackingStore::ImageBackingStore):
        * platform/image-decoders/cairo/ImageBackingStoreCairo.cpp:
        (WebCore::ImageBackingStore::image):

2017-06-14  Zan Dobersek  <zdobersek@igalia.com>

        [GStreamer] Align GstBus signal watch priorities with RunLoop dispatches
        https://bugs.webkit.org/show_bug.cgi?id=173348

        Reviewed by Carlos Garcia Campos.

        When adding GstBus signal watches, use the gst_bus_add_signal_watch_full()
        function to also specify the GLib priority that's used for the underlying
        GSource object.

        RunLoopSourcePriority::RunLoopDispatcher should be a good priority value
        to use here, matching the RunLoop::dispatch() priority that's e.g. used
        in the MainThreadNotifier class.

        * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
        (WebCore::AudioDestinationGStreamer::AudioDestinationGStreamer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::AppendPipeline):

2017-06-14  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Back camera view rendered upside down when in portrait mode
        https://bugs.webkit.org/show_bug.cgi?id=173346
        <rdar://problem/32713675>

        Reviewed by Youenn Fablet.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::computeSampleRotation): Use different rotations for front and
        back cameras when device is in portrait orientation.

2017-06-13  Chris Dumez  <cdumez@apple.com>

        Event handlers should not be called in frameless documents
        https://bugs.webkit.org/show_bug.cgi?id=173233

        Reviewed by Sam Weinig.

        As per the HTML specification [1], for event handlers on elements, we should use the
        element's document to check if scripting is disabled [2]. Scripting is considered to
        be disabled if the document has no browsing context (i.e. a frame in WebKit terms).

        In JSLazyEventListener::initializeJSFunction(), instead of using the element's
        document to do the checks, we would use the script execution context. In most cases,
        a node's document and its script execution context are the same so this is not an
        issue. However, if the node's document is a document created via JS, its nodes'
        script execution context will be the document's context document (i.e the one that
        created the document, see implementation of Node::scriptExecutionContext()). In those
        cases, using the wrong document is an issue because the document's context document
        (aka script execution context) may allow scripting but we still do not want to call
        the event handler because its document is frameless.

        This impacts documents created by JS, using the following APIs:
        - DOMParser.parseFromHTML
        - new Document()
        - DOMImplementation.createDocument / createHTMLDocument
        - XHRs whose responseType is Document.

        [1] https://html.spec.whatwg.org/multipage/webappapis.html#getting-the-current-value-of-the-event-handler (step 1.1.)
        [2] https://html.spec.whatwg.org/multipage/webappapis.html#concept-n-noscript

        Tests: fast/events/event-handler-detached-document-dispatchEvent.html
               fast/events/event-handler-detached-document.html

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction):

2017-06-13  Antoine Quint  <graouts@apple.com>

        Rebaseline media/modern-media-controls/placard-support
        https://bugs.webkit.org/show_bug.cgi?id=173340

        Reviewed by Dean Jackson.

        We make a source change to use a "placard" getter/setter to show or hide a placard, making it
        more convenient to test whether a placard has been set.

        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls.prototype.get placard):
        (InlineMediaControls.prototype.set placard):
        (InlineMediaControls.prototype.showPlacard): Deleted.
        (InlineMediaControls.prototype.hidePlacard): Deleted.
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype._updatePlacard):
        (PlacardSupport):

2017-06-11  Antoine Quint  <graouts@apple.com>

        Rebaseline media/modern-media-controls/fullscreen-support
        https://bugs.webkit.org/show_bug.cgi?id=173199

        Reviewed by Simon Fraser.

        Test: media/modern-media-controls/fullscreen-support/fullscreen-support-press.html

        We no longer need to track the "error" event for FullscreenSupport since we don't actually
        enable or disable the fullscreen button when an error happens, instead the media controls
        code will simply not present it since we'll be showing a placard instead.

        * Modules/modern-media-controls/media/fullscreen-support.js:
        (FullscreenSupport.prototype.get mediaEvents):

2017-06-13  Matt Rajca  <mrajca@apple.com>

        WebsitePolicies: let clients select specific autoplay quirks
        https://bugs.webkit.org/show_bug.cgi?id=173343

        Reviewed by Alex Christensen.

        Tests: Updated API tests accordingly to use new values.

        Replace the 'allowsAutoplayQuirks' bool with an OptionSet so clients can selectively
        pick auto-play quirks.

        * dom/Document.cpp:
        (WebCore::Document::processingUserGestureForMedia):
        * html/HTMLMediaElement.cpp:
        (WebCore::needsAutoplayPlayPauseEventsQuirk):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::allowedAutoplayQuirks):
        (WebCore::DocumentLoader::setAllowedAutoplayQuirks):
        (WebCore::DocumentLoader::allowsAutoplayQuirks): Deleted.
        (WebCore::DocumentLoader::setAllowsAutoplayQuirks): Deleted.

2017-06-13  Zalan Bujtas  <zalan@apple.com>

        Synchronous media query callbacks on nested frames could produced a detached FrameView.
        https://bugs.webkit.org/show_bug.cgi?id=173330

        Reviewed by Simon Fraser.

        This patch fixes the crash when the nested frame's media query callback triggers navigation on the mainframe.
        webkit.org/b/173329 is to track whether we should allow synchronous callback firing from FrameView::layout(). 

        Covered by show-modal-dialog-during-execCommand.html.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

2017-06-13  Chris Fleizach  <cfleizach@apple.com>

        AX[macOS]: Expose Inline property as an accessibility attribute
        https://bugs.webkit.org/show_bug.cgi?id=173131
        <rdar://problem/32667686>

        Reviewed by Joanmarie Diggs.

        Expose whether a renderer is inline so that VoiceOver can make better use of that data when deciding what to output.

        Test: accessibility/mac/inline-text-attribute.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2017-06-13  Jon Davis  <jond@apple.com>

        Update Subresource Integrity status to Supported In Preview
        https://bugs.webkit.org/show_bug.cgi?id=173324

        Reviewed by Sam Weinig.

        * features.json:

2017-06-13  Antoine Quint  <graouts@apple.com>

        Add logging for layout tests when rAF callbacks get suspended and resumed
        https://bugs.webkit.org/show_bug.cgi?id=173326

        Reviewed by Simon Fraser.

        In order to help diagnose webkit.org/b/168409 we log the ScriptedAnimationController
        suspend count when it changes and log the backtrace so that we may understand why it
        fails to be set back to 0 when some modern-media-controls tests run.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):
        (WebCore::ScriptedAnimationController::resume):
        (WebCore::ScriptedAnimationController::logSuspendCount):
        * dom/ScriptedAnimationController.h:
        * page/Settings.in:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::shouldLogScritedAnimationControllerSuspensionChange):
        (WebCore::InternalSettings::setShouldLogScritedAnimationControllerSuspensionChange):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2017-06-13  Jer Noble  <jer.noble@apple.com>

        Crash when MSE backed media element changes src/srcObject during PiP
        https://bugs.webkit.org/show_bug.cgi?id=173288

        Reviewed by Alex Christensen.

        Tear down the MediaPlayerPrivateMediaSourceAVFObjC's layers fully whe the player
        is destroyed, which includes removing the player's AVSampleBufferDisplayLayer from
        the HTMLMediaElement's fullscreen layer.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::~MediaPlayerPrivateMediaSourceAVFObjC):

2017-06-13  Daniel Bates  <dabates@apple.com>

        Implement W3C Secure Contexts Draft Specification
        https://bugs.webkit.org/show_bug.cgi?id=158121
        <rdar://problem/26012994>

        Reviewed by Brent Fulgham.

        Part 4

        Adds runtime enabled feature flag, isSecureContextAttributeEnabled, to toggle exposing
        the global object property isSecureContext (defaults: true - expose the property).

        Test: security/isSecureContext-disabled.html

        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setIsSecureContextAttributeEnabled):
        (WebCore::RuntimeEnabledFeatures::isSecureContextAttributeEnabled):
        * page/WindowOrWorkerGlobalScope.idl:

2017-06-13  Jer Noble  <jer.noble@apple.com>

        Protect lifetime of media element during HTMLMediaElement::notifyAboutPlaying()
        https://bugs.webkit.org/show_bug.cgi?id=173320
        <rdar://problem/32590276>

        Reviewed by Brent Fulgham.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::notifyAboutPlaying):

2017-06-13  Youenn Fablet  <youenn@apple.com>

        getReceivers() should return transceivers that have only an active receiver
        https://bugs.webkit.org/show_bug.cgi?id=173313

        Reviewed by Alex Christensen.

        Test: webrtc/video-receivers.html

        Creating transceivers for receivers created from an offer.
        Setting these as recvonly.

        * Modules/mediastream/RTCRtpTransceiver.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::videoReceiver):
        (WebCore::LibWebRTCPeerConnectionBackend::audioReceiver):

2017-06-13  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unable to paste text that was copied from a page into the universal search field
        https://bugs.webkit.org/show_bug.cgi?id=173293
        <rdar://problem/32440918>

        Reviewed by Ryosuke Niwa.

        Vend "public.utf8-plain-text" and "public.utf16-plain-text" as additional representations on the pasteboard when
        copying both rich and plain web content in PlatformPasteboardIOS.mm. This is because UITextView no longer
        supports pasting "public.text" as text in iOS 11.

        Tests:
        UIPasteboardTests.CopyPlainTextWritesConcreteTypes
        UIPasteboardTests.CopyRichTextWritesConcreteTypes

        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::writePlainText):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2017-06-13  Sam Weinig  <sam@webkit.org>

        Rename JSDOMWindowShell to JSDOMWindowProxy to match the HTML5 spec.
        https://bugs.webkit.org/show_bug.cgi?id=80733

        Reviewed by Chris Dumez.

        Goodbye dear shell.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/DOMWrapperWorld.cpp:
        (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
        (WebCore::DOMWrapperWorld::clearWrappers):
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::didCreateWindowProxy):
        (WebCore::DOMWrapperWorld::didDestroyWindowProxy):
        (WebCore::DOMWrapperWorld::didCreateWindowShell): Deleted.
        (WebCore::DOMWrapperWorld::didDestroyWindowShell): Deleted.
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::JSDOMWindowBase):
        (WebCore::JSDOMWindowBase::finishCreation):
        (WebCore::JSDOMWindowBase::willRemoveFromWindowProxy):
        (WebCore::JSDOMWindowBase::proxy):
        (WebCore::toJSDOMWindow):
        (WebCore::JSDOMWindowBase::willRemoveFromWindowShell): Deleted.
        (WebCore::JSDOMWindowBase::shell): Deleted.
        * bindings/js/JSDOMWindowBase.h:
        (WebCore::toJS):
        (WebCore::toJSDOMWindow):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::toWrapped):
        * bindings/js/JSDOMWindowCustom.h:
        * bindings/js/JSDOMWindowProperties.h:
        (WebCore::JSDOMWindowProperties::JSDOMWindowProperties):
        * bindings/js/JSDOMWindowProxy.cpp: Copied from WebCore/bindings/js/JSDOMWindowShell.cpp.
        (WebCore::JSDOMWindowProxy::JSDOMWindowProxy):
        (WebCore::JSDOMWindowProxy::finishCreation):
        (WebCore::JSDOMWindowProxy::destroy):
        (WebCore::JSDOMWindowProxy::setWindow):
        (WebCore::JSDOMWindowProxy::wrapped):
        (WebCore::JSDOMWindowProxy::toWrapped):
        (WebCore::toJS):
        (WebCore::toJSDOMWindowProxy):
        (WebCore::JSDOMWindowShell::JSDOMWindowShell): Deleted.
        (WebCore::JSDOMWindowShell::finishCreation): Deleted.
        (WebCore::JSDOMWindowShell::destroy): Deleted.
        (WebCore::JSDOMWindowShell::setWindow): Deleted.
        (WebCore::JSDOMWindowShell::wrapped): Deleted.
        (WebCore::JSDOMWindowShell::toWrapped): Deleted.
        (WebCore::toJSDOMWindowShell): Deleted.
        * bindings/js/JSDOMWindowProxy.h: Copied from WebCore/bindings/js/JSDOMWindowShell.h.
        (WebCore::JSDOMWindowProxy::create):
        (WebCore::toJSDOMWindowProxy):
        (WebCore::JSDOMWindowShell::window): Deleted.
        (WebCore::JSDOMWindowShell::create): Deleted.
        (WebCore::JSDOMWindowShell::createStructure): Deleted.
        (WebCore::JSDOMWindowShell::world): Deleted.
        (WebCore::toJSDOMWindowShell): Deleted.
        * bindings/js/JSDOMWindowShell.cpp: Removed.
        * bindings/js/JSDOMWindowShell.h: Removed.
        * bindings/js/JSEventTargetCustom.cpp:
        (WebCore::JSEventTarget::toWrapped):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::open):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::execute):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptController.cpp:
        (WebCore::collectGarbageAfterWindowProxyDestruction):
        (WebCore::ScriptController::~ScriptController):
        (WebCore::ScriptController::destroyWindowProxy):
        (WebCore::ScriptController::createWindowProxy):
        (WebCore::ScriptController::evaluateInWorld):
        (WebCore::ScriptController::loadModuleScriptInWorld):
        (WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld):
        (WebCore::ScriptController::evaluateModule):
        (WebCore::ScriptController::windowProxies):
        (WebCore::ScriptController::clearWindowProxiesNotMatchingDOMWindow):
        (WebCore::ScriptController::setDOMWindowForWindowProxy):
        (WebCore::ScriptController::initScript):
        (WebCore::ScriptController::setupModuleScriptHandlers):
        (WebCore::ScriptController::eventHandlerPosition):
        (WebCore::ScriptController::enableEval):
        (WebCore::ScriptController::disableEval):
        (WebCore::ScriptController::canAccessFromCurrentOrigin):
        (WebCore::ScriptController::attachDebugger):
        (WebCore::ScriptController::updateDocument):
        (WebCore::ScriptController::cacheableBindingRootObject):
        (WebCore::ScriptController::bindingRootObject):
        (WebCore::ScriptController::createRootObject):
        (WebCore::ScriptController::collectIsolatedContexts):
        (WebCore::ScriptController::windowScriptNPObject):
        (WebCore::ScriptController::jsObjectForPluginElement):
        (WebCore::ScriptController::cleanupScriptObjectsForPlugin):
        (WebCore::ScriptController::clearScriptObjects):
        (WebCore::ScriptController::executeIfJavaScriptURL):
        (WebCore::collectGarbageAfterWindowShellDestruction): Deleted.
        (WebCore::ScriptController::destroyWindowShell): Deleted.
        (WebCore::ScriptController::createWindowShell): Deleted.
        (WebCore::ScriptController::windowShells): Deleted.
        (WebCore::ScriptController::clearWindowShellsNotMatchingDOMWindow): Deleted.
        (WebCore::ScriptController::setDOMWindowForWindowShell): Deleted.
        * bindings/js/ScriptController.h:
        (WebCore::ScriptController::windowProxy):
        (WebCore::ScriptController::existingWindowProxy):
        (WebCore::ScriptController::globalObject):
        (WebCore::ScriptController::windowShell): Deleted.
        (WebCore::ScriptController::existingWindowShell): Deleted.
        * bindings/js/ScriptControllerMac.mm:
        (WebCore::ScriptController::windowScriptObject):
        * bindings/js/ScriptState.cpp:
        (WebCore::mainWorldExecState):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateOverloadDispatcher):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodOverloadDispatcher):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        * page/Frame.cpp:
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::didCreateWindowProxy):
        (WebCore::ContentSecurityPolicy::didCreateWindowShell): Deleted.
        * page/csp/ContentSecurityPolicy.h:

2017-06-13  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix typo in variable introduced in r218108.

        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::platformReleaseMemory):
        (WebCore::registerSQLiteMemoryPressureHandler):

2017-06-13  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Implement missing AtkRelation types
        https://bugs.webkit.org/show_bug.cgi?id=155494

        Reviewed by Darin Adler.

        Add methods for getting the element(s) which reference a particular element via an
        ARIA attribute. Then use those methods to identify and expose the expected reverse/
        reciprocal AtkRelationType and targets. Also add ATK support for aria-owns.

        Use SpaceSplitString in AccessibilityObject::elementsFromAttribute() so that unexpected
        whitespace characters in an attribute's list of ids does not prevent the desired element
        from being found.

        Lastly, change the return type of AccessibilityObject::identifierAttribute() from a String
        to a const AtomicString& for better efficiency.

        Tests: accessibility/aria-owns.html
               accessibility/gtk/relation-types.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::identifierAttribute):
        (WebCore::AccessibilityObject::elementsFromAttribute):
        (WebCore::AccessibilityObject::ariaElementsReferencedByAttribute):
        (WebCore::AccessibilityObject::ariaControlsReferencingElements):
        (WebCore::AccessibilityObject::ariaDescribedByReferencingElements):
        (WebCore::AccessibilityObject::ariaFlowToReferencingElements):
        (WebCore::AccessibilityObject::ariaLabelledByReferencingElements):
        (WebCore::AccessibilityObject::ariaOwnsReferencingElements):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (setAtkRelationSetFromCoreObject):

2017-06-13  Gwang Yoon Hwang  <yoon@igalia.com>

        [GStreamerGL] Release GstVideoFrame when there is a flush event from the pipeline
        https://bugs.webkit.org/show_bug.cgi?id=172427

        Reviewed by Žan Doberšek.

        Without GStreamerGL MediaPlayerPrivateGStreamer copies the video frame from
        the decoder's buffer to the texture to display a video. So it makes possible
        to release the GstSample when it got a flush start event to free the decoder's
        buffer to the decoder without side-effects.

        Unlike the traditional way to render video, GStreamer GL does not copy a
        texture from the decoder to the texture mapper's buffer to draw video frame.
        It uses same GstMemory with the gst pipeline to manage the texture to prevent
        copy operations. So without releasing a layer buffer, there is no way to
        return GstMemory to the buffer pool.

        This patch releases current GstSample when the player got the flush start
        event.  It destructs the platform layer buffer any time there is a flush start
        event.

        However, it is not enough to release the GstMemory. The platform layer proxy
        should copy current buffer to show it to the compositor instead of a blank
        frame. It prevents flickerings until getting a new frame after handling flush
        events.

        No new tests, there shouldn't be behavior changes

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBufferData::swapBuffersIfNeeded):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
        (WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
        (WebCore::MediaPlayerPrivateGStreamerBase::createGLAppSink): Adds
        handler for the flush event.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::BitmapTextureGL):
        (WebCore::BitmapTextureGL::copyFromExternalTexture): Copies
        a external texture to the managed texture.
        * platform/graphics/texmap/BitmapTextureGL.h:
        (WebCore::BitmapTextureGL::create):
        To create the managed texture with specific format, this patch adds a
        optional parameter for a texture format.
        * platform/graphics/texmap/TextureMapper.h:
        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
        (WebCore::TextureMapperGC3DPlatformLayer::swapBuffersIfNeeded):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::createTexture):
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
        (WebCore::TextureMapperPlatformLayerBuffer::TextureMapperPlatformLayerBuffer):
        (WebCore::TextureMapperPlatformLayerBuffer::clone):
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::appendToUnusedBuffers): Added
        to schedule releasing unused buffers in main thread.
        (WebCore::TextureMapperPlatformLayerProxy::swapBuffer):
        (WebCore::TextureMapperPlatformLayerProxy::dropCurrentBufferWhilePreservingTexture):
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:

2017-06-13  Youenn Fablet  <youenn@apple.com>

        Filter SDP from ICE candidates in case of local ICE candidate filtering
        https://bugs.webkit.org/show_bug.cgi?id=173120

        Reviewed by Eric Carlson.

        Covered by updated test.

        Adding filtering of local description in getters and createOffer promise.

        * Modules/mediastream/MediaEndpointSessionDescription.cpp:
        (WebCore::MediaEndpointSessionDescription::toRTCSessionDescription):
        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::filterICECandidate):
        (WebCore::PeerConnectionBackend::filterSDP):
        * Modules/mediastream/PeerConnectionBackend.h:
        * Modules/mediastream/RTCSessionDescription.h:
        (WebCore::RTCSessionDescription::setSdp):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::currentLocalDescription):
        (WebCore::LibWebRTCPeerConnectionBackend::pendingLocalDescription):
        (WebCore::LibWebRTCPeerConnectionBackend::localDescription):

2017-06-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] [macOS] Stop soft-linking Core Text function in iOS 11 and macOS High Sierra
        https://bugs.webkit.org/show_bug.cgi?id=173289

        Reviewed by Lucas Forschler.

        No new tests because there is no behavior change.

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2017-06-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Expand system-ui to include every item in the Core Text cascade list
        https://bugs.webkit.org/show_bug.cgi?id=173043
        <rdar://problem/21125708>

        Reviewed by Simon Fraser.

        The concept of the system font on Cocoa platforms represents the entire Core Text cascade list.
        However, previously, WebKit only represented system-ui by pulling out the first item in the Core
        Text cascade list. Instead, we should make all text rendered with "system-ui" match what the
        platform would natively render.

        Previously, we walked through the strings in the font-family property and looked them up one by
        one. However, now we want to abstract this idea of a font family to possibly hold a
        CTFontDescriptorRef instead of a string. This way, we expand a font-family list of ["fontA",
        "system-ui", "fontB"] to ["fontA", ... a bunch of CTFontDescriptorRefs ..., "FontB"]. We can
        then modify the consumer of this object to have two codepaths: the old string-based codepath,
        and a new, platform-specific codepath which simply embeds the CTFontDesriptorRefs inside a Font
        object.

        We don't want to simply pull out the family name from each item in the Core Text fallback list
        because that is a lossy translation. There is more information in these font descriptors which
        cannot be represented by CSS. Therefore, we must keep the descriptors alive and add the new
        codepath for them.

        We also don't want to run the CSS font matching algorithm on each member of the Core Text
        fallback list because it may yield different results from Core Text's font matching algorithm.
        Our goal is to draw text as closely as possible to the system APIs. If we ran it, we may find
        a font which is closer to the requested traits, but it would look out of place on the system.

        Tests: fast/text/system-font-fallback-emoji.html
               fast/text/system-font-fallback.html

        * WebCore.xcodeproj/project.pbxproj:
        * page/MemoryRelease.cpp:
        (WebCore::releaseNoncriticalMemory):
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::realizeNextFallback): The consumer of our new data type. Now uses WTF::visit().
        (WebCore::FontCascadeFonts::realizeFallbackRangesAt): Now that the number of items to test
        against the current character is larger than the number of strings in the font-family list,
        we need to update the existing code to use the correct value.
        * platform/graphics/FontDescription.cpp: Default implementation for non-Cocoa ports.
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount):
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/FontDescription.h: Our new data type is a Variant of AtomicString and a
        platform-specific class. Cocoa uses a class that holds a CTFontDescriptorRef and other ports
        use an empty non-constructable class.
        * platform/graphics/FontFamilySpecificationNull.h: Added. The empty non-constructable
        class.
        (WebCore::FontFamilySpecificationNull::fontRanges):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::platformInit): Changing the system language will change the system font
        fallback list, so we need to listen to this notification. This also matters for
        FontCache::systemFallbackForCharacters(), so we should build off the same callback we are
        already using for font installation.
        (WebCore::invalidateFontCache):
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp: Added. The platform-specific creation of
        our CTFontDescriptorRefs. We hold them cached in a SystemFontDatabase.
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParameters):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::isHashTableDeletedValue):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator==):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash):
        (WebCore::SystemFontDatabase::singleton):
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::SystemFontDatabase::clear):
        (WebCore::SystemFontDatabase::SystemFontDatabase):
        (WebCore::SystemFontDatabase::applyWeightAndItalics):
        (WebCore::SystemFontDatabase::removeCascadeList):
        (WebCore::SystemFontDatabase::computeCascadeList):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::hash):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::equal):
        (WebCore::isSystemFontString):
        (WebCore::systemFontParameters):
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount): We don't store the result of this
        because it would probably be a bad idea to increase the size of every single FontCascade just
        in case it might ask for the system font. Most fonts never mention system-ui. Because it's so
        rare, we can just recalculate the result of this as necessary. This shouldn't be slow because
        the results are cached.
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp: Added.
        (WebCore::FontFamilySpecificationCoreText::fontRanges): Create a FontRanges from a
        CTFontDescriptorRef.
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.h: Added.
        (WebCore::FontFamilySpecificationCoreText::FontFamilySpecificationCoreText):
        * platform/graphics/ios/FontCacheIOS.mm: Delete the old handling for system-ui.
        (WebCore::platformFontWithFamilySpecialCase):
        (WebCore::baseSystemFontDescriptor): Deleted.
        (WebCore::systemFontModificationAttributes): Deleted.
        (WebCore::systemFontDescriptor): Deleted.
        * platform/graphics/mac/FontCacheMac.mm: Ditto.
        (WebCore::platformFontWithFamilySpecialCase):
        (WebCore::toNSFontWeight): Deleted.

2017-06-12  Daewoong Jang  <daewoong.jang@navercorp.com>

        Remove WebCore::unloadModule and related data types
        https://bugs.webkit.org/show_bug.cgi?id=173231

        Reviewed by Darin Adler.

        * platform/FileSystem.h:
        (WebCore::PlatformModuleVersion::PlatformModuleVersion): Deleted.
        * platform/glib/FileSystemGlib.cpp:
        (WebCore::unloadModule): Deleted.
        * platform/win/FileSystemWin.cpp:
        (WebCore::unloadModule): Deleted.

2017-06-12  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix; fix a misspelling in CoreMediaSoftLink.{h,cpp}.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:

2017-06-12  Myles C. Maxfield  <mmaxfield@apple.com>

        @font-face rules with invalid primary fonts never download their secondary fonts
        https://bugs.webkit.org/show_bug.cgi?id=173138
        <rdar://problem/32554450>

        Reviewed by Simon Fraser.

        We have logic in CSSFontAccessor::font() which disallows downloading a CSSFontFace if that CSSFontFace
        is already in the Succeeded state. However, it was possible for a succeeded CSSFontFace to still fail
        to create a font. In this situation, we wouldn't be able to use the downloaded font, and we wouldn't
        try to download the next item in the src: list because the CSSFontFace is succeeded.

        This patch strengthens the meaning of the Succeeded state. Previously, it just meant that the bytes
        in the file were downloaded successfully. This patch extends this to also mean that the bytes in the
        file can be successfully interpreted as a font. This way, the CSSFontFace in the example above won't be
        set to the Succeeded state, so we will continue follow the src: list and download the secondary fonts.

        This has an added benefit that the CSS Font Loading API's promises will be called more appropriately.
        The transition to the Succeeded state will trigger a resolve of the promise. Now, these promises will
        only be resolved if the fonts are actually parsed and understood by our text system.

        Test: fast/text/font-fallback-invalid-load.html

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::fontLoaded): Move to the failed state if we can't understand the font
        data. This is the crux of this patch.
        (WebCore::CSSFontFaceSource::font): This function should only be called if we are in the Succeeded
        state, which means now we know we should always be able to understand the bytes of the file. Therefore,
        we can change some if statements into ASSERT()s.
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::createFont): Ditto.
        (WebCore::CachedSVGFont::platformDataFromCustomData): Similarly to CSSFontFaceSource::fontLoaded(), this
        adds another check to our criteria for transitioning into the Succeeded state, which will guarantee that
        later we will always be able to create the font object.

2017-06-12  Chris Dumez  <cdumez@apple.com>

        Add Arabic Kasra to list of blacklisted characters when puny-decoding URL
        https://bugs.webkit.org/show_bug.cgi?id=173283
        <rdar://problem/32725659>

        Reviewed by Brent Fulgham.

        Add Arabic Kasra to list of blacklisted characters when puny-decoding URL as
        it is almost invisible in the URL bar.

        Test: fast/url/user-visible/arabic_kasra.html

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):

2017-06-12  Jer Noble  <jer.noble@apple.com>

        Screen sleeps while doing WebRTC video
        https://bugs.webkit.org/show_bug.cgi?id=173278

        Reviewed by Eric Carlson.

        HTMLMediaElement triggers changing the sleep disabler token when the media engine
        says that its rate has changed; the MediaPlayerPrivateMediaStreamAVFObjC needs to
        notify its client (the HTMLMediaElement) that the rate has changed when the stream
        is played or paused.

        Drive-by fix: Don't set a sleep disabler token (i.e., allow the system and display
        to sleep) if the stream is strictly local-capture.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::shouldDisableSleep):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pause):

2017-06-12  Jer Noble  <jer.noble@apple.com>

        Seeking an MSE video will begin playing audio long before rendering video
        https://bugs.webkit.org/show_bug.cgi?id=173269

        Reviewed by Eric Carlson.

        Add a notification listener which will be messaged when a to-be-displayed sample
        is decoded to signal that the 'seeked' event should fire. Consolidate all the various
        flush methods to funnel into a single flushVideo().

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (-[WebBufferConsumedContext initWithParent:buffer:]):
        (-[WebBufferConsumedContext dealloc]):
        (-[WebBufferConsumedContext parent]):
        (-[WebBufferConsumedContext buffer]):
        (WebCore::bufferWasConsumedCallback):
        (WebCore::SourceBufferPrivateAVFObjC::SourceBufferPrivateAVFObjC):
        (WebCore::SourceBufferPrivateAVFObjC::~SourceBufferPrivateAVFObjC):
        (WebCore::SourceBufferPrivateAVFObjC::flush):
        (WebCore::SourceBufferPrivateAVFObjC::flushVideo):
        (WebCore::SourceBufferPrivateAVFObjC::enqueueSample):
        (WebCore::SourceBufferPrivateAVFObjC::bufferWasConsumed):
        (WebCore::SourceBufferPrivateAVFObjC::willSeek):

2017-06-12  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Set audio session mode and options when capturing
        https://bugs.webkit.org/show_bug.cgi?id=173276
        <rdar://problem/32059254>

        Reviewed by Jer Noble.

        * platform/audio/ios/AudioSessionIOS.mm:
        (WebCore::AudioSession::setCategory): Set mode and options so the default output is to the speaker,
        and so audio will be routed to bluetooth when appropriate.

2017-06-12  Jeremy Jones  <jeremyj@apple.com>

        Remove watchdog timer from WebVideoFullscreenInterfaceAVKit
        https://bugs.webkit.org/show_bug.cgi?id=173272
        rdar://problem/32260378

        Reviewed by Jer Noble.

        No new tests because no effect on DOM.

        WebVideoFullscreenInterfaceAVKit's watchdog attempts to clean-up fullscreen if the page becomes unresponsive.
        However, it is just calling exitfullscreen(), which initiates the animation, but leaves the fullscreen window
        in place and doesn't initiate cleanup. This leaves the browser in an unusable state since all events will still
        be captured by the fullscren window.

        This change uses the same method of hiding fullscreen window as switching tabs does. This will
        hide the fullscreen winodw and controller, leaving the browser available for interaction, and the page
        can take its time to properly cleanup the fullscreen window while hidden.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::watchdogTimerFired):

2017-06-12  Alex Christensen  <achristensen@webkit.org>

        Modernize UserScript.h
        https://bugs.webkit.org/show_bug.cgi?id=173273

        Reviewed by Tim Horton.

        No change in behavior. Moved encoders to UserScript.h. Use more Rvalues.

        * page/UserScript.h:
        (WebCore::UserScript::UserScript):
        (WebCore::UserScript::encode):
        (WebCore::UserScript::decode):

2017-06-12  Aaron Chu  <aaron_chu@apple.com>

        AX: Video/Audio Player Controls missing group container.
        https://bugs.webkit.org/show_bug.cgi?id=171790
        <rdar://problem/32008994>

        Reviewed by Antoine Quint.

        Added aria-label to group controls in media controls.

        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/modern-media-controls/controls/controls-bar.js:
        * Modules/modern-media-controls/controls/inline-media-controls.js:
        (InlineMediaControls):
        (InlineMediaControls.prototype.set shouldUseAudioLayout):
        (InlineMediaControls.prototype._updateBottomControlsBarLabel):

2017-06-12  Basuke Suzuki  <Basuke.Suzuki@sony.com>

        [Curl] Use SynchronousLoaderClient for platformLoadResourceSynchronously on WinCairo
        https://bugs.webkit.org/show_bug.cgi?id=173195

        Reviewed by Alex Christensen.

        * PlatformWinCairo.cmake:
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::platformLoadResourceSynchronously):
        * platform/network/curl/SynchronousLoaderClientCurl.cpp: Added.
        (WebCore::SynchronousLoaderClient::didReceiveAuthenticationChallenge):
        (WebCore::SynchronousLoaderClient::platformBadResponseError):

2017-06-12  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] If a capturing tab is muted while it is in the background, it can not be unmuted
        https://bugs.webkit.org/show_bug.cgi?id=173268
        <rdar://problem/32259809>

        Reviewed by Jer Noble.

        No new tests, tested manually.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::startProducingData): Mute the private stream if page capture is muted.
        (WebCore::MediaStream::mediaState): Set new interrupted state.

        * dom/Document.cpp:
        (WebCore::Document::notifyMediaCaptureOfVisibilityChanged): Don't track "muted for visibility"
        state, let the source center deal with it.
        * dom/Document.h:

        * page/MediaProducer.h: Add bits for interrupted audio and video capture.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::RealtimeMediaSource): Drive-by fix: delete m_suppressNotifications,
        it isn't used.
        (WebCore::RealtimeMediaSource::setInterrupted): New. Mute capture when an interruption begins,
        and unmute when it ends in an unmuted page.
        (WebCore::RealtimeMediaSource::setMuted): Do not unmute if interrupted.
        (WebCore::RealtimeMediaSource::settingsDidChange): Don't check m_suppressNotifications, it is
        never set.
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::setVideoCapturePageState): Renamed from 
        setVideoCaptureMutedForPageVisibility.
        (WebCore::RealtimeMediaSourceCenter::setVideoCaptureMutedForPageVisibility): Deleted.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::stopProducingData): Clear m_interruption because the session
        has been deleted, so we will never get an "end interruption" notification.
        (WebCore::AVMediaCaptureSource::captureSessionIsRunningDidChange): Don't return early if
        the muted state needs to be updated.
        (WebCore::AVMediaCaptureSource::captureSessionEndInterruption): Return early if the session
        has been cleared.
        (WebCore::AVMediaCaptureSource::interrupted): New.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSourceFactory::setVideoCapturePageState): Renamed from 
        setVideoCaptureMutedForPageVisibility.
        (WebCore::AVVideoCaptureSourceFactory::setVideoCaptureMutedForPageVisibility): Deleted.

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSourceFactory::setVideoCapturePageState): Ditto.
        (WebCore::MockRealtimeVideoSourceFactory::setVideoCaptureMutedForPageVisibility): Deleted.

2017-06-12  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Remove experimental feature flag of SubtleCrypto
        https://bugs.webkit.org/show_bug.cgi?id=173197
        <rdar://problem/32688148>

        Reviewed by Brent Fulgham.

        The SubtleCrypto implementation is no longer experimental and is ready for production use. We are therefore removing the runtime flag.

        No tests.

        * page/Crypto.idl:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setSubtleCryptoEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::subtleCryptoEnabled): Deleted.

2017-06-12  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Allow the injected bundle to add client data when writing an image to the pasteboard
        https://bugs.webkit.org/show_bug.cgi?id=173238
        <rdar://problem/31943370>

        Reviewed by Ryosuke Niwa and Tim Horton.

        Add clientTypes and clientData to PasteboardImage, and call out to the injected bundle using
        getClientPasteboardDataForRange when writing a PasteboardImage. When generating item providers for dragging in
        the UI process in PlatformPasteboard, add any available client data as representations to the initialization
        list used to set the WebItemProviderPasteboard.

        Test: DataInteraction.InjectedBundleImageElementData

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::writeImageToPasteboard):
        * platform/Pasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::writeObjectRepresentations):

2017-06-12  Sam Weinig  <sam@webkit.org>

        [WebIDL] Re-implement GetOwnPropertySlot[ByIndex] generation to more closely follow WebIDL
        https://bugs.webkit.org/show_bug.cgi?id=173229

        Reviewed by Chris Dumez.

        * WebCore.xcodeproj/project.pbxproj:
        * CMakeLists.txt:
        * bindings/js/JSBindingsAllInOne.cpp:
        Remove JSHTMLFrameSetElementCustom.cpp which is no longer needed.

        * bindings/js/JSDOMAbstractOperations.h:
        (WebCore::isVisibleNamedProperty):
        Add OverrideBuiltins enum as requested by a previous review (and I forgot address) and adopt it
        in isVisibleNamedProperty, switch to VMInquiry as we use elsewhere and add a missing FIXME.

        (WebCore::accessVisibleNamedProperty):
        Add variation of isVisibleNamedProperty that takes a functor and returns either the value the
        functor returns, or std::nullopt. This allows getOwnPropertySlot to avoid doing two lookups for
        property, once in the named property visibility algorithm and again when it needs the value.

        * bindings/js/JSDOMWindowBase.cpp:
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSDOMWindowShell.cpp:
        * bindings/js/JSDOMWindowShell.h:
        Standardize toJS functions to match generated code (have one that takes a reference, and does the
        cast, and one that takes a pointer, does a null check and calls the one that takes a reference).
        
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):.
        Update to use the implementation namedItem (which is also used by the generated getOwnPropertySlotByIndex)
        and match the updated bindings rules. This cannot yet be generated due to the odd case of the 'open'
        property requiring custom treatment. I tried removing this, but it cause tests to fail in a way that indicated
        that accessing the lexical global object in the open implementation was not working correctly.

        * bindings/js/JSHTMLFrameSetElementCustom.cpp: Removed.
        Now generated.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateIndexedGetter):
        Add description from the spec and change to return the computed values rather than
        print them to the output array. This will be useful for some clients going forward,
        who only want the attributes.

        (GenerateNamedGetter):
        Add description from the spec and change to return the computed values rather than
        print them to the output array. This will be useful for some clients going forward,
        who only want the attributes. Also greatly simplifies things as [CustomNamedGetter]s
        are no longer needed/supported and the exception / null value checks are performed
        elsewhere.

        (GenerateNamedGetterLambda):
        This generates a lambda functor for use in accessVisibleNamedProperty(...). It
        handles calling the named getter implementation, and transforming the result into
        an one that can be reasoned about by accessVisibleNamedProperty, specifically,
        converting it from using IDL's notion of nullability to std::optional. 

        (GenerateGetOwnPropertySlot):
        (GenerateGetOwnPropertySlotByIndex):
        Add spec annotations and use helper functions. 

        (GenerateGetOwnPropertyNames):
        Add FIXME about supporting non-contiguous indices (should that ever come up)
        and use JSObject explicitly, rather than base, to get the default getOwnPropertyNames
        implementation.

        (GeneratePut):
        Use JSObject explicitly, rather than base, to get the default put implementation.

        (GeneratePutByIndex):
        Use JSObject explicitly, rather than base, to get the default putByIndex implementation.

        (GenerateDefineOwnProperty):
        Use JSObject explicitly, rather than base, to get the default getOwnPropertySlot/defineOwnProperty
        implementations.

        (GenerateDeletePropertyCommon):
        Adopt new OverrideBuiltins enum.

        (GenerateDeletePropertyDefinition):
        Use JSObject explicitly, rather than base, to get the default deleteProperty implementation.

        (GenerateDeletePropertyByIndexDefinition):
        Use JSObject explicitly, rather than base, to get the default deletePropertyByIndex implementation.

        (InstanceOverridesGetOwnPropertySlot):
        Remove [CustomNamedGetter] use.
 
        (GenerateHeader):
        Remove [CustomNamedGetter] use and merge InstanceOverridesGetOwnPropertySlotByIndex into
        InstanceOverridesGetOwnPropertySlot. Specifying either [CustomGetOwnPropertySlot] or
        [CustomGetOwnPropertySlotByIndex] will now declare both hooks.
        
        (GenerateImplementation):
        Rename GenerateGetOwnPropertySlotBody/GenerateGetOwnPropertySlotByIndexBody to remove the 'Body',
        and predicate their generation purely on InstanceOverridesGetOwnPropertySlot as noted for the 
        reasons above.

        (GenerateGetOwnPropertySlotBody): Deleted.
        (GenerateGetOwnPropertySlotBodyByIndex): Deleted.
        (InstanceOverridesGetOwnPropertySlotByIndex): Deleted.

        * bindings/scripts/IDLAttributes.json:
        Remove [CustomNamedGetter].

        * dom/ExceptionOr.h:
        (WebCore::ExceptionOr<ReturnType>::returnValue):
        Add a function to peek at the return value

        * html/HTMLDocument.h:
        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::clear):
        (WebCore::HTMLDocument::captureEvents):
        (WebCore::HTMLDocument::releaseEvents):
        Move clear up to be with the other obsolete no-op functions. Add spec annotations
        to clear up any confusion about why they are no-ops.

        (WebCore::HTMLDocument::namedItem):
        Add implementation of namedItem based on the one that was in JSDOMHTMLDocumentCustom.cpp.

        (WebCore::HTMLDocument::supportedPropertyNames):
        Add stub version of supportedPropertyNames with the algorithm we need to implement.
        I don't want to change behavior in this patch, and since we have not enumerated the
        properties of document in the past, I left this unimplemented for now.

        * html/HTMLDocument.idl:
        Remove [CustomNamedGetter] and add named getter.

        * html/HTMLFrameSetElement.h:
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::namedItem):
        Add named getter based on the implementation in JSHTMLFrameSetElementCustom.cpp.

        (WebCore::HTMLFrameSetElement::supportedPropertyNames):
        As noted above, I don't want to change behavior with this change, so I have left this unimplemented
        for now. However, we may not want to implement it at all, as this named getter is not specified and
        at least Firefox does not support it.

        * html/HTMLFrameSetElement.idl:
        Remove [CustomNamedGetter] and add named getter.

        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        Update test results.

        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Removed.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: Removed.
        * bindings/scripts/test/TestCustomNamedGetter.idl: Removed.
        Remove test of [CustomNamedGetter] which no longer exists. 

2017-06-12  Wenson Hsieh  <wenson_hsieh@apple.com>

        WebItemProviderPasteboard should call its completion block immediately after a synchronous load
        https://bugs.webkit.org/show_bug.cgi?id=173225
        <rdar://problem/32713144>

        Reviewed by Tim Horton.

        Ensures that a completion block passed to doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout: will be
        invoked immediately, if a synchronous timeout is specified and loading finishes before the synchronous timeout
        is reached. To do this, we first factor out the completion logic into a new block. If the synchronous timeout
        exists and dispatch_group_wait returns 0 (indicating that the dispatch group finished without hitting the
        wait timeout) we simply invoke the block and return early; otherwise, we will register the completion block
        using dispatch_group_notify.

        Test: DataInteractionTests.WebItemProviderPasteboardLoading

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):

2017-06-12  Jeremy Jones  <jeremyj@apple.com>

        WebAVPlayerController minTime and maxTime should be calculated properties to provide correct values when streaming.
        https://bugs.webkit.org/show_bug.cgi?id=173193
        rdar://problem/32684807

        Reviewed by Jer Noble.

        No new tests because no affect on the DOM. This only affects properties consumed to AVKit.

        -minTime and -maxTime should be calculated properties so they supply the exptected values to AVKit while streaming.

        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController maxTime]):
        (+[WebAVPlayerController keyPathsForValuesAffectingMaxTime]):
        (-[WebAVPlayerController minTime]):
        (+[WebAVPlayerController keyPathsForValuesAffectingMinTime]):
        (-[WebAVPlayerController resetMediaState]):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm:
        (WebCore::WebPlaybackSessionInterfaceAVKit::durationChanged):

2017-06-12  Chris Dumez  <cdumez@apple.com>

        Call _sqlite3_purgeEligiblePagerCacheMemory() on memory pressure only if sqlite is initialized
        https://bugs.webkit.org/show_bug.cgi?id=173264

        Reviewed by Ryosuke Niwa.

        Call _sqlite3_purgeEligiblePagerCacheMemory() on memory pressure only if sqlite is initialized.
        Otherwise, not only is it no needed, it is also potentially unsafe.

        * page/MemoryRelease.cpp:
        (WebCore::registerSQLiteMemoryPressureHandler):
        * page/MemoryRelease.h:
        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::platformReleaseMemory):
        (WebCore::registerSQLiteMemoryPressureHandler):
        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::initializeSQLiteIfNecessary):

2017-06-12  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Use utility functions in CryptoKeyEC, CryptoKeyRSA
        https://bugs.webkit.org/show_bug.cgi?id=173253

        Reviewed by Michael Catanzaro.

        Use the utility functions from the GCryptUtilities.h header instead
        of writing the same code in both CryptoKeyEC and CryptoKeyRSA
        implementations. The switches are straightforward, the only difference
        is that the GCryptUtilities functions return a std::optional<> object,
        meaning we have to address possibly invalid return value.

        The mpiData() function is overloaded, making it possible to pass to it
        either a gcry_sexp_t or gcry_mpi_t object. Additionally, mpiLength()
        function is added, overloading again for gcry_sexp_t and gcry_mpi_t.
        This function is used from mpiData() as well as in CryptoKeyRSA when
        retrieving the RSA modulus length.

        No new tests -- no changes in behavior.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::CryptoKeyEC::platformExportRaw):
        (WebCore::CryptoKeyEC::platformAddFieldElements):
        (WebCore::extractMPIData): Deleted.
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::getRSAModulusLength):
        (WebCore::getRSAKeyParameter):
        (WebCore::CryptoKeyRSA::exportData):
        (WebCore::getParameterMPIData): Deleted.
        * crypto/gcrypt/GCryptUtilities.h:
        (WebCore::mpiLength):
        (WebCore::mpiData):

2017-06-09  Ryosuke Niwa  <rniwa@webkit.org>

        didMoveToNewDocument doesn't get called on an Attr inside a shadow tree
        https://bugs.webkit.org/show_bug.cgi?id=173133

        Reviewed by Antti Koivisto.

        The bug was caused by moveShadowTreeToNewDocument never calling didMoveToNewDocument on Attr nodes.
        Fixed the bug by using the same traversal code as moveTreeToNewScope in moveShadowTreeToNewDocument
        by extracting the traversal code as a templatized traverseSubtreeToUpdateTreeScope.

        Also removed the code to increment the DOM tree version in moveTreeToNewScope. This code was there
        to invalidate the HTML collection caches which used to clear the cache whenever the DOM tree version
        changed before r122621 (five years ago! by me). Since we now eagerly invalidate each node list and
        HTML collection's caches via NodeListsNodeData::adoptTreeScope and NodeListsNodeData::adoptDocument.

        Test: fast/dom/adopt-attr-with-shadow-tree.html

        * dom/Node.cpp:
        (WebCore::moveNodeToNewDocument): Assert that the node had been adopted to a new document.
        (WebCore::traverseSubtreeToUpdateTreeScope): Extracted from moveTreeToNewScope.
        (WebCore::moveShadowTreeToNewDocument): Use traverseSubtreeToUpdateTreeScope to adopt each node
        to the new document.
        (WebCore::Node::moveTreeToNewScope): See above.
        * testing/Internals.cpp:
        (WebCore::Internals::referencingNodeCount): Added. Used in the newly added regression test.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-11  Dan Bernstein  <mitz@apple.com>

        [Mac] Unaligned pointers in static CMBufferCallbacks structs defined in WebCoreDecompressionSession.mm
        https://bugs.webkit.org/show_bug.cgi?id=173245

        Reviewed by Sam Weinig.

        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::enqueueSample): Prepend 4 bytes of padding to the
          structs so that the pointers are properly aligned.

2017-06-11  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r217870): Null deref under PageOverlayController::uninstallPageOverlay using find in page
        https://bugs.webkit.org/show_bug.cgi?id=173196
        <rdar://problem/32686871>

        Reviewed by Simon Fraser.

        * page/TextIndicator.cpp:
        (WebCore::initializeIndicator):
        * page/TextIndicator.h:
        The change in r217870 had an expected but not thought-through side-effect
        that you cannot create a TextIndicator for far-off-screen elements. This
        is a problem for find-in-page, which uses TextIndicator to paint the yellow
        highlight before scrolling it into view.

        Bring back TextIndicatorOptionDoNotClipToVisibleRect and revert to it for
        find in page, since it needs different behavior than something like
        drag and drop, which always operates on content near the visible viewport.

2017-06-10  Dan Bernstein  <mitz@apple.com>

        Reverted r218056 because it made the IDE reindex constantly.

        * Configurations/DebugRelease.xcconfig:

2017-06-10  Dan Bernstein  <mitz@apple.com>

        [Xcode] With Xcode 9 developer beta, everything rebuilds when switching between command-line and IDE
        https://bugs.webkit.org/show_bug.cgi?id=173223

        Reviewed by Sam Weinig.

        The rebuilds were happening due to a difference in the compiler options that the IDE and
        xcodebuild were specifying. Only the IDE was passing the -index-store-path option. To make
        xcodebuild pass that option, too, set CLANG_INDEX_STORE_ENABLE to YES if it is unset, and
        specify an appropriate path in CLANG_INDEX_STORE_PATH.

        * Configurations/DebugRelease.xcconfig:

2017-06-10  Dan Bernstein  <mitz@apple.com>

        [macOS] REGRESSION: Link drag images blend into the background in Sierra and earlier
        https://bugs.webkit.org/show_bug.cgi?id=172933
        <rdar://problem/32580649>

        Reviewed by Tim Horton.

        * platform/mac/DragImageMac.mm:
        (WebCore::createDragImageForLink): When targeting macOS Sierra and earlier, give the link
          drag image a drop shadow that resembles the one that macOS High Sierra applies to drag
          image layers.

2017-06-10  Andy Estes  <aestes@apple.com>

        [QuickLook] PreviewLoader needs to check if its ResourceLoader has reached the terminal state before calling didReceiveResponse() and friends
        https://bugs.webkit.org/show_bug.cgi?id=173190
        <rdar://problem/31360659>

        Reviewed by Brady Eidson.

        WebPreviewLoader's SubresourceLoader can reach a terminal state while data is loading from
        QLPreviewConverter (the user can cancel, for instance). We can't call functions like
        didReceiveResponse() in this state, because the loader no longer points to a CachedResource,
        leading to null pointer dereferences.

        Fix this in WebPreviewLoader by checking if the SubresourceLoader is in a terminal state
        before calling didReceiveResponse(), didReceiveData(), didFinishLoading(), and didFail().

        Fixes web process crashes in the QuickLook.CancelNavigationAfterResponse API test.

        * loader/ios/PreviewLoader.mm:
        (-[WebPreviewLoader _sendDidReceiveResponseIfNecessary]):
        (-[WebPreviewLoader connection:didReceiveData:lengthReceived:]):
        (-[WebPreviewLoader connectionDidFinishLoading:]):
        (-[WebPreviewLoader connection:didFailWithError:]):

2017-06-09  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in indexeddb code
        https://bugs.webkit.org/show_bug.cgi?id=173198

        Reviewed by Sam Weinig.

        Use WTF::Function instead of std::function in indexeddb code to avoid copying.

        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::getAllDatabaseNames):
        * Modules/indexeddb/IDBFactory.h:
        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::getAllDatabaseNames):
        * Modules/indexeddb/client/IDBConnectionProxy.h:
        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::getAllDatabaseNames):
        * Modules/indexeddb/client/IDBConnectionToServer.h:
        * Modules/indexeddb/client/TransactionOperation.h:
        (WebCore::IDBClient::TransactionOperation::doComplete):
        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince):
        (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::storeCallbackOrFireError):
        (WebCore::IDBServer::UniqueIDBDatabase::createObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::renameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::clearObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::createIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::renameIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::putOrAdd):
        (WebCore::IDBServer::UniqueIDBDatabase::getRecord):
        (WebCore::IDBServer::UniqueIDBDatabase::getAllRecords):
        (WebCore::IDBServer::UniqueIDBDatabase::getCount):
        (WebCore::IDBServer::UniqueIDBDatabase::deleteRecord):
        (WebCore::IDBServer::UniqueIDBDatabase::openCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::iterateCursor):
        (WebCore::IDBServer::UniqueIDBDatabase::commitTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::abortTransaction):
        (WebCore::IDBServer::UniqueIDBDatabase::activateTransactionInBackingStore):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

2017-06-09  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::seekableTimeRangesLastModifiedTime):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::liveUpdateInterval):

2017-06-09  Yoav Weiss  <yoav@yoav.ws>

        [preload] Fix builds with ENABLE_VIDEO_TRACK set to false
        https://bugs.webkit.org/show_bug.cgi?id=173221

        Reviewed by Chris Dumez.

        https://bugs.webkit.org/show_bug.cgi?id=173047 introduced a build error for builds with video track support disabled.
        This fixes that build issue.

        No new tests since there's no functional change.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::as):

2017-06-09  Ryosuke Niwa  <rniwa@webkit.org>

        IsInShadowTreeFlag does not get updated for a non-container node
        https://bugs.webkit.org/show_bug.cgi?id=173084

        Address Darin's review comment.

        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::notifyNodeInsertedIntoDocument):
        (WebCore::notifyNodeInsertedIntoTree):
        (WebCore::notifyNodeRemovedFromDocument):

2017-06-09  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/spi/mac/AVFoundationSPI.h:

2017-06-09  Brady Eidson  <beidson@apple.com>

        Crash when IndexedDB's getAll is used inside a Web Worker.
        https://bugs.webkit.org/show_bug.cgi?id=172434

        Reviewed by Andy Estes.

        Test: storage/indexeddb/modern/worker-getall.html

        * Modules/indexeddb/IDBGetAllResult.cpp:
        (WebCore::IDBGetAllResult::IDBGetAllResult): Add an isolated-copying constructor.
        (WebCore::IDBGetAllResult::isolatedCopy):
        * Modules/indexeddb/IDBGetAllResult.h:
        
        * Modules/indexeddb/shared/IDBResultData.cpp:
        (WebCore::IDBResultData::isolatedCopy): Actually copy the IDBGetAllResult.

2017-06-09  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix Mac build after r218039.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::loadDataURL):
        * platform/network/DataURLDecoder.h:

2017-06-09  Chris Dumez  <cdumez@apple.com>

        Use WTF::Function instead of std::function in DataURLDecoder
        https://bugs.webkit.org/show_bug.cgi?id=173194

        Reviewed by Sam Weinig.

        Use WTF::Function instead of std::function in DataURLDecoder to avoid copying.

        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::DecodeTask::DecodeTask):
        (WebCore::DataURLDecoder::createDecodeTask):
        * platform/network/DataURLDecoder.h:

2017-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Image should clear its ImageObserver* when CachedImage releases the last reference to its RefCounted<ImageObserver>
        https://bugs.webkit.org/show_bug.cgi?id=173077

        Reviewed by Simon Fraser.

        Before dereferencing ImageObserver, CachedImage::clearImage() should check
        whether it is the only object that holds a reference to this ImageObserver.
        And if this is true, m_image have to clear its raw pointer to the deleted
        ImageObserver by calling m_image->setImageObserver(nullptr).

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::setBodyDataFrom):
        (WebCore::CachedImage::CachedImageObserver::CachedImageObserver):
        (WebCore::CachedImage::clearImage):
        * loader/cache/CachedImage.h:

2017-06-09  Daniel Bates  <dabates@apple.com>

        Attempt to fix layout test failures following <https://trac.webkit.org/changeset/218028/webkit>
        (https://bugs.webkit.org/show_bug.cgi?id=158121)
        <rdar://problem/26012994>

        For now, if we do not have a frame then consider the document a secure context. One way this can happen
        is the page accesses a frame that was removed from the document as demonstrated by the test:
        fast/dom/Window/property-access-on-cached-window-after-frame-removed.html. Treating a frameless
        document as a secure context also matches Blink's implementation:
        <https://chromium.googlesource.com/chromium/src/+/fc202b2b1174f5732f7b9e63a6c46fd01ac2be02/third_party/WebKit/Source/core/dom/Document.cpp#4079>.

        * dom/Document.cpp:
        (WebCore::Document::isSecureContext):

2017-06-09  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r218003.

        This change caused assertion failures in existing LayoutTests.

        Reverted changeset:

        "Image should clear its ImageObserver* when CachedImage
        releases the last reference to its RefCounted<ImageObserver>"
        https://bugs.webkit.org/show_bug.cgi?id=173077
        http://trac.webkit.org/changeset/218003

2017-06-09  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Remove unsupported CryptoAlgorithmIdentifier
        https://bugs.webkit.org/show_bug.cgi?id=173128
        <rdar://problem/32666826>

        Reviewed by Brent Fulgham.

        This patch remove AES_CMAC, DH and CONCAT as they are not implemented and not recommended
        by the spec. Hence there is no plan to support them in short term.

        No change of behaviour.

        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForEncrypt):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDecrypt):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForSign):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForVerify):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDigest):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForGenerateKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveBits):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForExportKey):
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::normalizeCryptoAlgorithmParameters):
        (WebCore::supportExportKeyThrow):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::write):
        (WebCore::CloneDeserializer::read):
        * crypto/CryptoAlgorithmIdentifier.h:
        * crypto/keys/CryptoKeyAES.cpp:
        (WebCore::CryptoKeyAES::isValidAESAlgorithm):

2017-06-09  Daniel Bates  <dabates@apple.com>

        Implement W3C Secure Contexts Draft Specification
        https://bugs.webkit.org/show_bug.cgi?id=158121
        <rdar://problem/26012994>

        Reviewed by Alex Christensen.

        Part 2

        Implements the Secure Contexts spec., <https://w3c.github.io/webappsec-secure-contexts/> (Editor's
        Draft, 17 November 2016) except for the allow-secure-context sandbox flag and restrictions on window.opener
        as the former is at risk of being dropped from the specification and the latter is being discussed in
        <https://github.com/w3c/webappsec-secure-contexts/issues/42>. We are not making use of the Secure
        Contexts functionality at the moment. We will make use of it in a subsequent commit.

        * dom/Document.cpp:
        (WebCore::Document::isSecureContext): Added,
        * dom/Document.h:
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::isSecureContext): Deleted; moved to class SecurityContext.
        * dom/SecurityContext.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::isSecureContext): Added.
        * page/DOMWindow.h:
        * page/SecurityOrigin.cpp:
        (WebCore::isLoopbackIPAddress): Convenience function to determine whether the host portion
        of the specified URL is a valid loopback address.
        (WebCore::shouldTreatAsPotentionallyTrustworthy): Implements the "Is origin potentially trustworthy?"
        algorithm from the Secure Context specification.
        (WebCore::SecurityOrigin::SecurityOrigin): Compute whether this origin is potentially trustworthy.
        Also, use C++ brace initialization syntax in member initialization list.
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::isPotentionallyTrustworthy): Added.
        * page/WindowOrWorkerGlobalScope.idl: Expose attribute isSecureContext. Fix style nit; remove
        period from a comment that is not meant to be a complete sentence.
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::isSecureContext): Added.
        * workers/WorkerGlobalScope.h:

2017-06-09  Daniel Bates  <dabates@apple.com>

        Implement W3C Secure Contexts Draft Specification
        https://bugs.webkit.org/show_bug.cgi?id=158121
        <rdar://problem/26012994>

        Reviewed by Chris Dumez.

        Part 1

        Teach the bindings code generator to generate a runtime check for an interface, attribute or
        function annotated with the extended attribute [SecureContext]. For now, the runtime check
        (ScriptExecutionContext::isSecureContext()) always returns true. We will flesh out the
        implementation of this runtime check in a subsequent commit.

        * bindings/scripts/CodeGeneratorJS.pm:
        (NeedsRuntimeCheck):
        (GenerateRuntimeEnableConditionalString):
        Generate a runtime check for an interface, attribute, or function that is annotated with
        the extended attribute [SecureContext].

        * bindings/scripts/IDLAttributes.json: Update JSON now that we support SecureContext.
        * bindings/scripts/preprocess-idls.pl:
        (GenerateConstructorAttributes): Add the SecureContext extended attribute to a constructor,
        if applicable.

        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
        (WebCore::IDLAttribute<JSTestGenerateIsReachable>::cast):
        (WebCore::jsTestGenerateIsReachableASecretAttributeGetter):
        (WebCore::jsTestGenerateIsReachableASecretAttribute):
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        (WebCore::JSTestGlobalObject::finishCreation):
        (WebCore::jsTestGlobalObjectInstanceFunctionCalculateSecretResultBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionCalculateSecretResult):
        (WebCore::jsTestGlobalObjectInstanceFunctionGetSecretBooleanBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionGetSecretBoolean):
        (WebCore::jsTestGlobalObjectInstanceFunctionTestFeatureGetSecretBooleanBody):
        (WebCore::jsTestGlobalObjectInstanceFunctionTestFeatureGetSecretBoolean):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNodePrototype::finishCreation):
        (WebCore::jsTestNodePrototypeFunctionCalculateSecretResultBody):
        (WebCore::jsTestNodePrototypeFunctionCalculateSecretResult):
        (WebCore::jsTestNodePrototypeFunctionGetSecretBooleanBody):
        (WebCore::jsTestNodePrototypeFunctionGetSecretBoolean):
        (WebCore::jsTestNodePrototypeFunctionTestFeatureGetSecretBooleanBody):
        (WebCore::jsTestNodePrototypeFunctionTestFeatureGetSecretBoolean):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjPrototype::finishCreation):
        (WebCore::jsTestObjPrototypeFunctionCalculateSecretResultBody):
        (WebCore::jsTestObjPrototypeFunctionCalculateSecretResult):
        (WebCore::jsTestObjPrototypeFunctionGetSecretBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionGetSecretBoolean):
        (WebCore::jsTestObjPrototypeFunctionTestFeatureGetSecretBooleanBody):
        (WebCore::jsTestObjPrototypeFunctionTestFeatureGetSecretBoolean):
        Update expected results.

        * bindings/scripts/test/TestGenerateIsReachable.idl:
        * bindings/scripts/test/TestGlobalObject.idl:
        * bindings/scripts/test/TestNode.idl:
        * bindings/scripts/test/TestObj.idl:
        Add test cases.

        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::isSecureContext): Added. For now, always returns true.
        We will implement this function in a subsequent commit.

2017-06-09  Jer Noble  <jer.noble@apple.com>

        Media elements are allowed to continue to load media data after navigation
        https://bugs.webkit.org/show_bug.cgi?id=173179

        Reviewed by Eric Carlson.

        Deny media sessions the ability to load media data when suspended.  

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::isSuspended):
        * Modules/webaudio/AudioContext.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isSuspended):
        * html/HTMLMediaElement.h:
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::isSuspended):
        * platform/audio/PlatformMediaSession.h:
        (WebCore::PlatformMediaSessionClient::isSuspended):
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia):

2017-06-09  Daniel Bates  <dabates@apple.com>

        CSP: Apply img-src directive to favicon loads
        https://bugs.webkit.org/show_bug.cgi?id=172733
        <rdar://problem/32082654>

        Reviewed by Brady Eidson.

        Differentiate favicon requests from raw resources requests so that we can apply the Content
        Security Policy to favicon requests.

        Tests: http/tests/security/contentSecurityPolicy/allow-favicon.html
               http/tests/security/contentSecurityPolicy/block-favicon.html

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent): Keep our current behavior and treat a
        favicon resource analogous to a raw resource.
        (WebCore::InspectorPageAgent::cachedResourceType): Ditto.
        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient): Now that we differentiate between a favicon
        and a raw resource we add favicons to the list of unsupported <link as="..."> types. This
        makes the list of handled request destination types more closely match the list of valid types
        documented in <https://fetch.spec.whatwg.org/#concept-request-destination> (24 May 2017).
        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType): Keep our current behavior and treat a favicon resource analogous
        to a raw resource.
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded): Ditto.
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::CachedRawResource): Update for renaming.
        * loader/cache/CachedRawResource.h:
        (isType): Ditto.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::defaultPriorityForResourceType): Keep our current behavior and treat
        a favicon resource analogous to a raw resource.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::isMainOrMediaOrFaviconOrRawResource): Renamed; formerly named isMainOrMediaOrRawResource.
        Also return true if the this resource is a favicon.
        (WebCore::CachedResource::ignoreForRequestCount): Keep our current behavior and treat a
        favicon resource analogous to a raw resource.
        (WebCore::CachedResource::isMainOrMediaOrRawResource): Deleted; renamed to isMainOrMediaOrFaviconOrRawResource.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource): Keep our current behavior and treat a favicon resource analogous
        to a raw resource.
        (WebCore::CachedResourceLoader::requestFavicon): Added.
        (WebCore::contentTypeFromResourceType): Keep our current behavior and treat a favicon
        resource analogous to a raw resource.
        (WebCore::CachedResourceLoader::checkInsecureContent): Ditto.
        (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy): Check if the favicon is
        allowed by the CSP of the page.
        (WebCore::CachedResourceLoader::determineRevalidationPolicy): Update for renaming.
        * loader/cache/CachedResourceLoader.h:
        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::startLoading): Substitute call CachedResourceLoader::requestFavicon() for CachedResourceLoader::requestRawResource()
        and remove comment about ContentSecurityPolicyImposition::DoPolicyCheck being a placeholder. This is no longer the
        case. This resource request option is now meaningful as we want to apply the CSP of the page with respect to the
        request for the favicon.

2017-06-09  Wenson Hsieh  <wenson_hsieh@apple.com>

        [iOS DnD] Add a hook to perform two-step drops in editable content
        https://bugs.webkit.org/show_bug.cgi?id=172992
        <rdar://problem/32590174>

        Reviewed by Tim Horton.

        Adds hooks in DragController::concludeEditDrag to give the client layer a chance to perform custom handling when
        dropping in editable content.
        Tests:  DataInteractionTests.InjectedBundleOverridePerformTwoStepDrop
                DataInteractionTests.InjectedBundleAllowPerformTwoStepDrop

        * loader/EmptyClients.cpp:
        * page/DragController.cpp:
        (WebCore::DragController::concludeEditDrag):
        * page/EditorClient.h:

2017-06-09  Matthew Hanson  <matthew_hanson@apple.com>

        Revert r217955. rdar://problem/21125708

2017-06-06 Konstantin Tokarev  <annulen@yandex.ru>

        [MediaFoundation] Volume controls of different media elements should be independent
        https://bugs.webkit.org/show_bug.cgi?id=172967

        Based on patch by Vitaly Slobodin <vitaliy.slobodin@gmail.com>
        Reviewed by Alex Christensen.

        IMFSimpleAudioVolume interface controls master volume of the
        application. We should use IMFAudioStreamVolume interface instead.

        No new tests needed.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerPrivateMediaFoundation):
        (WebCore::MediaPlayerPrivateMediaFoundation::setAllChannelVolumes):
        (WebCore::MediaPlayerPrivateMediaFoundation::setVolume):
        (WebCore::MediaPlayerPrivateMediaFoundation::setMuted):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2017-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Image should clear its ImageObserver* when CachedImage releases the last reference to its RefCounted<ImageObserver>
        https://bugs.webkit.org/show_bug.cgi?id=173077

        Reviewed by Simon Fraser.

        Before dereferencing ImageObserver, CachedImage::clearImage() should check
        whether it is the only object that holds a reference to this ImageObserver.
        And if this is true, m_image have to clear its raw pointer to the deleted
        ImageObserver by calling m_image->setImageObserver(nullptr).

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::setBodyDataFrom):
        (WebCore::CachedImage::CachedImageObserver::CachedImageObserver):
        (WebCore::CachedImage::clearImage):
        * loader/cache/CachedImage.h:

2017-06-09  Frederic Wang  <fwang@igalia.com>

        Add flag allow-popups-to-escape-sandbox to iframe sandbox
        https://bugs.webkit.org/show_bug.cgi?id=158875

        Reviewed by Chris Dumez.

        This patch adds support for the iframe@allow-popups-to-escape-sandbox attribute.
        This allows to pass more W3C Web Platform tests.

        Tests: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-1.html
               imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_popups_escaping-2.html

        * dom/SecurityContext.cpp: Add allow-popups-to-escape-sandbox flag.
        (WebCore::SecurityContext::isSupportedSandboxPolicy):
        (WebCore::SecurityContext::parseSandboxPolicy):
        * dom/SecurityContext.h: Ditto.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy): Do not force sandbox flags when we have allow-popups-to-escape-sandbox.
        (WebCore::createWindow): Ditto.

2017-06-09  Jer Noble  <jer.noble@apple.com>

        [iOS] Video occasionally mixes with other system audio instead of interrupting
        https://bugs.webkit.org/show_bug.cgi?id=173127

        Reviewed by Eric Carlson.

        Tests: platform/mac/audio-session-category-video-track-change.html

        When an HTMLMediaElement's tracks change their enabled state, make sure to update
        the PlatformMediaElement, for canProduceAudio() may have changed. 

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged):
        * platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
        (PlatformMediaSessionManager::updateSessionState):

        The rest of the changes in this revision are to allow the above to be testable.

        * page/Settings.cpp:
        * page/Settings.h:
        * platform/audio/AudioSession.h:
        * platform/audio/mac/AudioSessionMac.cpp:
        (WebCore::AudioSession::category):
        (WebCore::AudioSession::setCategory):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setShouldManageAudioSessionCategory):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:
        * testing/Internals.cpp:
        (WebCore::Internals::audioSessionCategory):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-09  Chris Dumez  <cdumez@apple.com>

        CSS transitions added while page is not visible do not start when the page becomes visible
        https://bugs.webkit.org/show_bug.cgi?id=173166
        <rdar://problem/32250351>

        Reviewed by Darin Adler.

        CSS transitions added while page is not visible would not start when the page becomes
        visible. The issue was that when CompositeAnimation::updateTransitions() was called
        while the page is hidden (and animations are therefore suspended), it would not
        populate m_transations with ImplicitAnimation objects. We would therefore have later
        no transitions to resume when the page becomes visible later on. This patch updates
        CompositeAnimation::updateTransitions() to properly populate m_transitions and instead
        pause the ImplicitAnimation it creates if animations are currently suspended. This
        behavior is more consistent with the one of CompositeAnimation::updateKeyframeAnimations().

        I also needed to update ImplicitAnimation::animate() to not restart a paused animation
        if the animation is currently paused. This is similar to what is done in
        KeyframeAnimation::animate(). Without this, the paused ImplicitAnimation we add to
        m_transition would incorrectly get unpaused while the page is still hidden and the
        animations are still supposed to be suspended. This issue was showing when running the
        test I am adding in this patch.

        Test: fast/animation/css-animation-resuming-when-visible.html

        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateTransitions):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::animate):
        (WebCore::ImplicitAnimation::reset):
        * page/animation/ImplicitAnimation.h:

2017-06-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, Use FALLTHROUGH

        * loader/LinkLoader.cpp:
        (WebCore::createLinkPreloadResourceClient):

2017-06-09  Eric Carlson  <eric.carlson@apple.com>

        fast/mediastream/MediaStream-page-muted.html times out and asserts
        https://bugs.webkit.org/show_bug.cgi?id=170355
        <rdar://problem/31376041>

        MediaStream and MediaStreamTrack need to prevent JS wrapper collection while it is possible
        to fire an event or event listeners won't be notified.

        Reviewed by Chris Dumez.

        Test: fast/mediastream/media-stream-wrapper-collected.html

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream): Initialize ActiveDOMObject.
        (WebCore::MediaStream::stop): New.
        (WebCore::MediaStream::activeDOMObjectName): Ditto.
        (WebCore::MediaStream::canSuspendForDocumentSuspension): Ditto.
        (WebCore::MediaStream::hasPendingActivity): Ditto, prevent collection if there
        are registered event listeners.
        (WebCore::MediaStream::contextDestroyed): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStream.idl:

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::hasPendingActivity): Prevent collection if there
        are registered event listeners.
        * Modules/mediastream/MediaStreamTrack.h:

        * testing/Internals.cpp:
        (WebCore::Internals::removeMediaStreamTrack): stream.removeTrack doesn't generate a 'removetrack'
        event, so call private method that does.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-09  Daewoong Jang  <daewoong.jang@navercorp.com>

        [cURL] Remove a call to Windows API
        https://bugs.webkit.org/show_bug.cgi?id=172079

        Reviewed by Yusuke Suzuki.

        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::moveFileToDestination):
        * platform/win/FileSystemWin.cpp:
        (WebCore::moveFile):

2017-06-09  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Fix alpha premultiplying when using cairo to draw the video frames
        https://bugs.webkit.org/show_bug.cgi?id=173097

        Reviewed by Carlos Garcia Campos.

        We need to premultiply alpha when creating a cairo surface from a GStreamer video frame, if the frame
        has an alpha component. Currently this is wrongly done in VideoSinkGStreamer, as it assumes that every
        frame is going to be rendered with cairo, which is not the case when using accelerated compositing.
        The premultiply must happen inside ImageGStreamerCairo, which is where we know that the frame is
        going to be rendered with cairo, and where the premultiply can be performed when gstreamer-gl is
        enabled as well.

        Covered by existent tests.

        * platform/graphics/gstreamer/ImageGStreamerCairo.cpp:
        (ImageGStreamer::ImageGStreamer):
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (webkitVideoSinkRequestRender):

2017-06-09  Zan Dobersek  <zdobersek@igalia.com>

        [WPE] Enable ENCRYPTED_MEDIA for build-webkit builds
        https://bugs.webkit.org/show_bug.cgi?id=173103

        Reviewed by Xabier Rodriguez-Calvar.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::getSupportedCapabilitiesForAudioVideoType):
        Pass the ParsedContentType's mime type string to the explicit ContentType
        constructor and assign that to the MediaEngineSupportParameters' type
        member.

2017-06-08  Ryosuke Niwa  <rniwa@webkit.org>

        Move TreeScope::adoptIfNeeded to Node and rename it to setTreeScopeRecursively
        https://bugs.webkit.org/show_bug.cgi?id=173129

        Reviewed by Antti Koivisto.

        Renamed TreeScope::adoptIfNeeded to setTreeScopeRecursively and moved to Node.

        The old name was really confusing because due to the existence of Document::adoptNode, a DOM API,
        which removes the adopted node from its parent if there was one before adopting the node.
        Most confusingly, this function called TreeScope::adoptIfNeeded.

        Also inlined the tree scope check to avoid calling to moveTreeToNewScope when there is nothing to do.

        This patch effectively reverts r104528.

        No new tests. Existing tests cover this.

        * dom/Attr.cpp:
        (WebCore::Attr::detachFromElementWithValue):
        (WebCore::Attr::attachToElement):
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::takeAllChildrenFrom):
        (WebCore::ContainerNode::insertBefore):
        (WebCore::ContainerNode::replaceChild):
        (WebCore::ContainerNode::removeBetween):
        (WebCore::ContainerNode::replaceAllChildren):
        (WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck):
        (WebCore::ContainerNode::parserAppendChild):
        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::addChildNodesToDeletionQueue):
        * dom/Document.cpp:
        (WebCore::Document::adoptNode):
        * dom/Element.cpp:
        (WebCore::Element::ensureAttr):
        * dom/Node.cpp:
        (WebCore::DidMoveToNewDocumentAssertionScope): Added. The old assertion wasn't sufficient when
        HTMLTemplateElement made a recursive call to setTreeScopeRecursively.
        (WebCore::DidMoveToNewDocumentAssertionScope::DidMoveToNewDocumentAssertionScope):
        (WebCore::DidMoveToNewDocumentAssertionScope::~DidMoveToNewDocumentAssertionScope):
        (WebCore::DidMoveToNewDocumentAssertionScope::didRecieveCall):
        (WebCore::moveNodeToNewDocument): Moved from TreeScope. Calls to incrementReferencingNodeCount
        and decrementReferencingNodeCount to Node::didMoveToNewDocument. This function is now eliminated
        in a release build.
        (WebCore::moveShadowTreeToNewDocument): Moved from TreeScope.
        (WebCore::Node::moveTreeToNewScope): Ditto.
        (WebCore::Node::didMoveToNewDocument): See the description for moveNodeToNewDocument above.
        * dom/Node.h:
        (WebCore::Node::isParsingChildrenFinished): Moved to avoid having its own protected section.
        (WebCore::Node::setIsParsingChildrenFinished): Ditto.
        (WebCore::Node::clearIsParsingChildrenFinished): Ditto.
        (WebCore::Node::setTreeScopeRecursively): Moved from TreeScope::adoptIfNeeded.
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::~ShadowRoot):
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::adoptIfNeeded): Deleted.
        (WebCore::TreeScope::moveTreeToNewScope): Deleted.
        (WebCore::TreeScope::ensureDidMoveToNewDocumentWasCalled): Deleted.
        (WebCore::TreeScope::moveNodeToNewDocument): Deleted.
        (WebCore::TreeScope::moveShadowTreeToNewDocument): Deleted.
        * dom/TreeScope.h:
        * html/HTMLTemplateElement.cpp:
        (WebCore::HTMLTemplateElement::didMoveToNewDocument):

2017-06-09  Adrien Plazas  <aplazas@igalia.com>

        [GTK] Add kinetic scrolling
        https://bugs.webkit.org/show_bug.cgi?id=155750

        Reviewed by Carlos Garcia Campos.

        Patch by Adrien Plazas and Yusuke Suzuki.

        Add the ScrollAnimationKinetic scrolling animation allowing to perform momentum scrolling; it is based on GTK+'s
        GtkKineticScrolling type.

        Add the notion of phase, momentum phase and swipe velocity to PlatformWheelEvent.

        Depending on whether the scrolling ended normally or triggered a swipe, the scroll animator will either compute
        the swipe velocity from the previous scrolling events or use the one from the swipe gesture to initiate the
        momentum scrolling.

        * PlatformGTK.cmake:
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::setHasPreciseScrollingDeltas):
        (WebCore::PlatformWheelEvent::phase):
        (WebCore::PlatformWheelEvent::momentumPhase):
        (WebCore::PlatformWheelEvent::isTransitioningToMomentumScroll):
        * platform/ScrollAnimation.h:
        (WebCore::ScrollAnimation::scroll):
        (WebCore::ScrollAnimation::updateVisibleLengths):
        (WebCore::ScrollAnimation::setCurrentPosition):
        * platform/ScrollAnimationKinetic.cpp: Added.
        (WebCore::ScrollAnimationKinetic::PerAxisData::PerAxisData):
        (WebCore::ScrollAnimationKinetic::PerAxisData::animateScroll):
        (WebCore::ScrollAnimationKinetic::ScrollAnimationKinetic):
        (WebCore::ScrollAnimationKinetic::~ScrollAnimationKinetic):
        (WebCore::ScrollAnimationKinetic::stop):
        (WebCore::ScrollAnimationKinetic::start):
        (WebCore::ScrollAnimationKinetic::animationTimerFired):
        * platform/ScrollAnimationKinetic.h: Copied from Source/WebCore/platform/ScrollAnimation.h.
        * platform/gtk/PlatformWheelEventGtk.cpp:
        (WebCore::PlatformWheelEvent::PlatformWheelEvent):
        (WebCore::PlatformWheelEvent::swipeVelocity):
        * platform/gtk/ScrollAnimatorGtk.cpp:
        (WebCore::ScrollAnimatorGtk::ScrollAnimatorGtk):
        (WebCore::ScrollAnimatorGtk::ensureSmoothScrollingAnimation):
        (WebCore::ScrollAnimatorGtk::scroll):
        (WebCore::ScrollAnimatorGtk::scrollToOffsetWithoutAnimation):
        (WebCore::ScrollAnimatorGtk::computeVelocity):
        (WebCore::ScrollAnimatorGtk::handleWheelEvent):
        (WebCore::ScrollAnimatorGtk::willEndLiveResize):
        (WebCore::ScrollAnimatorGtk::updatePosition):
        (WebCore::ScrollAnimatorGtk::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorGtk::didAddHorizontalScrollbar):
        * platform/gtk/ScrollAnimatorGtk.h:

2017-06-09  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] ECDSA signing results can be smaller than the EC key size
        https://bugs.webkit.org/show_bug.cgi?id=171535

        Reviewed by Jiewen Tan.

        The libgcrypt-based implementation of the ECDSA signing operation does not
        properly address the resulting `r` and `s` integers that do not potentially
        match the EC key in terms of size.

        To address that, the retrieved MPI data for both integers is handled depending
        on the size of said data. Strictly requiring an amount of bytes that matches
        the key data size N, we simply take the last N bytes if the MPI data is equal
        or larger than N in size. If smaller, we first append enough zero bytes to the
        output Vector object before attaching the MPI data in whole so that the amount
        of appended bytes matches N.

        No new tests -- covers an implementation detail that is not trivial to test,
        but can rely sufficiently on existing tests.

        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:
        (WebCore::extractECDSASignatureInteger):
        (WebCore::gcryptSign):

2017-06-09  Daewoong Jang  <daewoong.jang@navercorp.com>

        Reduce compiler warnings
        https://bugs.webkit.org/show_bug.cgi?id=172078

        Reviewed by Yusuke Suzuki.

        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::addMatchingCurlCookie):
        (WebCore::getHostnamesWithCookies):
        (WebCore::deleteCookiesForHostnames):
        (WebCore::deleteCookiesForHostname): Deleted.
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownloadManager::downloadThread):
        (WebCore::CurlDownload::didReceiveHeader):
        * platform/network/curl/CurlDownload.h:
        (WebCore::CurlDownloadListener::didReceiveDataOfLength):
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::WebCoreSynchronousLoader::didReceiveResponse):
        (WebCore::ResourceHandle::platformLoadResourceSynchronously):
        * platform/network/curl/SocketStreamHandleImplCurl.cpp:
        (WebCore::createCopy):
        (WebCore::SocketStreamHandleImpl::readData):

2017-06-09  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [GStreamer][EME] Remove the legacy code that was not even official and is deprecated
        https://bugs.webkit.org/show_bug.cgi?id=173096

        Reviewed by Žan Doberšek.

        We are removing the LEGACY_ENCRYPTED_MEDIA code that we was not
        official, is deprecated and we are not planning to support it
        anymore in any way.

        This also helps implementing current ENCRYPTED_MEDIA in a cleaner
        way.

        * platform/GStreamer.cmake:
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        * platform/graphics/gstreamer/GStreamerUtilities.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::registerWebKitGStreamerElements):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
        (WebCore::extractEventsAndSystemsFromMessage): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::needKey): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::setCDMSession): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::keyAdded): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::receivedGenerateKeyRequest): Deleted.
        (WebCore::keySystemIdToUuid): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::createSession): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::dispatchDecryptionKey): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
        * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.h:
        * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
        * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h:
        * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
        (WebCore::AppendPipeline::AppendPipeline):
        (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
        (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
        (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
        (WebCore::appendPipelineElementMessageCallback): Deleted.
        (WebCore::AppendPipeline::dispatchPendingDecryptionKey): Deleted.
        (WebCore::AppendPipeline::dispatchDecryptionKey): Deleted.
        (WebCore::AppendPipeline::handleElementMessage): Deleted.
        * platform/graphics/gstreamer/mse/AppendPipeline.h:
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::dispatchDecryptionKey): Deleted.
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

2017-06-09  Aaron Chu  <aaron_chu@apple.com>

        AX: Media Controls: Missing labels for the Time Labels.
        https://bugs.webkit.org/show_bug.cgi?id=171715
        <rdar://problem/32009214>

        Reviewed by Antoine Quint.

        Added aria-label to describe time labels in media controls.

        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.set inputAccessibleLabel):
        (Slider.prototype._formatTime): Deleted.
        * Modules/modern-media-controls/controls/time-label.js:
        (TimeLabel.prototype.commitProperty):
        * Modules/modern-media-controls/main.js:
        (formatTimeToString):

2017-06-08  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix unused parameter warning after r217955.

        * platform/graphics/FontFamilySpecificationNull.h:
        (WebCore::FontFamilySpecificationNull::fontRanges):

2017-06-08  Yoav Weiss  <yoav@yoav.ws>

        [preload] Mandatory `as` value and related spec alignments
        https://bugs.webkit.org/show_bug.cgi?id=173047

        Reviewed by Dean Jackson.

        Align preload's implementation according to latest spec changes: `as` is mandatory and "fetch" replaces the previous empty `as` value,
        onerror no longer fires for invalid `as` values, and the IDL for `as` reflects only valid values, to enable feature detection.

        Related standard discussions:
        https://github.com/w3c/preload/issues/80
        https://github.com/whatwg/fetch/pull/547
        https://github.com/whatwg/fetch/pull/549
        https://github.com/whatwg/html/pull/2588

        No new tests but modified existing ones as well as their expectations.

        * html/HTMLLinkElement.cpp: Add "enumerated attribute" reflection methods to `as`.
        (WebCore::HTMLLinkElement::setAs):
        (WebCore::HTMLLinkElement::as):
        * html/HTMLLinkElement.h:
        * html/HTMLLinkElement.idl:
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): preloadIfNeeded signature change.
        (WebCore::LinkLoader::resourceTypeFromAsAttribute): Replace the empty value by "fetch".
        (WebCore::LinkLoader::preloadIfNeeded): Change the signature, as a LinkLoaderClient is no longer needed, since we don't fire error
        events from inside the function.
        (WebCore::LinkLoader::loadLink): preloadIfNeeded signature change.
        * loader/LinkLoader.h: preloadIfNeeded signature change.

2017-06-08  Chris Dumez  <cdumez@apple.com>

        [iOS] LowPowerModeNotifier notifies client on non-main thread
        https://bugs.webkit.org/show_bug.cgi?id=173115
        <rdar://problem/32644703>

        Reviewed by Ryosuke Niwa.

        Update iOS's implementation of the LowPowerModeNotifier to make sure
        we notify the client of low power mode changes on the main thread.

        * platform/ios/LowPowerModeNotifierIOS.mm:
        (-[WebLowPowerModeObserver _didReceiveLowPowerModeChange]):

2017-06-08  Ryosuke Niwa  <rniwa@webkit.org>

        Crash inside InsertNodeBeforeCommand via InsertParagraphSeparatorCommand
        https://bugs.webkit.org/show_bug.cgi?id=173085
        <rdar://problem/32575059>

        Reviewed by Wenson Hsieh.

        The crash was caused by the condition to check for special cases failing when visiblePos is null.
        Exit early in these extreme cases.

        Also replaced the use of deprecatedNode and deprecatedEditingOffset to modern idioms.

        Test: editing/inserting/insert-horizontal-rule-in-empty-document-crash.html

        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):

2017-06-08  Ryosuke Niwa  <rniwa@webkit.org>

        The tree scope of an Attr node inside a shadow tree does not updated upon detach.
        https://bugs.webkit.org/show_bug.cgi?id=173122

        Reviewed by Chris Dumez.

        The crash was caused by the tree scope of an Attr detached from an element inside a shadow root
        not getting updated.

        Test: fast/dom/detaching-attr-node-in-shadow-tree-crash.html

        * dom/Attr.cpp:
        (WebCore::Attr::~Attr): Added assertions.
        (WebCore::Attr::detachFromElementWithValue): Fixed the bug by adopting Attr to Document.
        (WebCore::Attr::attachToElement): Moved the adoptIfNeeded call here from attachAttributeNodeIfNeeded.
        * dom/Element.cpp:
        (WebCore::Element::attachAttributeNodeIfNeeded):

2017-06-08  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Expand system-ui to include every item in the Core Text cascade list
        https://bugs.webkit.org/show_bug.cgi?id=173043
        <rdar://problem/21125708>

        Reviewed by Simon Fraser.

        The concept of the system font on Cocoa platforms represents the entire Core Text cascade list.
        However, previously, WebKit only represented system-ui by pulling out the first item in the Core
        Text cascade list. Instead, we should make all text rendered with "system-ui" match what the
        platform would natively render.

        Previously, we walked through the strings in the font-family property and looked them up one by
        one. However, now we want to abstract this idea of a font family to possibly hold a
        CTFontDescriptorRef instead of a string. This way, we expand a font-family list of ["fontA",
        "system-ui", "fontB"] to ["fontA", ... a bunch of CTFontDescriptorRefs ..., "FontB"]. We can
        then modify the consumer of this object to have two codepaths: the old string-based codepath,
        and a new, platform-specific codepath which simply embeds the CTFontDesriptorRefs inside a Font
        object.

        We don't want to simply pull out the family name from each item in the Core Text fallback list
        because that is a lossy translation. There is more information in these font descriptors which
        cannot be represented by CSS. Therefore, we must keep the descriptors alive and add the new
        codepath for them.

        We also don't want to run the CSS font matching algorithm on each member of the Core Text
        fallback list because it may yield different results from Core Text's font matching algorithm.
        Our goal is to draw text as closely as possible to the system APIs. If we ran it, we may find
        a font which is closer to the requested traits, but it would look out of place on the system.

        Tests: fast/text/system-font-fallback-emoji.html
               fast/text/system-font-fallback.html

        * WebCore.xcodeproj/project.pbxproj:
        * page/MemoryRelease.cpp:
        (WebCore::releaseNoncriticalMemory):
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::realizeNextFallback): The consumer of our new data type. Now uses WTF::visit().
        (WebCore::FontCascadeFonts::realizeFallbackRangesAt): Now that the number of items to test
        against the current character is larger than the number of strings in the font-family list,
        we need to update the existing code to use the correct value.
        * platform/graphics/FontDescription.cpp: Default implementation for non-Cocoa ports.
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount):
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/FontDescription.h: Our new data type is a Variant of AtomicString and a
        platform-specific class. Cocoa uses a class that holds a CTFontDescriptorRef and other ports
        use an empty non-constructable class.
        * platform/graphics/FontFamilySpecificationNull.h: Added. The empty non-constructable
        class.
        (WebCore::FontFamilySpecificationNull::fontRanges):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::platformInit): Changing the system language will change the system font
        fallback list, so we need to listen to this notification. This also matters for
        FontCache::systemFallbackForCharacters(), so we should build off the same callback we are
        already using for font installation.
        (WebCore::invalidateFontCache):
        * platform/graphics/cocoa/FontDescriptionCocoa.cpp: Added. The platform-specific creation of
        our CTFontDescriptorRefs. We hold them cached in a SystemFontDatabase.
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::CoreTextCascadeListParameters):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::isHashTableDeletedValue):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::operator==):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParameters::hash):
        (WebCore::SystemFontDatabase::singleton):
        (WebCore::SystemFontDatabase::systemFontCascadeList):
        (WebCore::SystemFontDatabase::clear):
        (WebCore::SystemFontDatabase::SystemFontDatabase):
        (WebCore::SystemFontDatabase::applyWeightAndItalics):
        (WebCore::SystemFontDatabase::computeCascadeList):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::hash):
        (WebCore::SystemFontDatabase::CoreTextCascadeListParametersHash::equal):
        (WebCore::isSystemFontString):
        (WebCore::systemFontParameters):
        (WebCore::FontDescription::invalidateCaches):
        (WebCore::FontCascadeDescription::effectiveFamilyCount): We don't store the result of this
        because it would probably be a bad idea to increase the size of every single FontCascade just
        in case it might ask for the system font. Most fonts never mention system-ui. Because it's so
        rare, we can just recalculate the result of this as necessary. This shouldn't be slow because
        the results are cached.
        (WebCore::FontCascadeDescription::effectiveFamilyAt):
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp: Added.
        (WebCore::FontFamilySpecificationCoreText::fontRanges): Create a FontRanges from a
        CTFontDescriptorRef.
        * platform/graphics/cocoa/FontFamilySpecificationCoreText.h: Added.
        (WebCore::FontFamilySpecificationCoreText::FontFamilySpecificationCoreText):
        * platform/graphics/ios/FontCacheIOS.mm: Delete the old handling for system-ui.
        (WebCore::platformFontWithFamilySpecialCase):
        (WebCore::baseSystemFontDescriptor): Deleted.
        (WebCore::systemFontModificationAttributes): Deleted.
        (WebCore::systemFontDescriptor): Deleted.
        * platform/graphics/mac/FontCacheMac.mm: Ditto.
        (WebCore::platformFontWithFamilySpecialCase):
        (WebCore::toNSFontWeight): Deleted.

2017-06-08  Chris Dumez  <cdumez@apple.com>

        Update Timer to take a WTF::Function instead of a std::function
        https://bugs.webkit.org/show_bug.cgi?id=173113

        Reviewed by Brady Eidson.

        Update Timer to take a WTF::Function instead of a std::function as we prefer
        to use WTF::Function in WebKit.

        * platform/GenericTaskQueue.cpp:
        (WebCore::TaskDispatcher<Timer>::sharedTimer):
        * platform/Timer.h:
        (WebCore::Timer::Timer):
        (WebCore::DeferrableOneShotTimer::DeferrableOneShotTimer):

2017-06-08  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [WebRTC] enableMockMediaEndpoint() is only used for the OpenWebRTC backend.
        https://bugs.webkit.org/show_bug.cgi?id=173108

        Reviewed by Eric Carlson.

        Covered by existing tests.

        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::enableMockMediaEndpoint):
        * testing/Internals.h:

2017-06-08  Antoine Quint  <graouts@apple.com>

        [iOS] Buttons in top-left and bottom media controls bar are positioned too high
        https://bugs.webkit.org/show_bug.cgi?id=173111
        <rdar://problem/32650615>

        Reviewed by Jon Lee.

        Test: media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-button-padding.html

        Since we use flex box to vertically center buttons in a buttons container, there is no
        need to offset the button due to padding in the y-axis.

        * Modules/modern-media-controls/controls/buttons-container.css:
        (.ios .buttons-container button):

2017-06-08  Jeremy Jones  <jeremyj@apple.com>

        Implement additional AVPlayerController interfaces for minTime and maxTime.
        https://bugs.webkit.org/show_bug.cgi?id=172396
        rdar://problem/30737452

        Reviewed by Jer Noble.

        No new tests because no change to DOM.

        Add support for new HLS UI in AVKit.

        This adds new properties (seekableTimeRangesLastModifiedTime, liveUpdateInterval, minTiming, maxTiming) to WebAVPlayerController.
        Plumb these properties from AVPlayer up to AVKit.

        Switch WebPlaybackSessionModelMediaElement from updating seekableRangesChanged using timeupdate event to using progress event.

        Enable progress events on iOS.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::loadResource):
        (WebCore::HTMLMediaElement::seekableTimeRangesLastModifiedTime):
        (WebCore::HTMLMediaElement::liveUpdateInterval):
        * html/HTMLMediaElement.h:
        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::seekableRangesChanged):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::updateForEventName):
        (WebCore::WebPlaybackSessionModelMediaElement::observedEventNames):
        (WebCore::WebPlaybackSessionModelMediaElement::seekableTimeRangesLastModifiedTime):
        (WebCore::WebPlaybackSessionModelMediaElement::liveUpdateInterval):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::seekableTimeRangesLastModifiedTime):
        (WebCore::MediaPlayer::liveUpdateInterval):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::seekableTimeRangesLastModifiedTime):
        (WebCore::MediaPlayerPrivateInterface::liveUpdateInterval):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::seekableTimeRangesLastModifiedTime):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::liveUpdateInterval):
        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController init]):
        (-[WebAVPlayerController dealloc]):
        (-[WebAVPlayerController observeValueForKeyPath:ofObject:change:context:]):
        (-[WebAVPlayerController updateMinMaxTiming]):
        (-[WebAVPlayerController hasSeekableLiveStreamingContent]):
        (+[WebAVPlayerController keyPathsForValuesAffectingHasSeekableLiveStreamingContent]):
        (-[WebAVPlayerController resetMediaState]):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.h:
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm:
        (WebCore::WebPlaybackSessionInterfaceAVKit::WebPlaybackSessionInterfaceAVKit):
        (WebCore::WebPlaybackSessionInterfaceAVKit::resetMediaState):
        (WebCore::WebPlaybackSessionInterfaceAVKit::seekableRangesChanged):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::seekableRangesChanged):
        (WebVideoFullscreenControllerContext::seekableTimeRangesLastModifiedTime):
        (WebVideoFullscreenControllerContext::liveUpdateInterval):
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::seekableRangesChanged):
        * platform/spi/cocoa/AVKitSPI.h:
        * platform/spi/mac/AVFoundationSPI.h:

2017-06-07  Dave Hyatt  <hyatt@apple.com>

        Laili restaurant menu page does not display full menu
        https://bugs.webkit.org/show_bug.cgi?id=173062
        rdar://problem/32436486

        Reviewed by Simon Fraser.

        Percentage heights inside auto containing blocks were handled correctly by
        hasReplacedLogicalHeight, which checked hasAutoHeightOrContainingBlockWithAutoHeight
        properly. min-max-height were not handled properly though and need to do the same check.
        
        There is also now a quirk for iBooks to preserve the old behavior, since they depend
        on the old behavior to constrain the height of images to a page.

        Test: fast/replaced/max-height-percent-inside-auto-block.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::replacedMinMaxLogicalHeightComputesAsNone):
        Add a new helper that resolves min and max logical height values to none for
        replaced elements with percentage min/max heights inside auto containing blocks.

        (WebCore::RenderBox::computeReplacedLogicalHeightRespectingMinMaxHeight):
        Change the min/max-height constraint function for replaced elements to call the
        new helper function.

        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.h:
        Move a function from private to protected so that RenderBox can access it.

2017-06-08  Tim Horton  <timothy_horton@apple.com>

        Add a borderless mode to <attachment>, and make it respect its layout size
        https://bugs.webkit.org/show_bug.cgi?id=173079
        <rdar://problem/32491584>

        Reviewed by Simon Fraser.

        Tests: fast/attachment/attachment-borderless.html
               fast/attachment/attachment-respects-css-size.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSValueKeywords.in:
        * platform/ThemeTypes.h:
        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::shouldDrawBorder):
        * rendering/RenderAttachment.h:
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::paint):
        Add "-webkit-appearance: borderless-attachment;" in addition to "attachment",
        so clients can specify the borderless appearance. This isn't specified as a
        CSS border because it's a very custom appearance that isn't achievable that way.

        * rendering/RenderThemeIOS.mm:
        (WebCore::AttachmentInfo::AttachmentInfo):
        Use the layout size of the attachment, not the fixed size; we use the fixed
        size as our intrinsic size, so most attachments will still be that size,
        but if a client specifies a different size, we'll lay out correctly.

2017-06-08  Jer Noble  <jer.noble@apple.com>

        YouTube audio stutters when page changes visibility.
        https://bugs.webkit.org/show_bug.cgi?id=173102

        Reviewed by Eric Carlson.

        Don't change renderers when the visibility changes; only use the decompression session
        when we were explicitly asked to paint into an accelerated surface.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):

2017-06-08  Jer Noble  <jer.noble@apple.com>

        Clients of the WK2 C-API don't have their mediaContentTypesRequiringHardwareSupport setting initialized correctly.
        https://bugs.webkit.org/show_bug.cgi?id=173091

        Reviewed by Eric Carlson.

        Add a new default setting value, defined separately in Settings and SettingsCocoa.

        * page/Settings.cpp:
        (WebCore::Settings::defaultMediaContentTypesRequiringHardwareSupport):
        * page/Settings.h:
        * page/cocoa/SettingsCocoa.mm:
        (WebCore::Settings::defaultMediaContentTypesRequiringHardwareSupport):

2017-06-08  Jer Noble  <jer.noble@apple.com>

        Take the mediaContentTypesRequiringHardwareSupport Setting into account when answering HTMLMediaElement::canPlayType()
        https://bugs.webkit.org/show_bug.cgi?id=173092

        Reviewed by Eric Carlson.

        Pass the value of mediaContentTypesRequiringHardwareSupport into the MediaPlayer when querying canPlayType().
        Then, use the existing code in AVAssetTrackUtilities to know whether to bail out early from the codec check.

        Drive-by fix: FourCC was converting String -> FourCC in reverse.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::canPlayType):
        * platform/graphics/FourCC.cpp:
        (WebCore::FourCC::fromString):
        * platform/graphics/avfoundation/objc/AVAssetTrackUtilities.h:
        * platform/graphics/avfoundation/objc/AVAssetTrackUtilities.mm:
        (WebCore::contentTypesToCodecs):
        (WebCore::codecsMeetHardwareDecodeRequirements):
        (WebCore::contentTypeMeetsHardwareDecodeRequirements):
        (WebCore::assetTrackMeetsHardwareDecodeRequirements):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType):

2017-06-08  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: !m_isolatedWorld->isNormal() || m_wrapper || !m_jsFunction on webrtc/ephemeral-certificates-and-cnames.html
        https://bugs.webkit.org/show_bug.cgi?id=173039
        <rdar://problem/32600412>

        Reviewed by Youenn Fablet.

        RTCPeerConnection was an ActiveDOMObject but failed to override ActiveDOMObject::hasPendingActivity()
        to make sure its JS wrapper stays alive as long as it needs to. In this patch, we override
        ActiveDOMObject::hasPendingActivity() and have it return true if !m_isStopped. I believe this is
        the right thing to do to keep the wrapper alive as long as the connection is not closed.
        RTCPeerConnection::close() closes the connection and then posts a task to call
        RTCPeerConnection::doStop(), setting m_isStopped to true.

        No new tests, already covered by webrtc/ephemeral-certificates-and-cnames.html which
        was a flaky crash.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::canSuspendForDocumentSuspension):
        (WebCore::RTCPeerConnection::hasPendingActivity):
        * Modules/mediastream/RTCPeerConnection.h:

2017-06-08  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE][GSTREAMER_GL] Change the colorspace used by the video frames provided by GStreamer
        https://bugs.webkit.org/show_bug.cgi?id=173050

        Reviewed by Žan Doberšek.

        We are currently requesting RGBA as the color format of the video frames to gstreamer. This is a problem
        because when those frames are rendered with the CPU, the R and B components are swapped as cairo expects
        ARGB and GStreamer delivers ABGR.

        In order to fix this without performing color conversions on the CPU, what we do is change the format
        used by GStreamer for the video frames. We do that taking into account the endianness used. So with
        little endian we will use BGRx or BGRA and with big endian xRGB or ARGB. Thanks to this, when downloading
        the frames to the CPU they will automatically be turned into the ARGB expected by cairo. Also, when
        rendering the frames using OpenGL, we indicate that the color space needs to be converted to the RGBA
        expected by the destination texture (but this color conversion is performed by the GPU so there's no
        penalty).

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
        (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
        (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
        (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSinkGL):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::updateColorConversionMatrix):
        (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.h:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::colorSpaceMatrixForFlags):
        * platform/graphics/texmap/TextureMapperGL.h:

2017-06-07  Ryosuke Niwa  <rniwa@webkit.org>

        IsInShadowTreeFlag does not get updated for a non-container node
        https://bugs.webkit.org/show_bug.cgi?id=173084

        Reviewed by Antti Koivisto.

        insertedInto and removedFrom were only called on ContainerNode nodes when they're not connected to a document.
        As a result IsInShadowTreeFlag could have gotten out-of-date when a node was inserted or removed from a shadow root
        which is not connected to a document.

        Fixed this inconsistency by always falling insertedInto and removedFrom on all nodes.

        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::notifyNodeInsertedIntoDocument): Merged notifyDescendantInsertedIntoDocument. Now takes a Node instead
        of a ContainerNode.
        (WebCore::notifyNodeInsertedIntoTree): Merged notifyDescendantInsertedIntoTree. Now takes a Node instead of
        a ContainerNode.
        (WebCore::notifyChildNodeInserted): Always call notifyNodeInsertedIntoTree on an inserted node.
        (WebCore::notifyNodeRemovedFromDocument): Now takes a Node instead of a ContainerNode.
        (WebCore::notifyNodeRemovedFromTree): Ditto.
        (WebCore::notifyChildNodeRemoved): Always call notifyNodeRemovedFromTree on an inserted node.
        (WebCore::addChildNodesToDeletionQueue): Directly call adoptIfNeeded on document() since onwerDocument() only returns
        nullptr on a Document node but this function is never called on a root node and Document can only be a root node.
        Also assert that a node not put into the deletion queue is no longer in a document or a shadow tree.

        * dom/Node.cpp:
        (WebCore::Node::insertedInto): Removed the assertion that's no longer true.
        (WebCore::Node::removedFrom): Ditto.

2017-06-07  Carlos Garcia Campos  <cgarcia@igalia.com>

        [WPE] Enable resource usage
        https://bugs.webkit.org/show_bug.cgi?id=173054

        Reviewed by Žan Doberšek.

        Add resource usage linux files to the compilation.

        * PlatformWPE.cmake:

2017-06-07  Jer Noble  <jer.noble@apple.com>

        [Web Audio] createScriptProcessor throws IndexSizeError for valid arguments
        https://bugs.webkit.org/show_bug.cgi?id=173022

        Reviewed by Sam Weinig.

        Updated test: webaudio/javascriptaudionode.html

        The Web Audio spec (<https://webaudio.github.io/web-audio-api/>, 06 June 2017) defines a default behavior when
        clients pass in a value of 0 for bufferSize to the createScriptProcessor() method.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createScriptProcessor):
        * Modules/webaudio/AudioContext.idl:
        * Modules/webaudio/ScriptProcessorNode.cpp:
        (WebCore::ScriptProcessorNode::create):
        * Modules/webaudio/ScriptProcessorNode.h:

2017-06-07  Chris Dumez  <cdumez@apple.com>

        CSSStyleRule.style / CSSPageRule.style / CSSKeyframeRule.style should be settable
        https://bugs.webkit.org/show_bug.cgi?id=164537
        <rdar://problem/29181773>

        Reviewed by Sam Weinig.

        CSSStyleRule.style / CSSPageRule.style / CSSKeyframeRule.style should be settable
        as per:
        - https://drafts.csswg.org/cssom/#the-cssstylerule-interface
        - https://drafts.csswg.org/cssom/#the-csspagerule-interface
        - https://drafts.csswg.org/css-animations/#interface-csskeyframerule

        Tests:
        http/wpt/cssom/CSSPageRule.html
        imported/w3c/web-platform-tests/cssom/CSSKeyframeRule.html
        imported/w3c/web-platform-tests/cssom/CSSStyleRule.html
        imported/w3c/web-platform-tests/cssom/interfaces.html

        * css/CSSKeyframeRule.idl:
        * css/CSSPageRule.idl:
        * css/CSSStyleRule.idl:

2017-06-07  Sam Weinig  <sam@webkit.org>

        [WebIDL] Split up attribute generation to match operation generation
        https://bugs.webkit.org/show_bug.cgi?id=173072

        Reviewed by Chris Dumez.

        * bindings/js/JSDOMAttribute.h:
        (WebCore::IDLAttribute::setStatic):
        (WebCore::IDLAttribute::getStatic):
        Add static variants of get/set matching the one in IDLOperation.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GetFullyQualifiedImplementationCallName):
        Factor out duplicate code to compute the qualified name for a function call.

        (AddAdditionalArgumentsForImplementationCall):
        Factor out duplicate code to compute the some standard arguments for a function
        call. We may want to merge this with GenerateCallWith.

        (GenerateHeader):
        Update for new signature of HasCustom... subroutines.
        
        (GenerateImplementation):
        Pass @implContent to more helper generators to continue propagating the idiom.

        (GenerateAttributeGetterBodyDefinition):
        (GenerateAttributeGetterTrampolineDefinition):
        (GenerateAttributeGetterDefinition):
        (GenerateAttributeSetterBodyDefinition):
        (GenerateAttributeSetterTrampolineDefinition):
        (GenerateAttributeSetterDefinition):
        Split attribute getter and setter generation up by having separate subroutines 
        to generate the trampoline and body. Also, make all attributes, even static ones
        use a trampoline to simplify the code. Static attributes got through a no-op 
        trampoline, that gets compiled away. Also adopt GetFullyQualifiedImplementationCallName
        and AddAdditionalArgumentsForImplementationCall to reduce duplication.

        (GenerateOperationBodyDefinition):
        (GenerateOperationDefinition):
        Adopt $outputArray idiom and adopt GetFullyQualifiedImplementationCallName
        and AddAdditionalArgumentsForImplementationCall to reduce duplication

        (GenerateParametersCheck):
        Adopt GetFullyQualifiedImplementationCallName and AddAdditionalArgumentsForImplementationCall 
        to reduce duplication.

        (HasCustomGetter):
        (HasCustomSetter):
        (HasCustomMethod):
        Convert HasCustom... subroutines to take an IDLAttribute rather than the extended
        attributes, matching other predicates

        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

2017-06-07  Youenn Fablet  <youenn@apple.com>

        RTCTrackEvent.track should be found in RTCTrackEvent.streams[0]
        https://bugs.webkit.org/show_bug.cgi?id=173074

        Reviewed by Eric Carlson.

        Covered by updated test.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::addTrackFromPlatform):

2017-06-07  Devin Rousso  <drousso@apple.com>

        Web Inspector: Add ContextMenu item to log WebSocket object to console
        https://bugs.webkit.org/show_bug.cgi?id=172878

        Reviewed by Joseph Pecoraro.

        Test: http/tests/websocket/tests/hybi/inspector/resolveWebSocket.html

        * inspector/InspectorNetworkAgent.h:
        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::InspectorNetworkAgent):
        (WebCore::InspectorNetworkAgent::webSocketForRequestId):
        (WebCore::webSocketAsScriptValue):
        (WebCore::InspectorNetworkAgent::resolveWebSocket):
        Loops over the static allActiveWebSockets to find one with the given requestId. If found, it
        will create a RemoteObject wrapper for it and send it back to the inspector.

2017-06-07  Devin Rousso  <drousso@apple.com>

        Web Inspector: Allow user to choose stylesheet when creating new rules
        https://bugs.webkit.org/show_bug.cgi?id=172487

        Reviewed by Joseph Pecoraro.

        New test: inspector/css/add-rule.html

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::addRule):
        Reparse the content when a new rule is added to a non-inspector origin stylesheet.

2017-06-07  Youenn Fablet  <youenn@apple.com>

        getUserMedia is prompting too often
        https://bugs.webkit.org/show_bug.cgi?id=172859
        <rdar://problem/32589950>

        Reviewed by Eric Carlson.

        Tests: fast/mediastream/getUserMedia-grant-persistency-reload.html
               fast/mediastream/getUserMedia-grant-persistency.html

        * loader/FrameLoaderClient.h:
        * page/Frame.cpp:
        (WebCore::Frame::setDocument): Allows notifying of change of main frame document.
        UIProcess will use that to remove unneeded previously granted gum permission.

2017-06-07  Chris Dumez  <cdumez@apple.com>

        Align <col span>/<colgroup span> limits with the latest HTML specification
        https://bugs.webkit.org/show_bug.cgi?id=173049

        Reviewed by Daniel Bates.

        Align <col span>/<colgroup span> limits with the latest HTML specification after:
        - https://github.com/whatwg/html/issues/2705
        - https://github.com/whatwg/html/pull/2734

        In particular, col / colspan's span attribute is now clamped to the [1, 1000] range.

        Test: imported/w3c/web-platform-tests/html/semantics/tabular-data/processing-model-1/col-span-limits.html

        [1] https://html.spec.whatwg.org/#dom-colgroup-span
        [2] https://html.spec.whatwg.org/#clamped-to-the-range
        [3] https://github.com/whatwg/html/pull/2734/files

        * html/HTMLTableColElement.cpp:
        (WebCore::HTMLTableColElement::parseAttribute):
        As per [1][2], the span attribute should be clamped to the range [1, 1000] with a default value of 1 (on getting).

        (WebCore::HTMLTableColElement::setSpan):
        As per [2], on setting, we should behave the same as setting a regular reflected unsigned integer when an attribute
        is clamped to a range. Therefore, we now call limitToOnlyHTMLNonNegative() instead of
        limitToOnlyHTMLNonNegativeNumbersGreaterThanZero(). We used to call limitToOnlyHTMLNonNegativeNumbersGreaterThanZero()
        because the value used to be limited to only non-negative numbers greater than zero with fallback before [3]. Without
        this change, "col.span = 0" would set the content attribute to 1 instead of 0, which would be wrong.

2017-06-07  Jer Noble  <jer.noble@apple.com>

        Exempt exclusively wall-powered devices from hardware codec requirement
        https://bugs.webkit.org/show_bug.cgi?id=173009

        Reviewed by Eric Carlson.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/avfoundation/objc/AVAssetTrackUtilities.mm:
        (WebCore::systemHasBattery):
        (WebCore::assetTrackMeetsHardwareDecodeRequirements):
        * platform/spi/cocoa/IOPSLibSPI.h: Added.

2017-06-07  Jer Noble  <jer.noble@apple.com>

        Refactoring: MediaEngineSupportParameters should take a ContentType rather than separate type & codecs strings
        https://bugs.webkit.org/show_bug.cgi?id=173038

        Reviewed by Eric Carlson.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::getSupportedCapabilitiesForAudioVideoType):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::addSourceBuffer):
        (WebCore::MediaSource::isTypeSupported):
        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::canPlayType):
        (WebCore::HTMLMediaElement::selectNextSourceChild):
        * platform/ContentType.cpp:
        (WebCore::ContentType::codecsParameter):
        (WebCore::ContentType::profilesParameter):
        (WebCore::ContentType::containerType):
        (WebCore::simplifyWhitespace):
        (WebCore::ContentType::codecs):
        (WebCore::ContentType::profiles):
        (WebCore::ContentType::type): Deleted.
        * platform/ContentType.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::bestMediaEngineForSupportParameters):
        (WebCore::MediaPlayer::load):
        (WebCore::MediaPlayer::nextBestMediaEngine):
        (WebCore::MediaPlayer::loadWithNextMediaEngine):
        (WebCore::MediaPlayer::supportsType):
        (WebCore::MediaPlayer::networkStateChanged):
        (WebCore::codecs): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayer::contentMIMEType):
        (WebCore::MediaPlayer::contentTypeCodecs):
        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
        (WebCore::CDMPrivateMediaSourceAVFObjC::supportsKeySystemAndMimeType):
        (WebCore::CDMPrivateMediaSourceAVFObjC::supportsMIMEType):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::supportsType):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType):
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::addSourceBuffer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::supportsType):
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::MediaPlayerPrivateGStreamerMSE::supportsType):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::supportsType):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::supportsType):
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::MockMediaPlayerMediaSource::supportsType):
        * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
        (WebCore::MockMediaSourcePrivate::addSourceBuffer):

2017-06-07  Ryosuke Niwa  <rniwa@webkit.org>

        Use a dedicated node flag to identify a Document node
        https://bugs.webkit.org/show_bug.cgi?id=173037

        Reviewed by Chris Dumez.

        Address Antti's review comment. We don't need a new Node flg.

        * dom/Node.h:
        (WebCore::Node::isDocumentNode):

2017-06-07  Jon Davis  <jond@apple.com>

        Update feature status for features Supported In Preview
        https://bugs.webkit.org/show_bug.cgi?id=173071

        Reviewed by Darin Adler.

        Updated WebAssembly.

        * features.json:

2017-06-07  Sam Weinig  <sam@webkit.org>

        [WebIDL] PutForwards is not implemented to spec as illustrated by the WPT WebIDL/ecmascript-binding/put-forwards.html
        https://bugs.webkit.org/show_bug.cgi?id=172956

        Reviewed by Chris Dumez.

        Implements step 3.5.9 of https://heycam.github.io/webidl/#dfn-attribute-setter.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateAttributeSetterDefinition):
        Implement [PutForwards] to spec, which involves using JSC get/set rather than calling
        directly into the implementation.

        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        Update test results.

2017-06-07  Jer Noble  <jer.noble@apple.com>

        Clean-up: RenderElement.h includes headers it doesn't use
        https://bugs.webkit.org/show_bug.cgi?id=173046

        Reviewed by Andy Estes.

        Remove a couple of unneeded includes from RenderElement.h, and then clean up all the
        follow-on compile errors that causes. Mostly, these errors are fixed by including the
        correct headers at the point of use; otherwise, they're solved by forward-declaring types
        and in one case by moving default constructors implementation to the cpp file from the header.

        * css/parser/SizesAttributeParser.cpp:
        * editing/cocoa/EditorCocoa.mm:
        * platform/mac/PasteboardMac.mm:
        * rendering/InlineIterator.h:
        (WebCore::embedCharFromDirection):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderElement.cpp:
        * rendering/RenderElement.h:
        * rendering/RenderIterator.h:
        * rendering/RenderLineBreak.cpp:
        * rendering/RenderQuote.cpp:
        * rendering/RenderText.h:
        * rendering/SimpleLineLayoutPagination.cpp:
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        * rendering/TextAutoSizing.cpp:
        * rendering/style/RenderStyle.cpp:
        * rendering/style/RenderStyle.h:
        * style/RenderTreeUpdater.cpp:
        * style/StyleResolveForDocument.cpp:
        * style/StyleTreeResolver.cpp:

2017-06-07  Youenn Fablet  <youenn@apple.com>

        Add WebRTC stats logging
        https://bugs.webkit.org/show_bug.cgi?id=173045

        Reviewed by Eric Carlson.

        No change of behavior.

        Do release logging of WebRTC stats once remote description is set.
        Do logging every second for the first 30 seconds.
        After 30 seconds, do release logging of these stats every 5 seconds.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::LibWebRTCMediaEndpoint):
        (WebCore::LibWebRTCMediaEndpoint::stop):
        (WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):
        (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered):
        (WebCore::LibWebRTCMediaEndpoint::startLoggingStats):
        (WebCore::LibWebRTCMediaEndpoint::stopLoggingStats):
        (WebCore::LibWebRTCPeerConnectionBackend::doSetRemoteDescription):

2017-06-07  Per Arne Vollan  <pvollan@apple.com>

        Support removal of authentication data through the Website data store API.
        https://bugs.webkit.org/show_bug.cgi?id=171217

        Reviewed by Brady Eidson.

        Add support to remove and fetch credential data through the Website data store API.

        Test: http/tests/loading/basic-auth-remove-credentials.html

        * platform/network/CredentialStorage.h:
        (WebCore::CredentialStorage::originsWithCredentials):

2017-06-07  Per Arne Vollan  <pvollan@apple.com>

        AudioSourceProviderAVFObjC::m_tap member access is not thread safe.
        https://bugs.webkit.org/show_bug.cgi?id=172263

        Reviewed by Darin Adler.

        It it possible that the main thread will modify the m_tap member by calling
        AudioSourceProviderAVFObjC::destroyMix(), while m_tap is being read on a secondary
        thread under AudioSourceProviderAVFObjC::processCallback(). Instead of accessing
        the m_tap member on the secondary thread, we can use the same MTAudioProcessingTapRef
        provided by MediaToolbox in the callback. We assume the tap ref is retained by
        MediaToolbox, so it should be safe to use even if the the m_tap member is set to null.

        Covered by existing tests.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::processCallback):
        (WebCore::AudioSourceProviderAVFObjC::process):

2017-06-07  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] RSA-PSS support
        https://bugs.webkit.org/show_bug.cgi?id=172856

        Reviewed by Jiewen Tan.

        Implement RSA-PSS support for Web Crypto API in ports that use libgcrypt.

        For the signing operation, the digest algorithm is determined and used to
        compute the hash of the passed-in data. The given salt length and hash results
        are embedded into a data s-expression, specifying PSS as the preferred type of
        padding. This s-expression and the provided key are then passed to the
        gcry_pk_sign() call which computes the signature. The MPI data of this signature
        is retrieved and its size validated before being passed to the success callback.

        For the verification operation, the hash of the passed-in data is computed as
        before, embedding it into a data s-expression along with the specified salt
        length. The passed-in signature data is embedded into a sig-val s-expression.
        The two s-expressions are passed to the gcry_pk_verify() call along with the
        key. If the returned error code for this operation is GPG_ERR_NO_ERROR the
        verification is deemed successful, while in case of any other error code (which
        might indicate a verification failure or an operation error) we simply signal
        that the verification step failed (and not that it possibly errored out).

        No new tests -- covered by existing tests.

        * PlatformGTK.cmake: Add the new build targets.
        * PlatformWPE.cmake: Ditto.
        * crypto/gcrypt/CryptoAlgorithmRSA_PSSGCrypt.cpp: Added.
        (WebCore::gcryptSign):
        (WebCore::gcryptVerify):
        (WebCore::CryptoAlgorithmRSA_PSS::platformSign):
        (WebCore::CryptoAlgorithmRSA_PSS::platformVerify):
        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms): Register the RSA-PSS algorithm.

2017-06-07  Ryosuke Niwa  <rniwa@webkit.org>

        Merge TreeScopeAdopter into TreeScope
        https://bugs.webkit.org/show_bug.cgi?id=173040

        Reviewed by Antti Koivisto.

        Merged TreeScopeAdopter into TreeScope since it's used by TreeScope::adoptIfNeeded.

        Most of code changes are for didMoveToNewDocument taking the new document as an argument,
        which is used by ShadowRoot::didMoveToNewDocument to update its document scope.

        No new tests since there should be no behavioral change.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Element.cpp:
        (WebCore::Element::didMoveToNewDocument):
        * dom/Element.h:
        * dom/Node.cpp:
        (WebCore::Node::didMoveToNewDocument): Moved the code to moves the node lists and node iterators here
        from TreeScopeAdopter::moveNodeToNewDocument.
        * dom/Node.h:
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::didMoveToNewDocument): Moved the code to update the document scope here
        from TreeScopeAdopter::moveNodeToNewDocument.
        * dom/ShadowRoot.h:
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::adoptIfNeeded):
        (WebCore::TreeScope::moveTreeToNewScope): Moved from TreeScopeAdopter. Now takes the old tree scope and
        the new tree scope as arguments (they used to be members of TreeScopeAdopter). Also merged updateTreeScope
        into this function.
        (WebCore::TreeScope::ensureDidMoveToNewDocumentWasCalled): Moved from TreeScopeAdopter.
        (WebCore::TreeScope::moveNodeToNewDocument): Ditto. The code to adopt node lists and node iterators have
        been moved to Node::didMoveToNewDocument.
        (WebCore::TreeScope::moveShadowTreeToNewDocument): Moved from TreeScopeAdopter.
        * dom/TreeScope.h:
        (WebCore::TreeScope::ensureDidMoveToNewDocumentWasCalled):
        * dom/TreeScopeAdopter.cpp: Removed.
        * dom/TreeScopeAdopter.h: Removed.
        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::didMoveToNewDocument):
        * html/HTMLFieldSetElement.h:
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::didMoveToNewDocument):
        * html/HTMLFormControlElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::didMoveToNewDocument):
        * html/HTMLFormElement.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::didMoveToNewDocument):
        * html/HTMLImageElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::didMoveToNewDocument): Grouped related function calls on new/old documents.
        * html/HTMLInputElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::didMoveToNewDocument):
        * html/HTMLMediaElement.h:
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::didMoveToNewDocument):
        * html/HTMLObjectElement.h:
        * html/HTMLPictureElement.cpp:
        (WebCore::HTMLPictureElement::didMoveToNewDocument):
        * html/HTMLPictureElement.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didMoveToNewDocument):
        * html/HTMLPlugInImageElement.h:
        * html/HTMLTemplateElement.cpp:
        (WebCore::HTMLTemplateElement::didMoveToNewDocument):
        * html/HTMLTemplateElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::didMoveToNewDocument):
        * html/HTMLVideoElement.h:
        * html/ImageDocument.cpp:
        (WebCore::ImageDocumentElement::didMoveToNewDocument):
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::didMoveToNewDocument):
        * svg/SVGImageElement.h:
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::didMoveToNewDocument):
        * svg/SVGSVGElement.h:

2017-06-06  Ryosuke Niwa  <rniwa@webkit.org>

        Use a dedicated node flag to identify a Document node
        https://bugs.webkit.org/show_bug.cgi?id=173037

        Reviewed by Chris Dumez.

        Use a Node flag to identify a Document node instead of checking this == document() which loads TreeScope.

        * dom/Document.h:
        (WebCore::Node::isDocumentNode): Deleted.
        * dom/Node.h:
        (WebCore::Node::isDocumentNode):

2017-06-06  Dan Bernstein  <mitz@apple.com>

        Fixed building with the macOS 10.13 Apple Internal SDK when targeting macOS 10.12.

        * platform/spi/cocoa/PassKitSPI.h:

2017-06-06  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r214974.

        Causes some tabs to start using a huge amount of CPU after 8
        minutes in the background

        Reverted changeset:

        "Make inactive web processes behave as though under memory
        pressure."
        https://bugs.webkit.org/show_bug.cgi?id=170042
        http://trac.webkit.org/changeset/214974

2017-06-06  Tim Horton  <timothy_horton@apple.com>

        Crash trying to drag the entire text of a long book out of Mail compose view
        https://bugs.webkit.org/show_bug.cgi?id=173042
        <rdar://problem/32382059>

        Reviewed by Simon Fraser.

        Creating a TextIndicator that is hundreds of thousands of pixels tall
        is not a good idea. We introduced TextIndicatorOptionDoNotClipToVisibleRect
        so that (for example) an image that overhangs the edge of the page would
        contain the entire image, instead of just the visible fragment.
        Instead, rename this option to ExpandClipBeyondVisibleRect, and make it
        not unclip *entirely*, but expand the clip significantly (50% in each direction)
        beyond the bounds of the current visible rect. Also, make use of exposed
        area information for this clipping; otherwise, clients with very large views
        inside scrollable areas (like Mail) would still try to create large TextIndicators.

        * page/TextIndicator.cpp:
        (WebCore::initializeIndicator):
        * page/TextIndicator.h:

2017-06-06  Chris Dumez  <cdumez@apple.com>

        RELEASE_ASSERT(static_cast<size_t>(enumerationValue) < WTF_ARRAY_LENGTH(values)) hit in convertEnumerationToJS<WebCore::History::ScrollRestoration>()
        https://bugs.webkit.org/show_bug.cgi?id=173033
        <rdar://problem/32591099>

        Reviewed by Simon Fraser.

        History::scrollRestoration() was returning a bad value because HistoryItem::m_shouldRestoreScrollPosition
        was initialized from FrameState::shouldRestoreScrollPosition member, which was not initialized when
        restored from the legacy session restore API.

        Tests: WebKit2.RestoreSessionStateContainingScrollRestoration* API tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateEnumerationImplementationContent):
        Drop the RELEASE_ASSERT that was added to debug this and use the regular debug ASSERT.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::setShouldRestoreScrollPosition):
        Make sure we notify that the HistoryItem has changed when setShouldRestoreScrollPosition()
        is called.

2017-06-06  Darin Adler  <darin@apple.com>

        Update to slightly stricter rules for custom element names from more recent standard draft
        https://bugs.webkit.org/show_bug.cgi?id=173019

        Reviewed by Ryosuke Niwa.

        * bindings/js/JSCustomElementRegistryCustom.cpp:
        (WebCore::validateCustomElementNameAndThrowIfNeeded): Add more error strings for various error cases.

        * dom/Document.cpp:
        (WebCore::isPotentialCustomElementNameCharacter): Added. Implements the PCENChar production
        from the standard by listing all the ranges exactly as they appear in the standard.
        (WebCore::Document::validateCustomElementName): Added a check that the first character is
        a lowercase ASCII letter. Added a check that all characters are potential custom element
        name characters.

        * dom/Document.h: Update the CustomElementNameValidationStatus with new values for
        the various new error cases.  Not sure that validateCustomElementName really belongs
        in the Document class in the first place. Also seems that the error strings could be
        in validateCustomElementName rather than in a separate bindings function, obviating
        the need for the enum.

2017-06-06  Yoav Weiss  <yoav@yoav.ws>

        [preload] Conditional support for media preloading and align media `as` values.
        https://bugs.webkit.org/show_bug.cgi?id=172501

        Reviewed by Dean Jackson.

        As discussed at https://bugs.webkit.org/show_bug.cgi?id=171720#c11 media preloading may not work
        since the backend may not reuse such resources properly.
        This patch makes support for media preloading conditional on a setting, in order to avoid double downloads in these cases.
        It also aligns the media `as` values to the spec, and splitting them into "video" and "audio".

        No new tests but related tests were modified to remove media preloading tests as the setting is off by default.

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::resourceTypeFromAsAttribute): Make handling of MediaResource conditional on setting. Align `as` values to spec.
        (WebCore::createLinkPreloadResourceClient): Make handling of MediaResource conditional on setting.
        (WebCore::LinkLoader::isSupportedType): Make handling of MediaResource conditional on setting.
        * page/RuntimeEnabledFeatures.h: Added a media preloading preference.
        (WebCore::RuntimeEnabledFeatures::setMediaPreloadingEnabled):
        (WebCore::RuntimeEnabledFeatures::mediaPreloadingEnabled):
        * page/Settings.in: Added a media preloading preference.

2017-06-06  Don Olmstead  <don.olmstead@am.sony.com>

        [WebCore] Enable REQUEST_ANIMATION_FRAME_TIMER for all ports
        https://bugs.webkit.org/show_bug.cgi?id=172780

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::addThrottlingReason):
        (WebCore::ScriptedAnimationController::removeThrottlingReason):
        (WebCore::ScriptedAnimationController::isThrottled):
        (WebCore::ScriptedAnimationController::interval):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::displayRefreshFired):
        * dom/ScriptedAnimationController.h:
        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::scheduleAnimation): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        * platform/Curl.cmake: Added.
        * platform/ScrollAnimationSmooth.cpp:
        (WebCore::ScrollAnimationSmooth::ScrollAnimationSmooth):
        (WebCore::ScrollAnimationSmooth::stop):
        (WebCore::ScrollAnimationSmooth::animationTimerFired):
        (WebCore::ScrollAnimationSmooth::startNextTimer):
        (WebCore::ScrollAnimationSmooth::animationTimerActive):
        (WebCore::ScrollAnimationSmooth::serviceAnimation): Deleted.
        * platform/ScrollAnimationSmooth.h:

2017-06-06  Darin Adler  <darin@apple.com>

        Cut down use of WTF_ARRAY_LENGTH
        https://bugs.webkit.org/show_bug.cgi?id=172997

        Reviewed by Chris Dumez.

        * contentextensions/NFAToDFA.cpp: Remove unused SetTransitions class.

        * dom/Document.cpp:
        (WebCore::Document::~Document): Use modern for loop instead of WTF_ARRAY_LENGTH.
        * dom/make_names.pl:
        (printDefinitions): Ditto.
        (printFactoryCppFile): Ditto.
        (printWrapperFactoryCppFile): Ditto.

        * platform/URL.cpp:
        (WebCore::portAllowed): Use std::is_sorted, std::begin, and std::end
        in sort assertion to greatly streamline it and eliminate use of WTF_ARRAY_LENGTH.
        Also allow the sort assertion to run every time; slightly optimizing debug builds
        was not worth having the code be messy.

        * platform/URLParser.cpp:
        (WebCore::URLParser::appendNumberToASCIIBuffer): Use std::end instead of
        WTF_ARRAY_LENGTH.

        * platform/graphics/FontCascade.cpp: Make fontFamiliesWithInvalidCharWidth be
        a constant array rather than a non-constant array to constant strings.
        (WebCore::FontCascade::hasValidAverageCharWidth): Streamline the hash table
        initialization to avoid heap allocation and use a modern for loop instead of
        WTF_ARRAY_LENGTH.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::disableComponentsOnce): Use a modern for loop instead of WTF_ARRAY_LENGTH.
        * platform/network/CacheValidation.cpp:
        (WebCore::shouldUpdateHeaderAfterRevalidation): Ditto. Also use the
        startsWithIgnoringASCIICase function rather than the version that folds
        arbitrary Unicode case.

        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::pruneBlacklistedCodecs): Use modern for loops to make the code considerably
        easier to read and avoid WTF_ARRAY_LENGTH.

        * platform/text/mac/LocaleMac.mm:
        (WebCore::LocaleMac::monthLabels): Use modern for loop instead of WTF_ARRAY_LENGTH.
        (WebCore::LocaleMac::shortMonthLabels): Ditto.
        * rendering/RenderCombineText.cpp:
        (WebCore::RenderCombineText::combineText): Ditto.

2017-06-06  Isaac Devine  <isaac@devinesystems.co.nz>

        Allow FileReader to open files multiple times

        If multiple file readers open files they are prevented by default due to
        Windows' file locking.

        Allow FileReader to open multiple files for reading at the same time on wincairo
        https://bugs.webkit.org/show_bug.cgi?id=172632

        Reviewed by Darin Adler.

        * platform/win/FileSystemWin.cpp:
        (WebCore::openFile): Use the appropriate sharing options to allow multiple opens

2017-06-06  Beth Dakin  <bdakin@apple.com>

        Netflix seeking quirk should also apply to Now Playing, and should always use the 
        livestream UI
        https://bugs.webkit.org/show_bug.cgi?id=173030
        -and corresponding-
        rdar://problem/32228660

        Reviewed by Darin Adler.

        This patch rolls out much of https://trac.webkit.org/changeset/217791/webkit in 
        favor of an approach that can be used to apply the quirk to Now Playing in 
        addition to Touch Bar. This patch also changes the UI in both Touch Bar and Now 
        Playing to match live stream UI, which means there is no playhead. This hopefully 
        makes it less confusing that taps on the timeline will have no effect. 

        supportsSeeking() should return false for Netflix. That function needs to be 
        public now.
        * html/HTMLMediaElement.cpp:
        (WebCore::needsSeekingSupportQuirk):
        (WebCore::HTMLMediaElement::supportsSeeking):
        * html/HTMLMediaElement.h:

        Here is where we get the desired result in Now Playing. Make sure the 
        currentSession supportsSeeking() before relying on the time and duration info for 
        the sake of Now Playing. 
        * platform/audio/mac/MediaSessionManagerMac.mm:
        (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):

        We can roll out allowsTouchBarScrubbing() and rely on supportsSeeking().
        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::mutedChanged):
        (WebCore::WebPlaybackSessionModelClient::allowsTouchBarScrubbingChanged): Deleted.
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::updateForEventName):

        And here is where we get the desired result for Touch Bar. Make sure the the media 
        element supportsSeeking() before relying on the duration. 
        (WebCore::WebPlaybackSessionModelMediaElement::duration):

        We can roll out allowsTouchBarScrubbing() and rely on supportsSeeking().
        (WebCore::WebPlaybackSessionModelMediaElement::allowsTouchBarScrubbing): Deleted.
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        * platform/mac/WebPlaybackControlsManager.h:

        Currently the Touch Bar live stream UI lets you seek, which results in broken 
        behavior on real live streams and on Netflix. Prevent that by preventing scrubbing 
        for NaN and infinite durations.
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager canBeginTouchBarScrubbing]):

        We can roll out allowsTouchBarScrubbing() and rely on supportsSeeking().
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::setPlayBackControlsManager):
        (WebCore::WebPlaybackSessionInterfaceMac::allowsTouchBarScrubbingChanged): Deleted.

2017-06-06  Konstantin Tokarev  <annulen@yandex.ru>

        Add missing <functional> includes
        https://bugs.webkit.org/show_bug.cgi?id=173017

        Patch by Thiago Macieira <thiago.macieira@intel.com>
        Reviewed by Yusuke Suzuki.

        This patch fixes compilation with GCC 7.

        No new tests needed.

        * css/CSSValue.h:
        * css/StyleSheetContents.h:
        * loader/NetscapePlugInStreamLoader.h:
        * loader/ResourceLoader.h:

2017-06-06  Konstantin Tokarev  <annulen@yandex.ru>

        Fix compilation with !ENABLE(SVG_FONTS)
        https://bugs.webkit.org/show_bug.cgi?id=172731

        Reviewed by Darin Adler.

        No new tests needed.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::load):

2017-06-06  Zalan Bujtas  <zalan@apple.com>

        Safari doesn't load newest The Order of the Stick comic.
        https://bugs.webkit.org/show_bug.cgi?id=172949
        <rdar://problem/32389730>

        Reviewed by Antti Koivisto.

        As part of the table layout, RenderTableSection::layoutRows calls the RenderTableCell's layout() directly
        (skipping the RenderTableRow parent). If during this call the RenderTableCell (or any of its descendant) marks the ancestor
        chain dirty, this dirty flag on the RenderTableRows will never be cleared and we'll end up early returning from RenderTableSection::paint.
        For certain type of float objects, we need to invalidate the line layout path during layout (and we mark the ancestors dirty).
        This patch takes a conservative approach and marks the ancestors dirty only when the renderer is not dirty yet, but
        as part of webkit.org/b/172947 we should revisit and validate whether the setNeedsLayout() is required at all.

        Test: fast/table/floating-table-sibling-is-invisible.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::invalidateLineLayoutPath):

2017-06-06  Emilio Cobos Álvarez  <ecobos@igalia.com>

        [css-conditional] The one-string version of CSS.supports should be wrapped in implied parentheses.
        https://bugs.webkit.org/show_bug.cgi?id=172906

        Reviewed by Darin Adler.

        From https://drafts.csswg.org/css-conditional/#the-css-interface:

        > When invoked with a single conditionText argument, it must return
        > true if conditionText, when either parsed and evaluated as a
        > supports_condition or parsed as a declaration, wrapped in implied
        > parentheses, and evaluated as a supports_condition, would return
        > true.

        Note the "wrapped in implied parentheses" bit.

        Gecko is fixing it in https://bugzil.la/1338486, and Blink in
        https://crbug.com/729403.

        Tests: css3/supports-dom-api.html
               imported/w3c/web-platform-tests/cssom/CSS.html

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseSupportsCondition):
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::consumeSupportsRule):
        * css/parser/CSSSupportsParser.cpp:
        (WebCore::CSSSupportsParser::supportsCondition):
        * css/parser/CSSSupportsParser.h:

2017-06-06  Joseph Pecoraro  <pecoraro@apple.com>

        Move Resource Timing / User Timing from experimental features into main preferences
        https://bugs.webkit.org/show_bug.cgi?id=172950

        Reviewed by Darin Adler.

        * features.json:
        Graduate some features from In Development to Supported.

2017-06-06  Adrian Perez de Castro  <aperez@igalia.com>

        [GTK][Wayland] Do not pass value of $DISPLAY to wl_display_connect()
        https://bugs.webkit.org/show_bug.cgi?id=172993

        Reviewed by Žan Doberšek.

        No new tests needed.

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create): Instead of using the "DISPLAY" environment variable (meant for X11),
        pass a null pointer to "wl_display_connect()". This function checks the value of the "WAYLAND_DISPLAY" environment
        variable itself and therefore we do not need to pass it ourselves.

2017-06-06  Antoine Quint  <graouts@apple.com>

        Rebaseline and enable media/modern-media-controls/airplay-support
        https://bugs.webkit.org/show_bug.cgi?id=172980

        Reviewed by Eric Carlson.

        Fixing a small issue in the modern media controls code which would yield
        an error when manually creating a MediaController without a MediaControlsHost.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.get isAudio):

2017-06-06  Antoine Quint  <graouts@apple.com>

        Update modern media controls testing utilities
        https://bugs.webkit.org/show_bug.cgi?id=172976
        <rdar://problem/32588432>

        Reviewed by Eric Carlson.

        Stop logging an error when we're not able to load UI Strings since UI strings
        are not defined in the majority of modern-media-controls tests as we load the
        code directly from the modern-media-controls module and can't reach into the
        English.lproj directory, nor is it necessary.

        * Modules/modern-media-controls/main.js:
        (UIString):

2017-06-06  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Use the same draw timer and mutex when AC disabled or building without OpenGL
        https://bugs.webkit.org/show_bug.cgi?id=172923

        Reviewed by Michael Catanzaro.

        We have two different paths to do the same. When building without OpenGL, the VideoRenderRequestScheduler has
        its own timer and we need to add ifdefs to handle that. But when building with OpenGL we still support
        non-accelerated rendering that does the same than the VideoRenderRequestScheduler timer, but using the media
        player timer instead. We can simplify the code and remove more ifdefs by using the media player timer and mutex
        in all cases for non-accelerated rendering.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::repaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (VideoRenderRequestScheduler::start):
        (VideoRenderRequestScheduler::stop):
        (VideoRenderRequestScheduler::requestRender):
        (VideoRenderRequestScheduler::VideoRenderRequestScheduler): Deleted.
        (VideoRenderRequestScheduler::render): Deleted.

2017-06-05  Antoine Quint  <graouts@apple.com>

        Update media controls to match latest design specs
        https://bugs.webkit.org/show_bug.cgi?id=172932

        Reviewed by Dean Jackson.

        The media controls specs have changed and we now implement them. The main controls bar now
        appears to be floating, with a rounded corners and a margin around it. Some of the controls
        it used to contain now may appear outside of it. Specifically, the fullscreen and
        picture-in-picture buttons now are displayed in a dedicated controls bar in the top-left
        corner and the mute button, on iOS (where we don't support changing the volume when inline),
        is displayed in the top right corner.

        Another small UI improvement is that we display an activity indicator when we are waiting
        for data to initiate or resume playback instead of showing the elapsed time label. We also
        make displaying the scrubber more important than displaying other controls, except for the
        play/pause button, when width becomes scarce. Finally, we no longer use a speci layer type
        for the controls bar backgrounds, we now use the same "backdrop-filter" and tint overlay
        on both macOS and iOS.

        Since this work had previously been done through WebKitAdditions, we remove the specific
        build phase code that we added for this purpose and are now only ever looking for media
        controls code in the WebCore source tree.

        * Modules/modern-media-controls/controls/activity-indicator.css: Added.
        (.activity-indicator):
        (.activity-indicator > div):
        (.activity-indicator > .ne):
        (.activity-indicator > .e):
        (.activity-indicator > .se):
        (.activity-indicator > .s):
        (.activity-indicator > .sw):
        (.activity-indicator > .w):
        (.activity-indicator > .nw):
        (@keyframes activity-indicator-pulse):
        (to):
        * Modules/modern-media-controls/controls/airplay-button.js:
        * Modules/modern-media-controls/controls/auto-hide-controller.js: Added.
        (AutoHideController):
        (AutoHideController.prototype.get fadesWhileIdle):
        (AutoHideController.prototype.set fadesWhileIdle):
        (AutoHideController.prototype.handleEvent):
        (AutoHideController.prototype.gestureRecognizerStateDidChange):
        (AutoHideController.prototype.mediaControlsFadedStateDidChange):
        (AutoHideController.prototype.mediaControlsBecameInvisible):
        (AutoHideController.prototype._cancelNonEnforcedAutoHideTimer):
        (AutoHideController.prototype._cancelAutoHideTimer):
        (AutoHideController.prototype._resetAutoHideTimer):
        (AutoHideController.prototype._autoHideTimerFired):
        * Modules/modern-media-controls/controls/background-click-delegate-notifier.js: Added.
        (BackgroundClickDelegateNotifier):
        (BackgroundClickDelegateNotifier.prototype.handleEvent):
        * Modules/modern-media-controls/controls/background-tint.css:
        (.background-tint,):
        (.background-tint > .blur):
        (.background-tint > .tint):
        * Modules/modern-media-controls/controls/button.css:
        (button):
        (button > picture):
        (button.skip-back > picture,):
        (button.on > picture):
        (button:active > picture):
        (button.corner):
        (button.center,):
        (button.center):
        (button.small-center):
        (button.center > .background-tint,):
        (button.center > picture,):
        (button.center:active > picture,):
        * Modules/modern-media-controls/controls/button.js:
        (Button.prototype.get iconName):
        (Button.prototype.set iconName):
        (Button.prototype.get on):
        (Button.prototype.set on):
        (Button.prototype.get style):
        (Button.prototype.set style):
        (Button.prototype.get scaleFactor):
        (Button.prototype.set scaleFactor):
        (Button.prototype.handleEvent):
        (Button.prototype.commit):
        (Button.prototype._loadImage):
        (Button.prototype._imageSourceDidLoad):
        (Button.prototype._updateImage):
        (Button.prototype._updateImageMetrics):
        (Button):
        * Modules/modern-media-controls/controls/buttons-container.css:
        (.buttons-container):
        (.ios .buttons-container button):
        * Modules/modern-media-controls/controls/buttons-container.js:
        * Modules/modern-media-controls/controls/controls-bar.css:
        (.controls-bar):
        (.controls-bar.faded): Deleted.
        * Modules/modern-media-controls/controls/controls-bar.js:
        (ControlsBar.prototype.get children):
        (ControlsBar.prototype.set children):
        (ControlsBar.prototype.commitProperty):
        (ControlsBar.prototype.get userInteractionEnabled): Deleted.
        (ControlsBar.prototype.set userInteractionEnabled): Deleted.
        (ControlsBar.prototype.get fadesWhileIdle): Deleted.
        (ControlsBar.prototype.set fadesWhileIdle): Deleted.
        (ControlsBar.prototype.get visible): Deleted.
        (ControlsBar.prototype.set visible): Deleted.
        (ControlsBar.prototype.get faded): Deleted.
        (ControlsBar.prototype.set faded): Deleted.
        (ControlsBar.prototype.handleEvent): Deleted.
        (ControlsBar.prototype.gestureRecognizerStateDidChange): Deleted.
        (ControlsBar.prototype._cancelNonEnforcedAutoHideTimer): Deleted.
        (ControlsBar.prototype._cancelAutoHideTimer): Deleted.
        (ControlsBar.prototype._resetAutoHideTimer): Deleted.
        (ControlsBar.prototype._autoHideTimerFired): Deleted.
        * Modules/modern-media-controls/controls/fullscreen-button.js:
        * Modules/modern-media-controls/controls/icon-button.css: Removed.
        * Modules/modern-media-controls/controls/icon-button.js: Removed.
        * Modules/modern-media-controls/controls/icon-service.js:
        (const.iconService.new.IconService.prototype.imageForIconAndLayoutTraits):
        (const.iconService.new.IconService.prototype._fileNameAndPlatformForIconAndLayoutTraits):
        (const.iconService.new.IconService):
        (const.iconService.new.IconService.prototype.imageForIconNameAndLayoutTraits): Deleted.
        (const.iconService.new.IconService.prototype._fileNameAndPlatformForIconNameAndLayoutTraits): Deleted.
        * Modules/modern-media-controls/controls/inline-layout-support.js: Removed.
        * Modules/modern-media-controls/controls/inline-media-controls.css: Added.
        (.media-controls.inline > .controls-bar):
        (.media-controls.inline > .controls-bar.top-left):
        (.media-controls.inline.audio > .controls-bar):
        (.media-controls.inline > .controls-bar > *):
        (.media-controls.inline > button.mute):
        (.media-controls.inline > button.play-pause.corner):
        (.media-controls.inline.audio > button.play-pause.corner):
        (.media-controls.inline > .controls-bar button):
        (.media-controls.inline button.start.center > picture,):
        (.media-controls.inline button.start.small-center > picture,):
        (.media-controls.inline .time-control,):
        * Modules/modern-media-controls/controls/inline-media-controls.js: Added.
        (InlineMediaControls):
        (InlineMediaControls.prototype.set shouldUseAudioLayout):
        (InlineMediaControls.prototype.set shouldUseSingleBarLayout):
        (InlineMediaControls.prototype.get showsStartButton):
        (InlineMediaControls.prototype.set showsStartButton):
        (InlineMediaControls.prototype.showPlacard):
        (InlineMediaControls.prototype.hidePlacard):
        (InlineMediaControls.prototype.layout):
        (InlineMediaControls.prototype.commitProperty):
        (InlineMediaControls.prototype.get preferredMuteButtonStyle):
        (InlineMediaControls.prototype._topLeftContainerButtons):
        (InlineMediaControls.prototype._leftContainerButtons):
        (InlineMediaControls.prototype._rightContainerButtons):
        (InlineMediaControls.prototype._droppableButtons):
        * Modules/modern-media-controls/controls/ios-inline-media-controls.css: Removed.
        * Modules/modern-media-controls/controls/ios-inline-media-controls.js:
        (IOSInlineMediaControls.prototype.get showsStartButton):
        (IOSInlineMediaControls.prototype.set showsStartButton):
        (IOSInlineMediaControls.prototype.gestureRecognizerStateDidChange):
        (IOSInlineMediaControls.prototype._pinchGestureRecognizerStateDidChange):
        (IOSInlineMediaControls.prototype._tapGestureRecognizerStateDidChange):
        (IOSInlineMediaControls):
        (IOSInlineMediaControls.prototype.layout): Deleted.
        (IOSInlineMediaControls.prototype.layoutTraitsDidChange): Deleted.
        * Modules/modern-media-controls/controls/layout-item.js:
        * Modules/modern-media-controls/controls/layout-node.js:
        (LayoutNode.prototype.commitProperty):
        * Modules/modern-media-controls/controls/macos-compact-inline-media-controls.css: Removed.
        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css:
        (.media-controls.mac.fullscreen .buttons-container.left):
        (.media-controls.mac.fullscreen .buttons-container.center):
        (.media-controls.mac.fullscreen .time-control):
        (.media-controls.mac.fullscreen > .controls-bar .status-label):
        (.media-controls.mac.fullscreen > .controls-bar > .background-tint > div): Deleted.
        (.media-controls.mac.fullscreen .volume.slider): Deleted.
        (.media-controls.mac.fullscreen button.volume-down): Deleted.
        (.media-controls.mac.fullscreen button.volume-up): Deleted.
        (.media-controls.mac.fullscreen button.rewind): Deleted.
        (.media-controls.mac.fullscreen button.play-pause): Deleted.
        (.media-controls.mac.fullscreen button.forward): Deleted.
        (.media-controls.mac.fullscreen .time-label): Deleted.
        (.media-controls.mac.fullscreen .scrubber): Deleted.
        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js:
        (MacOSFullscreenMediaControls.prototype.handleEvent):
        (MacOSFullscreenMediaControls.prototype.layout):
        (MacOSFullscreenMediaControls.prototype._handleMousedown):
        (MacOSFullscreenMediaControls.prototype._handleMousemove):
        * Modules/modern-media-controls/controls/macos-inline-media-controls.css:
        (.media-controls.mac.inline .volume-slider-container):
        (.media-controls.mac.inline.audio .volume-slider-container):
        (.media-controls.mac.inline .volume-slider-container > .background-tint):
        (.media-controls.mac.inline .volume-slider-container > .background-tint > div):
        (.media-controls.mac.inline .volume-slider-container > .slider):
        (.media-controls.mac.inline > .controls-bar): Deleted.
        (.media-controls.mac.inline > .controls-bar > *): Deleted.
        (.media-controls.mac.inline > button.start > div): Deleted.
        (.media-controls.mac.inline > .controls-bar button): Deleted.
        (.media-controls.mac.inline button.play-pause): Deleted.
        (.media-controls.mac.inline button.skip-back): Deleted.
        (.media-controls.mac.inline .scrubber.slider): Deleted.
        (.media-controls.mac.inline button.mute): Deleted.
        (.media-controls.mac.inline button.airplay): Deleted.
        (.media-controls.mac.inline button.pip): Deleted.
        (.media-controls.mac.inline button.tracks): Deleted.
        (.media-controls.mac.inline button.fullscreen): Deleted.
        (.media-controls.mac.inline .time-label,): Deleted.
        (.media-controls.mac.inline .volume.slider): Deleted.
        * Modules/modern-media-controls/controls/macos-inline-media-controls.js:
        (MacOSInlineMediaControls.prototype.layout):
        (MacOSInlineMediaControls.prototype.get preferredMuteButtonStyle):
        (MacOSInlineMediaControls.prototype.handleEvent):
        (MacOSInlineMediaControls.prototype.layoutTraitsDidChange): Deleted.
        * Modules/modern-media-controls/controls/macos-media-controls.js: Removed.
        * Modules/modern-media-controls/controls/media-controls.css:
        (:host(audio)):
        (*):
        (:host(audio), *):
        (.media-controls-container):
        (.media-controls):
        (.media-controls > *):
        (.media-controls.shows-tracks-panel > .controls-bar,):
        (.media-controls.faded > *:not(.placard)):
        (.media-controls .time-label,):
        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.get visible):
        (MediaControls.prototype.set visible):
        (MediaControls.prototype.get faded):
        (MediaControls.prototype.set faded):
        (MediaControls.prototype.showTracksPanel):
        (MediaControls.prototype.hideTracksPanel):
        (MediaControls.prototype.isPointInControls):
        (MediaControls.prototype.handleEvent):
        (MediaControls.prototype.commitProperty):
        (MediaControls.prototype.get layoutTraits): Deleted.
        (MediaControls.prototype.set layoutTraits): Deleted.
        (MediaControls.prototype.get showsStartButton): Deleted.
        (MediaControls.prototype.set showsStartButton): Deleted.
        (MediaControls.prototype.get placard): Deleted.
        (MediaControls.prototype.get showsPlacard): Deleted.
        (MediaControls.prototype.showPlacard): Deleted.
        (MediaControls.prototype.hidePlacard): Deleted.
        (MediaControls.prototype.controlsBarVisibilityDidChange): Deleted.
        (MediaControls.prototype.controlsBarFadedStateDidChange): Deleted.
        (MediaControls.prototype.layoutTraitsDidChange): Deleted.
        (MediaControls.prototype.layout): Deleted.
        (MediaControls.prototype._invalidateChildren): Deleted.
        * Modules/modern-media-controls/controls/media-document.css:
        (:host(.media-document)):
        (:host(.media-document.audio.mac)):
        * Modules/modern-media-controls/controls/mute-button.js:
        * Modules/modern-media-controls/controls/pip-button.js:
        * Modules/modern-media-controls/controls/placard.css:
        (.placard):
        (.placard .container):
        (.placard button):
        (.placard button > picture):
        (.placard .icon): Deleted.
        * Modules/modern-media-controls/controls/placard.js:
        (Placard.):
        (Placard.prototype.layout):
        * Modules/modern-media-controls/controls/play-pause-button.js:
        (PlayPauseButton):
        (PlayPauseButton.prototype.commit):
        * Modules/modern-media-controls/controls/scheduler.js:
        (const.scheduler.new.prototype.scheduleLayout):
        (const.scheduler.new.prototype.unscheduleLayout):
        (const.scheduler.new.prototype._requestFrameIfNeeded):
        (const.scheduler.new.prototype._frameDidFire):
        (const.scheduler.new.prototype._layout):
        * Modules/modern-media-controls/controls/scrubber.js: Removed.
        * Modules/modern-media-controls/controls/seek-button.js:
        * Modules/modern-media-controls/controls/skip-back-button.js:
        * Modules/modern-media-controls/controls/skip-forward-button.js: Added.
        (SkipForwardButton):
        * Modules/modern-media-controls/controls/slider.css:
        (.slider):
        (.slider > .custom-slider,):
        (.slider > .custom-slider):
        (.slider > .custom-slider > *):
        (.slider > .custom-slider > .fill):
        (.slider > .custom-slider > .track):
        (.slider > .custom-slider > .primary):
        (.slider > .custom-slider > .secondary):
        (.slider > .custom-slider > .knob):
        (.slider > input):
        (.slider > input::-webkit-slider-thumb):
        (.slider.disabled > input,):
        (.ios .slider > input):
        (.ios .slider > input::-webkit-slider-runnable-track):
        (.ios .slider > input::-webkit-slider-thumb):
        (.slider > canvas,): Deleted.
        (.slider > canvas): Deleted.
        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.set inputAccessibleLabel):
        (Slider.prototype.get disabled):
        (Slider.prototype.set disabled):
        (Slider.prototype.get secondaryValue):
        (Slider.prototype.set secondaryValue):
        (Slider.prototype._formatTime):
        (Slider.prototype.commitProperty):
        (Slider.prototype.commit):
        (Slider.prototype.draw): Deleted.
        (addRoundedRect): Deleted.
        * Modules/modern-media-controls/controls/start-button.css: Removed.
        * Modules/modern-media-controls/controls/start-button.js: Removed.
        * Modules/modern-media-controls/controls/status-label.css:
        (.status-label):
        * Modules/modern-media-controls/controls/status-label.js:
        (StatusLabel.prototype.get enabled):
        (StatusLabel.prototype.set enabled): Deleted.
        * Modules/modern-media-controls/controls/text-tracks.css:
        (video::-webkit-media-text-track-container):
        (video::-webkit-media-text-track-container.visible-controls-bar):
        (video::-webkit-media-text-track-container.visible-controls-bar.compact-controls-bar): Deleted.
        * Modules/modern-media-controls/controls/time-control.js:
        (TimeControl.prototype.set duration):
        (TimeControl.prototype.set currentTime):
        (TimeControl.prototype.get loading):
        (TimeControl.prototype.set loading):
        (TimeControl.prototype.get minimumWidth):
        (TimeControl.prototype.get idealMinimumWidth):
        (TimeControl.prototype.layout):
        (TimeControl.prototype._performIdealLayout):
        (TimeControl.prototype.get useSixDigitsForTimeLabels): Deleted.
        (TimeControl.prototype.set useSixDigitsForTimeLabels): Deleted.
        (TimeControl.prototype.get isSufficientlyWide): Deleted.
        * Modules/modern-media-controls/controls/time-label.css:
        (.time-label):
        * Modules/modern-media-controls/controls/time-label.js:
        (TimeLabel.prototype.setValueWithNumberOfDigits):
        (TimeLabel.prototype.commitProperty):
        (TimeLabel.prototype._formattedTime):
        (doubleDigits):
        (TimeLabel.prototype.set value): Deleted.
        * Modules/modern-media-controls/controls/tracks-button.js:
        * Modules/modern-media-controls/controls/tracks-panel.css:
        (.tracks-panel > .scrollable-container):
        (.tracks-panel section):
        (.tracks-panel section > h3):
        (.tracks-panel > .background-tint > div,): Deleted.
        * Modules/modern-media-controls/controls/volume-down-button.js:
        * Modules/modern-media-controls/controls/volume-slider.css: Removed.
        * Modules/modern-media-controls/controls/volume-slider.js: Removed.
        * Modules/modern-media-controls/controls/volume-up-button.js:
        * Modules/modern-media-controls/gesture-recognizers/gesture-recognizer.js:
        (GestureRecognizer.prototype.gestureBegan):
        (GestureRecognizer.prototype._removeTrackingListeners):
        * Modules/modern-media-controls/gesture-recognizers/tap.js:
        (TapGestureRecognizer.prototype.touchesMoved):
        * Modules/modern-media-controls/images/iOS/Airplay.svg: Added.
        * Modules/modern-media-controls/images/iOS/EnterFullscreen.svg: Added.
        * Modules/modern-media-controls/images/iOS/MediaSelector.svg: Added.
        * Modules/modern-media-controls/images/iOS/MiniPipIn.svg: Added.
        * Modules/modern-media-controls/images/iOS/Mute.svg: Added.
        * Modules/modern-media-controls/images/iOS/Pause.svg: Added.
        * Modules/modern-media-controls/images/iOS/PipIn.svg: Added.
        * Modules/modern-media-controls/images/iOS/Play.svg: Added.
        * Modules/modern-media-controls/images/iOS/SkipBack15.svg: Added.
        * Modules/modern-media-controls/images/iOS/SkipForward15.svg: Added.
        * Modules/modern-media-controls/images/iOS/VolumeHi.svg: Added.
        * Modules/modern-media-controls/images/iOS/airplay@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/airplay@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/enter-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/enter-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/enter-fullscreen@3x.png: Removed.
        * Modules/modern-media-controls/images/iOS/interval-skip-back@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/interval-skip-back@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/interval-skip-back@3x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pause@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pause@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pause@3x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pip-in@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pip-in@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/pip-in@3x.png: Removed.
        * Modules/modern-media-controls/images/iOS/play@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/play@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/play@3x.png: Removed.
        * Modules/modern-media-controls/images/iOS/slider-thumb@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/start@1x.png: Removed.
        * Modules/modern-media-controls/images/iOS/start@2x.png: Removed.
        * Modules/modern-media-controls/images/iOS/start@3x.png: Removed.
        * Modules/modern-media-controls/images/macOS/Airplay-fullscreen.svg: Added.
        * Modules/modern-media-controls/images/macOS/Airplay.svg: Added.
        * Modules/modern-media-controls/images/macOS/EnterFullscreen.svg: Added.
        * Modules/modern-media-controls/images/macOS/ExitFullscreen.svg: Added.
        * Modules/modern-media-controls/images/macOS/Forward.svg: Added.
        * Modules/modern-media-controls/images/macOS/MediaSelector-fullscreen.svg: Added.
        * Modules/modern-media-controls/images/macOS/MediaSelector.svg: Added.
        * Modules/modern-media-controls/images/macOS/Mute.svg: Added.
        * Modules/modern-media-controls/images/macOS/Pause.svg: Added.
        * Modules/modern-media-controls/images/macOS/PipIn-fullscreen.svg: Added.
        * Modules/modern-media-controls/images/macOS/PipIn.svg: Added.
        * Modules/modern-media-controls/images/macOS/Play.svg: Added.
        * Modules/modern-media-controls/images/macOS/Rewind.svg: Added.
        * Modules/modern-media-controls/images/macOS/SkipBack15.svg: Added.
        * Modules/modern-media-controls/images/macOS/SkipForward15.svg: Added.
        * Modules/modern-media-controls/images/macOS/VolumeHi.svg: Added.
        * Modules/modern-media-controls/images/macOS/VolumeLo.svg: Added.
        * Modules/modern-media-controls/images/macOS/airplay-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/airplay-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/airplay-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/airplay-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/airplay@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/airplay@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/enter-fullscreen-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/enter-fullscreen-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/enter-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/enter-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/exit-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/exit-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/forward@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/forward@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/interval-skip-back-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/interval-skip-back-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/interval-skip-back@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/interval-skip-back@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/media-selection@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pause@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/pip-in@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/play@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/rewind@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/rewind@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/scale-to-fill@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/scale-to-fill@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/scale-to-fit@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/scale-to-fit@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/start@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/start@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-down-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-down-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-mute-compact@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-mute-compact@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-mute@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-mute@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-up-fullscreen@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume-up-fullscreen@2x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume@1x.png: Removed.
        * Modules/modern-media-controls/images/macOS/volume@2x.png: Removed.
        * Modules/modern-media-controls/js-files:
        * Modules/modern-media-controls/main.js:
        (UIString):
        (formatTimeByUnit):
        * Modules/modern-media-controls/media/audio-support.js: Added.
        (AudioSupport.prototype.get control):
        (AudioSupport.prototype.get mediaEvents):
        (AudioSupport.prototype.get tracksToMonitor):
        (AudioSupport.prototype.syncControl):
        (AudioSupport):
        * Modules/modern-media-controls/media/controls-visibility-support.js:
        (ControlsVisibilitySupport.prototype._updateControls):
        (ControlsVisibilitySupport):
        * Modules/modern-media-controls/media/fullscreen-support.js:
        (FullscreenSupport.prototype.buttonWasPressed):
        (FullscreenSupport.prototype.syncControl):
        (FullscreenSupport):
        (FullscreenSupport.prototype.iOSInlineMediaControlsRecognizedPinchInGesture): Deleted.
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):
        (MediaController.prototype.get isAudio):
        (MediaController.prototype.get isYouTubeEmbedWithTitle):
        (MediaController.prototype.get isFullscreen):
        (MediaController.prototype.get layoutTraits):
        (MediaController.prototype.iOSInlineMediaControlsRecognizedTapGesture):
        (MediaController.prototype.iOSInlineMediaControlsRecognizedPinchInGesture):
        (MediaController.prototype._updateControlsIfNeeded):
        (MediaController.prototype._updateTextTracksClassList):
        (MediaController.prototype.controlsBarFadedStateDidChange): Deleted.
        * Modules/modern-media-controls/media/media-document-controller.js:
        (MediaDocumentController.prototype._mediaDocumentHasMetadata):
        * Modules/modern-media-controls/media/placard-support.js:
        (PlacardSupport.prototype._updatePlacard):
        (PlacardSupport):
        * Modules/modern-media-controls/media/scrubbing-support.js:
        (ScrubbingSupport.prototype.get mediaEvents):
        (ScrubbingSupport.prototype.syncControl):
        (ScrubbingSupport):
        * Modules/modern-media-controls/media/skip-back-support.js:
        * Modules/modern-media-controls/media/skip-forward-support.js: Added.
        (SkipForwardSupport.prototype.get control):
        (SkipForwardSupport.prototype.get mediaEvents):
        (SkipForwardSupport.prototype.buttonWasPressed):
        (SkipForwardSupport.prototype.syncControl):
        (SkipForwardSupport):
        * Modules/modern-media-controls/media/start-support.js:
        (StartSupport):
        (StartSupport.prototype.handleEvent):
        (StartSupport.prototype._shouldShowStartButton):
        (StartSupport.prototype.get control): Deleted.
        (StartSupport.prototype.syncControl): Deleted.
        * Modules/modern-media-controls/media/status-support.js:
        (StatusSupport.prototype.get mediaEvents):
        (StatusSupport.prototype.syncControl):
        (StatusSupport):
        * Modules/modern-media-controls/media/time-control-support.js: Renamed from Source/WebCore/Modules/modern-media-controls/media/time-labels-support.js.
        (TimeControlSupport.prototype.syncControl):
        (TimeControlSupport):
        * Modules/modern-media-controls/media/tracks-support.js:
        (TracksSupport.prototype.syncControl):
        * WebCore.xcodeproj/project.pbxproj:

2017-06-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        Refactor -[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:] to check readable types
        https://bugs.webkit.org/show_bug.cgi?id=172891
        <rdar://problem/32204540>

        Reviewed by Darin Adler.

        Tweaks some logic in PlatformPasteboardIOS and WebItemProviderPasteboard to correctly construct objects in
        -valuesForPasteboardType:inItemSet:. Previously, we have a hard-coded map of UTI type to Class in the form of
        static helpers titled is{RichText, String, URL, Image, Color}Type in WebItemProviderPasteboard. We would use
        these functions to determine whether an NSAttributedString, NSString, NSURL, UIImage or UIColor should be
        constructed using the loaded item provider data. This is incorrect for some UTIs, such as public.html, which
        cannot actually be used to construct an NSAttributedString -- this caused -valuesForPasteboardType:inItemSet: to
        always return nil when attempting to create an object corresponding to public.html.

        To fix this, we refactor -valuesForPasteboardType:inItemSet: to instead iterate through UIItemProviderReading-
        conformant classes in search for a class that can be created for the given UTI type. If no such class exists, we
        then fall back to custom WebKit handling of the dropped UTI type, which so far only includes reading an NSString
        with public.plain-text if the UTI is public.html (i.e. reading the HTML source from loaded item provider data).

        Covered by 2 new API tests:
        DataInteractionTests.ExternalSourceHTMLToContentEditable
        DataInteractionTests.ExternalSourceAttributedStringToContentEditable

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::stringForType):
        (WebCore::PlatformPasteboard::readString):

        In some cases, -[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:] may now return an
        NSAttributedString when an NSString was previously created. This adjusts for that possibility by returning just
        the plain text, -[NSAttributedString string], if the read object was an NSAttributedString.

        * platform/ios/WebItemProviderPasteboard.mm:
        (allLoadableClasses):
        (classForTypeIdentifier):
        (-[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:]):

        See description above for more details.

        (isRichTextType): Deleted.
        (isStringType): Deleted.
        (isURLType): Deleted.
        (isColorType): Deleted.
        (isImageType): Deleted.

        Removes these heuristics that attempt to "guess" the best UIItemProviderReading class to try and load for a
        given UTI type.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::draggedContentRangesBetweenOffsets):

        Adds a nil check to fix a debug assertion hit when running DataInteractionTests.

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Build fix for macOS 10.12

        * platform/spi/cocoa/AVKitSPI.h:

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager togglePictureInPicture]):

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/spi/cocoa/AVKitSPI.h:

2017-06-05  Konstantin Tokarev  <annulen@yandex.ru>

        Unreviewed, fix missing semicolon in r217795

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::calculateNaturalSize):

2017-06-05  Jer Noble  <jer.noble@apple.com>

        Allow clients to specify a list of codecs which should require hardware decode support.
        https://bugs.webkit.org/show_bug.cgi?id=172787

        Reviewed by Alex Christensen.

        Add a new setting, checked by HTMLMediaElement, which allows MediaPlayerPrivate implementation
        to require that the specified codecs have hardware support. This requirement will be supported
        in the normal media loading path and the MSE path on Cocoa ports.

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaCodecsRequiringHardwareSupport):
        * html/HTMLMediaElement.h:
        * page/Settings.cpp:
        (WebCore::Settings::setMediaCodecsRequiringHardwareSupport):
        * page/Settings.h:
        (WebCore::Settings::mediaCodecsRequiringHardwareSupport):
        * platform/cocoa/VideoToolboxSoftLink.cpp:
        * platform/cocoa/VideoToolboxSoftLink.h:
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaCodecsRequiringHardwareSupport):
        * platform/graphics/avfoundation/objc/AVAssetTrackUtilities.h: Added.
        * platform/graphics/avfoundation/objc/AVAssetTrackUtilities.mm: Added.
        (WebCore::assetTrackMeetsHardwareDecodeRequirements):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::checkPlayability):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::assetStatus):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager togglePictureInPicture]):

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/spi/mac/AVFoundationSPI.h:

2017-06-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build when targrting macOS 10.12 using the macOS 10.13 developer beta SDK.

        * platform/spi/cocoa/IOSurfaceSPI.h:

2017-06-05  Konstantin Tokarev  <annulen@yandex.ru>

        Fix MediaPlayerPrivateMediaFoundation::naturalSize
        https://bugs.webkit.org/show_bug.cgi?id=172908

        Reviewed by Alex Christensen.

        MediaPlayerPrivateMediaFoundation::naturalSize should return size of
        video frame corrected by PAR, not size of video element.

        No new tests needed.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::load):
        (WebCore::MediaPlayerPrivateMediaFoundation::naturalSize):
        (WebCore::MediaPlayerPrivateMediaFoundation::setNaturalSize):
        (WebCore::calculateNaturalSize):
        (WebCore::MediaPlayerPrivateMediaFoundation::CustomVideoPresenter::setMediaType):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2017-06-05  Zalan Bujtas  <zalan@apple.com>

        Destroy the associated renderer subtree when display: contents node is deleted.
        https://bugs.webkit.org/show_bug.cgi?id=172920
        <rdar://problem/32446045>

        Reviewed by Antti Koivisto.

        Since display: contents node does not create a renderer, we need to explicitly check
        and distinguish it from the display: none case.

        Covered by existing tests.

        * dom/ContainerNode.cpp:
        (WebCore::destroyRenderTreeIfNeeded):
        * dom/Node.cpp:
        (WebCore::Node::~Node): Promote ASSERT(!renderer()) to ASSERT_WITH_SECURITY_IMPLICATION.
        * dom/Text.cpp:
        (WebCore::Text::~Text): Redundant assert. Text is a Node.

2017-06-05  Beth Dakin  <bdakin@apple.com>

        Modify Netflix controlsManager quirk to prevent only scrubbing
        https://bugs.webkit.org/show_bug.cgi?id=172881
        -and corresponding-
        rdar://problem/32228660

        Reviewed by Andy Estes.

        Instead of preventing Netflix from getting a controlsManager at all, this patch 
        ONLY prevents touch bar scrubbing from working. This means that Netflix will now 
        get controls in the TouchBar, it means that the play/pause and PiP buttons will be 
        functional, and it means that the timeline will accurately represent the current 
        time, BUT users will not be able to use the timeline to scrub the video. This also 
        allows Netflix to work with other MediaRemote clients such as AirPods.

        Remove the quirk code from here, since this is no longer the right place to test 
        if the MediaElement is hosted at Netflix.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::bestMediaElementForShowingPlaybackControlsManager):
        (WebCore::needsPlaybackControlsManagerQuirk): Deleted.

        Pass around a new bool allowsTouchBarScrubbing.
        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::allowsTouchBarScrubbingChanged):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:

        Here’s where we check if we need quirky behavior.
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::updateForEventName):
        (WebCore::WebPlaybackSessionModelMediaElement::allowsTouchBarScrubbing):

        Return the bool we have plumbed through tracking whether the current site 
        allowsTouchBarScrubbing from the existing delegate method 
        canBeginTouchBarScrubbing. We will always return NO for video elements on Netflix, 
        and this will prevent users from be able to scrub with the TouchBar on Netflix.
        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager canBeginTouchBarScrubbing]):

        More plumbing.
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::allowsTouchBarScrubbingChanged):
        (WebCore::WebPlaybackSessionInterfaceMac::setPlayBackControlsManager):

2017-06-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Deadlock in MediaPlayerPrivateGStreamer::changePipelineState, web process often locks up on seeking in a youtube video that has already fully buffered
        https://bugs.webkit.org/show_bug.cgi?id=170003

        Reviewed by Michael Catanzaro.

        When video sink is requested to render a frame, the GstBaseSink preroll mutex is taken. Then WebKit media player
        schedules a repaint in the main thread, taking the draw mutex and waiting on draw condition. It can happen that
        before the repaint is done in the main thread, a pause is requested in the main thread, causing a change state
        from PLAYING to PAUSE. When the change state reaches the video sink gst_base_sink_change_state() tries to get
        the preroll mutex. This causes a deadlock because the main thread is waiting to get the preroll mutex, but the
        other thread is waiting for the main thread to do the repaint. GStreamer handles this case by calling unlock()
        on the video sink before trying to get the preroll mutex, but the media player doesn't cancel the pending
        repaint when using coordinated graphics. This patch adds a new signal to WebKitVideoSink "repaint-cancelled" to
        notify the media player to cancel the pending prepaint.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint): Release the draw mutex and notify the condition.
        (WebCore::MediaPlayerPrivateGStreamerBase::repaintCancelledCallback): Call cancelRepaint().
        (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSink): Connect to WebKitVideoSink::repaint-cancelled.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (webkitVideoSinkRepaintCancelled): Emit WebKitVideoSink::repaint-cancelled.
        (webkitVideoSinkUnlock): Call webkitVideoSinkRepaintCancelled().
        (webkitVideoSinkStop): Ditto.
        (webkit_video_sink_class_init): Add WebKitVideoSink::repaint-cancelled signal.

2017-06-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Cleanup ifdefs in MediaPlayerPrivateGStreamerBase
        https://bugs.webkit.org/show_bug.cgi?id=172918

        Reviewed by Michael Catanzaro.

        The code in MediaPlayerPrivateGStreamerBase is quite difficult to follow with all the ifdefs for the
        possibilities when rendering. Some of them are even dead code now that all ports using GStreamer are using also
        coordinated graphics.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
        (WebCore::MediaPlayerPrivateGStreamerBase::repaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (VideoRenderRequestScheduler::VideoRenderRequestScheduler):
        (VideoRenderRequestScheduler::stop):
        (VideoRenderRequestScheduler::requestRender):
        (webkitVideoSinkRequestRender):

2017-06-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix compile warning when building GTK+ port without OpenGL.

        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::createTexture):

2017-06-05  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Do not force video sample's buffer release when the platformLayerProxy is inactive
        https://bugs.webkit.org/show_bug.cgi?id=172916

        Reviewed by Carlos Garcia Campos.

        When MediaPlayerPrivateGStreamerBase's plarformLayerProxy was inactive, a copy of the video sample
        was being done (without the buffer) and set, causing the sample's buffer to get freed. This was done
        to avoid stalling the gstreamer pipeline in situations where the video was set to display:none, as the
        platformLayerProxy would keep all the available buffers. But this can't happen nowadays as setting
        the video to display:none invalidates the proxy, causing it to release the references to the
        gstreamer buffers it's using. Also, the current code is causing a crash when using gstreamer-gl and
        the video is hidden but its contents are being painted through webgl or an accelerated canvas. So,
        remove this sample copy as it's not necessary anymore.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):

2017-06-05  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE] Fix the condition to decide whether the MediaPlayer can be rendered accelerated
        https://bugs.webkit.org/show_bug.cgi?id=172852

        Reviewed by Michael Catanzaro.

        Before this change, in order to determine whether the MediaPlayer rendering could be accelerated we
        needed the player to have a renderer or it would return false. The renderer was needed in order to
        access the RenderLayerCompositor and check whether the chrome would be overwriting the accelerated
        compositing setting. But we don't have that option in WebKitGTK+ or WPE, so we can just check the
        accelerated compositing setting directly.

        Another problems with the approach before this change is that accelerated rendering was being disabled
        when the video element was not visible, as there's no video renderer. Due to this, cases where the video
        is painted through an accelerated canvas or webgl would not be using hardware accelerated copies.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::acceleratedRenderingStateChanged):

2017-06-04  Simon Fraser  <simon.fraser@apple.com>

        Percentages are calculated wrong in SVG transform CSS property
        https://bugs.webkit.org/show_bug.cgi?id=172901

        Reviewed by Zalan Bujtas.
        
        The code added in r217236 was just fetching viewBox(), but that can be empty.
        SVGLengthContext::determineViewport() does the correct thing to get
        the appropriate viewport.

        Test: svg/transforms/percent-transform-values-viewbox.html

        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::animatedLocalTransform):

2017-06-04  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Page capture state not reported correctly
        https://bugs.webkit.org/show_bug.cgi?id=172897
        <rdar://problem/32493318>

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/media-stream-track-muted.html

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::mediaState): Test for audio and video mute on the tracks.
        (WebCore::MediaStream::characteristicsChanged): Call statusDidChange when m_mediaState
        changes instead of m_muted, so the page is informed when just audio or video mute state
        changes.
        * Modules/mediastream/MediaStream.h:

        * testing/Internals.cpp:
        (WebCore::Internals::setMediaStreamTrackMuted): New.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-03  Darin Adler  <darin@apple.com>

        Streamline handling of attributes, using references as much as possible
        https://bugs.webkit.org/show_bug.cgi?id=172899

        Reviewed by Chris Dumez.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::valueForRange): Use reference to value of
        attribute instead of copy to avoid reference count churn.
        (WebCore::AccessibilityNodeObject::maxValueForRange): Ditto.
        (WebCore::AccessibilityNodeObject::minValueForRange): Ditto.
        * accessibility/AccessibilitySVGElement.cpp:
        (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage): Ditto.
        (WebCore::AccessibilitySVGElement::accessibilityDescription): Ditto.
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::StyleAttributeMutationScope::StyleAttributeMutationScope): Ditto.

        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::shouldCancelDefaultAction): Use the
        equalLettersIgnoringASCIICase function instead of using
        both equalIgnoringASCIICase and convertToASCIILowercase.

        * html/HTMLAudioElement.cpp:
        (WebCore::HTMLAudioElement::HTMLAudioElement): Marked this inline since we
        want it inlined the one place it's used.
        (WebCore::HTMLAudioElement::create): Use auto and named the local variable
        just element.
        (WebCore::HTMLAudioElement::createForJSConstructor): Call create rather than
        repeating the code from create. Use setAttributeWithoutSynchronization directly
        rather than calling helper functions. Removed unneeded null check;
        setAttributeWithoutSynchronization handles null by removing the attribute.
        * html/HTMLAudioElement.h: Changed src argument of createForJSConstructor to
        take AtomicString since that is what we need for an attribute value.
        * html/HTMLAudioElement.idl: Use [AtomicString] for src argument.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::directionality): Use reference to value of
        attribute instead of copy to avoid reference count churn.
        (WebCore::HTMLElement::shouldAutocorrect): Ditto.

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Call the new
        parsedMediaAttribute instead of the old mediaQuerySet function. Other than the
        name, the only change is that the result is now a const pointer.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateType): Removed unnecessary local variable,
        resulting in code that is slightly cleaner and possibly eliminating reference
        count chrun.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setSrc): Deleted.
        (WebCore::HTMLMediaElement::selectNextSourceChild): Use parsedMediaAttribute and
        removed rendudant direct check of whether mediaAttr is present. Changed logging to
        get the media attribute directly rather than with a helper function. Changed type
        to get the type attribute directly rather than with a helper function.
        (WebCore::HTMLMediaElement::sourceWasAdded): Take a reference rather than a pointer.
        (WebCore::HTMLMediaElement::sourceWasRemoved): Ditto.
        (WebCore::HTMLMediaElement::doesHaveAttribute): Use reference to value of
        attribute instead of copy to avoid reference count churn.
        * html/HTMLMediaElement.h: Updated for the above.

        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::insertedInto): Pass reference instead of pointer.
        (WebCore::HTMLSourceElement::removedFrom): Ditto.
        (WebCore::HTMLSourceElement::setSrc): Deleted.
        (WebCore::HTMLSourceElement::media): Deleted.
        (WebCore::HTMLSourceElement::setMedia): Deleted.
        (WebCore::HTMLSourceElement::type): Deleted.
        (WebCore::HTMLSourceElement::setType): Deleted.
        (WebCore::HTMLSourceElement::parseAttribute): Clear out m_cachedParsedMediaAttribute.
        This makes the parsing be lazy. The old code would parse the attribute value to make
        a MediaQuerySet here, but we do it in parsedMediaAttribute now.
        (WebCore::HTMLSourceElement::parsedMediaAttribute): Added. Creates a MediaQuerySet
        if needed, and returns it or null.
        * html/HTMLSourceElement.h: Removed include of MediaList.h. Removed unneeded media,
        type, setSrc, setMedia, and setType functions. Replaced the mediaQuerySet function
        with the parsedMediaAttribute, which returns a const pointer rather than non-const,
        and is also non-inline because it lazily creates the MediaQuerySet as needed. Replaced
        m_mediaQuerySet with m_cachedParsedMediaAttribute.
        * html/HTMLSourceElement.idl: Use [Reflect] for both type and media.

        * html/MediaDocument.cpp: Modernize the MediaDocumentParser constructor.
        (WebCore::MediaDocumentParser::createDocumentStructure): Instead of setSrc, use
        setAttributeWithoutSynchronization for the src attribute just as we do for all the
        other attributes of the newly created video element.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled): Use reference to
        value of attribute instead of copy to avoid reference count churn.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::defaultSubstituteDataForURL): Ditto.
        * rendering/RenderThemeIOS.mm:
        (WebCore::getAttachmentProgress): Ditto.
        * rendering/RenderThemeMac.mm:
        (WebCore::AttachmentLayout::layOutSubtitle): Ditto.
        (WebCore::RenderThemeMac::paintAttachment): Ditto.
        * svg/SVGHKernElement.cpp:
        (WebCore::SVGHKernElement::buildHorizontalKerningPair): Ditto.
        * svg/SVGVKernElement.cpp:
        (WebCore::SVGVKernElement::buildVerticalKerningPair): Ditto.
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::buildPendingResource): Ditto. Also use parentElement
        instead of writing out code that does exactly what it does.

2017-06-03  Sam Weinig  <sam@webkit.org>

        Can't use Object.defineProperty() to add an item to a DOMStringMap or Storage
        https://bugs.webkit.org/show_bug.cgi?id=172687

        Reviewed by Darin Adler.

        - Adds support for generating the defineOwnProperty ClassInfo method table hook
          to add support for Object.defineProperty(). The implementation follows WebIDL
          section 3.9.3 [[DefineOwnProperty]].
          (https://heycam.github.io/webidl/#legacy-platform-object-defineownproperty)
        - Adds support for generating named setters in addition to the already supported
          indexed setters as much of the required work was needed to make defineOwnProperty
          work for those properties. This patch does not aim to follow WebIDL faithfully,
          but rather to generate as close to the custom code as possible. A follow up 
          change will attempt to match WebIDL more closely (which will also require changes
          to [[GetOwnPropertySlot]]).
        - Removes the need for custom bindings in DOMStringMap, HTMLOptionsCollection and
          HTMLSelectElement. Gets us one function away from supporting Storage.
        - Tidies up generated headers a bit by grouping all the ClassInfo method table hooks
          together.
        - Removes support for CustomIndexedSetter, which is no longer used.

        Test: js/dom/legacy-platform-object-defineOwnProperty.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        Removed now unneeded custom bindings.

        * bindings/js/JSDOMStringMapCustom.cpp: Removed.
        * bindings/js/JSHTMLOptionsCollectionCustom.cpp: Removed.
        * bindings/js/JSHTMLSelectElementCustom.cpp: Removed.
        * bindings/js/JSHTMLSelectElementCustom.h: Removed.
        * bindings/js/JSStorageCustom.cpp:
        (WebCore::JSStorage::putDelegate): Deleted.
        Remove more code that is now generated.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateIndexedGetter):
        - Add missing check for indexed setter operation when determining if the property should be ReadOnly.
        - Add support for custom implementation name, matching GenerateNamedGetter.
        - Convert to taking an outputArray and indent to allow more flexibility going forward.

        (GenerateNamedGetter):
        - Add missing check for named setter operation when determining if the property should be ReadOnly.
        - Convert to taking an outputArray and indent to allow more flexibility going forward.

        (GenerateGetOwnPropertySlotBody):
        - Convert to taking an outputArray and indent to allow more flexibility going forward.
        - Take over responsibility for checking and bailing if CustomGetOwnPropertySlot is set.

        (GenerateGetOwnPropertySlotBodyByIndex):
        - Convert to taking an outputArray and indent to allow more flexibility going forward.
        - Take over responsibility for checking and bailing if CustomGetOwnPropertySlotByIndex is set.

        (GenerateGetOwnPropertyNames):
        - Convert to taking an outputArray and indent to allow more flexibility going forward.
        - Take over responsibility for checking and bailing if CustomEnumerateProperty is set.

        (GenerateInvokeIndexedPropertySetter):
        Added. Implements the 'invoke an indexed property setter' algorithm (https://heycam.github.io/webidl/#invoke-indexed-setter)

        (GenerateInvokeNamedPropertySetter):
        Added. Implements the 'invoke a named property setter' algorithm (https://heycam.github.io/webidl/#invoke-named-setter)

        (GeneratePut):
        (GeneratePutByIndex):
        - Convert to taking an outputArray and indent to allow more flexibility going forward.
        - Take over responsibility for checking and bailing if CustomPut is set.
        - Adds support for CEReactions.
        - Adopts GenerateInvokeIndexedPropertySetter and GenerateInvokeNamedPropertySetter to
          simplify code.
        - Removes support for CustomIndexedSetter, which is no longer used.
        - Replaces use direct checking of OverrideBuiltins with check if any interface it inherits
          has it, which is how it is specified to work.

        (GenerateIsUnforgeablePropertyName):
        Added. Helper subroutine to generate a function that compares a property name
        agains all the property names defined as Unforgeable on the interface. Used by
        GenerateDefineOwnProperty.

        (GenerateDefineOwnProperty):
        Added. Implements section 3.9.3 [[DefineOwnProperty]] (https://heycam.github.io/webidl/#legacy-platform-object-defineownproperty)
        Adds support for CEReactions.

        (GenerateDeletePropertyCommon):
        Switch from getting OverrideBuiltins directly off the interface to using InheritsExtendedAttribute.

        (GenerateNamedDeleterDefinition):
        Switch signature to match peer generators.

        (InstanceOverridesGetOwnPropertySlot):
        Update for rename of JSCustomGetOwnPropertySlotAndDescriptor to CustomGetOwnPropertySlotAndDescriptor.

        (InstanceOverridesGetOwnPropertySlotByIndex):
        Added. Like InstanceOverridesGetOwnPropertySlot, but checks for the new CustomGetOwnPropertySlotByIndex 
        rather than CustomGetOwnPropertySlot.

        (InstanceOverridesGetOwnPropertyNames):
        Added. Moves complex predicate out of line.

        (InstanceOverridesPut):
        Removes now unused CustomIndexedSetter, and adds CustomPutFunction, which used to be checked separately.

        (InstanceOverridesDefineOwnProperty):
        Added.

        (GenerateHeader):
        - Moves more structure flags together.
        - Simplifies predicates and moves the ClassInfo method table hooks together.

        (GenerateImplementation):
        - Moves the ClassInfo method table hooks together
        - Adds call to GenerateDefineOwnProperty.

        (GenerateLegacyCallerDefinitions):
        Simplify bail condition to match other generators.

        (GeneratePrototypeDeclaration):
        Update for new extended attribute names.

        (InstanceOverridesCall): 
        Renamed from IsCallable for consistency.
        
        (HasComplexGetOwnProperty): 
        Deleted. Unused.
        
        (InstanceOverridesPutImplementation): 
        Deleted. Unused.
        
        (InstanceOverridesPutDeclaration): 
        Deleted. Unused.
        
        (IsCallable): 
        Renamed, for consistency, to InstanceOverridesCall .

        * bindings/scripts/IDLAttributes.json:
        Renames a few of the extended attributes to remove the JS prefix. This time
        around I only did the ones in the area I was working, but we should probably
        remove most of the rest.
    
        * css/CSSStyleDeclaration.idl:
        Update for JSCustomGetOwnPropertySlotAndDescriptor -> CustomGetOwnPropertySlotAndDescriptor rename.

        * dom/DOMStringMap.idl:
        Remove CustomNamedSetter and add uncomment out the setter.

        * dom/DatasetDOMStringMap.cpp:
        (WebCore::DatasetDOMStringMap::setNamedItem):
        (WebCore::DatasetDOMStringMap::setItem): Deleted.
        * dom/DatasetDOMStringMap.h:
        Rename setItem to setNamedItem, which is what the generator expects.

        * dom/Node.idl:
        Update for JSCustomPushEventHandlerScope -> CustomPushEventHandlerScope rename.

        * html/HTMLAppletElement.idl:
        * html/HTMLEmbedElement.idl:
        * html/HTMLObjectElement.idl:
        Update for JSCustomGetOwnPropertySlotAndDescriptor -> CustomGetOwnPropertySlotAndDescriptor rename.

        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::isSupportedPropertyName):
        * html/HTMLCollection.h:
        Add isSupportedPropertyName function which is used by the bindings and is now needed.

        * html/HTMLElement.idl:
        Update for JSCustomPushEventHandlerScope -> CustomPushEventHandlerScope rename.

        * html/HTMLOptionsCollection.h:
        (WebCore::HTMLOptionsCollection::setItem):
        Add setItem() implementation which just forwards to the select element. Also, add 
        a type alias to make the implementations of item and namedItem less verbose.

        * html/HTMLOptionsCollection.idl:
        Remove CustomIndexedSetter and uncomment the setter.

        * html/HTMLSelectElement.idl:
        Remove CustomIndexedSetter and uncomment the setter. Also, reformat
        to match the WHATWG spec.

        * page/DOMWindow.idl:
        Update for JSCustomDefineOwnProperty -> CustomDefineOwnProperty rename. Add 
        CustomGetOwnPropertySlotByIndex which is now needed to remove some unsound
        assumptions the generator was making.

        * page/Location.idl:
        Update for removal of JS prefix from a bunch of extended attributes.

        * page/UserMessageHandlersNamespace.idl:
        Update for JSCustomGetOwnPropertySlotAndDescriptor -> CustomGetOwnPropertySlotAndDescriptor rename.

        * storage/Storage.idl:
        Remove CustomNamedSetter and uncomment the setter.

        * bindings/scripts/test/JS/JSInterfaceName.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: Added.
        * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: Added.
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: Added.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h:
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h:
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h: Added.
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        * bindings/scripts/test/TestIndexedSetterNoIdentifier.idl: Added.
        * bindings/scripts/test/TestIndexedSetterThrowingException.idl: Added.
        * bindings/scripts/test/TestIndexedSetterWithIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedAndIndexedSetterNoIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedAndIndexedSetterThrowingException.idl: Added.
        * bindings/scripts/test/TestNamedAndIndexedSetterWithIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedDeleterWithIdentifier.idl:
        * bindings/scripts/test/TestNamedSetterNoIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedSetterThrowingException.idl: Added.
        * bindings/scripts/test/TestNamedSetterWithIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedSetterWithOverrideBuiltins.idl: Added.
        * bindings/scripts/test/TestNamedSetterWithUnforgableProperties.idl: Added.
        * bindings/scripts/test/TestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.idl: Added.
        Added new tests and updated some results.

2017-06-04  Simon Fraser  <simon.fraser@apple.com>

        Object bounding box wrong for some paths
        https://bugs.webkit.org/show_bug.cgi?id=172866

        Reviewed by Tim Horton.
        
        RenderSVGShape::calculateObjectBoundingBox() should use boundingRect()
        rather than fastBoundingRect(), because the latter includes control points.

        Covered by existing tests.

        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::calculateObjectBoundingBox):

2017-06-04  Konstantin Tokarev  <annulen@yandex.ru>

        Fix build of Windows-specific code with ICU 59.1
        https://bugs.webkit.org/show_bug.cgi?id=172729

        Reviewed by Darin Adler.

        Fix conversions from WTF::String to wchar_t* and vice versa.
        No new tests needed.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::mimeTypeCache):
        (WebCore::MediaPlayerPrivateMediaFoundation::startCreateMediaSource):

2017-06-04  Chris Dumez  <cdumez@apple.com>

        Implement DOMMatrixReadOnly.transformPoint()
        https://bugs.webkit.org/show_bug.cgi?id=172900

        Reviewed by Simon Fraser.

        Implement DOMMatrixReadOnly.transformPoint():
        - https://drafts.fxtf.org/geometry/#dommatrixreadonly
        - https://drafts.fxtf.org/geometry/#dom-dommatrixreadonly-transformpoint

        Test: imported/blink/fast/dom/geometry-interfaces-dom-matrix-transformPoint.html

        * css/DOMMatrixReadOnly.cpp:
        (WebCore::DOMMatrixReadOnly::transformPoint):
        * css/DOMMatrixReadOnly.h:
        * css/DOMMatrixReadOnly.idl:

2017-06-04  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Improve comments in AES, PBKDF2, RSA-SSA algorithm implementations
        https://bugs.webkit.org/show_bug.cgi?id=172894

        Reviewed by Michael Catanzaro.

        Add or improve code comments in libgcrypt implementations for the AES_CBC,
        AES_GCM, AES_KW, PBKDF2 and RSA-SSA algorithms.

        * crypto/gcrypt/CryptoAlgorithmAES_CBCGCrypt.cpp: Add generic comments that
        describe each operation that's performed.
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        * crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp: Ditto.
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        * crypto/gcrypt/CryptoAlgorithmAES_KWGCrypt.cpp: Ditto.
        (WebCore::gcryptWrapKey):
        (WebCore::gcryptUnwrapKey):
        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp: Ditto.
        (WebCore::gcryptDeriveBits):
        * crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp:
        (WebCore::gcryptVerify): Align the verification results comment with the
        one that's used in the ECDSA implementation.

2017-06-03  Chris Dumez  <cdumez@apple.com>

        Implement DOMMatrix's fromFloat32Array / fromFloat64Array & toFloat32Array / toFloat64Array
        https://bugs.webkit.org/show_bug.cgi?id=172898

        Reviewed by Sam Weinig.

        Implement DOMMatrix's fromFloat32Array / fromFloat64Array & toFloat32Array / toFloat64Array
        as per:
        - https://drafts.fxtf.org/geometry/#dommatrixreadonly

        Test: http/wpt/geometry/DOMMatrix-from-to-typed-arrays.html

        * css/DOMMatrix.cpp:
        (WebCore::DOMMatrix::fromFloat32Array):
        (WebCore::DOMMatrix::fromFloat64Array):
        * css/DOMMatrix.h:
        * css/DOMMatrix.idl:
        * css/DOMMatrixReadOnly.cpp:
        (WebCore::DOMMatrixReadOnly::fromFloat32Array):
        (WebCore::DOMMatrixReadOnly::fromFloat64Array):
        (WebCore::DOMMatrixReadOnly::toFloat32Array):
        (WebCore::DOMMatrixReadOnly::toFloat64Array):
        * css/DOMMatrixReadOnly.h:
        * css/DOMMatrixReadOnly.idl:

2017-06-03  Simon Fraser  <simon.fraser@apple.com>

        Implement DOMPointReadOnly.matrixTransform()
        https://bugs.webkit.org/show_bug.cgi?id=172896

        Reviewed by Chris Dumez.

        DOMPointReadOnly.matrixTransform() creates the matrix or throws, then uses
        a new function in TransformationMatrix to map x,y,z,w through the matrix.

        Test: http/wpt/geometry/DOMPoint-003.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/DOMMatrixReadOnly.h:
        (WebCore::DOMMatrixReadOnly::transformationMatrix):
        * dom/DOMPointReadOnly.cpp: Copied from Source/WebCore/dom/DOMPointReadOnly.idl.
        (WebCore::DOMPointReadOnly::matrixTransform):
        * dom/DOMPointReadOnly.h:
        * dom/DOMPointReadOnly.idl:
        * platform/graphics/transforms/TransformationMatrix.cpp:
        (WebCore::TransformationMatrix::map4ComponentPoint):
        * platform/graphics/transforms/TransformationMatrix.h:

2017-06-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Cleanup arguments to preparePlatformFont() and fontWithFamily() in FontCacheCoreText.cpp
        https://bugs.webkit.org/show_bug.cgi?id=172886

        Reviewed by Simon Fraser.

        The number of arguments is getting out of control.

        No new tests because there is no behavior change.

        * platform/graphics/FontCache.h:
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        (WebCore::fontWithFamily):
        (WebCore::FontCache::createFontPlatformData):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/spi/cocoa/CoreTextSPI.h:

2017-06-03  Yusuke Suzuki  <utatane.tea@gmail.com>

        Script modules should be able to import data urls
        https://bugs.webkit.org/show_bug.cgi?id=171594

        Reviewed by Youenn Fablet.

        Tests: js/dom/classic-script-with-data-url.html
               js/dom/modules/module-script-with-data-url.html

        Script tag resources should have SameOriginDataURLFlag::Set to load data URLs
        since script tags should treat data URLs as same origin.

        * bindings/js/CachedScriptFetcher.cpp:
        (WebCore::CachedScriptFetcher::requestScriptWithCache):

2017-06-03  Simon Fraser  <simon.fraser@apple.com>

        Sort the project file.

        * WebCore.xcodeproj/project.pbxproj:

2017-06-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Gather SUBTLE_CRYPTO utility functions in a single header
        https://bugs.webkit.org/show_bug.cgi?id=172870

        Reviewed by Jiewen Tan.

        Gather the helper functions used across different source files
        for libgcrypt-backed SUBTLE_CRYPTO implementations in a single
        header file.

        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:
        (WebCore::hashCryptoDigestAlgorithm): Deleted.
        (WebCore::hashAlgorithmName): Deleted.
        (WebCore::mpiData): Deleted.
        * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp:
        (WebCore::gcryptDeriveBits):
        (WebCore::macAlgorithmForHashFunction): Deleted.
        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:
        (WebCore::gcryptDeriveBits):
        * crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp:
        (WebCore::mpiData): Deleted.
        * crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp:
        (WebCore::hashCryptoDigestAlgorithm): Deleted.
        (WebCore::hashAlgorithmName): Deleted.
        (WebCore::mpiData): Deleted.
        * crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp:
        (WebCore::hashAlgorithmName): Deleted.
        (WebCore::mpiData): Deleted.
        * crypto/gcrypt/GCryptUtilities.h: Added.
        (WebCore::hashAlgorithmName):
        (WebCore::hmacAlgorithm):
        (WebCore::digestAlgorithm):
        (WebCore::hashCryptoDigestAlgorithm):
        (WebCore::mpiData):

2017-06-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Fix PK verification for ECDSA
        https://bugs.webkit.org/show_bug.cgi?id=172857

        Reviewed by Michael Catanzaro.

        No new tests -- covered by existing tests.

        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:
        (WebCore::gcryptVerify): Return `true` if the verification succeeded or `false`
        in any other case, avoiding spilling information about the exact cause of
        verification failure.

2017-06-02  Zalan Bujtas  <zalan@apple.com>

        Cleanup FrameView::autoSizeIfEnabled.
        https://bugs.webkit.org/show_bug.cgi?id=172889
        <rdar://problem/32550783>

        Reviewed by Tim Horton.

        This patch ensures that we always have a clean tree (and a valid and current document size) when
        setting m_autoSizeContentSize. 

        * page/FrameView.cpp:
        (WebCore::FrameView::autoSizeIfEnabled):

2017-06-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        REGRESSION(r216212): RenderReplaced::paint() should not save and restore the context unless it has to
        https://bugs.webkit.org/show_bug.cgi?id=172883
        <rdar://problem/32548614>

        Reviewed by Tim Horton.

        After implementing dragged content fading, RenderReplace::paint is now always guarded by unnecessary calls to
        GraphicsContext::save and GraphicsContext::restore, even when there is no dragged content being rendered. To
        address this, we initialize our GraphicsContextStateSaver with saveAndRestore = false, indicating that we don't
        want to immediately try and save the context.

        If we are in a dragged content range, we will then call GraphicsContextStateSaver::save, which saves the
        graphics context and also causes the GraphicsContextStateSaver to eventually try and restore() when it is
        destroyed. Otherwise, in the common codepath where the renderer is not in a dragged content range, the
        constructor and destructor of GraphicsContextStateSaver will be no-ops with respect to saving and restoring the
        graphics context.

        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint):

2017-06-02  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r213464): [iOS] Fonts get too bold when the "Bold Text" accessibility setting is enabled
        https://bugs.webkit.org/show_bug.cgi?id=172737

        Reviewed by Simon Fraser.

        Revert the part of r213464 which changed how we calculate the weights of system fonts.

        Add an InternalSetting to trigger our mock of the accessbility "Bold Text" setting. We can't
        use the real setting, so instead we just ask for bold fonts instead of regular fonts when this
        setting is true.

        Tests: fast/text/accessibility-bold-system-font.html
               fast/text/accessibility-bold-system-font-2.html

        * platform/graphics/FontCache.h:
        (WebCore::FontCache::shouldMockBoldSystemFontForAccessibility):
        (WebCore::FontCache::setShouldMockBoldSystemFontForAccessibility):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::shouldMockBoldSystemFontForAccessibility):
        (WebCore::RenderTheme::setShouldMockBoldSystemFontForAccessibility):
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::cssWeightOfSystemFont):
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setShouldMockBoldSystemFontForAccessibility):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2017-06-02  Brady Eidson  <beidson@apple.com>

        Prevent scheme handlers from handling all built-in URL schemes.
        <rdar://problem/32404790> and https://bugs.webkit.org/show_bug.cgi?id=172869

        Reviewed by Andy Estes.

        Covered by API test.

        This patch refactors SchemeRegistry to keep a base, constant set of each of the special
        URL schemes that WebKit knows about by default.
        
        It then exposes that list through a new method to support WK2 API.

        * platform/SchemeRegistry.cpp:
        (WebCore::allBuiltinSchemes):
        (WebCore::builtinLocalURLSchemes):
        (WebCore::localURLSchemes):
        (WebCore::builtinSecureSchemes):
        (WebCore::secureSchemes):
        (WebCore::builtinSchemesWithUniqueOrigins):
        (WebCore::schemesWithUniqueOrigins):
        (WebCore::builtinEmptyDocumentSchemes):
        (WebCore::emptyDocumentSchemes):
        (WebCore::builtinCanDisplayOnlyIfCanRequestSchemes):
        (WebCore::canDisplayOnlyIfCanRequestSchemes):
        (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal):
        (WebCore::builtinCORSEnabledSchemes):
        (WebCore::CORSEnabledSchemes):
        (WebCore::SchemeRegistry::isBuiltinScheme):
        * platform/SchemeRegistry.h:

2017-06-02  Simon Fraser  <simon.fraser@apple.com>

        All scroll peformance logging should happen in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=172874
        rdar://problem/24474830

        Reviewed by Tim Horton.

        Printing to stdout from the WebProcess doesn't show up anywhere in non-development builds,
        so we have to log from the UI process.

        Achieve this by adding a PerformanceLoggingClient to Page which forwards messages to
        WebPageProxy, which prints them with the same format they had before. Some plumbing through
        PlatformCALayerClient and GraphicsLayerClient is required to get messages from TileControllers
        through to something that can get to Page.

        * WebCore.xcodeproj/project.pbxproj:
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        * page/Page.h:
        (WebCore::Page::performanceLoggingClient):
        * page/PageConfiguration.cpp:
        * page/PageConfiguration.h:
        * page/PerformanceLoggingClient.cpp: Added.
        (WebCore::PerformanceLoggingClient::synchronousScrollingReasonsAsString):
        * page/PerformanceLoggingClient.h: Added.
        (WebCore::PerformanceLoggingClient::~PerformanceLoggingClient):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::reportExposedUnfilledArea):
        (WebCore::AsyncScrollingCoordinator::reportSynchronousScrollingReasonsChanged):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::reportSynchronousScrollingReasonsChanged):
        (WebCore::ScrollingTree::reportExposedUnfilledArea):
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::reportSynchronousScrollingReasonsChanged):
        (WebCore::ThreadedScrollingTree::reportExposedUnfilledArea):
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateBeforeChildren):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPosition):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::exposedUnfilledArea):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::logExposedUnfilledArea): Deleted.
        (WebCore::logThreadedScrollingMode): Deleted.
        * platform/graphics/GraphicsLayerClient.h:
        (WebCore::GraphicsLayerClient::logFilledVisibleFreshTile):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::platformCALayerLogFilledVisibleFreshTile):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCALayerClient.h:
        (WebCore::PlatformCALayerClient::platformCALayerLogFilledVisibleFreshTile):
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::logFilledVisibleFreshTile):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::platformCALayerPaintContents):
        * platform/graphics/ca/TileGrid.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::logFilledVisibleFreshTile):
        * rendering/RenderLayerBacking.h:

2017-06-02  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Cleanup video muting/unmuting when tab visibility changes
        https://bugs.webkit.org/show_bug.cgi?id=172858

        Reviewed by Youenn Fablet.

        Test: platform/ios/mediastream/video-muted-in-background-tab.html

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged): Call notifyMediaCaptureOfVisibilityChanged.
        (WebCore::Document::notifyMediaCaptureOfVisibilityChanged): Renamed from notifyVisibilityChangedToMediaCapture.
        Set m_videoCaptureMutedForVisibilityChange when capture is muted because the document is hidden,
        and clear it when visibility changes when capture is disabled. Don't unmute when the document
        becomes visible unless this m_videoCaptureMutedForVisibilityChange is still true.
        (WebCore::Document::notifyVisibilityChangedToMediaCapture): Deleted.
        * dom/Document.h:

        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::setVideoCaptureMutedForPageVisibility): Renamed from
        setVisibility.
        (WebCore::RealtimeMediaSourceCenter::setVisibility): Deleted.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSourceFactory::setVideoCaptureMutedForPageVisibility): Ditto.
        (WebCore::AVVideoCaptureSourceFactory::setVisibility): Deleted.

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSourceFactory::setVideoCaptureMutedForPageVisibility): Ditto.
        (WebCore::MockRealtimeVideoSourceFactory::setVisibility): Deleted.

2017-06-02  Frederic Wang  <fwang@igalia.com>

        [Mac] Include frames in the scrolling tree when ScrollingTreeIncludesFrames=true
        https://bugs.webkit.org/show_bug.cgi?id=172825

        Reviewed by Simon Fraser.

        This commit generalizes RenderLayerCompositor/ScrollingCoordinator so that it handles the
        case of non-main frames. When ScrollingTreeIncludesFrames=true, all the frames will appear
        in the scrolling tree on Mac WK2.

        Test: fast/scrolling/scrolling-tree-includes-frame.html

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::coordinatesScrollingForFrameView): Do not to restrict to the
        main frame.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBacking): Do not to restrict to the main frame.
        (WebCore::RenderLayerCompositor::useCoordinatedScrollingForLayer): Make this function a class
        member so it can call hasCoordinatedScrolling and no longer needs a RenderView parameter.
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedStatus): Do not to restrict to the
        main frame.
        * rendering/RenderLayerCompositor.h: Introduce useCoordinatedScrollingForLayer.

2017-06-02  Don Olmstead  <don.olmstead@am.sony.com>

        [WebCore] DragImageRef should correspond to USE(CAIRO)
        https://bugs.webkit.org/show_bug.cgi?id=172863

        Reviewed by Carlos Alberto Lopez Perez.

        No new tests. No change in behavior.

        * platform/DragImage.h:

2017-06-02  Frederic Wang  <fwang@igalia.com>

        [Mac] Use compositing for frames when ScrollingTreeIncludesFrames=true
        https://bugs.webkit.org/show_bug.cgi?id=172851

        Reviewed by Simon Fraser.

        When fast frame scrolling is supported on mac (bug 171667), scrollable frames will require
        special composited layer. This commit enables that on mac but only when
        ScrollingTreeIncludesFrames=true, so that the default behavior is unchanged.

        Test: compositing/iframes/compositing-for-scrollable-iframe.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForScrollableFrame): Do not enable frame
        compositing when ScrollingTreeIncludesFrames=false.
        Rename ScrollableInnerFrameTrigger to ScrollableNonMainFrameTrigger.
        * page/ChromeClient.h: Rename ScrollableInnerFrameTrigger.

2017-06-02  Simon Fraser  <simon.fraser@apple.com>

        Get <chrono> out of StdLibExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=172744

        Reviewed by Zalan Bujtas.

        Only bring in <chrono> and namespace std::literals::chrono_literals when necessary.

        * fileapi/FileReader.cpp:
        * inspector/InspectorOverlay.cpp:
        * loader/CrossOriginPreflightResultCache.cpp:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::freshnessLifetime):
        * page/ResourceUsageThread.cpp:
        (WebCore::ResourceUsageThread::threadBody):
        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
        * platform/network/CacheValidation.cpp:
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        * platform/network/CacheValidation.h:

2017-06-02  Andy Estes  <aestes@apple.com>

        [Cocoa] Add a "supportedCountries" property to ApplePayPaymentRequest
        https://bugs.webkit.org/show_bug.cgi?id=172832
        <rdar://problem/30735544>

        Reviewed by Alex Christensen.

        Test: http/tests/ssl/applepay/ApplePaySessionV3.html

        * Modules/applepay/ApplePayPaymentRequest.h:
        * Modules/applepay/ApplePayPaymentRequest.idl:
        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        * Modules/applepay/PaymentRequest.h:
        (WebCore::PaymentRequest::supportedCountries):
        (WebCore::PaymentRequest::setSupportedCountries):
        * Modules/applepay/PaymentRequestValidator.cpp:
        (WebCore::PaymentRequestValidator::validate):
        * platform/spi/cocoa/PassKitSPI.h:

2017-06-02  Devin Rousso  <drousso@apple.com>

        Web Inspector: Should see active Web Sockets when opening Web Inspector
        https://bugs.webkit.org/show_bug.cgi?id=172312

        Reviewed by Joseph Pecoraro.

        Test: http/tests/websocket/tests/hybi/inspector/before-load.html

        * Modules/websockets/WebSocket.h:
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::WebSocket):
        (WebCore::WebSocket::~WebSocket):
        (WebCore::WebSocket::allActiveWebSockets):
        (WebCore::WebSocket::allActiveWebSocketsMutex):
        (WebCore::WebSocket::channel):
        (WebCore::WebSocket::eventTargetInterface):
        Add a static set of all WebSocket objects and provide getters to access web socket metadata.

        * Modules/websockets/ThreadableWebSocketChannel.h:
        (WebCore::ThreadableWebSocketChannel::isWebSocketChannel):
        * Modules/websockets/WebSocketChannel.h:
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::isWebSocketChannel):
        (WebCore::WebSocketChannel::identifier):
        (WebCore::WebSocketChannel::clientHandshakeRequest):
        (WebCore::WebSocketChannel::serverHandshakeResponse):
        (WebCore::WebSocketChannel::handshakeMode):
        (WebCore::WebSocketChannel::isType):
        Provide getters to access web socket metadata.

        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::enable):
        Loops over the static set of all WebSocket objects and sends events for each to the frontend.

2017-06-02  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix linking errors on iOS after r217712.

        * platform/OrientationNotifer.h:
        (WebCore::OrientationNotifier::Observer::setNotifier):

2017-06-02  Chris Dumez  <cdumez@apple.com>

        Crash under OrientationNotifier::Observer::setNotifier()
        https://bugs.webkit.org/show_bug.cgi?id=172847
        <rdar://problem/32519127>

        Reviewed by Youenn Fablet.

        Update OrientationNotifier::Observer::setNotifier() to unregister itself from
        its current notifier if it already has one. This is needed because
        Internals::setCameraMediaStreamTrackOrientation() may be used to override the
        notifier of an observer. If we override the notifier without unregistering
        the observer from its previous notifier, then the previous notifier will not
        get notified when the observer gets destroyed.

        No new tests, already covered by webrtc/video-rotation.html that is currently
        failing on some bots.

        * platform/OrientationNotifer.h:
        (WebCore::OrientationNotifier::Observer::setNotifier):

2017-06-02  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Logical margin incorrectly applied during the tracks sizing algorithm of auto tracks
        https://bugs.webkit.org/show_bug.cgi?id=172836

        Reviewed by Manuel Rego Casasnovas.

        When computing min-content and max-content of the content-sized tracks
        we are using the marginIntrinsicLogicalWidthForChild function, which
        uses the grid's writing-mode to determine wether to use the child's
        margin width or height. This is not correct when the grid item is
        orthogonal.

        This patch changes how we compute the tracks width so we use always
        the item's marginLogicalWidth, which depends only on its own writing
        mode.

        Test: fast/css-grid-layout/grid-track-sizing-with-margins-and-orthogonal-flows.html

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithmStrategy::minContentForChild):
        (WebCore::GridTrackSizingAlgorithmStrategy::maxContentForChild):

2017-06-02  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Invalidate the shadow subtree style when slotted pseudo rules are present.
        https://bugs.webkit.org/show_bug.cgi?id=172822

        Reviewed by Antti Koivisto.

        No new tests, this is tested by
        fast/shadow-dom/css-scoping-slot-with-id.html, once we don't force an
        Inherit style change for slots. I could add some more tests for stuff
        with descendant combinators and similar I guess, though.

        * style/AttributeChangeInvalidation.cpp:
        (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
        * style/IdChangeInvalidation.cpp:
        (WebCore::Style::IdChangeInvalidation::invalidateStyle):

2017-06-02  Miguel Gomez  <magomez@igalia.com>

        [GTK+][WPE] Allow TextureMapperShaderProgram to perform colorspace conversions with the source texture pixels
        https://bugs.webkit.org/show_bug.cgi?id=172749

        Reviewed by Žan Doberšek.

        Currently TextureMapperGL is only able to paint properly textures that are in RGBA format. There are
        situations where we will want it to be able to handle other formats (for example BGRA for gstreamer-gl).
        To make this possible without having to perform the color conversion in the CPU, we add a new color
        conversion matrix to TextureMapperShaderProgram. This matrix will perform the color space conversion
        in the GPU, just after sampling the source texture.

        Also, add a new flag to TextureMapperGL to indicate that a color conversion is required to handle a
        texture. This flag will be set to the TextureMapperPlatformLayerBuffers as required, and TextureMapperGL
        will set the appropriate color space matrix to the shader. Initially only the flag for BGRA->RGBA conversion
        is defined, but support for new transformations can be added as needed.

        VideoTextureCopierGStreamer also uses the TextureMapperShaderProgram to perform texture sampling, but for
        the moment it just sets an identity matrix because when using gstreamer-gl, the format of the video frames
        is RGBA. This will be changed soon to use BGRA.

        No new tests.

        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::colorSpaceMatrixForFlags):
        (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperShaderProgram.cpp:
        * platform/graphics/texmap/TextureMapperShaderProgram.h:

2017-06-02  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Margin wrong applied when stretching an orthogonal item in fixed size track
        https://bugs.webkit.org/show_bug.cgi?id=172590

        Reviewed by Sergio Villar Senin.

        We need to consider orthogonality when using the item's logical margin to
        compute the available space for stretching.

        The issue this patch fixes is only reproducible when the grid layout logic
        is executed several times, since probably the item doesn't need to be
        laid out again. In such cases, we just get the cached logical margins
        but we were not taking orthogonality into account.

        Test: fast/css-grid-layout/grid-item-stretching-must-not-depend-on-previous-layouts.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutBlock):
        (WebCore::RenderGrid::marginLogicalSizeForChild):
        (WebCore::RenderGrid::availableAlignmentSpaceForChildBeforeStretching):
        * rendering/RenderGrid.h:

2017-06-01  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Cache RenderThemeGadget hierarchies for rendering themed elements with GTK+ 3.20+
        https://bugs.webkit.org/show_bug.cgi?id=162673

        Reviewed by Michael Catanzaro.

        Because of the way the new theming system works in GTK+ >= 3.20 we are currently creating a gadget hierarchy
        every time we need to render a styled element or get layout information about it. That's happening on every
        repaint, and it's specially problematic for overlay scrollbar indicators that fade in/out when shown/hidden. We
        need to cache the gadgets and simply apply the state before every paint or layout query. When using GtkWidgetPath,
        calling gtk_style_context_save() breaks the gadget hierarchy, and style classes need to be set when building the
        GtkWidgetPath. That means we can't cache RenderThemeGadgets, call save, apply style classes and state, and then
        call restore. We need to cache gadget hierarchies with fixed style classes. Fortunately, setting the state does
        work, so we don't need to also cache a different hierarchy for every possible state. For example, for the
        particular case of scrollbars we would cache VerticalScrollbarRight, VerticalScrollbarLeft, HorizontalScrollbar,
        VerticalScrollIndicatorRight, VerticalScrollIndicatorLeft and HorizontalScrollIndicator. In practice, we will
        only have 4 of those at the same time in the cache.
        This patch adds RenderThemeWidget to represent a hierarchy of gadgets with fixed style classes that can be
        cached and reused to render or query style of those "widgets". It also simplifies the RenderThemeGtk and
        ScrollbarThemeGtk code by removing a lot of duplicated code to build the gadget hierarchies.

        * PlatformGTK.cmake:
        * platform/gtk/RenderThemeGadget.cpp:
        (WebCore::createStyleContext):
        (WebCore::appendElementToPath):
        (WebCore::RenderThemeGadget::state):
        (WebCore::RenderThemeGadget::setState):
        * platform/gtk/RenderThemeGadget.h:
        * platform/gtk/RenderThemeWidget.cpp: Added.
        (WebCore::widgetMap):
        (WebCore::RenderThemeWidget::getOrCreate):
        (WebCore::RenderThemeWidget::clearCache):
        (WebCore::RenderThemeWidget::~RenderThemeWidget):
        (WebCore::RenderThemeScrollbar::RenderThemeScrollbar):
        (WebCore::RenderThemeScrollbar::stepper):
        (WebCore::RenderThemeToggleButton::RenderThemeToggleButton):
        (WebCore::RenderThemeButton::RenderThemeButton):
        (WebCore::RenderThemeComboBox::RenderThemeComboBox):
        (WebCore::RenderThemeEntry::RenderThemeEntry):
        (WebCore::RenderThemeSearchEntry::RenderThemeSearchEntry):
        (WebCore::RenderThemeSpinButton::RenderThemeSpinButton):
        (WebCore::RenderThemeSlider::RenderThemeSlider):
        (WebCore::RenderThemeProgressBar::RenderThemeProgressBar):
        (WebCore::RenderThemeListView::RenderThemeListView):
        (WebCore::RenderThemeIcon::RenderThemeIcon):
        * platform/gtk/RenderThemeWidget.h: Added.
        (WebCore::RenderThemeEntry::entry):
        (WebCore::RenderThemeEntry::selection):
        * platform/gtk/ScrollbarThemeGtk.cpp:
        (WebCore::ScrollbarThemeGtk::themeChanged):
        (WebCore::ScrollbarThemeGtk::updateThemeProperties):
        (WebCore::widgetTypeForScrollbar):
        (WebCore::contentsRectangle):
        (WebCore::ScrollbarThemeGtk::trackRect):
        (WebCore::ScrollbarThemeGtk::backButtonRect):
        (WebCore::ScrollbarThemeGtk::forwardButtonRect):
        (WebCore::ScrollbarThemeGtk::paint):
        (WebCore::ScrollbarThemeGtk::scrollbarThickness):
        (WebCore::ScrollbarThemeGtk::minimumThumbLength):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::createStyleContext):
        (WebCore::setToggleSize):
        (WebCore::paintToggle):
        (WebCore::RenderThemeGtk::paintButton):
        (WebCore::menuListColor):
        (WebCore::RenderThemeGtk::popupInternalPaddingBox):
        (WebCore::RenderThemeGtk::paintMenuList):
        (WebCore::RenderThemeGtk::adjustTextFieldStyle):
        (WebCore::RenderThemeGtk::paintTextField):
        (WebCore::adjustSearchFieldIconStyle):
        (WebCore::paintSearchFieldIcon):
        (WebCore::RenderThemeGtk::paintSliderTrack):
        (WebCore::RenderThemeGtk::adjustSliderThumbSize):
        (WebCore::RenderThemeGtk::paintSliderThumb):
        (WebCore::RenderThemeGtk::progressBarRectForBounds):
        (WebCore::RenderThemeGtk::paintProgressBar):
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeGtk::paintInnerSpinButton):
        (WebCore::styleColor):
        (WebCore::RenderThemeGtk::platformActiveSelectionBackgroundColor):
        (WebCore::RenderThemeGtk::platformInactiveSelectionBackgroundColor):
        (WebCore::RenderThemeGtk::platformActiveSelectionForegroundColor):
        (WebCore::RenderThemeGtk::platformInactiveSelectionForegroundColor):
        (WebCore::RenderThemeGtk::paintMediaButton):

2017-06-01  Andreas Kling  <akling@apple.com>

        [Mac] Remove backing store for layers that are outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=170082
        <rdar://problem/31245009>

        Reviewed by Simon Fraser.

        Implement the backingStoreAttached flag in PlatformCALayerCocoa. This means that
        compositing layers outside the tiling coverage rect will no longer have backing
        stores, saving large amounts of memory.

        Also added a canDetachBackingStore flag that is set to false for scroll control
        layers, to avoid complicating coverage rect computations.

        Test: compositing/backing-store-attachment-1.html

        * page/Frame.h:
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::GraphicsLayer):
        (WebCore::GraphicsLayer::dumpProperties):
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::backingStoreAttached):
        (WebCore::GraphicsLayer::setCanDetachBackingStore):
        (WebCore::GraphicsLayer::canDetachBackingStore):
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::backingStoreAttached):
        (WebCore::GraphicsLayerCA::setNeedsDisplay):
        (WebCore::GraphicsLayerCA::updateCoverage):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (PlatformCALayerCocoa::setBackingStoreAttached):
        (PlatformCALayerCocoa::backingStoreAttached):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateOverflowControlsLayers):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerTreeAsText):
        (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
        * testing/Internals.cpp:
        (WebCore::toLayerTreeFlags):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-06-01  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r217691.

        This change broke the Windows build.

        Reverted changeset:

        "Web Inspector: Should see active Web Sockets when opening Web
        Inspector"
        https://bugs.webkit.org/show_bug.cgi?id=172312
        http://trac.webkit.org/changeset/217691

2017-06-01  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed Windows build fix after r217691.

        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::sendFrame):
        * Modules/websockets/WebSocketChannel.h:
        Disambiguate the Function being used.

2017-06-01  Youenn Fablet  <youenn@apple.com>

        LibWebRTC might crash with frames having a null width or height
        https://bugs.webkit.org/show_bug.cgi?id=172842
        <rdar://problem/32514813>

        Reviewed by Jon Lee.

        Do not send black frames in case the video width or height is zero.
        Also ensure that even if a null buffer is returned by the pool, no crash might actually happen.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFramesIfNeeded):
        (WebCore::RealtimeOutgoingVideoSource::videoSampleAvailable):

2017-06-01  Devin Rousso  <drousso@apple.com>

        Web Inspector: Should see active Web Sockets when opening Web Inspector
        https://bugs.webkit.org/show_bug.cgi?id=172312

        Reviewed by Joseph Pecoraro.

        Test: http/tests/websocket/tests/hybi/inspector/before-load.html

        * Modules/websockets/WebSocket.h:
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::WebSocket):
        (WebCore::WebSocket::~WebSocket):
        (WebCore::WebSocket::allActiveWebSockets):
        (WebCore::WebSocket::allActiveWebSocketsMutex):
        (WebCore::WebSocket::channel):
        (WebCore::WebSocket::eventTargetInterface):
        Add a static set of all WebSocket objects and provide getters to access web socket metadata.

        * Modules/websockets/ThreadableWebSocketChannel.h:
        (WebCore::ThreadableWebSocketChannel::isWebSocketChannel):
        * Modules/websockets/WebSocketChannel.h:
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::isWebSocketChannel):
        (WebCore::WebSocketChannel::identifier):
        (WebCore::WebSocketChannel::clientHandshakeRequest):
        (WebCore::WebSocketChannel::serverHandshakeResponse):
        (WebCore::WebSocketChannel::handshakeMode):
        (WebCore::WebSocketChannel::isType):
        Provide getters to access web socket metadata.

        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::enable):
        Loops over the static set of all WebSocket objects and sends events for each to the frontend.

2017-06-01  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r217296): Dragging a video only shows controls during drag event
        https://bugs.webkit.org/show_bug.cgi?id=172837
        rdar://problem/32434661

        Reviewed by Zalan Bujtas.

        r217296 changed RenderVideo::paintReplaced() from checking paintBehavior() flags on the FrameView
        to paintInfo.paintBehavior flags. However, RenderLayer was stripping the PaintBehaviorFlattenCompositingLayers
        flag from the paintInfo.paintBehavior flags, so fix that.

        Not easily testable.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):

2017-06-01  Simon Fraser  <simon.fraser@apple.com>

        Remove the redundant selectionOnly argument from RenderLayer::paintForegroundForFragments()
        https://bugs.webkit.org/show_bug.cgi?id=172835

        Reviewed by Zalan Bujtas.

        The 'selectionOnly' state is already encoded in localPaintingInfo.paintBehavior so there's
        no need to pass it separately.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintForegroundForFragments):
        * rendering/RenderLayer.h:

2017-06-01  Yoshiaki Jitsukawa  <Yoshiaki.Jitsukawa@sony.com>

        Fix compilation errors in LocalizedStrings.cpp on platform not USE(CF) nor USE(GLIB)
        https://bugs.webkit.org/show_bug.cgi?id=172796

        Reviewed by Alex Christensen.

        No new tests needed. Fixing compilation errors.

        * platform/LocalizedStrings.cpp:
        (WebCore::contextMenuItemTagLookUpInDictionary):
        (WebCore::imageTitle):
        (WebCore::validationMessageRangeUnderflowText):
        (WebCore::validationMessageRangeOverflowText):

2017-06-01  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r217647.

        No longer needed after r217682

        Reverted changeset:

        "Avoid iterator invalidation bug in
        WebCore::defaultPortForProtocol"
        https://bugs.webkit.org/show_bug.cgi?id=172786
        http://trac.webkit.org/changeset/217647

2017-06-01  Chris Dumez  <cdumez@apple.com>

        Make WebCore::defaultPortForProtocol() thread-safe
        https://bugs.webkit.org/show_bug.cgi?id=172797

        Reviewed by Brent Fulgham.

        Make WebCore::defaultPortForProtocol() thread-safe since it is called from the SecurityOrigin
        constructor and SecurityOrigin objects are constructed from various threads.

        This should not regress the non-testing code paths since we only pay locking costs if
        a default port override has been set by the tests.

        * platform/URL.cpp:
        (WebCore::defaultPortForProtocolMapLock):
        (WebCore::defaultPortForProtocolMapForTesting):
        (WebCore::ensureDefaultPortForProtocolMapForTesting):
        (WebCore::registerDefaultPortForProtocolForTesting):
        (WebCore::clearDefaultPortForProtocolMapForTesting):
        (WebCore::defaultPortForProtocol):

2017-06-01  Andy Estes  <aestes@apple.com>

        REGRESSION (r217626): ENABLE_APPLE_PAY_SESSION_V3 was disabled by mistake
        https://bugs.webkit.org/show_bug.cgi?id=172828

        Reviewed by Beth Dakin.

        * Configurations/FeatureDefines.xcconfig:

2017-06-01  Frederic Wang  <fwang@igalia.com>

        ScrollingCoordinator::updateSynchronousScrollingReasons should consider non-main frames
        https://bugs.webkit.org/show_bug.cgi?id=172806

        Reviewed by Simon Fraser.

        Currently, the scrolling coordinator does not manage scrolling of frames other than the main
        one (bugs 171667 and 149264) and so ScrollingCoordinator::updateSynchronousScrollingReasons
        is only relevant for the main frame. This commit refactors a bit ScrollingCoordinator so that
        updateSynchronousScrollingReasons is considered for all the frames whose scrolling is
        coordinated by the ScrollingCoordinator so non-main frames will be considered in the future.

        No new tests, behavior is unchanged for now.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasons): Add an ASSERT to ensure
        that this function is only called for frame whose scrolling is coordinated by this class.
        (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasonsForAllFrames): Introduce a
        new function to update synchronous scrolling for subframes whose scrolling is coordinated by
        this class.
        (WebCore::ScrollingCoordinator::setForceSynchronousScrollLayerPositionUpdates): Update
        synchronous scrolling reason for non-main frames too.
        (WebCore::ScrollingCoordinator::replaySessionStateDidChange): Update synchronous scrolling
        reason for non-main frames too.
        * page/scrolling/ScrollingCoordinator.h: Define updateSynchronousScrollingReasonsForAllFrames

2017-06-01  Andy Estes  <aestes@apple.com>

        [Cocoa] Upstream support for JCB as a supported payment network
        https://bugs.webkit.org/show_bug.cgi?id=172819

        Reviewed by Tim Horton.

        * Modules/applepay/PaymentRequest.cpp:
        (WebCore::PaymentRequest::isValidSupportedNetwork):
        (WebCore::isAdditionalValidSupportedNetwork): Deleted.

2017-06-01  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r217660.

        This should not have landed given that the new assertion is
        hit on debug EWS bots

        Reverted changeset:

        "Make sure we don't access WebCore::defaultPortForProtocol
        from non-main thread"
        https://bugs.webkit.org/show_bug.cgi?id=172797
        http://trac.webkit.org/changeset/217660

2017-06-01  Brent Fulgham  <bfulgham@apple.com>

        Make sure we don't access WebCore::defaultPortForProtocol from non-main thread
        https://bugs.webkit.org/show_bug.cgi?id=172797

        Reviewed by Alex Christensen.

        * platform/URL.cpp:
        (WebCore::defaultPortForProtocol): Add an assertion to make sure we don't access the
        DefaultPortForProtocolMapForTesting from multiple threads.

2017-06-01  Konstantin Tokarev  <annulen@yandex.ru>

        Get rid of more HIGH_DPI_CANVAS leftovers
        https://bugs.webkit.org/show_bug.cgi?id=172751

        Reviewed by Simon Fraser.

        Get rid of HTMLCanvasElement::convertLogicalToDevice() and
        HTMLCanvasElement::convertDeviceToLogical() that are no longer needed,
        as canvas doesn't use device scale factor anymore.

        No new tests needed.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer): Use integer width()
        and height() instead of floating-point temporary deviceSize variable.
        (WebCore::HTMLCanvasElement::baseTransform): Return unmodified
        baseTransform of underlying ImageBuffer.
        * html/HTMLCanvasElement.h: Removed declarations of unused methods.

2017-05-31  Brent Fulgham  <bfulgham@apple.com>

        Avoid iterator invalidation bug in WebCore::defaultPortForProtocol
        https://bugs.webkit.org/show_bug.cgi?id=172786
        <rdar://problem/32499586>

        Reviewed by Chris Dumez.

        Create the SecurityOrigin objects on the main thread (rather than the worker queues)
        since defaultPortForProtocol is not threadsafe.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation):
        (WebCore::ResourceLoadObserver::logSubresourceLoading):
        (WebCore::ResourceLoadObserver::logWebSocketLoading):

2017-05-31  Mark Lam  <mark.lam@apple.com>

        Remove overrides of visitChildren() that do not add any functionality.
        https://bugs.webkit.org/show_bug.cgi?id=172789
        <rdar://problem/32500865>

        Reviewed by Andreas Kling.

        No new tests needed.  Just deleting unneeded code.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::visitChildren): Deleted.
        * bindings/js/JSDOMWindowBase.h:

2017-05-31  Don Olmstead  <don.olmstead@am.sony.com>

        [WebCore] Update AXObjectCache::startOrEndCharacterOffsetForRange signature for !HAVE(ACCESSIBILITY)
        https://bugs.webkit.org/show_bug.cgi?id=172769

        Reviewed by Yusuke Suzuki.

        No new tests. No change in behavior.

        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
        * platform/Curl.cmake: Added.

2017-05-31  Mark Lam  <mark.lam@apple.com>

        CodeGeneratorJS's InstanceNeedsVisitChildren should not return true just because a class is / extends EventTarget.
        https://bugs.webkit.org/show_bug.cgi?id=172782
        <rdar://problem/32498266>

        Reviewed by Chris Dumez.

        No new tests needed.  This change is covered by existing binding tests.

        InstanceNeedsVisitChildren should also not check the IsJSBuiltinConstructor
        condition, which is not used to emit any additional code in the visitChildren
        override.

        The other conditions for generating visitChildren() are adequate if the class
        needs to override visitChildren.  Currently, we're generating some visitChildren()
        methods that only call its Base::visitChildren().  Removing the "is / extends
        EventTarget" conditions removes those unneeded visitChildren overrides.

        * bindings/scripts/CodeGeneratorJS.pm:
        (InstanceNeedsVisitChildren):
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        (WebCore::JSTestClassWithJSBuiltinConstructor::visitChildren): Deleted.
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        (WebCore::JSTestDOMJIT::visitChildren): Deleted.
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::visitChildren): Deleted.
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        (WebCore::JSTestJSBuiltinConstructor::visitChildren): Deleted.
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNode::visitChildren): Deleted.
        * bindings/scripts/test/JS/JSTestNode.h:

2017-05-31  Chris Dumez  <cdumez@apple.com>

        Make QualifiedName cache per thread
        https://bugs.webkit.org/show_bug.cgi?id=172778
        <rdar://problem/32490942>

        Reviewed by Geoffrey Garen.

        Make QualifiedName cache per thread since it is currently used from multiple threads,
        in an unsafe fashion. We started using QualifiedName objects in background threads
        after r190602 which started using a CSSSelectorParser in the ContentExtensionParser.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/QualifiedName.cpp:
        (WebCore::QualifiedName::QualifiedName):
        (WebCore::QualifiedName::QualifiedNameImpl::~QualifiedNameImpl):
        * dom/QualifiedNameCache.cpp: Added.
        (WebCore::QNameComponentsTranslator::hash):
        (WebCore::QNameComponentsTranslator::equal):
        (WebCore::QNameComponentsTranslator::translate):
        (WebCore::QualifiedNameCache::getOrCreate):
        (WebCore::QualifiedNameCache::remove):
        * dom/QualifiedNameCache.h: Added.
        * platform/ThreadGlobalData.cpp:
        (WebCore::ThreadGlobalData::ThreadGlobalData):
        (WebCore::ThreadGlobalData::destroy):
        * platform/ThreadGlobalData.h:
        (WebCore::ThreadGlobalData::qualifiedNameCache):

2017-05-31  Andy Estes  <aestes@apple.com>

        Rename ENABLE_APPLE_PAY_DELEGATE to ENABLE_APPLE_PAY_SESSION_V3 and bump the supported version number
        https://bugs.webkit.org/show_bug.cgi?id=172366

        Reviewed by Daniel Bates.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/applepay/ApplePayError.idl:
        * Modules/applepay/ApplePayPaymentAuthorizationResult.idl:
        * Modules/applepay/ApplePayPaymentMethodUpdate.idl:
        * Modules/applepay/ApplePaySession.idl:
        * Modules/applepay/ApplePayShippingContactUpdate.idl:
        * Modules/applepay/ApplePayShippingMethodUpdate.idl:

2017-05-31  Youenn Fablet  <youenn@apple.com>

        PeerConnection should respect tracks that are muted at the time they are added
        https://bugs.webkit.org/show_bug.cgi?id=172771

        Reviewed by Eric Carlson.

        Tests: webrtc/peer-connection-audio-unmute.html
               webrtc/video-unmute.html

        Making sure that muted/enabled state of sources are correctly handled at creation time of the outgoing webrtc sources.
        This should trigger silent audio and black frames.

        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::RealtimeOutgoingAudioSource):
        (WebCore::RealtimeOutgoingAudioSource::setSource):
        (WebCore::RealtimeOutgoingAudioSource::initializeConverter):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::RealtimeOutgoingVideoSource):
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
        (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
        (WebCore::RealtimeOutgoingVideoSource::initializeFromSource):
        (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink):
        (WebCore::RealtimeOutgoingVideoSource::RemoveSink):
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFramesIfNeeded):
        (WebCore::RealtimeOutgoingVideoSource::setSizeFromSource): Deleted.
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFrames): Deleted.
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:

2017-05-31  Antti Koivisto  <antti@apple.com>

        CrashTracer: Regression : com.apple.WebKit.WebContent at STP responsible :: com.apple.WebCore: WebCore::SharedBuffer::data const + 11
        https://bugs.webkit.org/show_bug.cgi?id=172747
        <rdar://problem/32275314>

        Reviewed by Andreas Kling.

        Test: http/tests/subresource-integrity/empty-stylesheet-integrity-crash.html

        * loader/SubresourceIntegrity.cpp:
        (WebCore::matchIntegrityMetadata):

            If the resource body is empty CachedResource::resourceBuffer() may be null.

2017-05-31  Frederic Wang  <fwang@igalia.com>

        ScrollingStateScrollingNode::ChangedProperty::NumScrollingStateNodeBits is wrongly set
        https://bugs.webkit.org/show_bug.cgi?id=172349

        Reviewed by Simon Fraser.

        ScrollingStateScrollingNode::ChangedProperty::NumScrollingStateNodeBits was introduced in
        r133022 so that ScrollingStateFrameScrollingNode and ScrollingStateOverflowScrollingNode
        know the number of bits use for properties in their parent class.

        In r172649, r210560, r185762 and r183702 new properties were added to
        ScrollingStateScrollingNode but NumScrollingStateNodeBits was not increased accordingly. This
        means that there are potential conflicts between these new properties and those of derived
        classes ScrollingStateFrameScrollingNode and ScrollingStateOverflowScrollingNode. It is not
        clear how to write a test case reproducing such conflict, though.

        No new tests, this is a coding mistake but its effect is unclear.

        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::setPropertyChanged): Use hasChangedProperty and cast to
        64-bits integer before shifting.
        * page/scrolling/ScrollingStateNode.h: Add a comment to make clear NumStateNodeBits must
        remain at the last position. Ensure we have enough bits available.
        (WebCore::ScrollingStateNode::hasChangedProperty): Cast to 64-bits integer before shifting.
        * page/scrolling/ScrollingStateScrollingNode.h: Fix position of NumScrollingStateNodeBits and
        also add a similar comment.

2017-05-31  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r217603.

        This patch broke the internal builds.

        Reverted changeset:

        "Get <chrono> out of StdLibExtras.h"
        https://bugs.webkit.org/show_bug.cgi?id=172744
        http://trac.webkit.org/changeset/217603

2017-05-31  Simon Fraser  <simon.fraser@apple.com>

        Get <chrono> out of StdLibExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=172744

        Reviewed by Saam Barati.

        Only bring in <chrono> and namespace std::literals::chrono_literals when necessary.

        * fileapi/FileReader.cpp:
        * inspector/InspectorOverlay.cpp:
        * loader/CrossOriginPreflightResultCache.cpp:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::freshnessLifetime):
        * page/ResourceUsageThread.cpp:
        (WebCore::ResourceUsageThread::threadBody):
        * page/cocoa/MemoryReleaseCocoa.mm:
        (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
        * platform/network/CacheValidation.cpp:
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        * platform/network/CacheValidation.h:

2017-05-31  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Use the rare data's RenderStyle for display: contents.
        https://bugs.webkit.org/show_bug.cgi?id=172721

        Reviewed by Antti Koivisto.

        No new tests, no behavior change.

        * dom/Element.cpp:
        (WebCore::Element::hasDisplayContents):
        (WebCore::Element::storeDisplayContentsStyle):
        * dom/Element.h:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::ElementRareData):
        * style/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::updateElementRenderer):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::resolveComposedTree):

2017-05-31  Per Arne Vollan  <pvollan@apple.com>

        LayoutTest media/video-orientation.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=172648
        <rdar://problem/31322425>

        Reviewed by Eric Carlson.

        For videos with rotation tag set, the transform AVAssetTrack.preferredTransform applied to
        AVAssetTrack.naturalSize might return a CGSize instance with negative width or height.

        Covered by existing tests.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged):

2017-05-30  Frederic Wang  <fwang@igalia.com>

        Include ScrollingTreeScrollingNode properties in ScrollingTreeFrameScrollingNode::dumpProperties
        https://bugs.webkit.org/show_bug.cgi?id=172287

        Reviewed by Simon Fraser.

        No new tests, only changes in dumped tree.

        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
        (WebCore::ScrollingTreeFrameScrollingNode::dumpProperties): Print properties of the parent class.

2017-05-30  Sam Weinig  <sam@webkit.org>

        Update test result after r217585.

        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
        (WebCore::JSTestNamedDeleterWithIndexedGetter::deleteProperty):
        (WebCore::JSTestNamedDeleterWithIndexedGetter::deletePropertyByIndex):

2017-05-30  Dan Bernstein  <mitz@apple.com>

        Fixed the build after r217588.

        * page/FrameView.h: Stopped exporting a function defined inline.

2017-05-30  Zalan Bujtas  <zalan@apple.com>

        ASSERTION FAILED: m_layoutPhase == InPostLayerPositionsUpdatedAfterLayout || m_layoutPhase == OutsideLayout
        https://bugs.webkit.org/show_bug.cgi?id=171501
        <rdar://problem/31977453>

        Reviewed by Simon Fraser.

        We should be able to paint as long as the tree is clean and we are in paintable state.

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):

2017-05-30  Sam Weinig  <sam@webkit.org>

        Revert accidentally checked in change.

        * crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp:
        * crypto/mac/CryptoDigestAlgorithm.h:

2017-05-30  Sam Weinig  <sam@webkit.org>

        [WebIDL] Generate named property deleters
        https://bugs.webkit.org/show_bug.cgi?id=172688

        Reviewed by Chris Dumez.

        Test: js/dom/named-property-deleter.html

        * WebCore.xcodeproj/project.pbxproj:
        Add new file, JSDOMAbstractOperations.h

        * bindings/js/JSDOMAbstractOperations.h: Added.
        (WebCore::isVisibleNamedProperty):
        Add an implementation of the abstract operation WebIDL calls the 'named property visibility algorithm'.
        It is used by many WebIDL algorithms, but currently I am only using this implementation for deleters.
        In the future, we should try and move the other property access generators to use it as well.

        * bindings/js/JSDOMStringMapCustom.cpp:
        (WebCore::JSDOMStringMap::deleteProperty): Deleted.
        (WebCore::JSDOMStringMap::deletePropertyByIndex): Deleted.
        * bindings/js/JSStorageCustom.cpp:
        (WebCore::JSStorage::deleteProperty): Deleted.
        (WebCore::JSStorage::deletePropertyByIndex): Deleted.
        Remove now generated deleteProperty and deletePropertyByIndex implementations.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDeletePropertyCommon):
        (GenerateDeletePropertyDefinition):
        (GenerateDeletePropertyByIndexDefinition):
        (GenerateNamedDeleterDefinition):
        Added generation for named deleters. We generate both deleteProperty and deletePropertyByIndex.

        (InstanceOverridesDelete):
        Add predicate for whether the header should declare deleteProperty and deletePropertyByIndex.

        (GenerateHeader):
        Move property access hook declarations closer to each other. Use new InstanceOverridesDelete
        predicate for deleteProperty and deletePropertyByIndex.
 
        (GenerateImplementation):
        Add call to generate named deleter if one exists.

        (GenerateConstructorHelperMethods):
        Remove an old FIXME that that was no longer true, there are no more interfaces that inherit from
        an interface with [NoInterfaceObject].

        * dom/DOMStringMap.idl:
        Removes CustomDeleteProperty and sorts extended attributes.

        * dom/DatasetDOMStringMap.h:
        * dom/DatasetDOMStringMap.cpp:
        (WebCore::DatasetDOMStringMap::isSupportedPropertyName):
        Added. This is a bindings support function (much like supportedPropertyNames()) that is
        used JSDOMAbstractOperations.h's isVisibleNamedProperty.

        (WebCore::DatasetDOMStringMap::supportedPropertyNames):
        Convert to an early return.

        (WebCore::DatasetDOMStringMap::deleteNamedProperty):
        (WebCore::DatasetDOMStringMap::deleteItem): Deleted.
        Renamed deleteItem to deleteNamedProperty, which is the name the bindings use for deleter
        operations without an identifier.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::sessionStorage):
        Fix incorrect indentation that bothered me.

        * storage/Storage.cpp:
        * storage/Storage.h:
        - Remove isDisabledByPrivateBrowsing(), which had no definition.
        - Add isSupportedPropertyName(), which the deleter code (via the isVisibleNamedProperty algorithm)
          needs.
        
        * storage/Storage.idl:
        Removes CustomDeleteProperty, sorts the extended attributes, adds 'deleter' special 
        to the removeItem operation and adds a commented out 'setter' special to the 'setItem'
        operation.

        * bindings/scripts/test/JS/JSTestObj.h:
        Update result for declarations moving around.

        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: Added.
        * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: Added.
        * bindings/scripts/test/TestNamedDeleterNoIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedDeleterThrowingException.idl: Added.
        * bindings/scripts/test/TestNamedDeleterWithIdentifier.idl: Added.
        * bindings/scripts/test/TestNamedDeleterWithIndexedGetter.idl: Added.
        Add new tests for named deleters.

2017-05-30  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: images dragged from Inspector to Desktop are named "Unknown.png"
        https://bugs.webkit.org/show_bug.cgi?id=141515
        <rdar://problem/9251308>

        Reviewed by Wenson Hsieh.

        * html/HTMLAttributeNames.in:

2017-05-30  Youenn Fablet  <youenn@apple.com>

        Add support for Certificate and IceCandidatePair stats
        https://bugs.webkit.org/show_bug.cgi?id=172734

        Reviewed by Geoff Garen.

        Covered by updated test.

        Adding support for these two stats in the IDL and in the libwebrtc binding code.

        * Modules/mediastream/RTCStatsReport.h:
        (WebCore::RTCStatsReport::IceCandidatePairStats::IceCandidatePairStats):
        (WebCore::RTCStatsReport::CertificateStats::CertificateStats):
        * Modules/mediastream/RTCStatsReport.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::iceCandidatePairState):
        (WebCore::fillRTCIceCandidatePairStats):
        (WebCore::fillRTCCertificateStats):
        (WebCore::LibWebRTCMediaEndpoint::StatsCollector::OnStatsDelivered):

2017-05-30  Jiewen Tan  <jiewen_tan@apple.com>

        Unreviewed, add some comments to HKDF/PBKDF2 Mac implementations

        * crypto/mac/CryptoAlgorithmHKDFMac.cpp:
        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
        * crypto/mac/CryptoAlgorithmPBKDF2Mac.cpp:
        (WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):

2017-05-30  Jeremy Jones  <jeremyj@apple.com>

        m_resourceSelectionTaskQueue tasks should be cleared when player is destroyed to prevent invalid state.
        https://bugs.webkit.org/show_bug.cgi?id=172726
        rdar://problem/30867764

        Reviewed by Eric Carlson.

        I haven't found a reproducible way to make a test case for this race condition.

        If m_player is cleared while there is an outstanding task in m_resourceSelectionTaskQueue,
        that task may assume m_player is not null and crash. It is better to cancel that task than
        to perform it part way with null checks.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::clearMediaPlayer):

2017-05-30  Ryosuke Niwa  <rniwa@webkit.org>

        Only include DataDetectorsUI headers in iOS
        https://bugs.webkit.org/show_bug.cgi?id=172633

        Reviewed by David Kilzer.

        Enable data detectors only on iOS and not other variants of iOS.

        * editing/cocoa/DataDetection.h:
        * editing/cocoa/DataDetection.mm:
        * page/DragController.cpp:
        (WebCore::isDraggableLink):
        * platform/cocoa/DataDetectorsCoreSoftLink.h:
        * platform/cocoa/DataDetectorsCoreSoftLink.mm:
        * platform/spi/cocoa/DataDetectorsCoreSPI.h:
        * platform/spi/ios/DataDetectorsUISPI.h:
        * platform/spi/mac/DataDetectorsSPI.h:

2017-05-30  Chris Dumez  <cdumez@apple.com>

        REGRESSION(r215946): Can't reference a table cell in Google spreadsheet
        https://bugs.webkit.org/show_bug.cgi?id=172703
        <rdar://problem/32458086>

        Reviewed by Ryosuke Niwa.

        We updated getClientRects() to return an array of DOMRect objects instead of
        a ClientRectList type, to match the latest specification. As it turns out, this
        is not Web-compatible as some content (as Google Spreadsheet) relies on the
        return type having an item() operation.

        This patch re-introduces a DOMRectList type, with an item() operation. The
        DOMRectList name is currently not exposed to the Web as we do not know what's
        going to get specified yet (https://github.com/w3c/csswg-drafts/issues/1479).

        No new tests, updated existing tests.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DOMRect.h:
        * dom/DOMRectList.cpp: Copied from Source/WebCore/dom/DOMRect.cpp.
        (WebCore::DOMRectList::DOMRectList):
        (WebCore::DOMRectList::~DOMRectList):
        * dom/DOMRectList.h: Copied from Source/WebCore/dom/DOMRect.cpp.
        (WebCore::DOMRectList::create):
        (WebCore::DOMRectList::length):
        (WebCore::DOMRectList::item):
        * dom/DOMRectList.idl: Renamed from Source/WebCore/dom/DOMRect.cpp.
        * dom/Element.cpp:
        (WebCore::Element::getClientRects):
        * dom/Element.h:
        * dom/Element.idl:
        * dom/Range.cpp:
        (WebCore::Range::getClientRects):
        * dom/Range.h:
        * dom/Range.idl:
        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects):
        (WebCore::Page::touchEventRectsForEvent):
        (WebCore::Page::passiveTouchEventListenerRects):
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::inspectorHighlightRects):
        (WebCore::Internals::touchEventRectsForEvent):
        (WebCore::Internals::passiveTouchEventListenerRects):
        (WebCore::Internals::nonFastScrollableRects):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-30  Ali Juma  <ajuma@chromium.org>

        [CredentialManagement] Incorporate IDL updates from latest spec
        https://bugs.webkit.org/show_bug.cgi?id=172011

        Reviewed by Daniel Bates.

        This patch adds IDL definitions for the CredentialsContainer, CredentialsUserData and
        FederatedCredentials interfaces, the NavigatorCredentials partial interface, and the
        CredentialCreationOptions, CredentialRequestOptions, FederatedCredentialRequestOptions,
        and PasswordCredentialData dictionaries. It also deletes IDL definitions for the
        SiteBoundCredential interface and the SiteBoundCredentialData dictionary.

        Test: credentials/idlharness.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/credentials/BasicCredential.idl:
        * Modules/credentials/CredentialCreationOptions.h: Copied from Source/WebCore/Modules/credentials/PasswordCredential.cpp.
        * Modules/credentials/CredentialCreationOptions.idl: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/CredentialRequestOptions.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/CredentialRequestOptions.idl: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/CredentialUserData.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        (WebCore::CredentialUserData::~CredentialUserData):
        * Modules/credentials/CredentialUserData.idl: Copied from Source/WebCore/Modules/credentials/SiteBoundCredential.idl.
        * Modules/credentials/CredentialsContainer.cpp: Copied from Source/WebCore/Modules/credentials/PasswordCredential.cpp.
        (WebCore::CredentialsContainer::get):
        (WebCore::CredentialsContainer::store):
        (WebCore::CredentialsContainer::isCreate):
        (WebCore::CredentialsContainer::preventSilentAccess):
        * Modules/credentials/CredentialsContainer.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredential.h.
        (WebCore::CredentialsContainer::create):
        (WebCore::CredentialsContainer::CredentialsContainer):
        * Modules/credentials/CredentialsContainer.idl: Copied from Source/WebCore/Modules/credentials/SiteBoundCredential.idl.
        * Modules/credentials/FederatedCredential.cpp: Copied from Source/WebCore/Modules/credentials/SiteBoundCredential.cpp.
        (WebCore::FederatedCredential::FederatedCredential):
        (WebCore::FederatedCredential::~FederatedCredential):
        * Modules/credentials/FederatedCredential.h: Renamed from Source/WebCore/Modules/credentials/SiteBoundCredential.h.
        (WebCore::FederatedCredential::create):
        (WebCore::FederatedCredential::provider):
        (WebCore::FederatedCredential::protocol):
        * Modules/credentials/FederatedCredential.idl: Copied from Source/WebCore/Modules/credentials/BasicCredential.idl.
        * Modules/credentials/FederatedCredentialInit.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/FederatedCredentialInit.idl: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.idl.
        * Modules/credentials/FederatedCredentialRequestOptions.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/FederatedCredentialRequestOptions.idl: Added.
        * Modules/credentials/NavigatorCredentials.cpp: Renamed from Source/WebCore/Modules/credentials/SiteBoundCredential.cpp.
        (WebCore::NavigatorCredentials::NavigatorCredentials):
        (WebCore::NavigatorCredentials::~NavigatorCredentials):
        (WebCore::NavigatorCredentials::supplementName):
        (WebCore::NavigatorCredentials::credentials):
        (WebCore::NavigatorCredentials::from):
        * Modules/credentials/NavigatorCredentials.h: Copied from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/NavigatorCredentials.idl: Renamed from Source/WebCore/Modules/credentials/SiteBoundCredential.idl.
        * Modules/credentials/PasswordCredential.cpp:
        (WebCore::PasswordCredential::PasswordCredential):
        (WebCore::PasswordCredential::~PasswordCredential):
        * Modules/credentials/PasswordCredential.h:
        (WebCore::PasswordCredential::create):
        (WebCore::PasswordCredential::password):
        (WebCore::PasswordCredential::setIdName): Deleted.
        (WebCore::PasswordCredential::idName): Deleted.
        (WebCore::PasswordCredential::setPasswordName): Deleted.
        (WebCore::PasswordCredential::passwordName): Deleted.
        (WebCore::PasswordCredential::setAdditionalData): Deleted.
        (WebCore::PasswordCredential::additionalData): Deleted.
        * Modules/credentials/PasswordCredential.idl:
        * Modules/credentials/PasswordCredentialData.h: Renamed from Source/WebCore/Modules/credentials/SiteBoundCredentialData.h.
        * Modules/credentials/PasswordCredentialData.idl: Renamed from Source/WebCore/Modules/credentials/SiteBoundCredentialData.idl.
        * WebCore.xcodeproj/project.pbxproj:

2017-05-30  Alex Christensen  <achristensen@webkit.org>

        Update libwebrtc configuration
        https://bugs.webkit.org/show_bug.cgi?id=172727

        Reviewed by Geoffrey Garen.

        * Configurations/FeatureDefines.xcconfig:

2017-05-30  Mark Lam  <mark.lam@apple.com>

        convertEnumerationToJS() should not stash ASCIILiteral strings in NeverDestroyed arrays.
        https://bugs.webkit.org/show_bug.cgi?id=172724
        <rdar://problem/31193201>

        Reviewed by Chris Dumez.

        Use MAKE_STATIC_STRING_IMPL instead, which is guaranteed to be thread-safe and
        satisfies the promise of immortality promised by NeverDestroyed (while ASCIILiteral
        does not always satisfy this promise).

        Also converted the ASSERT in convertEnumerationToJS() to a RELEASE_ASSERT as a
        debugging aid to check if it is ever passed an invalid enumerationValue.

        No new tests because this is a speculative fix for an issue observed in the wild
        whose root cause is not known yet.  This patch also adds a release assert to
        gather more info about the nature of the issue.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateEnumerationImplementationContent):

        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        (WebCore::convertEnumerationToJS):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::convertEnumerationToJS):
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        (WebCore::convertEnumerationToJS):
        * bindings/scripts/test/JS/JSTestStandaloneEnumeration.cpp:
        (WebCore::convertEnumerationToJS):
        - re-baselined these test results.

2017-05-30  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r216882): No image decoding is needed if the BitmapImage is created with a NativeImage
        https://bugs.webkit.org/show_bug.cgi?id=172670

        Reviewed by Tim Horton.

        Test: fast/images/large-image-webkit-canvas.html

        Check whether the BitmapImage has created an ImageDecoder before trying 
        to decode its image frame.

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::shouldUseAsyncDecoding):

2017-05-30  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingVideoSource should not rotate muted frames
        https://bugs.webkit.org/show_bug.cgi?id=172659

        Reviewed by Eric Carlson.

        Test: webrtc/video-rotation.html

        When sending black frames, it is unnecessary to rotate frames.
        Instead, it is better to create frame with the expected width and height.
        Making sure libwebrtc rotated images are not null, as only YUV rotation is supported.

        Adding internals API to test part of that code path.
        Full coverage should be added when mock source is producing YUV images.

        * Modules/mediastream/PeerConnectionBackend.h:
        (WebCore::PeerConnectionBackend::applyRotationForOutgoingVideoSources):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::applyRotationForOutgoingVideoSources):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFrames):
        (WebCore::RealtimeOutgoingVideoSource::sendFrame):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::applyRotationForOutgoingVideoSources):
        (WebCore::Internals::setCameraMediaStreamTrackOrientation):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-30  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed typo correction.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation): I used an extra colon in my comment.

2017-05-30  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(r217515): Correct iterator invalidation bug (AGAIN)
        https://bugs.webkit.org/show_bug.cgi?id=172722
        <rdar://problem/32462876>

        Reviewed by Zalan Bujtas.

        Over-enthusiastic clean-up during r217515 re-introduced a bug caused by holding a reference
        to an iterator that gets invalidated while handling the frame navigation. This patch returns
        to the copy/set behavior used prior to r217515. 

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::logFrameNavigation): Make a copy of the returned value, since
        the iterator will be invalidated during the function call. Then set the copy back in the data
        store with the updated counts.

2017-05-30  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] TestWebKitAPI: SHOULD NEVER BE REACHED in WebCore::cairoSurfaceSize
        https://bugs.webkit.org/show_bug.cgi?id=172699

        Reviewed by Brent Fulgham.

        Tests: WebCore.BitmapImageEmptyFrameTest in TestWebKitAPI

        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::cairoSurfaceSize): Added a case for win32 surface type.

2017-05-30  Miguel Gomez  <magomez@igalia.com>

        [GTK][WPE][GSTREAMER_GL] Do not use cairo to copy video textures to an accelerated canvas
        https://bugs.webkit.org/show_bug.cgi?id=172542

        Reviewed by Žan Doberšek.

        When drawing gstreamer-gl video frames into an accelerated canvas, we are currently using cairo to copy
        the video textures into a new texture that will be painted into de destination canvas. While this eases
        the code, it doesn't allow us to control the copy process. This is a problem because in order to use
        gstreamer-gl properly, we will need to perform colorspace transformations during the copy. So, remove
        this cairo copy and use VideoTextureCopierGStreamer instead.

        The usage of VideoTextureCopierGStreamer is pretty much the same than in the webgl case, except that
        no destination texture is provided. For that case, add a custom texture to hold the result that can
        be requested after the copy.

        Covered by existent tests.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
        (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
        (WebCore::MediaPlayerPrivateGStreamerBase::prepareContextForCairoPaint): Deleted.
        (WebCore::MediaPlayerPrivateGStreamerBase::paintToCairoSurface): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        (WebCore::MediaPlayerPrivateGStreamerBase::gstGLDisplay):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.cpp:
        (WebCore::VideoTextureCopierGStreamer::VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::~VideoTextureCopierGStreamer):
        (WebCore::VideoTextureCopierGStreamer::copyVideoTextureToPlatformTexture):
        * platform/graphics/gstreamer/VideoTextureCopierGStreamer.h:
        (WebCore::VideoTextureCopierGStreamer::resultTexture):

2017-05-29  Antti Koivisto  <antti@apple.com>

        Crash on display-contents-replaced-001.html
        https://bugs.webkit.org/show_bug.cgi?id=172596

        Reviewed by Andreas Kling.

        This is crashing because some code can't handle display:contents on form controls. Turns
        out the draft specification tell us to disable it for them in any case.

        See https://drafts.csswg.org/css-display-3/#unbox

        * css/StyleResolver.cpp:
        (WebCore::hasEffectiveDisplayNoneForDisplayContents):

            For certain HTML elements (replaced elements, form controls) display:contents should
            behave like display:none.
            Also disable it for SVG and MathML elements.

        (WebCore::StyleResolver::adjustRenderStyle):

            Also compute to display:none when there is no associated element (pseudos etc).

2017-05-30  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] RSA-OAEP support
        https://bugs.webkit.org/show_bug.cgi?id=171222

        Reviewed by Michael Catanzaro.

        Add RSA-OAEP support for configurations that use libgcrypt.

        The encryption operation embeds the plain-text data into a data s-expression,
        specifying OAEP as the padding method of choice and also adding information
        about the hash algorithm and any label data. This is then passed to the
        gcry_pk_encrypt() call together with the provided key, returning the enc-val
        s-expression containing the resulting cipher text. That's retrieved from the
        relevant MPI and returned to the caller.

        The decryption operation embeds the cipher-text data into an enc-val
        s-expression, again specifying the hash algorithm and also filling in any
        label data. This is then passed, along with the key, to the gcry_pk_decrypt()
        call. The returned data s-expression contains the decrypted plain-text data
        inside the 'value' MPI, from which this data is extracted and returned to the
        caller.

        No new tests -- the revelant tests are passing and are unskipped, apart from
        the ones using PKSC#8 and SPKI formats.

        * crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp:
        (WebCore::hashAlgorithmName):
        (WebCore::mpiData):
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        (WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt):
        (WebCore::CryptoAlgorithmRSA_OAEP::platformDecrypt):

2017-05-30  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed follow-up to r217546. Address some review comments that I forgot about.

        * crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp:
        (WebCore::gcryptEncrypt): Use quotations when referencing s-expression names in
        comments to avoid confusion.
        (WebCore::gcryptDecrypt): Ditto.

2017-05-30  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] RSAES-PKCS1-v1_5 support
        https://bugs.webkit.org/show_bug.cgi?id=171219

        Reviewed by Michael Catanzaro.

        Add RSAES-PKCS1-v1_5 support for configurations that use libgcrypt.

        The encryption operation embeds the plain-text data into a data s-expression,
        specifying PKCS#1 as the padding method of choice. That's passed to the
        gcry_pk_encrypt() call together with the specified key. The returned enc-val
        expression contains the 'a' MPI from which the data is extracted and returned.

        The decryption operation goes in reverse -- the cipher-text data is embedded
        into an enc-val s-expression that again also specifies PKCS#1 as the padding
        method. The s-expression is passed to gcry_pk_decrypt() together with the
        specified key. The returned data s-expression contains the decrypted text
        inside the 'value' parameter, so the data is extracted from that and returned
        to the caller.

        No new tests -- the revelant tests are passing and are unskipped, apart from
        the ones using PKCS#8 and SPKI formats.

        * crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp:
        (WebCore::mpiData):
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt):
        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt):

2017-05-30  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] RSASSA-PKCS1-v1_5 support
        https://bugs.webkit.org/show_bug.cgi?id=171220

        Reviewed by Michael Catanzaro.

        Add RSASSA-PKSC1-V_15 support for configurations that use libgcrypt.

        The signing operation first digests data with the specified hash algorithm.
        That's then embedded in the data s-expression. That's then passed to the
        gcry_pk_sign() call together with the specified key, returning a sig-val
        s-expression containing the signature. The signature data is then retrieved
        from the relevant MPI and returned to the caller.

        The verification operation first digests data with the specified hash
        algorithm. That's then embedded in the data s-expression. A sig-val
        s-expression is constructed, embedding the signature data. The data and
        sig-val s-expressions are passed to the gcry_sexp_verify() call which returns
        the resulting error code. The verification succeeds if the returned value is
        GPG_ERR_NO_ERROR, fails if it's GPG_ERR_BAD_SIGNATURE, or errors out with an
        OperationError otherwise.

        No new tests -- the revelant tests are passing and are unskipped, apart from
        the ones using PKCS#8 and SPKI formats.

        * crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp:
        (WebCore::hashCryptoDigestAlgorithm):
        (WebCore::hashAlgorithmName):
        (WebCore::mpiData):
        (WebCore::gcryptSign):
        (WebCore::gcryptVerify):
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign):
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify):

2017-05-29  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Use the parent box style to adjust RenderStyle for alignment.
        https://bugs.webkit.org/show_bug.cgi?id=172215

        Reviewed by Antti Koivisto.

        The css-flexbox spec defined align-self in terms of the parent
        element, which is what this code did.

        The css-align spec defines these properties in terms of the style of
        the containing box instead, which means display: contents styles
        should not be used for this adjustment, but the parent box style
        instead.

        For example, align-items is defined as:

        > This property specifies the default align-self for all of the boxes
        > (including anonymous boxes) participating in this box’s formatting
        > context.

        Note that the css-align spec was recently updated to align (no pun
        intended) with Gecko, and make the |auto| value compute to itself.
        This patch puts us in a more recent spec than before, but not totally
        up-to-date.

        Tests: imported/w3c/web-platform-tests/css/css-display-3/display-contents-alignment-001.html
               imported/w3c/web-platform-tests/css/css-display-3/display-contents-alignment-002.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        (WebCore::StyleResolver::adjustStyleForAlignment):

2017-05-28  Dan Bernstein  <mitz@apple.com>

        [Xcode] ALWAYS_SEARCH_USER_PATHS is set to YES
        https://bugs.webkit.org/show_bug.cgi?id=172691

        Reviewed by Tim Horton.

        * Configurations/Base.xcconfig: Set ALWAYS_SEARCH_USER_PATHS to NO.
        * WebCore.xcodeproj/project.pbxproj: Added DateTimeChooser.h, DateTimeChooserClient.h,
          PerformanceMark.h, PerformanceMeasure.h, SVGUnknownElement.h, and MathMLUnknownElement.h
          to the WebCore target.

2017-05-28  Sam Weinig  <sam@webkit.org>

        [WebIDL] @@iterator should only be accessed once when disambiguating a union type
        https://bugs.webkit.org/show_bug.cgi?id=172684

        Reviewed by Yusuke Suzuki.

        WebIDL specifies that when determining if the value you are converting to a union
        is a sequence, you must get the @@iterator property and, should it exist, use it
        to iterate the sequence. While we correctly accessing the property to make the 
        determination, we were not passing it into the sequence conversion code, and thus
        the sequence conversion code re-accessed it, which is observable and wrong.

        This patch pipes the @@iterator method through the sequence conversion code to avoid
        this.

        Test: js/dom/sequence-in-union-iterator-access.html

        * bindings/js/JSDOMConvertSequences.h:
        (WebCore::Detail::GenericSequenceConverter::convert):
        (WebCore::Detail::NumericSequenceConverter::convertArray):
        (WebCore::Detail::NumericSequenceConverter::convert):
        (WebCore::Detail::SequenceConverter::convertArray):
        (WebCore::Detail::SequenceConverter::convert):
        (WebCore::Detail::SequenceConverter<IDLLong>::convert):
        (WebCore::Detail::SequenceConverter<IDLFloat>::convert):
        (WebCore::Detail::SequenceConverter<IDLUnrestrictedFloat>::convert):
        (WebCore::Detail::SequenceConverter<IDLDouble>::convert):
        (WebCore::Detail::SequenceConverter<IDLUnrestrictedDouble>::convert):
        (WebCore::Converter<IDLSequence<T>>::convert):
        (WebCore::Converter<IDLFrozenArray<T>>::convert):
        Add variants of convert that take a JSObject* (sequence) / JSValue (iterator method)
        rather than just the JSValue (sequence). To avoid too much duplication, split some
        parts of SequenceConverter and NumericSequenceConverter up so they could be reused.

        * bindings/js/JSDOMConvertUnion.h:
        - Fix incorrect step 3 (WebIDL got updated at some point and we didn't notice) to remove
          records.
        - Update sequence and FrozenArray checking/conversion to get the iterator method and pass
          it along, using the new ConditionalSequenceConverter helper which forwards to the new
          sequence converters that accept the iterator method.

2017-05-27  Chris Dumez  <cdumez@apple.com>

        imported/w3c/web-platform-tests/html/semantics/forms/form-control-infrastructure/form_attribute.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=172472
        <rdar://problem/32334831>

        Reviewed by Ryosuke Niwa.

        Fix assertion hit when running imported/w3c/web-platform-tests/html/semantics/forms/form-control-infrastructure/form_attribute.html.

        When the form was removed from the document, A descendant would try to find a new form owner in the document. If the descendant had 
        a form content attribute and there was another form in the document with this ID, then we would erroneously associate the descendant with
        that other form, even though that descendant is being disconnected. This is because when the form with the given id is removed, we
        notify the IdTargetObservers of the change. In this case, the form control is an IdTargetObserver and gets notified after
        removedFrom() has been called on the form but *before* removedFrom() has been called on its descendant form control. As a result, the
        form control still thinks it is in the tree (i.e. isConnected() wrongly returns true) and we make the wrong decision and try to
        associate it with another form in the document.

        To address the problem, we leverage the fact that when a form element is being removed, it already notifies its associated form
        controls that it is being removed. When it does, we make sure to clear the control's id observer if the form is its ancestor.
        The ID observer is no longer needed beyond this point since the control is now disconnected from the document, and the ID observer
        callback would erroneously associate it with another form element in the document of the same ID because isConnected() still returns
        true at that point.
        As a result, the control's form owner is kept unchanged, which is the right thing to do here, since it is its ancestor, even
        though both are detached.

        Test: fast/dom/HTMLFormElement/form-removal-duplicate-id-crash.html

        * dom/ContainerNode.h:
        (WebCore::Node::rootNode):
        Inline rootNode to avoid an extra function call in the fast path case. For the slow path, we now
        call traverseToRootNode() to avoid duolicating logic.

        * dom/Node.cpp:
        (WebCore::Node::traverseToRootNode):
        Add a traverseToRootNode() method which gets the root node by traversing the ancestors. This logic was duplicated in 3 places:
        - Slow path in Node::rootNode()
        - computeRootNode() in FormAssociatedElement.cpp
        - findRoot() in HTMLFormElement.cpp
        They are now consolidated in a single place to avoid duplication.

        * dom/Node.h:
        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::removedFrom):
        Just simplify the logic a bit:
        - Clear the id observer (i.e. m_formAttributeTargetObserver) no matter what. Since the element is no longer part of the document,
          it is no longer needed. We would previously have checks that would basically avoid resetting m_formAttributeTargetObserver to
          null if it is already null. Settign m_formAttributeTargetObserver to null is cheap so there is no reason for those checks. Those
          checks were also confusing because they made it look like we would sometimes keep on id observer after being removed from the
          document.
        - Use new traverseToRootNode() utility function (no behavior change)
        - Drop unnecessary |element| local variable

        (WebCore::FormAssociatedElement::formOwnerRemovedFromTree):
        - Rename to formOwnerRemovedFromTree() to make it clear that it is the element's form owner that is removed, and not just any form.
        - As we traverse the tree up to find the root, also check if we find the form owner. If we do, clear the id observer since we are
          effectively detached from the document and return early since there is no need to reset our form owner in this case.

        * html/FormAssociatedElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::removedFrom):
        - Use new traverseToRootNode() utility function (no behavior change)

2017-05-27  Yusuke Suzuki  <utatane.tea@gmail.com>

        [DOMJIT] Move DOMJIT patchpoint infrastructure out of domjit
        https://bugs.webkit.org/show_bug.cgi?id=172260

        Reviewed by Filip Pizlo.

        * ForwardingHeaders/jit/Snippet.h: Renamed from Source/WebCore/ForwardingHeaders/domjit/DOMJITPatchpoint.h.
        * ForwardingHeaders/jit/SnippetParams.h: Renamed from Source/WebCore/ForwardingHeaders/domjit/DOMJITPatchpointParams.h.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * domjit/DOMJITCheckDOM.h:
        (WebCore::DOMJIT::checkDOM):
        * domjit/DOMJITHelpers.h:
        (WebCore::DOMJIT::toWrapper):
        * domjit/JSDocumentDOMJIT.cpp:
        (WebCore::checkSubClassSnippetForJSDocument):
        (WebCore::DocumentDocumentElementDOMJIT::callDOMGetter):
        (WebCore::DocumentBodyDOMJIT::callDOMGetter):
        (WebCore::checkSubClassPatchpointForJSDocument): Deleted.
        * domjit/JSDocumentFragmentDOMJIT.cpp:
        (WebCore::checkSubClassSnippetForJSDocumentFragment):
        (WebCore::checkSubClassPatchpointForJSDocumentFragment): Deleted.
        * domjit/JSElementDOMJIT.cpp:
        (WebCore::checkSubClassSnippetForJSElement):
        (WebCore::checkSubClassPatchpointForJSElement): Deleted.
        * domjit/JSEventDOMJIT.cpp:
        (WebCore::checkSubClassSnippetForJSEvent):
        (WebCore::checkSubClassPatchpointForJSEvent): Deleted.
        * domjit/JSNodeDOMJIT.cpp:
        (WebCore::checkSubClassSnippetForJSNode):
        (WebCore::createCallDOMGetterForOffsetAccess):
        (WebCore::NodeFirstChildDOMJIT::callDOMGetter):
        (WebCore::NodeLastChildDOMJIT::callDOMGetter):
        (WebCore::NodeNextSiblingDOMJIT::callDOMGetter):
        (WebCore::NodePreviousSiblingDOMJIT::callDOMGetter):
        (WebCore::NodeParentNodeDOMJIT::callDOMGetter):
        (WebCore::NodeNodeTypeDOMJIT::callDOMGetter):
        (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
        (WebCore::checkSubClassPatchpointForJSNode): Deleted.

2017-05-26  Simon Fraser  <simon.fraser@apple.com>

        getComputedStyle returns percentage values for left / right / top / bottom
        https://bugs.webkit.org/show_bug.cgi?id=29084

        Reviewed by Zalan Bujtas.
        
        Fix getComputedStyle() to return pixel values for left / right / top / bottom, per spec.

        This is mostly a merge of https://codereview.chromium.org/13871003/.

        Behavior now matches Chrome and Firefox.

        Test: fast/css/getComputedStyle/getComputedStyle-offsets.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::getOffsetComputedLength):
        (WebCore::getOffsetUsedStyleRelative):
        (WebCore::getOffsetUsedStyleAbsolute):
        (WebCore::positionOffsetValue):
        (WebCore::positionOffsetValueIsRendererDependent):
        (WebCore::isNonReplacedInline):
        (WebCore::isLayoutDependent):
        (WebCore::ComputedStyleExtractor::propertyValue):

2017-05-27  Zalan Bujtas  <zalan@apple.com>

        enclosingIntRect returns a rect with -1 width/height when the input FloatRect overflows integer.
        https://bugs.webkit.org/show_bug.cgi?id=172676

        Reviewed by Simon Fraser.

        Clamp integer values soon after the enclosing rectangle is resolved.

        * platform/graphics/FloatRect.cpp:
        (WebCore::enclosingIntRect):

2017-05-26  Joseph Pecoraro  <pecoraro@apple.com>

        Simply some NSNumber usage
        https://bugs.webkit.org/show_bug.cgi?id=172677

        Reviewed by Sam Weinig.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _addAccessibilityObject:toTextMarkerArray:]):
        (AXAttributeStringSetFont):
        (AXAttributeStringSetStyle):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetStyle):
        (AXAttributeStringSetSpelling):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
        * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::levelIndicatorFor):

2017-05-26  Youenn Fablet  <youenn@apple.com>

        WebRTC stats should be in milliseconds
        https://bugs.webkit.org/show_bug.cgi?id=172644

        Reviewed by Eric Carlson.

        Covered by updated tests.

        * Modules/mediastream/RTCStatsReport.h:
        * Modules/mediastream/RTCStatsReport.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillRTCStats):

2017-05-26  Sam Weinig  <sam@webkit.org>

        [WebIDL] Overloaded functions should throw this object check exception before argument check exception
        https://bugs.webkit.org/show_bug.cgi?id=172480

        Reviewed by Chris Dumez.

        - Codifies naming for both parts of the operation/attribute function implementation:
          - The 'trampoline' which is the actual host function and simply calls IDLOperation,
            IDLOperationReturningPromise or IDLAttribute.
          - The 'body' which is where argument checking and calling into the implementation
            takes place.
        - Made it so all operations, including static ones, use the trampoline / body model,
          simplifying code generation. The one exception is for overloaded operations, which
          now have a trampoline and body for the dispatcher, and only bodies for all the 
          overloads. This is what fixes the bug, since now that the dispatcher has a trampoline,
          it can do the correct this object checking via IDLOperation / IDLOperationReturningPromise.
        - Split out code generation for trampoline and body into separate subroutines and 
          simplified their implementations.
        - Changed GenerateOverloadDispatcher to only generate the body of the function, leaving it
          up to the caller to generate the signature, braces and conditionals if needed.
        - Made more subroutines take an output array and indent, in support of future endeavors
          that will need that support.
        - Remove unnecessary #includes of <runtime/Error.h>, which gets included already by virtue
          of JSDOMExceptionHandling.h

        Test: js/dom/overloaded-operation-exception-order.html

        * bindings/js/JSDOMOperation.h:
        * bindings/js/JSDOMOperationReturningPromise.h:
        Add no-op static versions of the bouncer functions.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateOverloadDispatcher):
        (GenerateOperationTrampolineDefinition):
        (GenerateOperationBodyDefinition):
        (GenerateOperationDefinition):
        (GenerateSerializerDefinition):
        (GenerateLegacyCallerDefinitions):
        (GenerateLegacyCallerDefinition):
        (GenerateArgumentsCountCheck):
        (GenerateParametersCheck):
        (GenerateImplementationFunctionCall):
        (GenerateImplementationCustomFunctionCall):
        (GenerateConstructorDefinitions):
        (GenerateConstructorDefinition):

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

2017-05-26  Brent Fulgham  <bfulgham@apple.com>

        [WK2] Address thread safety issues with ResourceLoadStatistics
        https://bugs.webkit.org/show_bug.cgi?id=172519
        <rdar://problem/31707642>

        Reviewed by Chris Dumez.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setStatisticsQueue): Added.
        (WebCore::ResourceLoadObserver::clearInMemoryStore): Only interact with the HashTable on the statistics queue.
        (WebCore::ResourceLoadObserver::clearInMemoryAndPersistentStore): Ditto.
        (WebCore::ResourceLoadObserver::logFrameNavigation): Ditto.
        (WebCore::ResourceLoadObserver::logSubresourceLoading): Ditto.
        (WebCore::ResourceLoadObserver::logWebSocketLoading): Ditto.
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution): Ditto.
        (WebCore::ResourceLoadObserver::logUserInteraction): Ditto.
        (WebCore::ResourceLoadObserver::clearUserInteraction): Protect HashTable while reading.
        (WebCore::ResourceLoadObserver::hasHadUserInteraction): Ditto.
        (WebCore::ResourceLoadObserver::setPrevalentResource): Ditto.
        (WebCore::ResourceLoadObserver::isPrevalentResource): Ditto.
        (WebCore::ResourceLoadObserver::clearPrevalentResource): Ditto.
        (WebCore::ResourceLoadObserver::setGrandfathered): Ditto.
        (WebCore::ResourceLoadObserver::isGrandfathered): Ditto.
        (WebCore::ResourceLoadObserver::setSubframeUnderTopFrameOrigin): Only interact with the HashTable on the statistics queue.
        (WebCore::ResourceLoadObserver::setSubresourceUnderTopFrameOrigin): Ditto.
        (WebCore::ResourceLoadObserver::setSubresourceUniqueRedirectTo): Ditto.
        (WebCore::ResourceLoadObserver::fireDataModificationHandler): ASSERT this is only called from the main thread, since this is
        only meant to be used as part of the testing harness.
        (WebCore::ResourceLoadObserver::fireShouldPartitionCookiesHandler): Ditto.
        (WebCore::ResourceLoadObserver::fireShouldPartitionCookiesHandler): Ditto.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::isPrevalentResource): Protect HashTable while using it.
        (WebCore::ResourceLoadStatisticsStore::ensureResourceStatisticsForPrimaryDomain): Ditto.
        (WebCore::ResourceLoadStatisticsStore::setResourceStatisticsForPrimaryDomain): Ditto.
        (WebCore::ResourceLoadStatisticsStore::createEncoderFromData): ASSERT this isn't being done on the main thread, and
        protect HashTable while using it.
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder): Ditto.
        (WebCore::ResourceLoadStatisticsStore::clearInMemory): Ditto.
        (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent): Ditto.
        (WebCore::ResourceLoadStatisticsStore::statisticsForOrigin): Protect HashTable while using it.
        (WebCore::ResourceLoadStatisticsStore::takeStatistics): Ditto.
        (WebCore::ResourceLoadStatisticsStore::mergeStatistics): Ditto.
        (WebCore::ResourceLoadStatisticsStore::setNotificationCallback): Use WTF::Function.
        (WebCore::ResourceLoadStatisticsStore::setShouldPartitionCookiesCallback): Ditto.
        (WebCore::ResourceLoadStatisticsStore::setWritePersistentStoreCallback): Ditto.
        (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback): Ditto.
        (WebCore::ResourceLoadStatisticsStore::fireDataModificationHandler): ASSERT this is not called on the main thread,
        but dispatch the registered handler on the main thread.
        (WebCore::ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler): Ditto.
        (WebCore::ResourceLoadStatisticsStore::processStatistics): ASSERT this isn't being done on the main thread, and
        protect the HashTable while using it. Also switch to WTF::Function.
        (WebCore::ResourceLoadStatisticsStore::hasHadRecentUserInteraction): Make const correct.
        (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor): Protect HashTable while using it.
        (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords): Ditto.
        (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore): Ditto.
        (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords): Make const correct. ASSERT this is not being called
        on the main thread.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved): ASSERT this is not being called on the main thread.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved): Ditto.
        (WebCore::ResourceLoadStatisticsStore::statisticsLock): Added.
        * loader/ResourceLoadStatisticsStore.h:

2017-05-26  Joseph Pecoraro  <pecoraro@apple.com>

        JSContext Inspector: Improve the reliability of automatically pausing in auto-attach
        https://bugs.webkit.org/show_bug.cgi?id=172664
        <rdar://problem/32362933>

        Reviewed by Matt Baker.

        * inspector/InspectorController.h:
        * page/PageDebuggable.cpp:
        (WebCore::PageDebuggable::connect):
        * page/PageDebuggable.h:
        Pass an immediatelyPause boolean on to the controller.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::connectFrontend):
        (WebCore::InspectorController::disconnectFrontend):
        (WebCore::InspectorController::disconnectAllFrontends):
        Manage should immediately pause state.

        (WebCore::InspectorController::frontendInitialized):
        When initialized, trigger a pause if requested.

2017-05-26  Don Olmstead  <don.olmstead@am.sony.com>

        [CMake] Consolidate CMake code related to FreeType
        https://bugs.webkit.org/show_bug.cgi?id=172656

        Reviewed by Michael Catanzaro.

        No new tests. No change in behavior.

        * PlatformGTK.cmake:
        * PlatformWPE.cmake:
        * platform/FreeType.cmake: Added.

2017-05-26  Sam Weinig  <sam@webkit.org>

        [WebIDL] Another bindings cleanup pass, this time focusing on attributes
        https://bugs.webkit.org/show_bug.cgi?id=172619

        Reviewed by Chris Dumez.

        - Moved attribute getter / setter generation into their own subroutines.
        - As was done for operations, moved trampoline functions for attributes
          below their implementation functions to avoid unseemly forward declaration.
        - Changed to place the getter and setter for an attribute next to each other,
          rather than having all the getters and then all the setters.
        - Moved JSFoo::getConstructor and JSFoo::getNamedConstructor up to be with other
          member functions.
        - Fix an issue where we were generating a setJSFooConstructor function and not
          installing it anywhere. Now we always generate either both the getter and setter
          or neither for the constructor property. Also moved their definition to just above
          all the attributes, rather than the odd placements of between the getters and
          setters which is where they had been.
        - Made InstanceNeedsVisitChildren a complete answer, rather than relying on some
          loop of the attributes to update needsVisitChildren bit.
        - Move use of passing conditionals when adding headers.

        * bindings/scripts/CodeGeneratorJS.pm:
        (InstanceNeedsVisitChildren):
        (GenerateHeader):
        (GenerateImplementation):
        (GenerateAttributeGetterDefinition):
        (GenerateAttributeSetterDefinition):
        (NeedsConstructorProperty):

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

2017-05-26  Don Olmstead  <don.olmstead@am.sony.com>

        [CMake] Wrap CODE_GENERATOR_PREPROCESSOR_EXECUTABLE on Windows hosts
        https://bugs.webkit.org/show_bug.cgi?id=172553

        Reviewed by Brent Fulgham.

        No new tests. No change in behavior.

        * bindings/scripts/preprocessor.pm:
        (applyPreprocessor): Use shellwords() instead of splitting
        preprocessor command by space. Combine it back in open3() call on
        Windows to work around Cygwin-specific issue.

2017-05-26  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the build using the latest SDK

        Add deprecation guards around newly introduced (and deprecated) SPI.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard setItemsUsingRegistrationInfoLists:]):

2017-05-26  Beth Dakin  <bdakin@apple.com>

        Media documents inside iframes should not get controls in the TouchBar unless the 
        video is playing
        https://bugs.webkit.org/show_bug.cgi?id=172620
        -and corresponding-
        rdar://problem/32165477

        Reviewed by Jon Lee.

        Media documents get to return early with true, but that should only apply to 
        mainframe media documents. 
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::canShowControlsManager):

2017-05-26  Youenn Fablet  <youenn@apple.com>

        Minor clean-up related to DocumentThreadableLoader redirections
        https://bugs.webkit.org/show_bug.cgi?id=172647

        Reviewed by Chris Dumez.

        No change of behavior.

        Decrementing m_options redirect count directly instead of using an
        additional counter.

        To compare whether two URLs are same-origin, use scheme+host+port check
        as per the spec.
        This is fine as only the initial origin may have specific rules and we
        are using the scheme+host+port checks when already being gone to
        another origin.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived):
        * loader/DocumentThreadableLoader.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):

2017-05-26  Youenn Fablet  <youenn@apple.com>

        Fix memory leaks in MediaSampleAVFObjC::create
        https://bugs.webkit.org/show_bug.cgi?id=172600

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::createImageSample):

2017-05-26  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Add support for orthogonal positioned grid items
        https://bugs.webkit.org/show_bug.cgi?id=172591

        Reviewed by Sergio Villar Senin.

        This patch adds support for positioned grid items with orthogonal flows.
        Basically it just needs to check if the item is orthogonal to use
        the column or row offset as logical left or top depending on the case.

        Tests: imported/w3c/web-platform-tests/css/css-grid-1/abspos/orthogonal-positioned-grid-items-***.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutPositionedObject):

2017-05-25  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Don't reset m_hasDisplayContents on ElementRareData::resetComputedStyle.
        https://bugs.webkit.org/show_bug.cgi?id=172503

        Reviewed by Antti Koivisto.

        We use that bit of information to determine whether we need to tear
        down the renderers of a display: contents subtree, so better for it to
        not change until the render tree is updated.

        In practice, we may want to remove that bit and use ElementRareData's
        RenderStyle instead (keeping it around as appropriate), to ensure they
        don't go out of sync, but that's out of scope of this patch for now.

        Tests: imported/w3c/web-platform-tests/css/css-display-3

        * dom/ElementRareData.h:
        (WebCore::ElementRareData::resetComputedStyle):

2017-05-25  Sam Weinig  <sam@webkit.org>

        Fix MediaDeviceInfo's extended attributes so they make sense
        https://bugs.webkit.org/show_bug.cgi?id=172629

        Reviewed by Daniel Bates.

        MediaDeviceInfo.idl had both a Constructor and NoInterfaceObject, which
        doesn't really make sense. Either way, the spec says it should have 
        neither, so remove both. And, while were there, add missing serializer.

        Test: fast/mediastream/media-device-info.html

        * Modules/mediastream/MediaDeviceInfo.idl:

2017-05-25  Chris Dumez  <cdumez@apple.com>

        imported/w3c/web-platform-tests/html/semantics/forms/form-control-infrastructure/form_owner_and_table_2.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=172628
        <rdar://problem/32418707>

        Reviewed by Sam Weinig.

        In the event where a form is removed synchronously by a script during parsing,
        FormAssociatedElement::m_formSetByParser may end up referring to a form that
        is no longer in the document. As a result, we should make sure m_formSetByParser
        is still connected in FormAssociatedElement::insertedInto() before we call
        FormAssociatedElement::setForm(m_formSetByParser).

        Test: fast/dom/HTMLFormElement/form-removed-during-parsing-crash.html

        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::insertedInto):

2017-05-25  Zalan Bujtas  <zalan@apple.com>

        Frame's composited content is visible when the frame has visibility: hidden.
        https://bugs.webkit.org/show_bug.cgi?id=125565
        <rdar://problem/32196849>

        Reviewed by Simon Fraser.

        Do not construct composited layers for hidden RenderWidgets (frameset, iframe, object).
        Note that we still construct layers for the associated renderers as usual. 

        Tests: compositing/visibility/frameset-visibility-hidden.html
               compositing/visibility/iframe-visibility-hidden.html
               compositing/visibility/object-visibility-hidden.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForPlugin):
        (WebCore::RenderLayerCompositor::requiresCompositingForFrame):

2017-05-25  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, build fix in GTK and WPE ports
        https://bugs.webkit.org/show_bug.cgi?id=172580

        Missing RenderSVGResourceMode declaration in SVGInlineTextBox.h.

        * rendering/svg/SVGInlineTextBox.h:

2017-05-25  Simon Fraser  <simon.fraser@apple.com>

        Use a typedef for SVG resource mode flags union
        https://bugs.webkit.org/show_bug.cgi?id=172580

        Reviewed by Sam Weinig.

        Use an OptionSet<> for RenderSVGResourceModes flags, and use it in render
        SVG resource classes.

        * rendering/svg/RenderSVGResource.cpp:
        (WebCore::requestPaintingResource):
        (WebCore::RenderSVGResource::fillPaintingResource):
        (WebCore::RenderSVGResource::strokePaintingResource):
        * rendering/svg/RenderSVGResource.h:
        (WebCore::RenderSVGResource::postApplyResource):
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyResource):
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::applyResource):
        (WebCore::RenderSVGResourceFilter::postApplyResource):
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceGradient.cpp:
        (WebCore::RenderSVGResourceGradient::applyResource):
        * rendering/svg/RenderSVGResourceGradient.h:
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::buildPattern):
        (WebCore::RenderSVGResourcePattern::applyResource):
        (WebCore::RenderSVGResourcePattern::postApplyResource):
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/RenderSVGResourceSolidColor.cpp:
        (WebCore::RenderSVGResourceSolidColor::applyResource):
        (WebCore::RenderSVGResourceSolidColor::postApplyResource):
        * rendering/svg/RenderSVGResourceSolidColor.h:
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::fillShape):
        (WebCore::RenderSVGShape::strokeShape):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::SVGInlineTextBox):
        (WebCore::SVGInlineTextBox::paintSelectionBackground):
        (WebCore::SVGInlineTextBox::paint):
        (WebCore::SVGInlineTextBox::acquirePaintingResource):
        (WebCore::SVGInlineTextBox::releasePaintingResource):
        (WebCore::SVGInlineTextBox::paintDecoration):
        (WebCore::SVGInlineTextBox::paintDecorationWithStyle):
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::~SVGRenderingContext):
        (WebCore::SVGRenderingContext::prepareToRenderSVGContent):
        (WebCore::SVGRenderingContext::renderSubtreeToImageBuffer): Avoid needless IntPoint -> LayoutPoint
        conversion.

2017-05-25  Chris Dumez  <cdumez@apple.com>

        Regression(r215686): Videos sometimes do not load in iBooks
        https://bugs.webkit.org/show_bug.cgi?id=172604
        <rdar://problem/32003717>

        Reviewed by Geoffrey Garen.

        Before r215686, the loop would have a check at the beginning to check if the
        dataRequest's currentOffset was greater than the buffer length and would
        cause the function to return early.

        This check was dropped in r215686, which caused us in some cases to call
        finishLoading / stopLoading() after the loop, even though we did not have
        enough data in the buffer to satisfy the data request.

        To address the issue, we now return early after the loop if remainingLength
        is greater than 0, meaning that we could not satisfy the request. This makes
        sure we do not call finishLoading / stopLoading() prematurely.

        Note that before r215686, the condition of the while loop was 
        "while (remainingLength)" so the only way to get out of the loop was to:
        1. Get remainingLength to 0, in which case we would fall through and
           potentially call finishLoading / stopLoading() after the loop.
        2. Fail the "(data->size() <= [dataRequest currentOffset] - responseOffset)"
           check at the beginning of the loop, meaning that we ran out of data in
           the buffer. This would cause us to return from the function, not fall
           through, so we would not call finishLoading / stopLoading().

        No new tests, I do not know how to write a test for this.

        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::fulfillRequestWithResource):

2017-05-25  Sam Weinig  <sam@webkit.org>

        [WebIDL] Use the term 'operation' more consistently
        https://bugs.webkit.org/show_bug.cgi?id=172601

        Reviewed by Chris Dumez.

        We were using the term 'operation', a WebIDL term for function-like
        constructs, inconsistently in the code generator. Now, when we use
        'operation' when referring to the IDL concept (usually the object the
        parser produces) and 'function' when referring to code being generated.

        * bindings/scripts/CodeGenerator.pm:
        * bindings/scripts/IDLParser.pm:
        * bindings/scripts/generate-bindings.pl:

2017-05-25  Jer Noble  <jer.noble@apple.com>

        System sleeps while playing to wireless target, ending stream.
        https://bugs.webkit.org/show_bug.cgi?id=172541

        Reviewed by Eric Carlson.

        API test: Tests/mac/MediaPlaybackSleepAssertion.mm

        Keep the system from sleeping (but allow the display to sleep) while playing media to a wireless target.

        Give the SleepDisabler a Type, either System or Display, which indicates what kind of sleep to disable.
        Update HTMLMediaElement::shouldDisableSleep() to differentiate between a video which is playing locally,
        one that is playing but not visible, and one that is playing remotely.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged):
        (WebCore::HTMLMediaElement::updateSleepDisabling):
        (WebCore::HTMLMediaElement::shouldDisableSleep):
        * html/HTMLMediaElement.h:
        * platform/SleepDisabler.cpp:
        (WebCore::SleepDisabler::create):
        (WebCore::SleepDisabler::SleepDisabler):
        * platform/SleepDisabler.h:
        (WebCore::SleepDisabler::type):
        * platform/cocoa/SleepDisablerCocoa.cpp:
        (WebCore::SleepDisabler::create):
        (WebCore::SleepDisablerCocoa::SleepDisablerCocoa):
        (WebCore::SleepDisablerCocoa::~SleepDisablerCocoa):
        * platform/cocoa/SleepDisablerCocoa.h:
        * platform/mac/WebVideoFullscreenController.mm:
        (-[WebVideoFullscreenController updatePowerAssertions]):
        * platform/spi/cocoa/IOPMLibSPI.h:

2017-05-25  Chris Dumez  <cdumez@apple.com>

        DocumentThreadableLoader::redirectReceived() should not rely on the resource's loader
        https://bugs.webkit.org/show_bug.cgi?id=172578
        <rdar://problem/30754582>

        Reviewed by Youenn Fablet.

        DocumentThreadableLoader::redirectReceived() should not rely on the resource's loader. The rest of the methods do not.
        It is unsafe for it to rely on the resource's loader because it gets cleared when the load completes. A CachedRawresource
        may be reused from the memory cache once its load has completed.

        This would cause crashes in CachedRawResource::didAddClient() when replaying the redirects because it would call
        DocumentThreadableLoader::redirectReceived() and potentially not have a loader anymore. To hit this exact code path,
        you would need to make repeated XHR to a cacheable simple cross-origin resource that has cacheable redirect.

        Test: http/tests/xmlhttprequest/cacheable-cross-origin-redirect-crash.html

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived):
        * loader/DocumentThreadableLoader.h:

2017-05-25  Zalan Bujtas  <zalan@apple.com>

        ASSERTION FAILED: !needsStyleRecalc() || !document().childNeedsStyleRecalc()
        https://bugs.webkit.org/show_bug.cgi?id=172576
        <rdar://problem/32181979>

        Reviewed by Brent Fulgham.

        Ensure that we clean the subframe's document before start searching for a focusable element.

        Covered by existing test.

        * page/FocusController.cpp:
        (WebCore::FocusController::findFocusableElementDescendingDownIntoFrameDocument):

2017-05-24  Jiewen Tan  <jiewen_tan@apple.com>

        Crash on WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance + 1195
        https://bugs.webkit.org/show_bug.cgi?id=172555
        <rdar://problem/32004724>

        Reviewed by Ryosuke Niwa.

        setSelectionWithoutUpdatingAppearance could dispatch a synchronous focusin event,
        which could invoke an event handler that deteles the frame. Therefore, add a
        protector before the call.

        Test: editing/selection/select-iframe-focusin-document-crash.html

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::setSelection):

2017-05-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Ensure ImageFrameCache does not access its BitmapImage after it is deleted
        https://bugs.webkit.org/show_bug.cgi?id=172563

        Reviewed by Simon Fraser.

        A crash may happen if the BitmapImage is deleted while the decoding thread
        is still active. Once the current frame finishes decoding, the decoding
        thread will make a callOnMainThread() which will access the deleted BitmapImage.

        We need to ensure if BitmapImage is deleted, the raw pointer which references
        it in ImageFrameCache is cleared. If this is done, nothing else is needed.
        All all the accesses to container BitmapImage in ImageFrameCache are guarded
        by checking m_image is not null.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::~BitmapImage): Make sure the decoding thread will
        not have access to the deleted BitmapImage when it finishes decoding and
        make its callOnMainThread().
        (WebCore::BitmapImage::destroyDecodedData): Use the function new name.
        (WebCore::BitmapImage::internalStartAnimation): Ditto.
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::startAsyncDecodingQueue): Protect the sourceURL
        for the decoding thread. ImageFrameCache::sourceURL() checks for the value
        of m_image which now may change from the main thread.
        * platform/graphics/ImageFrameCache.h:
        (WebCore::ImageFrameCache::clearImage): Add a new function to clear the 
        raw pointer m_image when its is deleted.
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::resetData): Rename clear() to resetData() for better
        code readability. This function deletes the ImageDecoder and creates a new
        one if data is not null. The purpose is to delete the decoder raster data.
        (WebCore::ImageSource::clear): Deleted.
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::clearImage): Wrapper for the ImageFrameCache function.

2017-05-25  youenn fablet  <youenn@apple.com>

        Add some release logging for media elements
        https://bugs.webkit.org/show_bug.cgi?id=172581

        Reviewed by Eric Carlson.

        No change of behavior.

         Adding logging for getUserMedia, video autoplay and incoming/outgoing webrtc video tracks.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        (WebCore::UserMediaRequest::deny):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted):
        * platform/Logging.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::OnFrame):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sendOneBlackFrame):
        (WebCore::RealtimeOutgoingVideoSource::videoSampleAvailable):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:

2017-05-25  Sam Weinig  <sam@webkit.org>

        [WebIDL] Do a pass of cleanup in the bindings generator
        https://bugs.webkit.org/show_bug.cgi?id=172566

        Reviewed by Chris Dumez.

        - Split JSDOMBindingCaller.h into four new files to allow for less 
          header inclusion (one includes a bunch of promise stuff that usually
          isn't needed): 
            - JSDOMCastedThisErrorBehavior (with shared casting enum)
            - JSDOMAttribute (for attribute getting / setting)
            - JSDOMOperation (for normal operations)
            - JSDOMOperationReturningPromise (for operations returning promises, obviously).

          In addition to separating the files, rename to be more consistent with modern
          bindings conventions (new classes are IDLAttribute, IDLOperation, and 
          IDLOperationReturningPromise) and simplify function names
            - 'callOperation' becomes 'call'
            - 'attribute' becomes 'get'
            - 'setAttribute' becomes 'set'

        - Remove extra generated trampoline function for operations returning promises
          by making JSDOMOperationReturningPromise handle all the promise related overhead.

        - Make [Custom] operations returning promises go through the normal IDLOperationReturningPromise
          code path (simplifying JSReadableStreamSource and JSSubtleCrypto). Added [ReturnsOwnPromise]
          extended attribute to allow some functions that want to retain specialized behavior to do so

        - Swap order of trampoline and implementation of operation, to avoid the need for
          a forward declaration and make reading more straightforward.

        * WebCore.xcodeproj/project.pbxproj:
        Add / remove files.

        * bindings/js/JSDOMBindingCaller.h: Removed.

        * bindings/js/JSDOMCastedThisErrorBehavior.h: Added.
        Shared header for enum needed by JSDOMAttribute, JSDOMOperation and JSDOMOperationReturningPromise.

        * bindings/js/JSDOMAttribute.h: Added.
        * bindings/js/JSDOMOperation.h: Added.
        * bindings/js/JSDOMOperationReturningPromise.h: Added.
        Split out JSDOMBindingCaller implementations into own classes / files. Simplify
        naming.
    
        * bindings/js/JSDOMPromiseDeferred.h:
        (WebCore::callPromiseFunction):
        Add a variant of callPromiseFunction that takes a lambda.

        * bindings/js/JSEventTargetCustom.h:
        (WebCore::IDLOperation<JSEventTarget>::call):
        Update operation specialization to use new class.

        * bindings/js/JSReadableStreamSourceCustom.cpp:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        Simplify now that the callPromiseFunction is called for us.

        * crypto/WebKitSubtleCrypto.idl:
        * css/FontFace.idl:
        * dom/CustomElementRegistry.idl:
        Add [ReturnsOwnPromise] to retain custom promise behavior.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        Update header generation to account for custom functions that return promises now
        having a Ref<DeferredPromise>&& parameter.

        (GenerateImplementation):
        - Update for new naming of cast functions.
        - Use AddToImplIncludes (and pass in conditional) rather than using $implIncludes
          directly, #includes to be grouped correctly.
        - Remove dead $inAppleCopyright code (it was moved to GenerateOperationDefinition 
          earlier).

        (GenerateOperationDefinition):
        - Use $codeGenerator->IsPromiseType() rather than directly comparing to "Promise" string.
        - Restructure code to allow trampoline (the code that calls IDLOperation) to come after
          the main operation implementation (the part that calls into the impl).
        - Support custom functions returning promises (and the [ReturnsOwnPromise] variant).

        (GenerateImplementationIterableFunctions):
        Update for name change to IDLOperation.

        * bindings/scripts/IDLAttributes.json:
        Add [ReturnsOwnPromise].

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

        * bindings/scripts/test/TestObj.idl:
        Add additional test cases for operations returning promises.

2017-05-25  Simon Fraser  <simon.fraser@apple.com>

        Some <chrono> and ProgressTracker cleanup
        https://bugs.webkit.org/show_bug.cgi?id=172582

        Reviewed by Sam Weinig.

        Remove some unnecessary <chrono> includes.
        Convert some std::chrono to use MonotonicTime/Seconds.
        Clean up ProgressTracker.
        Some #pragma once.

        * dom/Document.h:
        * loader/ProgressTracker.cpp:
        (WebCore::ProgressTracker::ProgressTracker):
        (WebCore::ProgressTracker::reset):
        (WebCore::ProgressTracker::progressStarted):
        (WebCore::ProgressTracker::finalProgressComplete):
        (WebCore::ProgressTracker::incrementProgress):
        * loader/ProgressTracker.h:
        * page/Settings.h:
        * platform/SearchPopupMenu.h:
        * platform/Timer.h:
        * platform/graphics/cg/IOSurfacePool.cpp:
        (WebCore::IOSurfacePool::markOlderSurfacesPurgeable):
        * platform/graphics/cg/IOSurfacePool.h:
        (WebCore::IOSurfacePool::CachedSurfaceDetails::resetLastUseTime):
        * platform/network/PlatformCookieJar.h:

2017-05-25  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Expose doc-footnote ARIA role with ATK_ROLE_FOOTNOTE
        https://bugs.webkit.org/show_bug.cgi?id=172355

        Reviewed by Chris Fleizach.

        Add a new FootnoteRole accessibility role to WebCore and map it to
        ATK_ROLE_FOOTNOTE for WebKitGtk and NSAccessibilityGroupRole with
        a subrole of AXApplicationGroup for the Mac port.

        No new tests because we already have coverage for this role.
        The existing test expectations were updated to reflect the
        new mapping of doc-footnote to ATK_ROLE_FOOTNOTE.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::computedRoleString):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):

2017-05-25  youenn fablet  <youenn@apple.com>

        [macOS WK2 Debug] Layout Test webrtc/video.html is crashing.
        https://bugs.webkit.org/show_bug.cgi?id=172560
        <rdar://problem/32392611>

        Reviewed by Eric Carlson.

        webrtc/multiple-video.html is no longer crashing.

        Allow autoplay only from going to not capture to capture, and not the reverse.
        Renamed HTMLMediaElement::mediaStreamCaptureStateChanged to mediaStreamCaptureStarted.

        * dom/Document.cpp:
        (WebCore::Document::mediaStreamCaptureStateChanged):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaStreamCaptureStateChanged): Deleted.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::mediaStreamCaptureStarted):

2017-05-25  Dave Hyatt  <hyatt@apple.com>

        Baseline of number inputs not right.
        https://bugs.webkit.org/show_bug.cgi?id=172237

        Reviewed by Dean Jackson.

        Added fast/forms/baseline-of-number-inputs.html

        * css/html.css:
        (input::-webkit-inner-spin-button):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::computeLogicalHeightLimit): Deleted.
        (WebCore::RenderSearchField::centerContainerIfNeeded): Deleted.
        * rendering/RenderSearchField.h:
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::centerRenderer):
        (WebCore::RenderTextControlSingleLine::layout):
        (WebCore::RenderTextControlSingleLine::computeLogicalHeightLimit): Deleted.
        * rendering/RenderTextControlSingleLine.h:
        (WebCore::RenderTextControlSingleLine::centerContainerIfNeeded): Deleted.

2017-05-25  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Fix behavior of positioned items without specific dimensions
        https://bugs.webkit.org/show_bug.cgi?id=172117

        Reviewed by Sergio Villar Senin.

        Currently positioned items that doesn't have specific dimensions
        are not properly sized. This patch fixes the issues with them.

        The patch removes the extraInline|BlockOffsets from RenderBox,
        so now RenderGrid is responsible of setting the location of the positioned item.
        This will be useful to add alignment support for positioned items later.
        It also removes grid specific logic from RenderBox.

        RenderBox::computeInlineStaticDistance() was modified too.
        The problem here was that the containing block of the positioned gird items
        is the grid area (and not the grid container). The method didn't know
        anything about grid, so it was using the grid container causing wrong values
        when resolving "auto" in both left and right offset properties.

        Note that after this patch we match Chrome and Firefox behavior on these cases.

        Test: fast/css-grid-layout/positioned-grid-items-sizing.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed):
        (WebCore::computeInlineStaticDistance):
        (WebCore::RenderBox::computePositionedLogicalWidth):
        (WebCore::RenderBox::computePositionedLogicalHeight):
        * rendering/RenderBox.h:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutPositionedObject):
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):

2017-05-25  Claudio Saavedra  <csaavedra@igalia.com>

        [WPE] Build fix after r217404

        Unreviewed

        * PlatformWPE.cmake: Include missing cairo cmake file.

2017-05-24  Chris Dumez  <cdumez@apple.com>

        ResourceResponses for data URLs have their Source marked as Unknown
        https://bugs.webkit.org/show_bug.cgi?id=172573
        <rdar://problem/31786198>

        Reviewed by Geoffrey Garen.

        ResourceResponses for data URLs have their Source marked as Unknown.

        Now set their source to Network to maintain previous behavior when
        we used to decode those data URLs on Network process side.

        Test: fast/url/data-url-source.html

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::loadDataURL):

2017-05-24  Fujii Hironori  <Hironori.Fujii@sony.com>

        [Win] An assertion fails if the custom cursor image isn't loaded yet
        https://bugs.webkit.org/show_bug.cgi?id=172209

        Reviewed by Said Abou-Hallawa.

        Test: fast/css/crash-on-custom-cursor-when-loading.html

        A custom cursor image can be zero dimension if it is loading or
        decoding. Cursor::ensurePlatformCursor of Windows port should
        handle such case properly.

        * platform/win/CursorWin.cpp:
        (WebCore::Cursor::ensurePlatformCursor): Load a stock cursor if
        the custom cursor image has zero dimension. Do not do null-check
        of the return value of createSharedCursor() because it never
        returns null.

2017-05-24  Don Olmstead  <don.olmstead@am.sony.com>

        [CMake] Consolidate CMake code related to Cairo
        https://bugs.webkit.org/show_bug.cgi?id=172568

        Reviewed by Alex Christensen.

        No new tests. No change in behavior.

        * PlatformGTK.cmake:
        * PlatformWPE.cmake:
        * PlatformWinCairo.cmake:
        * config.h:
        * platform/Cairo.cmake: Added.
        * platform/GStreamer.cmake:
        * platform/ImageDecoders.cmake:

2017-05-24  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION (r206481): Don't assume frameCount() is larger than or equal to the size of the image frame cache
        https://bugs.webkit.org/show_bug.cgi?id=172552

        Reviewed by Geoffrey Garen.

        If an image with many cached ImageFrames is cached but its encoded data is
        freed, then the same image is reused, the encoded data will be fetched.
        But the initial frameCount() might be less than the current size of the
        ImageFrames cache.

        This was causing an assertion in the debug build and crash in the release
        build. Vector::grow() does not handle the case where the new size is smaller
        than the current size safely.

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::growFrames):

2017-05-24  Sergey Shekyan  <shekyan@gmail.com>

        navigator.webdriver should return false if the page is not controlled by automation
        https://bugs.webkit.org/show_bug.cgi?id=171997

        Reviewed by Chris Dumez.

        Per WebDriver Specification at https://www.w3.org/TR/webdriver/#interface

        Test: js/dom/navigator-webdriver.html
        Rebaseled fast/dom/navigator-detached-no-crash.html

        * Modules/webdriver/NavigatorWebDriver.cpp:
        (WebCore::NavigatorWebDriver::NavigatorWebDriver):
        (WebCore::NavigatorWebDriver::isControlledByAutomation):
        (WebCore::NavigatorWebDriver::from):
        (WebCore::NavigatorWebDriver::webdriver):
        (WebCore::JSNavigator::webdriver): Deleted.
        * Modules/webdriver/NavigatorWebDriver.h:
        * Modules/webdriver/NavigatorWebDriver.idl:

2017-05-24  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, suppress deprecation warnings to fix the build.

        * platform/graphics/mac/GraphicsContextMac.mm:
        (WebCore::linearRGBColorSpaceRef):

2017-05-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        Plumb additional image metadata to item providers when beginning data interaction on an image
        https://bugs.webkit.org/show_bug.cgi?id=172536
        <rdar://problem/32371300>

        Reviewed by Beth Dakin.

        Plumb suggestedName (the last path component of the image's source URL) and size (the actual size of the image)
        to item providers when beginning data interaction on an image.

        Augments existing unit tests to cover these changes -- see DataInteractionTests.

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::writeImageToPasteboard):
        * platform/Pasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::writeObjectRepresentations):
        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderRegistrationInfoList init]):
        (-[WebItemProviderPasteboard setItemsUsingRegistrationInfoLists:]):
        (temporaryFileURLForDataInteractionContent):

2017-05-24  Eric Carlson  <eric.carlson@apple.com>

        CoreAudioCaptureSource is ducking system sound
        https://bugs.webkit.org/show_bug.cgi?id=172512

        Reviewed by Youenn Fablet.

        Manual testing.

        * Configurations/WebCore.xcconfig: Adding CoreAudio as framework for iOS.
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setupAudioUnit):
        (WebCore::CoreAudioSharedUnit::defaultOutputDevice):
        * platform/spi/cf/CoreAudioSPI.h: Added.

2017-05-24  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Change grandfathering default to one hour
        https://bugs.webkit.org/show_bug.cgi?id=172524
        <rdar://problem/32360462>

        Reviewed by Brent Fulgham.

        Covered by existing test.

        * loader/ResourceLoadStatisticsStore.cpp:

2017-05-24  Jer Noble  <jer.noble@apple.com>

        Rename DisplaySleepDisabler -> SleepDisabler
        https://bugs.webkit.org/show_bug.cgi?id=172478

        Reviewed by Sam Weinig.

        Rename DisplaySleepDisabler to SleepDisabler so that different (i.e., non-Display) sleep types can be
        added in a future change.

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateSleepDisabling):
        * html/HTMLMediaElement.h:
        * platform/SleepDisabler.cpp: Renamed from Source/WebCore/platform/DisplaySleepDisabler.cpp.
        (WebCore::SleepDisabler::create):
        (WebCore::SleepDisabler::SleepDisabler):
        (WebCore::SleepDisabler::~SleepDisabler):
        * platform/SleepDisabler.h: Renamed from Source/WebCore/platform/DisplaySleepDisabler.h.
        * platform/cocoa/SleepDisablerCocoa.cpp: Renamed from Source/WebCore/platform/cocoa/DisplaySleepDisablerCocoa.cpp.
        (WebCore::SleepDisabler::create):
        (WebCore::SleepDisablerCocoa::SleepDisablerCocoa):
        (WebCore::SleepDisablerCocoa::~SleepDisablerCocoa):
        * platform/cocoa/SleepDisablerCocoa.h: Renamed from Source/WebCore/platform/cocoa/DisplaySleepDisablerCocoa.h.
        * platform/mac/WebVideoFullscreenController.h:
        * platform/mac/WebVideoFullscreenController.mm:
        (-[WebVideoFullscreenController updatePowerAssertions]):
        * CMakeLists.txt:
        * PlatformMac.cmake:
        * WebCore.order:

2017-05-24  Per Arne Vollan  <pvollan@apple.com>

        [Win] Create unique network storage session for each DRT.
        https://bugs.webkit.org/show_bug.cgi?id=172540

        Reviewed by Brent Fulgham.

        During layout testing, each DRT instance should have its own network storage session.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::switchToNewTestingSession):

2017-05-24  Sam Weinig  <sam@webkit.org>

        [WebIDL] Overloaded functions unnecessarily duplicate argument checks
        https://bugs.webkit.org/show_bug.cgi?id=172481

        Reviewed by Chris Dumez.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GeneratePropertiesHashTable):
        Update for rename of GetConditionalForFunctionConsideringOverloads.

        (AreTypesDistinguishableForOverloadResolution):
        Remove unnecessary subroutine isDictionary that can be replaced by
        a direct call to $codeGenerator->IsDictionaryType().

        (GetConditionalForFunctionConsideringOverloads):
        Renamed from getConditionalForFunctionConsideringOverloads.

        (GenerateOverloadDispatcher):
        Renamed from GenerateOverloadedFunctionOrConstructor. Moved Constructor/Operation/LegacyCaller
        specific code out, and into parameters.

        (GenerateImplementation):
        Moved operation generation out into its own subroutine.

        (GenerateOperationDefinition): Added.
        Moved from GenerateImplementation.

        (GenerateLegacyCallerDefinitions):
        Pass function name and signature to GenerateOverloadDispatcher.

        (GenerateArgumentsCountCheck):
        Don't generate an argument check if this is an overloaded function. The argument
        checks happen in the overload dispatcher.

        (NeedsExplicitPropagateExceptionCall):
        (GenerateParametersCheck):
        (GenerateImplementationFunctionCall):
        Replace IsReturningPromise with more direct check.

        (GenerateConstructorDefinitions):
        Pass function name and signature to GenerateOverloadDispatcher.

        (getConditionalForFunctionConsideringOverloads): Renamed to GetConditionalForFunctionConsideringOverloads.
        (GenerateOverloadedFunctionOrConstructor): Renamed to GenerateOverloadDispatcher.
        (IsReturningPromise): Deleted.

        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/TestInterface.idl:
        Update test results.

2017-05-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r217319.
        https://bugs.webkit.org/show_bug.cgi?id=172538

        This patch broke iOS Simulator Debug build (Requested by fredw
        on #webkit).

        Reverted changeset:

        "CoreAudioCaptureSource is ducking system sound"
        https://bugs.webkit.org/show_bug.cgi?id=172512
        http://trac.webkit.org/changeset/217319

2017-05-24  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409

        Unreviewed.

        Remove temporary logging which prevents performance bots from reporting useful data.

        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):

2017-05-24  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Ignore collapsed tracks on content-distribution alignment
        https://bugs.webkit.org/show_bug.cgi?id=172493

        Reviewed by Manuel Rego Casasnovas.

        The CSS Box Alignment spec states that we should ignore the collapsed
        tracks when computing the Distribution Alignment space to assign to the
        different grid tracks.

        No new tests, just unskipping the web-platform-tests imported to verify this use case.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::populateGridPositionsForDirection):

2017-05-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        Respect image UTIs when writing to item providers when beginning data interaction on an image
        https://bugs.webkit.org/show_bug.cgi?id=172436
        <rdar://problem/31786569>

        Reviewed by Beth Dakin.

        Previously, when beginning writing images to the WebItemProviderPasteboard, we would create a new UIImage and
        use standard UIImage UIItemProviderWriting utilities to register the image to the pasteboard. This is lossy for
        gifs, since UIImage doesn't inherently know how to represent gifs. Instead, register the raw image data directly
        to the UTI type corresponding to the MIME type of the image, and use UIImage's item provider writing capability
        as a fallback when the raw resourceData is unavailable.

        Augments existing unit tests, and also adds a new unit test:
        DataInteractionTests.ImageDoesNotUseElementSizeAsEstimatedSize

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::writeObjectRepresentations):

2017-05-23  Eric Carlson  <eric.carlson@apple.com>

        CoreAudioCaptureSource is ducking system sound
        https://bugs.webkit.org/show_bug.cgi?id=172512

        Reviewed by Youenn Fablet.

        Manual testing.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::setupAudioUnit):
        (WebCore::CoreAudioSharedUnit::defaultOutputDevice):

2017-05-23  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [iOS] Speculative fix for a PLT regression
        <rdar://problem/32361890>

        Unreviewed.

        Make sure CGImageSourceGetTypeWithData() is called with a buffer which is
        32 bytes or more.

        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::ImageDecoder):

2017-05-22  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Support RSA-PSS
        https://bugs.webkit.org/show_bug.cgi?id=170869
        <rdar://problem/31640672>

        Reviewed by Brent Fulgham.

        This patch implements RSA-PSS according to the spec: https://www.w3.org/TR/WebCryptoAPI/#rsa-pss.
        Supported operations include sign, verify, generateKey, importKey and exportKey.

        Tests: crypto/subtle/rsa-pss-generate-export-key-jwk-sha1.html
               crypto/subtle/rsa-pss-generate-export-key-jwk-sha224.html
               crypto/subtle/rsa-pss-generate-export-key-jwk-sha256.html
               crypto/subtle/rsa-pss-generate-export-key-jwk-sha384.html
               crypto/subtle/rsa-pss-generate-export-key-jwk-sha512.html
               crypto/subtle/rsa-pss-generate-export-key-pkcs8.html
               crypto/subtle/rsa-pss-generate-export-key-spki.html
               crypto/subtle/rsa-pss-generate-key.html
               crypto/subtle/rsa-pss-import-jwk-private-key.html
               crypto/subtle/rsa-pss-import-jwk-public-key-empty-usages.html
               crypto/subtle/rsa-pss-import-jwk-public-key-sha1.html
               crypto/subtle/rsa-pss-import-jwk-public-key-sha224.html
               crypto/subtle/rsa-pss-import-jwk-public-key-sha256.html
               crypto/subtle/rsa-pss-import-jwk-public-key-sha384.html
               crypto/subtle/rsa-pss-import-jwk-public-key-sha512.html
               crypto/subtle/rsa-pss-import-key-sign-large-salt.html
               crypto/subtle/rsa-pss-import-key-sign.html
               crypto/subtle/rsa-pss-import-key-verify.html
               crypto/subtle/rsa-pss-import-pkcs8-key.html
               crypto/subtle/rsa-pss-import-spki-key-empty-usages.html
               crypto/subtle/rsa-pss-import-spki-key.html
               crypto/workers/subtle/rsa-pss-import-key-sign.html
               crypto/workers/subtle/rsa-pss-import-key-verify.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * PlatformGTK.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::normalizeCryptoAlgorithmParameters):
        * crypto/CryptoAlgorithmParameters.h:
        * crypto/algorithms/CryptoAlgorithmRSA_PSS.cpp: Added.
        (WebCore::CryptoAlgorithmRSA_PSS::create):
        (WebCore::CryptoAlgorithmRSA_PSS::identifier):
        (WebCore::CryptoAlgorithmRSA_PSS::sign):
        (WebCore::CryptoAlgorithmRSA_PSS::verify):
        (WebCore::CryptoAlgorithmRSA_PSS::generateKey):
        (WebCore::CryptoAlgorithmRSA_PSS::importKey):
        (WebCore::CryptoAlgorithmRSA_PSS::exportKey):
        * crypto/algorithms/CryptoAlgorithmRSA_PSS.h: Added.
        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
        (WebCore::cryptoDigestAlgorithm): Deleted.
        Extract function cryptoDigestAlgorithm to a separate file.
        * crypto/mac/CryptoAlgorithmRSASSA_PKCS1_v1_5Mac.cpp:
        (WebCore::cryptoDigestAlgorithm): Deleted.
        Extract function cryptoDigestAlgorithm to a separate file.
        * crypto/mac/CryptoAlgorithmRSA_PSSMac.cpp: Added.
        (WebCore::signRSA_PSS):
        (WebCore::verifyRSA_PSS):
        (WebCore::CryptoAlgorithmRSA_PSS::platformSign):
        (WebCore::CryptoAlgorithmRSA_PSS::platformVerify):
        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        * crypto/mac/CryptoDigestAlgorithm.h: Added.
        (WebCore::cryptoDigestAlgorithm):
        Have cryptoDigestAlgorithm in a separate file.
        * crypto/parameters/CryptoAlgorithmRsaPssParams.h: Added.
        * crypto/parameters/RsaPssParams.idl: Added.

2017-05-23  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Allow transition from autoplay to play when a capture stream begins.
        https://bugs.webkit.org/show_bug.cgi?id=172391
        <rdar://problem/32304934>

        Reviewed by Youenn Fablet.

        Manual testing. Regression testing to be added as a follow-up.

        * dom/Document.cpp:
        (WebCore::Document::updateIsPlayingMedia): Call mediaStreamCaptureStateChanged when capture
        state changes.
        (WebCore::Document::registerForMediaStreamStateChangeCallbacks):
        (WebCore::Document::unregisterForMediaStreamStateChangeCallbacks):
        (WebCore::Document::mediaStreamCaptureStateChanged): Call all registered elements.
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Register for capture state changes.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Unregister for capture state changes.
        (WebCore::HTMLMediaElement::mediaStreamCaptureStateChanged): Attempt autoplay as necessary.
        * html/HTMLMediaElement.h:

2017-05-15  Matt Rajca  <mrajca@apple.com>

        Replace autoplay events that fire at navigation with a DidAutoplayMediaPastThreshold event.
        https://bugs.webkit.org/show_bug.cgi?id=172138

        Reviewed by Alex Christensen.

        The current autoplay signals that are fired at navigation may not get delivered to the UIProcess if the WebPage is close()'ed around
        this time. This patch simplifies this and just notifies clients if a media element has played past a threshold.

        Updated API tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::playbackProgressTimerFired):
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
        (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
        (WebCore::HTMLMediaElement::userDidInterfereWithAutoplay):
        * page/AutoplayEvent.h:

2017-05-23  Dean Jackson  <dino@apple.com>

        checkGPUStatus needs to exercise instancing calls
        https://bugs.webkit.org/show_bug.cgi?id=172520
        <rdar://problem/23118395>

        Reviewed by Brent Fulgham.

        The checkGPUStatus method (formerly checkGPUStatusIfNecessary) was
        not being called after the drawArrays/Elements instancing calls.

        I also added a test case to exercise the recovery logic.

        Test: fast/canvas/webgl/lose-context-on-status-failure.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::setFailNextGPUStatusCheck): Force
        the next checkGPUStatus on the GC3D to fail.
        * html/canvas/WebGLRenderingContextBase.h:
        * platform/graphics/GraphicsContext3D.h: Rename a function, and make
        the number of calls we wait before checking per instance, rather than
        static (which might have meant we're only ever checking after one canvas on
        a page with multiple contexts).
        (WebCore::GraphicsContext3D::setFailNextGPUStatusCheck):
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::checkGPUStatus): Renamed.
        (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Deleted.
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::checkGPUStatus): Improve the logic.
        (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Deleted.
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::clear):
        (WebCore::GraphicsContext3D::drawArrays):
        (WebCore::GraphicsContext3D::drawElements):
        (WebCore::GraphicsContext3D::drawArraysInstanced): Add a call to checkGPUStatus.
        (WebCore::GraphicsContext3D::drawElementsInstanced): Ditto.
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        (WebCore::GraphicsContext3D::checkGPUStatus):
        (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Deleted.
        * testing/Internals.cpp: Implement the internal call to cause the next
        check to fail.
        (WebCore::Internals::failNextGPUStatusCheck):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-23  Sam Weinig  <sam@webkit.org>

        [WebIDL] Further cleanup enumeration handling
        https://bugs.webkit.org/show_bug.cgi?id=172516

        Reviewed by Chris Dumez.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GeneratePut):
        (GeneratePutByIndex):
        (GenerateDictionaryImplementationContent):
        (GenerateParametersCheck):
        (GenerateCallbackImplementationContent):
        Update now that JSValueToNative doesn't have a second return value.

        (GenerateImplementation):
        Add enumeration special casing to attribute setting code, where it is special
        cased in the standard

        (PassArgumentExpression):
        Stop special casing enumerations.
        
        (IsValidContextForJSValueToNative):
        Assert that enums are never passed to JSValueToNative in an attribute context.

        (JSValueToNative):
        Remove enumeration special case and second return value (which was always 1).

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::setJSTestObjEnumAttrFunction):
        (WebCore::setJSTestObjImplementationEnumAttrFunction):
        (WebCore::setJSTestObjAttributeWithReservedEnumTypeFunction):
        Update results.

2017-05-22  Simon Fraser  <simon.fraser@apple.com>

        Snapshotting via -renderInContext: should do synchronous image decodes
        https://bugs.webkit.org/show_bug.cgi?id=172485
        rdar://problem/32276146

        Reviewed by Tim Horton.

        When UIWebView clients snapshot the view via -renderInContext: on the UIView's layer,
        WebKit should do synchronous image decodes so that the images show in the snapshot.

        Fix by plumbing through a "snapshotting" paint behavior flag from two source locations:
        WebSimpleLayer, used by compositing layers, and LegacyTileLayer, used for the WK1 tile cache.
        On WebSimpleLayer the flag propagates through PlatformCALayer to GraphicsLayer, and on LegacyTileLayer
        it sets some state on the WAKWindow, which is detected by -[WebFrame _paintBehaviorForDestinationContext:].
        In both cases, the flag becomes PaintBehaviorSnapshotting which is passed down through painting
        in PaintInfo.paintBehavior.

        Fix code that was checking paintBehavior on the FrameView to just looking at PaintInfo.paintBehavior,
        which required passing PaintInfo along in RenderImage::paintIntoRect().

        We can't just use the PaintBehaviorFlattenCompositingLayers flag, because that triggers
        a flattening paint of compositing layers, and we don't want that behavior for -renderInContext:,
        since CoreAnimation calls -renderInContext: on each of our layers and we need to avoid double-painting.
        So PaintBehaviorSnapshotting is now added to the call sites that also set PaintBehaviorFlattenCompositingLayers
        in most cases.

        Tested by SnapshotViaRenderInContext API test.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
        * page/FrameView.cpp:
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::paintContentsForSnapshot):
        * page/PageOverlayController.cpp:
        (WebCore::PageOverlayController::paintContents):
        * page/PageOverlayController.h:
        * page/mac/ServicesOverlayController.h:
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::paintContents):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::paintGraphicsLayerContents):
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/GraphicsLayerClient.h:
        (WebCore::GraphicsLayerClient::paintContents):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        (WebCore::GraphicsLayerCA::platformCALayerPaintContents):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/PlatformCALayerClient.h:
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::platformCALayerPaintContents):
        * platform/graphics/ca/TileCoverageMap.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::platformCALayerPaintContents):
        * platform/graphics/ca/TileGrid.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (PlatformCALayer::drawLayerContents):
        * platform/graphics/mac/WebLayer.mm:
        (-[WebLayer drawInContext:]):
        (-[WebSimpleLayer renderInContext:]):
        (-[WebSimpleLayer drawInContext:]):
        * platform/ios/LegacyTileCache.h: Use initializers.
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::LegacyTileCache):
        (WebCore::LegacyTileCache::drawWindowContent):
        (WebCore::LegacyTileCache::drawLayer):
        * platform/ios/LegacyTileLayer.h:
        * platform/ios/LegacyTileLayer.mm:
        (-[LegacyTileHostLayer renderInContext:]):
        (-[LegacyTileLayer renderInContext:]):
        (-[LegacyTileLayer drawInContext:]):
        (+[LegacyTileLayer layerBeingPainted]): Deleted. There were no callers.
        * platform/ios/wak/WAKView.mm:
        (-[WAKView _drawRect:context:lockFocus:]): bool -> BOOL
        * platform/ios/wak/WAKWindow.h:
        * platform/ios/wak/WAKWindow.mm:
        (-[WAKWindow setIsInSnapshottingPaint:]):
        (-[WAKWindow isInSnapshottingPaint]):
        * rendering/PaintPhase.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintMaskImages):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintReplaced):
        (WebCore::RenderImage::paintIntoRect):
        * rendering/RenderImage.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintForegroundForFragments):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintContents):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::paintContents):
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::paintReplaced):

2017-05-23  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove dead ENABLE(FONT_LOAD_EVENTS) code
        https://bugs.webkit.org/show_bug.cgi?id=172517

        Rubber-stamped by Simon Fraser.

        No new tests because there is no behavior change.

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSAllInOne.cpp:
        * css/CSSFontFaceLoadEvent.cpp: Removed.
        * css/CSSFontFaceLoadEvent.h: Removed.
        * css/CSSFontFaceLoadEvent.idl: Removed.
        * dom/EventNames.in:
        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setFontLoadEventsEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::fontLoadEventsEnabled): Deleted.

2017-05-23  Chris Dumez  <cdumez@apple.com>

        Unreviewed, roll out r215229

        It caused CachedScripts in MemoryCache to be reused with different encodings
        even though CachedScript potentially has already decoded data or cached hash
        with a previous encoding.

        * loader/TextResourceDecoder.cpp:
        (WebCore::TextResourceDecoder::setEncoding):
        * loader/TextResourceDecoder.h:
        (WebCore::TextResourceDecoder::sawError):
        (WebCore::TextResourceDecoder::encodingSet): Deleted.
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::setEncoding):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::hasUnknownEncoding):
        (WebCore::CachedResource::setHasUnknownEncoding):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):

2017-05-23  Zalan Bujtas  <zalan@apple.com>

        ASSERTION FAILED: !renderer().view().needsLayout() while running media/video-main-content-autoplay.html
        https://bugs.webkit.org/show_bug.cgi?id=172476

        Reviewed by Simon Fraser.

        This patch decouples the layout call logic from the post layout task timer setup.
        Just because we are switching over to asynchronous performPostLayoutTasks() it should not stop us from
        running layout on a dirty tree (we could encounter a forced layout (which sets m_postLayoutTasksTimer active)
        and a subsequent tree mutation during performPostLayoutTasks()). 

        There are a few different ways to end up here:
        root layout is done -> call performPostLayoutTasks() synchronously -> 
        1. tree stays clean -> no action needed.
        2. tree gets dirty -> setup performPostLayoutTasks timer -> run nested layout -> since m_postLayoutTasksTimer is active()
        we don't try to run performPostLayoutTasks() while in the nested layout and we return with a clean tree.         

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

2017-05-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        Multiple links should be inserted separately when performing data interaction
        https://bugs.webkit.org/show_bug.cgi?id=172489
        <rdar://problem/31510832>

        Reviewed by Dan Bernstein.

        In WebContentReader, URLs are currently always inserted inline. When inserting multiple items, this causes
        adjacent links to be inserted on a single line with no break, which is undesirable. To address this, when
        appending links from additional items to the existing document fragment in WebContentReader, insert a new space
        prior to inserting the anchor element.

        New unit test: DataInteractionTests.ExternalSourceMultipleURLsToContentEditable

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::WebContentReader::addFragment):

        Tweak to add all children of the new fragment, rather than just the first child.

        (WebCore::Editor::WebContentReader::readURL):

2017-05-23  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove some unnecessary specialization for enum types
        https://bugs.webkit.org/show_bug.cgi?id=172482

        Reviewed by Chris Dumez.

        - Removes convertEnumeration template function and generated specialization.
          convert<IDLEnumeration<T>> now does the entire check, and can have specialized
          exceptions.
        - Treats enums more like all other types, removing enum specific code in the
          generator.

        Also fixes some order of exception bugs as the convertEnumeration<T> implementations
        were not correctly catching exceptions thrown in parseEnumeration<T>.

        * bindings/js/JSDOMConvertEnumeration.h:
        (WebCore::Converter<IDLEnumeration<T>>::convert):
        Remove convertEnumeration and move implementation to convert. Add ExceptionThrower
        parameter to retain argument conversion exception specialization and allow future
        specialization for other contexts.

        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::jsSubtleCryptoFunctionImportKeyPromise):
        (WebCore::jsSubtleCryptoFunctionExportKeyPromise):
        (WebCore::jsSubtleCryptoFunctionWrapKeyPromise):
        (WebCore::jsSubtleCryptoFunctionUnwrapKeyPromise):
        Switch from convertEnumeration<T> to convert<IDLEnumeration<T>>.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GetArgumentExceptionFunction):
        Add (really move from GenerateParametersCheck) enum specific argument conversion exception.

        (PassArgumentExpression):
        Allow the enum specific code for attributes to remain by explicitly checking the context.
        Attribute setters use parseEnumeration<T> explicitly, as WebIDL mandates slightly different
        behavior, specially that they don't throw.

        (GenerateEnumerationImplementationContent):
        (GenerateEnumerationHeaderContent):
        Remove convertEnumeration<T>.

        (GenerateParametersCheck):
        Remove entire branch devoted to enums. The main parameter check is now mature enough
        to handle them.

        (JSValueToNative):
        Like in PassArgumentExpression, we need to retain the specialize behavior for attributes.
        Before, JSValueToNative was only called for enums with a context of IDLAttribute or IDLDictionaryMember,
        but now that we use if IDLArguments as well, it makes more sense to make this check in terms
        of the odd man out, IDLAttribute.

        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.h:
        * bindings/scripts/test/JS/JSTestStandaloneEnumeration.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneEnumeration.h:
        Update test results.

2017-05-23  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Align respondInClosedState with spec
        https://bugs.webkit.org/show_bug.cgi?id=172288

        Reviewed by Chris Dumez.

        Two changes are implemented in this patch:
        - Change #1: An issue was reported to GH [1] while working on respondInClosedState 
        implementation. This issue has now been fixed, and this patch aligns implementation 
        with spec [2].
        - Change #2: In addition, this patch also fixes a bug that went unnoticed as code 
        is not yet reachable (usage of controller.@reader is not valid and is therefore 
        replaced by controller.@controlledReadableStream.@reader).

        [1] https://github.com/whatwg/streams/issues/686
        [2] https://streams.spec.whatwg.org/#readable-byte-stream-controller-respond-in-closed-state

        No added test as:
        - Change #1 does not change behavior;
        - Change #2 is not testable as the code is not yet reachable.

        * Modules/streams/ReadableByteStreamInternals.js:
        (readableByteStreamControllerRespondInClosedState): Aligned with spec.

2017-05-22 Emilio Cobos Álvarez  <ecobos@igalia.com>

        Add a RuntimeEnabledFeature for display: contents, defaulted to false.
        https://bugs.webkit.org/show_bug.cgi?id=171984

        Reviewed by Antti Koivisto.

        The "defaulted to false" is not only because there are spec issues,
        but because I ran the WPT suite, and there was a fair amount of
        crashes and messed render trees.

        Tests: imported/w3c/web-platform-tests/innerText/getter.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setDisplayContentsEnabled):
        (WebCore::RuntimeEnabledFeatures::displayContentsEnabled):

2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>

        Update font-style's implementation in the font selection algorithm
        https://bugs.webkit.org/show_bug.cgi?id=169453

        Reviewed by Simon Fraser.

        Previously, we were treating "font-style: oblique" exactly the same as "font-style: italic".
        These values were parsed to the same internal data type. However, variation fonts may have two
        distinct axes: 'slnt' and 'ital'. Therefore, we need to keep a bool of state which represents
        which of these two axes we should be setting when we apply font variations. We can do this by
        making the "font-style" parser a "custom" parser. The implementation of these custom functions
        will set both the italic value on the FontDescription as well as this extra bool.

        We don't, however, want to treat these values as distinct for the purposese of font selection.
        The fact that we treat oblique fonts the same as italic fonts is a feature, not a bug. Therefore,
        the font selection algorithm is not made aware of this distinction. This is why we don't want to
        package up the bool and FontSelectionValue into a class: font selection only cares about the
        FontSelectionValue, so conceptually they shouldn't be joined. (The FontSelectionValue already
        exists within a collection of all the things font selection needs to know about.)

        Now that there is this extra bit of state on the FontDescription, we can do a little better when
        computing the result of getComputedStyle(). Previously, we were always returning "italic" even
        when "oblique" was specified. Now, we can return the correct one. However, this extra bit of
        state is not kept on the CSSFontFace (because it doesn't need to be), which means we can only
        improve the computed style of an element, rather than the cssText of an @font-face rule.

        Test: fast/text/font-style-parse.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::fontStyleFromStyleValue):
        (WebCore::fontStyleFromStyle):
        (WebCore::fontShorthandValueForSelectionProperties):
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSFontFaceSet.h:
        * css/CSSProperties.json:
        * css/FontFace.cpp:
        (WebCore::FontFace::style):
        * css/FontSelectionValueInlines.h:
        (WebCore::fontStyleKeyword):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFontStyle): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialFontStyle):
        (WebCore::StyleBuilderCustom::applyInheritFontStyle):
        (WebCore::StyleBuilderCustom::applyValueFontStyle):
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionKey::makeFlagsKey):
        * platform/graphics/FontDescription.cpp:
        (WebCore::FontDescription::FontDescription):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::shouldUseItalicVariationAxis):
        (WebCore::FontDescription::setShouldUseItalicVariationAxis):
        (WebCore::FontDescription::operator==):
        (WebCore::FontCascadeDescription::initialShouldUseItalicVariationAxis):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        (WebCore::fontWithFamily):
        (WebCore::FontCache::createFontPlatformData):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):

2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>

        Support calc() in font-variation-settings and font-feature-settings
        https://bugs.webkit.org/show_bug.cgi?id=171032

        Reviewed by David Hyatt.

        Tests: css3/font-feature-settings-calc.html
               fast/text/variations/calc.html

        We can use the convenience functions in CSSPropertyParserHelpers.cpp.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontFeatureTag):
        (WebCore::consumeFontVariationTag):

2017-05-22  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, attempt to fix test runner by removing Unicode character from stderr output
        https://bugs.webkit.org/show_bug.cgi?id=168409

        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):

2017-05-22  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Avoid moving to the second frame of an animated image before the first frame has finished decoding
        https://bugs.webkit.org/show_bug.cgi?id=172461

        Reviewed by Simon Fraser.

        Sometimes the frameCount of an animated image gets changed when more data
        is received. The problem is we may start decoding the image as if it were
        a static large image and the decoding of this first frame finishes after 
        the image starts animating.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::imageFrameAvailableAtIndex):

2017-05-20  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r215686): O(n^2) algorithm in CachedRawResource::addDataBuffer
        https://bugs.webkit.org/show_bug.cgi?id=172406
        <rdar://32109532>

        Reviewed by Brady Eidson.

        CachedRawResource::calculateIncrementalDataChunk was calling SharedBuffer::data each time the data
        was appended to the SharedBuffer. This causes the data to be copied from two segments to one segment,
        which causes the O(n^2) behavior I was worried about in r215686. These append/data/append/data calls
        used to cause O(1) copies per byte which was amortized because of the exponential growth of the buffer.
        After this change, there should be 0 copies per byte here, and instead a O(log(n)) binary search in the
        call to std::upper_bound to find the next segment of data with a given starting location in the SharedBuffer.
        We need to store the additional information of the offsets of the beginnings of the segments in a
        SharedBuffer. This doesn't asymptotically increase our memory usage, but it does allow us to asymptotically
        decrease the amount of time it takes to find data at a given offset in a SharedBuffer from O(n) to O(log(n)).

        This allows us to complete http://speedtest.xfinity.com and new functionality in SharedBuffer is covered by API tests.

        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData):
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::calculateIncrementalDataChunk):
        (WebCore::CachedRawResource::addDataBuffer):
        (WebCore::CachedRawResource::finishLoading):
        * loader/cache/CachedRawResource.h:
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::combineIntoOneSegment):
        (WebCore::SharedBuffer::data):
        (WebCore::SharedBuffer::getSomeData):
        (WebCore::SharedBuffer::tryCreateArrayBuffer):
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::clear):
        (WebCore::SharedBuffer::copy):
        (WebCore::SharedBuffer::internallyConsistent):
        (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
        (WebCore::SharedBufferDataView::SharedBufferDataView):
        (WebCore::SharedBufferDataView::size):
        (WebCore::SharedBufferDataView::data):
        * platform/SharedBuffer.h:
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
        (WebCore::SharedBuffer::append):
        * platform/cocoa/SharedBufferCocoa.mm:
        (WebCore::SharedBuffer::createNSData):
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::createNSDataArray):

2017-05-22  Chris Dumez  <cdumez@apple.com>

        Resources in cached parsed stylesheets may bypass content blockers
        https://bugs.webkit.org/show_bug.cgi?id=172468
        <rdar://problem/31972693>

        Reviewed by Geoffrey Garen.

        Resources in cached parsed stylesheets could bypass content blockers when they were in the memory cache and
        they did not need revalidation.

        To address the issue, I made StyleSheetContents::subresourcesAllowReuse() to check content blockers.
        If a subresource in the cached stylesheet is blocked, then we return false in subresourcesAllowReuse() and
        the cached parsed stylesheet will not be used.

        No new tests, not currently testable.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::subresourcesAllowReuse):
        * css/StyleSheetContents.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        * loader/cache/CachedCSSStyleSheet.h:

2017-05-22  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: tokens.find(item) == notFound in WebCore::DOMTokenList::replace
        https://bugs.webkit.org/show_bug.cgi?id=172473

        Reviewed by Ryosuke Niwa.

        Fix bad assertion in DOMTokenList::replace(). If item == replacement, then the
        assertion was wrong.

        No new tests, unskipped existing test.

        * html/DOMTokenList.cpp:
        (WebCore::DOMTokenList::replace):

2017-05-22  Youenn Fablet  <youenn@apple.com>

        Remove AVAudioCaptureSource
        https://bugs.webkit.org/show_bug.cgi?id=172360

        Reviewed by Sam Weinig.

        No change of behavior, this class is no longer used by default as it does not support echo cancellation.

        * WebCore.xcodeproj/project.pbxproj:
        * page/Settings.cpp:
        (WebCore::Settings::setMediaCaptureRequiresSecureConnection):
        (WebCore::Settings::useAVFoundationAudioCapture): Deleted.
        (WebCore::Settings::setUseAVFoundationAudioCapture): Deleted.
        * page/Settings.h:
        * platform/mediastream/mac/AVAudioCaptureSource.h: Removed.
        * platform/mediastream/mac/AVAudioCaptureSource.mm: Removed.
        * platform/mediastream/mac/AVCaptureDeviceManager.h:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture): Deleted.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

2017-05-22  Brian Burg  <bburg@apple.com>

        Web Inspector: webkit reload policy should match default behavior
        https://bugs.webkit.org/show_bug.cgi?id=171385
        <rdar://problem/31871515>

        Reviewed by Joseph Pecoraro.

        Add an option to PageAgent.reload that tells the backend to use the old
        behavior that revalidates unexpired cached subresources. This used by tests.

        Covered by existing network/memory/disk cache tests.

        * inspector/InspectorPageAgent.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::reload):

2017-05-22  Yoav Weiss  <yoav@yoav.ws>

        [preload] Add media and type attribute support.
        https://bugs.webkit.org/show_bug.cgi?id=171720

        Reviewed by Youenn Fablet.

        Tests: http/wpt/preload/media-attribute.html
               http/wpt/preload/type-attribute.html
               http/tests/preload/viewport/meta-viewport-link-headers.php

        * css/MediaQueryEvaluator.cpp: Move the mediaAttributeMatches code from HTMLResourcePreloader to a central location.
        (WebCore::MediaQueryEvaluator::mediaAttributeMatches):
        * css/MediaQueryEvaluator.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Use isSupportedImageOrSVGMIMEType() instead of checking SVG MIME type specifically.
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process): Call loadLink() with the media and type attributes.
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::pumpTokenizer): Trigger Link header based preload for links that have the media attribute.
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): Avoid preloading link resources with non-matching type.
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Collect the type attribute for link resources.
        * html/parser/HTMLResourcePreloader.cpp:
        (WebCore::HTMLResourcePreloader::preload): Use MediaQueryEvaluator::mediaAttributeMatches instead of the local one.
        (WebCore::mediaAttributeMatches): Deleted.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData): Indicate that only link preloads with no media attribute should be loaded here.
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLinksFromHeader): Load only links with or without media attributes, according to mode. Also send media and
        type attributes to preloadIfNeeded().
        (WebCore::LinkLoader::isSupportedType): Check if the MIME type is supported for the CachedResource::Type.
        (WebCore::LinkLoader::preloadIfNeeded): Get the media and type attributes and only trigger a preload if media matches and type is supported.
        (WebCore::LinkLoader::loadLink): Pass along the media and type attributes.
        * loader/LinkLoader.h:
        * platform/MIMETypeRegistry.cpp:
        (WebCore::MIMETypeRegistry::isSupportedImageOrSVGMIMEType): Check if MIME type is supported for an image, or is an SVG mime type.
        (WebCore::MIMETypeRegistry::isSupportedStyleSheetMIMEType): Check if MIME type is supported for a stylesheet.
        (WebCore::MIMETypeRegistry::isSupportedFontMIMEType): Check if MIME type is supported for a font.
        (WebCore::MIMETypeRegistry::isSupportedTextTrackMIMEType): Check if MIME type is supported for a text track.
        * platform/MIMETypeRegistry.h:

2017-05-22  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [CG] Use the SPI CGImageSourceGetTypeWithData() to get the typeIdentifierHint of an image
        https://bugs.webkit.org/show_bug.cgi?id=172405

        Reviewed by Simon Fraser.

        Use CGImageSourceGetTypeWithData() to get the typeIdentifierHint which will
        be passed to CGImageSourceCreateIncremental(). If data is insufficient to
        guess typeIdentifierHint, that means the image size is still not available.
        In this case, CachedImage::addIncrementalDataBuffer() will call error()
        which will call clear() which will call Image::destroyDecodedData()
        which will delete the current ImageDecoder and creates a new one. So we
        don't need to check the return value insufficientData.

        * platform/graphics/DecodingOptions.h: Fix the header file dependencies.
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::ensureDecoderAvailable): No need for the URL parameter.
        * platform/graphics/ImageTypes.h: Move a typedef from ImageDecoderCG.h to ImageTypes.h.
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::ImageDecoder): Pass the SharedBuffer data to the constructor.
        * platform/graphics/cg/ImageDecoderCG.h:
        (WebCore::ImageDecoder::create): No need for the URL argument.
        * platform/graphics/win/ImageDecoderDirect2D.h:
        (WebCore::ImageDecoder::create): Remove the URL argument from the function signature.
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create): Remove the URL argument from the function signature.
        * platform/image-decoders/ImageDecoder.h:
        * platform/spi/cg/ImageIOSPI.h: Add the prototype of CGImageSourceGetTypeWithData().

2017-05-22  Zalan Bujtas  <zalan@apple.com>

        SameSizeAsInlineBox mismatch on ARMV7.
        https://bugs.webkit.org/show_bug.cgi?id=172459

        Reviewed by Simon Fraser.

        Due to the ARMV7/i386 padding behaviour mismatch, forcing m_bitfields to be 32bits does not always
        produce the desired padding.
        Move the bool to the end of the member list and let m_deletionSentinel (4bytes) force
        padding.

        * rendering/InlineBox.cpp:
        * rendering/InlineBox.h:

2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>

        Enable the woff2-variations @font-face format identifier
        https://bugs.webkit.org/show_bug.cgi?id=172425

        Reviewed by Andreas Kling.

        We support woff2, and woff-variations, but not woff2-variations.
        https://github.com/w3c/csswg-drafts/commit/5c914a8a0382734bd420090a89bc19b32e6c302d

        Test: fast/text/variations/font-face-format-woff2.html

        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::supportsFormat):

2017-05-22  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409

        Reviewed by Simon Fraser.

        Remove all the custom logging code we wrote to diagnose why this specific test failed and instead
        log the backtrace when the ScriptedAnimationController gets suspended, which should allow us to
        identify which test actually leads to suspension and affects this particular test.

        * Modules/modern-media-controls/controls/scheduler.js:
        (const.scheduler.new.prototype.scheduleLayout):
        (const.scheduler.new.prototype.unscheduleLayout):
        (const.scheduler.new.prototype._requestFrameIfNeeded):
        (const.scheduler.new.prototype._frameDidFire):
        (const.scheduler.new.prototype._layout):
        * dom/Document.cpp:
        (WebCore::Document::requestAnimationFrame):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):
        (WebCore::ScriptedAnimationController::resume):
        (WebCore::ScriptedAnimationController::addThrottlingReason):
        (WebCore::ScriptedAnimationController::removeThrottlingReason):
        (WebCore::ScriptedAnimationController::registerCallback):
        (WebCore::ScriptedAnimationController::cancelCallback):
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::dispatchLoggingEventIfRequired): Deleted.
        * dom/ScriptedAnimationController.h:
        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):
        * page/Settings.in:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::shouldDispatchRequestAnimationFrameEvents): Deleted.
        (WebCore::InternalSettings::setShouldDispatchRequestAnimationFrameEvents): Deleted.
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2017-05-22  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Don't unconditionally reset TextIterator::m_handledChildren for display: contents nodes.
        https://bugs.webkit.org/show_bug.cgi?id=172443

        This avoids an infinite hang when enabling display: contents in bug 171984.

        Reviewed by Antti Koivisto.

        No new tests. Relanding bug 171984 will add test coverage for this.

        * editing/TextIterator.cpp:
        (WebCore::hasDisplayContents):
        (WebCore::fullyClipsContents):
        (WebCore::TextIterator::advance):

2017-05-22  Sam Weinig  <sam@webkit.org>

        [WebIDL] Support callbacks with arbitrary return types
        https://bugs.webkit.org/show_bug.cgi?id=172407

        Reviewed by Chris Dumez.

        - Adds and adopts CallbackResult<> template class that encapsulates a return value
          and status from a javascript callback.
        - Updates NodeIterator/TreeWalker to explicitly propagate exceptions thrown from
          a JSNodeFilter, rather than relying on the JSNodeFilter to catch them (seemingly
          accidentally).

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        Update file lists.

        * Modules/geolocation/PositionCallback.h:
        * Modules/geolocation/PositionErrorCallback.h:
        * Modules/notifications/NotificationPermissionCallback.h:
        * Modules/webaudio/AudioBufferCallback.h:
        * Modules/webdatabase/DatabaseCallback.h:
        * dom/RequestAnimationFrameCallback.h:
        * dom/StringCallback.h:
        * dom/Traversal.cpp:
        * fileapi/BlobCallback.h:
        * html/VoidCallback.h:
        * page/IntersectionObserverCallback.h:
        * page/PerformanceObserverCallback.h:
        * css/MediaQueryListListener.h:
        * Modules/webdatabase/SQLStatement.h:
        * Modules/webdatabase/SQLStatementCallback.h:
        * Modules/webdatabase/SQLStatementErrorCallback.h:
        * Modules/webdatabase/SQLTransaction.cpp:
        * Modules/webdatabase/SQLTransactionCallback.h:
        * Modules/webdatabase/SQLTransactionErrorCallback.h:
        * inspector/InspectorDatabaseAgent.cpp:
        Adopt CallbackResult.

        * Modules/webdatabase/SQLStatementErrorCallback.idl:
        Remove Custom extended attribute annotation.

        * Modules/webdatabase/SQLStatement.cpp:
        (WebCore::SQLStatement::performCallback):
        Adopt CallbackResult, migrating logic from JSSQLStatementErrorCallbackCustom
        into the implementation, by way of the status enum.

        * bindings/IDLTypes.h:
        Add IDLVoid type.

        * bindings/js/JSNodeFilterCustom.cpp: Removed.
        * bindings/js/JSSQLStatementErrorCallbackCustom.cpp: Removed.
        Remove now unneeded custom bindings.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateIndexedGetter):
        (GenerateNamedGetter):
        (GenerateImplementation):
        (GenerateImplementationFunctionCall):
        Update for new NativeToJSValue arguments.

        (GenerateCallbackHeaderContent):
        (GenerateCallbackImplementationContent):
        Remove requirement of only void return types and update return type to use CallbackFunction.
        Also adds necessary conversion of return value.

        (GetBaseIDLType):
        Add void IDL type mapping.

        (IsValidContextForJSValueToNative):
        Add operation as valid context, as that is what the callback return type's context is.

        (NativeToJSValueUsingReferences):
        (NativeToJSValueUsingPointers):
        (NativeToJSValue):
        Rework NativeToJSValueUsingReferences/NativeToJSValueUsingPointers to take a global object reference
        accessor rather than a thisObject accessor, as a thisObject is not always available, and what the function
        actually wants is the global object.

        * bindings/scripts/IDLAttributes.json:
        Add new RethrowException attribute to instruct the callback function to re-throw, rather than
        just report, exceptions thrown in the callback and SkipCallbackInvokeCheck which instructs the
        callback function to not check canInvokeCallback() before calling. These will both be needed to retain
        the behavior of NodeFilter, and should be investigated further.

        * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunction.h:
        * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp: Added.
        * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.h: Added.
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp: Added.
        * bindings/scripts/test/JS/JSTestVoidCallbackFunction.h: Added.
        * bindings/scripts/test/TestCallbackFunction.idl:
        * bindings/scripts/test/TestCallbackInterface.idl:
        * bindings/scripts/test/TestVoidCallbackFunction.idl: Copied from Source/WebCore/bindings/scripts/test/TestCallbackFunction.idl.
        Update test results and add some additional test cases for callback functions and callback interface functions that return
        non-void and use the RethrowExceptions.

        * dom/CallbackResult.h: Added.
        (WebCore::CallbackResult<ReturnType>::CallbackResult):
        (WebCore::CallbackResult<ReturnType>::type):
        (WebCore::CallbackResult<void>::CallbackResult):
        (WebCore::CallbackResult<void>::type):
        New class to encapsulate the return value and status of a callback function. Modeled loosely on
        ExceptionOr, but is simpler since it does not need to handle complex exception objects.

        * dom/NativeNodeFilter.cpp:
        * dom/NativeNodeFilter.h:
        Adopt CallbackResult, matching other NodeFiltering code by using
        unsigned short rather than short, remove unused functions, and convert 
        condition member to a Ref, allowing us to get rid of the branch acceptNode.

        * dom/NodeFilter.h:
        Adopt CallbackResult.

        * dom/NodeFilter.idl:
        Replace Custom extended attribute with SkipCallbackInvokeCheck and RethrowException.

        * dom/NodeFilterCondition.cpp:
        * dom/NodeFilterCondition.h:
        Modernize to take a Node reference and match other filtering code
        by returning an unsigned short.

        * dom/Traversal.cpp:
        * dom/Traversal.h:
        Adopt CallbackResult and match other node filtering code by using unsigned short 
        rather than short.

        * dom/NodeIterator.cpp:
        * dom/NodeIterator.h:
        * dom/NodeIterator.idl:
        * dom/TreeWalker.cpp:
        * dom/TreeWalker.h:
        * dom/TreeWalker.idl:
        Change functions that callout to javascript via the NodeFilter to 
        return ExceptionOr<Node>. Check the result of CallbackResult for a
        thrown exception, and bail, returning Exception { ExistingExceptionError }
        which acts as an indicator to the bindings that an exception was thrown.
        (In actuality, the specific exception code does not matter. All that matters
        is that an ExceptionOr<> is returned, which triggers, via overload, a path
        in toJS() that calls propagateException(), which in turn, checks to see if
        an exception is on the stack. But, having an explicit code here helps debugging).

2017-05-22  Simon Fraser  <simon.fraser@apple.com>

        Support transform-box to switch sizing box in SVG
        https://bugs.webkit.org/show_bug.cgi?id=145783

        Reviewed by Dean Jackson.

        Add support for the CSS "transform-box" property, as described at
        <https://drafts.csswg.org/css-transforms/#transform-box>.
        
        This changes the behavior of percentage values in transform-origin in SVG.
        When these were added in r110532, percentage values in transform-origin were made
        relative to the bounding box, but absolute values relative to the view box.
        <https://github.com/w3c/csswg-drafts/issues/895> has concluded that this behavior
        is confusing. The new behavior is that, for SVG elements, both absolute and
        percentage values are relative to the reference box, which is specified by the
        new transform-box property.

        The initial value for transform-box is border-box, with the svg.css UA stylesheet
        supplying a default of view-box for the relevant SVG elements per
        <https://www.w3.org/TR/SVG2/styling.html#UAStyleSheet>.

        For non-SVG elements, the used value is always border-box, so there is no change
        in behavior.

        Tests: fast/css/transform-box-parsing.html
               svg/transforms/svg-transform-box.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator TransformBox):
        * css/CSSProperties.json:
        * css/CSSValueKeywords.in:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue):
        * css/svg.css:
        (*:not(svg),):
        (*): Deleted.
        (html|* > svg): Deleted.
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::computeTransformedExtentViaTransformList):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::applyTransform): The transformOriginX().isPercent() tests
        were added to support the weird "% values are relative to bounding box" in SVG. Now
        it's up to the caller to pass a non-zero origin when that matters, and
        SVGGraphicsElement::animatedLocalTransform() is the only caller that does so.
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::hasTransform):
        (WebCore::RenderStyle::transformBox):
        (WebCore::RenderStyle::setTransformBox):
        (WebCore::RenderStyle::initialTransformBox):
        * rendering/style/RenderStyleConstants.h:
        * rendering/style/StyleTransformData.cpp:
        (WebCore::StyleTransformData::StyleTransformData):
        (WebCore::StyleTransformData::operator==):
        * rendering/style/StyleTransformData.h:
        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::animatedLocalTransform): Consult the transform-box
        style to compute the reference box as the bounding box, or the view box.

2017-05-22  Chris Dumez  <cdumez@apple.com>

        Add support for [LegacyWindowAlias] IDL extended attribute
        https://bugs.webkit.org/show_bug.cgi?id=172451

        Reviewed by Sam Weinig.

        Add support for [LegacyWindowAlias] IDL extended attribute as per:
        - https://heycam.github.io/webidl/#LegacyWindowAlias

        Use it for our legacy window aliases, such as webKitURL.

        No new tests, there should be no Web-exposed behavior change.

        * bindings/scripts/IDLAttributes.json:
        * bindings/scripts/preprocess-idls.pl:
        (GenerateConstructorAttributes):
        * css/DOMMatrix.idl:
        * dom/MutationObserver.idl:
        * dom/XMLDocument.idl:
        * html/DOMURL.idl:
        * page/DOMWindow.idl:

2017-05-22  Jer Noble  <jer.noble@apple.com>

        ASSERTION FAILED: m_boundThread == currentThread() in WTF::WeakReference<WebCore::WebCoreDecompressionSession>::clear()
        https://bugs.webkit.org/show_bug.cgi?id=172457
        <rdar://problem/32329436>

        Reviewed by Eric Carlson.

        Remove vestigal WeakPtrFactory that was entirely unused.

        * platform/graphics/cocoa/WebCoreDecompressionSession.h:
        (WebCore::WebCoreDecompressionSession::createWeakPtr): Deleted.
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession):

2017-05-22  Antti Koivisto  <antti@apple.com>

        Crash in WebCore::StyleRuleKeyframes::findKeyframeIndex
        https://bugs.webkit.org/show_bug.cgi?id=170756
        <rdar://problem/31573157>

        Reviewed by Andreas Kling.

        Using a malformed key with CSSKeyframesRule.findRule crashes because
        CSSParser::parseKeyframeKeyList returns null which is then dereferenced.

        * css/CSSKeyframesRule.cpp:
        (WebCore::StyleRuleKeyframes::findKeyframeIndex): Null test.

2017-05-22  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove unused documentIsHandlingNonDefaultDrag plumbing for WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=172453

        Reviewed by Tim Horton.

        Removes unused plumbing that was originally added to support file uploads. No new tests, since there is no
        change in behavior.

        * page/DragController.h:
        (WebCore::DragController::documentIsHandlingNonDefaultDrag): Deleted.

2017-05-22  Jer Noble  <jer.noble@apple.com>

        Media element thinks its hidden when in PiP mode and tab is backgrounded.
        https://bugs.webkit.org/show_bug.cgi?id=172221

        Reviewed by Eric Carlson.

        The element should not be considered hidden when in legacy fullscreen mode or PiP mode.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::visibilityStateChanged):
        (WebCore::HTMLMediaElement::fullscreenModeChanged):

2017-05-22  Zan Dobersek  <zdobersek@igalia.com>

        NavigatorEME: null RefPtr<> dereference due to different calling conventions
        https://bugs.webkit.org/show_bug.cgi?id=172352

        Reviewed by Carlos Garcia Campos.

        * Modules/encryptedmedia/NavigatorEME.cpp:
        (WebCore::tryNextSupportedConfiguration): Avoid crashes when constructing
        the MediaKeySystemAccess::create() arguments that can occur for targets with
        calling conventions that might release the implementation RefPtr<> before it's
        dereferenced to retrieve the key system string. Simply acquire the reference
        to the key system String object before the MediaKeySystem::create() call
        expression that releases the problematic RefPtr<>.

2017-05-22  Gwang Yoon Hwang  <yoon@igalia.com>

        [CoordinatedGraphics] Clear UpdateAtlases for each tests
        https://bugs.webkit.org/show_bug.cgi?id=172119

        Reviewed by Carlos Garcia Campos.

        * loader/EmptyClients.h:
        * page/ChromeClient.h:
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState): Clears update atlases
        while resetting states of the test runner.

2017-05-22  Gwang Yoon Hwang  <yoon@igalia.com>

        [CoordinatedGraphics] BitmapTexturePool does not release textures properly
        https://bugs.webkit.org/show_bug.cgi?id=172428

        Reviewed by Žan Doberšek.

        No new tests because no behavior change.

        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::BitmapTexturePool):
        Use the RunLoopTimer instead of Timer, because BitmapTexturePool would
        run on the compositing thread in Coordinated Graphics case.
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        We should check not only the last used time but also the refcounts of the
        texture when selecting textures to remove.
        * platform/graphics/texmap/BitmapTexturePool.h:
        (WebCore::BitmapTexturePool::Entry::canBeReleased): Added.

2017-05-21  Carlos Garcia Campos  <cgarcia@igalia.com>

        [WPE] Use surfaceless context for sharing and offscreen context if available
        https://bugs.webkit.org/show_bug.cgi?id=172268

        Reviewed by Žan Doberšek.

        Like GTK+ port does, WPE should use surfaceless contexts when possible, and only create a native offscreen
        context as a fallback. We don't need to do anything special in WPE port, just to make it consistent with the
        Wayland and X11 implementations. We should also avoid including EGL.h in headers, we added
        GLContextEGLWayland.cpp and GLContextEGLX11.cpp to avoid that. PlatformDisplayWPE::EGLOffscreenTarget is quite
        simple and only used by GLContextEGLWPE, so we could move it there like we do for Wayland and X11.

        * platform/graphics/GLContext.h: Remove EGL header includes.
        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::createWindowContext): Use createWindowSurfaceWPE() in WPE.
        (WebCore::GLContextEGL::createContext): Use createWPEContext in WPE.
        (WebCore::GLContextEGL::createSharingContext): Move the WPE code below to ensure we try
        createSurfacelessContext() first.
        * platform/graphics/egl/GLContextEGL.h:
        * platform/graphics/egl/GLContextEGLWPE.cpp:
        (WebCore::GLContextEGL::GLContextEGL): Add constructor for WPE that receives a struct wpe_renderer_backend_egl_offscreen_target*
        (WebCore::GLContextEGL::createWindowSurfaceWPE): Added implementation here because eglCreateWindowSurface needs
        the platform specific EGL includes and definitions.
        (WebCore::GLContextEGL::createWPEContext): Create a GLContext using WPE backend API directly here.
        (WebCore::GLContextEGL::destroyWPETarget): Add null check.
        * platform/graphics/wpe/PlatformDisplayWPE.cpp: Remove EGLOffscreenTarget.
        * platform/graphics/wpe/PlatformDisplayWPE.h:

2017-05-21  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Remove Firefox user agent quirk for Google domains
        https://bugs.webkit.org/show_bug.cgi?id=171941

        Reviewed by Carlos Garcia Campos.

        * platform/UserAgentQuirks.cpp:
        (WebCore::UserAgentQuirks::quirksForURL):
        (WebCore::UserAgentQuirks::stringForQuirk):
        (WebCore::urlRequiresFirefoxBrowser): Deleted.
        (WebCore::UserAgentQuirks::firefoxRevisionString): Deleted.
        * platform/UserAgentQuirks.h:
        * platform/gtk/UserAgentGtk.cpp:
        (WebCore::buildUserAgentString):

2017-05-21  Antti Koivisto  <antti@apple.com>

        matchMedia('print').addListener() fires in WK1 but never in WK2 when printing (breaks printing Google maps, QuickLooks)
        https://bugs.webkit.org/show_bug.cgi?id=172361
        <rdar://problem/28777408>

        Reviewed by Sam Weinig.

        Test: fast/media/matchMedia-print.html

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

            Evaluate matchMedia queries unconditionally. No idea why it wasn't like that.

        * testing/Internals.cpp:
        (WebCore::Internals::setPrinting):

            Add testing support. The existing ways to do printing testing were unable to hit this bug as
            they had too much additional gunk.

        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-21  Zalan Bujtas  <zalan@apple.com>

        Remove redundant FrameView ref in FrameView::performPostLayoutTasks
        https://bugs.webkit.org/show_bug.cgi?id=172422

        Reviewed by Antti Koivisto.

        This was added to protect FrameView from getting destroyed in updateEmbeddedObjects(), but r169475 changed
        the embedded object update to be asynchronous.  

        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):

2017-05-20  Chris Dumez  <cdumez@apple.com>

        Drop [NoInterfaceObject] from RTCDTMFSender and RTCStatsReport
        https://bugs.webkit.org/show_bug.cgi?id=172418

        Reviewed by Youenn Fablet.

        Drop [NoInterfaceObject] from RTCDTMFSender and RTCStatsReport to match the specification:
        - https://www.w3.org/TR/webrtc/#rtcdtmfsender
        - https://www.w3.org/TR/webrtc/#rtcstatsreport-object

        Firefox exposes both RTCDTMFSender and RTCStatsReport. Chrome exposes RTCStatsReport only.
        RTCDTMFSender seems to be currently disabled at build time currently so the change to
        its interface does not currently impact Web-exposed behavior, only the change to the
        RTCStatsReport interface currently does.

        No new tests, rebaselined existing test.

        * Modules/mediastream/RTCDTMFSender.idl:
        * Modules/mediastream/RTCStatsReport.idl:
        Drop [NoInterfaceObject].

        * Modules/mediastream/RTCIceCandidateEvent.cpp: Removed.
        * Modules/mediastream/RTCIceCandidateEvent.h: Removed.
        * Modules/mediastream/RTCIceCandidateEvent.idl: Removed.
        Drop class and IDL that are no longer used. They were not even part of any project files.
        RTCIceCandidateEvent has been renamed to RTCPeerConnectionIceEvent, which we support.

2017-05-20  Chris Dumez  <cdumez@apple.com>

        Value for iterator property is wrong for maplike interfaces
        https://bugs.webkit.org/show_bug.cgi?id=172410

        Reviewed by Sam Weinig.

        Value for iterator property was wrong for maplike interfaces. The iterator property is
        supposed to have the same value as the 'entries' property but we were using the value
        of the 'values' property.

        Specification:
        - https://heycam.github.io/webidl/#es-map-entries
        - https://heycam.github.io/webidl/#es-iterator

        This impacts the iterator of the RTCStatsReport interface.

        No new tests, updated existing test.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        (WebCore::JSMapLikePrototype::finishCreation):
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        (WebCore::JSReadOnlyMapLikePrototype::finishCreation):

2017-05-20  Chris Dumez  <cdumez@apple.com>

        Drop superfluous iterator property setting in addValueIterableMethods()
        https://bugs.webkit.org/show_bug.cgi?id=172409

        Reviewed by Youenn Fablet.

        Drop superfluous iterator setting in addValueIterableMethods(). The bindings already take care of
        adding the iterator property before calling addValueIterableMethods().

        No new tests, no Web-facing behavior change.

        * bindings/js/JSDOMIterator.cpp:
        (WebCore::addValueIterableMethods):

2017-05-20  Jer Noble  <jer.noble@apple.com>

        [MSE][Mac] Support painting MSE video-element to canvas
        https://bugs.webkit.org/show_bug.cgi?id=125157
        <rdar://problem/23062016>

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-paint-to-canvas.html

        In order to have access to decoded video data for painting, decode the encoded samples manually
        instead of adding them to the AVSampleBufferDisplayLayer. To facilitate doing so, add a new
        utility class WebCoreDecompressionSession, which can decode samples and store them.

        For the purposes of this patch, to avoid double-decoding of video data and to avoid severe complication
        of our sample delivery pipeline, we will only support painting of decoded video samples when the video is
        not displayed in the DOM.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::seekToTime): Always send waitForSeekCompleted() to give private a chance to delay seek completion.
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateReenqueSamples): Added.
        * Modules/mediasource/SourceBuffer.h:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/cf/CoreMediaSoftLink.cpp: Added new soft link macros.
        * platform/cf/CoreMediaSoftLink.h: Ditto.
        * platform/cocoa/CoreVideoSoftLink.cpp: Ditto.
        * platform/cocoa/CoreVideoSoftLink.h: Ditto.
        * platform/graphics/SourceBufferPrivateClient.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sampleBufferDisplayLayer): Simple accessor.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::decompressionSession): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Update whether we should be displaying in a layer or decompression session..
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVisible): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::waitForSeekCompleted): m_seeking is now an enum.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seeking): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekCompleted): Ditto. If waiting for a video frame, delay completing seek.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::nativeImageForCurrentTime): Call updateLastImage() and return result.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastImage): Fetch the image for the current time.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint): Pass to paintCurrentFrameInCanvas.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext): Get a native image, and render it.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged): Create or destroy a layer or decompression session as appropriate.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer): Creates a layer.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer): Destroys a layer.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession): Creates a decompression session.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyDecompressionSession): Destroys a decompression session.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame): If seek completion delayed, complete now. Ditto for ready state change.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setReadyState): If waiting for a video frame, delay ready state change.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::hasVideo): Promote to a class function.
        (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideo): Return whether any of the active source buffers have video and are selected.
        (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideoChanged): Call setSourceBufferWithSelectedVideo().
        (WebCore::MediaSourcePrivateAVFObjC::setVideoLayer): Set (or clear) the layer on the selected buffer.
        (WebCore::MediaSourcePrivateAVFObjC::setDecompressionSession): Ditto for decompression session.
        (WebCore::MediaSourcePrivateAVFObjC::setSourceBufferWithSelectedVideo): Remove the layer and decompression session from the unselected

                buffer and add the decompression session or layer to the newly selected buffer.
        (WebCore::MediaSourcePrivateAVFObjCHasVideo): Deleted.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::destroyRenderers): Clear the videoLayer and decompressionSession.
        (WebCore::SourceBufferPrivateAVFObjC::hasSelectedVideo): Return whether the buffer has a selected video track.
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled): The media player now manages the video layer and decompression session lifetimes.
        (WebCore::SourceBufferPrivateAVFObjC::flush): Flush the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::enqueueSample): Enqueue to the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): As the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples): Tell the decompression session to stop requesting data, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): Request media data from the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer): Added.
        (WebCore::SourceBufferPrivateAVFObjC::setDecompressionSession): Added.
        * platform/graphics/cocoa/WebCoreDecompressionSession.h: Added.
        (WebCore::WebCoreDecompressionSession::create):
        (WebCore::WebCoreDecompressionSession::isInvalidated):
        (WebCore::WebCoreDecompressionSession::createWeakPtr):
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm: Added.
        (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession): Register for media data requests.
        (WebCore::WebCoreDecompressionSession::invalidate):  Unregister for same.
        (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaDataCallback): Pass to maybeBecomeReadyForMoreMediaData.
        (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData): Check in-flight decodes, and decoded frame counts.
        (WebCore::WebCoreDecompressionSession::enqueueSample): Pass the sample to be decoded on a background queue.
        (WebCore::WebCoreDecompressionSession::decodeSample): Decode the sample.
        (WebCore::WebCoreDecompressionSession::decompressionOutputCallback): Call handleDecompressionOutput.
        (WebCore::WebCoreDecompressionSession::handleDecompressionOutput): Pass decoded sample to be enqueued on the main thread.
        (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
        (WebCore::WebCoreDecompressionSession::enqueueDecodedSample): Enqueue the frame (if it's a displayed frame).
        (WebCore::WebCoreDecompressionSession::isReadyForMoreMediaData): Return whether we've hit our high water sample count.
        (WebCore::WebCoreDecompressionSession::requestMediaDataWhenReady):
        (WebCore::WebCoreDecompressionSession::stopRequestingMediaData): Unset the same.
        (WebCore::WebCoreDecompressionSession::notifyWhenHasAvailableVideoFrame): Set a callback to notify when a decoded frame has been enqueued.
        (WebCore::WebCoreDecompressionSession::imageForTime): Successively dequeue images until reaching one at or beyond the requested time.
        (WebCore::WebCoreDecompressionSession::flush): Synchronously empty the producer and consumer queues.
        (WebCore::WebCoreDecompressionSession::getDecodeTime): Utility method.
        (WebCore::WebCoreDecompressionSession::getPresentationTime): Ditto.
        (WebCore::WebCoreDecompressionSession::getDuration): Ditto.
        (WebCore::WebCoreDecompressionSession::compareBuffers): Ditto.
        * platform/cocoa/VideoToolboxSoftLink.cpp: Added.
        * platform/cocoa/VideoToolboxSoftLink.h: Added.

2017-05-19  Joseph Pecoraro  <pecoraro@apple.com>

        WebAVStreamDataParserListener String leak
        https://bugs.webkit.org/show_bug.cgi?id=172395

        Reviewed by Chris Dumez.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (-[WebAVStreamDataParserListener streamDataParser:didProvideMediaData:forTrackID:mediaType:flags:]):
        (-[WebAVStreamDataParserListener streamDataParser:didReachEndOfTrackWithTrackID:mediaType:]):
        Use an isolated String in a lambda used across threads.

2017-05-19  Chris Dumez  <cdumez@apple.com>

        Consider not exposing webkitURL in workers
        https://bugs.webkit.org/show_bug.cgi?id=172166

        Reviewed by Geoffrey Garen.

        Drop webkitURL alias for URL in workers, to match other browsers. The risk should
        be low given that this only impacts workers, we expose URL to workers and Blink
        does not have this alias. We still support the webkitURL alias for URL on Window.

        No new tests, rebaselined existing test.

        * workers/WorkerGlobalScope.idl:

2017-05-19  Youenn Fablet  <youenn@apple.com>

        Add RTCPeerConnection connection state change logging
        https://bugs.webkit.org/show_bug.cgi?id=172314

        Reviewed by Eric Carlson.

        No change of behavior.
        Adding some release logging of connection state changes.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::rtcIceGatheringStateToString):
        (WebCore::RTCPeerConnection::updateIceGatheringState):
        (WebCore::rtcIceConnectionStateToString):
        (WebCore::RTCPeerConnection::updateIceConnectionState):

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        webkitSupportsFullscreen and webkitSupportsPresentationMode('fullscreen') disagree.
        https://bugs.webkit.org/show_bug.cgi?id=172329
        rdar://problem/32260891

        Reviewed by Darin Adler.

        Updated tests:
        * media/media-fullscreen-inline-expected.txt:
        * media/media-fullscreen-not-in-document-expected.txt:
        * media/media-fullscreen.js:

        webkitSupportsPresentationMode('fullscreen') should delegate to webkitSupportsFullscreen.
        The additional mediaSession().fullscreenPermitted() check causes it to return false when
        not handling a user gesture, which isn't helpful to deciding to show a button in controls
        or not.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::webkitSupportsPresentationMode):

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        Prevent javascript interface from activating picture-in-picture for video elements that are showing capture camera on ios.
        https://bugs.webkit.org/show_bug.cgi?id=172328

        Reviewed by Eric Carlson.

        This change allows MediaPlayers to decide if they support pictureInPicture.
        And check this from supportsFullscreen().

        In MediaPlayerPrivateMediaStreamAVFObjC disable pip if there is a capture video track.
        Elsewhere, leave it enabled.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::supportsFullscreen): Added Check.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::supportsPictureInPicture): Added.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::supportsPictureInPicture): Added.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::supportsPictureInPicture): Added
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::supportsFullscreen): Deleted. Moved inline.

2017-05-19  Chris Dumez  <cdumez@apple.com>

        Do not fire load event for SVGElements that are detached or in frameless documents
        https://bugs.webkit.org/show_bug.cgi?id=172289
        <rdar://problem/32275689>

        Reviewed by Ryosuke Niwa.

        We should not fire load event for SVGElements that are detached or in frameless
        documents.

        Test: svg/load-event-detached.html

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::sendSVGLoadEventIfPossible):

2017-05-19  Chris Dumez  <cdumez@apple.com>

        Option() named constructor is not per spec
        https://bugs.webkit.org/show_bug.cgi?id=172185

        Reviewed by Sam Weinig.

        Align the behavior of the Option() named constructor with the HTML specification:
        - https://html.spec.whatwg.org/#dom-option

        In particular, we no longer create an empty Text child node if the input text is the empty string.
        This also aligns our behavior with Firefox.

        Test: imported/w3c/web-platform-tests/html/semantics/forms/the-option-element/option-element-constructor.html

        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::createForJSConstructor):
        * html/HTMLOptionElement.h:
        * html/HTMLOptionElement.idl:

2017-05-19  Chris Dumez  <cdumez@apple.com>

        URLSearchParams / Headers objects @@iterator is not as per Web IDL spec
        https://bugs.webkit.org/show_bug.cgi?id=172218

        Reviewed by Youenn Fablet.

        Both URLSearchParams and Headers interfaces are iterable as per their
        respective specification, and they both have a pair iterator:
        - https://url.spec.whatwg.org/#interface-urlsearchparams
        - https://fetch.spec.whatwg.org/#headers-class

        As per the WebIDL specification for 'entries'[1], "If the interface has a pair
        iterator, then the Function object is the value of the @@iterator property",
        the value of @@iterator being defined at [2]. In WebKit, we were using
        different values/functions for 'entries' and @@iterator, although those
        functions were doing the same thing (and the right thing).

        Also, as per [2], the name of the @@iterator function should be "entries",
        which I also implemented in this patch. Previously, we were using
        "[Symbol.Iterator]" as function name.

        [1] https://heycam.github.io/webidl/#es-iterable-entries
        [2] https://heycam.github.io/webidl/#es-iterator

        No new tests, rebaselined existing tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        (GenerateImplementationIterableFunctions):
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        (WebCore::JSTestIterablePrototype::finishCreation):
        (WebCore::jsTestIterablePrototypeFunctionEntriesCaller):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNodePrototype::finishCreation):
        (WebCore::jsTestNodePrototypeFunctionEntriesCaller):

2017-05-19  Zalan Bujtas  <zalan@apple.com>

        Redundant ellipsis box triggers ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent().
        https://bugs.webkit.org/show_bug.cgi?id=172309
        <rdar://problem/32262357>

        Reviewed by Simon Fraser.

        This patch stops the redundant ellipsis box trigger ASSERT_WITH_SECURITY_IMPLICATION.

        In RootInlineBox::placeEllipsis we construct an ellipsis box and append it to a static HashMap which
        keeps track of the ellipsis boxes on each line. However when the line already has an ellipsis, we
        re-use the existing one and this newly constructed (but redundant) box gets destroyed as we return from this function.
        In InlineBox's d'tor, we let the parent know that now it has a dangling child and we assert on it
        later, while accessing the children list. However this redundant ellipsis box was never added to the line,
        so the assertion hits incorrectly.

        Test: fast/inline/redundant-ellipsis-triggers-assert-incorrectly.html

        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::EllipsisBox):
        * rendering/InlineBox.cpp: This needs 32bits padding.
        (WebCore::InlineBox::invalidateParentChildList):
        * rendering/InlineBox.h:
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::placeEllipsis):

2017-05-19  Matt Rajca  <mrajca@apple.com>

        Inherit media user gestures from the top document when autoplay quirks are allowed.
        https://bugs.webkit.org/show_bug.cgi?id=172375

        Reviewed by Eric Carlson.

        Added API test.

        * dom/Document.cpp:
        (WebCore::Document::processingUserGestureForMedia):

2017-05-19  Youenn Fablet  <youenn@apple.com>

        Align MockRealtimeMediaSourceCenter with RealtimeMediaSourceCenter
        https://bugs.webkit.org/show_bug.cgi?id=172324

        Reviewed by Eric Carlson.

        No change of behavior.
        Remove most of MockRealtimeMediaSourceCenter implementation.
        Next step should be to remove it entirely and use the factory setters instead.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::RealtimeMediaSourceCenter):
        (WebCore::RealtimeMediaSourceCenter::createMediaStream):
        (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices):
        (WebCore::RealtimeMediaSourceCenter::setDeviceEnabled):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        (WebCore::RealtimeMediaSourceCenter::supportedConstraints):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::RealtimeMediaSourceCenterMac):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::MockCaptureDeviceManager::captureDevices):
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2017-05-19  Zalan Bujtas  <zalan@apple.com>

        Update SameSizeAsInlineBox with the correct InlineBoxBitfields bits.
        https://bugs.webkit.org/show_bug.cgi?id=172377

        Reviewed by Tim Horton.

        * rendering/InlineBox.cpp:

2017-05-19  Daniel Bates  <dabates@apple.com>

        Bindings: Support runtime-enabled features in specific worlds
        https://bugs.webkit.org/show_bug.cgi?id=172235

        Reviewed by Chris Dumez.

        Currently a function, attribute, or interface can be annotated with either EnabledAtRuntime
        or EnabledForWorld (not both) to expose/conceal it depending on the state of a runtime
        feature flag or the DOM world associated with the running JavaScript code, respectively.
        Even though we do not have any functions, attributes, or interfaces that are annotated
        with both EnabledAtRuntime and EnabledForWorld at the time of writing, it seems reasonable
        to support such a combination of annotations. This also has the benefit of making it
        straightforward to support the extended attribute SecureContext by generalizing the logic
        that generates the code to expose/conceal a function, attribute, or interface.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateRuntimeEnableConditionalString): Use an array to build up all the conjuncts in
        the conditional expression.
        (GenerateImplementation): Substitute GenerateRuntimeEnableConditionalString() and $runtimeEnableConditionalString
        for GetRuntimeEnableFunctionName() and $enable_function_result, respectively.
        (GetRuntimeEnableFunctionName): Deleted.

        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
         (WebCore::JSTestGlobalObject::finishCreation):
         (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabled):
         (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledCaller):
         (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabled):
         (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabledCaller):
         Update expected results.

         * bindings/scripts/test/JS/JSTestObj.cpp:
         (WebCore::JSTestObjPrototype::finishCreation):
         (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabled):
         (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledCaller):
         Ditto.

         * bindings/scripts/test/TestGlobalObject.idl: Added test cases.
         * bindings/scripts/test/TestObj.idl: Added test case.

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        Fix macos build after r217143
        https://bugs.webkit.org/show_bug.cgi?id=172380

        unreviewed.

        Remove reference to WebVideoFullscreenInterface for mac build.

        * html/HTMLMediaElement.cpp:
        * platform/mac/WebVideoFullscreenInterfaceMac.h:

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        Remove defunct WebVideoFullscreenInterface
        https://bugs.webkit.org/show_bug.cgi?id=172254

        Reviewed by Jon Lee.

        No new tests because no behavior change.

        WebVideoFullscreenInterface has long since been replaced by WebVideoFullscreenModelClient.

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        * html/HTMLVideoElement.cpp:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        * platform/cocoa/WebVideoFullscreenInterface.h: Removed.
        * platform/cocoa/WebVideoFullscreenModel.h:
        * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/mac/WebVideoFullscreenInterfaceMac.h:

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        HTMLVideoElement::webkitSupportsPresentationMode allowsPictureInPicture() check is redundant.
        https://bugs.webkit.org/show_bug.cgi?id=172330
        rdar://problem/32285443

        Reviewed by Eric Carlson.

        No new tests because no behavior change.

        This removes a redundant call to allowsPictureInPicture() to make it
        more clear that webkitSupportsPresentationMode gives the same result as 
        webkitSupportsFullscreen(pipMode)

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::webkitSupportsPresentationMode):

2017-05-19  Jeremy Jones  <jeremyj@apple.com>

        [WebRTC] Remove PiP support for video elements that are showing camera capture
        https://bugs.webkit.org/show_bug.cgi?id=172336

        Reviewed by Eric Carlson.

        No new tests because no effect on the DOM. This just changes a value sent to the platform interface layer.

        Ask video element if it supports picture-in-picture instead of asking the mediaSession directly.
        This allows the video element to give a more robust answer.

        * html/HTMLVideoElement.h:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::setUpFullscreen):

2017-05-18  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove the need for the generator to know about native type mapping
        https://bugs.webkit.org/show_bug.cgi?id=172310

        Reviewed by Darin Adler.

        Replace the use of explicit typename to native type mappings in CodeGeneratorJS.pm
        with use of IDLTypes and Converter, which already need the mapping. This allows us
        to have the information in only one spot.

        Also, callback generation to account for nullability and update the IDLs to correctly
        annotate only the types that need to be nullable. 

        * Modules/geolocation/GeoNotifier.cpp:
        * Modules/geolocation/GeoNotifier.h:
        * Modules/geolocation/Geolocation.cpp:
        * Modules/geolocation/Geolocation.h:
        * Modules/geolocation/PositionCallback.idl:
        * Modules/geolocation/PositionErrorCallback.h:
        Use references where possible in the Geolocation code. It was almost possible
        to make PositionCallback take a non-nullable position, but some odd logic in
        Geolocation::makeCachedPositionCallbacks() implies that there is a path where
        passing null is possible, though it would assert. Added FIXME's to return to
        this in a follow up.

        * Modules/webaudio/AudioBufferCallback.idl:
        Add nullable annotation and FIXME explaining that the latest spec splits the callback
        into two separate ones.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::runTransaction):
        * Modules/webdatabase/DatabaseCallback.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabase):
        * Modules/webdatabase/SQLStatement.cpp:
        (WebCore::SQLStatement::performCallback):
        * Modules/webdatabase/SQLStatementCallback.h:
        * Modules/webdatabase/SQLStatementErrorCallback.h:
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverTransactionCallback):
        (WebCore::SQLTransaction::deliverTransactionErrorCallback):
        * Modules/webdatabase/SQLTransactionCallback.h:
        * Modules/webdatabase/SQLTransactionErrorCallback.h:
        * inspector/InspectorDatabaseAgent.cpp:
        * bindings/js/JSSQLStatementErrorCallbackCustom.cpp:
        (WebCore::JSSQLStatementErrorCallback::handleEvent):
        Update to pass callback parameters as references, since they are never null.

        * bindings/IDLTypes.h:
        Add NullableParameterType to allow customization of nullable parameters (in much
        the same way we allow customization of the nullable implementation type).

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDefaultValue):
        Use Converter<>::ReturnType{ } for default values rather than ${GetNativeType..}().

        (GenerateHeader):
        Remove use of GetNativeType for toWrapped by using the impl type, since this will never
        be a complex type.

        (GenerateImplementation):
        Simplify DOMJIT UnsafeToNative by merging two identical paths and using auto.

        (GenerateParametersCheck):
        Rework parameter checks to use more specific variable names, make branches more clear,
        and use Converter<>::ReturnType rather than GetNativeType.

        (GenerateCallbackHeaderContent):
        (GenerateCallbackImplementationContent):
        Switch to using typename ${IDLType}::ParameterType as the parameters for callback functions. Also
        add final and override to make sure the generated function matches the user provided base class.
        (GetNativeType): Deleted.
        (GetNativeInnerType): Deleted.
        (GetNativeTypeForCallbacks): Deleted.
        Remove native type mappings.

        * css/MediaQueryListListener.h:
        * css/MediaQueryListListener.idl:
        * css/MediaQueryMatcher.cpp:
        Update MediaQueryListListener to take a non-nullable MediaQueryList.
        
        * dom/NativeNodeFilter.cpp:
        * dom/NativeNodeFilter.h:
        * dom/NodeFilter.h:
        * dom/NodeFilter.idl:
        * dom/NodeIterator.cpp:
        * dom/Traversal.cpp:
        * dom/Traversal.h:
        * dom/TreeWalker.cpp:
        * bindings/js/JSNodeFilterCustom.cpp:
        Update acceptNode to be non-nullable and pass the Node by reference.

        * dom/StringCallback.cpp:
        * dom/StringCallback.h:
        Pass the ScriptExecutionContext by reference.

        * page/IntersectionObserverCallback.h:
        Update to match new parameter types and pass IntersectionObserver by reference.

        * page/PerformanceObserver.cpp:
        * page/PerformanceObserverCallback.h:
        Update to pass PerformanceObserverEntryList and PerformanceObserver by reference.

        * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunction.h:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update test results.

        * bindings/scripts/test/TestCallbackInterface.idl:
        Update test to refer to actual interfaces as we now do lookup on these parameter 
        types rather than blindly assuming they are interfaces.

2017-05-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r217098, r217111, r217113, and
        r217114.
        https://bugs.webkit.org/show_bug.cgi?id=172367

        These changes broke the Windows build and introduced
        LayoutTest failures (Requested by ryanhaddad on #webkit).

        Reverted changesets:

        "[MSE][Mac] Support painting MSE video-element to canvas"
        https://bugs.webkit.org/show_bug.cgi?id=125157
        http://trac.webkit.org/changeset/217098

        "[MSE][Mac] Support painting MSE video-element to canvas"
        https://bugs.webkit.org/show_bug.cgi?id=125157
        http://trac.webkit.org/changeset/217111

        "Unreviewed build fix; add undefined functions and constants
        to the CoreMediaSoftLink.h, and use the"
        http://trac.webkit.org/changeset/217113

        "[MSE][Mac] Support painting MSE video-element to canvas"
        https://bugs.webkit.org/show_bug.cgi?id=125157
        http://trac.webkit.org/changeset/217114

2017-05-19  Andy Estes  <aestes@apple.com>

        REGRESSION (r217078): window.ApplePaySession is undefined on macOS Sierra
        https://bugs.webkit.org/show_bug.cgi?id=172344

        Reviewed by Tim Horton.

        r213673 mistakenly changed the ApplePaySession interface from being conditional on
        APPLE_PAY to being conditional on APPLE_PAY_DELEGATE, so when r217078 disabled
        APPLE_PAY_DELEGATE on Sierra and earlier it disabled ApplePaySession.

        Fix this by reverting ApplePaySession to being conditional on APPLE_PAY.

        Fixes http/tests/ssl/applepay/ApplePaySession.html

        * Modules/applepay/ApplePaySession.idl:

2017-05-19  Chris Dumez  <cdumez@apple.com>

        CSSOM insertRule() index argument is optional with default 0
        https://bugs.webkit.org/show_bug.cgi?id=172219

        Reviewed by Sam Weinig.

        Index parameter to CSSSupportsRule.insertRule() and CSSStyleSheet.insertRule() should
        be optional with a default value of 0, as per the latest specification:
        - https://github.com/w3c/csswg-drafts/commit/7949d41a2d86107f8ad4624c055b4b0c9c28ad0d
        - https://www.w3.org/Bugs/Public/show_bug.cgi?id=27384

        Tests: imported/w3c/web-platform-tests/cssom/insertRule-charset-no-index.html
               imported/w3c/web-platform-tests/cssom/insertRule-import-no-index.html
               imported/w3c/web-platform-tests/cssom/insertRule-namespace-no-index.html
               imported/w3c/web-platform-tests/cssom/insertRule-no-index.html

        * css/CSSStyleSheet.cpp:
        * css/CSSStyleSheet.h:
        * css/CSSStyleSheet.idl:
        * css/CSSSupportsRule.idl:

2017-05-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Threaded Compositor] Remove platform ifdefs from threaded compositor implementation
        https://bugs.webkit.org/show_bug.cgi?id=172265

        Reviewed by Žan Doberšek.

        Remove PlatformDisplayWPE::EGLTarget.

        * platform/graphics/wpe/PlatformDisplayWPE.cpp:
        * platform/graphics/wpe/PlatformDisplayWPE.h:

2017-05-19  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix; add undefined functions and constants to the CoreMediaSoftLink.h, and use the
        correct (and previously soft-linked) method in WebCoreDecompressionSession.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
        (WebCore::WebCoreDecompressionSession::imageForTime):

2017-05-19  Yusuke Suzuki  <utatane.tea@gmail.com>

        [JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass
        https://bugs.webkit.org/show_bug.cgi?id=172098

        Reviewed by Saam Barati.

        Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpointFor${className}
        function for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMGlobalObject.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        * bindings/js/JSDOMWindowProperties.cpp:
        * bindings/js/JSDOMWindowShell.cpp:
        * bindings/js/JSReadableStreamPrivateConstructors.cpp:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        (GenerateImplementationIterableFunctions):
        (GenerateConstructorHelperMethods):
        * bindings/scripts/IDLAttributes.json:
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bridge/c/CRuntimeObject.cpp:
        * bridge/c/c_instance.cpp:
        * bridge/objc/ObjCRuntimeObject.mm:
        * bridge/objc/objc_instance.mm:
        * bridge/objc/objc_runtime.mm:
        * bridge/runtime_array.cpp:
        * bridge/runtime_method.cpp:
        * bridge/runtime_object.cpp:
        * dom/Document.idl:
        * dom/DocumentFragment.idl:
        * dom/Element.idl:
        * dom/Event.idl:
        * dom/Node.idl:
        * domjit/JSDocumentDOMJIT.cpp:
        (WebCore::checkSubClassPatchpointForJSDocument):
        (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted.
        (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted.
        * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp.
        (WebCore::checkSubClassPatchpointForJSDocumentFragment):
        * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
        (WebCore::checkSubClassPatchpointForJSElement):
        * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
        (WebCore::checkSubClassPatchpointForJSEvent):
        * domjit/JSNodeDOMJIT.cpp:
        (WebCore::checkSubClassPatchpointForJSNode):
        (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted.
        (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted.
        (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted.
        (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted.
        (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted.
        (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted.
        (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.

2017-05-18  Jer Noble  <jer.noble@apple.com>

        [MSE][Mac] Support painting MSE video-element to canvas
        https://bugs.webkit.org/show_bug.cgi?id=125157
        <rdar://problem/23062016>

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-paint-to-canvas.html

        In order to have access to decoded video data for painting, decode the encoded samples manually
        instead of adding them to the AVSampleBufferDisplayLayer. To facilitate doing so, add a new
        utility class WebCoreDecompressionSession, which can decode samples and store them.

        For the purposes of this patch, to avoid double-decoding of video data and to avoid severe complication
        of our sample delivery pipeline, we will only support painting of decoded video samples when the video is
        not displayed in the DOM.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::seekToTime): Always send waitForSeekCompleted() to give private a chance to delay seek completion.
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateReenqueSamples): Added.
        * Modules/mediasource/SourceBuffer.h:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/cf/CoreMediaSoftLink.cpp: Added new soft link macros.
        * platform/cf/CoreMediaSoftLink.h: Ditto.
        * platform/cocoa/CoreVideoSoftLink.cpp: Ditto.
        * platform/cocoa/CoreVideoSoftLink.h: Ditto.
        * platform/graphics/SourceBufferPrivateClient.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sampleBufferDisplayLayer): Simple accessor.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::decompressionSession): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Update whether we should be displaying in a layer or decompression session..
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVisible): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::waitForSeekCompleted): m_seeking is now an enum.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seeking): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekCompleted): Ditto. If waiting for a video frame, delay completing seek.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::nativeImageForCurrentTime): Call updateLastImage() and return result.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastImage): Fetch the image for the current time.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint): Pass to paintCurrentFrameInCanvas.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext): Get a native image, and render it.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged): Create or destroy a layer or decompression session as appropriate.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer): Creates a layer.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer): Destroys a layer.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession): Creates a decompression session.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyDecompressionSession): Destroys a decompression session.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame): If seek completion delayed, complete now. Ditto for ready state change.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setReadyState): If waiting for a video frame, delay ready state change.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::hasVideo): Promote to a class function.
        (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideo): Return whether any of the active source buffers have video and are selected.
        (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideoChanged): Call setSourceBufferWithSelectedVideo().
        (WebCore::MediaSourcePrivateAVFObjC::setVideoLayer): Set (or clear) the layer on the selected buffer.
        (WebCore::MediaSourcePrivateAVFObjC::setDecompressionSession): Ditto for decompression session.
        (WebCore::MediaSourcePrivateAVFObjC::setSourceBufferWithSelectedVideo): Remove the layer and decompression session from the unselected

                buffer and add the decompression session or layer to the newly selected buffer.
        (WebCore::MediaSourcePrivateAVFObjCHasVideo): Deleted.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::destroyRenderers): Clear the videoLayer and decompressionSession.
        (WebCore::SourceBufferPrivateAVFObjC::hasSelectedVideo): Return whether the buffer has a selected video track.
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled): The media player now manages the video layer and decompression session lifetimes.
        (WebCore::SourceBufferPrivateAVFObjC::flush): Flush the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::enqueueSample): Enqueue to the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): As the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples): Tell the decompression session to stop requesting data, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): Request media data from the decompression session, if it exists.
        (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer): Added.
        (WebCore::SourceBufferPrivateAVFObjC::setDecompressionSession): Added.
        * platform/graphics/cocoa/WebCoreDecompressionSession.h: Added.
        (WebCore::WebCoreDecompressionSession::create):
        (WebCore::WebCoreDecompressionSession::isInvalidated):
        (WebCore::WebCoreDecompressionSession::createWeakPtr):
        * platform/graphics/cocoa/WebCoreDecompressionSession.mm: Added.
        (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession): Register for media data requests.
        (WebCore::WebCoreDecompressionSession::invalidate):  Unregister for same.
        (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaDataCallback): Pass to maybeBecomeReadyForMoreMediaData.
        (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData): Check in-flight decodes, and decoded frame counts.
        (WebCore::WebCoreDecompressionSession::enqueueSample): Pass the sample to be decoded on a background queue.
        (WebCore::WebCoreDecompressionSession::decodeSample): Decode the sample.
        (WebCore::WebCoreDecompressionSession::decompressionOutputCallback): Call handleDecompressionOutput.
        (WebCore::WebCoreDecompressionSession::handleDecompressionOutput): Pass decoded sample to be enqueued on the main thread.
        (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
        (WebCore::WebCoreDecompressionSession::enqueueDecodedSample): Enqueue the frame (if it's a displayed frame).
        (WebCore::WebCoreDecompressionSession::isReadyForMoreMediaData): Return whether we've hit our high water sample count.
        (WebCore::WebCoreDecompressionSession::requestMediaDataWhenReady):
        (WebCore::WebCoreDecompressionSession::stopRequestingMediaData): Unset the same.
        (WebCore::WebCoreDecompressionSession::notifyWhenHasAvailableVideoFrame): Set a callback to notify when a decoded frame has been enqueued.
        (WebCore::WebCoreDecompressionSession::imageForTime): Successively dequeue images until reaching one at or beyond the requested time.
        (WebCore::WebCoreDecompressionSession::flush): Synchronously empty the producer and consumer queues.
        (WebCore::WebCoreDecompressionSession::getDecodeTime): Utility method.
        (WebCore::WebCoreDecompressionSession::getPresentationTime): Ditto.
        (WebCore::WebCoreDecompressionSession::getDuration): Ditto.
        (WebCore::WebCoreDecompressionSession::compareBuffers): Ditto.
        * platform/cocoa/VideoToolboxSoftLink.cpp: Added.
        * platform/cocoa/VideoToolboxSoftLink.h: Added.

2017-05-18  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [REGRESSION](r216901): Delete ImageDecoder if BitmapImage::destroyDecodedData() was called to destroy all the decoded frames
        https://bugs.webkit.org/show_bug.cgi?id=172325

        Reviewed by Simon Fraser.

        When calling BitmapImage::destroyDecodedData() with destroyAll = true, the
        current ImageDecoder has to be deleted regardless the current frame needs
        to be cached or not. This is true except when the image is animating.
        Creating a new ImageDecoder for the animated image will lead to decoding
        all the frames from frame-zero till the current frame.

        Deleting the current ImageDecoder has the benefit of releasing its raster
        data. We also must delete the current ImageDecoder when the CachedImage
        switched its data SharedBuffer.

        The fix is return the condition in BitmapImage::destroyDecodedData() to 
        be as it was before r216901.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedData):

2017-05-18  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r217079.

        This change broke internal builds.

        Reverted changeset:

        "Redundant ellipsis box triggers
        ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent()."
        https://bugs.webkit.org/show_bug.cgi?id=172309
        http://trac.webkit.org/changeset/217079

2017-05-18  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Release InjectedScripts when frontends close
        https://bugs.webkit.org/show_bug.cgi?id=172313

        Reviewed by Andreas Kling.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::disconnectFrontend):
        Release inspector resources together, including discarding injected
        scripts so that they may be collected.

        (WebCore::InspectorController::inspectedPageDestroyed):
        (WebCore::InspectorController::disconnectAllFrontends):
        Move the disconnect call inside of disconnectAllFrontends to establish
        a pattern of releasing web inspector resources together.

2017-05-18  Simon Fraser  <simon.fraser@apple.com>

        Add a newline after the URL in showLayerTree output.

        Reviewed by Zalan Bujtas.

        * rendering/RenderLayer.cpp:
        (WebCore::showLayerTree):

2017-05-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        Attachment drag preview should not have the attachment outline
        https://bugs.webkit.org/show_bug.cgi?id=172327
        <rdar://problem/32282831>

        Reviewed by Tim Horton.

        When creating a drag image for an attachment element, don't include borders around the attachment.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        * rendering/RenderAttachment.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::paintAttachment):

2017-05-18  Youenn Fablet  <youenn@apple.com>

        Make WebRTC logging happen in Release
        https://bugs.webkit.org/show_bug.cgi?id=172307

        Reviewed by Eric Carlson.

        No change of behavior.
        Move from LOG(WebRTC...) to RELEASE_LOG(WebRTC...).

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::PeerConnectionBackend::createOfferFailed):
        (WebCore::PeerConnectionBackend::createAnswerSucceeded):
        (WebCore::PeerConnectionBackend::createAnswerFailed):
        (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
        (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
        (WebCore::PeerConnectionBackend::addIceCandidateFailed):
        (WebCore::PeerConnectionBackend::newICECandidate):
        (WebCore::PeerConnectionBackend::doneGatheringCandidates):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::queuedCreateOffer):
        (WebCore::RTCPeerConnection::queuedCreateAnswer):
        (WebCore::RTCPeerConnection::queuedSetLocalDescription):
        (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):

2017-05-18  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] do not cache gUM permissions
        https://bugs.webkit.org/show_bug.cgi?id=172245

        Reviewed by Youenn Fablet.

        No new tests, updated fast/mediastream/MediaDevices-getUserMedia.html.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Add salt parameter.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

2017-05-18  Zalan Bujtas  <zalan@apple.com>

        Redundant ellipsis box triggers ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent().
        https://bugs.webkit.org/show_bug.cgi?id=172309
        <rdar://problem/32262357>

        Reviewed by Simon Fraser.

        This patch stops the redundant ellipsis box trigger ASSERT_WITH_SECURITY_IMPLICATION.

        In RootInlineBox::placeEllipsis we construct an ellipsis box and append it to a static HashMap which
        keeps track of the ellipsis boxes on each line. However when the line already has an ellipsis, we
        re-use the existing one and this newly constructed (but redundant) box gets destroyed as we return from this function.
        In InlineBox's d'tor, we let the parent know that now it has a dangling child and we assert on it
        later, while accessing the children list. However this redundant ellipsis box was never added to the line,
        so the assertion hits incorrectly.

        Test: fast/inline/redundant-ellipsis-triggers-assert-incorrectly.html

        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::EllipsisBox):
        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::invalidateParentChildList):
        * rendering/InlineBox.h:
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::placeEllipsis): Use the newly created ellipsis box instead.

2017-05-18  Andy Estes  <aestes@apple.com>

        ENABLE(APPLE_PAY_DELEGATE) should be NO on macOS Sierra and earlier
        https://bugs.webkit.org/show_bug.cgi?id=172305

        Reviewed by Anders Carlsson.

        * Configurations/FeatureDefines.xcconfig:

2017-05-18  Dean Jackson  <dino@apple.com>

        Transform misplaces element 50% of the time
        https://bugs.webkit.org/show_bug.cgi?id=172300

        Reviewed by Simon Fraser.

        A hardware-accelerated animation of the transform property
        requires layout to happen if it contains a translate operation
        using percentages, otherwise it may create an incorrect
        animation. The "50% of the time" comes in to play because
        the layout timer may sometimes fire before the animation
        timer. The test case contains a example that is much more
        likely to fail without this fix.

        Test: animations/needs-layout.html

        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::animationTimerFired): If
        we've been told that we need a layout, and we have one pending, then
        force it before doing the rest of the animation logic.
        (WebCore::CSSAnimationController::updateAnimations): Check if the
        CompositeAnimation depends on layout, and tell the private controller
        that it should check for the necessity of a layout as the animation
        timer fires.

        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::animate): Ask the keyframes if this
        animation depends on layout.

        * page/animation/CompositeAnimation.h:
        (WebCore::CompositeAnimation::hasAnimationThatDependsOnLayout):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::KeyframeAnimation):
        (WebCore::KeyframeAnimation::computeLayoutDependency): Look at all
        the keyframe properties for something that is a translation using
        percentages.

        * page/animation/KeyframeAnimation.h:

2017-05-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        Selection around attachment elements should not persist when beginning a drag
        https://bugs.webkit.org/show_bug.cgi?id=172319
        <rdar://problem/32283008>

        Reviewed by Tim Horton.

        When beginning to drag an attachment element, save and restore the visible selection when calling out to the
        injected bundle for additional data, and when creating the drag image.

        Augmented an existing API test: DataInteractionTests.AttachmentElementItemProviders.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

2017-05-18  Daniel Bates  <dabates@apple.com>

        Cleanup: Remove unused functions from RuntimeEnabledFeatures
        https://bugs.webkit.org/show_bug.cgi?id=172315

        Reviewed by Jer Noble.

        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::htmlMediaElementEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::htmlVideoElementEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::htmlSourceElementEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::mediaControllerEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::mediaErrorEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::timeRangesEnabled): Deleted.
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setDOMIteratorEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::domIteratorEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::setGeolocationEnabled): Deleted.
        (WebCore::RuntimeEnabledFeatures::geolocationEnabled): Deleted.

2017-05-18  Daniel Bates  <dabates@apple.com>

        Improve error message for Access-Control-Allow-Origin violation due to misconfigured server
        https://bugs.webkit.org/show_bug.cgi?id=162819
        <rdar://problem/28575938>

        Reviewed by Joseph Pecoraro.

        Inspired by Blink change:
        <https://src.chromium.org/viewvc/blink?view=revision&revision=163406>

        At most one Access-Control-Allow-Origin header may be in an HTTP response. Improve the
        error message emitted on a CORS failure when Access-Control-Allow-Origin contains more
        than one origin, indicated by the presence of a ',', as a way to help web developers/server
        administrators differentiate between a misconfigured Access-Control-Allow-Origin header
        and a misconfigured server.

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::passesAccessControlCheck): Defined a local variable to hold the value of securityOrigin.toString()
        and referenced this variable throughout the code to avoid computing the stringified security
        origin more than once. Switched to using makeString() to concatenate error message when the
        origin of the page does not match the value of the Access-Control-Allow-Origin header.

2017-05-18  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Grandfather domains for existing data records
        https://bugs.webkit.org/show_bug.cgi?id=172155
        <rdar://problem/24913532>

        Reviewed by Alex Christensen.

        Test: http/tests/loading/resourceLoadStatistics/grandfathering.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setGrandfathered):
        (WebCore::ResourceLoadObserver::isGrandfathered):
        (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
        (WebCore::ResourceLoadObserver::setGrandfatheringTime):
            Functions for testing and configuration.
            ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval() changed as a result of moving
            WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
            Now contains endOfGrandfatheringTimestamp.
        (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
            Now makes a call to m_grandfatherExistingWebsiteDataHandler().
        (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback):
        (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
            Changed as a result of moving
            WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
        (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
        (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
            Renamed since it now also takes grandfathering into account.
        (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
            Fixed typo in local variable name.
        (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
        (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::prevalentResourceDomainsWithoutUserInteraction): Deleted.
            Replaced by ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor().
        * loader/ResourceLoadStatisticsStore.h:

2017-05-18  Daniel Bates  <dabates@apple.com>

        Bindings: Require value for extended attributes EnabledAtRuntime and EnabledForWorld
        https://bugs.webkit.org/show_bug.cgi?id=172252

        Reviewed by Sam Weinig.

        According to Sam Weinig it is an anti-feature that EnabledAtRuntime can be specified
        without a value. We should make it require a value for the name of the RuntimeEnabledFeatures
        function to use in the generated code. For similar reasons we should also require
        a value for the extended attribute EnabledForWorld.

        * Modules/websockets/WebSocket.idl: Substitute EnabledAtRuntime=WebSocket for EnabledAtRuntime.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GetRuntimeEnableFunctionName):
        * html/HTMLAudioElement.idl: Substitute EnabledAtRuntime=Audio for EnabledAtRuntime.
        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::audioEnabled):
        (WebCore::RuntimeEnabledFeatures::htmlAudioElementEnabled): Deleted. This function duplicated
        the functionality of RuntimeEnabledFeatures::audioEnabled(). Instead we explicitly
        write EnabledAtRuntime=Audio in HTMLAudioElement.idl to use RuntimeEnabledFeatures::audioEnabled()
        to determine whether to expose/conceal the HTMLAudioElement global constructor at runtime.
        * page/RuntimeEnabledFeatures.h:

2017-05-18  Jer Noble  <jer.noble@apple.com>

        Allow nested timers to propagate user gestures so long as the total nested interval is less than 1s.
        https://bugs.webkit.org/show_bug.cgi?id=172173

        Reviewed by Andy Estes.

        Test: media/restricted-audio-playback-with-multiple-settimeouts.html

        Store the current nested timer interval in DOMTimerFireState, and use that value to propagate the
        nested interval through multiple invocations of setTimeout().

        Drive-by fix: instead of manually resetting the nesting level in DOMTimer::fired(), add the
        nesting level to the DOMTimerFireState, and reset the nesting level on the state's destruction.
        This fixes one place in DOMTimer::fire() where an early return lead to the timer's nesting level
        not being reset.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::DOMTimerFireState):
        (WebCore::DOMTimerFireState::~DOMTimerFireState):
        (WebCore::DOMTimerFireState::nestedTimerInterval):
        (WebCore::shouldForwardUserGesture):
        (WebCore::userGestureTokenToForward):
        (WebCore::currentNestedTimerInterval):
        (WebCore::DOMTimer::DOMTimer):
        (WebCore::DOMTimer::fired):
        * page/DOMTimer.h:

2017-05-18  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingAudioSource should use the source sample rate
        https://bugs.webkit.org/show_bug.cgi?id=172297

        Reviewed by Eric Carlson.

        Covered by manual tests.

        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable): Using the audio source sample rate so that the converter does the right conversion.

2017-05-18  Andy Estes  <aestes@apple.com>

        Add "countryCode" to ApplePayErrorContactField
        https://bugs.webkit.org/show_bug.cgi?id=172264
        <rdar://problem/32004909>

        Reviewed by Anders Carlsson.

        Added ApplePayError tests to http/tests/ssl/applepay/ApplePaySession.html

        * Modules/applepay/ApplePayError.idl:
        * Modules/applepay/PaymentRequest.h:

2017-05-18  Daniel Bates  <dabates@apple.com>

        Cleanup: Remove unnecessary call to AddToImplIncludes("RuntimeEnabledFeatures.h") in GenerateImplementation()
        https://bugs.webkit.org/show_bug.cgi?id=172236

        Reviewed by Chris Dumez.

        It is unnecessary for GenerateImplementation() to explicitly call AddToImplIncludes("RuntimeEnabledFeatures.h")
        to add the header RuntimeEnabledFeatures.h to the list of headers in the generated implementation
        as this header is added when GetRuntimeEnableFunctionName() is called. And GenerateImplementation()
        calls GetRuntimeEnableFunctionName().

        No functionality changed. So, no new tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):

2017-05-18  Daniel Bates  <dabates@apple.com>

        REGRESSION (r209608): Cross-origin plugin document opened in child window blocked by parent
        window CSP when object-src 'none' is set
        https://bugs.webkit.org/show_bug.cgi?id=172038
        <rdar://problem/32258262>

        Reviewed by Andy Estes.

        Fixes an issue where a cross-origin plugin document opened in a child window would inherit
        the Content Security Policy (CSP) of its opener. In particular, a cross-origin plugin
        document opened in a child window would be blocked when the CSP of its opener disallows
        plugins (e.g. object-source 'none').

        Prior to r209608 a document opened in a child window never inherited the CSP from its opener
        and a plugin document loaded in a subframe would unconditionally inherit the CSP from its
        parent frame. So, a plugin document opened in a child window would be allowed to load
        regardless of whether its opener had a CSP that prevented plugins. Following r209608 a
        document opened in a child window would inherit its CSP from its opener if and only if it
        would inherit the security origin from its opener (e.g. about:blank) or was a plugin
        document. The latter condition makes plugin documents opened in a child window unconditionally
        inherit the CSP from their opener and is the cause of this bug. It seems reasonable to exempt
        cross-origin plugin documents opened in a child window from the CSP inheritance rule because
        such documents cannot compromise the origin of their opener. Same-origin plugin documents
        opened in a child window will continue to inherit the CSP from their opener because such
        documents can compromise the origin of their opener.

        Tests: http/tests/security/contentSecurityPolicy/cross-origin-plugin-document-allowed-in-child-window.html
               http/tests/security/contentSecurityPolicy/plugin-blocked-in-about-blank-window.html
               http/tests/security/contentSecurityPolicy/same-origin-plugin-document-blocked-in-child-window.html

        * dom/Document.cpp:
        (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner): Added.
        (WebCore::Document::initContentSecurityPolicy):
        * dom/Document.h:

2017-05-18  Keith Miller  <keith_miller@apple.com>

        WebAssembly API: test with neutered inputs
        https://bugs.webkit.org/show_bug.cgi?id=163899

        Reviewed by JF Bastien.

        Make it not possible to transfer an ArrayBuffer that is backed by a
        wasm memory.

        Test: workers/wasm-mem-post-message.html

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):

2017-05-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r217031, r217032, and r217037.
        https://bugs.webkit.org/show_bug.cgi?id=172293

        cause linking errors in Windows (Requested by yusukesuzuki on
        #webkit).

        Reverted changesets:

        "[JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass"
        https://bugs.webkit.org/show_bug.cgi?id=172098
        http://trac.webkit.org/changeset/217031

        "Unreviewed, rebaseline for newly added ClassInfo"
        https://bugs.webkit.org/show_bug.cgi?id=172098
        http://trac.webkit.org/changeset/217032

        "Unreviewed, fix debug and non-JIT build"
        https://bugs.webkit.org/show_bug.cgi?id=172098
        http://trac.webkit.org/changeset/217037

2017-05-18  Per Arne Vollan  <pvollan@apple.com>

        Protect MediaDeviceRequest instance during context destruction.
        https://bugs.webkit.org/show_bug.cgi?id=172285
        <rdar://problem/30369017>

        Reviewed by Brent Fulgham.

        In MediaDevicesRequest::contextDestroyed(), the call to m_enumerationRequest->cancel() might
        end up deleting itself (MediaDevicesRequest). The std::function member m_completionHandler
        in MediaDevicesEnumerationRequest contains a captured variable of type
        RefPtr<MediaDevicesRequest>. When m_completionHandler is set to null in the cancel() method,
        the MediaDevicesRequest object will be deleted if the m_completionHandler member is holding
        the last reference.

        No new tests, since I am unable to reproduce.

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::contextDestroyed):

2017-05-18  Antti Koivisto  <antti@apple.com>

        Design mode should not affect UA shadow trees
        https://bugs.webkit.org/show_bug.cgi?id=171854
        <rdar://problem/32071037>

        Reviewed by Zalan Bujtas.

        Test: editing/deleting/search-shadow-tree-delete.html

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::editabilityFromContentEditableAttr):

            Ignore design mode for UA shadow trees.

        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::~SearchInputType):
        (WebCore::SearchInputType::createShadowSubtree):
        (WebCore::SearchInputType::resultsButtonElement):
        (WebCore::SearchInputType::cancelButtonElement):
        * html/SearchInputType.h:

            Use RefPtr.

2017-05-18  Vanessa Chipirrás Navalón  <vchipirras@igalia.com>

        [GTK][GStreamer][MSE] Crash on youtube when MSE is enabled but gstreamer cant find the decoder element.
        https://bugs.webkit.org/show_bug.cgi?id=167120

        Reviewed by Žan Doberšek.

        This is because supportCodecs() doesn't check in runtime which plugins the player has.
        So, a static function which returns a map with the plugins has been created. That map is later
        used in the supportsCodecs() method to check if the requested codec matches any of the map.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements):
        The declaration is moved into this class.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::isAvailable): This function calls the implementation of
        initializeGstreamerAndRegisterWebKitElements function.
        (WebCore::MediaPlayerPrivateGStreamer::load): Ditto
        (WebCore::mimeTypeSet): Ditto
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h: It is static type to expose
        initializeGStreamerAndRegisterWebKitElements() function to be called from internal function
        "which runs before MediaPlayerPrivateGStreamerBase initialization but needs to have GStreamer initialized".
        * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
        (WebCore::codecSet): It returns a map with the plugins has been created.
        (WebCore::MediaPlayerPrivateGStreamerMSE::supportsCodecs): To check if the requested codec
        matches any of the map from codecSet().

2017-05-18  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Align getDesiredSize with spec
        https://bugs.webkit.org/show_bug.cgi?id=172220

        Reviewed by Chris Dumez.

        Aligned implementation of getDesiredSize operation for both controllers:
        - https://streams.spec.whatwg.org/#readable-stream-default-controller-get-desired-size
        - https://streams.spec.whatwg.org/#readable-byte-stream-controller-get-desired-size

        Implementation slightly differs from spec as queueTotalSize refactoring is not
        yet implemented, but behavior is now similar.

        No new tests (already covered by WPT tests, corresponding expectations have been updated).

        * Modules/streams/ReadableByteStreamInternals.js:
        (readableByteStreamControllerGetDesiredSize): Updated.
        * Modules/streams/ReadableStreamInternals.js:
        (readableStreamDefaultControllerGetDesiredSize): Updated.

2017-05-18  Tim Horton  <timothy_horton@apple.com>

        More WebKit2 header cleanup
        https://bugs.webkit.org/show_bug.cgi?id=172214

        Reviewed by Simon Fraser.

        * Modules/mediastream/UserMediaController.cpp:
        * Modules/mediastream/UserMediaController.h:

2017-05-16  Yusuke Suzuki  <utatane.tea@gmail.com>

        [JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass
        https://bugs.webkit.org/show_bug.cgi?id=172098

        Reviewed by Saam Barati.

        Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpoint function
        for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMGlobalObject.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        * bindings/js/JSDOMWindowProperties.cpp:
        * bindings/js/JSDOMWindowShell.cpp:
        * bindings/js/JSReadableStreamPrivateConstructors.cpp:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        (GenerateImplementationIterableFunctions):
        (GenerateConstructorHelperMethods):
        * bindings/scripts/IDLAttributes.json:
        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bridge/c/CRuntimeObject.cpp:
        * bridge/c/c_instance.cpp:
        * bridge/objc/ObjCRuntimeObject.mm:
        * bridge/objc/objc_instance.mm:
        * bridge/objc/objc_runtime.mm:
        * bridge/runtime_array.cpp:
        * bridge/runtime_method.cpp:
        * bridge/runtime_object.cpp:
        * dom/Document.idl:
        * dom/DocumentFragment.idl:
        * dom/Element.idl:
        * dom/Event.idl:
        * dom/Node.idl:
        * domjit/JSDocumentDOMJIT.cpp:
        (WebCore::JSDocument::checkSubClassPatchpoint):
        (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted.
        (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted.
        * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp.
        (WebCore::JSDocumentFragment::checkSubClassPatchpoint):
        * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
        (WebCore::JSElement::checkSubClassPatchpoint):
        * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
        (WebCore::JSEvent::checkSubClassPatchpoint):
        * domjit/JSNodeDOMJIT.cpp:
        (WebCore::JSNode::checkSubClassPatchpoint):
        (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted.
        (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted.
        (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted.
        (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted.
        (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted.
        (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted.
        (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.

2017-05-17  Youenn Fablet  <youenn@apple.com>

        r216999 broke win build
        https://bugs.webkit.org/show_bug.cgi?id=172257

        Unreviewed.

        * testing/Internals.cpp:
        (WebCore::Internals::setPageVisibility): Moving setPageVisibility out of MEDIA_STREAM compilation flag.

2017-05-17  Andy Estes  <aestes@apple.com>

        [Cocoa] errors are not propagated to PassKit when calling ApplePaySession.completePayment()
        https://bugs.webkit.org/show_bug.cgi?id=172253
        <rdar://problem/32258020>

        Reviewed by Dan Bernstein.

        In ApplePaySession::completePayment(), releaseReturnValue() was being called twice on the
        same convertedResult. Since the first call moved the errors vector out of convertedResult,
        the vector is empty in the second call. It's the second call that sends the result to the
        UI process, so we end up with an empty arary when we call PassKit's delegate completion
        handler.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::completePayment):

2017-05-17  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r217014.

        This change caused mac-wk2 LayoutTests to exit early due to
        crashes.

        Reverted changeset:

        "Resource Load Statistics: Grandfather domains for existing
        data records"
        https://bugs.webkit.org/show_bug.cgi?id=172155
        http://trac.webkit.org/changeset/217014

2017-05-17  Zalan Bujtas  <zalan@apple.com>

        Tighten TextIterator::handleTextNode run-renderer mapping logic.
        https://bugs.webkit.org/show_bug.cgi?id=172174

        Reviewed by Antti Koivisto.

        This patch ensure that when runs and renderers are getting out of sync
        we don't run into problems like webkit.org/b/172113 (where we end up
        using incorrect content start/end positions).

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):

2017-05-17  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Grandfather domains for existing data records
        https://bugs.webkit.org/show_bug.cgi?id=172155
        <rdar://problem/24913532>

        Reviewed by Alex Christensen.

        Test: http/tests/loading/resourceLoadStatistics/grandfathering.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setGrandfathered):
        (WebCore::ResourceLoadObserver::isGrandfathered):
        (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
        (WebCore::ResourceLoadObserver::setGrandfatheringTime):
            Functions for testing and configuration.
            ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval() changed as a result of moving
            WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
            Now contains endOfGrandfatheringTimestamp.
        (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
            Now makes a call to m_grandfatherExistingWebsiteDataHandler().
        (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback):
        (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
            Changed as a result of moving
            WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
        (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
        (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
            Renamed since it now also takes grandfathering into account.
        (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
            Fixed typo in local variable name.
        (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
        (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved):
            Convenience function added.
        (WebCore::ResourceLoadStatisticsStore::prevalentResourceDomainsWithoutUserInteraction): Deleted.
            Replaced by ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor().
        * loader/ResourceLoadStatisticsStore.h:

2017-05-17  Zalan Bujtas  <zalan@apple.com>

        Debug ASSERT: WebCore::RenderImageResource::shutdown
        https://bugs.webkit.org/show_bug.cgi?id=172238
        <rdar://problem/30064601>

        Reviewed by Simon Fraser.

        While constructing new renderers, as part of the render tree update, we check if the insertion point is valid for them. 
        When this newly constructed child renderer can't be injected to a specific place, we destroy it right away.
        This assert was added with the assumption that the image resource object gets initialized
        (through RenderObject::initializeStyle) even when the renderer turns out to be invalid.

        Test: fast/images/assert-when-insertion-point-is-incorrect.html

        * rendering/RenderImageResource.cpp:
        (WebCore::RenderImageResource::RenderImageResource):
        (WebCore::RenderImageResource::shutdown):
        * rendering/RenderImageResource.h:

2017-05-17  Per Arne Vollan  <pvollan@apple.com>

        Crash under WebCore::AudioSourceProviderAVFObjC::process().
        https://bugs.webkit.org/show_bug.cgi?id=172101
        rdar://problem/27446589

        Reviewed by Jer Noble.

        Calling the function MTAudioProcessingTapGetSourceAudio when the value of the
        MTAudioProcessingTapRef parameter is null, will lead to a null dereference.
        This can for example happen if MediaPlayerPrivateAVFoundationObjC::cancelLoad()
        is called on the main thread while MediaToolbox is calling the
        WebCore::AudioSourceProviderAVFObjC::processCallback function on a secondary
        thread. MediaPlayerPrivateAVFoundationObjC::cancelLoad() will then call
        AudioSourceProviderAVFObjC::setPlayerItem(nullptr), which will call
        AudioSourceProviderAVFObjC::destroyMix(), which will set m_tap to null. When
        AudioSourceProviderAVFObjC::process is called on the secondary thread, using
        the m_tap member in the call to MTAudioProcessingTapGetSourceAudio, the process
        will crash.

        No new tests since I am not able to reproduce.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::initCallback):
        (WebCore::AudioSourceProviderAVFObjC::process):

2017-05-17  Chris Dumez  <cdumez@apple.com>

        Setting URL.search to '' results in a stringified URL ending in '?'
        https://bugs.webkit.org/show_bug.cgi?id=162345
        <rdar://problem/31800441>

        Reviewed by Alex Christensen.

        As per the specification for the URL.search setter [1], if the given value is
        the empty string, then we should set the URL's query to null. We would
        previously set the URL's query to the empty string in this case. This aligns
        our behavior with Firefox and Chrome.

        [1] https://url.spec.whatwg.org/#dom-url-search

        No new tests, updated existing tests.

        * html/URLUtils.h:
        (WebCore::URLUtils<T>::setSearch):

2017-05-17  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] videoWidth and videoHeight should be set when 'loadedmetadata' event fires
        https://bugs.webkit.org/show_bug.cgi?id=172223
        <rdar://problem/31899755>

        Reviewed by Jer Noble.

        Test: fast/mediastream/get-user-media-on-loadedmetadata.html

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState): If a stream has
        a video track, return HaveNothing until we have a sample.
       
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::tick): Optionally delay the next sample.
        (WebCore::MockRealtimeAudioSource::delaySamples):
        * platform/mock/MockRealtimeAudioSource.h:

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::delaySamples):
        (WebCore::MockRealtimeVideoSource::generateFrame): Optionally delay the next sample.
        * platform/mock/MockRealtimeVideoSource.h:

        * testing/Internals.cpp:
        (WebCore::Internals::delayMediaStreamTrackSamples):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-17  Youenn Fablet  <youenn@apple.com>

        iOS WebRTC Media Capture should not allow camera capture from background tab
        https://bugs.webkit.org/show_bug.cgi?id=172200

        Reviewed by Eric Carlson.

        Test: platform/ios/mediastream/getUserMedia-disabled-in-background-tabs.html and manual tests.

        Making Video Capture Factory aware of Document visibility changes.
        On iOS, muting/unmuting the current video source according Document visibility.
        Not using Document visibility change observer as factories are platform and cannot implement
        the visibility observer interface without moving the visibility observer interface.

        Introducing internals API to switch on/off the page visibility.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged):
        (WebCore::Document::notifyVisibilityChangedToMediaCapture):
        * dom/Document.h:
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::setVisibility):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSourceFactory::setVisibility):
        * testing/Internals.cpp:
        (WebCore::Internals::setPageVisibility):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-17  Said Abou-Hallawa  <sabouhallawa@apple.com>

        When the image decoding thread makes a callOnMainThread(), ensure all the objects it needs are protected
        https://bugs.webkit.org/show_bug.cgi?id=171614

        Reviewed by David Kilzer.

        The asynchronous image decoding was designed to not block the main thread if
        the image is deleted. To achieve that we allow decoding the current frame
        even if it is not going to be used after closing the decoding queue. We 
        protect all the objects which the decoding thread uses. But when a frame
        finishes decoding the native image frame is cached on the main thread. Not
        all of the objects are protected when the callOnMainThread() is dispatched.
        The ImageFrameCache and the ImageDecoder objects are not protected.

        This might lead to two kinds of crashes:
        1. A segfault inside the ImageDecoder trying to access one of its member
        2. A segfault inside the ImageFrameCache trying to access one of its frames

        The fix is to protect the ImageFrameCache and the ImageDecoder when the
        decoding thread makes a callOnMainThread(). Also switch all the pointers
        the decoding threads protect to be ThreadSafeRefCounted.

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::startAsyncDecodingQueue):
        * platform/graphics/ImageFrameCache.h:
        * platform/graphics/cg/ImageDecoderCG.h:
        * platform/graphics/win/ImageDecoderDirect2D.h:
        * platform/image-decoders/ImageDecoder.h:

2017-05-17  Wenson Hsieh  <wenson_hsieh@apple.com>

        A URL type is vended for a non-URL plain text string when starting data interaction
        https://bugs.webkit.org/show_bug.cgi?id=172228
        <rdar://problem/32166729>

        Reviewed by Andy Estes.

        Previously, when writing a plain text string to WebItemProviderPasteboard, we would write an NSString directly
        to the item provider by using built-in functionality in NSString+UIItemProvider. However, this causes plain
        strings such as "apple" to be considered URLs, since -[NSURL URLWithString:] creates a non-null NSURL. To fix
        this, we instead write the string as UTF8 data, for the UTI kUTTypeUTF8PlainText, if the plain text is not a
        URL. If the plain text is clearly a URL (determined by constructing a new WebCore URL with no base URL and the
        plaintext string as the absolute URL) then we additionally write an NSURL to the pasteboard.

        2 new API tests:
        DataInteractionTests.SinglePlainTextWordTypeIdentifiers
        DataInteractionTests.SinglePlainTextURLTypeIdentifiers

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::addRepresentationsForPlainText):
        (WebCore::PlatformPasteboard::writeObjectRepresentations):

2017-05-15  Jiewen Tan  <jiewen_tan@apple.com>

        Replace CryptoOperationData with BufferSource for WebKitSubtleCrypto
        https://bugs.webkit.org/show_bug.cgi?id=172146
        <rdar://problem/32122256>

        Reviewed by Brent Fulgham.

        In this patch, we replaces CryptoOperationData with BufferSource for WebKitSubtleCrypto in
        the custom binding codes.

        Test: crypto/webkitSubtle/import-export-raw-key-leak.html

        * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
        (WebCore::JSWebKitSubtleCrypto::encrypt):
        (WebCore::JSWebKitSubtleCrypto::decrypt):
        (WebCore::JSWebKitSubtleCrypto::sign):
        (WebCore::JSWebKitSubtleCrypto::verify):
        (WebCore::JSWebKitSubtleCrypto::digest):
        (WebCore::JSWebKitSubtleCrypto::importKey):
        (WebCore::JSWebKitSubtleCrypto::unwrapKey):
        * crypto/WebKitSubtleCrypto.idl:

2017-05-17  Youenn Fablet  <youenn@apple.com>

        Move-related refactoring on UserMediaPermissionRequestProxy
        https://bugs.webkit.org/show_bug.cgi?id=172195

        Reviewed by Alex Christensen.

        No behavioral change.

        * platform/mediastream/RealtimeMediaSourceCenter.h: Cleaning the function definition.

2017-05-17  David Kilzer  <ddkilzer@apple.com>

        BlobDataFileReference::generateReplacementFile() should use mkstemp()
        <https://webkit.org/b/172192>

        Reviewed by Brent Fulgham.

        * platform/network/mac/BlobDataFileReferenceMac.mm:
        (WebCore::BlobDataFileReference::generateReplacementFile): Use
        mkstemp().

2017-05-17  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r216974.

        Revision caused consistent timeouts on all platforms.

        Reverted changeset:

        "Add a RuntimeEnabledFeature for display: contents, defaulted
        to false."
        https://bugs.webkit.org/show_bug.cgi?id=171984
        http://trac.webkit.org/changeset/216974

2017-05-17  Nan Wang  <n_wang@apple.com>

        ASSERTION FAILED in WebCore::AccessibilityNodeObject::insertChild()
        https://bugs.webkit.org/show_bug.cgi?id=171927
        <rdar://problem/32109781>

        Reviewed by Chris Fleizach.

        The nextSibling() logic might include the continuation sibling that's not
        the child of the current renderer. Make sure we only insert the valid child.

        Test: accessibility/insert-children-assert.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::nextSibling):

2017-05-17  Ryosuke Niwa  <rniwa@webkit.org>

        getElementById can return a wrong elemnt when a matching element is removed during beforeload event
        https://bugs.webkit.org/show_bug.cgi?id=171374

        Reviewed by Brent Fulgham.

        The bug was caused by HTMLLinkElement firing beforeload event inside insertedInto before the tree state is updated.
        Delay the event dispatch to the post insertion callback.

        Test: fast/html/link-element-removal-during-beforeload.html

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::insertedInto):
        (WebCore::HTMLLinkElement::finishedInsertingSubtree):
        * html/HTMLLinkElement.h:

2017-05-17  Alex Christensen  <achristensen@webkit.org>

        Interacting with WKHTTPCookieStores before creating WKWebViews and WKProcessPools should affect cookies used
        https://bugs.webkit.org/show_bug.cgi?id=171987

        Reviewed by Brady Eidson.

        Covered by new API tests.

        * CMakeLists.txt:
        * platform/Cookie.h:
        (WebCore::Cookie::Cookie):
        (WebCore::Cookie::isNull):
        (WebCore::CookieHash::hash):
        (WebCore::CookieHash::equal):
        (WTF::HashTraits<WebCore::Cookie>::emptyValue):
        (WTF::HashTraits<WebCore::Cookie>::constructDeletedValue):
        (WTF::HashTraits<WebCore::Cookie>::isDeletedValue):
        * platform/network/Cookie.cpp: Added.
        (WebCore::Cookie::operator==):
        (WebCore::Cookie::hash):
        * platform/network/cocoa/CookieCocoa.mm:
        (WebCore::Cookie::operator NSHTTPCookie *):
        (WebCore::Cookie::operator==):
        (WebCore::Cookie::hash):
        * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
        (WebCore::NetworkStorageSession::setCookies):
        Use NSHTTPCookie's hash and equality comparison to more closely match the NSHTTPCookie behavior.

2017-05-17  Emilio Cobos Álvarez  <ecobos@igalia.com>

        Add a RuntimeEnabledFeature for display: contents, defaulted to false.
        https://bugs.webkit.org/show_bug.cgi?id=171984

        Reviewed by Antti Koivisto.

        The "defaulted to false" is not only because there are spec issues,
        but because I ran the WPT suite, and there was a fair amount of
        crashes and messed render trees.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setDisplayContentsEnabled):
        (WebCore::RuntimeEnabledFeatures::displayContentsEnabled):

2017-05-17  Antti Koivisto  <antti@apple.com>

        Regression (198943): <marquee> shouldn't wrap text
        https://bugs.webkit.org/show_bug.cgi?id=172217

        Reviewed by Andreas Kling.

        RenderMarquee::updateMarqueeStyle mutated the style and then expected it to inherit to children.
        This doesn't work anymore because render tree construction is now separated from style resolution
        where inheritance happens.

        Test: fast/html/marquee-child-wrap.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):

            Implement marquee hacks in adjustRenderStyle instead. This can't do the childrenInline check
            the previous code had but it wasn't working anyway (there are no children when updateMarqueeStyle
            gets called).

        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::updateMarqueeStyle):

            This no longer needs mutable style.

2017-05-16  David Kilzer  <ddkilzer@apple.com>

        Remove C-style casts by using xmlDocPtr instead of void*
        <https://webkit.org/b/172189>

        Reviewed by Alex Christensen.

        * dom/TransformSource.h: Fix whitespace indentation.
        (typedef PlatformTransformSource): Use xmlDocPtr not void*.
        * dom/TransformSourceLibxslt.cpp:
        (WebCore::TransformSource::~TransformSource): Remove cast.
        * xml/XSLStyleSheetLibxslt.cpp:
        (WebCore::XSLStyleSheet::document): Remove cast.
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::xmlDocPtrFromNode): Remove casts.
        * xml/parser/XMLDocumentParser.h:
        (WebCore::xmlDocPtrForString): Update declaration to return
        xmlDocPtr not void*.
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::doEnd): Change type of local
        variable from void* to xmlDocPtr.
        (WebCore::xmlDocPtrForString): Update to return xmlDocPtr
        not void*.

2017-05-16  Sam Weinig  <sam@webkit.org>

        Bring Notification.idl up to spec
        https://bugs.webkit.org/show_bug.cgi?id=172156

        Reviewed by Chris Dumez.

        Test: http/tests/notifications/notification.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::create):
        (WebCore::Notification::Notification):
        (WebCore::Notification::show):
        (WebCore::directionString): Deleted.
        (WebCore::Notification::permission): Deleted.
        (WebCore::Notification::permissionString): Deleted.
        * Modules/notifications/Notification.h:
        * Modules/notifications/Notification.idl:
        * Modules/notifications/NotificationClient.h:
        * Modules/notifications/NotificationDirection.h: Added.
        * Modules/notifications/NotificationPermission.h: Added.
        * Modules/notifications/NotificationPermission.idl: Added.
        * Modules/notifications/NotificationPermissionCallback.h:
        * Modules/notifications/NotificationPermissionCallback.idl:
        Bring up to spec, replacing DOMStrings with enums where appropriate and adding
        additional readonly properties to Notification to mirror options provided
        in construction.

2017-05-16  Zalan Bujtas  <zalan@apple.com>

        Do not skip <slot> children when collecting content for innerText.
        https://bugs.webkit.org/show_bug.cgi?id=172113
        <rdar://problem/30362324>

        Reviewed by Ryosuke Niwa and Brent Fulgham.

        "display: contents" elements do not generate renderers but their children might.
        This patch ensure that we don't skip them while collecting text content.  

        Test: fast/text/inner-text-should-include-slot-subtree.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::advance):

2017-05-16  Filip Pizlo  <fpizlo@apple.com>

        GCController::garbageCollectNowIfNotDoneRecently should request Async Full GCs
        https://bugs.webkit.org/show_bug.cgi?id=172204

        Reviewed by Saam Barati.

        No new tests because existing tests will tell us if there is a problem.
        
        The goal of this change is to reduce the likelihood that we block for a GC. We want it to be
        benchmark-neutral.
        
        It's a 0.14% speed-up on JetStream with 24% probability.
        
        It's a 0.12% slow-down on PLT3 with 43% probability.
        
        So it's neutral on my machine.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectNowIfNotDoneRecently):

2017-05-16  Tim Horton  <timothy_horton@apple.com>

        [macOS] REGRESSION: Drag images for links with right-to-left titles are incorrect (172006)
        https://bugs.webkit.org/show_bug.cgi?id=172006
        <rdar://problem/32165137>

        Reviewed by Dean Jackson.

        * platform/mac/DragImageMac.mm:
        (WebCore::LinkImageLayout::LinkImageLayout):
        (WebCore::createDragImageForLink):
        (WebCore::LinkImageLayout::addLine): Deleted.
        * platform/spi/cocoa/CoreTextSPI.h:
        Set and paint the entire frame as a single unit, making use of the
        CTFrameMaximumNumberOfLines attribute to limit the number of lines.
        This gives CoreText power over text alignment and makes RTL text lay
        out correctly.

2017-05-16  Chris Dumez  <cdumez@apple.com>

        Implement DOMMatrix / DOMMatrixReadOnly
        https://bugs.webkit.org/show_bug.cgi?id=110001

        Reviewed by Sam Weinig and Simon Fraser.

        Implement DOMMatrix / DOMMatrixReadOnly as per:
        - https://drafts.fxtf.org/geometry/#DOMMatrix

        For now, these new types co-exist with WebKitCSSMatrix / SVGMatrix. However, in the future,
        WebKitCSSMatrix / SVGMatrix are supposed to become aliases to DOMMatrix.

        Most of it has been implemented. What remaining to be implemented is:
        - Make WebKitCSSMatrix / SVGMatrix aliases to DOMMatrix
        - DOMMatrix.fromFloat32Array() / fromFloat64Array()
        - DOMMatrixReadOnly.fromFloat32Array() / fromFloat64Array() / toFloat32Array() / toFloat64Array()
        - DOMMatrixReadOnly.transformPoint().

        Tests: imported/w3c/web-platform-tests/css/geometry-1/*

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:

        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        Fix a bug in the bindings generator causing the generator code for
        "Constructor(optional (DOMString or sequence<unrestricted double>) init)" to be wrong
        and not build.

        * css/DOMMatrix.cpp: Added.
        (WebCore::DOMMatrix::DOMMatrix):
        (WebCore::DOMMatrix::fromMatrix):
        (WebCore::DOMMatrix::multiplySelf):
        (WebCore::DOMMatrix::preMultiplySelf):
        (WebCore::DOMMatrix::translateSelf):
        (WebCore::DOMMatrix::scaleSelf):
        (WebCore::DOMMatrix::scale3dSelf):
        (WebCore::DOMMatrix::rotateSelf):
        (WebCore::DOMMatrix::rotateFromVectorSelf):
        (WebCore::DOMMatrix::rotateAxisAngleSelf):
        (WebCore::DOMMatrix::skewXSelf):
        (WebCore::DOMMatrix::skewYSelf):
        (WebCore::DOMMatrix::invertSelf):
        (WebCore::DOMMatrix::setMatrixValueForBindings):
        * css/DOMMatrix.h: Added.
        (WebCore::DOMMatrix::create):
        (WebCore::DOMMatrix::setA):
        (WebCore::DOMMatrix::setB):
        (WebCore::DOMMatrix::setC):
        (WebCore::DOMMatrix::setD):
        (WebCore::DOMMatrix::setE):
        (WebCore::DOMMatrix::setF):
        (WebCore::DOMMatrix::setM11):
        (WebCore::DOMMatrix::setM12):
        (WebCore::DOMMatrix::setM13):
        (WebCore::DOMMatrix::setM14):
        (WebCore::DOMMatrix::setM21):
        (WebCore::DOMMatrix::setM22):
        (WebCore::DOMMatrix::setM23):
        (WebCore::DOMMatrix::setM24):
        (WebCore::DOMMatrix::setM31):
        (WebCore::DOMMatrix::setM32):
        (WebCore::DOMMatrix::setM33):
        (WebCore::DOMMatrix::setM34):
        (WebCore::DOMMatrix::setM41):
        (WebCore::DOMMatrix::setM42):
        (WebCore::DOMMatrix::setM43):
        (WebCore::DOMMatrix::setM44):
        * css/DOMMatrix.idl: Added.
        * css/DOMMatrixInit.h: Added.
        * css/DOMMatrixInit.idl: Added.
        * css/DOMMatrixReadOnly.cpp: Added.
        (WebCore::DOMMatrixReadOnly::DOMMatrixReadOnly):
        (WebCore::DOMMatrixReadOnly::validateAndFixup):
        (WebCore::DOMMatrixReadOnly::fromMatrix):
        (WebCore::DOMMatrixReadOnly::isIdentity):
        (WebCore::DOMMatrixReadOnly::setMatrixValue):
        (WebCore::DOMMatrixReadOnly::translate):
        (WebCore::DOMMatrixReadOnly::flipX):
        (WebCore::DOMMatrixReadOnly::flipY):
        (WebCore::DOMMatrixReadOnly::multiply):
        (WebCore::DOMMatrixReadOnly::scale):
        (WebCore::DOMMatrixReadOnly::scale3d):
        (WebCore::DOMMatrixReadOnly::rotate):
        (WebCore::DOMMatrixReadOnly::rotateFromVector):
        (WebCore::DOMMatrixReadOnly::rotateAxisAngle):
        (WebCore::DOMMatrixReadOnly::skewX):
        (WebCore::DOMMatrixReadOnly::skewY):
        (WebCore::DOMMatrixReadOnly::inverse):
        (WebCore::DOMMatrixReadOnly::toString):
        * css/DOMMatrixReadOnly.h: Added.
        (WebCore::DOMMatrixReadOnly::create):
        (WebCore::DOMMatrixReadOnly::a):
        (WebCore::DOMMatrixReadOnly::b):
        (WebCore::DOMMatrixReadOnly::c):
        (WebCore::DOMMatrixReadOnly::d):
        (WebCore::DOMMatrixReadOnly::e):
        (WebCore::DOMMatrixReadOnly::f):
        (WebCore::DOMMatrixReadOnly::m11):
        (WebCore::DOMMatrixReadOnly::m12):
        (WebCore::DOMMatrixReadOnly::m13):
        (WebCore::DOMMatrixReadOnly::m14):
        (WebCore::DOMMatrixReadOnly::m21):
        (WebCore::DOMMatrixReadOnly::m22):
        (WebCore::DOMMatrixReadOnly::m23):
        (WebCore::DOMMatrixReadOnly::m24):
        (WebCore::DOMMatrixReadOnly::m31):
        (WebCore::DOMMatrixReadOnly::m32):
        (WebCore::DOMMatrixReadOnly::m33):
        (WebCore::DOMMatrixReadOnly::m34):
        (WebCore::DOMMatrixReadOnly::m41):
        (WebCore::DOMMatrixReadOnly::m42):
        (WebCore::DOMMatrixReadOnly::m43):
        (WebCore::DOMMatrixReadOnly::m44):
        (WebCore::DOMMatrixReadOnly::is2D):
        (WebCore::DOMMatrixReadOnly::fromMatrixHelper):
        * css/DOMMatrixReadOnly.idl: Added.
        * css/WebKitCSSMatrix.h:
        * css/WebKitCSSMatrix.idl:
        * svg/SVGMatrix.h:
        * svg/SVGMatrix.idl:

2017-05-16  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] AudioSampleBufferList::zeroABL takes byte count, not sample count
        https://bugs.webkit.org/show_bug.cgi?id=172194
        <rdar://problem/32233799>

        Reviewed by Jer Noble.

        * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
        (WebCore::AudioTrackPrivateMediaStreamCocoa::render): Pass number of bytes to zero,
        not number of samples.

2017-05-16  Mark Lam  <mark.lam@apple.com>

        WorkerRunLoop::Task::performTask() needs to null check context->script() before use.
        https://bugs.webkit.org/show_bug.cgi?id=172193
        <rdar://problem/32225346>

        Reviewed by Filip Pizlo.

        According to https://build-safari.apple.com/results/Trunk%20Fuji%20GuardMalloc%20Production%20WK2%20Tests/r216929_459760e0918316187c8e52c6585a3a9ba9181204%20(12066)/results.html,
        we see a crash with this crash trace:

        Thread 13 Crashed:: WebCore: Worker
        0 com.apple.WebCore        0x00000001099607b2 WebCore::WorkerScriptController::isTerminatingExecution() const + 18
        1 com.apple.WebCore        0x000000010995ebbf WebCore::WorkerRunLoop::runCleanupTasks(WebCore::WorkerGlobalScope*) + 143
        2 com.apple.WebCore        0x000000010995e80f WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*) + 111
        3 com.apple.WebCore        0x00000001099621b6 WebCore::WorkerThread::workerThread() + 742
        4 com.apple.JavaScriptCore 0x000000010a964b92 WTF::threadEntryPoint(void*) + 178
        5 com.apple.JavaScriptCore 0x000000010a964a69 WTF::wtfThreadEntryPoint(void*) + 121
        6 libsystem_pthread.dylib  0x00007fffbdb5caab _pthread_body + 180
        7 libsystem_pthread.dylib  0x00007fffbdb5c9f7 _pthread_start + 286
        8 libsystem_pthread.dylib  0x00007fffbdb5c1fd thread_start + 13

        ... and the crashing address is:

        Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000022

        0x0000000000000022 is the offset of m_scheduledTerminationMutex in the
        WorkerScriptController.  This means that WorkerScriptController::isTerminatingExecution()
        is passed a NULL this pointer.  This means that it's possible to have a race
        where a WorkerRunLoop::Task gets enqueued beyond the Cleanup task that deletes the
        context->script().  As a result, WorkerRunLoop::Task::performTask() (called by
        runCleanupTasks()) may see a null context->script().

        Hence, WorkerRunLoop::Task::performTask() should null check context->script()
        before invoking the isTerminatingExecution() query on it.

        No new tests because this is already covered by existing tests.

        * workers/WorkerRunLoop.cpp:
        (WebCore::WorkerRunLoop::Task::performTask):

2017-05-16  Youenn Fablet  <youenn@apple.com>

        Modernize WebKit2 getUserMedia passing of parameters
        https://bugs.webkit.org/show_bug.cgi?id=172161

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/RealtimeMediaSourceCenter.h: Using WTF::Function to enable capture Ref<>.

2017-05-16  Jeremy Jones  <jeremyj@apple.com>

        Captions and subtitles not showing up in picture-in-picture for MSE content.
        https://bugs.webkit.org/show_bug.cgi?id=172145

        Reviewed by Eric Carlson.

        No new tests as this has no affect on the DOM.

        Add TextTrackRepresentation code from MediaPlayerPrivateAVFoundationObj to MediaPlayerPrivateMediaSourceAVFObjc.
        This moves the TextTrackRepresentation platfrom layer into the fullscreen container layer when going into
        pip for fullscreen, allowing the captions to be visible.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenFrame):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::requiresTextTrackRepresentation):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::syncTextTrackBounds):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setTextTrackRepresentation):

2017-05-16  David Kilzer  <ddkilzer@apple.com>

        WebCore::leakCGColor() needs CF_RETURNS_RETAINED annotation
        <https://webkit.org/b/172190>

        Reviewed by Simon Fraser.

        * platform/graphics/cg/ColorCG.cpp:
        (WebCore::leakCGColor): Annotate with CF_RETURNS_RETAINED since
        it does not follow the CF naming convention, which means the
        expected behavior can't be inferred by the clang static
        analyzer.

2017-05-16  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingVideoSource should support sinkWants for rotation
        https://bugs.webkit.org/show_bug.cgi?id=172123
        <rdar://problem/32200017>

        Reviewed by Eric Carlson.

        Covered by manual testing.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink): Triggering pixel rotation based on sink.
        (WebCore::RealtimeOutgoingVideoSource::sendFrame): Doing the rotation using libwebrtc API.
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:

2017-05-16  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r212513): LastResort is platform-dependent, so its semantics should not be required to perform font loading correctly.
        https://bugs.webkit.org/show_bug.cgi?id=168487

        Reviewed by Antti Koivisto.

        There are three ways a Web author can chain multiple font files together:
        1. Multiple entries in the "src" descriptor in an @font-face rule
        2. Multiple @font-face rules with the same "font-family" descriptor
        3. Multiple entries in the "font-family" property on an element

        Before r212513, the code which iterated across #2 and #3 above could have
        triggered each item in the chain to download. r212513 tried to solve this
        by using LastResort as the interstitial font used during downloads, because
        LastResort supports every character and therefore solves #3 above. However,
        this change had a few problems:

        1. Previously, our code would try to avoid using the interstitial font for
        layout or rendering whenever possible (because one of the chains above may
        have named a local font which would be better to use). In order to use the
        benefits of LastResort, I had to remove this avoidance logic and make
        WebKit try to use the interstitial font as often as possible. However, due
        to the large metrics of LastResort, this means that offsetWidth queries
        during font loading would be wildly inaccurate, causing Google Docs to break.
        2. It also means that canvas drawing during font loading would actually draw
        LastResort, causing Bing maps to break.
        3. LastResort is platform-specific, so only platforms which have it would
        actually be able to load fonts correctly.

        Instead, we should keep the older logic about avoiding using the
        interstitial font so that loading has a better experience for the user.
        We solve the unnecessary download problem by giving our loading code a
        downloading policy enum, which has two values: allow downloads or forbid
        downloads. Whenever our loading code returns the interstitial font, we
        continue our search, but we change the policy to forbid downloads.

        There is one piece of subtlety, though: It is more common for web authors
        to put good fallbacks in the "font-family" property than in the "src"
        descriptor inside @font-face. This means that we shouldn't exhaustively
        search through the @font-face src list first. Instead, we should look
        through the src list until we hit a non-local font, and then immediately
        start looking through the other other chains.

        Tests: fast/text/font-download-font-face-src-list.html
               fast/text/font-download-font-family-property.html
               fast/text/font-download-remote-fallback-all.html
               fast/text/font-interstitial-invisible-width-while-loading.html
               fast/text/font-weight-download-3.html
               fast/text/web-font-load-fallback-during-loading-2.html
               fast/text/web-font-load-invisible-during-loading.html

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::fontLoadEventOccurred): Implement support for
        the font download policy.
        (WebCore::CSSFontFace::setStatus): After 3 seconds of loading, we
        will start drawing the fallback font. However, for testing, we have an
        internal setting to make this switch happen immediately. This patch now
        requires that this internal switch happen synchronously.
        (WebCore::CSSFontFace::pump): Implement support for the font download
        policy.
        (WebCore::CSSFontFace::load): Ditto.
        (WebCore::CSSFontFace::font): Ditto.
        * css/CSSFontFace.h: Ditto.
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::beginLoadingFontSoon): Implement support for
        synchronous font download timeouts.
        * css/CSSSegmentedFontFace.cpp:
        (WebCore::CSSSegmentedFontFace::fontRanges): Implement support for the
        font download policy.
        * platform/graphics/Font.cpp: Add new flag which represents if the
        interstitial font was created after the 3 second timeout or before.
        Previously, we would distinguish between these two cases by knowing
        that one font was LastResort and the other font was a fallback. Now that
        we're using fallback fonts on both sides of the 3 second timeout, we
        now no longer know which one should be invisible. This new enum solves
        this problem.
        (WebCore::Font::Font):
        (WebCore::Font::verticalRightOrientationFont):
        (WebCore::Font::uprightOrientationFont):
        * platform/graphics/Font.h: Ditto.
        (WebCore::Font::create):
        (WebCore::Font::origin):
        (WebCore::Font::visibility):
        * platform/graphics/FontCache.h:
        * platform/graphics/FontCascade.cpp: We try to fall back to a local() font
        during downloads, but there might not be one that we can use. Therefore, we
        can't use the presence of the interstitial font to detect if we should paint
        invisibly. Instead, we can move this logic into the font-specific part of
        painting, and consult with the specific font to know if it was created from
        a timed-out @font-face rule or not.
        (WebCore::FontCascade::drawText):
        (WebCore::shouldDrawIfLoading):
        (WebCore::FontCascade::drawGlyphBuffer):
        (WebCore::FontCascade::drawEmphasisMarks):
        * platform/graphics/FontCascade.h:
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::FontCascadeFonts::glyphDataForVariant): Implement the logic
        described above where we switch the policy if we encounter the intestitial
        font.
        (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Ditto.
        (WebCore::glyphPageFromFontRanges): Ditto.
        * platform/graphics/FontRanges.cpp: Implement support for the font download
        policy.
        (WebCore::FontRanges::Range::font):
        (WebCore::FontRanges::glyphDataForCharacter):
        (WebCore::FontRanges::fontForCharacter):
        (WebCore::FontRanges::fontForFirstRange):
        * platform/graphics/FontRanges.h:
        * platform/graphics/FontSelector.h:
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.

2017-05-16  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Move setCollapedWhitespaceWidth call to updateLineConstrains.
        https://bugs.webkit.org/show_bug.cgi?id=172178

        Reviewed by Antti Koivisto.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::updateLineConstrains):
        (WebCore::SimpleLineLayout::createLineRuns):

2017-05-16  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Return default device list until user gives permission to capture
        https://bugs.webkit.org/show_bug.cgi?id=172168
        <rdar://problem/31816884>

        Reviewed by Youenn Fablet.

        Test: fast/mediastream/media-devices-enumerate-devices.html

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::filterDeviceList): Remove all but the "default" number of
        devices of each type.
        (WebCore::MediaDevicesRequest::start): Call filterDeviceList.
        * Modules/mediastream/MediaDevicesRequest.h:

2017-05-16  Claudio Saavedra  <csaavedra@igalia.com>

        Silent a few warnings about unused parameters
        https://bugs.webkit.org/show_bug.cgi?id=172169

        Reviewed by Sam Weinig.

        * page/Page.cpp:
        (WebCore::Page::mainFrameLoadStarted):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::toData):
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::partitionName):

2017-05-16  Wenson Hsieh  <wenson_hsieh@apple.com>

        WebItemProviderPasteboard should be robust when temporary files are missing path extensions
        https://bugs.webkit.org/show_bug.cgi?id=172170

        Reviewed by Tim Horton.

        Makes a slight adjustment to the temporary file URLs are handled when using WebItemProviderPasteboard to load
        data off of item providers. Previously, we would bail early and not load any data if the temporary URL is
        missing an extension. Since the switch to NSItemProviders from UIItemProviders, some types of temporary files
        generated by item providers are missing extensions, so this extra check is meaningless.

        Covered by existing data interaction unit tests.

        * platform/ios/WebItemProviderPasteboard.mm:
        (temporaryFileURLForDataInteractionContent):
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):

2017-05-16  Zan Dobersek  <zdobersek@igalia.com>

        [WPE] GLContextEGL::createWPEContext() should fall back to pbuffer-based contexts when offscreen target provides no native window
        https://bugs.webkit.org/show_bug.cgi?id=172162

        Reviewed by Carlos Garcia Campos.

        When creating an offscreen GLContext, the underlying implementation might
        provide a mock native window that's to be used as the window target upon
        which a window-based GLContext should be created. But we should also support
        falling back to pbuffer-based GLContexts when the underlying implementation
        can't provide such mock targets.

        * platform/graphics/egl/GLContextEGLWPE.cpp:
        (WebCore::GLContextEGL::createWPEContext):

2017-05-16  Zan Dobersek  <zdobersek@igalia.com>

        [GLib] Name more GSource-based RunLoop::Timers
        https://bugs.webkit.org/show_bug.cgi?id=172158

        Reviewed by Carlos Garcia Campos.

        * platform/glib/MainThreadSharedTimerGLib.cpp:
        (WebCore::MainThreadSharedTimer::MainThreadSharedTimer):
        Specify 'MainThreadSharedTimer' as the name of this GSource-based RunLoop::Timer.

2017-05-16  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement ReadableStreamBYOBReader releaseLock()
        https://bugs.webkit.org/show_bug.cgi?id=172111

        Reviewed by Chris Dumez.

        Implemented ReadableStreamBYOBReader releaseLock():
        - https://streams.spec.whatwg.org/#byob-reader-release-lock;
        - https://streams.spec.whatwg.org/#readable-stream-reader-generic-release.

        Added tests to check releaseLock behavior.

        * Modules/streams/ReadableStreamBYOBReader.js:
        (releaseLock): Implemented.
        * Modules/streams/ReadableStreamInternals.js:
        (readableStreamReaderGenericRelease): Aligned with spec.

2017-05-16  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Try to fix GTK+ build with MEDIA_STREAM enabled after r216918.

        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::validateRequestConstraints):

2017-05-16  Youenn Fablet  <youenn@apple.com>

        Remove MediaConstraintsData and MediaConstraintsImpl
        https://bugs.webkit.org/show_bug.cgi?id=172132

        Reviewed by Eric Carlson.

        No observable change of behavior.

        Removing MediaConstraintsData and MediaConstraintsImpl allows simplifying the code.
        Further simplified the code by making MediaConstraints no longer ref counted and now a struct.
        Simplified some RealtimeMediaSource subclasses by removing unused MediaConstraints class members.

        * CMakeLists.txt: Removing MediaConstraintsImpl.cpp.
        * Modules/mediastream/MediaConstraintsImpl.cpp: Removed.
        * Modules/mediastream/MediaConstraintsImpl.h: Removed.
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::createMediaConstraints):
        (WebCore::MediaDevices::getUserMedia):
        (WebCore::createMediaConstraintsImpl): Deleted.
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::createMediaConstraints):
        (WebCore::MediaStreamTrack::applyConstraints):
        (WebCore::createMediaConstraintsImpl): Deleted.
        * Modules/mediastream/MediaTrackConstraints.cpp:
        (WebCore::createMediaConstraints):
        (WebCore::createMediaConstraintsImpl): Deleted.
        * Modules/mediastream/MediaTrackConstraints.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::start):
        (WebCore::UserMediaRequest::UserMediaRequest):
        (WebCore::UserMediaRequest::allow):
        * Modules/mediastream/UserMediaRequest.h:
        (WebCore::UserMediaRequest::audioConstraints):
        (WebCore::UserMediaRequest::videoConstraints):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/MediaConstraints.cpp:
        (WebCore::addDefaultVideoConstraints):
        (WebCore::MediaConstraints::isConstraintSet):
        (WebCore::MediaConstraints::setDefaultVideoConstraints):
        * platform/mediastream/MediaConstraints.h:
        (WebCore::MediaConstraints::~MediaConstraints): Deleted.
        (WebCore::MediaConstraints::MediaConstraints): Deleted.
        * platform/mediastream/MediaStreamConstraintsValidationClient.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::selectSettings):
        (WebCore::RealtimeMediaSource::supportsConstraints):
        (WebCore::RealtimeMediaSource::applyConstraints):
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
        (WebCore::RealtimeIncomingAudioSource::supportedConstraints): Deleted.
        * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::supportedConstraints): Deleted.
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
        * platform/mock/MockRealtimeMediaSource.h:
        (WebCore::MockRealtimeMediaSource::constraints): Deleted.

2017-05-16  Andy Estes  <aestes@apple.com>

        [Cocoa] Tell NEFilterSource about the presenting app's PID
        https://bugs.webkit.org/show_bug.cgi?id=172152
        <rdar://problem/32197740>

        Reviewed by Dan Bernstein.

        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::initialize):
        * platform/spi/cocoa/NEFilterSourceSPI.h:

2017-05-16  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Fix static position of positioned grid items
        https://bugs.webkit.org/show_bug.cgi?id=172108

        Reviewed by Sergio Villar Senin.

        This patch makes us follow the text on the spec
        (https://drafts.csswg.org/css-grid/#static-position):
        "The static position of an absolutely-positioned child
         of a grid container is determined as if it were the sole grid item
         in a grid area whose edges coincide with the padding edges
         of the grid container."

        Test: fast/css-grid-layout/absolute-positioning-grid-container-parent.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::prepareChildForPositionedLayout): Modified to avoid
        including padding to match the spec behavior.

2017-05-16  Per Arne Vollan  <pvollan@apple.com>

        Compile error, include file is not found.
        https://bugs.webkit.org/show_bug.cgi?id=172105

        Reviewed by Brent Fulgham.

        Use __has_include to detect if include file exists.

        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm:

2017-05-15  Andy Estes  <aestes@apple.com>

        Make the application PID available to WebCore
        https://bugs.webkit.org/show_bug.cgi?id=172133

        Reviewed by Andreas Kling.

        * CMakeLists.txt:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/RuntimeApplicationChecks.cpp: Added.
        (WebCore::presentingApplicationPIDOverride):
        (WebCore::presentingApplicationPID): Returns the override PID if set, or getCurrentProcessID()
        otherwise.
        (WebCore::setPresentingApplicationPID):
        * platform/RuntimeApplicationChecks.h:
        * platform/cocoa/RuntimeApplicationChecksCocoa.mm: Renamed from Source/WebCore/platform/RuntimeApplicationChecks.mm.

2017-05-15  Antti Koivisto  <antti@apple.com>

        RenderTheme does not need to be per-page
        https://bugs.webkit.org/show_bug.cgi?id=172116
        <rdar://problem/30426457>

        Reviewed by Zalan Bujtas.

        There are no implementations of RenderTheme::themeForPage that actually care about the page.
        It can be replaced with a singleton, simplifying a bunch of code.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::shadowRootCSSText):
        (WebCore::MediaControlsHost::base64StringForIconNameAndType):
        * css/CSSDefaultStyleSheets.cpp:
        (WebCore::CSSDefaultStyleSheets::loadFullDefaultStyle):
        (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):

            Fix a potential crash if we get here when page is null (though it doesn't appear to repro on trunk).

        * css/StyleColor.cpp:
        (WebCore::StyleColor::colorFromKeyword):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseSystemColor):
        * css/parser/CSSParser.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::consumeSystemFont):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAppearance):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
        * html/HTMLMeterElement.cpp:
        (WebCore::HTMLMeterElement::createElementRenderer):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::usesMenuList):
        (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
        (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::adjustInnerTextStyle):
        * html/InputType.cpp:
        (WebCore::InputType::themeSupportsDataListUI):
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::shouldHaveSpinButton):
        (WebCore::TextFieldInputType::shouldHaveCapsLockIndicator):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::setStrokeColor):
        (WebCore::CanvasRenderingContext2D::setFillColor):
        * html/canvas/CanvasStyle.cpp:
        (WebCore::parseColor):
        (WebCore::parseColorOrCurrentColor):
        (WebCore::CanvasStyle::createFromString):
        * html/canvas/CanvasStyle.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::startTimer):
        (WebCore::MediaControlPanelElement::makeOpaque):
        (WebCore::MediaControlPanelElement::makeTransparent):
        * html/shadow/MediaControls.cpp:
        (WebCore::MediaControls::reset):
        (WebCore::MediaControls::reportedError):
        (WebCore::MediaControls::updateCurrentTimeDisplay):
        * html/shadow/mac/ImageControlsButtonElementMac.cpp:
        (WebCore::ImageControlsButtonElementMac::tryCreate):
        * page/MemoryRelease.cpp:
        (WebCore::releaseNoncriticalMemory):
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::theme): Deleted.
        * platform/wpe/RenderThemeWPE.cpp:
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderTheme::themeForPage): Deleted.
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::theme):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::focusRingColor):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::defaultTheme): Deleted.
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderTheme::themeForPage): Deleted.
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderTheme::themeForPage): Deleted.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderTheme::themeForPage): Deleted.
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderTheme::singleton):
        (WebCore::RenderTheme::themeForPage): Deleted.
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle):

2017-05-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Do not delete asynchronously decoded frames for large images if their clients are in the viewport
        https://bugs.webkit.org/show_bug.cgi?id=170640

        Reviewed by Simon Fraser.

        The image flickering problem happens when a large image is visible in the
        view port and for some reason, the decoded frame gets destroyed. When this
        image is repainted, BitmapImage::draw() does not find a valid decoded frame
        for that image. It then requests an async decoding for the image and just
        draws nothing in the image rectangle. Drawing no content between two drawing
        phases in which the image is drawn causes the unwanted flickering.

        To fix this issue we need to protect the decoded frames of all the images
        in the view port from being destroyed. When BitmapImage::destroyDecodedData()
        is called, it is going to check, through the ImageObserver, whether any
        of its clients is visible. And if so, the current decoded frame won't be
        destroyed.

        Tests: Modifying existing tests.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::CachedImageObserver::decodedSizeChanged):
        (WebCore::CachedImage::CachedImageObserver::didDraw):
        (WebCore::CachedImage::CachedImageObserver::canDestroyDecodedData):
        (WebCore::CachedImage::CachedImageObserver::imageFrameAvailable):
        (WebCore::CachedImage::CachedImageObserver::changedInRect):
        (WebCore::CachedImage::decodedSizeChanged):
        (WebCore::CachedImage::didDraw):
        (WebCore::CachedImage::canDestroyDecodedData): Finds out whether it's okay
        to discard the image decoded data or not.
        (WebCore::CachedImage::imageFrameAvailable):
        (WebCore::CachedImage::changedInRect):
        * loader/cache/CachedImage.h:
        * loader/cache/CachedImageClient.h:
        (WebCore::CachedImageClient::canDestroyDecodedData):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::destroyDecodedDataForAllImages): This function is
        currently not used. Use in the internal destroyDecodedDataForAllImages()
        but unlike what CachedImage::destroyDecodedData() does, make it destroy
        the decoded frames without deleting the image itself.
        * loader/cache/MemoryCache.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedData):
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::canDestroyCurrentFrameDecodedData): 
        (WebCore::BitmapImage::advanceAnimation):
        (WebCore::BitmapImage::internalAdvanceAnimation):
        (WebCore::BitmapImage::imageFrameAvailableAtIndex):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::GraphicsContext3D::packImageData):
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::decodedSizeChanged):
        (ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): The assertion in this
        function is wrong. frameIsCompleteAtIndex() can be false when the an image
        decoding is requested but can be true when the decoding finishes.
        * platform/graphics/ImageObserver.h:
        * platform/graphics/cairo/ImageCairo.cpp:
        (WebCore::Image::drawPattern):
        * platform/graphics/cg/ImageCG.cpp:
        (WebCore::Image::drawPattern):
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::frameIsCompleteAtIndex):
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::decodedSizeChanged):
        (WebCore::PDFDocumentImage::draw):
        * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
        (WebCore::TextureMapperTiledBackingStore::updateContentsFromImageIfNeeded):
        * platform/graphics/win/ImageDirect2D.cpp:
        (WebCore::Image::drawPattern):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::isVisibleInDocumentRect):
        (WebCore::RenderElement::isVisibleInViewport):
        (WebCore::RenderElement::imageFrameAvailable):
        (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):
        (WebCore::RenderElement::shouldRepaintInVisibleRect): Deleted. Function
        is renamed to isVisibleInViewport() for better readability.
        * rendering/RenderElement.h:
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw):
        * svg/graphics/SVGImageClients.h:
        * testing/Internals.cpp:
        (WebCore::Internals::destroyDecodedDataForAllImages):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-15  Youenn Fablet  <youenn@apple.com>

        Simplify RealtimeMediaSource data production and state
        https://bugs.webkit.org/show_bug.cgi?id=171999

        Reviewed by Eric Carlson.

        RealtimeMediaSource takes 3 booleans:
        - m_isProducingData tells whether data is produced or not. In the case of capturing, it tells whether capture
          happens.
        - m_muted/m_enabled allows JS or WebKit level to start/stop the source.

        Changed MediaStream capture state computation so that capture is reported as follows:
        - m_isProducing is true, capture is happenning and is active
        - m_muted is true, capture is happening but is inactive.

        Except in the case of WebRTC incoming sources, for which sources may be created as muted as per the spec,
        all sources are unmuted, enabled and not producing data when created.

        RealtimeMediaSource is now activable either by calling start/stop or by calling setMuted/setEnabled.
        This in turns will set the boolean values accordingly and will call the underlying
        startProducingData/stopProducingData methods doing the actual stuff.

        Removing from all RealtimeMediaSource subclasses the handling of producing data.
        Making more methods non-virtual/member fields private to simplify the model.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::create):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::startProducingData):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::stopProducingData):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasDestroyed):
        (WebCore::CanvasCaptureMediaStreamTrack::Source::captureCanvas):
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::mediaState):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        (WebCore::MediaStreamTrackPrivate::startProducingData):
        (WebCore::MediaStreamTrackPrivate::stopProducingData):
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setMuted):
        (WebCore::RealtimeMediaSource::notifyMutedChange):
        (WebCore::RealtimeMediaSource::setEnabled):
        (WebCore::RealtimeMediaSource::start):
        (WebCore::RealtimeMediaSource::stop):
        (WebCore::RealtimeMediaSource::requestStop):
        (WebCore::RealtimeMediaSource::reset): Deleted.
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::AVMediaCaptureSource):
        (WebCore::AVMediaCaptureSource::captureSessionIsRunningDidChange):
        (WebCore::AVMediaCaptureSource::reset): Deleted.
        (WebCore::AVMediaCaptureSource::isProducingData): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        (WebCore::CoreAudioCaptureSource::audioSourceProvider):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
        (WebCore::MockRealtimeAudioSourceMac::render):
        (WebCore::MockRealtimeAudioSource::createMuted): Deleted.
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSource::createMuted): Deleted.
        * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
        (WebCore::RealtimeIncomingAudioSource::create):
        (WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):
        (WebCore::RealtimeIncomingAudioSource::~RealtimeIncomingAudioSource):
        (WebCore::RealtimeIncomingAudioSource::startProducingData):
        (WebCore::RealtimeIncomingAudioSource::stopProducingData):
        (WebCore::RealtimeIncomingAudioSource::setSourceTrack):
        * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::create):
        (WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):
        (WebCore::RealtimeIncomingVideoSource::startProducingData):
        (WebCore::RealtimeIncomingVideoSource::setSourceTrack):
        (WebCore::RealtimeIncomingVideoSource::stopProducingData):
        (WebCore::RealtimeIncomingVideoSource::OnFrame):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::setClient):
        * platform/mock/MockMediaEndpoint.cpp:
        (WebCore::MockMediaEndpoint::createMutedRemoteSource):
        (WebCore::MockMediaEndpoint::unmuteTimerFired):
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::createMuted):
        (WebCore::MockRealtimeAudioSource::startProducingData):
        (WebCore::MockRealtimeAudioSource::stopProducingData):
        * platform/mock/MockRealtimeAudioSource.h:
        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::MockRealtimeMediaSource::startProducingData): Deleted.
        (WebCore::MockRealtimeMediaSource::stopProducingData): Deleted.
        * platform/mock/MockRealtimeMediaSource.h:
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::createMuted):
        (WebCore::MockRealtimeVideoSource::startProducingData):
        (WebCore::MockRealtimeVideoSource::stopProducingData):
        (WebCore::MockRealtimeVideoSource::generateFrame):
        * platform/mock/MockRealtimeVideoSource.h:

2017-05-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Migrate Font constructor from bools to enums
        https://bugs.webkit.org/show_bug.cgi?id=172140

        Reviewed by Tim Horton.

        In https://bugs.webkit.org/show_bug.cgi?id=168487, I'm adding a new flag to Font. We can't
        keep having just a pile of bools in this class. Instead, we should be using enums.

        No new tests because there is no behavior change.

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::font):
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font):
        * css/CSSSegmentedFontFace.cpp:
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::createFont):
        * platform/graphics/Font.cpp:
        (WebCore::Font::Font):
        (WebCore::Font::verticalRightOrientationFont):
        (WebCore::Font::uprightOrientationFont):
        (WebCore::Font::brokenIdeographFont):
        (WebCore::Font::description):
        (WebCore::Font::mathData):
        * platform/graphics/Font.h:
        (WebCore::Font::create):
        (WebCore::Font::origin):
        (WebCore::Font::isInterstitial):
        (WebCore::Font::widthForGlyph):
        (WebCore::Font::isCustomFont): Deleted.
        (WebCore::Font::isLoading): Deleted.
        * platform/graphics/FontRanges.cpp:
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit):
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::Font::platformCreateScaledFont):
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        (WebCore::Font::platformInit):
        * platform/graphics/win/SimpleFontDataDirect2D.cpp:
        (WebCore::Font::platformInit):
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::Font::platformCreateScaledFont):
        (WebCore::Font::determinePitch):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForFontAndText):

2017-05-15  Youenn Fablet  <youenn@apple.com>

        WebRTC outgoing muted video sources should send black frames
        https://bugs.webkit.org/show_bug.cgi?id=170627
        <rdar://problem/31513869>

        Reviewed by Eric Carlson.

        Covered by updated test.

        Instead of sending one black frame and then another one asynchronously,
        we use the timer to send a black frame every second when outgoing source is muted.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
        (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFrames):
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFrame): Deleted.
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
        * testing/Internals.cpp:
        (WebCore::Internals::videoSampleAvailable):

2017-05-15  David Kilzer  <ddkilzer@apple.com>

        Crash in libxml2.2.dylib: xmlDictReference
        <https://webkit.org/b/172086>
        <rdar://problem/23643436>

        Reviewed by Daniel Bates.

        Speculative fix and code clean-up based on source code
        inspection.  The fix for the crash is in two parts that change
        XSLStyleSheet::parseString():
        1. Always set m_stylesheetDoc to nullptr after freeing it via
           XSLStyleSheet::clearXSLStylesheetDocument().
        2. Add nullptr check before using m_stylesheetDoc from parent.

        Broadly speaking, the changes are:
        - Extract code to reset m_stylesheetDoc into new private
          XSLStyleSheet::clearXSLStylesheetDocument() method.  There is
          a special contract between m_stylesheetDoc and
          m_stylesheetDocTaken that wasn't being followed every time.
          See comment in XSLStyleSheet::compileStyleSheet().
        - XSLStyleSheet::clearDocuments() now calls new
          clearXSLStylesheetDocument() method.  Previously, it was not
          checking or resetting m_stylesheetDocTaken, and it might have
          leaked an xmlDocPtr if m_stylesheetDoc was set and
          m_stylesheetDocTaken was false.
        - XSLStyleSheet::parseString() now calls new
          clearXSLStylesheetDocument() method.  Previously, it did not
          clear m_stylesheetDoc after freeing it, and it could return
          early due to a failure in xmlCreateMemoryParserCtxt().
        - In XSLStyleSheet::parseString() use checked arithmetic when
          calculating 'size' for xmlCreateMemoryParserCtxt() and
          xmlCtxtReadMemory().  This code used to do an implicit
          unsigned -> signed integer conversion that could overflow.
        - Always iterate m_children using an 'auto& import' variable.

        * xml/XSLStyleSheet.h:
        (WebCore::XSLStyleSheet::clearXSLStylesheetDocument): Add declaration.
        (WebCore::XSLStyleSheet::m_disabled): Add default initializer.
        (WebCore::XSLStyleSheet::m_stylesheetDoc): Ditto.
        (WebCore::XSLStyleSheet::m_stylesheetDocTaken): Ditto.
        (WebCore::XSLStyleSheet::m_parentStyleSheet): Ditto.

        * xml/XSLStyleSheetLibxslt.cpp:
        (WebCore::XSLStyleSheet::XSLStyleSheet): Get rid of redundant
        initializers.  Set m_parentStyleSheet if needed.
        (WebCore::XSLStyleSheet::~XSLStyleSheet): Call
        clearXSLStylesheetDocument() instead of custom code.  Switch
        m_children fast iteration to use 'auto& import' variable.
        (WebCore::XSLStyleSheet::isLoading): Switch m_children fast
        iteration to use 'auto& import' variable.
        (WebCore::XSLStyleSheet::clearDocuments): Call
        clearXSLStylesheetDocument() instead of setting m_stylesheetDoc
        to nullptr.  This might fix an occasional xmlDocPtr leak.
        (WebCore::XSLStyleSheet::clearXSLStylesheetDocument): Add.  This
        method always sets m_stylesheetDoc to nullptr (after freeing it
        if necessary) and sets m_stylesheetDocTaken to false.
        (WebCore::XSLStyleSheet::parseString): Call
        clearXSLStylesheetDocument().  Prior to this, m_stylesheetDoc
        might be left pointing to a freed value, and this method could
        return early if xmlCreateMemoryParserCtxt() failed.  Switch to
        using Checked<> to compute required buffer size to parse XSL
        stylesheet, and return early on overflow.  Clean up existing
        return statements to use boolean expressions.  Add nullptr check
        for m_parentStyleSheet->m_stylesheetDoc before using it.
        (WebCore::XSLStyleSheet::loadChildSheet): Get rid of local
        variable by calling loadSheet() from last array element.
        (WebCore::XSLStyleSheet::compileStyleSheet): Add debug assert
        that m_stylesheetDoc is not nullptr.

2017-05-15  Jer Noble  <jer.noble@apple.com>

        Add experimental setting to allow document gesture interaction to fulfill media playback gesture requirement
        https://bugs.webkit.org/show_bug.cgi?id=172131

        Reviewed by Eric Carlson.

        Test: media/restricted-audio-playback-with-document-gesture.html

        Move all calls to ScriptController::processingUserGestureForMedia() to the new Document equivalent. In Document,
        if the new setting is enabled, return true from processingUserGestureForMedia() if the top-level document has had
        a user gesture interaction.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::processingUserGestureForMedia):
        * Modules/mediastream/MediaStream.h:
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::processingUserGestureForMedia):
        (WebCore::AudioContext::willBeginPlayback):
        (WebCore::AudioContext::willPausePlayback):
        * Modules/webaudio/AudioContext.h:
        * dom/Document.cpp:
        (WebCore::Document::processingUserGestureForMedia):
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::load):
        (WebCore::HTMLMediaElement::audioTrackEnabledChanged):
        (WebCore::HTMLMediaElement::seekWithTolerance):
        (WebCore::HTMLMediaElement::play):
        (WebCore::HTMLMediaElement::playInternal):
        (WebCore::HTMLMediaElement::pause):
        (WebCore::HTMLMediaElement::pauseInternal):
        (WebCore::HTMLMediaElement::setMuted):
        (WebCore::HTMLMediaElement::webkitShowPlaybackTargetPicker):
        (WebCore::HTMLMediaElement::processingUserGestureForMedia):
        * html/HTMLMediaElement.h:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted):
        (WebCore::MediaElementSession::dataLoadingPermitted):
        (WebCore::MediaElementSession::fullscreenPermitted):
        (WebCore::MediaElementSession::canShowControlsManager):
        (WebCore::MediaElementSession::showPlaybackTargetPicker):
        * page/Settings.in:
        * platform/audio/PlatformMediaSession.h:

2017-05-15  Jer Noble  <jer.noble@apple.com>

        Only ever initialize LibWebRTCProvider's staticFactoryAndThreads() factories once.
        https://bugs.webkit.org/show_bug.cgi?id=172047

        Reviewed by Youenn Fablet.

        Wrap the initilization of the factories contained in staticFactoryAndThreads() in a call_once to ensure
        new factories aren't created every time it's called.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::staticFactoryAndThreads):

2017-05-15  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: CRASH seen with DOM.setOuterHTML when there is no documentElement
        https://bugs.webkit.org/show_bug.cgi?id=172135
        <rdar://problem/32175860>

        Reviewed by Brian Burg.

        Test: inspector/dom/setOuterHTML-no-document-element.html

        * inspector/DOMPatchSupport.cpp:
        (WebCore::DOMPatchSupport::patchDocument):
        Null check the document element which might not exist.

2017-05-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION (216471): Infinite repaint-drawing loop when asynchronously decoding incomplete image frames
        https://bugs.webkit.org/show_bug.cgi?id=171900

        Reviewed by Tim Horton.

        -- Don't destroy incomplete decoded image frames for large images. This
        is to avoid flickering while decoding another image frame with the new
        data. The old incomplete image frame will be destroyed once the newer one
        finishes decoding.

        -- Extend the enum ImageFrame::DecodingStatus by adding a new value called
        'Decoding'. This new value will never be cached in the ImageFrame::
        m_decodingStatus. Add a member m_currentFrameDecodingStatus to BitmapImage.
        The purpose of this member is to invalidate the current frame, without
        deleting it, when new encoded data is received.

        -- Don't wait until the native image is decoded to cache the ImageFrame
        decodingStatus. There is a big chance that more data arrives between
        starting the decoding and finishing it such that the decoding changes
        from Partial to Complete. We need to prevent keeping incomplete ImageFrames
        cached because we mistakenly assume they are complete. To fix this issue
        we need to know the ImageFrame decodingStatus when the decoding is requested.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedData):
        (WebCore::BitmapImage::dataChanged):
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::internalStartAnimation): At the beginning of this 
        function we check whether the next frame is being decoded or not and we 
        return DecodingActive if it is. Let's handle the second check here also 
        before requesting the decoding of nextFrame. We need to check whether the
        nextFrame has a native image with decoded with the native size or not.
        (WebCore::BitmapImage::internalAdvanceAnimation):
        (WebCore::BitmapImage::imageFrameAvailableAtIndex):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/ImageFrame.cpp:
        (WebCore::ImageFrame::operator=):
        (WebCore::ImageFrame::setDecodingStatus):
        (WebCore::ImageFrame::decodingStatus):
        * platform/graphics/ImageFrame.h:
        (WebCore::ImageFrame::isInvalid):
        (WebCore::ImageFrame::isPartial):
        (WebCore::ImageFrame::isComplete):
        (WebCore::ImageFrame::setDecoding): Deleted.
        (WebCore::ImageFrame::decoding): Deleted.
        (WebCore::ImageFrame::isEmpty): Deleted.
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::setNativeImage):
        (WebCore::ImageFrameCache::cacheMetadataAtIndex):
        (WebCore::ImageFrameCache::cacheNativeImageAtIndex):
        (WebCore::ImageFrameCache::cacheNativeImageAtIndexAsync):
        (WebCore::ImageFrameCache::startAsyncDecodingQueue):
        (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex):
        (WebCore::ImageFrameCache::stopAsyncDecodingQueue):
        (WebCore::ImageFrameCache::frameAtIndexCacheIfNeeded):
        (WebCore::ImageFrameCache::frameDecodingStatusAtIndex):
        (WebCore::ImageFrameCache::cacheFrameMetadataAtIndex): Deleted.
        (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::frameIsCompleteAtIndex): Deleted.
        * platform/graphics/ImageFrameCache.h:
        (WebCore::ImageFrameCache::ImageFrameRequest::operator==):
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::dataChanged):
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::destroyIncompleteDecodedData):
        (WebCore::ImageSource::requestFrameAsyncDecodingAtIndex): Let the caller
        decide whether another request for the same image frame is allowed or not.
        (WebCore::ImageSource::frameDecodingStatusAtIndex):
        (WebCore::ImageSource::frameIsCompleteAtIndex): Deleted.
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::frameDurationAtIndex):
        (WebCore::ImageDecoder::createFrameImageAtIndex):
        * platform/image-decoders/bmp/BMPImageReader.cpp:
        (WebCore::BMPImageReader::decodeBMP):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::clearFrameBufferCache):
        (WebCore::GIFImageDecoder::haveDecodedRow):
        (WebCore::GIFImageDecoder::frameComplete):
        (WebCore::GIFImageDecoder::initFrameBuffer):
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::outputScanlines):
        (WebCore::JPEGImageDecoder::jpegComplete):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable):
        (WebCore::PNGImageDecoder::pngComplete):
        (WebCore::PNGImageDecoder::clearFrameBufferCache):
        (WebCore::PNGImageDecoder::frameComplete):
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::decode):

2017-05-15  Chris Dumez  <cdumez@apple.com>

        Align WebKitCSSMatrix stringifier with spec for DOMMatrix
        https://bugs.webkit.org/show_bug.cgi?id=172114

        Reviewed by Simon Fraser.

        Align WebKitCSSMatrix stringifier with spec for DOMMatrix after:
        - https://github.com/w3c/fxtf-drafts/pull/148

        The following changes were made:
        - Use EcmaScript's ToString() to convert floating point values to string
        - Throw an invalid state error if the matrix contains non-finite values
        - Made WebKitCSSMatrix.toString enumerable as per [1].

        [1] https://heycam.github.io/webidl/#es-stringifier

        Test: fast/css/matrix-stringifier.html

        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::toString):
        * css/WebKitCSSMatrix.h:
        * css/WebKitCSSMatrix.idl:
        * platform/graphics/transforms/TransformationMatrix.cpp:
        (WebCore::TransformationMatrix::containsOnlyFiniteValues):
        * platform/graphics/transforms/TransformationMatrix.h:

2017-05-15  Mark Lam  <mark.lam@apple.com>

        WorkerRunLoop::Task::performTask() should check !scriptController->isTerminatingExecution().
        https://bugs.webkit.org/show_bug.cgi?id=171775
        <rdar://problem/30975761>

        Reviewed by Filip Pizlo.

        Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
        JS execution first, followed by posting a cleanup task to the worker, and lastly,
        it invokes terminate() on the WorkerRunLoop.

        As a result, before the run loop is terminated, the worker thread may observe the
        TerminatedExecutionException in JS code, bail out, see another JS task to run,
        re-enters the VM to run said JS code, and fails with an assertion due to the
        TerminatedExecutionException still being pending on VM entry.

        WorkerRunLoop::Task::performTask() already has a check to only allow a task to
        run if and only if !runLoop.terminated() and the task is not a clean up task.
        We'll fix the above race by changing WorkerRunLoop::Task::performTask() to check
        !context->script()->isTerminatingExecution() instead of !runLoop.terminated().
        Since WorkerThread::stop() always scheduleExecutionTermination() before it
        terminates the run loop, !context->script()->isTerminatingExecution() implies
        !runLoop.terminated().

        The only time that runLoop is terminated without scheduleExecutionTermination()
        being called is when WorkerThread::stop() is called before the WorkerThread has
        finished creating its WorkerGlobalScope.  In this scenario, WorkerThread::stop()
        will still terminate the run loop.  Hence, after the WorkerGlobalScope is created
        (in WorkerThread::workerThread()), we will check if the run loop has been
        terminated (i.e. stop() was called).  If so, we'll scheduleExecutionTermination()
        there, and guarantee that if runloop.terminated() is true, then
        context->script()->isTerminatingExecution() is also true.

        Solutions that were considered but did not work (recorded for future reference):

        1. In WorkerThread::stop(), call scheduleExecutionTermination() only after it
           posts the cleanup task and terminate the run loop.

           This did not work because this creates a race where the worker thread may run
           the cleanup task before WorkerThread::stop() finishes.  As a result, the
           scriptController may be deleted before we get to invoke scheduleExecutionTermination()
           on it, thereby resulting in a use after free.

           To make this work, we would have to change the life cycle management strategy
           of the WorkerScriptController.  This is a more risky change that we would
           want to take on at this time, and may also not be worth the gain.

        2. Break scheduleExecutionTermination() up into 2 parts i.e. WorkerThread::stop()
           will:
           1. set the scriptControllers m_isTerminatingExecution flag before
              posting the cleanup task and terminating the run loop, and
           2. invoke VM::notifyNeedsTermination() after posting the cleanup task and
              terminating the run loop.

           This requires that we protect the liveness of the VM until we can invoke
           notifyNeedsTermination() on it.

           This did not work because:
           1. We may end up destructing the VM in WorkerThread::stop() i.e. in the main
              web frame, but only the worker thread holds the JS lock for the VM.

              We can make the WorkerThread::stop() acquire the JS lock just before it
              releases the protected VM's RefPtr, but that would mean the main thread
              may be stuck waiting a bit for the worker thread to release its JSLock.
              This is not desirable.

           2. In practice, changing the liveness period of the Worker VM relative to its
              WorkerScriptController and WorkerGlobalScope also has unexpected
              ramifications.  We observed many worker tests failing with assertion
              failures and crashes due to this change.

           Hence, this approach is also a more risky change than it appears on the
           surface, and is not worth exploring at this time.

        In the end, changing WorkerRunLoop::Task::performTask() to check for
        !scriptController->isTerminatingExecution() is the most straight forward solution
        that is easy to prove correct.

        Also fixed a race in WorkerThread::workerThread() where it can delete the
        WorkerGlobalScope while WorkerThread::stop() is in the midst of accessing it.
        We now guard the the nullifying of m_workerGlobalScope with the
        m_threadCreationAndWorkerGlobalScopeMutex as well.

        UPDATE: the only new thing in this patch for re-landing (vs one previously landed)
        is that instead of nullifying m_workerGlobalScope directly (thereby deleting the
        WorkerGlobalScope context), we'll swap it out and delete it only after we've
        unlocked the m_threadCreationAndWorkerGlobalScopeMutex.  This is needed because
        the destruction of the WorkerGlobalScope will cause the main thread to race against
        the worker thread to delete the WorkerThread object, and the WorkerThread object
        owns the mutex that we need to unlock after nullifying the m_workerGlobalScope
        field.

        This issue is covered by an existing test that I just unskipped in TestExpectations.

        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::DeferredPromise::callFunction):

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::scheduleExecutionTermination):
        - Added a check to do nothing and return early if the scriptController is already
          terminating execution.

        * workers/WorkerRunLoop.cpp:
        (WebCore::WorkerRunLoop::runInMode):
        (WebCore::WorkerRunLoop::runCleanupTasks):
        (WebCore::WorkerRunLoop::Task::performTask):

        * workers/WorkerRunLoop.h:
        - Made Task::performTask() private and make Task befriend the WorkerRunLoop class.
          This ensures that only the WorkerRunLoop may call performTask().
          Note: this change only formalizes and hardens a relationship that was already
          in place before this.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::start):
        (WebCore::WorkerThread::workerThread):
        (WebCore::WorkerThread::stop):
        * workers/WorkerThread.h:
        - Renamed m_threadCreationMutex to m_threadCreationAndWorkerGlobalScopeMutex so
          that it more accurately describes what it guards.

2017-05-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Unicode characters which can't be rendered in any font are invisible
        https://bugs.webkit.org/show_bug.cgi?id=171942
        <rdar://problem/32054234>

        Reviewed by Tim Horton.

        There are some Unicode characters which don't have any font on the system which can render them.
        These characters should be drawn as the .notdef "tofu." This is for security and usability, as
        well as what Firefox and Chrome do. However, we still shouldn't draw characters with the
        Default_Ignorable_Code_Point property, because this is what CoreText does.

        This behavior is also what the Unicode spec recommends: In UTR #36 Unicode Security Considerations:
        http://www.unicode.org/reports/tr36/#Recommendations_General
        "If there is no available glyph for a character, never show a simple "?" or omit the character."

        Also relevant is the Unicode Standard section 5.3 Unknown and MIssing Characters, starting at page
        marked 203 in the following: http://www.unicode.org/versions/Unicode9.0.0/ch05.pdf

        Tests: fast/text/default-ignorable.html
               fast/text/unknown-char-notdef.html

        * platform/graphics/WidthIterator.cpp:
        (WebCore::characterMustDrawSomething):

2017-05-15  Timothy Horton  <timothy_horton@apple.com>

        Null deref under WebContentReader::readURL when interacting with a file URL
        https://bugs.webkit.org/show_bug.cgi?id=172045
        <rdar://problem/25880647>

        Reviewed by Wenson Hsieh.

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::WebContentReader::readURL):
        The AppSupport soft link was wrong, as there is no such framework in /System/Library/Frameworks.
        Thus, any time we hit this codepath, the soft linked function would be null, and calling it would crash.
        Instead of just fixing the soft link, remove the code, because it does not seem necessary to
        special-case fileURLs to images in the media directory.

2017-05-15  Eric Carlson  <eric.carlson@apple.com>

        ASSERTION FAILED: wasRemoved in WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver(DevicesChangedObserverToken)
        https://bugs.webkit.org/show_bug.cgi?id=171529
        <rdar://problem/31945791>

        Reviewed by Jer Noble.

        No new tests, fixes a crash in existing tests.

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::MediaDevices): Use a weak ptr.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::observerMap):  Use a static hash map for observers because the
        source center can change at runtime.
        (WebCore::RealtimeMediaSourceCenter::addDevicesChangedObserver):
        (WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver):
        (WebCore::RealtimeMediaSourceCenter::captureDevicesChanged):

2017-05-15  Brent Fulgham  <bfulgham@apple.com>

        [iOS WK1] Do not try to dispatch messages to subframes if their documents have not been constructed yet.
        https://bugs.webkit.org/show_bug.cgi?id=172059
        <rdar://problem/31963192>

        Reviewed by Zalan Bujtas.

        On iOS WK1 we can end up in an inconsistent state, where
        1. The web thread is inside a newly-injected iframe's document's constructor and
        2. waiting on a delegate callback on the main thread
        while the main thread
        (a) Evaluates arbitrary JavaScript that modifies storage which
        (b) Triggers an event dispatch.
 
        * storage/StorageEventDispatcher.cpp:
        (WebCore::StorageEventDispatcher::dispatchSessionStorageEvents): If the sub-frame's document
        is in an inconsistent state, skip it.
        (WebCore::StorageEventDispatcher::dispatchLocalStorageEvents): Ditto.
        (WebCore::StorageEventDispatcher::dispatchSessionStorageEventsToFrames): Ditto.
        (WebCore::StorageEventDispatcher::dispatchLocalStorageEventsToFrames): Ditto.

2017-05-15  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Leading whitespace followed by a <br> produces an extra linebreak.
        https://bugs.webkit.org/show_bug.cgi?id=172076

        Reviewed by Antti Koivisto.

        When the collapsed whitespace does not fit the line, we need to push it to the next line
        so that we can decide whether any soft/hard linebreak should be skipped (to avoid double line breaks) or not.

        Test: fast/text/simple-line-layout-leading-whitespace-with-soft-hard-linebreak.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::consumeLineBreakIfNeeded): special handling <br>
        (WebCore::SimpleLineLayout::firstFragment): Now we need to deal with leading collapsed whitespace.
        (WebCore::SimpleLineLayout::createLineRuns): We need to push even the collapsed whitespace to the next line.

2017-05-15  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>

        Invalid MediaSource duration value should throw TyperError instead of InvalidStateError
        https://bugs.webkit.org/show_bug.cgi?id=171653

        Reviewed by Chris Dumez.

        Modify MediaSource::setDuration to throw a TypeError when duration value is invalid as per MSE specification
        (https://www.w3.org/TR/2016/REC-media-source-20161117/#dom-mediasource-duration).

        Update expectations of corresponding WPT test.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::setDuration):
        (WebCore::MediaSource::setDurationInternal):

2017-05-15  Gwang Yoon Hwang  <yoon@igalia.com>

        [CAIRO] Painting an image mask with a matrix above Pixman's limit breaks internal states of Cairo
        https://bugs.webkit.org/show_bug.cgi?id=169094

        Reviewed by Žan Doberšek.

        It is the same problem which addressed in r212431.
        In HiDPI situation, it happens easily due to the size of coordinates.
        Also, if this bug happens, it will break the rendering continuously
        since we are reusing graphics contexts to render webpages in same
        webview.

        Test: fast/hidpi/hidpi-long-page-with-inset-element.html

        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::PlatformContextCairo::pushImageMask):
        We can avoid the limit of the Pixman by reducing the source surface's
        size, and it will create a minimal pattern matrix.

2017-05-14  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed build fix with newer Perl versions.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddLegacyCallerOperationIfNeeded): Support for experimental push on scalar (and
        other auto-dereferencing) was removed in Perl 5.24. Instead, the LegacyCallers array
        has to be dereferenced when pushing new values to it.

2017-05-14  Sam Weinig  <sam@webkit.org>

        [WebIDL/DOM] Remove need for custom bindings for HTMLAllCollection and bring up to spec
        https://bugs.webkit.org/show_bug.cgi?id=172095

        Reviewed by Darin Adler.

        - Adds support for the legacycaller WebIDL special annotation.
        - Updates implementation of HTMLAllCollection to match the current HTML spec.

        Test: fast/dom/document-all.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSHTMLAllCollectionCustom.cpp: Removed.
        Removed JSHTMLAllCollectionCustom.cpp

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateInterface):
        (AddLegacyCallerOperationIfNeeded):
        Before code generation, clone all the legacycaller operations and put them
        in their own set, so they can form an overload set.
        
        (AddStringifierOperationIfNeeded):
        Use IDLParser::cloneType as the FIXME suggested.

        (GenerateHeader):
        Group call related functionality together and use new IsCallable predicate.

        (GenerateOverloadedFunctionOrConstructor):
        Generalize a little bit to allow the function being overloaded to be an overloaded legacycaller.

        (GenerateImplementation):
        Add call to generate the legacycaller code.

        (GenerateLegacyCallerDefinitions):
        (GenerateLegacyCallerDefinition):
        Generate the legacycaller definition, using GenerateArgumentsCountCheck, GenerateParametersCheck
        and GenerateImplementationFunctionCall to do all the heavy lifting.

        (IsCallable):
        Add helper predicate for both custom calls and legacycaller.

        * bindings/scripts/IDLParser.pm:
        (cloneType):.
        (cloneArgument):.
        (cloneOperation):
        Add cloning functions for IDLArgument and IDLOperation, and make IDLType's
        clone feasible for calling outside the package by removing the unneeded 
        self parameter.

        * bindings/scripts/test/JS/JSTestObj.cpp
        * bindings/scripts/test/JS/JSTestObj.h
        * bindings/scripts/test/TestObj.idl:
        Add testing of legacycaller overloading.

        * dom/Document.cpp:
        (WebCore::Document::allFilteredByName):
        * dom/Document.h:
        Add new collection access for the HTMLAllNamedSubCollection.

        * html/CachedHTMLCollection.h:
        (WebCore::nameShouldBeVisibleInDocumentAll):
        Update list of tags to match the current spec.

        * html/CollectionType.h:
        Add new type for HTMLAllNamedSubCollection.

        * html/GenericCachedHTMLCollection.cpp:
        (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
        Specify that DocumentAllNamedItems does not want
        the default elementMatches.
 
        * html/HTMLAllCollection.cpp:
        (WebCore::HTMLAllCollection::namedOrIndexedItemOrItems):
        (WebCore::HTMLAllCollection::namedItemOrItems):
        (WebCore::HTMLAllNamedSubCollection::~HTMLAllNamedSubCollection):
        (WebCore::HTMLAllNamedSubCollection::elementMatches):
        * html/HTMLAllCollection.h:
        Move implementations from the custom binding, and re-implement to
        match the spec. Alternate names to item/namedItem were needed to not
        shadow the existing ones in HTMLCollection. HTMLAllNamedSubCollection
        is a simple HTMLCollection that matches on a name, following the rules
        of document.all about which tags can have name attributes.

        * html/HTMLAllCollection.idl:
        Remove custom annotations and add legacycaller which is now supported.

        * html/HTMLCollection.cpp:
        (WebCore::invalidationTypeExcludingIdAndNameAttributes):
        (WebCore::HTMLCollection::~HTMLCollection):
        Add DocumentAllNamedItems.

2017-05-14  Zalan Bujtas  <zalan@apple.com>

        Remove unused lambda in TextFragmentIterator::TextFragment::split() and cleanup dependencies.
        https://bugs.webkit.org/show_bug.cgi?id=172089

        Reviewed by David Kilzer.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::splitWithHyphen):

2017-05-13  David Kilzer  <ddkilzer@apple.com>

        Unused lambda in JSWebKitSubtleCrypto::wrapKey()
        <https://webkit.org/b/172087>

        Reviewed by Chris Dumez.

        Fixes the following warning with newer clang:

            Source/WebCore/bindings/js/JSWebKitSubtleCryptoCustom.cpp:594:35: error: lambda capture 'keyFormat' is not used [-Werror,-Wunused-lambda-capture]
                auto exportSuccessCallback = [keyFormat, algorithm, parameters, wrappingKey, wrapper](const Vector<uint8_t>& exportedKeyData) mutable {
                                              ^

        * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
        (WebCore::JSWebKitSubtleCrypto::wrapKey): Remove unused lambda.

2017-05-13  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] deviceId constraint doesn't work with getUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=171877
        <rdar://problem/31899730>

        Reviewed by Jer Noble.

        Test: fast/mediastream/get-user-media-device-id.html

        * Modules/mediastream/MediaConstraintsImpl.h:
        (WebCore::MediaConstraintsData::MediaConstraintsData): Add a constructor that 
        takes a const MediaConstraints&.

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::~MediaDevices): m_deviceChangedToken is a std::optional<>.
        * Modules/mediastream/MediaDevices.h:

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        (WebCore::MediaDevicesEnumerationRequest::topLevelDocumentOrigin): Don't return
        NULL for the main frame so the origin matches that returned for a UserMediaRequest.

        * Modules/mediastream/UserMediaController.h:
        (WebCore::UserMediaController::setDeviceIDHashSalt): Deleted, not used.
        (WebCore::UserMediaController::deviceIDHashSalt): Deleted, not used.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow): Add device ID hash salt parameter, set it on
        constraints.
        * Modules/mediastream/UserMediaRequest.h:

        * platform/mediastream/MediaConstraints.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::fitnessDistance): ASSERT if called for DeviceId.
        (WebCore::RealtimeMediaSource::selectSettings): Special case DeviceId because it
        we have to hash the device ID before comparing, and because the DeviceId can't be
        changed so it should never be added to the flattened constraints.
        (WebCore::RealtimeMediaSource::supportsConstraints):
        (WebCore::RealtimeMediaSource::applyConstraints):
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Implement.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.cpp:
        (WebCore::RealtimeMediaSourceSupportedConstraints::nameForConstraint): Deleted, unused.
        (WebCore::RealtimeMediaSourceSupportedConstraints::constraintFromName): Deleted, unused.
        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.h:

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints): Pass device
        id, not empty string.
        (WebCore::RealtimeMediaSourceCenterMac::validateRequestConstraints): Deleted.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints): Deleted.
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2017-05-13  Chris Dumez  <cdumez@apple.com>

        Stop using RefPtr::release()
        https://bugs.webkit.org/show_bug.cgi?id=172074

        Reviewed by Geoffrey Garen.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::FontVariantLigaturesParser::finalizeValue):
        (WebCore::FontVariantNumericParser::finalizeValue):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::CalcParser::consumeValue):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::create):
        * loader/archive/mhtml/MHTMLArchive.cpp:
        (WebCore::MHTMLArchive::generateMHTMLData):
        * loader/archive/mhtml/MHTMLArchive.h:
        * loader/archive/mhtml/MHTMLParser.cpp:
        (WebCore::MHTMLParser::parseArchiveWithHeader):
        * platform/audio/ios/AudioFileReaderIOS.cpp:
        (WebCore::AudioFileReader::createBus):
        * platform/glib/SharedBufferGlib.cpp:
        (WebCore::SharedBuffer::createFromReadingFile):
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::create):
        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::copyCairoImageSurface):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::getImageData):
        * platform/graphics/gtk/IconGtk.cpp:
        (WebCore::Icon::createIconForFiles):
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/win/SharedBufferWin.cpp:
        (WebCore::SharedBuffer::createFromReadingFile):

2017-05-13  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Implement the place-self shorthand
        https://bugs.webkit.org/show_bug.cgi?id=168846

        Reviewed by Zalan Bujtas.

        The CSS Box Alignment specification defines a new shorthand to set the
        Content Alignment properties (align-self and justify-self) at the
        same time.

        This patch provides the implementation of the CSS parsing logic and the
        required regression tests.

        Test: css3/parse-place-self.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSProperties.json:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::consumePlaceSelfShorthand):
        (WebCore::CSSPropertyParser::parseShorthand):
        * css/parser/CSSPropertyParser.h:

2017-05-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216801.
        https://bugs.webkit.org/show_bug.cgi?id=172072

        Many memory corruption crashes on worker threads (Requested by
        ap on #webkit).

        Reverted changeset:

        "WorkerRunLoop::Task::performTask() should check
        !scriptController->isTerminatingExecution()."
        https://bugs.webkit.org/show_bug.cgi?id=171775
        http://trac.webkit.org/changeset/216801

2017-05-13  Zalan Bujtas  <zalan@apple.com>

        AccessibilityRenderObject::textUnderElement needs to assert on unclean tree.
        https://bugs.webkit.org/show_bug.cgi?id=172065

        Reviewed by Simon Fraser.

        r192103 changed the assert logic incorrectly. If the tree is dirty, regardless of the renderer's type,
        TextIterator will end up forcing style update/layout on the render tree.
        The original assert would have hit with bug 171546 prior to r216726.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::textUnderElement):

2017-05-12  Simon Fraser  <simon.fraser@apple.com>

        event.clientX/clientY should be in layout viewport coordinates
        https://bugs.webkit.org/show_bug.cgi?id=172018

        Reviewed by Zalan Bujtas.

        Fix clientX and clientY on mouse events to be relative to the layout viewport, to match
        getBoundingClientRect(), getClientRects() and fixed-position objects.

        Also minor cleanup of MouseRelatedEvent to use initializers.

        Test: fast/visual-viewport/client-coordinates-relative-to-layout-viewport.html

        * dom/MouseRelatedEvent.cpp:
        (WebCore::MouseRelatedEvent::MouseRelatedEvent):
        (WebCore::MouseRelatedEvent::init):
        (WebCore::MouseRelatedEvent::initCoordinates):
        (WebCore::contentsScrollOffset): Deleted.
        * dom/MouseRelatedEvent.h:

2017-05-12  Sam Weinig  <sam@webkit.org>

        [WebIDL] Remove need for custom binding for Worker constructor
        https://bugs.webkit.org/show_bug.cgi?id=172050

        Reviewed by Chris Dumez.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSWorkerCustom.cpp: Removed.
        Remove JSWorkerCustom.cpp

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateCallWith):
        * bindings/scripts/IDLAttributes.json:
        Add RuntimeFlags as a new option for the ConstructorCallWith extended attribute.

        * workers/Worker.cpp:
        (WebCore::Worker::create):
        * workers/Worker.h:
        Update order of arguments to appease the generator.

        * workers/Worker.idl:
        Add extended attributes for the constructor.

2017-05-12  Simon Fraser  <simon.fraser@apple.com>

        The rects returned by Element/Range.getClientRects() should not be rounded
        https://bugs.webkit.org/show_bug.cgi?id=172057

        Reviewed by Chris Dumez.

        Fix createDOMRectVector() to not expand the rects to integer boundaries (which
        quad.enclosingBoundingBox() does), but to return rects with floating point
        values. This matches Chrome and Firefox, and matches getBoundingClientRect(),
        which does not integral snap.

        * dom/DOMRect.cpp:
        (WebCore::createDOMRectVector):

2017-05-12  Jiewen Tan  <jiewen_tan@apple.com>

        Elements should be inserted into a template element as its content's last child
        https://bugs.webkit.org/show_bug.cgi?id=171373
        <rdar://problem/31862949>

        Reviewed by Ryosuke Niwa.

        Before this change, our HTML parser obeys the following premises:
        1) A fostering child whose parent is a table should be inserted before its parent and under its grandparent.
        2) When inserting into a template element, an element should be inserted into its content.

        Let's walk through the example:
        a) Before eventhandler takes place
        template
        table
            svg <- parser
        b) After eventhandler takes place
        template
            table
                svg <- parser
        c) after parsing svg
        template
            content
                svg
                (table)
            table

        Finally, in the example, the svg element will be inserted into the content of the template element while
        having its next sibling point to the table element. However, the table element is actually under the
        template element not its content.

        This messy tree is constructed because the second premise is incompleted. It should be: When inserting into
        a template element, an element should be inserted into its content as its last child.
        Quoted from Step 3 of https://html.spec.whatwg.org/multipage/syntax.html#appropriate-place-for-inserting-a-node
        A correct tree will then looks like:
        template
            content
                svg
            table

        Tests: fast/dom/HTMLTemplateElement/insert-fostering-child-crash.html
               fast/dom/HTMLTemplateElement/insert-fostering-child.html

        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::insert):
        By nullifying task.nextChild, it will force the parser to append the element as task.parent's last child.

2017-05-12  Alex Christensen  <achristensen@webkit.org>

        Rename WKContentExtension to WKContentRuleList
        https://bugs.webkit.org/show_bug.cgi?id=172053
        <rdar://problem/32141005>

        Reviewed by Geoffrey Garen.

        Covered by existing API tests.

        * English.lproj/Localizable.strings:

2017-05-12  Timothy Horton  <timothy_horton@apple.com>

        Don't use LinkPresentation URL shortening if it's not available
        https://bugs.webkit.org/show_bug.cgi?id=172064
        <rdar://problem/32169232>

        Rubber-stamped by Wenson Hsieh.

        * platform/mac/DragImageMac.mm:
        (WebCore::LinkImageLayout::LinkImageLayout):
        * platform/spi/cocoa/LinkPresentationSPI.h:

2017-05-11  Simon Fraser  <simon.fraser@apple.com>

        Incorrect position when dragging jQuery Draggable elements with position fixed after pinch zoom
        https://bugs.webkit.org/show_bug.cgi?id=171113
        rdar://problem/31746516

        Reviewed by Tim Horton.

        Make getBoundingClientRect() and getClientRects() return rects which are relative to the layout
        viewport, rather than the visual viewport. This goes part of the way to fixing webkit.org/b/170981,
        which aims to make pinch-zoom invisible to web pages ("inert visual viewport"). It fixes issues on various
        sites like Facebook when zoomed.

        Factor coordinate conversion code into functions on FrameView, which now documents
        the various coordinate systems in a big comment. Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale()
        and Document::adjustFloatRectForScrollAndAbsoluteZoomAndFrameScale() are renamed and factored
        to use these helpers.

        There are two behavior changes here:

        1. FrameView::documentToClientOffset() now uses the origin of the layout viewport in the "document to client"
           coordinate mapping.
           
        2. The two document functions would apply the scale and offset in the wrong order. We need
           to first undo the effects of CSS zoom, page zoom and page scale, and then map from document
           to client coordinates.

        Tests: fast/visual-viewport/client-rects-relative-to-layout-viewport.html
               fast/zooming/client-rects-with-css-and-page-zoom.html

        * dom/Document.cpp:
        (WebCore::Document::convertAbsoluteToClientQuads):
        (WebCore::Document::convertAbsoluteToClientRect):
        (WebCore::Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale): Deleted.
        (WebCore::Document::adjustFloatRectForScrollAndAbsoluteZoomAndFrameScale): Deleted.
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::getClientRects):
        (WebCore::Element::getBoundingClientRect):
        * dom/Range.cpp:
        (WebCore::Range::borderAndTextQuads):
        * page/FrameView.cpp:
        (WebCore::FrameView::absoluteToDocumentScaleFactor):
        (WebCore::FrameView::absoluteToDocumentRect):
        (WebCore::FrameView::absoluteToDocumentPoint):
        (WebCore::FrameView::documentToClientOffset):
        (WebCore::FrameView::documentToClientRect):
        (WebCore::FrameView::documentToClientPoint):
        * page/FrameView.h:
        * platform/ScrollableArea.h: #pragma once
        * platform/Scrollbar.h: #pragma once
        * platform/Widget.h: #pragma once

2017-05-12  Mark Lam  <mark.lam@apple.com>

        WorkerRunLoop::Task::performTask() should check !scriptController->isTerminatingExecution().
        https://bugs.webkit.org/show_bug.cgi?id=171775
        <rdar://problem/30975761>

        Reviewed by Saam Barati.

        Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
        JS execution first, followed by posting a cleanup task to the worker, and lastly,
        it invokes terminate() on the WorkerRunLoop.

        As a result, before the run loop is terminated, the worker thread may observe the
        TerminatedExecutionException in JS code, bail out, see another JS task to run,
        re-enters the VM to run said JS code, and fails with an assertion due to the
        TerminatedExecutionException still being pending on VM entry.

        WorkerRunLoop::Task::performTask() already has a check to only allow a task to
        run if and only if !runLoop.terminated() and the task is not a clean up task.
        We'll fix the above race by changing WorkerRunLoop::Task::performTask() to check
        !context->script()->isTerminatingExecution() instead of !runLoop.terminated().
        Since WorkerThread::stop() always scheduleExecutionTermination() before it
        terminates the run loop, !context->script()->isTerminatingExecution() implies
        !runLoop.terminated().

        The only time that runLoop is terminated without scheduleExecutionTermination()
        being called is when WorkerThread::stop() is called before the WorkerThread has
        finished creating its WorkerGlobalScope.  In this scenario, WorkerThread::stop()
        will still terminate the run loop.  Hence, after the WorkerGlobalScope is created
        (in WorkerThread::workerThread()), we will check if the run loop has been
        terminated (i.e. stop() was called).  If so, we'll scheduleExecutionTermination()
        there, and guarantee that if runloop.terminated() is true, then
        context->script()->isTerminatingExecution() is also true.

        Solutions that were considered but did not work (recorded for future reference):

        1. In WorkerThread::stop(), call scheduleExecutionTermination() only after it
           posts the cleanup task and terminate the run loop.

           This did not work because this creates a race where the worker thread may run
           the cleanup task before WorkerThread::stop() finishes.  As a result, the
           scriptController may be deleted before we get to invoke scheduleExecutionTermination()
           on it, thereby resulting in a use after free.

           To make this work, we would have to change the life cycle management strategy
           of the WorkerScriptController.  This is a more risky change that we would
           want to take on at this time, and may also not be worth the gain.

        2. Break scheduleExecutionTermination() up into 2 parts i.e. WorkerThread::stop()
           will:
           1. set the scriptControllers m_isTerminatingExecution flag before
              posting the cleanup task and terminating the run loop, and
           2. invoke VM::notifyNeedsTermination() after posting the cleanup task and
              terminating the run loop.

           This requires that we protect the liveness of the VM until we can invoke
           notifyNeedsTermination() on it.

           This did not work because:
           1. We may end up destructing the VM in WorkerThread::stop() i.e. in the main
              web frame, but only the worker thread holds the JS lock for the VM.

              We can make the WorkerThread::stop() acquire the JS lock just before it
              releases the protected VM's RefPtr, but that would mean the main thread
              may be stuck waiting a bit for the worker thread to release its JSLock.
              This is not desirable.

           2. In practice, changing the liveness period of the Worker VM relative to its
              WorkerScriptController and WorkerGlobalScope also has unexpected
              ramifications.  We observed many worker tests failing with assertion
              failures and crashes due to this change.

           Hence, this approach is also a more risky change than it appears on the
           surface, and is not worth exploring at this time.

        In the end, changing WorkerRunLoop::Task::performTask() to check for
        !scriptController->isTerminatingExecution() is the most straight forward solution
        that is easy to prove correct.

        Also fixed a race in WorkerThread::workerThread() where it can delete the
        WorkerGlobalScope while WorkerThread::stop() is in the midst of accessing it.
        We now guard the the nullifying of m_workerGlobalScope with the
        m_threadCreationAndWorkerGlobalScopeMutex as well.

        This issue is covered by an existing test that I just unskipped in TestExpectations.

        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::DeferredPromise::callFunction):

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::scheduleExecutionTermination):
        - Added a check to do nothing and return early if the scriptController is already
          terminating execution.

        * workers/WorkerRunLoop.cpp:
        (WebCore::WorkerRunLoop::runInMode):
        (WebCore::WorkerRunLoop::runCleanupTasks):
        (WebCore::WorkerRunLoop::Task::performTask):

        * workers/WorkerRunLoop.h:
        - Made Task::performTask() private and make Task befriend the WorkerRunLoop class.
          This ensures that only the WorkerRunLoop may call performTask().
          Note: this change only formalizes and hardens a relationship that was already
          in place before this.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::start):
        (WebCore::WorkerThread::workerThread):
        (WebCore::WorkerThread::stop):
        * workers/WorkerThread.h:
        - Renamed m_threadCreationMutex to m_threadCreationAndWorkerGlobalScopeMutex so
          that it more accurately describes what it guards.

2017-05-12  Zalan Bujtas  <zalan@apple.com>

        [iOS WK1] Do not try to layout a subframe if its document has not been constructed yet.
        https://bugs.webkit.org/show_bug.cgi?id=172042
        <rdar://problem/32084098>

        Reviewed by Antti Koivisto.

        On iOS WK1 we can end up in an inconsistent state, where 
        1. the web thread is inside a newly injected iframe's document's c'tor and 
        2. waiting on a delegate callback on the main thread
        while the main thread
        1. executes a pending didLayout() task
        2. triggers layout on the newly injected iframe.

        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetPosition):

2017-05-11  Jiewen Tan  <jiewen_tan@apple.com>

        Check existence of a page before accessing its plugins
        https://bugs.webkit.org/show_bug.cgi?id=171712
        <rdar://problem/32007806>

        Reviewed by Brent Fulgham.

        Test: plugins/navigator-plugin-crash.html

        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::item):
        (WebCore::DOMPlugin::namedItem):

2017-05-12  Simon Fraser  <simon.fraser@apple.com>

        Add some logging for layer tree commits, and resize and orientation change events
        https://bugs.webkit.org/show_bug.cgi?id=172041

        Reviewed by Tim Horton.

        Add some logging that's useful during rotation investigations.

        * dom/Document.cpp:
        (WebCore::Document::orientationChanged):
        * page/FrameView.cpp:
        (WebCore::FrameView::sendResizeEventIfNeeded):

2017-05-12  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Add ReadableStreamBYOBReader closed getter
        https://bugs.webkit.org/show_bug.cgi?id=172024

        Reviewed by Youenn Fablet.

        Added tests to check closed getter behaviour.

        * Modules/streams/ReadableStreamBYOBReader.js:
        (closed): Implemented.

2017-05-12  Andreas Kling  <akling@apple.com>

        MediaResourceLoader shouldn't keep its HTMLMediaElement alive.
        https://bugs.webkit.org/show_bug.cgi?id=172032
        <rdar://problem/30816144>

        Reviewed by Joseph Pecoraro.

        Use a WeakPtr<HTMLMediaElement> in MediaResourceLoader instead, since the loader
        is retained by a NSURLSession object we hand over to AVFoundation.

        This prevents AVFoundation from keeping entire documents alive outside our control.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::createWeakPtr):
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::MediaResourceLoader):
        (WebCore::MediaResourceLoader::requestResource):
        * loader/MediaResourceLoader.h:

2017-05-12  Andreas Kling  <akling@apple.com>

        Memory pressure response should only do sync bmalloc scavenge in sync mode.
        https://bugs.webkit.org/show_bug.cgi?id=172035

        Reviewed by Michael Saboff.

        Only call WTF::releaseFastMallocFreeMemory() and his threading-related friends
        when releaseMemory() is invoked with Synchronous::Yes, or if it's a critical
        pressure response (maintaining the behavior added in r215775.)

        * page/MemoryRelease.cpp:
        (WebCore::releaseMemory):

2017-05-12  Daniel Bates  <dabates@apple.com>

        Cleanup: Use Ref instead of RefPtr to hold DOMWrapperWorld
        https://bugs.webkit.org/show_bug.cgi?id=171988

        Reviewed by Chris Dumez.

        * bindings/js/JSCustomElementInterface.cpp:
        (WebCore::JSCustomElementInterface::JSCustomElementInterface):
        (WebCore::JSCustomElementInterface::upgradeElement):
        (WebCore::JSCustomElementInterface::invokeCallback):
        * bindings/js/JSCustomElementInterface.h:
        * bindings/js/JSMutationCallback.cpp:
        (WebCore::JSMutationCallback::JSMutationCallback):
        (WebCore::JSMutationCallback::call):
        * bindings/js/JSMutationCallback.h:
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::ScheduledAction):
        (WebCore::ScheduledAction::execute):
        * bindings/js/ScheduledAction.h:
        (WebCore::ScheduledAction::ScheduledAction):
        * page/DOMWindowExtension.cpp:
        (WebCore::DOMWindowExtension::DOMWindowExtension):
        * page/DOMWindowExtension.h:
        (WebCore::DOMWindowExtension::world):

2017-05-12  Daniel Bates  <dabates@apple.com>

        Cleanup: Make QueueTaskToEventLoopFunctionPtr take JSGlobalObject&
        https://bugs.webkit.org/show_bug.cgi?id=172021

        Reviewed by Mark Lam.

        * bindings/js/JSDOMGlobalObjectTask.cpp: Include header JSDOMGlobalObject.h.
        (WebCore::JSGlobalObjectTask::JSGlobalObjectTask): Change type of first argument from JSDOMGlobalObject*
        to JSDOMGlobalObject& and update code as necessary. Also, use C++11 brace initialization syntax
        for member initializer list.
        * bindings/js/JSDOMGlobalObjectTask.h: Remove header JSDOMGlobalObject.h and forward declare
        JSDOMGlobalObject and JSC::Microtask.
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowMicrotaskCallback::create):
        (WebCore::JSDOMWindowMicrotaskCallback::JSDOMWindowMicrotaskCallback): Change type of first argument
        from JSDOMWindowBase* to JSDOMWindowBase& and update code as necessary. Also, use C++11 brace
        initialization syntax for member initializer list.
        (WebCore::JSDOMWindowBase::queueTaskToEventLoop):
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop):
        * bindings/js/JSWorkerGlobalScopeBase.h:

2017-05-12  Jer Noble  <jer.noble@apple.com>

        [MediaStream] Streams while play while page is in background can get "stuck" when page is forgrounded.
        https://bugs.webkit.org/show_bug.cgi?id=172022

        Reviewed by Youenn Fablet.

        When an AVSampleBufferDisplayLayer is disconnected from the CA renderer, none of its samples will be decoded
        and enqueued for rendering. Once the layer is attached to a renderer again, it's stuffed full of samples which
        will never be decoded as their decode time has long passed.

        Pass the visibility state of the element through to the MediaPlayer so that MediaPlayerPrivateMediaStreamAVFObjC
        can flush its renderers when going from not visible -> visible.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::visibilityStateChanged):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVisible):
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::updatePlayer):

2017-05-12  Per Arne Vollan  <pvollan@apple.com>

        Unreviewed Windows build fix.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:

2017-05-12  Antti Koivisto  <antti@apple.com>

        Updating class name of a shadow host does not update the style applied by descendants of :host()
        https://bugs.webkit.org/show_bug.cgi?id=170762
        <rdar://problem/31572668>

        Reviewed by Ryosuke Niwa.

        We need to invalidate shadow tree style when host classes or attributes change if it may be
        affected by host rules.

        Test: fast/shadow-dom/css-scoping-host-class-and-attribute-mutation.html

        * css/RuleSet.cpp:
        (WebCore::isHostSelectorMatchingInShadowTree):
        (WebCore::RuleSet::addRule):

            Check if we have :host selectors that affect shadow tree.

        * css/RuleSet.h:
        (WebCore::RuleSet::hasHostPseudoClassRulesMatchingInShadowTree):
        * style/AttributeChangeInvalidation.cpp:
        (WebCore::Style::mayBeAffectedByHostRules):
        (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):

            Invalidate the whole subtree if there is a class change that may affect shadow tree style.

        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::mayBeAffectedByHostRules):
        (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
        * style/IdChangeInvalidation.cpp:
        (WebCore::Style::mayBeAffectedByHostRules):
        (WebCore::Style::IdChangeInvalidation::invalidateStyle):

            Same for classes and ids.
            This should be refactored at some point to reduce copy-code.

2017-05-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] ASSERTION FAILED: !m_flushingLayers
        https://bugs.webkit.org/show_bug.cgi?id=172025

        Reviewed by Žan Doberšek.

        The problem is that syncImageBacking() is calling didChangeLayerState(). All sync methods are called by
        flushCompositingStateForThisLayerOnly() while flushing layers, so none of them should call didChange method that
        will schedule a new flush while flushing.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::syncImageBacking):

2017-05-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] GIF images are not properly loaded the first time
        https://bugs.webkit.org/show_bug.cgi?id=170432

        Reviewed by Carlos Alberto Lopez Perez.

        When the GIF image is loaded for the first time, it's always read from the network, and the decoder is usually
        fetched with chunks of data. Then the data is cached in disk by the network process, so that when loaded from
        the cache, the whole encoded data is available to fetch the encoder. The problem is that we are failing to
        decode the image when giving chunks of data, that's why it only happens the first time loaded. If the first
        chunk of data provided is enough to get some metadata, including the size, but not frame contents, the load fails
        in CachedImage::addIncrementalDataBuffer() because the EncodedDataStatus reported is SizeAvailable but
        Image::isNull() returns true. An Image is considered to be Null when its size is empty, and the size is
        calculated always using the first frame in ImageFrameCache. Since we still don't have frames, the image is
        always Null in this case. It is not expected that EncodedDataStatus returns SizeAvailable and the image is Null,
        that's why it's considered an error and the load finishes with a decode error. However, the non CG ImageDecoder
        has a m_size member to handle this particular case, and it's when m_size is set when EncodedDataStatus changes
        to SizeAvailable. We should return the ImageEncoder size as the ImageSize when we have a decoder but
        not frames yet.

        Test: http/tests/images/gif-progressive-load.html

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::size): Return ImageDecoder::size() without caching it, if frame list is empty.

2017-05-12  Per Arne Vollan  <pvollan@apple.com>

        The iBooks application is not able to get current position.
        https://bugs.webkit.org/show_bug.cgi?id=171982
        rdar://problem/29318409

        Reviewed by Brent Fulgham.

        Geolocation requests from iBooks are currently blocked. Make an exemption from the policy for iBooks.

        No new tests since we currently can't mock the iBooks application bundle ID.

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::isRequestFromIBooks):
        (WebCore::Geolocation::shouldBlockGeolocationRequests):

2017-05-11  Per Arne Vollan  <pvollan@apple.com>

        Geolocation requests should not be blocked when the security origin is local.
        https://bugs.webkit.org/show_bug.cgi?id=171857
        rdar://problem/29318409

        Reviewed by Brent Fulgham.

        Geolocation requests from security origins where the url scheme is registered as local,
        should not be blocked. This applies to the file url scheme, but also to other local url
        schemes.

        Test: fast/misc/geolocation-local-security-origin.html

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::shouldBlockGeolocationRequests):

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Drop remaining uses of PassRefPtr in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=172013

        Reviewed by Yusuke Suzuki.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createRootObject):
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptControllerMac.mm:
        * bridge/objc/WebScriptObject.mm:
        (WebCore::createJSWrapper):
        (-[WebScriptObject _setImp:originRootObject:rootObject:]):
        (-[WebScriptObject _setOriginRootObject:andRootObject:]):
        (-[WebScriptObject _initWithJSObject:originRootObject:rootObject:]):
        * bridge/objc/WebScriptObjectPrivate.h:

2017-05-11  Zalan Bujtas  <zalan@apple.com>

        RenderImageResource::hasImage is redundant and RenderImageResourceStyleImage's override is incorrect.
        https://bugs.webkit.org/show_bug.cgi?id=172010
        <rdar://problem/31086735>

        Reviewed by Simon Fraser.

        RenderImageResourceStyleImage::hasImage() always returns true even when ::cachedImage()
        returns nullptr (e.g. image is pending).
        Remove it and use cachedImage() instead.

        Test: fast/images/missing-content-image-crash.html

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::didAttachRenderers):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::updateIntrinsicSizeIfNeeded):
        (WebCore::RenderImage::isShowingMissingOrImageError):
        (WebCore::RenderImage::hasNonBitmapImage):
        (WebCore::RenderImage::paintReplaced):
        (WebCore::RenderImage::paintIntoRect):
        (WebCore::RenderImage::foregroundIsKnownToBeOpaqueInRect):
        * rendering/RenderImageResource.h:
        (WebCore::RenderImageResource::cachedImage):
        (WebCore::RenderImageResource::hasImage): Deleted.
        * rendering/RenderImageResourceStyleImage.h:
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::paint):
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::hasSingleSecurityOrigin):
        (WebCore::SVGImageElement::didAttachRenderers):

2017-05-11  Zalan Bujtas  <zalan@apple.com>

        AX: Defer text changes until after the tree is clean if needed.
        https://bugs.webkit.org/show_bug.cgi?id=171546
        <rdar://problem/31934942>

        Reviewed by Simon Fraser.

        While updating an accessibility object state, we might
        trigger unintentional style updates. This style update could
        end up destroying renderes that are still referenced by functions
        on the callstack.
        To avoid that, defer such changes and let AXObjectCache operate on a clean tree.         

        Test: accessibility/crash-when-render-tree-is-not-clean.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::remove):
        (WebCore::AXObjectCache::handleAttributeChanged):
        (WebCore::AXObjectCache::labelChanged):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        (WebCore::AXObjectCache::deferRecomputeIsIgnored):
        (WebCore::AXObjectCache::deferTextChangedIfNeeded):
        (WebCore::AXObjectCache::recomputeDeferredIsIgnored): Deleted.
        (WebCore::AXObjectCache::deferTextChanged): Deleted.
        * accessibility/AXObjectCache.h: Decouple different type of changes.
        (WebCore::AXObjectCache::deferRecomputeIsIgnored):
        (WebCore::AXObjectCache::deferTextChangedIfNeeded):
        (WebCore::AXObjectCache::recomputeDeferredIsIgnored): Deleted.
        (WebCore::AXObjectCache::deferTextChanged): Deleted.
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::deleteLines):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::createAndAppendRootInlineBox):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::setText):

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Drop remaining uses of PassRefPtr under platform/
        https://bugs.webkit.org/show_bug.cgi?id=172007

        Reviewed by Geoffrey Garen.

        * platform/graphics/wpe/ImageWPE.cpp:
        (WebCore::Image::loadPlatformResource):
        * platform/ios/LegacyTileGrid.h:
        * platform/ios/LegacyTileGrid.mm:
        (WebCore::LegacyTileGrid::tileForIndex):
        (WebCore::LegacyTileGrid::tileForPoint):
        * platform/ios/LegacyTileGridTile.h:
        (WebCore::LegacyTileGridTile::create):
        * platform/mediastream/RTCIceCandidateDescriptor.cpp:
        (WebCore::RTCIceCandidateDescriptor::create):
        * platform/mediastream/RTCIceCandidateDescriptor.h:
        * platform/mediastream/RTCPeerConnectionHandlerClient.h:
        * platform/mediastream/RTCSessionDescriptionDescriptor.cpp:
        (WebCore::RTCSessionDescriptionDescriptor::create):
        * platform/mediastream/RTCSessionDescriptionDescriptor.h:
        * platform/mediastream/RTCSessionDescriptionRequest.h:
        (WebCore::RTCSessionDescriptionRequest::extraData):
        (WebCore::RTCSessionDescriptionRequest::setExtraData):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::firstSource):
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
        * platform/mock/DeviceOrientationClientMock.cpp:
        (WebCore::DeviceOrientationClientMock::setOrientation):
        * platform/mock/DeviceOrientationClientMock.h:
        * platform/mock/GeolocationClientMock.cpp:
        (WebCore::GeolocationClientMock::setPosition):
        * platform/mock/GeolocationClientMock.h:
        * platform/mock/RTCNotifiersMock.cpp:
        (WebCore::SessionRequestNotifier::SessionRequestNotifier):
        (WebCore::SessionRequestNotifier::fire):
        (WebCore::VoidRequestNotifier::VoidRequestNotifier):
        * platform/mock/RTCNotifiersMock.h:
        * platform/mock/TimerEventBasedMock.h:
        (WebCore::TimerEventBasedMock::removeEvent):
        (WebCore::TimerEvent::TimerEvent):
        (WebCore::TimerEvent::timerFired):
        * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
        (WebCore::MockSourceBufferPrivateHasAudio):
        (WebCore::MockSourceBufferPrivateHasVideo):
        * platform/wpe/RenderThemeWPE.h:

2017-05-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [WPE] Stop using PassRefPtr in platform/graphics/wpe
        https://bugs.webkit.org/show_bug.cgi?id=171977

        Unreviewed build fix after r216702.

        * platform/graphics/wpe/ImageWPE.cpp:
        (WebCore::Image::loadPlatformResource):

2017-05-11  Youenn Fablet  <youenn@apple.com>

        [iOS] Unset active media capture source when stopped capturing
        https://bugs.webkit.org/show_bug.cgi?id=171815
        <rdar://problem/32117885>

        Reviewed by Eric Carlson.

        Test: platform/ios/mediastream/getUserMedia-single-capture.html

        Introducing SingleSourceFactory template class to be used by capture factories for iOS.
        This class ensures that only one source is active at a time.
        Update all capture sources accordingly.
        Ensure sources are no longer considered as active sources when being destroyed.
        Add support for mock sources and introducing m_isProducingData for them as well.

        Update WebRTC outgoing source classes to handle the case of replaced track and resetting the enabled/mute
        state according the new source.

        Update the way we handle timestamps for audio data. We now consider that we read/write as a flow.
        This allows smooth audio track replacing.

        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        (WebCore::AVAudioCaptureSource::~AVAudioCaptureSource):
        (WebCore::AVAudioCaptureSourceFactory::setActiveSource): Deleted.
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
        (WebCore::AVVideoCaptureSourceFactory::setActiveSource): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        (WebCore::CoreAudioCaptureSourceFactory::setActiveSource): Deleted.
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::setSource):
        (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable):
        (WebCore::RealtimeOutgoingAudioSource::pullAudioData):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
        (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::mockAudioCaptureSourceFactory):
        (WebCore::MockRealtimeAudioSource::factory):
        (WebCore::MockRealtimeAudioSource::~MockRealtimeAudioSource):
        (WebCore::MockRealtimeAudioSource::startProducingData):
        (WebCore::MockRealtimeAudioSource::stopProducingData):
        * platform/mock/MockRealtimeAudioSource.h:
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::mockVideoCaptureSourceFactory):
        (WebCore::MockRealtimeVideoSource::factory):
        (WebCore::MockRealtimeVideoSource::~MockRealtimeVideoSource):
        (WebCore::MockRealtimeVideoSource::startProducingData):
        (WebCore::MockRealtimeVideoSource::stopProducingData):
        * platform/mock/MockRealtimeVideoSource.h:
        (WebCore::MockRealtimeVideoSource::~MockRealtimeVideoSource): Deleted.

2017-05-11  Timothy Horton  <timothy_horton@apple.com>

        Fix the iOS build

        * platform/spi/mac/NSSpellCheckerSPI.h:

2017-05-11  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r216677.

        Patch caused layout test crashes.

        Reverted changeset:

        "WorkerThread::stop() should call
        scheduleExecutionTermination() last."
        https://bugs.webkit.org/show_bug.cgi?id=171775
        http://trac.webkit.org/changeset/216677

2017-05-11  Don Olmstead  <don.olmstead@am.sony.com>

        [CMake] Add HAVE check for regex.h
        https://bugs.webkit.org/show_bug.cgi?id=171950

        Reviewed by Michael Catanzaro.

        No new tests. No change in behavior.

        * WebCorePrefix.h:
        * testing/js/WebCoreTestSupportPrefix.h:

2017-05-11  Tim Horton  <timothy_horton@apple.com>

        Mail spins launching spell checker when typing
        https://bugs.webkit.org/show_bug.cgi?id=171986
        <rdar://problem/26305327>

        Reviewed by Beth Dakin.

        * platform/spi/mac/NSSpellCheckerSPI.h:

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Stop using PassRefPtr in platform/graphics
        https://bugs.webkit.org/show_bug.cgi?id=171977

        Reviewed by Alex Christensen.

        Stop using PassRefPtr in platform/graphics.

        * css/CSSCrossfadeValue.cpp:
        (WebCore::CSSCrossfadeValue::image):
        * css/CSSFilterImageValue.cpp:
        (WebCore::CSSFilterImageValue::image):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::brokenImage):
        (WebCore::CachedImage::image):
        (WebCore::CachedImage::imageForRenderer):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::addImageToResources):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::paintPanScrollIcon):
        * platform/graphics/CrossfadeGeneratedImage.cpp:
        (WebCore::CrossfadeGeneratedImage::drawCrossfade):
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/Image.cpp:
        (WebCore::Image::nullImage):
        * platform/graphics/Image.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::createResourceLoader):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/Pattern.cpp:
        (WebCore::Pattern::create):
        (WebCore::Pattern::Pattern):
        * platform/graphics/Pattern.h:
        * platform/graphics/PlatformTextTrack.h:
        (WebCore::PlatformTextTrack::create):
        (WebCore::PlatformTextTrack::createOutOfBand):
        (WebCore::PlatformTextTrack::captionMenuOffItem):
        (WebCore::PlatformTextTrack::captionMenuAutomaticItem):
        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
        (WebCore::InbandMetadataTextTrackPrivateAVF::create):
        (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):
        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.h:
        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
        (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionOptionAVFObjC::create):
        (WebCore::MediaSelectionGroupAVFObjC::create):
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.h:
        (WebCore::InbandTextTrackPrivateAVCF::create):
        * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.h:
        (WebCore::InbandTextTrackPrivateLegacyAVCF::create):
        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        (WebCore::WebCoreAVCFResourceLoader::create):
        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.h:
        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.h:
        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
        (WebCore::CDMSessionAVContentKeySession::generateKeyReleaseMessage):
        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.h:
        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
        (WebCore::CDMSessionAVStreamSession::generateKeyReleaseMessage):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.h:
        (WebCore::InbandTextTrackPrivateAVFObjC::create):
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.h:
        (WebCore::InbandTextTrackPrivateLegacyAVFObjC::create):
        * platform/graphics/avfoundation/objc/OutOfBandTextTrackPrivateAVF.h:
        (WebCore::OutOfBandTextTrackPrivateAVF::create):
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::create):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::createPlatformCALayer):
        (WebCore::GraphicsLayerCA::createPlatformCAAnimation):
        (WebCore::GraphicsLayerCA::setContentsToPlatformLayer):
        (WebCore::GraphicsLayerCA::replicatedLayerRoot):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
        (WebCore::GraphicsLayerCA::createBasicAnimation):
        (WebCore::GraphicsLayerCA::createKeyframeAnimation):
        (WebCore::GraphicsLayerCA::createSpringAnimation):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
        * platform/graphics/ca/PlatformCAAnimation.h:
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.h:
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
        (PlatformCAAnimationCocoa::create):
        (PlatformCAAnimationCocoa::copy):
        * platform/graphics/ca/win/AbstractCACFLayerTreeHost.h:
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::create):
        (WebCore::CACFLayerTreeHost::addPendingAnimatedLayer):
        * platform/graphics/ca/win/CACFLayerTreeHost.h:
        * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
        (PlatformCAAnimationWin::create):
        (PlatformCAAnimationWin::copy):
        * platform/graphics/ca/win/PlatformCAAnimationWin.h:
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::addAnimationForKey):
        * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
        (WebCore::WKCACFViewLayerTreeHost::create):
        * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h:
        * platform/graphics/cairo/PatternCairo.cpp:
        (WebCore::Pattern::createPlatformPattern):
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::PlatformContextCairo::clipForPatternFilling):
        * platform/graphics/cg/PDFDocumentImage.h:
        * platform/graphics/cg/PatternCG.cpp:
        (WebCore::Pattern::createPlatformPattern):
        * platform/graphics/filters/FEDiffuseLighting.cpp:
        (WebCore::FEDiffuseLighting::FEDiffuseLighting):
        (WebCore::FEDiffuseLighting::create):
        (WebCore::FEDiffuseLighting::lightSource):
        * platform/graphics/filters/FEDiffuseLighting.h:
        * platform/graphics/filters/FELighting.cpp:
        (WebCore::FELighting::FELighting):
        (WebCore::FELighting::drawLighting):
        * platform/graphics/filters/FELighting.h:
        * platform/graphics/filters/FESpecularLighting.cpp:
        (WebCore::FESpecularLighting::FESpecularLighting):
        (WebCore::FESpecularLighting::create):
        (WebCore::FESpecularLighting::lightSource):
        * platform/graphics/filters/FESpecularLighting.h:
        * platform/graphics/filters/FETile.cpp:
        (WebCore::FETile::platformApplySoftware):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::asUnmultipliedImage):
        (WebCore::FilterEffect::asPremultipliedImage):
        * platform/graphics/filters/FilterEffect.h:
        * platform/graphics/filters/FilterOperation.cpp:
        (WebCore::ReferenceFilterOperation::setFilterEffect):
        (WebCore::BasicColorMatrixFilterOperation::blend):
        (WebCore::BasicComponentTransferFilterOperation::blend):
        (WebCore::BlurFilterOperation::blend):
        (WebCore::DropShadowFilterOperation::blend):
        * platform/graphics/filters/FilterOperation.h:
        (WebCore::FilterOperation::blend):
        (WebCore::PassthroughFilterOperation::create):
        (WebCore::ReferenceFilterOperation::create):
        * platform/graphics/gpu/Texture.cpp:
        (WebCore::Texture::create):
        * platform/graphics/gpu/Texture.h:
        * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/ImageGStreamer.h:
        (WebCore::ImageGStreamer::createImage):
        (WebCore::ImageGStreamer::image):
        * platform/graphics/gstreamer/InbandMetadataTextTrackPrivateGStreamer.h:
        (WebCore::InbandMetadataTextTrackPrivateGStreamer::create):
        (WebCore::InbandMetadataTextTrackPrivateGStreamer::addGenericCue):
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        (WebCore::InbandTextTrackPrivateGStreamer::create):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::processTableOfContentsEntry):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::paint):
        * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
        (WebCore::MediaSourceClientGStreamerMSE::enqueueSample):
        * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
        * platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp:
        * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
        (WebCore::PlaybackPipeline::enqueueSample):
        * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
        * platform/graphics/gtk/ImageGtk.cpp:
        (WebCore::loadImageFromGResource):
        (WebCore::loadResourceSharedBuffer):
        (WebCore::loadMissingImageIconFromTheme):
        (WebCore::Image::loadPlatformResource):
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
        (WebCore::FaceCacheEntry::create):
        * platform/graphics/harfbuzz/HarfBuzzFace.h:
        (WebCore::HarfBuzzFace::create):
        * platform/graphics/mac/ImageMac.mm:
        (WebCore::Image::loadPlatformResource):
        * platform/graphics/opentype/OpenTypeMathData.h:
        (WebCore::OpenTypeMathData::create):
        * platform/graphics/texmap/BitmapTexture.h:
        (WebCore::BitmapTexture::applyFilters):
        * platform/graphics/texmap/BitmapTextureGL.cpp:
        (WebCore::BitmapTextureGL::applyFilters):
        * platform/graphics/texmap/BitmapTextureGL.h:
        (WebCore::BitmapTextureGL::FilterInfo::FilterInfo):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::TextureMapper::acquireTextureFromPool):
        * platform/graphics/texmap/TextureMapper.h:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::createTexture):
        * platform/graphics/texmap/TextureMapperGL.h:
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintIntoSurface):
        (WebCore::commitSurface):
        (WebCore::TextureMapperLayer::paintWithIntermediateSurface):
        (WebCore::TextureMapperLayer::setBackingStore):
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
        (WebCore::TextureMapperTiledBackingStore::create):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::syncImageBacking):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        (WebCore::CoordinatedImageBacking::create):
        (WebCore::CoordinatedImageBacking::CoordinatedImageBacking):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
        * platform/graphics/win/ImageWin.cpp:
        (WebCore::Image::loadPlatformResource):
        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
        (WebCore::MediaPlayerPrivateFullscreenWindow::setRootChildLayer):
        * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h:
        * platform/graphics/win/PatternDirect2D.cpp:
        (WebCore::Pattern::createPlatformPattern):
        * platform/graphics/win/SharedGDIObject.h:
        (WebCore::SharedGDIObject::create):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        * rendering/RenderImageResource.cpp:
        (WebCore::RenderImageResource::image):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::drawPlatformResizerImage):
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::buildPattern):
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
        (WebCore::SVGFEDiffuseLightingElement::build):
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::setFilterEffectAttribute):
        (WebCore::SVGFESpecularLightingElement::build):
        * svg/graphics/SVGImageCache.cpp:
        (WebCore::SVGImageCache::imageForRenderer):

2017-05-11  Joseph Pecoraro  <pecoraro@apple.com>

        Remove Vibration API
        https://bugs.webkit.org/show_bug.cgi?id=171766

        Rubber-stamped by Alexey Proskuryakov.

        * features.json:
        Mark the Vibration API as removed.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * Modules/vibration/NavigatorVibration.cpp: Removed.
        * Modules/vibration/NavigatorVibration.h: Removed.
        * Modules/vibration/NavigatorVibration.idl: Removed.
        * Modules/vibration/Vibration.cpp: Removed.
        * Modules/vibration/Vibration.h: Removed.
        * Modules/vibration/VibrationClient.h: Removed.
        * testing/Internals.cpp:
        (WebCore::Internals::isVibrating): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-11  Dean Jackson  <dino@apple.com>

        WebGLRenderingContext should implement WebGLRenderingContextBase
        https://bugs.webkit.org/show_bug.cgi?id=171961
        <rdar://problem/32124920>

        Reviewed by Sam Weinig.

        WebGLRenderingContext and WebGL2RenderingContext are both
        defined to "implement" WebGLRenderingContextBase. However, we
        were doing it via inheritance, which meant that some things
        were not visible on the WebGLRenderingContext prototype.

        Test: fast/canvas/webgl/constants-on-interface.html

        * WebCore.xcodeproj/project.pbxproj: Move the Custom.cpp files
        out of the GC-only area now they have real content.

        * bindings/js/JSDocumentCustom.cpp: Handle the fact that we
        don't use the base class from the bindings, so we need to
        translate WebGL1 and WebGL2 contexts into the right JS classes.
        (WebCore::JSDocument::getCSSCanvasContext):
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        (WebCore::JSHTMLCanvasElement::getContext):

        * bindings/js/JSWebGL2RenderingContextCustom.cpp: Implement the
        custom methods. In this case, we don't yet expose any
        extensions for WebGL 2.
        (WebCore::toJS):
        (WebCore::JSWebGL2RenderingContext::getExtension):

        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp: Removed.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::toJS):
        (WebCore::JSWebGLRenderingContext::getExtension):

        * html/canvas/WebGL2RenderingContext.h: Make some things public.
        * html/canvas/WebGLRenderingContext.h: Ditto.

        * html/canvas/WebGL2RenderingContext.idl: Use implements.
        * html/canvas/WebGLRenderingContext.idl: Ditto.

        * testing/Internals.cpp: This now takes a WebGLRenderingContext.
        (WebCore::Internals::simulateWebGLContextChanged):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-05-11  Andy Estes  <aestes@apple.com>

        Fix a spelling mistake in ApplePayErrorCode
        https://bugs.webkit.org/show_bug.cgi?id=171981
        <rdar://problem/32136567>

        Reviewed by Beth Dakin.

        * Modules/applepay/ApplePayError.idl:
        * Modules/applepay/PaymentRequest.h:

2017-05-11  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Enable configuration through preferences
        https://bugs.webkit.org/show_bug.cgi?id=171949
        <rdar://problem/31894518>

        Reviewed by Alex Christensen.

        No new tests. Just an added setter.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::setReducedTimestampResolution):

2017-05-11  Frederic Wang  <fwang@igalia.com>

        Unify hasTouchScrollableOverflow/needsCompositedScrolling concepts
        https://bugs.webkit.org/show_bug.cgi?id=171974

        Reviewed by Simon Fraser.

        This commit moves the following pattern in a single RenderLayer::usesAcceleratedScrolling function:
        #if PLATFORM(IOS)
        ...hasTouchScrollableOverflow()...
        #else
        ...needsCompositedScrolling()...
        #endif

        No new tests, behavior unchanged.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::usesAcceleratedScrolling): Introduce helper function.
        * rendering/RenderLayer.h: Declare the function.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::layerOrAncestorIsTransformedOrUsingCompositedScrolling): Use the new function.
        (WebCore::RenderLayerBacking::updateConfiguration): Ditto.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::useCoordinatedScrollingForLayer): Ditto.

2017-05-11  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement ReadableStreamBYOBReader cancel()
        https://bugs.webkit.org/show_bug.cgi?id=171919

        Reviewed by Youenn Fablet.

        Implemented ReadableStreamBYOBReader cancel() method.

        Added tests checking cancel().

        * Modules/streams/ReadableStreamBYOBReader.js:
        (cancel): Implemented.
        * Modules/streams/ReadableStreamInternals.js:
        (readableStreamError): Updated to support ReadableStreamBYOBReader case.

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Stop using PassRefPtr in WebGPU code
        https://bugs.webkit.org/show_bug.cgi?id=171965

        Reviewed by Alex Christensen.

        Stop using PassRefPtr in WebGPU code.

        * html/canvas/WebGPUDrawable.cpp:
        (WebCore::WebGPUDrawable::WebGPUDrawable):
        * html/canvas/WebGPURenderingContext.cpp:
        (WebCore::WebGPURenderingContext::create):
        (WebCore::WebGPURenderingContext::WebGPURenderingContext):
        * html/canvas/WebGPURenderingContext.h:
        * html/canvas/WebGPUTexture.cpp:
        (WebCore::WebGPUTexture::createFromDrawableTexture):
        (WebCore::WebGPUTexture::WebGPUTexture):
        * html/canvas/WebGPUTexture.h:

2017-05-11  Youenn Fablet  <youenn@apple.com>

        Name WebRTC Threads
        https://bugs.webkit.org/show_bug.cgi?id=171975

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
        (WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule): Setting audio module thread name.
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::initializePeerConnectionFactoryAndThreads): Setting signaling and networking thread names.

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Stop using PassRefPtr in platform/audio
        https://bugs.webkit.org/show_bug.cgi?id=171966

        Reviewed by Ryosuke Niwa.

        Stop using PassRefPtr in platform/audio.

        * platform/audio/AudioBus.h:
        (WebCore::AudioBus::AudioBus):
        * platform/audio/AudioFileReader.h:
        * platform/audio/HRTFDatabaseLoader.cpp:
        (WebCore::HRTFDatabaseLoader::createAndLoadAsynchronouslyIfNecessary):
        * platform/audio/HRTFDatabaseLoader.h:
        * platform/audio/HRTFKernel.cpp:
        (WebCore::HRTFKernel::createInterpolatedKernel):
        * platform/audio/HRTFKernel.h:
        (WebCore::HRTFKernel::create):
        * platform/audio/glib/AudioBusGLib.cpp:
        (WebCore::AudioBus::loadPlatformResource):
        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        (WebCore::AudioFileReader::createBus):
        (WebCore::createBusFromAudioFile):
        (WebCore::createBusFromInMemoryAudioFile):
        * platform/audio/ios/AudioFileReaderIOS.cpp:
        (WebCore::AudioFileReader::createBus):
        (WebCore::createBusFromAudioFile):
        (WebCore::createBusFromInMemoryAudioFile):
        * platform/audio/ios/AudioFileReaderIOS.h:
        * platform/audio/mac/AudioBusMac.mm:
        (WebCore::AudioBus::loadPlatformResource):
        * platform/audio/mac/AudioFileReaderMac.cpp:
        (WebCore::AudioFileReader::createBus):
        (WebCore::createBusFromAudioFile):
        (WebCore::createBusFromInMemoryAudioFile):
        * platform/audio/mac/AudioFileReaderMac.h:

2017-05-11  Mark Lam  <mark.lam@apple.com>

        WorkerThread::stop() should call scheduleExecutionTermination() last.
        https://bugs.webkit.org/show_bug.cgi?id=171775
        <rdar://problem/30975761>

        Reviewed by Geoffrey Garen.

        Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
        JS execution first, followed by posting a cleanup task to the worker, and lastly,
        it invokes terminate() on the WorkerRunLoop.

        As a result, before run loop is terminate, the worker thread may observe the
        TerminatedExecutionException in JS code, bail out, see another JS task to run,
        re-enters the VM to run said JS code, and fails with an assertion due to the
        TerminatedExecutionException still being pending on VM entry.

        WorkerRunLoop::Task::performTask() already has a check to only allow a task to
        run if and only if !runLoop.terminated() and the task is not a clean up task.
        We'll fix the above race by ensuring that having WorkerThread::stop() terminate
        the run loop before it scheduleExecutionTermination() which throws the
        TerminatedExecutionException.  This way, by the time JS code unwinds out of the
        VM due to the TerminatedExecutionException, runLoop.terminated() is guaranteed
        to be true and thereby prevents re-entry into the VM.

        This issue is covered by an existing test that I just unskipped in TestExpectations.

        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::DeferredPromise::callFunction):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::stop):

2017-05-11  Chris Dumez  <cdumez@apple.com>

        Drop custom bindings code for HTMLFormControlsCollection's named property getter
        https://bugs.webkit.org/show_bug.cgi?id=171964

        Reviewed by Sam Weinig.

        Drop custom bindings code for HTMLFormControlsCollection's named property getter as
        we are able to generate it.

        No new tests, no expected Web-facing behavior change.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSHTMLFormControlsCollectionCustom.cpp: Removed.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateNamedGetter):
        * html/HTMLFormControlsCollection.cpp:
        (WebCore::HTMLFormControlsCollection::namedItemOrItems):
        * html/HTMLFormControlsCollection.h:
        * html/HTMLFormControlsCollection.idl:

2017-05-10  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] CoreAudioCaptureSource claims to never be muted
        https://bugs.webkit.org/show_bug.cgi?id=171946
        <rdar://problem/32111991>

        Reviewed by Jer Noble.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::stopProducingData): Set m_muted to true.

2017-05-10  Jer Noble  <jer.noble@apple.com>

        RELEASE_ASSERT at WebAudioSourceProviderAVFObjC::provideInput()
        https://bugs.webkit.org/show_bug.cgi?id=171711

        Reviewed by Youenn Fablet.

        Before iterating over the channels in either the WebAudioBufferList or the AudioBus, ensure
        we don't walk over the end of either by only iterating over the minimum length of either.
        Also, when the internal format of WebAudioSourceProviderAVFObjC changes, notify the
        MediaStreamAudioSourceNode that the number of channels and sample rate have changed.

        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::provideInput):
        (WebCore::WebAudioSourceProviderAVFObjC::prepare):

2017-05-10  Andy Estes  <aestes@apple.com>

        REGRESSION (r167845): ASSERT(!m_renderView.needsLayout()) in svg/custom/bug79798.html
        https://bugs.webkit.org/show_bug.cgi?id=132297

        Reviewed by Simon Fraser.

        We don't know why m_renderView needs layout in this case, but we know that we don't need to
        assert if the client hasn't set the ScrollableInnerFrameTrigger compositing trigger.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForScrollableFrame):

2017-05-10  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216630.

        This change caused assertion failures with webrtc LayoutTests.

        Reverted changeset:

        "RELEASE_ASSERT at
        WebAudioSourceProviderAVFObjC::provideInput()"
        https://bugs.webkit.org/show_bug.cgi?id=171711
        http://trac.webkit.org/changeset/216630

2017-05-09  Sam Weinig  <sam@webkit.org>

        Remove support for legacy Notifications
        https://bugs.webkit.org/show_bug.cgi?id=171487

        Reviewed by Jon Lee.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Remove files.

        * Configurations/FeatureDefines.xcconfig:
        Remove definition of ENABLE_LEGACY_NOTIFICATIONS.

        * DerivedSources.make:
        Remove IDL files.

        * Modules/notifications/DOMWindowNotifications.cpp: Removed.
        * Modules/notifications/DOMWindowNotifications.h: Removed.
        * Modules/notifications/DOMWindowNotifications.idl: Removed.
        * Modules/notifications/NotificationCenter.cpp: Removed.
        * Modules/notifications/NotificationCenter.h: Removed.
        * Modules/notifications/NotificationCenter.idl: Removed.
        * Modules/notifications/NotificationClient.h:
        * Modules/notifications/NotificationController.cpp:
        * Modules/notifications/NotificationController.h:
        * Modules/notifications/WorkerGlobalScopeNotifications.cpp: Removed.
        * Modules/notifications/WorkerGlobalScopeNotifications.h: Removed.
        * Modules/notifications/WorkerGlobalScopeNotifications.idl: Removed.
        * Modules/notifications/Notification.idl:
        * Modules/notifications/Notification.cpp:
        * Modules/notifications/Notification.h:
        * dom/EventTargetFactory.in:
        * page/DOMWindow.cpp:
        * workers/WorkerThread.h:
        Remove code legacy Notification code. Replace use of NotificationCenter with direct
        calls to the NotificationClient.

2017-05-10  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216635.
        https://bugs.webkit.org/show_bug.cgi?id=171953

        "Some worker tests are failing". (Requested by mlam on #webkit).

        Reverted changeset:

        "WorkerThread::stop() should call
        scheduleExecutionTermination() last."
        https://bugs.webkit.org/show_bug.cgi?id=171775
        http://trac.webkit.org/changeset/216635

2017-05-10  Mark Lam  <mark.lam@apple.com>

        WorkerThread::stop() should call scheduleExecutionTermination() last.
        https://bugs.webkit.org/show_bug.cgi?id=171775
        <rdar://problem/30975761>

        Reviewed by Geoffrey Garen.

        Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
        JS execution first, followed by posting a cleanup task to the worker, and lastly,
        it invokes terminate() on the WorkerRunLoop.

        As a result, before run loop is terminate, the worker thread may observe the
        TerminatedExecutionException in JS code, bail out, see another JS task to run,
        re-enters the VM to run said JS code, and fails with an assertion due to the
        TerminatedExecutionException still being pending on VM entry.

        WorkerRunLoop::Task::performTask() already has a check to only allow a task to
        run if and only if !runLoop.terminated() and the task is not a clean up task.
        We'll fix the above race by ensuring that having WorkerThread::stop() terminate
        the run loop before it scheduleExecutionTermination() which throws the
        TerminatedExecutionException.  This way, by the time JS code unwinds out of the
        VM due to the TerminatedExecutionException, runLoop.terminated() is guaranteed
        to be true and thereby prevents re-entry into the VM.

        This issue is covered by an existing test that I just unskipped in TestExpectations.

        * bindings/js/JSDOMPromiseDeferred.cpp:
        (WebCore::DeferredPromise::callFunction):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::stop):

2017-05-10  Tim Horton  <timothy_horton@apple.com>

        Add an experimental feature flag for viewport-fit
        https://bugs.webkit.org/show_bug.cgi?id=171948
        <rdar://problem/31995518>

        Reviewed by Simon Fraser.

        * dom/ViewportArguments.cpp:
        (WebCore::setViewportFeature):
        * page/Settings.in:
        Disable parsing of viewport-fit if the experimental feature is disabled.

2017-05-10  Chris Dumez  <cdumez@apple.com>

        Simplify relationship between Attr and Element now that Attr is childless
        https://bugs.webkit.org/show_bug.cgi?id=171909

        Reviewed by Ryosuke Niwa.

        Simplify relationship between Attr and Element now that Attr is childless
        after r216259.

        No new tests, no Web facing behavior change.

        * dom/Attr.cpp:
        (WebCore::Attr::setValue):
        Attr::setValue() was only called by Element::setAttributeInternal() to make sure
        we updated the Attr node's Text child. However, now that Attr has no Text child,
        Element no longer needs to update the Attr node's value.
        Attr::setValueForBindings() was thus renamed to setValue(). Its implementation
        was also simplified by calling Element::setAttribute() on its ownerElement, if
        it has one, instead of duplicating a bunch of code from Element::setAttributeInternal().

        (WebCore::Attr::setNodeValue):
        Call setValue() instead of setValueForBindings() now that it has been renamed.

        * dom/Attr.h:
        * dom/Attr.idl:
        Rename valueForBindings / setValueForBindings to value / setValue.

        * dom/Document.h:
        Split shouldInvalidateNodeListAndCollectionCaches() into 2 methods, one taking an Attr name
        and another that does not. There are now 2 calls sites instead of one, so we no longer need
        to branch in this function.

        * dom/Element.cpp:
        (WebCore::Element::setAttributeInternal):
        Drop code calling Attr::setValue() on the Attr node since Attr::setValue() was only
        duplicating logic from Element::setAttributeInternal() after r216259. There is nothing
        on Attr that needs updating when an element attribute gets updated.

        (WebCore::Element::attributeChanged):
        Call the new invalidateNodeListAndCollectionCachesInAncestorsForAttribute(). This
        is the only call site that passes an attribute name.

        * dom/Node.cpp:
        (WebCore::Document::shouldInvalidateNodeListAndCollectionCaches):
        (WebCore::Document::shouldInvalidateNodeListAndCollectionCachesForAttribute):
        Split into 2 to avoid branching, as explained above.

        (WebCore::Node::invalidateNodeListAndCollectionCachesInAncestors):
        (WebCore::Node::invalidateNodeListAndCollectionCachesInAncestorsForAttribute):
        - invalidateNodeListAndCollectionCachesInAncestors() used to invalidate childNodeLists
          if the Node was an attribute node. Drop this as this is no longer needed as of r216259.
        - After the change to Attr::setValue(), call sites for
          invalidateNodeListAndCollectionCachesInAncestors() either had no parameters, or both
          parameters present and non-null. There is therefore no longer any need to handle
          having an attrName but no attributeOwnerElement. To make this obvious, I split this
          into 2 methods: invalidateNodeListAndCollectionCachesInAncestors() and
          invalidateNodeListAndCollectionCachesInAncestorsForAttribute(attrName). We no longer
          need the attributeOwnerElement parameter as it was only used to exit early.

        * dom/Node.h:

2017-05-10  Antti Koivisto  <antti@apple.com>

        REGRESSION (r207372) Visibility property is not inherited when used in an animation
        https://bugs.webkit.org/show_bug.cgi?id=171883
        <rdar://problem/32086550>

        Reviewed by Simon Fraser.

        The problem here is that our animation code is tied to renderers. We don't have renderers during
        the initial style resolution so animations are not applied yet. When constructing renderers we set
        their style to the initial animated style but this step can't implement inheritance.

        Normally this is invisible as the first animation frame will immediately inherit the style correctly.
        However in this case the animation is discrete and the first frame is the same as the initial state.
        With r207372 we optimize the descendant style change away.

        This patch fixes the problem by tracking that the renderer has initial animated style and inheriting
        it to descendants during next style resolution even if it doesn't change.

        Test: animations/animation-initial-inheritance.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::hasInitialAnimatedStyle):
        (WebCore::RenderElement::setHasInitialAnimatedStyle):
        * style/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::createRenderer):

            Set a bit on renderer indicating it has initial animated style.

        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate):

            Return at least 'Inherit' for style change when updating renderer with initial animated style.

2017-05-10  Jer Noble  <jer.noble@apple.com>

        RELEASE_ASSERT at WebAudioSourceProviderAVFObjC::provideInput()
        https://bugs.webkit.org/show_bug.cgi?id=171711

        Reviewed by Youenn Fablet.

        Before iterating over the channels in either the WebAudioBufferList or the AudioBus, ensure
        we don't walk over the end of either by only iterating over the minimum length of either.
        Also, when the internal format of WebAudioSourceProviderAVFObjC changes, notify the
        MediaStreamAudioSourceNode that the number of channels and sample rate have changed.

        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
        (WebCore::WebAudioSourceProviderAVFObjC::provideInput):
        (WebCore::WebAudioSourceProviderAVFObjC::prepare):

2017-05-04  Filip Pizlo  <fpizlo@apple.com>

        GCController.cpp's collect() should be Async
        https://bugs.webkit.org/show_bug.cgi?id=171708

        Reviewed by Saam Barati and Geoffrey Garen.

        No new tests because no change in behavior.
        
        This is one step towards not requesting sync GCs in WebCore. I'm landing this incrementally to
        make bisecting super easy.
        
        This is a ~7% JetStream iOS "regression", because JetStream has a bug where it allows trunk
        to sneakily hide GC work between when JetStream measures time. After this change, we are no
        longer trying to be sneaky.

        * bindings/js/GCController.cpp:
        (WebCore::collect):

2017-05-10  Jer Noble  <jer.noble@apple.com>

        CoreAudioCaptureSource reports 3 or 5 channel audio output; actually only mono
        https://bugs.webkit.org/show_bug.cgi?id=171940

        Reviewed by Eric Carlson.

        Asking for the Input VPIO stream format will return the internal mic format, before processing. Instead
        ask for the input bus's output format, which is post processing, which will return the correct number
        of channels (one).

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::configureMicrophoneProc):

2017-05-10  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216591.

        This change broke an internal build.

        Reverted changeset:

        "REGRESSION (r207372) Visibility property is not inherited
        when used in an animation"
        https://bugs.webkit.org/show_bug.cgi?id=171883
        http://trac.webkit.org/changeset/216591

2017-05-10  Chris Dumez  <cdumez@apple.com>

        Drop custom bindings code now window.open()
        https://bugs.webkit.org/show_bug.cgi?id=171933

        Reviewed by Geoffrey Garen.

        Drop custom bindings code now window.open() as it is not doing anything special.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::open): Deleted.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::open):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        * testing/Internals.cpp:
        (WebCore::Internals::openDummyInspectorFrontend):

2017-05-10  Tim Horton  <timothy_horton@apple.com>

        Add an experimental feature flag for constant properties
        https://bugs.webkit.org/show_bug.cgi?id=171913
        <rdar://problem/31995518>

        Reviewed by Ryosuke Niwa.

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        (WebCore::operator==):
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::consumeCustomPropertyValue):
        * css/parser/CSSParserMode.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseValueStart):
        * css/parser/CSSVariableParser.cpp:
        (WebCore::classifyBlock):
        (WebCore::isValidVariableReference):
        (WebCore::isValidConstantReference):
        (WebCore::classifyVariableRange):
        (WebCore::CSSVariableParser::containsValidVariableReferences):
        (WebCore::CSSVariableParser::parseDeclarationValue):
        * css/parser/CSSVariableParser.h:
        Plumb the experimental feature flag down into CSSVariableParser by way
        of CSSParserContext.

        * page/Settings.in:

2017-05-10  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r206960): Possible null pointer dereference under DOMSelection::getRangeAt()
        https://bugs.webkit.org/show_bug.cgi?id=171925
        <rdar://problem/29931223>

        Reviewed by Wenson Hsieh.

        We have evidence that selection().firstRange() can return null in DOMSelection::getRangeAt().
        When this happens, we now throw an INDEX_SIZE_ERR instead of dereferencing it.

        I believe this can happen if the VisibleSelection is orphaned but not none, because
        rangeCount() only checks for isNone() but VisibleSelection::firstRange() can return null
        if isNoneOrOrphaned().

        No new tests, I do not know how to reproduce.

        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::getRangeAt):

2017-05-10  Matt Rajca  <mrajca@apple.com>

        DumpRenderTree crashed in com.apple.WebCore: std::optional<WTF::MediaTime>::operator-> + 71 :: CRASHING TEST: fullscreen/video-controls-timeline.html
        https://bugs.webkit.org/show_bug.cgi?id=171932

        Reviewed by Eric Carlson.

        Explicitly initialize m_playbackWithoutUserGesture to "None".

        * html/HTMLMediaElement.h:

2017-05-10  Andy Estes  <aestes@apple.com>

        Keyboard input suppression should extend to subframes
        https://bugs.webkit.org/show_bug.cgi?id=171880
        <rdar://problem/31201793>

        Reviewed by Ryosuke Niwa.

        Test: http/tests/navigation/keyboard-events-during-provisional-subframe-navigation.html

        * dom/EventDispatcher.cpp:
        (WebCore::shouldSuppressEventDispatchInDOM): Changed to call shouldSuppressKeyboardInput()
        on the main frame's loader.
        * editing/Editor.cpp:
        (WebCore::Editor::shouldInsertText): Ditto.

2017-05-10  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r216563.

        Revision caused 2 api failures

        Reverted changeset:

        "[MediaStream] deviceId constraint doesn't work with
        getUserMedia"
        https://bugs.webkit.org/show_bug.cgi?id=171877
        http://trac.webkit.org/changeset/216563

2017-05-10  Frederic Wang  <fwang@igalia.com>

        Refactor ScrollingCoordinator::setSynchronousScrollingReasons to accept a FrameView
        https://bugs.webkit.org/show_bug.cgi?id=171923

        Reviewed by Simon Fraser.

        Currently ScrollingCoordinator::setSynchronousScrollingReasons implementations assumes
        SynchronousScrollingReasons apply to the main frame. This commit allows to specify
        a FrameView in order to prepare support for fast scrolling of frames.

        No new tests, no behavior changes.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons): Use the FrameView to
        find the state node.
        (WebCore::AsyncScrollingCoordinator::updateScrollLayerPosition): Rename this function
        updateMainFrameScrollLayerPosition and use the specified FrameView.
        * page/scrolling/AsyncScrollingCoordinator.h: Add FrameView parameter.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasons): Remove the const since
        AsyncScrollingCoordinator uses scrollLayerForFrameView. Pass the frameView to
        setSynchronousScrollingReasons.
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::setSynchronousScrollingReasons): Add FrameView parameter.

2017-05-10  Antti Koivisto  <antti@apple.com>

        REGRESSION (r207372) Visibility property is not inherited when used in an animation
        https://bugs.webkit.org/show_bug.cgi?id=171883
        <rdar://problem/32086550>

        Reviewed by Simon Fraser.

        The problem here is that our animation code is tied to renderers. We don't have renderers during
        the initial style resolution so animations are not applied yet. When constructing renderers we set
        their style to the initial animated style but this step can't implement inheritance.

        Normally this is invisible as the first animation frame will immediately inherit the style correctly.
        However in this case the animation is discrete and the first frame is the same as the initial state.
        With r207372 we optimize the descendant style change away.

        This patch fixes the problem by tracking that the renderer has initial animated style and inheriting
        it to descendants during next style resolution even if it doesn't change.

        Test: animations/animation-initial-inheritance.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::hasInitialAnimatedStyle):
        (WebCore::RenderElement::setHasInitialAnimatedStyle):
        * style/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::createRenderer):

            Set a bit on renderer indicating it has initial animated style.

        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::createAnimatedElementUpdate):

            Return at least 'Inherit' for style change when updating renderer with initial animated style.

2017-05-10  Myles C. Maxfield  <mmaxfield@apple.com>

        Tiny cleanup in Font::DerivedFonts
        https://bugs.webkit.org/show_bug.cgi?id=171893

        Reviewed by Jon Lee.

        This variable was written to but never read.

        No new tests because there is no behavior change.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font):
        * platform/graphics/Font.cpp:
        (WebCore::Font::verticalRightOrientationFont):
        (WebCore::Font::uprightOrientationFont):
        (WebCore::Font::smallCapsFont):
        (WebCore::Font::noSynthesizableFeaturesFont):
        (WebCore::Font::emphasisMarkFont):
        (WebCore::Font::brokenIdeographFont):
        (WebCore::Font::DerivedFonts::~DerivedFonts): Deleted.
        * platform/graphics/Font.h:
        (WebCore::Font::DerivedFonts::DerivedFonts): Deleted.

2017-05-10  Michael Catanzaro  <mcatanzaro@igalia.com>

        Remove user agent quirk for Slack
        https://bugs.webkit.org/show_bug.cgi?id=171869

        Reviewed by Carlos Garcia Campos.

        The user agent quirk for Slack does not seem to be necessary anymore. I am able to use Slack
        without difficulty using our default user agent.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresChromeBrowser):

2017-05-10  Hyungwook Lee  <hyungwook.lee@navercorp.com>

        [GTK] Fix compile warnings in CryptoKeyECGCrypt.cpp
        https://bugs.webkit.org/show_bug.cgi?id=171851

        Reviewed by Alex Christensen.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::curveSize):
        (WebCore::curveName):
        (WebCore::uncompressedPointSizeForCurve):
        (WebCore::uncompressedFieldElementSizeForCurve):

2017-05-08  Sergio Villar Senin  <svillar@igalia.com>

        [css-grid] Remove Blink-specific code for handling orthogonal grid items
        https://bugs.webkit.org/show_bug.cgi?id=171807

        Reviewed by Darin Adler.

        This code was added in r203252 as part of a patch improving the handling of
        {min|max}-content with orthogonal flows. The original code came from Blink which performs a
        pre-layout of orthogonal boxes in FrameView. That is not true in the case of WebKit so we do
        not need this code at all. Actually it was causing incorrect renderings in some tests.

        I'm also removing an invalid return statement just after another return.

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithmStrategy::minContentForChild):
        (WebCore::GridTrackSizingAlgorithmStrategy::maxContentForChild):

2017-05-09  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed build fix.

        * platform/wpe/WidgetWPE.cpp:
        (WebCore::Widget::paint): Add the missing SecurityOriginPaintPolicy parameter.

2017-05-09  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] deviceId constraint doesn't work with getUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=171877
        <rdar://problem/31899730>

        Reviewed by Jer Noble.

        Test: fast/mediastream/get-user-media-device-id.html

        * Modules/mediastream/MediaConstraintsImpl.h:
        (WebCore::MediaConstraintsData::MediaConstraintsData): Add a constructor that 
        takes a const MediaConstraints&.

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        (WebCore::MediaDevicesEnumerationRequest::topLevelDocumentOrigin): Don't return
        NULL for the main frame so the origin matches that returned for a UserMediaRequest.

        * Modules/mediastream/UserMediaController.h:
        (WebCore::UserMediaController::setDeviceIDHashSalt): Deleted, not used.
        (WebCore::UserMediaController::deviceIDHashSalt): Deleted, not used.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow): Add device ID hash salt parameter, set it on
        constraints.
        * Modules/mediastream/UserMediaRequest.h:

        * platform/mediastream/MediaConstraints.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::fitnessDistance): ASSERT if called for DeviceId.
        (WebCore::RealtimeMediaSource::selectSettings): Special case DeviceId because it
        we have to hash the device ID before comparing, and because the DeviceId can't be
        changed so it should never be added to the flattened constraints.

        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.cpp:
        (WebCore::RealtimeMediaSourceSupportedConstraints::nameForConstraint): Deleted, unused.
        (WebCore::RealtimeMediaSourceSupportedConstraints::constraintFromName): Deleted, unused.
        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.h:

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints): Pass device
        id, not empty string.

2017-05-09  Jeremy Jones  <jeremyj@apple.com>

        Video fullscreen window level should be below status bar.
        https://bugs.webkit.org/show_bug.cgi?id=171892
        rdar://problem/31771707

        Reviewed by Jer Noble.

        No new tests because it only affects platform window level.

        Move the fullscreen window below the status bar, but above the input field window level.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):

2017-05-09  Sam Weinig  <sam@webkit.org>

        Implement Subresource Integrity (SRI) [Part 2 - Fetch]
        https://bugs.webkit.org/show_bug.cgi?id=148363
        <rdar://problem/18945879>

        Reviewed by Youenn Fablet.

        Tests: http/tests/subresource-integrity/sri-fetch-worker.html
               http/tests/subresource-integrity/sri-fetch.html

        * loader/FetchOptions.h:
        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoaderOptions::isolatedCopy):
        * loader/ThreadableLoader.h:
        * loader/WorkerThreadableLoader.cpp:
        (WebCore::LoaderTaskOptions::LoaderTaskOptions):
        Add integrity metadata to the fetch options, and fix the implementation of
        ThreadableLoaderOptions::isolatedCopy to work correctly (it was missing isolated
        copy derivedCachedDataTypesToRetrieve).

        * Modules/fetch/FetchRequest.cpp:
        (WebCore::buildOptions):
        (WebCore::FetchRequest::initializeOptions):
        * Modules/fetch/FetchRequest.h:
        Switch to using the integrity metadata on the fetchOptions, removing the need to
        store them directly on the internal request.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
        (WebCore::DocumentThreadableLoader::didReceiveResponse):
        (WebCore::DocumentThreadableLoader::didReceiveData):
        (WebCore::DocumentThreadableLoader::didFinishLoading):
        (WebCore::DocumentThreadableLoader::loadRequest):
        (WebCore::DocumentThreadableLoader::reportIntegrityMetadataError):
        * loader/DocumentThreadableLoader.h:
        Add a new flag, m_delayCallbacksForIntegrityCheck, which is used when integrity metadata
        is present, so we can implement the 'wait' concept from the fetch spec, and delay informing
        the clients until we have validated the integrity metadata.

2017-05-09  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216545.
        https://bugs.webkit.org/show_bug.cgi?id=171889

        Caused a test failure (Requested by eric_carlson on #webkit).

        Reverted changeset:

        "[MediaStream] deviceId constraint doesn't work with
        getUserMedia"
        https://bugs.webkit.org/show_bug.cgi?id=171877
        http://trac.webkit.org/changeset/216545

2017-05-09  Zalan Bujtas  <zalan@apple.com>

        resetFlowThreadContainingBlockAndChildInfoIncludingDescendants should not ignore RenderElement subtrees.
        https://bugs.webkit.org/show_bug.cgi?id=171873
        <rdar://problem/32004954>

        Reviewed by Simon Fraser.

        Normally a RenderBlock's parent is another RenderBlock, but In some cases (e.g. tables) a RenderBlock can
        have a non-RenderBlock(RenderBox) ancestor.
        While updating the flow thread state on a subtree, we should descent into subtrees with RenderElement
        roots and not just RenderBlocks so that we clear the state on the entire subtree.

        Test: fast/multicol/crash-when-column-inside-table.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::resetFlowThreadContainingBlockAndChildInfoIncludingDescendants):
        * rendering/RenderBlock.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::resetFlowThreadContainingBlockAndChildInfoIncludingDescendants):
        * rendering/RenderElement.h:

2017-05-09  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] deviceId constraint doesn't work with getUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=171877
        <rdar://problem/31899730>

        Reviewed by Jer Noble.

        Test: fast/mediastream/get-user-media-device-id.html

        * Modules/mediastream/MediaConstraintsImpl.h:
        (WebCore::MediaConstraintsData::MediaConstraintsData): Add a constructor that 
        takes a const MediaConstraints&.

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        (WebCore::MediaDevicesEnumerationRequest::topLevelDocumentOrigin): Don't return
        NULL for the main frame so the origin matches that returned for a UserMediaRequest.

        * Modules/mediastream/UserMediaController.h:
        (WebCore::UserMediaController::setDeviceIDHashSalt): Deleted, not used.
        (WebCore::UserMediaController::deviceIDHashSalt): Deleted, not used.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow): Add device ID hash salt parameter, set it on
        constraints.
        * Modules/mediastream/UserMediaRequest.h:

        * platform/mediastream/MediaConstraints.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::fitnessDistance): ASSERT if called for DeviceId.
        (WebCore::RealtimeMediaSource::selectSettings): Special case DeviceId because it
        we have to hash the device ID before comparing, and because the DeviceId can't be
        changed so it should never be added to the flattened constraints.

        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.cpp:
        (WebCore::RealtimeMediaSourceSupportedConstraints::nameForConstraint): Deleted, unused.
        (WebCore::RealtimeMediaSourceSupportedConstraints::constraintFromName): Deleted, unused.
        * platform/mediastream/RealtimeMediaSourceSupportedConstraints.h:

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints): Pass device
        id, not empty string.

2017-05-09  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Localized strings aren't loaded
        https://bugs.webkit.org/show_bug.cgi?id=171884

        Reviewed by Dean Jackson.

        Remove the extraneous file extension in the file name.

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsScript):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::mediaControlsScript):

2017-05-09  Chris Dumez  <cdumez@apple.com>

        Introduce DocumentAndElementEventHandlers IDL interface
        https://bugs.webkit.org/show_bug.cgi?id=171879

        Reviewed by Simon Fraser and Ryosuke Niwa.

        Introduce DocumentAndElementEventHandlers IDL interface:
        - https://html.spec.whatwg.org/#documentandelementeventhandlers

        This avoids duplication between Document.idl and Element.idl.

        Also mark oncopy / oncut / onpaste EventHandlers as enumerable to match
        the specification.

        Test: fast/events/DocumentAndElementEventHandlers.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.idl:
        * dom/DocumentAndElementEventHandlers.idl: Added.
        * dom/Element.idl:

2017-05-10  Dean Jackson  <dino@apple.com>

        Restrict SVG filters to accessible security origins
        https://bugs.webkit.org/show_bug.cgi?id=118689
        <rdar://problem/27362159>

        Reviewed by Brent Fulgham.

        Certain SVG filters should only be allowed to operate
        on content that is has SecurityOrigin access to. Implement
        this by including a flag in PaintInfo and LayerPaintingInfo,
        and have RenderWidget make sure the documents have acceptable
        SecurityOrigins as it goes to paint.

        This could be used as the first step in a "safe painting"
        strategy, allowing some content to be rendered into a 
        canvas or via the element() CSS function... but it is only
        a small first step.

        Test: http/tests/css/filters-on-iframes.html

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::paint):
        * platform/ScrollView.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::paint):
        * platform/Scrollbar.h:
        * platform/Widget.h:
        * platform/graphics/filters/FilterOperation.h:
        (WebCore::FilterOperation::shouldBeRestrictedBySecurityOrigin):
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::FilterOperations::hasFilterThatShouldBeRestrictedBySecurityOrigin):
        * platform/graphics/filters/FilterOperations.h:
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        * rendering/FilterEffectRenderer.h:
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::PaintInfo):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paint):
        (WebCore::RenderLayer::setupFilters):
        (WebCore::RenderLayer::paintForegroundForFragmentsWithPhase):
        * rendering/RenderLayer.h:
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::paint):
        * rendering/RenderScrollbar.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents):

2017-05-09  Chris Dumez  <cdumez@apple.com>

        Move onanimation* EventHandlers to GlobalEventHandlers
        https://bugs.webkit.org/show_bug.cgi?id=171874

        Reviewed by Simon Fraser.

        Move onanimation* EventHandlers to GlobalEventHandlers to match the specification:
        - https://drafts.csswg.org/css-animations/#interface-globaleventhandlers-idl

        We previously have those on Window and Element only. Firefox complies with the
        specification.

        Test: fast/css/onanimation-eventhandlers.html

        * dom/Element.idl:
        * dom/GlobalEventHandlers.idl:
        * page/DOMWindow.idl:

2017-05-09  Youenn Fablet  <youenn@apple.com>

        Refresh webrtc WPT tests
        https://bugs.webkit.org/show_bug.cgi?id=171878

        Reviewed by Eric Carlson.

        Tests: imported/w3c/web-platform-tests/webrtc/RTCConfiguration-iceCandidatePoolSize.html
               imported/w3c/web-platform-tests/webrtc/RTCDataChannel-id.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-canTrickleIceCandidates.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-constructor.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-createDataChannel.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-iceGatheringState.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-idl.html
               imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-setRemoteDescription.html
               imported/w3c/web-platform-tests/webrtc/datachannel-idlharness.html
               imported/w3c/web-platform-tests/webrtc/getstats.html
               imported/w3c/web-platform-tests/webrtc/interfaces.html

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createDataChannel): exiting early if libwebrtc is not creating a data channel.

2017-05-09  Javier Fernandez  <jfernandez@igalia.com>

        space-evenly misbehaves with flexbox
        https://bugs.webkit.org/show_bug.cgi?id=170445

        Reviewed by David Hyatt.

        The CSS Box Alignment specification defines the <content-distribution>
        set as some of the allowed values for the Content Distribution
        properties, align-content and justify-content. The 'space-evenly' value
        is not among the ones allowed for these properties according to the CSS
        Flexible Box specification.

        The CSS Flexbible box specification states that it must follow the CSS
        Box Alignment specification, so this new value must be considered as
        part of an upgraded level of the spec, which should be implemented
        eventually.

        Since we have already shipped an implementation of the new CSS Box
        Alignment values for CSS Grid Layout, we need to implement it for
        Flexbox as well.

        No new tests, but several new test cases added.

        * rendering/RenderFlexibleBox.cpp:
        (WebCore::initialJustifyContentOffset):
        (WebCore::justifyContentSpaceBetweenChildren):
        (WebCore::initialAlignContentOffset):
        (WebCore::alignContentSpaceBetweenChildren):

2017-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>

        Avoid -Wformat warnings in RenderLayerCompositor.cpp and RenderLayerBacking.cpp
        https://bugs.webkit.org/show_bug.cgi?id=171875

        Reviewed by Simon Fraser.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinator):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::logLayerInfo):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):

2017-05-09  Chris Dumez  <cdumez@apple.com>

        Drop custom bindings code for Window.location setter
        https://bugs.webkit.org/show_bug.cgi?id=171846

        Reviewed by Sam Weinig.

        Drop custom bindings code for Window.location setter as the custom code was merely needed
        to address a very old Mac widget that has long been fixed (rdar://problem/5695330).

        No new tests, no Web-facing behavior change.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setLocation): Deleted.
        Drop custom code.

        * page/DOMWindow.idl:
        Align Window.location with https://html.spec.whatwg.org/#the-window-object:
        - Mark property as readonly.
        - Add [PutsForward=href] IDL extended attribute.
        Also, we need to mark the atribute as nullable as this reflects our current implementation.
        We currently return null if the associated Window does not have a frame. This does not match
        the specification and we should update our implementation in the future to never return null.

2017-05-09  Matt Lewis  <jlewis3@apple.com>

        Unreviewed, rolling out r216508.

        The layout test enabled in this change is failing on Sierra.

        Reverted changeset:

        "Invalid MediaSource duration value should throw TyperError
        instead of InvalidStateError"
        https://bugs.webkit.org/show_bug.cgi?id=171653
        http://trac.webkit.org/changeset/216508

2017-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>

        Update Chrome and Firefox versions in user agent quirks
        https://bugs.webkit.org/show_bug.cgi?id=171823

        Reviewed by Carlos Alberto Lopez Perez.

        * platform/UserAgentQuirks.cpp:
        (WebCore::UserAgentQuirks::stringForQuirk):
        (WebCore::UserAgentQuirks::firefoxRevisionString):

2017-05-09  Youenn Fablet  <youenn@apple.com>

        RealtimeOutgoingAudioSource is crashing when given data with more than two channels
        https://bugs.webkit.org/show_bug.cgi?id=171868

        Reviewed by Eric Carlson.

        Manual testing.

        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::libwebrtcAudioFormat): Capping the number of channels to 2.
        (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable):

2017-05-09  Myles C. Maxfield  <mmaxfield@apple.com>

        font-stretch: normal selects expanded fonts instead of condensed fonts
        https://bugs.webkit.org/show_bug.cgi?id=171838
        <rdar://problem/31005481>

        Reviewed by Jon Lee.

        CSS Fonts level 3 says: "If the value of ‘font-stretch’ is ‘normal’ or one of the condensed
        values, narrower width values are checked first, then wider values."

        CSS Fonts level 4 erroneously was incompatible with this, but was updated in
        https://github.com/w3c/csswg-drafts/commit/4559389d183bbaaf3321af5ba1c924caa7c488bb
        to be consistent with this.

        Now, CSS Fonts level 4 states: "If the desired stretch value is less than or equal to100,
        stretch values below the desired stretch value are checked in descending order followed by
        stretch values above the desired stretch value in ascending order"

        Test: fast/text/font-width-100.html

        * platform/graphics/FontSelectionAlgorithm.cpp:

2017-05-09  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Enable creation of ReadableStreamBYOBReader
        https://bugs.webkit.org/show_bug.cgi?id=171665

        Reviewed by Youenn Fablet.

        Enabled the creation of ReadableStreamBYOBReader.

        Test: streams/readable-stream-byob-reader.html

        * CMakeLists.txt: Updated to support ReadableStreamBYOBReader.
        * DerivedSources.cpp: Updated to support ReadableStreamBYOBReader.
        * DerivedSources.make: Updated to support ReadableStreamBYOBReader.
        * Modules/streams/ReadableByteStreamInternals.js: Updated to support ReadableStreamBYOBReader.
        (privateInitializeReadableStreamBYOBReader):
        (isReadableStreamBYOBReader):
        * Modules/streams/ReadableStream.js: Updated to support ReadableStreamBYOBReader.
        (getReader):
        * Modules/streams/ReadableStreamBYOBReader.idl: Added.
        * Modules/streams/ReadableStreamBYOBReader.js: Added.
        (cancel): To be implemented.
        (read): To be implemented.
        (releaseLock): To be implemented.
        (closed): To be implemented.
        * WebCore.xcodeproj/project.pbxproj: Updated to support ReadableStreamBYOBReader.
        * bindings/js/JSDOMGlobalObject.cpp: Updated to support ReadableStreamBYOBReader.
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
        * bindings/js/JSReadableStreamPrivateConstructors.cpp: Updated to support ReadableStreamBYOBReader.
        (WebCore::constructJSReadableStreamReaderGeneric):
        (WebCore::constructJSReadableStreamDefaultReader):
        (WebCore::constructJSReadableStreamBYOBReader):
        (WebCore::JSBuiltinReadableStreamBYOBReaderPrivateConstructor::initializeExecutable):
        (WebCore::createReadableStreamBYOBReaderPrivateConstructor):
        * bindings/js/JSReadableStreamPrivateConstructors.h: Updated to support ReadableStreamBYOBReader.
        * bindings/js/WebCoreBuiltinNames.h: Updated to support ReadableStreamBYOBReader.

2017-05-09  Frederic Wang  <fwang@igalia.com>

        Print more properties in the output of scrolling trees
        https://bugs.webkit.org/show_bug.cgi?id=171858

        Reviewed by Simon Fraser.

        No new tests, no behavior changes.

        * page/scrolling/ScrollingCoordinator.cpp: Implement << operator to print ScrollableAreaParameters.
        (WebCore::operator<<):
        * page/scrolling/ScrollingCoordinator.h: Declare new << operator.
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp: Print new properties.
        (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
        * page/scrolling/ScrollingStateScrollingNode.cpp: ditto.
        (WebCore::ScrollingStateScrollingNode::dumpProperties):
        * page/scrolling/ScrollingTreeScrollingNode.cpp: ditto.
        (WebCore::ScrollingTreeScrollingNode::dumpProperties):

2017-05-09  Chris Dumez  <cdumez@apple.com>

        ontransitionend eventHandler should be in GlobalEventHandlers
        https://bugs.webkit.org/show_bug.cgi?id=171836

        Reviewed by Ryosuke Niwa.

        ontransitionend eventHandler should be in GlobalEventHandlers:
        - https://drafts.csswg.org/css-transitions/#interface-globaleventhandlers-idl

        WebKit currently has in on Window and Element only. Firefox matches the specification.

        Test: fast/css/ontransitionend-eventhandler.html

        * dom/Element.idl:
        * dom/GlobalEventHandlers.idl:
        * page/DOMWindow.idl:

2017-05-09  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>

        MediaSource.readyState should use an IDL enum
        https://bugs.webkit.org/show_bug.cgi?id=171672

        Reviewed by Eric Carlson and Chris Dumez.

        MediaSource.readyState should use an IDL enum as per specification
        (https://www.w3.org/TR/2016/CR-media-source-20160503/#idl-def-ReadyState).

        No new tests required since no behavior change.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::toString):
        (WebCore::MediaSource::MediaSource):
        (WebCore::MediaSource::setPrivateAndOpen):
        (WebCore::MediaSource::buffered):
        (WebCore::MediaSource::setReadyState):
        (WebCore::MediaSource::streamEndedWithError):
        (WebCore::MediaSource::isOpen):
        (WebCore::MediaSource::isClosed):
        (WebCore::MediaSource::isEnded):
        (WebCore::MediaSource::detachFromElement):
        (WebCore::MediaSource::openIfInEndedState):
        (WebCore::MediaSource::stop):
        (WebCore::MediaSource::onReadyStateChange):
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/MediaSource.idl:

2017-05-09  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>

        Invalid MediaSource duration value should throw TyperError instead of InvalidStateError
        https://bugs.webkit.org/show_bug.cgi?id=171653

        Reviewed by Youenn Fablet.

        Modify MediaSource::setDuration to throw a TypeError when duration value is invalid as per MSE specification
        (https://www.w3.org/TR/2016/REC-media-source-20161117/#dom-mediasource-duration).

        Update expectation of corresponding WPT test.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::setDuration):
        (WebCore::MediaSource::setDurationInternal):

2017-05-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, update binding-tests results
        https://bugs.webkit.org/show_bug.cgi?id=166752

        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:

2017-05-09  Chris Dumez  <cdumez@apple.com>

        Update DocumentOrShadowRoot.idl to match specifications
        https://bugs.webkit.org/show_bug.cgi?id=171845

        Reviewed by Ryosuke Niwa.

        Update DocumentOrShadowRoot.idl to match specifications:
        - https://dom.spec.whatwg.org/#mixin-documentorshadowroot
        - https://w3c.github.io/webcomponents/spec/shadow/#extensions-to-the-documentorshadowroot-mixin
        - https://w3c.github.io/pointerlock/#extensions-to-the-documentorshadowroot-mixin

        No Web-facing behavior change. Things that do not match the specification were merely
        annotated with FIXME comments.

        * dom/Document.idl:
        * dom/DocumentOrShadowRoot.idl:

2017-05-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, attempt to fix macOS ports using ApplePay
        https://bugs.webkit.org/show_bug.cgi?id=166752

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):

2017-05-09  Yoshiaki Jitsukawa  <Yoshiaki.Jitsukawa@sony.com>

        [Coordinated Graphics] Debug Visuals don't hide
        https://bugs.webkit.org/show_bug.cgi?id=162704

        Reviewed by Žan Doberšek.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::setShowDebugBorder):
        (WebCore::CoordinatedGraphicsLayer::setShowRepaintCounter):
        (WebCore::CoordinatedGraphicsLayer::syncLayerState):
        (WebCore::CoordinatedGraphicsLayer::setDebugBorder):
        showDebugBorders() and showRepaintCounter() of CoordinatedGraphicsLayer should reflect
        the "show" argument to the layer state.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
        (WebCore::DebugVisuals::DebugVisuals):
        (WebCore::CoordinatedGraphicsLayerState::CoordinatedGraphicsLayerState):
        To set the debug visuals of a layer, the visibility flags of the borders and the repaint
        counters as well as the border width and color are needed. Thus a new bundle struct
        DebugVisuals and its change flag debugVisualsChanged have been introduced in order to
        send the information at once.

2017-05-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Handle IDLPromise<> properly
        https://bugs.webkit.org/show_bug.cgi?id=166752

        Reviewed by Youenn Fablet.

        This patch implements WebIDL Promise type conversion. According to the spec,
        Promise takes a value and convert it to Promise by using Promise.resolve function.
        We implement JSPromise::resolve in JSC and use it in JSDOMConvertPromise.

        In conversion phase, we just convert the value to JSC::JSPromise* and hold it in
        PromiseRejectionEvent. On the other hand, In this patch, we newly introduce a new
        type DOMPromise and use it in RejectedPromiseTracker. And we also rename the previous
        DOMPromise to DOMPromiseDeferred since it is corresponding to JSPromiseDeferred.
        DOMPromise is DOMGuarded object. So it is strongly referenced from ScriptExecutionContext
        and it is weakly referenced from the object itself. This is important since Strong<JSPromise>
        reference in C++ object that has a wrapper (in this case, PromiseRejectionEvent) easily causes
        cyclic reference. We hold it as DOMPromise instead of Strong<JSPromise> in RejectedPromiseTracker
        to break the cyclic reference edge with weak reference.

        In the meantime, we still use JSC::Strong<> in PromiseRejectionEvent. It leaks memory if promise
        refers the wrapper object of PromiseRejectionEvent. CustomEvent also has the same problem.
        This is a general problem that `attribute any` can create cyclic reference. And they should be
        fixed in a different patch.

        Currently, we do not take the following approach. e.g. There is C++ object that represents Promise.
        And its wrapper object is JSPromise thing. When exposing the C++ object, it will be converted to a
        wrapper object. We do not take this approach because PromiseRejectionEvent can take user-provided promise.
        For example, users can create PromiseRejectionEvent in a form
        `new PromiseRejectionEvent("...", { promise: promise })`. In this case, `event.promise === promise`
        is required. And this is not suitable for the above C++ object model.

        Large part of this patch is mechanical one to replace DOMPromise with DOMPromiseDeferred.

        * CMakeLists.txt:
        * Modules/applepay/ApplePaySession.cpp:
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeySystemAccess.h:
        * Modules/encryptedmedia/MediaKeys.h:
        * Modules/encryptedmedia/NavigatorEME.h:
        * Modules/fetch/DOMWindowFetch.h:
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyConsumer.h:
        * Modules/fetch/FetchResponse.h:
        * Modules/fetch/WorkerGlobalScopeFetch.h:
        * Modules/mediastream/MediaDevices.h:
        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::replaceTrack):
        (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
        * Modules/mediastream/MediaEndpointPeerConnection.h:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::applyConstraints):
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::setLocalDescription):
        (WebCore::PeerConnectionBackend::setRemoteDescription):
        (WebCore::PeerConnectionBackend::addIceCandidate):
        * Modules/mediastream/PeerConnectionBackend.h:
        (WebCore::PeerConnectionBackend::endOfIceCandidates):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::queuedSetLocalDescription):
        (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):
        (WebCore::RTCPeerConnection::enqueueReplaceTrackTask):
        (WebCore::RTCPeerConnection::replaceTrack):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::replaceTrack):
        * Modules/mediastream/RTCRtpSender.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::start):
        (WebCore::UserMediaRequest::UserMediaRequest):
        * Modules/mediastream/UserMediaRequest.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::replaceTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * Modules/streams/ReadableStreamSource.h:
        (WebCore::ReadableStreamSource::start):
        (WebCore::ReadableStreamSource::pull):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::addReaction):
        (WebCore::AudioContext::setState):
        (WebCore::AudioContext::suspend):
        (WebCore::AudioContext::resume):
        (WebCore::AudioContext::close):
        * Modules/webaudio/AudioContext.h:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/IDLTypes.h:
        * bindings/js/CachedModuleScriptLoaderClient.h:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSCustomElementRegistryCustom.cpp:
        * bindings/js/JSDOMConvertPromise.h:
        (WebCore::Converter<IDLPromise<T>>::convert):
        (WebCore::JSConverter<IDLPromise<T>>::convert):
        * bindings/js/JSDOMExceptionHandling.cpp:
        * bindings/js/JSDOMGlobalObject.cpp:
        * bindings/js/JSDOMGuardedObject.h:
        * bindings/js/JSDOMPromise.h:
        (WebCore::DOMPromise::create):
        (WebCore::DOMPromise::promise):
        (WebCore::DOMPromise::DOMPromise):
        (WebCore::DeferredPromise::create): Deleted.
        (WebCore::DeferredPromise::resolve): Deleted.
        (WebCore::DeferredPromise::resolveWithNewlyCreated): Deleted.
        (WebCore::DeferredPromise::reject): Deleted.
        (WebCore::DeferredPromise::resolveWithCallback): Deleted.
        (WebCore::DeferredPromise::rejectWithCallback): Deleted.
        (WebCore::DeferredPromise::DeferredPromise): Deleted.
        (WebCore::DeferredPromise::deferred): Deleted.
        (WebCore::DOMPromiseBase::DOMPromiseBase): Deleted.
        (WebCore::DOMPromiseBase::operator=): Deleted.
        (WebCore::DOMPromiseBase::reject): Deleted.
        (WebCore::DOMPromiseBase::rejectType): Deleted.
        (WebCore::DOMPromiseBase::promise): Deleted.
        (WebCore::DOMPromise::resolve): Deleted.
        (WebCore::DOMPromise<void>::resolve): Deleted.
        (WebCore::callPromiseFunction): Deleted.
        (WebCore::bindingPromiseFunctionAdapter): Deleted.
        * bindings/js/JSDOMPromiseDeferred.cpp: Renamed from Source/WebCore/bindings/js/JSDOMPromise.cpp.
        (WebCore::DeferredPromise::promise):
        (WebCore::DeferredPromise::callFunction):
        (WebCore::DeferredPromise::reject):
        (WebCore::rejectPromiseWithExceptionIfAny):
        (WebCore::createDeferredPromise):
        (WebCore::createRejectedPromiseWithTypeError):
        (WebCore::parseAsJSON):
        (WebCore::fulfillPromiseWithJSON):
        (WebCore::fulfillPromiseWithArrayBuffer):
        * bindings/js/JSDOMPromiseDeferred.h: Copied from Source/WebCore/bindings/js/JSDOMPromise.h.
        (WebCore::DeferredPromise::create):
        (WebCore::DeferredPromise::resolve):
        (WebCore::DeferredPromise::resolveWithNewlyCreated):
        (WebCore::DeferredPromise::reject):
        (WebCore::DeferredPromise::resolveWithCallback):
        (WebCore::DeferredPromise::rejectWithCallback):
        (WebCore::DeferredPromise::DeferredPromise):
        (WebCore::DeferredPromise::deferred):
        (WebCore::DOMPromiseDeferredBase::DOMPromiseDeferredBase):
        (WebCore::DOMPromiseDeferredBase::operator=):
        (WebCore::DOMPromiseDeferredBase::reject):
        (WebCore::DOMPromiseDeferredBase::rejectType):
        (WebCore::DOMPromiseDeferredBase::promise):
        (WebCore::DOMPromiseDeferred::resolve):
        (WebCore::DOMPromiseDeferred<void>::resolve):
        (WebCore::callPromiseFunction):
        (WebCore::bindingPromiseFunctionAdapter):
        * bindings/js/JSSubtleCryptoCustom.cpp:
        * bindings/js/JSWebGPUCommandBufferCustom.cpp:
        * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: Added.
        (WebCore::convertDictionary<TestPromiseRejectionEvent::Init>):
        (WebCore::JSTestPromiseRejectionEventPrototype::create):
        (WebCore::JSTestPromiseRejectionEventPrototype::createStructure):
        (WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype):
        (WebCore::JSTestPromiseRejectionEventConstructor::construct):
        (WebCore::JSTestPromiseRejectionEventConstructor::prototypeForStructure):
        (WebCore::JSTestPromiseRejectionEventConstructor::initializeProperties):
        (WebCore::JSTestPromiseRejectionEventPrototype::finishCreation):
        (WebCore::JSTestPromiseRejectionEvent::JSTestPromiseRejectionEvent):
        (WebCore::JSTestPromiseRejectionEvent::finishCreation):
        (WebCore::JSTestPromiseRejectionEvent::createPrototype):
        (WebCore::JSTestPromiseRejectionEvent::prototype):
        (WebCore::BindingCaller<JSTestPromiseRejectionEvent>::castForAttribute):
        (WebCore::jsTestPromiseRejectionEventPromise):
        (WebCore::jsTestPromiseRejectionEventPromiseGetter):
        (WebCore::jsTestPromiseRejectionEventReason):
        (WebCore::jsTestPromiseRejectionEventReasonGetter):
        (WebCore::jsTestPromiseRejectionEventConstructor):
        (WebCore::setJSTestPromiseRejectionEventConstructor):
        (WebCore::JSTestPromiseRejectionEvent::getConstructor):
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h: Added.
        (WebCore::JSTestPromiseRejectionEvent::create):
        (WebCore::JSTestPromiseRejectionEvent::createStructure):
        (WebCore::JSTestPromiseRejectionEvent::wrapped):
        (WebCore::toJS):
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/TestPromiseRejectionEvent.idl: Copied from Source/WebCore/bindings/js/CachedModuleScriptLoaderClient.h.
        * css/FontFace.h:
        * css/FontFaceSet.h:
        * dom/CustomElementRegistry.h:
        * dom/PromiseRejectionEvent.h:
        * dom/RejectedPromiseTracker.cpp:
        (WebCore::UnhandledPromise::UnhandledPromise):
        (WebCore::UnhandledPromise::callStack):
        (WebCore::UnhandledPromise::promise):
        (WebCore::RejectedPromiseTracker::promiseRejected):
        (WebCore::RejectedPromiseTracker::promiseHandled):
        (WebCore::RejectedPromiseTracker::reportUnhandledRejections):
        (WebCore::RejectedPromiseTracker::reportRejectionHandled):
        (WebCore::RejectedPromise::RejectedPromise): Deleted.
        (WebCore::RejectedPromise::globalObject): Deleted.
        (WebCore::RejectedPromise::promise): Deleted.
        * dom/RejectedPromiseTracker.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::rejectPendingPlayPromises):
        (WebCore::HTMLMediaElement::resolvePendingPlayPromises):
        (WebCore::HTMLMediaElement::play):
        * html/HTMLMediaElement.h:
        * platform/graphics/gpu/GPUCommandBuffer.h:
        * testing/Internals.h:

2017-05-09  Zan Dobersek  <zdobersek@igalia.com>

        Upstream the WPE port
        https://bugs.webkit.org/show_bug.cgi?id=171110

        Reviewed by Alex Christensen.

        webkit-dev thread:
        https://lists.webkit.org/pipermail/webkit-dev/2017-April/028923.html

        Existing files mostly changed to properly use PLATFORM(WPE) build guards.
        In-file changes removed from this ChangeLog entry for brevity.

        * CMakeLists.txt:
        * PlatformWPE.cmake: Added.
        * accessibility/AccessibilityObject.h:
        * accessibility/wpe/AXObjectCacheWPE.cpp: Added.
        * accessibility/wpe/AccessibilityObjectWPE.cpp: Copied from Source/WebCore/platform/audio/glib/AudioBusGLib.cpp.
        * config.h:
        * crypto/keys/CryptoKeyEC.h:
        * crypto/keys/CryptoKeyRSA.h:
        * editing/Editor.cpp:
        * editing/Editor.h:
        * editing/wpe/EditorWPE.cpp: Added.
        * page/EventHandler.cpp:
        * page/wpe/EventHandlerWPE.cpp: Added.
        * platform/Cursor.h:
        * platform/DragData.h:
        * platform/DragImage.h:
        * platform/FileSystem.h:
        * platform/MainThreadSharedTimer.cpp:
        * platform/MainThreadSharedTimer.h:
        * platform/Pasteboard.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/SchemeRegistry.cpp:
        * platform/Widget.h:
        * platform/audio/glib/AudioBusGLib.cpp:
        * platform/glib/FileSystemGlib.cpp:
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/GLContext.cpp:
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/OpenGLESShims.h:
        * platform/graphics/PlatformDisplay.cpp:
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/egl/GLContextEGL.cpp:
        * platform/graphics/egl/GLContextEGL.h:
        * platform/graphics/egl/GLContextEGLWPE.cpp: Copied from Source/WebCore/platform/audio/glib/AudioBusGLib.cpp.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        * platform/graphics/wpe/IconWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/graphics/wpe/ImageWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/graphics/wpe/PlatformDisplayWPE.cpp: Added.
        * platform/graphics/wpe/PlatformDisplayWPE.h: Added.
        * platform/wpe/CursorWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/LocalizedStringsWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/PasteboardWPE.cpp: Added.
        * platform/wpe/PlatformKeyboardEventWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/PlatformPasteboardWPE.cpp: Added.
        * platform/wpe/PlatformScreenWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/RenderThemeWPE.cpp: Copied from Source/WebKit2/Shared/NativeWebWheelEvent.h.
        * platform/wpe/RenderThemeWPE.h: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/ScrollbarThemeWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/ScrollbarThemeWPE.h: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/SoundWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/ThemeWPE.cpp: Added.
        * platform/wpe/ThemeWPE.h: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.
        * platform/wpe/WidgetWPE.cpp: Copied from Source/WebKit2/Shared/DrawingAreaInfo.h.

2017-05-09  Frederic Wang  <fwang@igalia.com>

        Fix property names in ScrollingTreeScrollingNode::dumpProperties
        https://bugs.webkit.org/show_bug.cgi?id=171848

        Reviewed by Gyuyoung Kim.

        No new tests, this function is only used for debugging purpose.

        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::dumpProperties):

2017-05-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Building Webkit2Gtk without OpenGL fails.
        https://bugs.webkit.org/show_bug.cgi?id=170959

        Reviewed by Žan Doberšek.

        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
        * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:

2017-05-09  Fujii Hironori  <Hironori.Fujii@sony.com>

        [AppleWin] CaptureDeviceManager.cpp: error C2813: #import is not supported with /MP
        https://bugs.webkit.org/show_bug.cgi?id=171849

        Reviewed by Per Arne Vollan.

        * platform/mediastream/CaptureDeviceManager.cpp: Replaced #import with #include.

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Refactor / Clean up DOMWindow.idl
        https://bugs.webkit.org/show_bug.cgi?id=171843

        Reviewed by Ryosuke Niwa.

        Refactor / Clean up DOMWindow.idl to match the specification more closely:
        - https://html.spec.whatwg.org/#the-window-object

        No expected Web-facing change. Things that do not match the specification
        have been annotated with FIXME comments.

        * page/DOMWindow.idl:

2017-05-08  Frederic Wang  <fwang@igalia.com>

        Simplify ScrollingStateNode::scrollingStateTreeAsText
        https://bugs.webkit.org/show_bug.cgi?id=171802

        Reviewed by Simon Fraser.

        The following simplifications are performed:
        - Rely on TextStream's internal value to manage indentation.
        - Use TextStream::dumpProperty and << to print simple properties.
        - Try and use TextStream::GroupScope for groups.

        No new tests, only minor format changes in the dumped tree.

        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::dumpProperties):
        * page/scrolling/ScrollingStateFixedNode.h:
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::dumpProperties):
        (WebCore::ScrollingStateNode::dump):
        (WebCore::ScrollingStateNode::scrollingStateTreeAsText):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateOverflowScrollingNode.cpp:
        (WebCore::ScrollingStateOverflowScrollingNode::dumpProperties):
        * page/scrolling/ScrollingStateOverflowScrollingNode.h:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::dumpProperties):
        * page/scrolling/ScrollingStateScrollingNode.h:
        * page/scrolling/ScrollingStateStickyNode.cpp:
        (WebCore::ScrollingStateStickyNode::dumpProperties):
        * page/scrolling/ScrollingStateStickyNode.h:

2017-05-08  Youenn Fablet  <youenn@apple.com>

        Follow-up to bug 171710: use more references and reject if either audio or video source creation is failing
        https://bugs.webkit.org/show_bug.cgi?id=171824

        Reviewed by Alex Christensen.

        Refactoring to use more references.
        Only behavioral change is the rejection of the getUserMedia promise if either audio or video source creation is
        failing. Previously, if audio source creation was failing, the promise would still resolve if video source was
        sucessfully created.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::audioFactory):
        (WebCore::RealtimeMediaSourceCenter::videoFactory):
        (WebCore::RealtimeMediaSourceCenter::audioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::videoCaptureDeviceManager):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        (WebCore::RealtimeMediaSourceCenter::defaultAudioFactory): Deleted.
        (WebCore::RealtimeMediaSourceCenter::defaultVideoFactory): Deleted.
        (WebCore::RealtimeMediaSourceCenter::defaultAudioCaptureDeviceManager): Deleted.
        (WebCore::RealtimeMediaSourceCenter::defaultVideoCaptureDeviceManager): Deleted.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
        (WebCore::RealtimeMediaSourceCenterMac::getMediaStreamDevices):
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):
        (WebCore::RealtimeMediaSourceCenterMac::defaultVideoFactory):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenterMac::defaultVideoCaptureDeviceManager):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::defaultAudioFactory):
        (WebCore::MockRealtimeMediaSourceCenter::defaultVideoFactory):
        (WebCore::MockRealtimeMediaSourceCenter::defaultAudioCaptureDeviceManager):
        (WebCore::MockRealtimeMediaSourceCenter::defaultVideoCaptureDeviceManager):
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Drop [CEReactions] from CharacterData operations
        https://bugs.webkit.org/show_bug.cgi?id=171813

        Reviewed by Ryosuke Niwa.

        Drop [CEReactions] from CharacterData operations to match the DOM specification:
        - https://dom.spec.whatwg.org/#interface-characterdata

        I believe WebKit had this because Attr used to have Text child nodes. Therefore, modifying
        those Text child nodes via the CharacterData API could modify the value of an attribute,
        requiring us to run attributeChangedCallback for Custom Elements. However, as of
        <https://trac.webkit.org/r216259>, Attr can no longer have Text child nodes.

        I have also verified that Blink does not have [CEReactions] for those methods.

        No new tests, no expected Web-facing behavior change.

        * dom/CharacterData.idl:

2017-05-08  Jeremy Jones  <jeremyj@apple.com>

        Remove black background from video layer while in fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=171816

        Reviewed by Eric Carlson.

        No new tests because no new behavior in DOM.

        This changes the background of the video layer to clear when it goes into fullscreen
        and back to black when it returns to inline to better facilitate fullsceen animations.

        * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm:
        (WebCore::VideoFullscreenLayerManager::setVideoLayer):
        (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer):

2017-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        The Incomplete asynchronously decoded image frame should be decoded every time it's drawn
        https://bugs.webkit.org/show_bug.cgi?id=170836

        Reviewed by Tim Horton.

        The asynchronously decoded image frames has to be cached to prevent flickering,
        but we have to keep requesting new decoding for the incomplete frame every time
        it's drawn. This is to avoid drawing an incomplete image frame even after all
        its encoded data is received.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw):
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex):
        (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex):

2017-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>

        Guard DragController::cleanupAfterSystemDrag to only clear drag state on Mac
        https://bugs.webkit.org/show_bug.cgi?id=171771
        <rdar://problem/32019149>

        Reviewed by Tim Horton.

        The call to dragEnded here seems to have been added because a client could override Mac WK1
        WebUIDelegate methods to cause this cleanup to never be performed. Since this limitation only
        applies to Mac, guard it as such.

        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::cleanupAfterSystemDrag):

2017-05-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216262.
        https://bugs.webkit.org/show_bug.cgi?id=171842

        "It regressed JetStream on iOS by 7%" (Requested by saamyjoon
        on #webkit).

        Reverted changeset:

        "GCController.cpp's collect() should be Async"
        https://bugs.webkit.org/show_bug.cgi?id=171708
        http://trac.webkit.org/changeset/216262

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Move offsetParent / offsetLeft / offsetTop / offsetWidth / offsetHeight from Element to HTMLElement
        https://bugs.webkit.org/show_bug.cgi?id=171829

        Reviewed by Simon Fraser.

        Move offsetParent / offsetLeft / offsetTop / offsetWidth / offsetHeight from Element to HTMLElement,
        as per the specification:
        - https://drafts.csswg.org/cssom-view/#extensions-to-the-htmlelement-interface

        Both Firefox and Chrome match the specification and also do not have the corresponding API on
        SVGElement.

        Bug tracking the similar move in Blink (completed over 1 year ago):
        - https://bugs.chromium.org/p/chromium/issues/detail?id=463116

        Note that for the inner SVG elements like <rect> and <circle> these attributes were returning 0,
        because those aren't part of the CSS box model. They did return correct values for the <svg>
        element itself, however.

        Test: fast/css/htmlelement-offset-properties.html

        * dom/Element.idl:
        - Drop offset* attributes, now that they are on HTMLElement.

        * html/HTMLElement.idl:
        - Resync HTMLElement.idl with the specification: https://html.spec.whatwg.org/#htmlelement
          No behavior change besides what's indicated in the Changelog above. Things that do not match
          the spec have been annotated with FIXME comments.
        - Add offset* attributes that used to be on Element.

2017-05-08  Youenn Fablet  <youenn@apple.com>

        Add support for reading and writing settings from UIProcess audio capture
        https://bugs.webkit.org/show_bug.cgi?id=171633

        Reviewed by Eric Carlson.

        Covered by manual testing and existing test sets.

        Moving success/failure callbacks for applyConstraints.
        Making main RealtimeMediaSource::applyConstraints virtual so that WebProcess source proxies can implement it by
        doing an IPC call directly. Doing so for UIProcess CoreAudioCaptureSource.

        Adding support for volume to CoreAudioCaptureSource by applying gain post-capturing.
        Adding support for toggling echo cancellation in CoreAudioCaptureSource.
        Adding support to change echo cancellation and sample rate by scheduling a reconfiguration of the audio unit.
        To do so, we stop producing data, delete the audio unit and restart producing data.
        Removing CoreAudioCaptureSource::supportedConstraints as it is redundant with
        RealtimeMediaSourceSettings::supportedConstraints.

        Setting sample rate only to the following values: 8000, 16000, 32000, 44100, 48000.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::applyConstraints):
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::applyConstraints):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::applyConstraints):
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeMediaSourceSettings.h:
        (WebCore::RealtimeMediaSourceSettings::supportedConstraints):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples):
        (WebCore::CoreAudioCaptureSource::cleanupAudioUnit):
        (WebCore::CoreAudioCaptureSource::createAudioUnit):
        (WebCore::CoreAudioCaptureSource::configureAudioUnit):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::capabilities):
        (WebCore::CoreAudioCaptureSource::settings):
        (WebCore::CoreAudioCaptureSource::applySampleRate):
        (WebCore::CoreAudioCaptureSource::applyEchoCancellation):
        (WebCore::CoreAudioCaptureSource::scheduleReconfiguration):
        (WebCore::CoreAudioCaptureSource::cleanupAudioUnits): Deleted.
        (WebCore::CoreAudioCaptureSource::setupAudioUnits): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Drop non-standard document.implementation.createCSSStyleSheet() API
        https://bugs.webkit.org/show_bug.cgi?id=171825

        Reviewed by Simon Fraser.

        Drop non-standard document.implementation.createCSSStyleSheet() API.

        This was never-implemented by Firefox and they actually rejected implementing it:
        - Drop non-standard document.implementation.createCSSStyleSheet() API

        Blink dropped this API back in 2014 after getting UseCounter data showing this was not used:
        - https://bugs.chromium.org/p/chromium/issues/detail?id=363561
        - https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/uDjkuGA9gQs/zytnzJ6WryYJ

        The API is not useful in its current state because even though
        document.implementation.createCSSStyleSheet() allows you to create a stylesheet, there is
        currently no way to associate it with the document.

        Test: fast/css/DOMImplementation.createCSSStyleSheet-obsolete.html

        * dom/DOMImplementation.idl:

2017-05-08  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: don't expose empty roledescription
        https://bugs.webkit.org/show_bug.cgi?id=163647

        Reviewed by Chris Fleizach.

        If the value of aria-roledescription is empty or contains only whitespace
        characters, ignore the value. Also strip out leading or trailing whitespace
        characters in the value.

        No new tests: We already had coverage for an empty aria-roledescription value.
        That test was updated to reflect the new behavior. New test cases were added
        to cover a value that contains only whitespace characters, and a value with
        leading and trailing whitespace characters.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::roleDescription):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper roleDescription]):

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Drop non-standard Element.scrollByLines() / scrollByPages()
        https://bugs.webkit.org/show_bug.cgi?id=171820

        Reviewed by Simon Fraser.

        Drop non-standard Element.scrollByLines() / scrollByPages().

        Those were added a very long time ago (https://trac.webkit.org/changeset/7901/webkit)
        for Safari RSS but does not seem to be used anymore.

        Blink has already dropped it without issue back in 2014:
        - https://bugs.chromium.org/p/chromium/issues/detail?id=398356

        Their UseCounter data showed no usage:
        - https://www.chromestatus.com/metrics/feature/timeline/popularity/390

        Test: fast/css/element-scrollByLines-scrollByPages-obsolete.html

        * dom/Element.idl:

2017-05-08  Youenn Fablet  <youenn@apple.com>

        CoreAudioSharedUnit should own its configuration parameters
        https://bugs.webkit.org/show_bug.cgi?id=171812

        Reviewed by Eric Carlson.

        Covered by manual tests.

        Add sampleRate, volume and echoCancellation parameters to the shared audio unit.
        Set default values when creating the shared audio unit and use those for the creation of new sources.
        Add support for volume.
        Add support for disabling echo cancellation.
        Check valid sample rates when trying to apply a sample rate.

        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::volume):
        (WebCore::CoreAudioSharedUnit::sampleRate):
        (WebCore::CoreAudioSharedUnit::enableEchoCancellation):
        (WebCore::CoreAudioSharedUnit::setVolume):
        (WebCore::CoreAudioSharedUnit::setSampleRate):
        (WebCore::CoreAudioSharedUnit::setEnableEchoCancellation):
        (WebCore::CoreAudioSharedUnit::CoreAudioSharedUnit):
        (WebCore::CoreAudioSharedUnit::setupAudioUnits):
        (WebCore::CoreAudioSharedUnit::configureMicrophoneProc):
        (WebCore::CoreAudioSharedUnit::configureSpeakerProc):
        (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::applySampleRate):
        (WebCore::CoreAudioCaptureSource::applyEchoCancellation):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-05-08  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Setting aria-orientation="horizontal" on a listbox is being overridden on the Mac
        https://bugs.webkit.org/show_bug.cgi?id=171821

        Reviewed by Chris Fleizach.

        The Mac's AccessibilityObject wrapper was unconditionally returning vertical
        as the orientation of listbox. Removing this override causes the author-specified
        value to be exposed, with the default/implicit orientation continuing to be vertical.

        No new tests. We already have coverage for the default/implicit orientation on a
        listbox. A new test case was added to aria-orientation.html so that we would have
        coverage for aria-orientation="horizontal" on a listbox.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2017-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [CG] To decode an image frame asynchronously, pass the native size of the image to CGImageSourceCreateThumbnailAtIndex() if it's smaller than the sizeForDrawing
        https://bugs.webkit.org/show_bug.cgi?id=170864
 
        Reviewed by Simon Fraser.

        Tests: Existing tests were modified to test this patch.
 
        The maxPixelSize was omitted when calling CGImageSourceCreateThumbnailAtIndex()
        for the nativeSize image or when areaOf(nativeSize) < areaOf(sizeForDrawing).
        The assumption was if we don't pass maxPixelSize, CG will create an image with the
        nativeSize regardless how big this size is. It turns out this is wrong. CG has an
        optimization to return a scaled down image if areaOf(nativeSize) is greater than
        some maximum value.
 
        This is not what we want for asynchronously image decoding. We want the decoded
        frame to have the size we ask for, not some scaled down frame. The fix is to pass
        always maxPixelSize to CGImageSourceCreateThumbnailAtIndex(). maxPixelSize will be
        equal to maxDimension(sizeForDrawing) if sizeForDrawing is valid it is less than
        maxDimension(nativeSize). Otherwise it will be equal to maxDimension(nativeSize).

        * platform/graphics/DecodingOptions.h:
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::appendImageSourceOption):
        (WebCore::appendImageSourceOptions):
        (WebCore::imageSourceAsyncOptions):
        (WebCore::ImageDecoder::createFrameImageAtIndex):

2017-05-08  Beth Dakin  <bdakin@apple.com>

        WebKit should default to using sRGB with NSColor conversion instead of device 
        color space
        https://bugs.webkit.org/show_bug.cgi?id=171745
        -and corresponding-
        rdar://problem/28314183

        Reviewed by Tim Horton.

        * platform/graphics/mac/ColorMac.mm:
        (WebCore::makeRGBAFromNSColor):
        (WebCore::nsColor):

2017-05-08  Alex Christensen  <achristensen@webkit.org>

        Reduce PassRefPtr use
        https://bugs.webkit.org/show_bug.cgi?id=171809

        Reviewed by Chris Dumez.

        * platform/graphics/ca/PlatformCALayer.cpp:
        (WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::TileCoverageMap):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::TileGrid):
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (PlatformCALayerCocoa::create):
        (PlatformCALayerCocoa::clone):
        (PlatformCALayerCocoa::animationForKey):
        (PlatformCALayerCocoa::createCompatibleLayer):

2017-05-08  Jer Noble  <jer.noble@apple.com>

        [Mac] Audio capture fails when shouldCaptureAudioInUIProcess is set.
        https://bugs.webkit.org/show_bug.cgi?id=171710

        Reviewed by Eric Carlson.

        Both the shouldCaptureAudioInUIProcess setting and useAVFoundationAudioCapture setting were trying to set
        the audio factory for RealtimeMediaSourceCenter, and were stomping on each others' changes. Change the way
        the useAVFoundationAudioCapture works so that it only affects the defaultAudioFactory, allowing that default
        to be overridden by the shuoldCaptureAudioInUIProcess setting when it calls setAudioFactory().

        * page/Settings.cpp:
        (WebCore::Settings::setUseAVFoundationAudioCapture):
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::audioFactory):
        (WebCore::RealtimeMediaSourceCenter::videoFactory):
        (WebCore::RealtimeMediaSourceCenter::audioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::videoCaptureDeviceManager):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        (WebCore::RealtimeMediaSourceCenter::audioFactory): Deleted.
        (WebCore::RealtimeMediaSourceCenter::videoFactory): Deleted.
        (WebCore::RealtimeMediaSourceCenter::audioCaptureDeviceManager): Deleted.
        (WebCore::RealtimeMediaSourceCenter::videoCaptureDeviceManager): Deleted.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture):
        (WebCore::RealtimeMediaSourceCenterMac::singleton):
        (WebCore::RealtimeMediaSourceCenter::platformCenter):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioCaptureDeviceManager):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

2017-05-04  Jiewen Tan  <jiewen_tan@apple.com>

        Search events should not fire synchronously for search type input elements with incremental attribute set
        https://bugs.webkit.org/show_bug.cgi?id=171376
        <rdar://problem/31863296>

        Reviewed by Chris Dumez.

        For some reasons, we fire search events immediately for search type input elements with incremental
        attribute set only when the length of the input equals to zero. This behaviour should be prevented
        as event listeners in the middle might perform unexpectedly.

        Test: fast/forms/search/search-incremental-crash.html

        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::startSearchEventTimer):

2017-05-08  Zalan Bujtas  <zalan@apple.com>

        Text overlaps on http://www.duden.de/rechtschreibung/Acre
        https://bugs.webkit.org/show_bug.cgi?id=171796
        <rdar://problem/31036028>

        Reviewed by Simon Fraser.

        Simple line layout pre-measures space using the primary font,
        even if the space glyph requires a fallback font (and even if the string does not have a space in it at all).
        When this width gets cached (see WidthCache) we might end up using it later during normal line layout and
        it could produce incorrect layout.
        This patch removes the space width caching from Simple line layout, since Font already caches it.

        Test: fast/text/simple-line-layout-fallback-space-glyph.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::createLineRuns):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Refactor ImageInputType::width() / height() for clarity
        https://bugs.webkit.org/show_bug.cgi?id=171810

        Reviewed by Zalan Bujtas.

        Refactor ImageInputType::width() / height() for clarity.

        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::height):
        (WebCore::ImageInputType::width):

2017-05-08  Zalan Bujtas  <zalan@apple.com>

        Bail out of simple line layout when hyphen needs a fallback font.
        https://bugs.webkit.org/show_bug.cgi?id=171811

        Reviewed by Antti Koivisto.

        With hyphen: auto is set, we don't know if the hypen string is going to be used, until
        after we started laying out the content and figured that the text overflows the line.
        However it's too late to bail out of simple line layout at this point, so let's just
        pre-check if the hyphen string needs a fallback font.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForStyle):

2017-05-08  Youenn Fablet  <youenn@apple.com>

        TURNS gathering is not working properly
        https://bugs.webkit.org/show_bug.cgi?id=171747

        Reviewed by Eric Carlson.

        Covered by manual tests.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration): Reveting TURNS ice server skipping.

2017-05-08  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, rolling out r216419.

        Broke 70 layout tests on GTK bot

        Reverted changeset:

        "Ensure clean tree before AX cache update."
        https://bugs.webkit.org/show_bug.cgi?id=171546
        http://trac.webkit.org/changeset/216419

2017-05-08  Youenn Fablet  <youenn@apple.com>

        CoreAudioCaptureSource should not modify its shared unit if already started/stopped
        https://bugs.webkit.org/show_bug.cgi?id=171804

        Reviewed by Jer Noble.

        Manual testing only since CoreAudioSharedUnit is not mocked.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::startProducingData): Exit early if source is already started.
        (WebCore::CoreAudioCaptureSource::stopProducingData): Exit early if source is already stopped.

2017-05-08  Antti Koivisto  <antti@apple.com>

        ComposedTreeIterator does not traverse all slotted children if the traversal root is a slot element.
        https://bugs.webkit.org/show_bug.cgi?id=171375
        <rdar://problem/31863184>

        Reviewed by Zalan Bujtas.

        We were hitting an assert when using details element with a flow thread. The root cause for this turned
        out to be that we only traversed the first slotted child if the traversal root was a slot element.

        Test: fast/html/details-flow-thread.html

        * dom/ComposedTreeIterator.cpp:
        (WebCore::ComposedTreeIterator::traverseNextLeavingContext):

            Try to traverse to the next slotted child before testing if we at the end of the current context.

2017-05-08  Mark Lam  <mark.lam@apple.com>

        Introduce ExceptionScope::assertNoException() and releaseAssertNoException().
        https://bugs.webkit.org/show_bug.cgi?id=171776

        Reviewed by Keith Miller.

        No new tests because there's no behavior change in functionality.  We're only
        refactoring the code to use the new assertion utility function.

        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::installReplacement):
        * bindings/js/JSCryptoKeySerializationJWK.cpp:
        (WebCore::getJSArrayFromJSON):
        (WebCore::getStringFromJSON):
        (WebCore::getBooleanFromJSON):
        * bindings/js/JSCustomElementRegistryCustom.cpp:
        (WebCore::JSCustomElementRegistry::whenDefined):
        * bindings/js/JSDOMExceptionHandling.cpp:
        (WebCore::propagateExceptionSlowPath):
        (WebCore::throwNotSupportedError):
        (WebCore::throwInvalidStateError):
        (WebCore::throwSecurityError):
        (WebCore::throwDOMSyntaxError):
        (WebCore::throwDataCloneError):
        (WebCore::throwIndexSizeError):
        (WebCore::throwTypeMismatchError):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::makeThisTypeErrorForBuiltins):
        (WebCore::makeGetterTypeErrorForBuiltins):
        * bindings/js/JSDOMGlobalObjectTask.cpp:
        * bindings/js/JSDOMPromise.h:
        (WebCore::callPromiseFunction):
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowMicrotaskCallback::call):
        * bindings/js/JSMainThreadExecState.h:
        (WebCore::JSMainThreadExecState::~JSMainThreadExecState):
        * bindings/js/ReadableStreamDefaultController.cpp:
        (WebCore::ReadableStreamDefaultController::isControlledReadableStreamLocked):
        * bindings/js/ReadableStreamDefaultController.h:
        (WebCore::ReadableStreamDefaultController::enqueue):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::readTerminal):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateSerializerFunction):
        * bindings/scripts/test/JS/JSTestNode.cpp:
        (WebCore::JSTestNode::serialize):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObj::serialize):
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        (WebCore::JSTestSerialization::serialize):
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        (WebCore::JSTestSerializationInherit::serialize):
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        (WebCore::JSTestSerializationInheritFinal::serialize):
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::getTypeFlags):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
        (WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange):
        (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot):

2017-05-08  Chris Dumez  <cdumez@apple.com>

        Move 'style' from Element to HTMLElement / SVGElement and make it settable
        https://bugs.webkit.org/show_bug.cgi?id=171795

        Reviewed by Alex Christensen.

        Move 'style' from Element to HTMLElement / SVGElement and make it settable
        as per:
        - https://drafts.csswg.org/cssom/#the-elementcssinlinestyle-interface

        Both Firefox and Chrome already match the specification (both for the
        property location and having it settable).

        Test: fast/css/Element-style.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * css/ElementCSSInlineStyle.idl: Added.
        * css/PropertySetCSSStyleDeclaration.h:
        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::ensureCSSStyleDeclaration):
        (WebCore::MutableStyleProperties::ensureInlineCSSStyleDeclaration):
        * css/StyleProperties.h:
        * dom/Attr.cpp:
        (WebCore::Attr::style):
        * dom/Document.cpp:
        (WebCore::Document::createCSSStyleDeclaration):
        * dom/Element.cpp:
        * dom/Element.h:
        * dom/Element.idl:
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::cssomStyle):
        * dom/StyledElement.h:
        * editing/Editor.cpp:
        (WebCore::Editor::applyEditingStyleToElement):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline):
        * html/HTMLElement.idl:

        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::height):
        (WebCore::ImageInputType::width):
        Fix bug that was found by fast/forms/input-width-height-attributes-without-renderer-loaded-image.html.
        That test relied on setting HTMLElement.style which did not work until now. Call updateLayout()
        *before* doing the renderer check.

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
        (WebCore::InspectorCSSAgent::getInlineStylesForNode):
        (WebCore::InspectorCSSAgent::getComputedStyleForNode):
        (WebCore::InspectorCSSAgent::asInspectorStyleSheet):
        (WebCore::InspectorCSSAgent::buildObjectForAttributesStyle):
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyle::create):
        (WebCore::InspectorStyle::InspectorStyle):
        (WebCore::InspectorStyle::extractSourceData):
        (WebCore::InspectorStyle::setText):
        (WebCore::InspectorStyleSheet::inspectorStyleForId):
        (WebCore::InspectorStyleSheetForInlineStyle::create):
        (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
        (WebCore::InspectorStyleSheetForInlineStyle::didModifyElementAttribute):
        (WebCore::InspectorStyleSheetForInlineStyle::setStyleText):
        (WebCore::InspectorStyleSheetForInlineStyle::ensureParsedDataReady):
        (WebCore::InspectorStyleSheetForInlineStyle::inlineStyle):
        * inspector/InspectorStyleSheet.h:
        * svg/SVGElement.idl:

2017-05-08  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Propagate aria-readonly to grid descendants
        https://bugs.webkit.org/show_bug.cgi?id=171189

        Reviewed by Chris Fleizach.

        Propagate aria-readonly to grid descendants if the property is not
        explicitly set on the descendant.

        Test: accessibility/gtk/aria-readonly-propagated.html
              Additional test cases also added to accessibility/aria-readonly.html

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::ariaReadOnlyValue):
        * accessibility/AccessibilityARIAGridCell.h:
        * accessibility/AccessibilityObject.h:

2017-05-06  Zalan Bujtas  <zalan@apple.com>

        Ensure clean tree before AX cache update.
        https://bugs.webkit.org/show_bug.cgi?id=171546
        <rdar://problem/31934942>

        While updating an accessibility object state, we might
        perform unintentional style updates. This style update could
        end up destroying renderes that are still referenced by function calls 
        on the callstack.
        To avoid that, AXObjectCache should operate on a clean tree only. 

        Reviewed by Chris Fleizach.

        Test: accessibility/crash-when-render-tree-is-not-clean.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::checkedStateChanged):
        (WebCore::AXObjectCache::selectedChildrenChanged):
        (WebCore::AXObjectCache::handleAriaExpandedChange):
        (WebCore::AXObjectCache::handleActiveDescendantChanged):
        (WebCore::AXObjectCache::handleAriaRoleChanged):
        (WebCore::AXObjectCache::handleAttributeChanged):
        (WebCore::AXObjectCache::handleAriaModalChange):
        (WebCore::AXObjectCache::labelChanged):
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::checkedStateChanged):
        (WebCore::AXObjectCache::handleActiveDescendantChanged):
        (WebCore::AXObjectCache::handleAriaExpandedChange):
        (WebCore::AXObjectCache::handleAriaRoleChanged):
        (WebCore::AXObjectCache::handleAriaModalChange):
        (WebCore::AXObjectCache::handleAttributeChanged):
        (WebCore::AXObjectCache::selectedChildrenChanged):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::handleAriaExpandedChanged):
        * dom/Element.cpp:
        (WebCore::Element::attributeChanged):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setChecked):

2017-05-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Unprefix unicode-bidi CSS values
        https://bugs.webkit.org/show_bug.cgi?id=171761

        Reviewed by Simon Fraser.

        Create new values which parse to the same internal state as the
        prefixed values.

        Tests: fast/text/bidi-unprefix.html
               imported/w3c/i18n/bidi/bidi-embed-001.html
               imported/w3c/i18n/bidi/bidi-embed-002.html
               imported/w3c/i18n/bidi/bidi-embed-003.html
               imported/w3c/i18n/bidi/bidi-embed-004.html
               imported/w3c/i18n/bidi/bidi-embed-005.html
               imported/w3c/i18n/bidi/bidi-embed-006.html
               imported/w3c/i18n/bidi/bidi-embed-007.html
               imported/w3c/i18n/bidi/bidi-embed-008.html
               imported/w3c/i18n/bidi/bidi-embed-009.html
               imported/w3c/i18n/bidi/bidi-embed-010.html
               imported/w3c/i18n/bidi/bidi-embed-011.html
               imported/w3c/i18n/bidi/bidi-isolate-001.html
               imported/w3c/i18n/bidi/bidi-isolate-002.html
               imported/w3c/i18n/bidi/bidi-isolate-003.html
               imported/w3c/i18n/bidi/bidi-isolate-004.html
               imported/w3c/i18n/bidi/bidi-isolate-005.html
               imported/w3c/i18n/bidi/bidi-isolate-006.html
               imported/w3c/i18n/bidi/bidi-isolate-007.html
               imported/w3c/i18n/bidi/bidi-isolate-008.html
               imported/w3c/i18n/bidi/bidi-isolate-009.html
               imported/w3c/i18n/bidi/bidi-isolate-010.html
               imported/w3c/i18n/bidi/bidi-isolate-011.html
               imported/w3c/i18n/bidi/bidi-isolate-override-001.html
               imported/w3c/i18n/bidi/bidi-isolate-override-002.html
               imported/w3c/i18n/bidi/bidi-isolate-override-003.html
               imported/w3c/i18n/bidi/bidi-isolate-override-004.html
               imported/w3c/i18n/bidi/bidi-isolate-override-005.html
               imported/w3c/i18n/bidi/bidi-isolate-override-006.html
               imported/w3c/i18n/bidi/bidi-isolate-override-007.html
               imported/w3c/i18n/bidi/bidi-isolate-override-008.html
               imported/w3c/i18n/bidi/bidi-isolate-override-009.html
               imported/w3c/i18n/bidi/bidi-isolate-override-010.html
               imported/w3c/i18n/bidi/bidi-isolate-override-011.html
               imported/w3c/i18n/bidi/bidi-isolate-override-012.html
               imported/w3c/i18n/bidi/bidi-normal-001.html
               imported/w3c/i18n/bidi/bidi-normal-002.html
               imported/w3c/i18n/bidi/bidi-normal-003.html
               imported/w3c/i18n/bidi/bidi-normal-004.html
               imported/w3c/i18n/bidi/bidi-normal-005.html
               imported/w3c/i18n/bidi/bidi-normal-006.html
               imported/w3c/i18n/bidi/bidi-normal-007.html
               imported/w3c/i18n/bidi/bidi-normal-008.html
               imported/w3c/i18n/bidi/bidi-normal-009.html
               imported/w3c/i18n/bidi/bidi-normal-010.html
               imported/w3c/i18n/bidi/bidi-normal-011.html
               imported/w3c/i18n/bidi/bidi-override-001.html
               imported/w3c/i18n/bidi/bidi-override-002.html
               imported/w3c/i18n/bidi/bidi-override-003.html
               imported/w3c/i18n/bidi/bidi-override-004.html
               imported/w3c/i18n/bidi/bidi-override-005.html
               imported/w3c/i18n/bidi/bidi-override-006.html
               imported/w3c/i18n/bidi/bidi-override-007.html
               imported/w3c/i18n/bidi/bidi-override-008.html
               imported/w3c/i18n/bidi/bidi-override-009.html
               imported/w3c/i18n/bidi/bidi-override-010.html
               imported/w3c/i18n/bidi/bidi-override-011.html
               imported/w3c/i18n/bidi/bidi-override-012.html
               imported/w3c/i18n/bidi/bidi-plaintext-001.html
               imported/w3c/i18n/bidi/bidi-plaintext-003.html
               imported/w3c/i18n/bidi/bidi-plaintext-005.html
               imported/w3c/i18n/bidi/bidi-plaintext-006.html
               imported/w3c/i18n/bidi/bidi-plaintext-007.html
               imported/w3c/i18n/bidi/bidi-plaintext-008.html
               imported/w3c/i18n/bidi/bidi-plaintext-009.html
               imported/w3c/i18n/bidi/bidi-plaintext-010.html
               imported/w3c/i18n/bidi/bidi-plaintext-011.html
               imported/w3c/i18n/bidi/bidi-table-001.html
               imported/w3c/i18n/bidi/bidi-unset-001.html
               imported/w3c/i18n/bidi/bidi-unset-002.html
               imported/w3c/i18n/bidi/bidi-unset-003.html
               imported/w3c/i18n/bidi/bidi-unset-004.html
               imported/w3c/i18n/bidi/bidi-unset-005.html
               imported/w3c/i18n/bidi/bidi-unset-006.html
               imported/w3c/i18n/bidi/bidi-unset-007.html
               imported/w3c/i18n/bidi/bidi-unset-008.html
               imported/w3c/i18n/bidi/bidi-unset-009.html
               imported/w3c/i18n/bidi/bidi-unset-010.html
               imported/w3c/i18n/bidi/block-embed-001.html
               imported/w3c/i18n/bidi/block-embed-002.html
               imported/w3c/i18n/bidi/block-embed-003.html
               imported/w3c/i18n/bidi/block-override-001.html
               imported/w3c/i18n/bidi/block-override-002.html
               imported/w3c/i18n/bidi/block-override-003.html
               imported/w3c/i18n/bidi/block-override-004.html
               imported/w3c/i18n/bidi/block-override-isolate-001.html
               imported/w3c/i18n/bidi/block-override-isolate-002.html
               imported/w3c/i18n/bidi/block-override-isolate-003.html
               imported/w3c/i18n/bidi/block-override-isolate-004.html
               imported/w3c/i18n/bidi/block-plaintext-001.html
               imported/w3c/i18n/bidi/block-plaintext-002.html
               imported/w3c/i18n/bidi/block-plaintext-003.html
               imported/w3c/i18n/bidi/block-plaintext-004.html
               imported/w3c/i18n/bidi/block-plaintext-005.html
               imported/w3c/i18n/bidi/block-plaintext-006.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator EUnicodeBidi):
        * css/CSSProperties.json:
        * css/CSSValueKeywords.in:
        * css/html.css:
        (bdi, output):
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        * html/HTMLElement.cpp:
        (WebCore::unicodeBidiAttributeForDirAuto):
        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::applyCSSProperties):

2017-05-07  Ben Kelly  <ben@wanderview.com>

        Set the Response.blob() type based on the content-type header value.
        https://bugs.webkit.org/show_bug.cgi?id=170849

        Reviewed by Youenn Fablet.

        There are two problems to fix here:

        1.  Currently the FetchResponse class only called updateContentType()
        when first created even though all the headers were not available.  This
        patch calls updateContentType() again after the headers are populated.

        2.  The fetch design requires propagating the normalized blob
        type to FetchBodyConsumer as well.  Currently this is only done if
        Response.blob() is called after the body is completely loaded.  If
        we hit the consumeOnceLoadingFinished() path, then the type is not
        passed.  This is similar to what was happening in bug 171489 with
        ReadableStream bodies.  This patch sets the type on the
        FetchBodyConsumer in consumeOnceLoadingFinished() as well.

        Theses changes allow WebKit to pass the "Consume response's body: from
        fetch to blob" case in the WPT response-consume.html test.

        Test: http://w3c-test.org/fetch/api/response/response-consume.html

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::BodyLoader::didReceiveResponse): Modified to
        call FetchBodyOwner::updateContentType() after filling m_headers.
        (WebCore::FetchBody::consumeOnceLoadingFinished): Call
        FetchBodyConsumer::setContentType() when being consumed as
        a blob.
        * Modules/fetch/FetchBody.h: Modify consumeOnceLoadingFinished()
        to take the content type string.
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::consumeOnceLoadingFinished): Pass
        the content type string down to FetchBody so it can be
        propagated to the FetchBodyConsumer.

2017-05-07  Simon Fraser  <simon.fraser@apple.com>

        [iOS] REGRESSION (r209409): getBoundingClientRect is wrong for fixed-position elements in resize/orientationchange
        https://bugs.webkit.org/show_bug.cgi?id=171140

        Reviewed by Sam Weinig.

        WebPage::dynamicViewportSizeUpdate() is called during rotation, and does a layout which needs to have
        an up-to-date layout viewport, since the layout viewport state is detectable in orientationchange and
        resize events via fetching the client rect of fixed elements. Normally we send in the layout viewport
        from the UI process, but in this case we need to compute one in the web process. So factor code
        into FrameView to do the computation, called from both places.

        Tests: fast/events/ios/rotation/layout-viewport-during-rotation.html
               fast/events/ios/rotation/layout-viewport-during-safari-type-rotation.html

        * page/FrameView.cpp:
        (WebCore::FrameView::computeUpdatedLayoutViewportRect):
        * page/FrameView.h:

2017-05-07  Chris Dumez  <cdumez@apple.com>

        Drop remaining uses of PassRefPtr in editing code
        https://bugs.webkit.org/show_bug.cgi?id=171787

        Reviewed by Darin Adler.

        Drop remaining uses of PassRefPtr in editing code.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::timerFired):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::toIdentifier):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::didApplyCommand):
        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/CompositeEditCommand.h:
        * editing/Editor.cpp:
        (WebCore::Editor::shouldInsertFragment):
        (WebCore::Editor::replaceSelectionWithFragment):
        (WebCore::Editor::appliedEditing):
        (WebCore::Editor::performCutOrCopy):
        (WebCore::Editor::willWriteSelectionToPasteboard):
        (WebCore::Editor::advanceToNextMisspelling):
        (WebCore::Editor::isSelectionUngrammatical):
        (WebCore::Editor::guessesForMisspelledOrUngrammatical):
        (WebCore::Editor::markMisspellingsOrBadGrammar):
        (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
        (WebCore::correctSpellcheckingPreservingTextCheckingParagraph):
        (WebCore::Editor::markAndReplaceFor):
        (WebCore::Editor::changeBackToReplacedString):
        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::executeInsertFragment):
        (WebCore::Editor::command):
        (WebCore::Editor::Command::Command):
        * editing/FormatBlockCommand.cpp:
        (WebCore::FormatBlockCommand::formatRange):
        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::indentIntoBlockquote):
        (WebCore::IndentOutdentCommand::outdentParagraph):
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::fixOrphanedListChild):
        (WebCore::InsertListCommand::mergeWithNeighboringLists):
        (WebCore::InsertListCommand::doApplyForSingleParagraph):
        (WebCore::InsertListCommand::unlistifyParagraph):
        (WebCore::InsertListCommand::listifyParagraph):
        * editing/InsertListCommand.h:
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::InsertTextCommand):
        * editing/InsertTextCommand.h:
        (WebCore::InsertTextCommand::createWithMarkerSupplier):
        * editing/MoveSelectionCommand.cpp:
        (WebCore::MoveSelectionCommand::MoveSelectionCommand):
        * editing/MoveSelectionCommand.h:
        (WebCore::MoveSelectionCommand::create):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplacementFragment::removeNodePreservingChildren):
        (WebCore::ReplacementFragment::removeNode):
        (WebCore::ReplacementFragment::insertNodeBefore):
        (WebCore::ReplacementFragment::restoreAndRemoveTestRenderingNodesToFragment):
        (WebCore::ReplacementFragment::removeUnrenderedNodes):
        (WebCore::ReplacementFragment::removeInterchangeNodes):
        (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):
        (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
        (WebCore::removeHeadContents):
        (WebCore::ReplaceSelectionCommand::doApply):
        (WebCore::ReplaceSelectionCommand::insertAsListItems):
        * editing/ReplaceSelectionCommand.h:
        * editing/SpellChecker.cpp:
        (WebCore::SpellCheckRequest::SpellCheckRequest):
        (WebCore::SpellCheckRequest::create):
        (WebCore::SpellChecker::canCheckAsynchronously):
        (WebCore::SpellChecker::isCheckable):
        (WebCore::SpellChecker::requestCheckingFor):
        (WebCore::SpellChecker::invokeRequest):
        (WebCore::SpellChecker::enqueueRequest):
        (WebCore::SpellChecker::didCheck):
        * editing/SpellChecker.h:
        (WebCore::SpellCheckRequest::checkingRange):
        (WebCore::SpellCheckRequest::paragraphRange):
        * editing/TextCheckingHelper.cpp:
        (WebCore::expandToParagraphBoundary):
        (WebCore::TextCheckingParagraph::TextCheckingParagraph):
        (WebCore::TextCheckingParagraph::expandRangeToNextEnd):
        (WebCore::TextCheckingParagraph::rangeLength):
        (WebCore::TextCheckingParagraph::paragraphRange):
        (WebCore::TextCheckingParagraph::subrange):
        (WebCore::TextCheckingParagraph::offsetTo):
        (WebCore::TextCheckingParagraph::offsetAsRange):
        (WebCore::TextCheckingParagraph::text):
        (WebCore::TextCheckingParagraph::checkingStart):
        (WebCore::TextCheckingParagraph::checkingEnd):
        (WebCore::TextCheckingParagraph::checkingLength):
        (WebCore::TextCheckingHelper::TextCheckingHelper):
        (WebCore::TextCheckingHelper::findFirstMisspelling):
        (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
        (WebCore::TextCheckingHelper::findFirstGrammarDetail):
        (WebCore::TextCheckingHelper::findFirstBadGrammar):
        (WebCore::TextCheckingHelper::isUngrammatical):
        (WebCore::TextCheckingHelper::guessesForMisspelledOrUngrammaticalRange):
        (WebCore::TextCheckingHelper::unifiedTextCheckerEnabled):
        * editing/TextCheckingHelper.h:
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::typingAddedToOpenCommand):
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::Editor::replaceSelectionWithAttributedString):
        * editing/gtk/EditorGtk.cpp:
        (WebCore::Editor::pasteWithPasteboard):
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::pasteWithPasteboard):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::pasteWithPasteboard):
        (WebCore::Editor::replaceNodeFromPasteboard):
        * editing/win/EditorWin.cpp:
        (WebCore::Editor::pasteWithPasteboard):
        (WebCore::createFragmentFromPlatformData):
        * page/DragController.cpp:
        (WebCore::DragController::concludeEditDrag):
        (WebCore::DragController::startDrag):

2017-05-07  Youenn Fablet  <youenn@apple.com>

        [MediaStream] r216197 caused some webrtc tests to fail
        https://bugs.webkit.org/show_bug.cgi?id=171728

        Reviewed by Eric Carlson.

        Covered by existing tests.

        Rename MediaStream::endStream to MediaStream::endCaptureTracks and only stopping capture tracks.
        Using it when Document is asked to stop media capture.

        Adding the ability to have only one active capture source at a time in a WebProcess.
        This is done by keeping in its related factory the active capture source.
        When a new source is created and started, it replaces the active capture source which becomes muted.
        Using that mechanism for iOS.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::endCaptureTracks):
        (WebCore::MediaStream::endStream): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamTrack.h:
        (WebCore::MediaStreamTrack::isCaptureTrack):
        * dom/Document.cpp:
        (WebCore::Document::stopMediaCapture):
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        (WebCore::AVAudioCaptureSourceFactory::setActiveSource):
        (WebCore::AVAudioCaptureSource::setupCaptureSession):
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSourceFactory::setActiveSource):
        (WebCore::AVVideoCaptureSource::setupCaptureSession):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSourceFactory::setActiveSource):
        (WebCore::CoreAudioSharedUnit::startProducingData):

2017-05-07  Tim Horton  <timothy_horton@apple.com>

        Clean up some WebProcessProxy, WebPage, and message handler includes
        https://bugs.webkit.org/show_bug.cgi?id=171791

        Reviewed by Sam Weinig.

        * WebCore.xcodeproj/project.pbxproj:
        * editing/CompositionUnderline.h: Added.
        (WebCore::CompositionUnderline::CompositionUnderline):
        * editing/Editor.h:
        (WebCore::CompositionUnderline::CompositionUnderline): Deleted.
        Move CompositionUnderline out of Editor.h, so that other files can
        include that without Editor.h (which is quite large). Also, modernize it slightly.

2017-05-07  Sam Weinig  <sam@webkit.org>

        Implement Subresource Integrity (SRI)
        https://bugs.webkit.org/show_bug.cgi?id=148363
        <rdar://problem/18945879>

        Reviewed by Daniel Bates.

        Tests: http/tests/subresource-integrity/sri-disabled-with-setting.html
               http/tests/subresource-integrity/sri-enabled-with-setting.html
               http/tests/subresource-integrity/sri-script-cors.html
               http/tests/subresource-integrity/sri-style-cors.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::create):
        (WebCore::LoadableClassicScript::notifyFinished):
        * dom/LoadableClassicScript.h:
        * dom/LoadableScript.h:
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::requestClassicScript):
        Store integrity metadata in the script fetcher so it can be passed to
        the checked when script load finishes.

        * html/HTMLAttributeNames.in:
        Add 'integrity'.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        When requesting a stylesheet, cache the integrity metadata so it can
        be used when the load completes (accessing the attribute at load completion
        time is incorrect, as a script might have changed the attributes value since
        the request was made).

        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        Add an integrity check using the cached integrity metadata when a load
        finishes.

        * html/HTMLLinkElement.h:
        Add cached integrity metadata member.

        * html/HTMLLinkElement.idl:
        * html/HTMLScriptElement.idl:
        Add integrity property.

        * html/parser/HTMLParserIdioms.h:
        (WebCore::isNotHTMLSpace):
        Templatize isNotHTMLSpace so it can work for both UChar and LChar.

        * loader/ResourceCryptographicDigest.cpp:
        (WebCore::parseCryptographicDigestImpl):
        (WebCore::parseEncodedCryptographicDigestImpl):
        (WebCore::parseEncodedCryptographicDigest):
        (WebCore::decodeEncodedResourceCryptographicDigest):
        * loader/ResourceCryptographicDigest.h:
        Add concept of an encoded digest to more closely model the spec so that hashes
        that match the grammar but are invalid (say, mixing base64 and base64URL) make
        it through the algorithm longer, and don't cause us to load something that should
        be blocked.

        * loader/SubresourceIntegrity.cpp: Added.
        * loader/SubresourceIntegrity.h: Added.
        Add implementation of Subresource Integrity metadata validation allowing
        for a CachedResource and integrity metadata to be passed for validation.

        * page/Settings.in:
        Add setting for Subresource Integrity, defaulted to enabled.

2017-05-07  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Cannot sign in with new Google sign-in page
        https://bugs.webkit.org/show_bug.cgi?id=171770

        Reviewed by Carlos Garcia Campos.

        Google's new authentication page does not work with the Firefox user
        agent that's required to make various Google websites work. Special-case
        accounts.google.com so that it receives our standard user agent.

        * platform/UserAgentQuirks.cpp:
        (WebCore::isGoogle):
        (WebCore::urlRequiresFirefoxBrowser):

2017-05-06  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] CTFontDescriptorCreateMatchingFontDescriptor() is not case insensitive
        https://bugs.webkit.org/show_bug.cgi?id=171636
        <rdar://problem/30811218>

        Reviewed by Dean Jackson.

        LastResort is the only name which needs to be looked up case-sensitively. We can handle
        this in our existing function which handles special font names (like -apple-system) to
        make sure that we always do the right thing.

        Test: fast/text/lastResort.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/spi/cocoa/CoreTextSPI.h:

2017-05-06  Chris Dumez  <cdumez@apple.com>

        Implement the concept of cookie-averse document
        https://bugs.webkit.org/show_bug.cgi?id=171746
        <rdar://problem/32004466>

        Reviewed by Sam Weinig.

        Implement the concept of cookie-averse document:
        - https://html.spec.whatwg.org/#cookie-averse-document-object

        Test: fast/cookies/cookie-averse-document.html

        * dom/Document.cpp:
        (WebCore::Document::isCookieAverse):
        (WebCore::Document::cookie):
        (WebCore::Document::setCookie):
        * dom/Document.h:

2017-05-06  Chris Dumez  <cdumez@apple.com>

        Unreviewed build fix after r216339.

        * dom/Document.h:
        (WebCore::Document::readyState):

2017-05-06  Chris Dumez  <cdumez@apple.com>

        Align our IDL files with the latest DOM specification
        https://bugs.webkit.org/show_bug.cgi?id=171777

        Reviewed by Sam Weinig.

        Align our IDL files with the latest DOM specification:
        - https://dom.spec.whatwg.org

        No Web-facing behavior change. Things that do not match the specification
        have been annotated with FIXME comments.

        * dom/CharacterData.idl:
        * dom/Comment.idl:
        * dom/CustomEvent.idl:
        * dom/DOMImplementation.idl:
        * dom/Document.cpp:
        * dom/Document.h:
        (WebCore::Document::readyState):
        * dom/Document.idl:
        * dom/MutationObserver.idl:
        * dom/NamedNodeMap.idl:
        * dom/NodeFilter.idl:
        * dom/NodeIterator.idl:
        * dom/NodeList.idl:
        * dom/NonDocumentTypeChildNode.idl:
        * dom/ParentNode.idl:
        * dom/ProcessingInstruction.idl:
        * dom/Range.idl:
        * dom/ShadowRoot.idl:
        * dom/Text.idl:
        * dom/TreeWalker.idl:
        * html/DOMTokenList.idl:

2017-05-06  Tim Horton  <timothy_horton@apple.com>

        Reduce the number of includes in WebPage.h and WebProcess.h
        https://bugs.webkit.org/show_bug.cgi?id=171779

        Reviewed by Sam Weinig.

        * page/TextIndicator.h:

2017-05-06  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION (r216294): The new test fails on WebKit1
        https://bugs.webkit.org/show_bug.cgi?id=171780

        Rolling back https://trac.webkit.org/r216294, https://trac.webkit.org/r216296,
        https://trac.webkit.org/216299, https://trac.webkit.org/216330

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::paint):
        * platform/ScrollView.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::paint):
        * platform/Scrollbar.h:
        * platform/Widget.h:
        * platform/graphics/filters/FilterOperation.h:
        (WebCore::FilterOperation::movesPixels):
        (WebCore::FilterOperation::shouldBeRestrictedBySecurityOrigin): Deleted.
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::FilterOperations::hasFilterThatShouldBeRestrictedBySecurityOrigin): Deleted.
        * platform/graphics/filters/FilterOperations.h:
        * platform/gtk/WidgetGtk.cpp:
        (WebCore::Widget::paint):
        * platform/ios/WidgetIOS.mm:
        (WebCore::Widget::paint):
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint):
        * platform/win/WidgetWin.cpp:
        (WebCore::Widget::paint):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        * rendering/FilterEffectRenderer.h:
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::PaintInfo):
        (): Deleted.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paint):
        (WebCore::RenderLayer::setupFilters):
        (WebCore::RenderLayer::paintForegroundForFragmentsWithPhase):
        * rendering/RenderLayer.h:
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::paint):
        * rendering/RenderScrollbar.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents):

2017-05-06  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r216333.

        Caused layout test failures

        Reverted changeset:

        "Implement the concept of cookie-averse document"
        https://bugs.webkit.org/show_bug.cgi?id=171746
        http://trac.webkit.org/changeset/216333

2017-05-06  Chris Dumez  <cdumez@apple.com>

        Implement the concept of cookie-averse document
        https://bugs.webkit.org/show_bug.cgi?id=171746
        <rdar://problem/32004466>

        Reviewed by Sam Weinig.

        Implement the concept of cookie-averse document:
        - https://html.spec.whatwg.org/#cookie-averse-document-object

        Test: fast/cookies/cookie-averse-document.html

        * dom/Document.cpp:
        (WebCore::Document::isCookieAverse):
        (WebCore::Document::cookie):
        (WebCore::Document::setCookie):
        * dom/Document.h:

2017-05-06  Myles C. Maxfield  <mmaxfield@apple.com>

        REGERSSION(r213499): Emoji with Fitzpatrick modifiers are drawn as two separate glyphs
        https://bugs.webkit.org/show_bug.cgi?id=171750
        <rdar://problem/31122612>

        Reviewed by Zalan Bujtas.

        Emoji with Fitzpatrick modifiers need to take our complex text codepath. When looking through
        the string to determine which code path to use, we ask if a particular codepoint is an emoji
        group candidate. r213499 expanded the set of these candidates to include Fitzpatrick modifiers,
        which means the next "if" statement would never be hit. Instead, we should check that "if"
        statement first (because order is not important here). The next checks do not intersect with
        any emoji group candidates.

        Test: fast/text/fitzpatrick-combination.html

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::characterRangeCodePath):

2017-05-06  Youenn Fablet  <youenn@apple.com>

        RealtimeMediaSourceCenter callbacks should be passed as r-values
        https://bugs.webkit.org/show_bug.cgi?id=171407

        Reviewed by Eric Carlson.

        No change of behavior, this is mostly style here.

        * platform/mediastream/RealtimeMediaSourceCenter.h:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::validateRequestConstraints):
        (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::validateRequestConstraints):
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
        (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2017-05-05  Zalan Bujtas  <zalan@apple.com>

        Renderers being destroyed should not be added to AX's deferred list.
        https://bugs.webkit.org/show_bug.cgi?id=171768
        <rdar://problem/31955660>

        Reviewed by Simon Fraser.

        In certain cases, when custom scrollbars are present, while destroying the scrollbars' block parent, we
          - first remove the block from the AX's deferred list (AXObjectCache::remove)
          - destroy the render layer that owns the custom scrollbars (RenderLayer::destroyLayer) 
          - detach the scrollbars from the parent (block) (RenderObject::removeFromParent)
            - clean up the block's lines (RenderBlock::deleteLines)
              - push the block back to the AX's deferred list (AXObjectCache::recomputeDeferredIsIgnored)
        At this point no one will remove the current block from AX's deferred list.

        Test: accessibility/crash-when-renderers-are-added-back-to-deferred-list.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::recomputeDeferredIsIgnored):
        (WebCore::AXObjectCache::deferTextChanged):

2017-05-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash in ImageFrameCache::decodedSizeChanged() after image load cancellation
        https://bugs.webkit.org/show_bug.cgi?id=171736

        Reviewed by Tim Horton.

        Tests: Covered by run-webkit-tests fast/images/image-formats-support.html
        --guard-malloc.

        Because an image format is not supported, the ImageObserver of the Image
        is deleted then the Image itself is deleted. In BitmapImage destructor,
        we make a call which ends up accessing the deleted ImageObserver.

        To fix this, we need to change the BitImage destructor to avoid calling 
        ImageFrameCache::decodedSizeChanged() since it is not really needed.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::~BitmapImage):

2017-05-05  Timothy Horton  <timothy_horton@apple.com>

        [Mac] Adjust cursor position for dragged link (and stop it from moving based on how fast you are dragging)
        https://bugs.webkit.org/show_bug.cgi?id=171764
        <rdar://problem/32005865>

        Reviewed by Simon Fraser.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        Compute dragImageAnchorPoint only if it is needed.
        Don't compute a random unused imageRect.
        Factor link drag image offset computation out into DragImage functions
        for platforms to override.

        Pass dragOrigin (the mouseDown point), not mouseDraggedPoint, to
        doSystemDrag, just like all the other drag types. This plus the
        WebKit2 change makes the link stable vs. the cursor, instead of
        positioned based on how fast you move after the mouse down.

        * page/DragController.h:
        * page/gtk/DragControllerGtk.cpp:
        * page/mac/DragControllerMac.mm:
        * page/win/DragControllerWin.cpp:
        Move LinkDragBorderInset into DragImage, and share between the non-Mac platforms.

        * platform/DragImage.cpp:
        (WebCore::dragOffsetForLinkDragImage):
        (WebCore::anchorPointForLinkDragImage):
        * platform/DragImage.h:
        As previously mentioned, move the computation of drag image offset here.

        * platform/mac/DragImageMac.mm:
        (WebCore::dragOffsetForLinkDragImage):
        (WebCore::anchorPointForLinkDragImage):
        Put the new drag image to the bottom right of the cursor.

2017-05-05  Dean Jackson  <dino@apple.com>

        ...and now the GTK and Windows builds.

        * platform/gtk/WidgetGtk.cpp:
        (WebCore::Widget::paint):
        * platform/win/WidgetWin.cpp:
        (WebCore::Widget::paint):

2017-05-05  Brady Eidson  <beidson@apple.com>

        API test WebKit2.WebsiteDataStoreCustomPaths is failing on ios-simulator.
        <rdar://problem/31977294> and https://bugs.webkit.org/show_bug.cgi?id=171513

        Reviewed by Andy Estes.

        Covered by API test.

        * platform/spi/cf/CFNetworkSPI.h:

2017-05-05  Dean Jackson  <dino@apple.com>

        Try to fix iOS build.

        * platform/ios/WidgetIOS.mm:
        (WebCore::Widget::paint):

2017-05-05  Dean Jackson  <dino@apple.com>

        Restrict SVG filters to accessible security origins
        https://bugs.webkit.org/show_bug.cgi?id=118689
        <rdar://problem/27362159>

        Reviewed by Brent Fulgham.

        Certain SVG filters should only be allowed to operate
        on content that is has SecurityOrigin access to. Implement
        this by including a flag in PaintInfo and LayerPaintingInfo,
        and have RenderWidget make sure the documents have acceptable
        SecurityOrigins as it goes to paint.

        This could be used as the first step in a "safe painting"
        strategy, allowing some content to be rendered into a 
        canvas or via the element() CSS function... but it is only
        a small first step.

        Test: http/tests/css/filters-on-iframes.html

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::paint):
        * platform/ScrollView.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::paint):
        * platform/Scrollbar.h:
        * platform/Widget.h:
        * platform/graphics/filters/FilterOperation.h:
        (WebCore::FilterOperation::shouldBeRestrictedBySecurityOrigin):
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::FilterOperations::hasFilterThatShouldBeRestrictedBySecurityOrigin):
        * platform/graphics/filters/FilterOperations.h:
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::paint):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        * rendering/FilterEffectRenderer.h:
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::PaintInfo):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paint):
        (WebCore::RenderLayer::setupFilters):
        (WebCore::RenderLayer::paintForegroundForFragmentsWithPhase):
        * rendering/RenderLayer.h:
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::paint):
        * rendering/RenderScrollbar.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents):

2017-05-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216273.

        This change caused an assertion failure on WK1.

        Reverted changeset:

        "Crash in ImageFrameCache::decodedSizeChanged() after image
        load cancellation"
        https://bugs.webkit.org/show_bug.cgi?id=171736
        http://trac.webkit.org/changeset/216273

2017-05-05  Brian Burg  <bburg@apple.com>

        [Cocoa] Converting from WebCore::Cookie to NSHTTPCookie always marks cookies as session cookies
        https://bugs.webkit.org/show_bug.cgi?id=171748
        <rdar://problem/32027327>

        Reviewed by Michael Catanzaro.

        The function that we use to convert from WebCore::Cookie to NSHTTPCookie was
        also misusing the NSHTTPCookieDiscard property. If any value is provided for
        this key, even @NO, CFNetwork interprets that to mean that the cookie has the
        "session" flag.

        This is known to affect cookies set via WebCookieManager, WKHTTPCookieStore,
        and WebAutomationSession.

        This is covered by existing test WebKit2.WKHTTPCookieStore.

        * platform/network/cocoa/CookieCocoa.mm:
        (WebCore::Cookie::operator NSHTTPCookie *):
        Don't include the property if the cookie is not a session cookie.

2017-05-05  Youenn Fablet  <youenn@apple.com>

        TURNS gathering is not working properly
        https://bugs.webkit.org/show_bug.cgi?id=171747

        Reviewed by Eric Carlson.

        Did manual testing on real TURNS servers.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::configurationFromMediaEndpointConfiguration): Disabling TURNS servers gathering.

2017-05-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216275.

        This change broke internal builds.

        Reverted changeset:

        "[Cocoa] CTFontDescriptorCreateMatchingFontDescriptor() is not
        case insensitive"
        https://bugs.webkit.org/show_bug.cgi?id=171636
        http://trac.webkit.org/changeset/216275

2017-05-05  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] CTFontDescriptorCreateMatchingFontDescriptor() is not case insensitive
        https://bugs.webkit.org/show_bug.cgi?id=171636
        <rdar://problem/30811218>

        Reviewed by Dean Jackson.

        LastResort is the only name which needs to be looked up case-sensitively. We can handle
        this in our existing function which handles special font names (like -apple-system) to
        make sure that we always do the right thing.

        Test: fast/text/lastResort.html

        * platform/spi/cocoa/CoreTextSPI.h:
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::platformFontWithFamilySpecialCase):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::platformFontWithFamilySpecialCase):

2017-05-05  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash in ImageFrameCache::decodedSizeChanged() after image load cancellation
        https://bugs.webkit.org/show_bug.cgi?id=171736

        Reviewed by Tim Horton.

        Tests: Covered by run-webkit-tests fast/images/image-formats-support.html
        --guard-malloc.

        Because an image format is not supported, the ImageObserver of the Image
        is deleted then the Image itself is deleted. In BitmapImage destructor,
        we make a call which ends up accessing the deleted ImageObserver.

        To fix this, we need to setImageObsever of the Image to-be-deleted to 
        nullptr. So the Image can avoid accessing its ImageObserver, while it is
        being deleted. Also we can change the BitImage destructor to avoid calling 
        ImageFrameCache::decodedSizeChanged() since it is not really needed.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::clearImage):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::~BitmapImage):

2017-05-05  Brian Burg  <bburg@apple.com>

        CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::commonVMSlow + 57
        https://bugs.webkit.org/show_bug.cgi?id=171669
        <rdar://problem/31967684>

        Reviewed by Mark Lam.

        * bindings/js/CommonVM.h:
        (WebCore::commonVMOrNull):
        Add an inline accessor function to expose the global variable.

2017-05-05  Filip Pizlo  <fpizlo@apple.com>

        GCController.cpp's collect() should be Async
        https://bugs.webkit.org/show_bug.cgi?id=171708

        Reviewed by Saam Barati.

        No new tests because no change in behavior.
        
        This is one step towards not requesting sync GCs in WebCore. I'm landing this incrementally to
        make bisecting super easy.

        * bindings/js/GCController.cpp:
        (WebCore::collect):

2017-05-05  Chris Dumez  <cdumez@apple.com>

        Attr Nodes should not have children
        https://bugs.webkit.org/show_bug.cgi?id=171688
        <rdar://problem/31998412>

        Reviewed by Andreas Kling.

        Attr Nodes should not have children as per the latest DOM specification:
        - https://dom.spec.whatwg.org/#interface-attr
        - https://dom.spec.whatwg.org/#dom-attr-value
        - https://dom.spec.whatwg.org/#concept-node-ensure-pre-insertion-validity (Step 1)

        Firefox and Chrome both have been matching the DOM specification for a while so I think
        we should do the same. This aligns us with other browsers, simplifies the code, is
        more efficient and the code being removed has been prone to security bugs.

        Test: fast/dom/Attr/cannot-have-children.html

        * dom/Attr.cpp:
        (WebCore::Attr::Attr):
        (WebCore::Attr::create):
        (WebCore::Attr::setValue):
        (WebCore::Attr::cloneNodeInternal):
        * dom/Attr.h:
        - Have Attr subclass Node instead of ContainerNode as it can no longer have children.
        - Drop logic to dealing with children / creating a Text child.

        * dom/CharacterData.cpp:
        (WebCore::CharacterData::notifyParentAfterChange):
        Drop useless check found by the compiler. parentNode() can no longer be an Attr node.

        * dom/Node.cpp:
        (WebCore::appendTextContent):
        appendTextContent() is called by Node.TextContent(). For Attr Nodes, we should no longer traverse
        its subtree to gather Text Nodes. Instead, we now return Attr.value, as per the specification:
        - https://dom.spec.whatwg.org/#dom-node-textcontent

        * dom/Range.cpp:
        (WebCore::lengthOfContentsInNode):
        As per https://dom.spec.whatwg.org/#concept-node-length, we should return the number of children
        for Attr Nodes, which will always be 0.

        * xml/XPathUtil.cpp:
        (WebCore::XPath::isValidContextNode):
        Always return true for TEXT_NODE as the !(node->parentNode() && node->parentNode()->isAttributeNode())
        check will also with true now. This is because a parentNode() cannot be an Attribute Node.

2017-05-05  Brian Burg  <bburg@apple.com>

        [Cocoa] Converting from WebCore::Cookie to NSHTTPCookie always marks cookies as secure
        https://bugs.webkit.org/show_bug.cgi?id=171700
        <rdar://problem/32017975>

        Reviewed by Brady Eidson.

        The function that we use to convert from WebCore::Cookie to NSHTTPCookie was
        misusing the NSHTTPCookieSecure property. If any value is provided for this key,
        even @NO, CFNetwork interprets that to mean that the cookie has the "secure" flag.
        Thus, in some cases we would store an "insecure" cookie on a site that uses the
        http:// protocol, and be unable to later retrieve the cookie. This is known to
        affect cookies set via WebCookieManager, WKHTTPCookieStore, and WebAutomationSession.

        This is covered by existing test WebKit2.WKHTTPCookieStore.
        The test had a bug that masked this problem.

        * platform/network/cocoa/CookieCocoa.mm:
        (WebCore::Cookie::operator NSHTTPCookie *):
        Don't include the property if the cookie is not secure.

2017-05-05  Wenson Hsieh  <wenson_hsieh@apple.com>

        Add SPI to WebItemProviderPasteboard to synchronously load data with a given timeout
        https://bugs.webkit.org/show_bug.cgi?id=171725
        <rdar://problem/32014052>

        Reviewed by Beth Dakin.

        Adds a synchronousTimeout: argument to doAfterLoadingProvidedContentIntoFileURLs:. If a positive timeout
        interval is specified by the client, then we will block the main thread for at most that amount of time after
        beginning to load from the item providers.

        To do this, we introduce another `dispatch_group_t` in parallel to the `fileLoadingGroup` that is entered and
        left in the same places. However, instead of attaching a handler block, we simply perform a synchronous wait for
        either the time limit to be reached, or the item providers to finish loading.

        No new tests -- no change in behavior yet.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):

2017-05-05  Chris Dumez  <cdumez@apple.com>

        Clean up Attr.idl
        https://bugs.webkit.org/show_bug.cgi?id=171691

        Reviewed by Andreas Kling.

        Clean up Attr.idl to match the spec:
        - https://dom.spec.whatwg.org/#interface-attr

        No Web-facing behavior change except for Attr properties being enumerated
        in a slightly different order.

        * dom/Attr.idl:

2017-05-05  Antti Koivisto  <antti@apple.com>

        ASSERTION FAILED: !frame().document()->inRenderTreeUpdate() in WebCore::FrameView::layout(bool)
        https://bugs.webkit.org/show_bug.cgi?id=171717

        Reviewed by Brent Fulgham.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkCompleted):

            Don't allow frame load to complete in the middle of a render tree update. Instead delay the check.

2017-05-05  Chris Dumez  <cdumez@apple.com>

        Refactor / Clean up Element.idl
        https://bugs.webkit.org/show_bug.cgi?id=171734

        Reviewed by Sam Weinig.

        Refactor / Clean up Element.idl to match the latest specification:
        - https://dom.spec.whatwg.org/#interface-element

        There is no Web-facing behavior change in this patch besides the Element properties
        being enumerated in a slightly different order. Things that do not match the
        specification have merely been annotated with FIXME comments for now. This makes
        it much more obvious what's standard, what's not and what needs fixing.

        * dom/Element.idl:

2017-05-05  Tim Horton  <timothy_horton@apple.com>

        Link drag images for apple.com front page links have a lot of spurious whitespace
        https://bugs.webkit.org/show_bug.cgi?id=171719
        <rdar://problem/32010854>

        Reviewed by Wenson Hsieh.

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):
        Use the white-space-simplified string that we put on the pasteboard
        for the drag image, too!

2017-05-04  Mark Lam  <mark.lam@apple.com>

        DRT's setAudioResultCallback() and IDBRequest::setResult() need to acquire the JSLock.
        https://bugs.webkit.org/show_bug.cgi?id=171716
        <rdar://problem/30878027>

        Reviewed by Saam Barati.

        No new tests.  This issue was caught by existing tests.

        IDBRequest::setResult() needs to acquire the JSLock before calling toJS() (which
        does JS conversion and therefore, potentially JS allocations).

        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::setResult):
        (WebCore::IDBRequest::setResultToStructuredClone):

2017-05-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Do not report more errors after the first one
        https://bugs.webkit.org/show_bug.cgi?id=171722

        Reviewed by Xabier Rodriguez-Calvar.

        We can receive several error messages for the same error from different elements. That's not expected by the
        media source selection algorithm implementation. I don't know if didn't happen with previous versions of GST,
        but since the upgrade to 1.10.4 several tests are failing because of this.

        Fixes: media/video-error-does-not-exist.html
               media/video-load-networkState.html
               media/video-source-error.html
               media/video-source-none-supported.html
               media/video-source-moved.html

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Return early also when an error already occured.

2017-05-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Fix handling of gst errors in MediaPlayerPrivateGStreamer::handleMessage
        https://bugs.webkit.org/show_bug.cgi?id=171721

        Reviewed by Xabier Rodriguez-Calvar.

        We are checking the GError only comparing the code, and ignoring the domain in some cases. Use g_error_matches()
        in those cases instead of only checking the code.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):

2017-05-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216206.
        https://bugs.webkit.org/show_bug.cgi?id=171714

        Multiple LayoutTests crashing in Document::page() (Requested
        by ap on #webkit).

        Reverted changeset:

        "Remove support for legacy Notifications"
        https://bugs.webkit.org/show_bug.cgi?id=171487
        http://trac.webkit.org/changeset/216206

2017-05-04  Chris Dumez  <cdumez@apple.com>

        Drop remaining uses of PassRefPtr from CompositeEditCommand
        https://bugs.webkit.org/show_bug.cgi?id=171645

        Reviewed by Darin Adler.

        Drop remaining uses of PassRefPtr from CompositeEditCommand.

        * editing/ApplyBlockElementCommand.cpp:
        (WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):
        (WebCore::ApplyBlockElementCommand::endOfNextParagraphSplittingTextNodesIfNeeded):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange):
        (WebCore::ApplyStyleCommand::cleanupUnstyledAppleStyleSpans):
        (WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
        (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
        (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
        (WebCore::ApplyStyleCommand::removeInlineStyleFromElement):
        (WebCore::ApplyStyleCommand::replaceWithSpanOrRemoveIfWithoutAttributes):
        (WebCore::ApplyStyleCommand::removeImplicitlyStyledElement):
        (WebCore::ApplyStyleCommand::removeCSSStyle):
        (WebCore::ApplyStyleCommand::applyInlineStyleToPushDown):
        (WebCore::ApplyStyleCommand::splitTextAtStart):
        (WebCore::ApplyStyleCommand::splitTextAtEnd):
        (WebCore::ApplyStyleCommand::splitTextElementAtStart):
        (WebCore::ApplyStyleCommand::splitTextElementAtEnd):
        (WebCore::ApplyStyleCommand::surroundNodeRangeWithElement):
        (WebCore::ApplyStyleCommand::addBlockStyle):
        (WebCore::ApplyStyleCommand::addInlineStyleIfNeeded):
        (WebCore::ApplyStyleCommand::applyInlineStyleChange):
        (WebCore::ApplyStyleCommand::joinChildTextNodes):
        * editing/BreakBlockquoteCommand.cpp:
        (WebCore::BreakBlockquoteCommand::doApply):
        * editing/CompositeEditCommand.cpp:
        (WebCore::applyCommand):
        (WebCore::CompositeEditCommand::insertNodeAt):
        (WebCore::CompositeEditCommand::removeChildrenInRange):
        (WebCore::CompositeEditCommand::removeNode):
        (WebCore::CompositeEditCommand::removeNodePreservingChildren):
        (WebCore::CompositeEditCommand::removeNodeAndPruneAncestors):
        (WebCore::CompositeEditCommand::moveRemainingSiblingsToNewParent):
        (WebCore::CompositeEditCommand::replaceElementWithSpanPreservingChildrenAndAttributes):
        (WebCore::CompositeEditCommand::prune):
        (WebCore::CompositeEditCommand::splitTextNode):
        (WebCore::CompositeEditCommand::splitElement):
        (WebCore::CompositeEditCommand::mergeIdenticalElements):
        (WebCore::CompositeEditCommand::splitTextNodeContainingElement):
        (WebCore::CompositeEditCommand::positionOutsideTabSpan):
        (WebCore::CompositeEditCommand::removeNodeAttribute):
        (WebCore::CompositeEditCommand::setNodeAttribute):
        (WebCore::CompositeEditCommand::deleteInsignificantText):
        (WebCore::CompositeEditCommand::removePlaceholderAt):
        (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
        (WebCore::CompositeEditCommand::pushAnchorElementDown):
        (WebCore::CompositeEditCommand::cleanupAfterDeletion):
        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/CompositeEditCommand.h:
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::handleSpecialCaseBRDelete):
        (WebCore::DeleteSelectionCommand::removeNodeUpdatingStates):
        (WebCore::DeleteSelectionCommand::removeNode):
        (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
        (WebCore::DeleteSelectionCommand::handleGeneralDelete):
        (WebCore::DeleteSelectionCommand::mergeParagraphs):
        (WebCore::DeleteSelectionCommand::removePreviouslySelectedEmptyTableRows):
        (WebCore::DeleteSelectionCommand::removeRedundantBlocks):
        * editing/DeleteSelectionCommand.h:
        * editing/Editor.cpp:
        (WebCore::ClearTextCommand::CreateAndApply):
        (WebCore::Editor::replaceSelectionWithFragment):
        (WebCore::Editor::handleAcceptedCandidate):
        * editing/EditorCommand.cpp:
        (WebCore::executeFormatBlock):
        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::outdentParagraph):
        * editing/InsertLineBreakCommand.cpp:
        (WebCore::InsertLineBreakCommand::doApply):
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::fixOrphanedListChild):
        (WebCore::InsertListCommand::doApplyForSingleParagraph):
        (WebCore::InsertListCommand::unlistifyParagraph):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::insertTab):
        * editing/ModifySelectionListLevel.cpp:
        (WebCore::ModifySelectionListLevelCommand::insertSiblingNodeRangeBefore):
        (WebCore::ModifySelectionListLevelCommand::insertSiblingNodeRangeAfter):
        (WebCore::ModifySelectionListLevelCommand::appendSiblingNodeRange):
        (WebCore::DecreaseSelectionListLevelCommand::doApply):
        * editing/RemoveNodePreservingChildrenCommand.cpp:
        (WebCore::RemoveNodePreservingChildrenCommand::RemoveNodePreservingChildrenCommand):
        (WebCore::RemoveNodePreservingChildrenCommand::doApply):
        * editing/RemoveNodePreservingChildrenCommand.h:
        (WebCore::RemoveNodePreservingChildrenCommand::create):
        * editing/ReplaceNodeWithSpanCommand.cpp:
        (WebCore::ReplaceNodeWithSpanCommand::ReplaceNodeWithSpanCommand):
        (WebCore::ReplaceNodeWithSpanCommand::doApply):
        (WebCore::ReplaceNodeWithSpanCommand::doUnapply):
        (WebCore::ReplaceNodeWithSpanCommand::getNodesInCommand):
        * editing/ReplaceNodeWithSpanCommand.h:
        (WebCore::ReplaceNodeWithSpanCommand::create):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplacementFragment::removeNodePreservingChildren):
        (WebCore::ReplacementFragment::removeInterchangeNodes):
        (WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline):
        (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):
        (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
        (WebCore::ReplaceSelectionCommand::removeUnrenderedTextNodesAtEnds):
        (WebCore::handleStyleSpansBeforeInsertion):
        (WebCore::ReplaceSelectionCommand::handleStyleSpans):
        (WebCore::ReplaceSelectionCommand::doApply):
        (WebCore::ReplaceSelectionCommand::mergeTextNodesAroundPosition):
        (WebCore::ReplaceSelectionCommand::insertAsListItems):
        (WebCore::ReplaceSelectionCommand::performTrivialReplace):
        * editing/SetNodeAttributeCommand.cpp:
        (WebCore::SetNodeAttributeCommand::SetNodeAttributeCommand):
        (WebCore::SetNodeAttributeCommand::getNodesInCommand):
        * editing/SetNodeAttributeCommand.h:
        (WebCore::SetNodeAttributeCommand::create):
        * editing/SimplifyMarkupCommand.cpp:
        (WebCore::SimplifyMarkupCommand::doApply):
        (WebCore::SimplifyMarkupCommand::pruneSubsequentAncestorsToRemove):
        * editing/SimplifyMarkupCommand.h:
        * editing/SplitElementCommand.cpp:
        (WebCore::SplitElementCommand::SplitElementCommand):
        (WebCore::SplitElementCommand::executeApply):
        (WebCore::SplitElementCommand::getNodesInCommand):
        * editing/SplitElementCommand.h:
        (WebCore::SplitElementCommand::create):
        * editing/SplitTextNodeCommand.cpp:
        (WebCore::SplitTextNodeCommand::SplitTextNodeCommand):
        (WebCore::SplitTextNodeCommand::doApply):
        (WebCore::SplitTextNodeCommand::doUnapply):
        (WebCore::SplitTextNodeCommand::doReapply):
        (WebCore::SplitTextNodeCommand::insertText1AndTrimText2):
        * editing/SplitTextNodeCommand.h:
        (WebCore::SplitTextNodeCommand::create):
        * editing/SplitTextNodeContainingElementCommand.cpp:
        (WebCore::SplitTextNodeContainingElementCommand::SplitTextNodeContainingElementCommand):
        (WebCore::SplitTextNodeContainingElementCommand::doApply):
        * editing/SplitTextNodeContainingElementCommand.h:
        (WebCore::SplitTextNodeContainingElementCommand::create):
        * editing/TextInsertionBaseCommand.cpp:
        (WebCore::TextInsertionBaseCommand::applyTextInsertionCommand):
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::makeEditableRootEmpty):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::contextMenuItemSelected):

2017-05-04  Daniel Bates  <dabates@apple.com>

        Fix misspelled word "interrupt" as pointed out by Darin Adler
        in <https://bugs.webkit.org/show_bug.cgi?id=171577>.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::transitionToCommitted):

2017-05-04  Jeremy Jones  <jeremyj@apple.com>

        UIColor +whiteColor and +clearColor are ambiguous and need to be casted when soft linked.
        https://bugs.webkit.org/show_bug.cgi?id=171704

        Reviewed by Jer Noble.

        No new tests because no behavior change.

        Fix build by casting result of +clearColor to UIColor.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (clearUIColor):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):

2017-05-04  Chris Dumez  <cdumez@apple.com>

        Element.slot should be marked as [Unscopable]
        https://bugs.webkit.org/show_bug.cgi?id=171683

        Reviewed by Darin Adler.

        Element.slot should be marked as [Unscopable]:
        - https://dom.spec.whatwg.org/#interface-element
        - https://heycam.github.io/webidl/#Unscopable

        Test: fast/shadow-dom/Element-slot-unscopable.html

        * dom/Element.idl:

2017-05-04  Don Olmstead  <don.olmstead@am.sony.com>

        [Win] Remove redundant macros that are set in the CMake config
        https://bugs.webkit.org/show_bug.cgi?id=171571

        Reviewed by Brent Fulgham.

        No new tests. No change in behavior.

        * WebCorePrefix.h:
        * config.h:
        * platform/win/COMPtr.h:
        * platform/win/WindowsTouch.h:
        * testing/js/WebCoreTestSupportPrefix.h:

2017-05-04  Tim Horton  <timothy_horton@apple.com>

        [Mac] Modernize image for dragged link
        https://bugs.webkit.org/show_bug.cgi?id=171701
        <rdar://problem/31978818>

        Reviewed by Simon Fraser.

        * WebCore.xcodeproj/project.pbxproj:
        * page/mac/DragControllerMac.mm:
        * platform/mac/DragImageMac.mm:
        (WebCore::dragImageSize):
        (WebCore::scaleDragImage):
        (WebCore::dissolveDragImageToFraction):
        (WebCore::createDragImageFromImage):
        (WebCore::LinkImageLayout::LinkImageLayout):
        (WebCore::LinkImageLayout::layOutText):
        (WebCore::LinkImageLayout::addLine):
        (WebCore::createDragImageForLink):
        (WebCore::fontFromNSFont): Deleted.
        (WebCore::canUseFastRenderer): Deleted.
        (WebCore::widthWithFont): Deleted.
        (WebCore::drawAtPoint): Deleted.
        (WebCore::drawDoubledAtPoint): Deleted.
        * platform/spi/cocoa/LinkPresentationSPI.h: Added.
        Improve the design of URL drag images.
        The margins are increased, the background is now white, the text is
        not drawn doubled-up, the title will now wrap to two lines, and the
        domain name will appear simplified and de-punycoded.

        Much of the implementation of text painting is borrowed from
        <attachment> for now, but we should figure out how to generalize
        it for UI-like parts of WebKit in the future.

2017-05-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216223.
        https://bugs.webkit.org/show_bug.cgi?id=171706

        not quite ready (Requested by thorton on #webkit).

        Reverted changeset:

        "[Mac] Modernize image for dragged link"
        https://bugs.webkit.org/show_bug.cgi?id=171701
        http://trac.webkit.org/changeset/216223

2017-05-04  Tim Horton  <timothy_horton@apple.com>

        [Mac] Modernize image for dragged link
        https://bugs.webkit.org/show_bug.cgi?id=171701
        <rdar://problem/31978818>

        Reviewed by Simon Fraser.

        * page/mac/DragControllerMac.mm:
        * platform/mac/DragImageMac.mm:
        (WebCore::dragImageSize):
        (WebCore::scaleDragImage):
        (WebCore::dissolveDragImageToFraction):
        (WebCore::createDragImageFromImage):
        (WebCore::LinkImageLayout::LinkImageLayout):
        (WebCore::LinkImageLayout::addLine):
        (WebCore::createDragImageForLink):
        (WebCore::fontFromNSFont): Deleted.
        (WebCore::canUseFastRenderer): Deleted.
        (WebCore::widthWithFont): Deleted.
        (WebCore::drawAtPoint): Deleted.
        (WebCore::drawDoubledAtPoint): Deleted.
        Improve the design of URL drag images.
        The margins are increased, the background is now white, the text is
        not drawn doubled-up, the title will now wrap to two lines, and the
        domain name will appear simplified and de-punycoded.

        Much of the implementation of text painting is borrowed from
        <attachment> for now, but we should figure out how to generalize
        it for UI-like parts of WebKit in the future.

2017-05-04  Jeremy Jones  <jeremyj@apple.com>

        Use if instead of return early for 13 places in WebAVPlayerController
        https://bugs.webkit.org/show_bug.cgi?id=171692

        Reviewed by Jer Noble.

        No new tests because no behavior change.

        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController play:]):
        (-[WebAVPlayerController pause:]):
        (-[WebAVPlayerController togglePlayback:]):
        (-[WebAVPlayerController beginScrubbing:]):
        (-[WebAVPlayerController endScrubbing:]):
        (-[WebAVPlayerController seekToTime:]):
        (-[WebAVPlayerController beginScanningForward:]):
        (-[WebAVPlayerController endScanningForward:]):
        (-[WebAVPlayerController beginScanningBackward:]):
        (-[WebAVPlayerController endScanningBackward:]):
        (-[WebAVPlayerController seekToBeginning:]):
        (-[WebAVPlayerController seekToEnd:]):
        (-[WebAVPlayerController toggleMuted:]):

2017-05-04  Filip Pizlo  <fpizlo@apple.com>

        JSC::Heap should expose a richer API for requesting GCs
        https://bugs.webkit.org/show_bug.cgi?id=171690

        Reviewed by Geoffrey Garen.

        No new tests because this is just a refactoring.
        
        Change some function calls now that some JSC::Heap APIs got renamed.

        * bindings/js/GCController.cpp:
        (WebCore::collect):
        (WebCore::GCController::garbageCollectNow):
        (WebCore::GCController::garbageCollectNowIfNotDoneRecently):

2017-05-04  Mark Lam  <mark.lam@apple.com>

        NeverDestroyed<String>(ASCIILiteral(...)) is not thread safe.
        https://bugs.webkit.org/show_bug.cgi?id=171586
        <rdar://problem/31873190>

        Reviewed by Yusuke Suzuki.

        No new tests because we're just converting uses of ASCIILiteral (in the
        instantiation of NeverDestroyed<String> and NeverDestroyed<const String>) to
        MAKE_STATIC_STRING_IMPL.

        The correctness of using MAKE_STATIC_STRING_IMPL is tested in the newly added
        API test in this patch.

        Also changed "static NeverDestroyed<ASCIILiteral>" instances in
        SQLiteIDBBackingStore.cpp to "static const char* const" because they are only
        ever used to get the underlying const char*.

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
        (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatementForGetAllObjectStoreRecords):
        * Modules/mediastream/MediaEndpointSessionDescription.cpp:
        * Modules/mediastream/RTCRtpTransceiver.cpp:
        * Modules/mediastream/SDPProcessor.cpp:
        * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
        (WebCore::customHandlersStateString):
        (WebCore::NavigatorContentUtils::isProtocolHandlerRegistered):
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::boundaryEventOccurred):
        * accessibility/AccessibilityMediaControls.cpp:
        (WebCore::AccessibilityMediaControl::controlTypeName):
        (WebCore::AccessibilityMediaControl::title):
        (WebCore::AccessibilityMediaControlsContainer::elementTypeName):
        (WebCore::AccessibilityMediaTimeline::helpText):
        (WebCore::AccessibilityMediaTimeDisplay::accessibilityDescription):
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::eventParameterName):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
        * css/CSSDefaultStyleSheets.cpp:
        (WebCore::screenEval):
        (WebCore::printEval):
        * css/MediaList.cpp:
        (WebCore::addResolutionWarningMessageToConsole):
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        * dom/Document.cpp:
        (WebCore::Document::readyState):
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::pseudoElementNameForEvents):
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::shouldAddNamespaceElement):
        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::dataDetectorURLProtocol):
        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::styleNodeCloseTag):
        (WebCore::createMarkupInternal):
        * html/FormController.cpp:
        (WebCore::formStateSignature):
        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::appendFormData):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::realizeSaves):
        (WebCore::CanvasRenderingContext2D::getImageData):
        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::init):
        (WebCore::XSSAuditor::eraseDangerousAttributesIfInjected):
        * html/track/VTTCue.cpp:
        (WebCore::startKeyword):
        (WebCore::middleKeyword):
        (WebCore::endKeyword):
        (WebCore::leftKeyword):
        (WebCore::rightKeyword):
        (WebCore::verticalGrowingLeftKeyword):
        (WebCore::verticalGrowingRightKeyword):
        (WebCore::VTTCue::determineTextDirection):
        (WebCore::VTTCue::markFutureAndPastNodes):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::computePseudoClassMask):
        * inspector/InspectorIndexedDBAgent.cpp:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::sourceMapURLForResource):
        * inspector/PageDebuggerAgent.cpp:
        (WebCore::PageDebuggerAgent::sourceMapURLForScript):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::notifyFinished):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::corsPolicyPreventedLoad):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::defaultDatabaseFilename):
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionsTextEdgeCSS):
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::urlWithUniqueSecurityOrigin):
        * page/UserContentURLPattern.cpp:
        (WebCore::UserContentURLPattern::parse):
        * platform/MIMETypeRegistry.cpp:
        (WebCore::defaultMIMEType):
        * platform/animation/Animation.cpp:
        (WebCore::Animation::initialName):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::engineDescription):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::engineDescription):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontCache::similarFont):
        * platform/gtk/UserAgentGtk.cpp:
        (WebCore::platformVersionForUAString):
        * platform/mock/mediasource/MockBox.cpp:
        (WebCore::MockTrackBox::type):
        (WebCore::MockInitializationBox::type):
        (WebCore::MockSampleBox::type):
        * platform/network/HTTPHeaderValues.cpp:
        (WebCore::HTTPHeaderValues::textPlainContentType):
        (WebCore::HTTPHeaderValues::formURLEncodedContentType):
        (WebCore::HTTPHeaderValues::noCache):
        (WebCore::HTTPHeaderValues::maxAge0):
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseXSSProtectionHeader):
        * replay/MemoizedDOMResult.cpp:
        (JSC::InputTraits<MemoizedDOMResultBase>::type):
        * svg/SVGTransformValue.cpp:
        (WebCore::SVGTransformValue::transformTypePrefixForParsing):

2017-05-04  Jeremy Jones  <jeremyj@apple.com>

        Add muted to WebPlaybackSessionModel.
        https://bugs.webkit.org/show_bug.cgi?id=171592
        rdar://problem/31814074

        Reviewed by Jer Noble.

        No behavior change. This just adds the ability for UI to mute.

        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::mutedChanged):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::updateForEventName):
        (WebCore::WebPlaybackSessionModelMediaElement::toggleMuted):
        (WebCore::WebPlaybackSessionModelMediaElement::observedEventNames):
        (WebCore::WebPlaybackSessionModelMediaElement::isMuted):
        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebAVPlayerController.mm:
        (-[WebAVPlayerController toggleMuted:]):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.h:
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm:
        (WebCore::WebPlaybackSessionInterfaceAVKit::mutedChanged):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::mutedChanged):
        (WebVideoFullscreenControllerContext::isMuted):
        (WebVideoFullscreenControllerContext::toggleMuted):
        * platform/spi/ios/MediaPlayerSPI.h:

2017-05-04  Joseph Pecoraro  <pecoraro@apple.com>

        REGRESSION(r216138): Web Inspector: ASSERT(!content.isNull()) when checking for source map url opening inspector
        https://bugs.webkit.org/show_bug.cgi?id=171697
        <rdar://problem/31999512>

        Reviewed by Matt Baker.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent):
        Always set base64Encoded when returning true. Return the empty
        string instead of a null string matching previous behavior.

2017-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Add support for keeping the selection in a focused editable element when dragging begins
        https://bugs.webkit.org/show_bug.cgi?id=171585
        <rdar://problem/31544320>

        Reviewed by Beth Dakin and Zalan Bujtas.

        Covered by 4 API tests.

        * dom/DocumentMarker.h:

        Introduces the DraggedContent DocumentMarker type, which applies to the Range in the DOM that is being used as
        a drag source. Also adds DraggedContentData, which contains nodes found by the TextIterator in the process of
        finding Ranges to mark.

        (WebCore::DocumentMarker::AllMarkers::AllMarkers):
        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::addDraggedContentMarker):
        (WebCore::shouldInsertAsSeparateMarker):
        (WebCore::DocumentMarkerController::addMarker):

        When adding DocumentMarkers of type DraggedContent, keep adjacent RenderReplaced elements separate, rather than
        merging them into existing RenderedDocumentMarkers. This is because the data for each of these (i.e. the target
        node) needs to be preserved.

        (WebCore::DocumentMarkerController::markersFor):

        Bail and return an empty list if the map of document markers cannot possibly contain a dragged content marker.

        * dom/DocumentMarkerController.h:
        * page/DragController.h:
        * page/DragState.h:

        Add draggedContentRange to DragState. This tracks the Range that is being dragged; it is created when the drag
        session has begun, and ends when drag session finishes (either via WebPage::dragEnded or WebPage::dragCancelled).

        * page/EventHandler.cpp:
        (WebCore::repaintContentsOfRange):
        (WebCore::EventHandler::dragCancelled):

        Called when a drag is cancelled in the UI process without a session ever getting a chance to begin. We use this
        as a hook to remove all DraggedContent document markers from the document of the dragged content range.

        (WebCore::EventHandler::didStartDrag):

        Called when a drag session has begun in the UI process. We use this as a hook to set up document markers for the
        Range of content being dragged.

        (WebCore::EventHandler::dragSourceEndedAt):

        Called when a drag session ends. We use this as a hook to remove all DraggedContent document markers from the
        document of the dragged content range.

        (WebCore::EventHandler::draggedElement):
        * page/EventHandler.h:
        * page/FocusController.cpp:
        (WebCore::shouldClearSelectionWhenChangingFocusedElement):

        Prevent the selection from clearing when the previously focused element is editable and also contains the drag
        source element. Ideally, we should experiment with clearing out the selection whenever the element is blurred
        (and not have additional restrictions on editability and containing the drag source), but this change is much
        riskier.

        (WebCore::FocusController::setFocusedElement):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):

        Use RenderText::draggedContentStartEnd to find the range of text (if any) that is dragged content, and paint
        these ranges of text at a lower alpha using TextPainter::paintTextInRange.

        * rendering/RenderReplaced.cpp:
        (WebCore::draggedContentContainsReplacedElement):

        Determines whether or not the element being rendered is contained within a dragged content range. Assuming that
        the DraggedContent type flag is set in DocumentMarkerController, we first look to see whether or not the
        container node is in the document marker map. If so, instead of consulting node offset ranges (since this is, in
        the worst-case, linear in the number of sibling nodes per RenderReplaced) we simply check the DraggedContentData
        to see if the current element being rendered matches one of the target nodes.

        (WebCore::RenderReplaced::paint):

        If the element rendered by this RenderReplaced is dragged content, then render it at a low alpha.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::draggedContentRangesBetweenOffsets):

        Determines what range of text, if any, contains dragged content by consulting the Document's DocumentMarkers.

        * rendering/RenderText.h:
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintTextInRange):

        Teach TextPainter to only paint a given range in a TextRun.

        * rendering/TextPainter.h:

        Add TextPainter support for specifying special text offset ranges when rendering a TextRun, such that each
        special range in text is rendered after applying some modification to the GraphicsContext.

2017-05-04  Jeremy Jones  <jeremyj@apple.com>

        Crash when pointer lock element is removed before pointer lock allowed arrives.
        https://bugs.webkit.org/show_bug.cgi?id=171642

        Reviewed by Jer Noble.

        Make sure there a pending lock before attempting to complete pointer lock.

        * page/PointerLockController.cpp:
        (WebCore::PointerLockController::didAcquirePointerLock):

2017-05-04  Chris Dumez  <cdumez@apple.com>

        Reformat / Clean up Node.idl to match the specification
        https://bugs.webkit.org/show_bug.cgi?id=171686

        Reviewed by Sam Weinig.

        Reformat / Clean up Node.idl to match the specification:
        - https://dom.spec.whatwg.org/#node

        There should be no Web-facing behavior change, except for Node properties
        being enumerated in a slightly different order.

        * dom/Node.idl:

2017-05-04  Sam Weinig  <sam@webkit.org>

        Remove support for legacy Notifications
        https://bugs.webkit.org/show_bug.cgi?id=171487

        Reviewed by Jon Lee.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Remove files.

        * Configurations/FeatureDefines.xcconfig:
        Remove definition of ENABLE_LEGACY_NOTIFICATIONS.

        * DerivedSources.make:
        Remove IDL files.

        * Modules/notifications/DOMWindowNotifications.cpp: Removed.
        * Modules/notifications/DOMWindowNotifications.h: Removed.
        * Modules/notifications/DOMWindowNotifications.idl: Removed.
        * Modules/notifications/NotificationCenter.cpp: Removed.
        * Modules/notifications/NotificationCenter.h: Removed.
        * Modules/notifications/NotificationCenter.idl: Removed.
        * Modules/notifications/NotificationClient.h:
        * Modules/notifications/NotificationController.cpp:
        * Modules/notifications/NotificationController.h:
        * Modules/notifications/WorkerGlobalScopeNotifications.cpp: Removed.
        * Modules/notifications/WorkerGlobalScopeNotifications.h: Removed.
        * Modules/notifications/WorkerGlobalScopeNotifications.idl: Removed.
        * Modules/notifications/Notification.idl:
        * Modules/notifications/Notification.cpp:
        * Modules/notifications/Notification.h:
        * dom/EventTargetFactory.in:
        * page/DOMWindow.cpp:
        * workers/WorkerThread.h:
        Remove code legacy Notification code. Replace use of NotificationCenter with direct
        calls to the NotificationClient.

2017-05-04  Antti Koivisto  <antti@apple.com>

        REGRESSION (Safari 10.1): When 'transition' contains -ms-transform, transform-origin is also transitioned
        https://bugs.webkit.org/show_bug.cgi?id=171250
        <rdar://problem/31827243>

        Reviewed by Geoffrey Garen.

        We were mapping unknown properties to 'all' animation. With this patch we ignore them instead.
        The patch also implements roundtripping of unknown properties via CSSOM, matching Blink and Gecko.

        Test: transitions/transition-unknown-property-ignore.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createTransitionPropertyValue):

            Return the correct name for unknown properties.

        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationProperty):

            Map any unknown property to AnimateUnknownProperty mode instead of falling back to the default of AnimateAll.
            Save the unknown property name so we can roundtrip it properly.

        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateTransitions):

            Ignore AnimateUnknownProperty like AnimateNone.

        * platform/animation/Animation.h:
        (WebCore::Animation::unknownProperty):
        (WebCore::Animation::setUnknownProperty):

2017-05-04  Chris Dumez  <cdumez@apple.com>

        Clean up MutationRecord.idl
        https://bugs.webkit.org/show_bug.cgi?id=171685

        Reviewed by Sam Weinig.

        Clean up MutationRecord.idl to match the specification:
        - https://dom.spec.whatwg.org/#mutationrecord

        There is no Web-facing behavior change.

        * dom/MutationRecord.idl:

2017-05-04  Chris Dumez  <cdumez@apple.com>

        Reformat / clean up Event.idl
        https://bugs.webkit.org/show_bug.cgi?id=171675

        Reviewed by Sam Weinig.

        Reformat / clean up Event.idl to match the latest spec more closely:
        - https://dom.spec.whatwg.org/#interface-event

        There is no web-facing behavior change, except for properties being
        enumerated in a slightly different order.

        * dom/Event.idl:

2017-05-04  Daniel Bates  <dabates@apple.com>

        Cleanup: Extract CachedScript::mimeTypeAllowedByNosniff() into a common function
        https://bugs.webkit.org/show_bug.cgi?id=171678

        Reviewed by Andy Estes.

        Extract CachedScript::mimeTypeAllowedByNosniff() into a common function that can
        be shared by LoadableClassicScript and WorkerScriptLoader.

        No functionality was changed. So, no new tests.

        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished): Modified to use WebCore::isScriptAllowedByNosniff().
        * loader/cache/CachedScript.cpp:
        (WebCore::CachedScript::mimeType): Deleted; incorporated into WebCore::isScriptAllowedByNosniff().
        (WebCore::CachedScript::mimeTypeAllowedByNosniff): Deleted; incorporated into WebCore::isScriptAllowedByNosniff().
        * loader/cache/CachedScript.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::isScriptAllowedByNosniff): Added. Note that it is sufficient to extract the MIME type
        as-is and query the MIME type registry because the MIME type registry performs look ups case-insensitively.
        * platform/network/ResourceResponseBase.h:
        * workers/WorkerScriptLoader.cpp:
        (WebCore::WorkerScriptLoader::didReceiveResponse): Modified to use WebCore::isScriptAllowedByNosniff().
        (WebCore::mimeTypeAllowedByNosniff): Deleted.

2017-05-04  Sam Weinig  <sam@webkit.org>

        Make the [EnabledBySetting] extended attribute work for any attribute or operation on a prototype
        https://bugs.webkit.org/show_bug.cgi?id=171588

        Reviewed by Dean Jackson.

        * bindings/js/JSDOMIterator.h:
        (WebCore::JSDOMIterator::createPrototype):
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/JSDOMWrapperCache.h:
        (WebCore::getDOMStructure):
        (WebCore::getDOMPrototype):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::initScript):
        Update to account for createPrototype and prototype taking the global object by reference.
        
        * bindings/scripts/CodeGeneratorJS.pm:
        (NeedsSettingsCheckForPrototypeProperty):
        Add predicate to determine if an interface has any settings enabled properties on the prototype,
        needed to determine if we should pass the global object to finishCreation.

        (GenerateHeader):
        Update signature of both createPrototype and prototype to take JSDOMGlobalObject& rather than
        a JSC::JSGlobalObject*, this allows us to pass the more specific type to the prototype constructor,
        and access the ScriptExecutionContext for the Settings.

        (GeneratePropertiesHashTable):
        Update to return, via out parameter, arrays with the attributes and operations that specify EnabledBySetting. This
        mimics the model used for RuntimeEnabledFeatures.

        (GenerateImplementation):
        In {Class}Prototype::finishCreation, add code to check settings to see if an attribute or operation should be enabled,
        and if it shouldn't remove it from the object. This, again, is modeled on RuntimeEnabledFeatures.

        (GeneratePrototypeDeclaration):
        Update signatures to take JSDOMGlobalObject& and specialize finishCreation to take one if there are any properties
        that require settings to enable.

        (GenerateConstructorHelperMethods):
        Update for new signature of prototype(...).

        * bindings/scripts/test/JS/JSInterfaceName.cpp:
        * bindings/scripts/test/JS/JSInterfaceName.h:
        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSMapLike.h:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.h:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h:
        * bindings/scripts/test/JS/JSTestIterable.cpp:
        * bindings/scripts/test/JS/JSTestIterable.h:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
        * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.h:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.h:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        Update test results for new test values and changes in signatures to pass JSDOMGlobalObject.

        * bindings/scripts/test/TestObj.idl:
        Add tests for [EnableBySetting] for attributes and operations.

        * bridge/objc/objc_runtime.h:
        * bridge/runtime_array.h:
        * bridge/runtime_method.h:
        * bridge/runtime_object.h:
        * inspector/CommandLineAPIHost.cpp:
        Update createPrototype function to take the global object by reference.

2017-05-04  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Allow host application to enable/disable media capture
        https://bugs.webkit.org/show_bug.cgi?id=171292
        <rdar://problem/31821492>

        Reviewed by Jer Noble.

        No new layout tests, added an API test instead.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::endStream): New, stop all tracks.
        * Modules/mediastream/MediaStream.h:

        * Modules/mediastream/MediaStreamRegistry.cpp:
        (WebCore::MediaStreamRegistry::unregisterStream): Minor cleanup.
        (WebCore::MediaStreamRegistry::forEach): New, call the lambda with each stream.
        (WebCore::MediaStreamRegistry::MediaStreamRegistry): Deleted, unused.
        * Modules/mediastream/MediaStreamRegistry.h:

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::stopTrack): Add parameter so caller can specify if an 'ended' 
        event should be sent or not.
        (WebCore::MediaStreamTrack::trackMutedChanged): Don't post an event if the track has ended.
        * Modules/mediastream/MediaStreamTrack.h:

        * dom/Document.cpp:
        (WebCore::Document::stopMediaCapture): Stop all streams in the document.
        * dom/Document.h:

        * page/Page.cpp:
        (WebCore::Page::stopMediaCapture): Stop all streams.
        * page/Page.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Display a black frame
        when the stream ends.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::activeStatusChanged): Signal a characteristics
        change to HTMLMediaElement refresh state.
        * platform/mediastream/MediaStreamPrivate.h:

        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::stopProducingData): Don't return early if the session isn't 
        running, we always need to clear m_session on iOS.

2017-05-04  Zalan Bujtas  <zalan@apple.com>

        Should never hit layout while updating the render tree.
        https://bugs.webkit.org/show_bug.cgi?id=171643

        Reviewed by Antti Koivisto.

        Laying out a half-baked render tree is not a great idea. Especially considering
        that layout (sadly) can mutate the render tree.  

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

2017-05-04  Daniel Bates  <dabates@apple.com>

        importScripts() should respect X-Content-Type-Options: nosniff
        https://bugs.webkit.org/show_bug.cgi?id=171248
        <rdar://problem/31819023>

        Reviewed by Andy Estes.

        Do not load a worker script if it has the HTTP response header "X-Content-Type-Options: nosniff"
        and its Content-type header is not an allowed JavaScript script mime type. This behavior follows
        from <https://html.spec.whatwg.org/multipage/webappapis.html#fetch-a-classic-worker-imported-script> (3 May 2017),
        <https://fetch.spec.whatwg.org/#concept-fetch> (2 May 2017), and <https://fetch.spec.whatwg.org/#concept-main-fetch>.

        * workers/WorkerScriptLoader.cpp:
        (WebCore::mimeTypeAllowedByNosniff): Added.
        (WebCore::WorkerScriptLoader::didReceiveResponse): Mark the load as failed if the response
        is not allowed by X-Content-Type-Options: nosniff.

2017-05-04  Dave Hyatt  <hyatt@apple.com>

        REGRESSION(STP): rgb() with calc() containing variables doesn't work
        https://bugs.webkit.org/show_bug.cgi?id=169939

        Reviewed by Zalan Bujtas.

        Added new test in fast/css/variables.

        * css/CSSCalculationValue.cpp:
        (WebCore::CSSCalcExpressionNodeParser::parseValue):
        Treat floats in calcs as integers when we can.

2017-05-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216172.
        https://bugs.webkit.org/show_bug.cgi?id=171654

        FTBFS for iOS due to missing WebPageProxy::stopMediaCapture()
        implementation. (Requested by ddkilzer on #webkit).

        Reverted changeset:

        "[MediaStream] Allow host application to enable/disable media
        capture"
        https://bugs.webkit.org/show_bug.cgi?id=171292
        http://trac.webkit.org/changeset/216172

2017-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r215686): Incremental reads from SharedBuffer are wrong after r215686
        https://bugs.webkit.org/show_bug.cgi?id=171602

        Reviewed by Michael Catanzaro.

        In TextTrackLoader::processNewCueData() and PNGImageReader::decode() we changed the patter to read data from a
        SharedBuffer at a given offset. The new pattern is not correct, because it assumes the whole segment is always
        read, and the new offset is not correct when that's not the case. This has broken the rendering of png images in
        the GTK+ port, only the first bytes are correctly decoded and drawn, but not the rest of the image.

        Fixes: editing/pasteboard/paste-image-using-image-data.html

        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::decode):

2017-05-03  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Allow host application to enable/disable media capture
        https://bugs.webkit.org/show_bug.cgi?id=171292
        <rdar://problem/31821492>

        Reviewed by Jer Noble.

        No new layout tests, added an API test instead.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::endStream): New, stop all tracks.
        * Modules/mediastream/MediaStream.h:

        * Modules/mediastream/MediaStreamRegistry.cpp:
        (WebCore::MediaStreamRegistry::unregisterStream): Minor cleanup.
        (WebCore::MediaStreamRegistry::forEach): New, call the lambda with each stream.
        (WebCore::MediaStreamRegistry::MediaStreamRegistry): Deleted, unused.
        * Modules/mediastream/MediaStreamRegistry.h:

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::stopTrack): Add parameter so caller can specify if an 'ended' 
        event should be sent or not.
        (WebCore::MediaStreamTrack::trackMutedChanged): Don't post an event if the track has ended.
        * Modules/mediastream/MediaStreamTrack.h:

        * dom/Document.cpp:
        (WebCore::Document::stopMediaCapture): Stop all streams in the document.
        * dom/Document.h:

        * page/Page.cpp:
        (WebCore::Page::stopMediaCapture): Stop all streams.
        * page/Page.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Display a black frame
        when the stream ends.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::activeStatusChanged): Signal a characteristics
        change to HTMLMediaElement refresh state.
        * platform/mediastream/MediaStreamPrivate.h:

        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::stopProducingData): Don't return early if the session isn't 
        running, we always need to clear m_session on iOS.

2017-05-03  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Remove all statistics for modifiedSince website data removals
        https://bugs.webkit.org/show_bug.cgi?id=171584
        <rdar://problem/24702576>

        Reviewed by Brent Fulgham.

        Test: http/tests/loading/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::clearInMemoryAndPersistentStore):
            Now clears all regardless of the modifiedSince parameter's value.

2017-05-03  Andy Estes  <aestes@apple.com>

        Try to fix the macOS Public SDK build
        https://bugs.webkit.org/show_bug.cgi?id=171635
        <rdar://problem/31812751>

        Unreviewed because the commit queue told me to say this.

        * platform/spi/cocoa/AVKitSPI.h:

2017-05-03  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: aria-rowspan value should be ignored if td/th rowspan value is provided
        https://bugs.webkit.org/show_bug.cgi?id=171214

        Reviewed by Chris Fleizach.

        Return -1 in AccessibilityTableCell::ariaColumnSpan() and ariaRowSpan() if the
        cell element has an explicit value for the native host language's span attribute.
        Add checks to AccessibilityTableCell::columnIndexRange() and rowIndexRange() so
        that we prefer an author-provided ARIA span value over an implicit host-language
        span value. Similarly, add checks to AccessibilityARIAGridCell::columnIndexRange()
        and rowIndexRange() so that we fall back on implicit host-language span values
        when there is no author-provided ARIA span value and the ARIA cell is associated
        with a cell element.

        Test: accessibility/aria-cellspans-with-native-cellspans.html

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::ariaRowSpanWithRowIndex):
        (WebCore::AccessibilityARIAGridCell::columnIndexRange):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::rowIndexRange):
        (WebCore::AccessibilityTableCell::columnIndexRange):
        (WebCore::AccessibilityTableCell::ariaColumnSpan):
        (WebCore::AccessibilityTableCell::ariaRowSpan):

2017-05-03  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r216160 and r216161.
        https://bugs.webkit.org/show_bug.cgi?id=171640

        These changes broke the iOS build. (Requested by mlewis13 on
        #webkit).

        Reverted changesets:

        "[MediaStream] Allow host application to enable/disable media
        capture"
        https://bugs.webkit.org/show_bug.cgi?id=171292
        http://trac.webkit.org/changeset/216160

        "[MediaStream] Allow host application to enable/disable media
        capture"
        https://bugs.webkit.org/show_bug.cgi?id=171292
        http://trac.webkit.org/changeset/216161

2017-05-03  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Allow host application to enable/disable media capture
        https://bugs.webkit.org/show_bug.cgi?id=171292
        <rdar://problem/31821492>

        Reviewed by Jer Noble.

        No new layout tests, added an API test instead.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::endStream): New, stop all tracks.
        * Modules/mediastream/MediaStream.h:

        * Modules/mediastream/MediaStreamRegistry.cpp:
        (WebCore::MediaStreamRegistry::unregisterStream): Minor cleanup.
        (WebCore::MediaStreamRegistry::forEach): New, call the lambda with each stream.
        (WebCore::MediaStreamRegistry::MediaStreamRegistry): Deleted, unused.
        * Modules/mediastream/MediaStreamRegistry.h:

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::stopTrack): Add parameter so caller can specify if an 'ended' 
        event should be sent or not.
        (WebCore::MediaStreamTrack::trackMutedChanged): Don't post an event if the track has ended.
        * Modules/mediastream/MediaStreamTrack.h:

        * dom/Document.cpp:
        (WebCore::Document::stopMediaCapture): Stop all streams in the document.
        * dom/Document.h:

        * page/Page.cpp:
        (WebCore::Page::stopMediaCapture): Stop all streams.
        * page/Page.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Display a black frame
        when the stream ends.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::activeStatusChanged): Signal a characteristics
        change to HTMLMediaElement refresh state.
        * platform/mediastream/MediaStreamPrivate.h:

        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::stopProducingData): Don't return early if the session isn't 
        running, we always need to clear m_session on iOS.

2017-05-03  Zalan Bujtas  <zalan@apple.com>

        SearchInputType could end up with a mismatched renderer.
        https://bugs.webkit.org/show_bug.cgi?id=171547
        <rdar://problem/31935047>

        Reviewed by Antti Koivisto.

        Normally we've got the correct renderer by the time we call into SearchInputType.
        However, since HTMLInputElement::updateType() eagerly updates the type while the associated renderers are done lazily
        (so we don't get them updated until after the next tree update), we could actually end up
        with a mismatched renderer (e.g. through form submission).

        Test: fast/forms/change-input-type-and-submit-form-crash.html

        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::addSearchResult):
        (WebCore::SearchInputType::didSetValueByUserEdit):

2017-05-03  Jer Noble  <jer.noble@apple.com>

        Make the VPIO audio unit a singleton, shared between multiple CaptureSources
        https://bugs.webkit.org/show_bug.cgi?id=171622

        Reviewed by Eric Carlson.

        Move the implemnetation of CoreAudioCaptureSource into a shared singleton class, CoreAudioSharedUnit,
        which will send audio to each of it's client CoreAudioCaptureSources. The first registered client will
        define the settings used by the shared unit.

        Drive-by fixes: Fix up setUseAVFoundationAudioCapture() to always accept the first value set.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioSharedUnit::isProducingData):
        (WebCore::CoreAudioSharedUnit::microphoneFormat):
        (WebCore::CoreAudioSharedUnit::singleton):
        (WebCore::CoreAudioSharedUnit::addClient):
        (WebCore::CoreAudioSharedUnit::removeClient):
        (WebCore::CoreAudioSharedUnit::addEchoCancellationSource):
        (WebCore::CoreAudioSharedUnit::removeEchoCancellationSource):
        (WebCore::CoreAudioSharedUnit::preferredIOBufferSize):
        (WebCore::CoreAudioSharedUnit::setupAudioUnits):
        (WebCore::CoreAudioSharedUnit::configureMicrophoneProc):
        (WebCore::CoreAudioSharedUnit::configureSpeakerProc):
        (WebCore::CoreAudioSharedUnit::checkTimestamps):
        (WebCore::CoreAudioSharedUnit::provideSpeakerData):
        (WebCore::CoreAudioSharedUnit::speakerCallback):
        (WebCore::CoreAudioSharedUnit::processMicrophoneSamples):
        (WebCore::CoreAudioSharedUnit::microphoneCallback):
        (WebCore::CoreAudioSharedUnit::cleanupAudioUnits):
        (WebCore::CoreAudioSharedUnit::startProducingData):
        (WebCore::CoreAudioSharedUnit::stopProducingData):
        (WebCore::CoreAudioSharedUnit::suspend):
        (WebCore::CoreAudioSharedUnit::defaultInputDevice):
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::factory):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::addEchoCancellationSource):
        (WebCore::CoreAudioCaptureSource::removeEchoCancellationSource):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        (WebCore::CoreAudioCaptureSource::audioSourceProvider):
        (WebCore::CoreAudioCaptureSource::preferredSampleRate): Deleted.
        (WebCore::CoreAudioCaptureSource::preferredIOBufferSize): Deleted.
        (WebCore::CoreAudioCaptureSource::configureMicrophoneProc): Deleted.
        (WebCore::CoreAudioCaptureSource::configureSpeakerProc): Deleted.
        (WebCore::CoreAudioCaptureSource::checkTimestamps): Deleted.
        (WebCore::CoreAudioCaptureSource::provideSpeakerData): Deleted.
        (WebCore::CoreAudioCaptureSource::speakerCallback): Deleted.
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples): Deleted.
        (WebCore::CoreAudioCaptureSource::microphoneCallback): Deleted.
        (WebCore::CoreAudioCaptureSource::cleanupAudioUnits): Deleted.
        (WebCore::CoreAudioCaptureSource::defaultInputDevice): Deleted.
        (WebCore::CoreAudioCaptureSource::setupAudioUnits): Deleted.
        (WebCore::CoreAudioCaptureSource::suspend): Deleted.
        (WebCore::CoreAudioCaptureSource::resume): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture):

2017-05-03  Jer Noble  <jer.noble@apple.com>

        getUserMedia() fails because devices list is empty / inactive
        https://bugs.webkit.org/show_bug.cgi?id=171626

        Reviewed by Eric Carlson.

        When creating a AVAudioSessionCaptureDevice, set the device's enabled state to true if the port description
        has any items in its dataSources property (which is the best analogue to "isActive" we have in AVAudioSession).

        Also, when creating the generic list of CaptureDevices, use the copy constructor to ensure the enabled state
        gets copied to the new generic device.

        * platform/mediastream/ios/AVAudioSessionCaptureDevice.mm:
        (WebCore::AVAudioSessionCaptureDevice::create):
        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.mm:
        (WebCore::AVAudioSessionCaptureDeviceManager::refreshAudioCaptureDevices):

2017-05-03  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Implement the imageready event to reliably test the async image decoding
        https://bugs.webkit.org/show_bug.cgi?id=171016

        Reviewed by Simon Fraser.

        The event will be fired for each client of the image. Firing the event
        will happen after finishing the decoding and repainting the client.

        Existing tests will be modified in a separate patch to use this event.

        * dom/Element.cpp:
        (WebCore::Element::dispatchWebKitImageReadyEventForTesting):
        * dom/Element.h:
        * page/Settings.in:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::imageFrameAvailable):

2017-05-03  Tim Horton  <timothy_horton@apple.com>

        Maintain interaction information URL as a URL, not a string
        https://bugs.webkit.org/show_bug.cgi?id=171623

        Reviewed by Simon Fraser.

        No new tests, not a behavior change.

        * platform/URL.h:

2017-05-03  Yoav Weiss  <yoav@yoav.ws>

        Link preload HTMLPreloadScanner support
        https://bugs.webkit.org/show_bug.cgi?id=170747

        Reviewed by Youenn Fablet.

        Test: http/tests/preload/preloadscanner_download_resources.html

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner): Initialize link preload flag.
        (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): Create a request only if the type is known (so ignore
        preloads with unknown type).
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Add handling for link preload and the `as` attribute.
        (WebCore::TokenPreloadScanner::StartTagScanner::relAttributeIsStyleSheet): Get LinkRelAttribute as input.
        (WebCore::TokenPreloadScanner::StartTagScanner::resourceType): Return an std::optional, in case the preload type is unknown.
        (WebCore::TokenPreloadScanner::StartTagScanner::shouldPreload): Return true for the link preload case.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::preload): Return the resource rather than a nullptr if it's already in m_preloads.

2017-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>

        YouTube user agent quirk breaks new YouTube
        https://bugs.webkit.org/show_bug.cgi?id=171603

        Reviewed by Carlos Garcia Campos.

        Our user agent quirk to make YouTube 360 work breaks the new YouTube UI, causing it to
        attempt to use the obsolete custom elements v0 API. WebKit only supports the v1 API. We
        have to remove this quirk.

        Note this does not affect Safari as Apple ports don't use our user agent quirks.

        * platform/UserAgentQuirks.cpp:
        (WebCore::urlRequiresChromeBrowser):

2017-05-03  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: 404 Image Load does not appear as a failure in Web Inspector
        https://bugs.webkit.org/show_bug.cgi?id=171587
        <rdar://problem/13222846>

        Reviewed by Matt Baker.

        * inspector/InspectorPageAgent.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent):
        (WebCore::prepareCachedResourceBuffer): Deleted.
        Inline the function to make this less confusing.

        (WebCore::InspectorPageAgent::buildObjectForFrameTree):
        Treat a DecodeError as a failure.

2017-05-03  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Async image decoding should be disabled for snapshots, printing and preview
        https://bugs.webkit.org/show_bug.cgi?id=171467
 
        Reviewed by Simon Fraser.
 
        Asynchronous image decoding should only be used for window display where
        RenderElements can be repainted and painted. For cases where there is only
        one chance to draw the image, synchronous decoding should be used. 

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):

2017-05-03  Nan Wang  <n_wang@apple.com>

        AX: VO skips cells after cell with aria-colspan
        https://bugs.webkit.org/show_bug.cgi?id=171579

        Reviewed by Chris Fleizach.

        We should consider the previous cells' column span value when
        calculating the column index.

        Test: accessibility/mac/aria-grid-column-span.html

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::columnIndexRange):

2017-05-03  Jiewen Tan  <jiewen_tan@apple.com>

        ASSERTION FAILED: m_scriptExecutionContext->isContextThread() seen with LayoutTest crypto/workers/crypto-random-values-limits-worker.html
        https://bugs.webkit.org/show_bug.cgi?id=171462
        <rdar://problem/31906859>

        Reviewed by Brent Fulgham.

        Covered by existing tests.

        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::~WorkerGlobalScope):
        Clear Crypto early in destruction since its ContextDestructionObserver
        destruction makes checks about the WorkerThread.

2017-05-03  Zalan Bujtas  <zalan@apple.com>

        RenderSearchField should not use isTextField() in SPECIALIZE_TYPE_TRAITS_RENDER_OBJECT
        https://bugs.webkit.org/show_bug.cgi?id=171608

        Reviewed by Simon Fraser.

        isTextField() is true for any generic single line text control.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isSearchField):
        * rendering/RenderSearchField.h:

2017-05-03  Frederic Wang  <fwang@igalia.com>

        Remove ScrollingCoordinator::supportsFixedPositionLayers()
        https://bugs.webkit.org/show_bug.cgi?id=171557

        Reviewed by Simon Fraser.

        No new tests, behavior is not changed.

        * page/FrameView.cpp:
        (WebCore::FrameView::shouldUpdateCompositingLayersAfterScrolling):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateViewportConstrainedNode):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::synchronousScrollingReasons):
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::supportsFixedPositionLayers): Deleted.
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::updateViewportConstrainedNode):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h:
        (): Deleted.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):

2017-05-03  Chris Dumez  <cdumez@apple.com>

        Use PassRefPtr less in CompositeEditCommand
        https://bugs.webkit.org/show_bug.cgi?id=171590

        Reviewed by Sam Weinig.

        Use PassRefPtr less in CompositeEditCommand.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/ApplyStyleCommand.cpp:
        (WebCore::hasNoAttributeOrOnlyStyleAttribute):
        (WebCore::isStyleSpanOrSpanWithOnlyStyleAttribute):
        (WebCore::isSpanWithoutAttributesOrUnstyledStyleSpan):
        (WebCore::isEmptyFontTag):
        (WebCore::ApplyStyleCommand::doApply):
        (WebCore::ApplyStyleCommand::applyBlockStyle):
        (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange):
        (WebCore::dummySpanAncestorForNode):
        (WebCore::ApplyStyleCommand::cleanupUnstyledAppleStyleSpans):
        (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
        (WebCore::ApplyStyleCommand::applyInlineStyle):
        (WebCore::ApplyStyleCommand::fixRangeAndApplyInlineStyle):
        (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
        (WebCore::ApplyStyleCommand::shouldApplyInlineStyleToRun):
        (WebCore::ApplyStyleCommand::removeConflictingInlineStyleFromRun):
        (WebCore::ApplyStyleCommand::removeInlineStyleFromElement):
        (WebCore::ApplyStyleCommand::replaceWithSpanOrRemoveIfWithoutAttributes):
        (WebCore::ApplyStyleCommand::removeImplicitlyStyledElement):
        (WebCore::ApplyStyleCommand::removeCSSStyle):
        (WebCore::ApplyStyleCommand::highestAncestorWithConflictingInlineStyle):
        (WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode):
        (WebCore::ApplyStyleCommand::removeInlineStyle):
        (WebCore::ApplyStyleCommand::shouldSplitTextElement):
        (WebCore::ApplyStyleCommand::mergeStartWithPreviousIfIdentical):
        (WebCore::ApplyStyleCommand::mergeEndWithNextIfIdentical):
        (WebCore::ApplyStyleCommand::surroundNodeRangeWithElement):
        (WebCore::ApplyStyleCommand::addBlockStyle):
        (WebCore::ApplyStyleCommand::joinChildTextNodes):
        * editing/ApplyStyleCommand.h:
        (WebCore::ApplyStyleCommand::shouldRemoveInlineStyleFromElement):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::removeChildrenInRange):
        (WebCore::CompositeEditCommand::mergeIdenticalElements):
        (WebCore::CompositeEditCommand::insertTextIntoNode):
        (WebCore::CompositeEditCommand::deleteTextFromNode):
        (WebCore::CompositeEditCommand::replaceTextInNode):
        (WebCore::CompositeEditCommand::replaceSelectedTextInNode):
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        (WebCore::CompositeEditCommand::removeNodeAttribute):
        (WebCore::CompositeEditCommand::rebalanceWhitespaceAt):
        (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring):
        (WebCore::CompositeEditCommand::prepareWhitespaceAtPositionForSplit):
        (WebCore::CompositeEditCommand::deleteInsignificantText):
        (WebCore::CompositeEditCommand::removePlaceholderAt):
        (WebCore::CompositeEditCommand::cleanupAfterDeletion):
        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/CompositeEditCommand.h:
        * editing/DeleteFromTextNodeCommand.cpp:
        (WebCore::DeleteFromTextNodeCommand::DeleteFromTextNodeCommand):
        (WebCore::DeleteFromTextNodeCommand::doApply):
        (WebCore::DeleteFromTextNodeCommand::doUnapply):
        (WebCore::DeleteFromTextNodeCommand::getNodesInCommand):
        * editing/DeleteFromTextNodeCommand.h:
        (WebCore::DeleteFromTextNodeCommand::create):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::deleteTextFromNode):
        (WebCore::DeleteSelectionCommand::handleGeneralDelete):
        (WebCore::DeleteSelectionCommand::fixupWhitespace):
        * editing/DeleteSelectionCommand.h:
        * editing/EditingAllInOne.cpp:
        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::removeStyleConflictingWithStyleOfNode):
        (WebCore::elementMatchesAndPropertyIsNotInInlineStyleDecl):
        (WebCore::EditingStyle::mergeInlineAndImplicitStyleOfElement):
        (WebCore::EditingStyle::wrappingStyleForSerialization):
        (WebCore::styleFromMatchedRulesForElement):
        (WebCore::EditingStyle::mergeStyleFromRules):
        (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
        (WebCore::EditingStyle::removeStyleFromRulesAndContext):
        (WebCore::EditingStyle::removePropertiesInElementDefaultStyle):
        * editing/EditingStyle.h:
        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::tryIndentingAsListItem):
        * editing/InsertIntoTextNodeCommand.cpp:
        (WebCore::InsertIntoTextNodeCommand::InsertIntoTextNodeCommand):
        (WebCore::InsertIntoTextNodeCommand::getNodesInCommand):
        * editing/InsertIntoTextNodeCommand.h:
        (WebCore::InsertIntoTextNodeCommand::create):
        * editing/InsertLineBreakCommand.cpp:
        (WebCore::InsertLineBreakCommand::doApply):
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::mergeWithNeighboringLists):
        (WebCore::InsertListCommand::listifyParagraph):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::performOverwrite):
        (WebCore::InsertTextCommand::doApply):
        (WebCore::InsertTextCommand::insertTab):
        * editing/MergeIdenticalElementsCommand.cpp:
        (WebCore::MergeIdenticalElementsCommand::MergeIdenticalElementsCommand):
        (WebCore::MergeIdenticalElementsCommand::doApply):
        (WebCore::MergeIdenticalElementsCommand::doUnapply):
        (WebCore::MergeIdenticalElementsCommand::getNodesInCommand):
        * editing/MergeIdenticalElementsCommand.h:
        (WebCore::MergeIdenticalElementsCommand::create):
        * editing/RemoveCSSPropertyCommand.cpp: Removed.
        * editing/RemoveCSSPropertyCommand.h: Removed.
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline):
        (WebCore::ReplaceSelectionCommand::doApply):
        (WebCore::ReplaceSelectionCommand::addSpacesForSmartReplace):
        (WebCore::ReplaceSelectionCommand::mergeTextNodesAroundPosition):
        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::appendElement):
        (WebCore::styleFromMatchedRulesAndInlineDecl):
        (WebCore::createMarkupInternal):

2017-05-03  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Treat cells with ARIA table cell properties as cells
        https://bugs.webkit.org/show_bug.cgi?id=171178

        Reviewed by Chris Fleizach.

        Add the following checks to heuristics in AccessibilityTable::isDataTable():
        1. If the author has provided a valid aria-rowcount or aria-colcount value on
           the table element, expose it as a data table.
        2. If the author has provided a valid aria-colindex or aria-rowindex on the
           cell element, expose it as a data table.
        3. If the author has provided a valid aria-rowindex on the row element, expose
           it as a data table.
        4. If the author has provided a value for aria-colspan or aria-rowspan on a cell,
           expose it as a data table (even though we are supposed to ignore the value for
           the purpose of exposing the span via platform accessibility APIs)

        Remove the heuristic that a table with only one cell is "not a good AXTable candidate."
        It prevents us from ever doing the above checks.

        Test: accessibility/minimal-table-with-aria-is-data-table.html

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::isDataTable):

2017-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo] Handle extended colors in gradients
        https://bugs.webkit.org/show_bug.cgi?id=171596

        Reviewed by Michael Catanzaro.

        Check if every gradient color step is an extended color and use asExtended() instead of getRGBA() in such case.

        Fixes: css3/color/gradients.html

        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::Gradient::platformGradient):

2017-05-03  Daniel Bates  <dabates@apple.com>

        Abandon the current load once the provisional loader detaches from the frame
        https://bugs.webkit.org/show_bug.cgi?id=171577
        <rdar://problem/31581227>

        Reviewed by Brent Fulgham and Brady Eidson.

        We detach all child frames as part of setting our document loader to the provisional
        document loader when committing a load for a frame. Detaching child frames invokes
        the unload event handler on the child frames that can run arbitrary JavaScript script.
        Among other things, such script can initiate a new load in the frame whose current
        load is being committed. We should stop processing the current load as soon as we
        detect that updating our document loader has started a new provisional load.

        Test: fast/loader/inner-iframe-loads-data-url-into-parent-on-unload-crash.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::transitionToCommitted):

2017-05-03  Daniel Bates  <dabates@apple.com>

        Cleanup: Remove out-of-date comment and null check from DocumentLoader::detachFromFrame()
        https://bugs.webkit.org/show_bug.cgi?id=171604

        Reviewed by Brady Eidson.

        We no longer want to passively allow DocumentLoader::detachFromFrame() to be called twice.
        It does not make sense to be called twice and should never be called twice. A release assert
        in DocumentLoader::cancelPolicyCheckIfNeeded() (added in r187558) called by DocumentLoader::detachFromFrame()
        enforces this invariant. Therefore we can remove the null check of DocumentLoader::m_frame
        and the comment that explains the purpose of this null check from DocumentLoader::detachFromFrame().

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::detachFromFrame):

2017-05-03  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed attempt to fix the Windows build after r216117.
        https://bugs.webkit.org/show_bug.cgi?id=171601

        * css/CSSAllInOne.cpp:

2017-05-03  Antti Koivisto  <antti@apple.com>

        Rename StyleInvalidationAnalysis to Style::Invalidator
        https://bugs.webkit.org/show_bug.cgi?id=171601

        Reviewed by Žan Doberšek.

        Also move it to the 'style' directory.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/StyleInvalidationAnalysis.cpp: Removed.
        * css/StyleInvalidationAnalysis.h: Removed.
        * dom/ExtensionStyleSheets.cpp:
        * style/AttributeChangeInvalidation.cpp:
        (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants):
        * style/ClassChangeInvalidation.cpp:
        (WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle):
        * style/StyleInvalidator.cpp: Copied from Source/WebCore/css/StyleInvalidationAnalysis.cpp.
        (WebCore::Style::Invalidator::Invalidator):
        (WebCore::Style::Invalidator::invalidateIfNeeded):
        (WebCore::Style::Invalidator::invalidateStyleForTree):
        (WebCore::Style::Invalidator::invalidateStyle):
        (WebCore::shouldDirtyAllStyle): Deleted.
        (WebCore::StyleInvalidationAnalysis::StyleInvalidationAnalysis): Deleted.
        (WebCore::StyleInvalidationAnalysis::invalidateIfNeeded): Deleted.
        (WebCore::StyleInvalidationAnalysis::invalidateStyleForTree): Deleted.
        (WebCore::StyleInvalidationAnalysis::invalidateStyle): Deleted.
        * style/StyleInvalidator.h: Copied from Source/WebCore/css/StyleInvalidationAnalysis.h.
        (WebCore::StyleInvalidationAnalysis::dirtiesAllStyle): Deleted.
        (WebCore::StyleInvalidationAnalysis::hasShadowPseudoElementRulesInAuthorSheet): Deleted.
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::resolver):
        (WebCore::Style::Scope::analyzeStyleSheetChange):

2017-05-02  Andrew Gold  <agold@apple.com>

        Typo in AVAudioSessionCaptureDeviceManager.mm
        https://bugs.webkit.org/show_bug.cgi?id=171572

        Reviewed by Jer Noble.

        We attempt to call +[AVAudioSession sharedSession], but the actual method is 
        called +[AVAudioSession sharedInstance].

        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.mm:
        (WebCore::AVAudioSessionCaptureDeviceManager::refreshAudioCaptureDevices):

2017-05-02  Simon Fraser  <simon.fraser@apple.com>

        Improve scrolling tree logging
        https://bugs.webkit.org/show_bug.cgi?id=171574

        Reviewed by Tim Horton.

        Make a call to showScrollingStateTree() print debugging-related information like node and layer IDs.
        Required fixing scrolling state tree nodes to respect ScrollingStateTreeAsTextBehavior, and fixing
        fixed and sticky nodes to call super.

        Also enhance compositing logging to show layer IDs, and to log for layer scrolling tree registration.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::scrollingStateTreeAsText):
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::dumpProperties):
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::dumpProperties):
        (WebCore::ScrollingStateNode::scrollingStateTreeAsText):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::dumpProperties):
        * page/scrolling/ScrollingStateStickyNode.cpp:
        (WebCore::ScrollingStateStickyNode::dumpProperties):
        * page/scrolling/ScrollingStateTree.cpp:
        (showScrollingStateTree):
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::commitTreeState):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinator):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::logLayerInfo):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):

2017-05-02  Daniel Bates  <dabates@apple.com>

        Using StringView.split() instead of String.split() in some places
        https://bugs.webkit.org/show_bug.cgi?id=170925

        Reviewed by Darin Adler and Sam Weinig.

        Replace some uses of String.split() with StringView.split() (added in r211087) as the latter
        avoids the need to allocate an intermediary Vector of substrings. Instead StringView.split()
        returns an iterator for traversing the substrings.

        No functionality changed. So, no new tests.

        * accessibility/AccessibilityObject.cpp: Convert some typedefs to modern C++ using declarations.
        (WebCore::AccessibilityObject::ariaRoleToWebCoreRole): Modified code to use StringView.split().
        (WebCore::AccessibilityObject::elementsFromAttribute): Ditto.
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById): Added.
        * dom/TreeScope.h:
        * html/LinkRelAttribute.cpp:
        (WebCore::LinkRelAttribute::LinkRelAttribute): Modified code to use StringView.split().
        * html/parser/XSSAuditor.cpp:
        (WebCore::semicolonSeparatedValueContainsJavaScriptURL): Ditto.
        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
        (WebCore::CDMPrivateMediaSourceAVFObjC::createSession): Ditto.
        * platform/network/CacheValidation.cpp:
        (WebCore::collectVaryingRequestHeaders): Simplify code by using the String.split(UChar, Vector<String>&) overload.
        * svg/SVGAnimationElement.cpp:
        (WebCore::parseKeyTimes): Modified code to use StringView.split().
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter): Ditto.
        * testing/Internals.cpp:
        (WebCore::Internals::setMediaSessionRestrictions): Ditto.
        (WebCore::Internals::setMediaElementRestrictions): Ditto.
        (WebCore::Internals::setAudioContextRestrictions): Ditto.
        (WebCore::Internals::setPageMuted): Ditto.
        * testing/Internals.h:

2017-05-02  Gwang Yoon Hwang  <yoon@igalia.com>

        [GTK] Drop coordinated surfaces from the compositing thread as soon as possible
        https://bugs.webkit.org/show_bug.cgi?id=171544

        Reviewed by Žan Doberšek.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
        Remove atlasesToRemove from the GraphicsState. It is not a commit
        state anymore.

2017-05-02  Gwang Yoon Hwang  <yoon@igalia.com>

        [GTK] Recycle textures while handling tiles
        https://bugs.webkit.org/show_bug.cgi?id=171541

        Reviewed by Žan Doberšek.

        * platform/graphics/texmap/TextureMapperTile.h:
        Modified m_texture as a protected member to avoid unnessary
        refcountings from the CoordinatedBackingStore.
        * platform/graphics/texmap/coordinated/CoordinatedSurface.h:
        Use reference instead of RefPtr to pass BitmapTexture

        No new tests since there should be no change in behavior.

2017-05-02  Zalan Bujtas  <zalan@apple.com>

        Defer AX cache update when text content changes until after layout is finished.
        https://bugs.webkit.org/show_bug.cgi?id=171429
        <rdar://problem/31885984>

        Reviewed by Simon Fraser.

        When the content of the RenderText changes (even as the result of a text-transform change)
        instead of updating the AX cache eagerly (and trigger layout on a half-backed render tree)
        we should just defer it until after the subsequent layout is done. 

        Test: accessibility/crash-while-adding-text-child-with-transform.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::remove):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        (WebCore::AXObjectCache::recomputeDeferredIsIgnored):
        (WebCore::AXObjectCache::deferTextChanged):
        (WebCore::AXObjectCache::performDeferredIsIgnoredChange): Deleted.
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::deferTextChanged):
        (WebCore::AXObjectCache::performDeferredCacheUpdate):
        (WebCore::AXObjectCache::performDeferredIsIgnoredChange): Deleted.
        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::setText):

2017-05-02  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove an extraneous call to dispatch_group_async in WebItemProviderPasteboard.mm
        https://bugs.webkit.org/show_bug.cgi?id=171561

        Reviewed by Tim Horton.

        In -[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:], the lifetime of the dispatch group
        `fileLoadingGroup` is already guarded by dispatch_group_enter/leave calls when beginning and concluding an
        item provider load, respectively. As such, the call to dispatch_group_async serves no purpose and should be removed.

        No new tests, since there is no change in behavior.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):

2017-05-02  Youenn Fablet  <youenn@apple.com>

        [LibWebRTC] Set explicitly logging level in debug mode
        https://bugs.webkit.org/show_bug.cgi?id=171562

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::initializePeerConnectionFactoryAndThreads): Setting explictly LibWebRTC logging to Info level for
        debug builds if WebRTC channel is on.

2017-05-02  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Update implementation of aria-orientation
        https://bugs.webkit.org/show_bug.cgi?id=171166

        Reviewed by Chris Fleizach.

        Update AccessibilityRenderObject::orientation() to be consistent with what is
        in the ARIA 1.1 spec. Also add an isTreeGrid() convenience method to be consistent
        with what we do for other roles.

        Test: accessibility/aria-orientation.html

        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::isARIATreeGridRow):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isTreeGrid):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::orientation):

2017-05-02  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION (r211382): Partial right-to-left text runs are painted at an offset (breaks Find indicators, Look Up, and custom ::selection style)
        https://bugs.webkit.org/show_bug.cgi?id=169517
        <rdar://problem/30652443>

        Reviewed by Dean Jackson.

        FontCascade::getGlyphsAndAdvancesForComplexText() is tasked with calculating paint advances for a
        subrange of RTL text. It does this by creating a ComplexTextController, telling it to iterate to
        the beginning of the subrange (outputting to a GlyphBuffer), then telling it to iterate to the end
        of the subrange (outputting to another GlyphBuffer). Because the text is RTL, the sum of the
        advances gathered so far is the distance from the right edge of the text to the left edge of the
        subrange (because we advance in logical order). Therefore, the x-coordinate we are at now is the
        total width minus the sum of both of the GlyphBuffers. For some reason, when I wrote this code I
        forgot to add in the contribution from the first GlyphBuffer. Unfortunately, this particular
        codepath is rarely hit in practice and completely untested, which made me miss it when I wrote it.

        Test: fast/text/complex-text-selection.html

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::getGlyphsAndAdvancesForComplexText):

2017-05-02  Chris Dumez  <cdumez@apple.com>

        [macOS] Flaky Crash under EventTarget::fireEventListeners on imported/blink/paint/deprecatedpaintlayer/non-self-painting-layer-overrides-visibility.html
        https://bugs.webkit.org/show_bug.cgi?id=171406
        <rdar://problem/30945281>

        Reviewed by Eric Carlson.

        I was unfortunately unable to reproduce the flaky crash locally. However, the crash trace
        indicates that one of the EventTarget::scriptExecutionContext() overrides is returning a
        stale ScriptExecutionContext pointer. Since a GenericEventQueue is involved, the EventTarget
        is likely a media-related object. I therefore audited media classes that override
        EventTarget::scriptExecutionContext() and found several that look unsafe. I am fixing those
        by having them override ContextDestructionObserver, instead of having a raw
        ScriptExecutionContext pointer member. This makes sure the pointer gets nulled out whenever
        the scriptexecutioncontext gets destroyed, ensuring that those classes's
        EventTarget::scriptExecutionContext() overrides can never return a stale pointer.

        * Modules/mediasource/SourceBufferList.cpp:
        (WebCore::SourceBufferList::SourceBufferList):
        * Modules/mediasource/SourceBufferList.h:
        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::TextTrack):
        * html/track/TextTrack.h:
        * html/track/TrackListBase.cpp:
        (TrackListBase::TrackListBase):
        * html/track/TrackListBase.h:

2017-05-02  Antti Koivisto  <antti@apple.com>

        Document style resolvers should share user rulesets
        https://bugs.webkit.org/show_bug.cgi?id=171549

        Reviewed by Andreas Kling.

        Large user stylesheets (like those used by ad blockers) can end up using lots of memory if
        a document uses large number of shadow trees. User style is inherently per-document and
        the resulting rulesets can be shared between the document and the shadow trees.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::DocumentRuleSets):
        (WebCore::DocumentRuleSets::userStyle):

            Return per-document user style for shadow trees.

        (WebCore::DocumentRuleSets::collectFeatures):
        * css/DocumentRuleSets.h:
        (WebCore::DocumentRuleSets::setUsesSharedUserStyle):
        (WebCore::DocumentRuleSets::userStyle): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::initializeUserStyle):

            Separate user style initialization from construction.

        * css/StyleResolver.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::resolver):

            Don't initialize user style for user agents shadow trees.

2017-05-02  Myles C. Maxfield  <mmaxfield@apple.com>

        Font Loading API specifies font is loaded but sizing of font after load reports inconsistent values
        https://bugs.webkit.org/show_bug.cgi?id=168533

        Reviewed by Zalan Bujtas.

        Previously, we were marking all local() fonts as immediately successful,
        regardless of whether or not they were present on the system. Instead, we
        should use the load() function to make this determination and mark the font
        as failed if it doesn't exist. (This is, after all, the whole point of the
        load() function). This brings us in-line with Firefox's and Chrome's
        behavior.

        Test: fast/text/font-loading-local.html

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::pump): Remote loading requires the FontSelector,
        but it isn't available for local fonts. Now that load() is called for both
        local and remote fonts, the ASSERT() should be lowered into the load()
        function and scoped to just the case where we have a remote font.
        (WebCore::CSSFontFace::font): Ditto.
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::CSSFontFaceSource): Don't immediatley set
        the success/failure state for local fonts.
        (WebCore::CSSFontFaceSource::load): Move loading logic from font() to
        load(). None of this code is new; it just is moved.
        (WebCore::CSSFontFaceSource::font): Delete code moved to load().
        * css/CSSFontFaceSource.h:
        * css/FontFace.cpp:
        (WebCore::FontFace::create):

2017-05-02  Youenn Fablet  <youenn@apple.com>

        Allow media stream based videos with sound to autoplay if the page is already playing sound
        https://bugs.webkit.org/show_bug.cgi?id=171447

        Reviewed by Eric Carlson.

        Test: http/tests/media/autoplay-if-audio-is-playing.html for ensuring non-mediastream based video will not autoplay.
        Manual testing for the autoplay of media stream based videos since such a test should happen without using getUserMedia.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted):

2017-05-02  Chris Dumez  <cdumez@apple.com>

        Use PassRefPtr less in editing code
        https://bugs.webkit.org/show_bug.cgi?id=171534

        Reviewed by Geoffrey Garen.

        Use PassRefPtr less in editing code.

        * editing/AppendNodeCommand.cpp:
        (WebCore::AppendNodeCommand::AppendNodeCommand):
        (WebCore::AppendNodeCommand::getNodesInCommand):
        * editing/AppendNodeCommand.h:
        (WebCore::AppendNodeCommand::create):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::surroundNodeRangeWithElement):
        (WebCore::ApplyStyleCommand::positionToComputeInlineStyleChange):
        * editing/BreakBlockquoteCommand.cpp:
        (WebCore::BreakBlockquoteCommand::doApply):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::insertNodeBefore):
        (WebCore::CompositeEditCommand::insertNodeAfter):
        (WebCore::CompositeEditCommand::insertNodeAt):
        (WebCore::CompositeEditCommand::appendNode):
        (WebCore::CompositeEditCommand::moveRemainingSiblingsToNewParent):
        (WebCore::CompositeEditCommand::mergeIdenticalElements):
        (WebCore::CompositeEditCommand::insertNodeAtTabSpanPosition):
        (WebCore::CompositeEditCommand::appendBlockPlaceholder):
        (WebCore::CompositeEditCommand::insertBlockPlaceholder):
        (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
        (WebCore::CompositeEditCommand::insertNewDefaultParagraphElementAt):
        (WebCore::CompositeEditCommand::cloneParagraphUnderNewElement):
        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/CompositeEditCommand.h:
        * editing/CreateLinkCommand.cpp:
        (WebCore::CreateLinkCommand::doApply):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
        (WebCore::DeleteSelectionCommand::mergeParagraphs):
        * editing/FormatBlockCommand.cpp:
        (WebCore::FormatBlockCommand::formatRange):
        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::tryIndentingAsListItem):
        (WebCore::IndentOutdentCommand::indentIntoBlockquote):
        (WebCore::IndentOutdentCommand::outdentParagraph):
        * editing/InsertLineBreakCommand.cpp:
        (WebCore::InsertLineBreakCommand::doApply):
        * editing/InsertLineBreakCommand.h:
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::fixOrphanedListChild):
        (WebCore::InsertListCommand::doApplyForSingleParagraph):
        (WebCore::InsertListCommand::unlistifyParagraph):
        (WebCore::InsertListCommand::listifyParagraph):
        * editing/InsertListCommand.h:
        * editing/InsertNodeBeforeCommand.cpp:
        (WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand):
        (WebCore::InsertNodeBeforeCommand::doApply):
        (WebCore::InsertNodeBeforeCommand::doUnapply):
        (WebCore::InsertNodeBeforeCommand::getNodesInCommand):
        * editing/InsertNodeBeforeCommand.h:
        (WebCore::InsertNodeBeforeCommand::create):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::cloneHierarchyUnderNewBlock):
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/InsertParagraphSeparatorCommand.h:
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::positionInsideTextNode):
        (WebCore::InsertTextCommand::insertTab):
        * editing/ModifySelectionListLevel.cpp:
        (WebCore::ModifySelectionListLevelCommand::insertSiblingNodeRangeBefore):
        (WebCore::ModifySelectionListLevelCommand::insertSiblingNodeRangeAfter):
        (WebCore::ModifySelectionListLevelCommand::appendSiblingNodeRange):
        (WebCore::IncreaseSelectionListLevelCommand::doApply):
        * editing/RemoveNodePreservingChildrenCommand.cpp:
        (WebCore::RemoveNodePreservingChildrenCommand::doApply):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
        (WebCore::ReplaceSelectionCommand::mergeEndIfNeeded):
        (WebCore::ReplaceSelectionCommand::doApply):
        (WebCore::ReplaceSelectionCommand::addSpacesForSmartReplace):
        (WebCore::ReplaceSelectionCommand::insertAsListItems):
        * editing/SimplifyMarkupCommand.cpp:
        (WebCore::SimplifyMarkupCommand::pruneSubsequentAncestorsToRemove):

2017-05-02  Ben Kelly <ben@wanderview.com>

        Set Response.blob() type correctly when body is a ReadableStream.
        https://bugs.webkit.org/show_bug.cgi?id=171489

        Reviewed by Youenn Fablet

        The Fetch API specification requires setting the blob contentType
        using the Content-Type header value, if present.  Currently WebKit
        only sets the type on the FetchBodyConsumer when FetchBody::blob()
        is called.  Unfortunately, this is never called if the body is
        actually a ReadableStream.

        This change allows WebKit to pass the "Consume response's body: from
        stream to blob" case in the WPT response-consume.html test.

        Test: http://w3c-test.org/fetch/api/response/response-consume.html

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::startConsumingStream): Modified to call
        FetchBodyConsumer::setContentType() before processing the stream.

2017-05-02  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216069.

        This change broke the build.

        Reverted changeset:

        "Document style resolvers should share user rulesets"
        https://bugs.webkit.org/show_bug.cgi?id=171549
        http://trac.webkit.org/changeset/216069

2017-05-02  Antti Koivisto  <antti@apple.com>

        Document style resolvers should share user rulesets
        https://bugs.webkit.org/show_bug.cgi?id=171549

        Reviewed by Andreas Kling.

        Large user stylesheets (like those used by ad blockers) can end up using lots of memory if
        a document uses large number of shadow trees. User style is inherently per-document and
        the resulting rulesets can be shared between the document and the shadow trees.

        * css/DocumentRuleSets.cpp:
        (WebCore::DocumentRuleSets::DocumentRuleSets):
        (WebCore::DocumentRuleSets::userStyle):

            Return per-document user style for shadow trees.

        (WebCore::DocumentRuleSets::collectFeatures):
        * css/DocumentRuleSets.h:
        (WebCore::DocumentRuleSets::setUsesSharedUserStyle):
        (WebCore::DocumentRuleSets::userStyle): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::initializeUserStyle):

            Separate user style initialization from construction.

        * css/StyleResolver.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::resolver):

            Don't initialize user style for user agents shadow trees.

2017-05-02  Gwang Yoon Hwang  <yoon@igalia.com>

        [GTK] Remove undefined nativeImage method from the ImageBuffer's header
        https://bugs.webkit.org/show_bug.cgi?id=171502

        Unreviewed, remove a dead code accidentally committed in r194630.

        * platform/graphics/ImageBuffer.h: Remove nativeImage method.
        It is accidentally added during a refectorying at r194630, and there is
        no definition for this method.

2017-05-02  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Dailymotion live stream videos don't play
        https://bugs.webkit.org/show_bug.cgi?id=170767

        Reviewed by Sergio Villar Senin.

        The video shows a message saying that an error occurred and nothing is played. There are actually several
        problems with dailymotion. The main issue is that URLs are redirected by the server, and GStreamer needs to
        know the redirected URL. Once GStreamer knows the redirected URL the error message no longer appears, the video
        starts but it always stops after a few seconds. This is because the source receives an early EOS while still
        downloading the fragments. The reason of the early EOS is because dailymotion sends a wrong Content-Length header,
        something that is expected to happen and we correctly handle that case when receiving the data, by updating the
        size accordingly if the bytes received are longer than the expected content length. This particular case
        doesn't work well with GStreamer automatic EOS handling, which is the default. At some point, GStreamer detects
        that the bytes received are at least the expected ones and emits a GST_EVENT_EOS that the GstUriDownloader
        handles finishing the download early. We should always disable automatic EOS, since we know when EOS actually
        happens and we already call gst_app_src_end_of_stream(). This patch also emits a GST_EVENT_CUSTOM_DOWNSTREAM_STICKY
        event to let GStreamer know about the HTTP headers sent and received.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init): Disable automatic EOS.
        (webKitWebSrcGetProperty): Return the redirected URL in case of redirection.
        (webKitWebSrcStart): Pass the ResourceRequest to the stream clients.
        (webKitWebSrcQueryWithParent): Set the redirected URL in the query in case of redirection.
        (webKitWebSrcSetUri): Clear also the redirected URL when setting a new URI.
        (StreamingClient::StreamingClient): Use GRefPtr for the source and initialize the request too.
        (StreamingClient::~StreamingClient): Remove explicit unref.
        (StreamingClient::createReadBuffer):
        (StreamingClient::handleResponseReceived): Initialize the redirected URL in case of redirection. Create and push
        the HTTP headers event.
        (StreamingClient::handleDataReceived):
        (StreamingClient::handleNotifyFinished):
        (CachedResourceStreamingClient::CachedResourceStreamingClient):
        (CachedResourceStreamingClient::responseReceived):
        (CachedResourceStreamingClient::accessControlCheckFailed):
        (CachedResourceStreamingClient::loadFailed):
        (ResourceHandleStreamingClient::ResourceHandleStreamingClient):
        (ResourceHandleStreamingClient::didFail):
        (ResourceHandleStreamingClient::wasBlocked):
        (ResourceHandleStreamingClient::cannotShowURL):

2017-05-02  Youenn Fablet  <youenn@apple.com>

        Adding logging to RTCPeerConnection to allow WebRTC application debugging
        https://bugs.webkit.org/show_bug.cgi?id=171531

        Reviewed by Jon Lee.

        No change of behavior.
        This allows easier debugging of webrtc-enabled web pages.

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::PeerConnectionBackend::createOfferFailed):
        (WebCore::PeerConnectionBackend::createAnswerSucceeded):
        (WebCore::PeerConnectionBackend::createAnswerFailed):
        (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
        (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
        (WebCore::PeerConnectionBackend::addIceCandidateFailed):
        (WebCore::PeerConnectionBackend::newICECandidate):
        (WebCore::PeerConnectionBackend::doneGatheringCandidates):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::queuedCreateOffer):
        (WebCore::RTCPeerConnection::queuedCreateAnswer):
        (WebCore::RTCPeerConnection::queuedSetLocalDescription):
        (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):

2017-04-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crash at WebCore::ResourceHandle::clearClient() when streaming live video from dailymotion
        https://bugs.webkit.org/show_bug.cgi?id=169725

        Reviewed by Michael Catanzaro.

        Make ResourceHandleStreamingClient refcounted and add an invalidate method to do the cleanup in the networking
        thread while keeping a reference.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcStop): Call invalidate before reseting client pointer.
        (webKitWebSrcStart): Ditto.
        (ResourceHandleStreamingClient::ResourceHandleStreamingClient): Remove all cleanup code after the run loop run call.
        (ResourceHandleStreamingClient::~ResourceHandleStreamingClient): Just detach the thread.
        (ResourceHandleStreamingClient::invalidate): Schedule a task on the networking thread to clean up and fiish the
        run loop, protecting this.
        (ResourceHandleStreamingClient::setDefersLoading): Protect this.
        (ResourceHandleStreamingClient::didReceiveResponse): Do nothing if client was invalidated.
        (ResourceHandleStreamingClient::didReceiveBuffer): Ditto.
        (ResourceHandleStreamingClient::didFinishLoading): Ditto.

2017-05-01  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] ECDSA signing and verification support
        https://bugs.webkit.org/show_bug.cgi?id=171103

        Reviewed by Carlos Garcia Campos.

        Implement WebCrypto ECDSA support for configurations that
        are using libgcrypt.

        For signing, the provided data is first hashed with the specified
        digest algorithm and embedded into a data s-expression. It's then
        passed to gcry_pk_sign() along with the private key, returning a
        sig-val s-expression. The r and s parameters are then retrieved from
        that sig-val and their data extracted and concatenated in the output
        Vector<>.

        For verification, the data is again hashed and embedded into a data
        s-expression. The r and s parameters are extracted from the passed-in
        signature Vector<> and embedded into a sig-val s-expression. The data
        and sig-val s-expressions are then passed to gcry_pk_verify() along
        with the public key. The verification succeeds if no error is returned
        and fails if the returned error code is GPG_ERR_BAD_SIGNATURE.

        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp:
        (WebCore::hashCryptoDigestAlgorithm):
        (WebCore::hashAlgorithmName):
        (WebCore::mpiData):
        (WebCore::gcryptSign):
        (WebCore::gcryptVerify):
        (WebCore::CryptoAlgorithmECDSA::platformSign):
        (WebCore::CryptoAlgorithmECDSA::platformVerify):

2017-05-01  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] HKDF bit derivation support
        https://bugs.webkit.org/show_bug.cgi?id=171074

        Reviewed by Michael Catanzaro.

        Implement bit derivation support for the HKDF algorithm for configurations
        that use libgcrypt.

        libgcrypt doesn't provide HKDF support out of the box, so we have to
        implement the two steps manually. In the first one, we retrieve the
        pseudo-random key by using the specified MAC algorithm with the salt data
        as the key and the key data as the input keying material.

        In the expand step, we do the required amount of iterations to derive
        a sufficient amount of data, using the same MAC algorithm with the
        pseudo-random key from the previous step on the data we compose from the
        previous block data, the info data, and the current iteration value. The
        resulting blocks are appended together until they can be clipped to the
        desired output length.

        * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp:
        (WebCore::macAlgorithmForHashFunction):
        (WebCore::gcryptDeriveBits):
        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):

2017-05-01  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] ECDH bit derivation support
        https://bugs.webkit.org/show_bug.cgi?id=171070

        Reviewed by Michael Catanzaro.

        Implement bit derivation support for the ECDH algorithm for configurations
        that use libgcrypt.

        This is done by retrieving the private key data and wrapping it in a new
        data s-expression. That's then encrypted with the public key, and the
        returned s-expression contains the shared point data. That data is then
        decoded into an EC point, from which the x-coordinate is retrieved. This
        coordinate data is finally our bit derivation result.

        * crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp:
        (WebCore::gcryptDerive):
        (WebCore::CryptoAlgorithmECDH::platformDeriveBits):

2017-05-01  Youenn Fablet  <youenn@apple.com>

        Ensure RealtimeOutgoingVideoSource sends a black frame when its related source is muted
        https://bugs.webkit.org/show_bug.cgi?id=171497

        Reviewed by Eric Carlson.

        Covered by updated test.

        When the track is being muted or disabled, send a black frame explicitly.
        VideoToolBox sometimes does not output a frame until it receives the other.
        That is why we end up sending two frames, the second asynchronously so that libwebrtc will not skip it.
        Also storing the rotation so that we keep the same rotation for black frames.
        Storing width and height for consistency as well.

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::RealtimeOutgoingVideoSource):
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        (WebCore::RealtimeOutgoingVideoSource::stop):
        (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
        (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
        (WebCore::RealtimeOutgoingVideoSource::setSizeFromSource):
        (WebCore::RealtimeOutgoingVideoSource::sendBlackFrame):
        (WebCore::RealtimeOutgoingVideoSource::sendFrame):
        (WebCore::RealtimeOutgoingVideoSource::videoSampleAvailable):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:

2017-05-01  Joseph Pecoraro  <pecoraro@apple.com>

        Simplify Resource Timing handling of cached resource
        https://bugs.webkit.org/show_bug.cgi?id=171526

        Reviewed by Youenn Fablet.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::init):
        (WebCore::SubresourceLoader::reportResourceTiming):
        Use auto in ResourceTiming construction.
        Eliminate an outdated comment.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        We can avoid the checks around the request.origin. It should already
        be the cases we were checking and asserting because of login in
        CachedResourceLoader::prepareFetch.

2017-05-01  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r216024.

        This change caused ios-simulator LayoutTests to exit early
        with assertion failures.

        Reverted changeset:

        "Add audio device change notifications to AudioSession."
        https://bugs.webkit.org/show_bug.cgi?id=171403
        http://trac.webkit.org/changeset/216024

2017-05-01  Timothy Horton  <timothy_horton@apple.com>

        Expose viewport-fit instead of clip-to-safe-area
        https://bugs.webkit.org/show_bug.cgi?id=171503
        <rdar://problem/31918249>

        Reviewed by Simon Fraser.

        Tests: fast/viewport/ios/viewport-fit-auto.html
               fast/viewport/ios/viewport-fit-contain.html
               fast/viewport/ios/viewport-fit-cover.html

        * dom/ConstantPropertyMap.cpp:
        (WebCore::ConstantPropertyMap::buildValues):
        (WebCore::ConstantPropertyMap::updateConstantsForUnobscuredSafeAreaInsets):
        (WebCore::ConstantPropertyMap::didChangeSafeAreaInsets):
        (WebCore::ConstantPropertyMap::updateConstantsForObscuredInsets): Deleted.
        (WebCore::ConstantPropertyMap::didChangeObscuredInsets): Deleted.
        * dom/ConstantPropertyMap.h:
        Retrieve the safe area insets from page, instead of assuming that we should
        just expose the entire obscured inset. Also, do some renames.

        * dom/ViewportArguments.cpp:
        (WebCore::ViewportArguments::resolve):
        (WebCore::parseViewportFitValue):
        (WebCore::setViewportFeature):
        * dom/ViewportArguments.h:
        (WebCore::ViewportArguments::operator==):
        * page/ChromeClient.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::enableSpeculativeTilingIfNeeded):
        (WebCore::FrameView::calculateExtendedBackgroundMode):
        (WebCore::FrameView::setClipToSafeArea): Deleted.
        * page/FrameView.h:
        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::updateConfiguration):
        (WebCore::operator<<):
        (WebCore::ViewportConfiguration::description):
        (WebCore::ViewportConfiguration::dump):
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::avoidsUnsafeArea):
        (WebCore::ViewportConfiguration::Parameters::Parameters):
        (WebCore::ViewportConfiguration::clipToSafeArea): Deleted.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateRootContentLayerClipping):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintUsingContainer):
        Un-do changes to support clip-to-safe-area, and instead implement
        a new viewport-fit argument in the viewport meta tag, which takes
        "auto", "contain", and "cover". "auto" and "contain" cause web content
        to lay out excluding the safe area inset from the layout size, while
        "cover" causes web content to expand into the unsafe area.

        * page/Page.cpp:
        (WebCore::Page::setUnobscuredSafeAreaInsets):
        (WebCore::Page::setObscuredInsets): Deleted.
        * page/Page.h:
        (WebCore::Page::setObscuredInsets):
        (WebCore::Page::unobscuredSafeAreaInsets):
        Keep safe area and obscured insets separately.

2017-05-01  Chris Dumez  <cdumez@apple.com>

        Documents created using DOMParser.parseFromString should inherit their context document's origin / URL
        https://bugs.webkit.org/show_bug.cgi?id=171499

        Reviewed by Sam Weinig.

        Documents created using DOMParser.parseFromString should inherit their context document's
        origin / URL:
        - https://w3c.github.io/DOM-Parsing/#dom-domparser-parsefromstring

        Test: fast/dom/domparser-parsefromstring-origin.html

        * xml/DOMParser.cpp:
        (WebCore::DOMParser::parseFromString):

2017-05-01  Ross Kirsling  <ross.kirsling@sony.com>

        Web Inspector: ASSERT(!m_startedComposite) fails when recording on non-Cocoa Timeline
        https://bugs.webkit.org/show_bug.cgi?id=171363

        Reviewed by Matt Baker.

        * page/FrameView.cpp:
        (WebCore::FrameView::flushCompositingStateIncludingSubframes): Add PLATFORM(COCOA) guard.

2017-05-01  David Kilzer  <ddkilzer@apple.com>

        Stop using strcpy() in fullyQualifiedInfoTableName() from Database.cpp
        <https://webkit.org/b/171517>

        Reviewed by Brady Eidson.

        * Modules/webdatabase/Database.cpp:
        (WebCore::fullyQualifiedInfoTableName): Switch from strcpy() to
        snprintf().

2017-05-01  Chris Fleizach  <cfleizach@apple.com>

        AX: Support time@datetime for verbosity clarification of dates, times, and durations
        https://bugs.webkit.org/show_bug.cgi?id=171498
        <rdar://problem/12985540>

        Reviewed by Joanmarie Diggs.

        Expose the datetime attribute value.

        Test: accessibility/datetime-attribute.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::datetimeAttributeValue):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        (-[WebAccessibilityObjectWrapper accessibilityDatetimeValue]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2017-05-01  Joseph Pecoraro  <pecoraro@apple.com>

        RejectedPromiseTracker should produce better callstacks and avoid capturing callstacks unless there is a debugger/inspector
        https://bugs.webkit.org/show_bug.cgi?id=171416
        <rdar://problem/31899425>

        Reviewed by Saam Barati and Brian Burg.

        Test: inspector/console/message-stack-trace.html

        * dom/RejectedPromiseTracker.cpp:
        (WebCore::UnhandledPromise::UnhandledPromise):
        (WebCore::UnhandledPromise::callStack):
        Switch to RefPtr to allow not capturing the stack.

        (WebCore::createScriptCallStackFromReason):
        Use the VM's lastException if the value in the exception is the
        rejected promise value. Using the Exception call stack is important
        because uncaught exceptions in promise rejections trigger a built-in
        try/catch and re-enter JavaScript before passing the Error through
        to the RejectionTracker. When possible, we don't want to capture the
        new stack originating from the try/catch. Instead, we want the stack
        from before the try/catch when the error was created.

        * dom/ScriptExecutionContext.h:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::reportUnhandledPromiseRejection):
        Switch to a pointer since the stack could be empty.

2017-05-01  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix after r216033.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):

2017-05-01  Jer Noble  <jer.noble@apple.com>

        Use AVAudioSession to enumerate audio capture devices on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170861
        <rdar://problem/31653658>

        Reviewed by Eric Carlson.

        Hook up the new AVAudioSessionCaptureDeviceManager class to CoreAudioCaptureSource and to the (increasingly ill-named)
        RealtimeMediaSourceCenterMac.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture):

2017-05-01  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Expose values of aria-rowcount, aria-colcount, aria-rowindex, aria-colindex, aria-rowspan, and aria-colspan as object attributes
        https://bugs.webkit.org/show_bug.cgi?id=171496

        Reviewed by Chris Fleizach.

        Expose valid, author-provided values as an object attribute. In order to distinguish
        author-provided values from the default returned by WebCore Accessibility (1), change
        the default return value to -1. We cannot return 0 because the ARIA spec states that
        0 is a valid value for authors to provide to indicate that the cell spans the remaining
        rows in the row group.

        Also removed some legacy code. The "layout-guess" attribute was needed and expected
        as a way for AT-SPI2-based assistive technologies to identify layout tables. WebCore
        Accessibility does not expose tables which are purely for layout as accessible tables,
        and WebKitGtk uses that implementation, thus this attribute is no longer relevant.

        No new tests. Unskipped existing test which is now passing.

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::ariaRowSpanWithRowIndex):
        (WebCore::AccessibilityARIAGridCell::columnIndexRange):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::ariaColumnSpan):
        (WebCore::AccessibilityTableCell::ariaRowSpan):
        * accessibility/AccessibilityTableCell.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):

2017-05-01  Jer Noble  <jer.noble@apple.com>

        Add audio device change notifications to AudioSession.
        https://bugs.webkit.org/show_bug.cgi?id=171403

        Reviewed by Eric Carlson.

        Add notifications to AudioSession which fire when the current input and output audio devices
        change. Also add a notification when audio services are lost (which will only fire on iOS).
        Take this opportunity to make the existing hardwareMutedStateDidChange() notification be
        platform agnostic, to move the outputDeviceSupportsLowPowerMode() code from AudioHardwareListener,
        and to do a few more clean-ups of the AudioSession code.

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        * html/HTMLMediaElement.h:
        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::AudioSession):
        * platform/audio/AudioSession.h:
        (WebCore::AudioSession::Observer::hardwareMutedStateDidChange):
        (WebCore::AudioSession::Observer::audioInputDeviceChanged):
        (WebCore::AudioSession::Observer::audioOutputDeviceChanged):
        (WebCore::AudioSession::Observer::audioServicesLost):
        (WebCore::AudioSession::Observer::audioServicesReset):
        (WebCore::AudioSession::MutedStateObserver::~MutedStateObserver): Deleted.
        * platform/audio/ios/AudioSessionIOS.mm:
        (WebCore::AudioSessionPrivate::AudioSessionPrivate):
        (WebCore::AudioSession::AudioSession):
        (WebCore::AudioSession::setCategoryOverride):
        (WebCore::AudioSession::categoryOverride):
        (WebCore::AudioSession::isMuted):
        (WebCore::AudioSession::outputDeviceSupportsLowPowerMode):
        (WebCore::AudioSession::addObserver):
        (WebCore::AudioSession::removeObserver):
        * platform/audio/mac/AudioSessionMac.mm: Renamed from Source/WebCore/platform/audio/mac/AudioSessionMac.cpp.
        (WebCore::defaultDevice):
        (WebCore::AudioSessionPrivate::AudioSessionPrivate):
        (WebCore::AudioSession::AudioSession):
        (WebCore::AudioSession::~AudioSession):
        (WebCore::AudioSession::category):
        (WebCore::AudioSession::setCategory):
        (WebCore::AudioSession::categoryOverride):
        (WebCore::AudioSession::setCategoryOverride):
        (WebCore::AudioSession::sampleRate):
        (WebCore::AudioSession::bufferSize):
        (WebCore::AudioSession::numberOfOutputChannels):
        (WebCore::AudioSession::tryToSetActive):
        (WebCore::AudioSession::preferredBufferSize):
        (WebCore::AudioSession::setPreferredBufferSize):
        (WebCore::AudioSession::isMuted):
        (WebCore::currentDeviceSupportsLowPowerBufferSize):
        (WebCore::AudioSession::outputDeviceSupportsLowPowerMode):
        (WebCore::AudioSession::addObserver):
        (WebCore::AudioSession::removeObserver):

2017-05-01  Chris Dumez  <cdumez@apple.com>

        Do not dispatch SVG load event in frameless documents
        https://bugs.webkit.org/show_bug.cgi?id=171505
        <rdar://problem/31799776>

        Reviewed by Andreas Kling.

        We should not dispatch SVG load events in frameless documents. <https://trac.webkit.org/changeset/173028/webkit>
        took care of most load events but forgot the SVG load event.

        Test: fast/dom/domparser-parsefromstring-svg-load-event.html

        * dom/Document.cpp:
        (WebCore::Document::implicitClose):

2017-05-01  Chris Dumez  <cdumez@apple.com>

        Remove some usage of PassRefPtr in editing code
        https://bugs.webkit.org/show_bug.cgi?id=171490

        Reviewed by Darin Adler.

        Remove some usage of PassRefPtr in editing code.

        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::markersInRange):
        (DocumentMarkerController::hasMarkers):
        (DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange):
        * dom/DocumentMarkerController.h:
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::isSpellingMarkerAllowed):
        (WebCore::AlternativeTextController::show):
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        (WebCore::AlternativeTextController::timerFired):
        (WebCore::AlternativeTextController::handleAlternativeTextUIResult):
        (WebCore::AlternativeTextController::recordAutocorrectionResponse):
        (WebCore::AlternativeTextController::markReversed):
        (WebCore::AlternativeTextController::markCorrection):
        (WebCore::AlternativeTextController::recordSpellcheckerResponseForModifiedCorrection):
        (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
        (WebCore::AlternativeTextController::applyDictationAlternative):
        * editing/AlternativeTextController.h:
        (WebCore::AlternativeTextController::UNLESS_ENABLED):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::createFontElement):
        (WebCore::createStyleSpanElement):
        (WebCore::ApplyStyleCommand::ApplyStyleCommand):
        (WebCore::copyStyleOrCreateEmpty):
        (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange):
        (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
        (WebCore::ApplyStyleCommand::removeConflictingInlineStyleFromRun):
        (WebCore::ApplyStyleCommand::removeInlineStyleFromElement):
        (WebCore::ApplyStyleCommand::highestAncestorWithConflictingInlineStyle):
        (WebCore::ApplyStyleCommand::applyInlineStyleToPushDown):
        (WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode):
        (WebCore::ApplyStyleCommand::removeInlineStyle):
        (WebCore::ApplyStyleCommand::shouldSplitTextElement):
        (WebCore::ApplyStyleCommand::surroundNodeRangeWithElement):
        (WebCore::ApplyStyleCommand::addInlineStyleIfNeeded):
        (WebCore::ApplyStyleCommand::positionToComputeInlineStyleChange):
        (WebCore::ApplyStyleCommand::applyInlineStyleChange):
        * editing/ApplyStyleCommand.h:
        (WebCore::ApplyStyleCommand::create):
        (WebCore::ApplyStyleCommand::shouldRemoveInlineStyleFromElement):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::applyCommandToComposite):
        (WebCore::CompositeEditCommand::applyStyledElement):
        (WebCore::CompositeEditCommand::removeStyledElement):
        (WebCore::CompositeEditCommand::replaceElementWithSpanPreservingChildrenAndAttributes):
        (WebCore::CompositeEditCommand::inputText):
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        (WebCore::CompositeEditCommand::pushAnchorElementDown):
        * editing/CompositeEditCommand.h:
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection):
        * editing/DictationCommand.cpp:
        (WebCore::DictationCommand::insertTextRunWithoutNewlines):
        * editing/EditingStyle.cpp:
        (WebCore::copyEditingProperties):
        (WebCore::copyPropertiesFromComputedStyle):
        (WebCore::extractPropertyValue):
        (WebCore::HTMLAttributeEquivalent::attributeValueAsCSSValue):
        (WebCore::HTMLFontSizeEquivalent::attributeValueAsCSSValue):
        (WebCore::EditingStyle::setStyle):
        (WebCore::EditingStyle::copy):
        (WebCore::EditingStyle::extractAndRemoveBlockProperties):
        (WebCore::EditingStyle::extractAndRemoveTextDirection):
        (WebCore::EditingStyle::mergeInlineStyleOfElement):
        (WebCore::extractEditingProperties):
        (WebCore::EditingStyle::styleAtSelectionStart):
        (WebCore::getPropertiesNotIn):
        * editing/EditingStyle.h:
        * editing/Editor.cpp:
        (WebCore::Editor::handleTextEvent):
        (WebCore::Editor::replaceSelectionWithFragment):
        (WebCore::Editor::insertOrderedList):
        (WebCore::Editor::insertUnorderedList):
        (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
        (WebCore::correctSpellcheckingPreservingTextCheckingParagraph):
        (WebCore::Editor::markAndReplaceFor):
        (WebCore::Editor::changeBackToReplacedString):
        (WebCore::Editor::updateMarkersForWordsAffectedByEditing):
        (WebCore::Editor::rangeForPoint):
        * editing/Editor.h:
        * editing/ModifySelectionListLevel.cpp:
        (WebCore::IncreaseSelectionListLevelCommand::increaseSelectionListLevel):
        (WebCore::IncreaseSelectionListLevelCommand::increaseSelectionListLevelOrdered):
        (WebCore::IncreaseSelectionListLevelCommand::increaseSelectionListLevelUnordered):
        * editing/ModifySelectionListLevel.h:
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::requestCheckingFor):
        (WebCore::SpellChecker::didCheckSucceed):
        * editing/SpellChecker.h:
        (WebCore::SpellCheckRequest::checkingRange):
        (WebCore::SpellCheckRequest::paragraphRange):
        (WebCore::SpellCheckRequest::rootEditableElement):
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::SpellingCorrectionCommand):
        (WebCore::SpellingCorrectionCommand::willApplyCommand):
        (WebCore::SpellingCorrectionCommand::doApply):
        (WebCore::SpellingCorrectionCommand::targetRanges):
        * editing/SpellingCorrectionCommand.h:
        (WebCore::SpellingCorrectionCommand::create):
        * editing/SurroundingText.h:
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingParagraph::expandRangeToNextEnd):
        (WebCore::TextCheckingParagraph::rangeLength):
        (WebCore::TextCheckingParagraph::paragraphRange):
        (WebCore::TextCheckingParagraph::subrange):
        (WebCore::TextCheckingParagraph::offsetTo):
        (WebCore::TextCheckingParagraph::offsetAsRange):
        (WebCore::TextCheckingParagraph::text):
        (WebCore::TextCheckingParagraph::checkingStart):
        * editing/TextCheckingHelper.h:
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::insertTextRunWithoutNewlines):
        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverterCaches::computedStylePropertyForElement):
        (HTMLConverterCaches::inlineStylePropertyForElement):
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot):

2017-05-01  Jer Noble  <jer.noble@apple.com>

        Add notifications from CaptureDeviceManager (and subclasses) when device lists change
        https://bugs.webkit.org/show_bug.cgi?id=171442

        Reviewed by Youenn Fablet.

        Add a new callback-based notification to CaptureDeviceManager which fires when the underlying list
        of devices changes. Add support for enumerating AVAudioSession capture devices.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/CaptureDeviceManager.cpp:
        (nextObserverToken):
        (CaptureDeviceManager::addCaptureDeviceChangedObserver):
        (CaptureDeviceManager::removeCaptureDeviceChangedObserver):
        * platform/mediastream/CaptureDeviceManager.h:
        * platform/mediastream/ios/AVAudioSessionCaptureDevice.h: Added.
        * platform/mediastream/ios/AVAudioSessionCaptureDevice.mm: Added.
        (WebCore::AVAudioSessionCaptureDevice::create):
        (WebCore::AVAudioSessionCaptureDevice::AVAudioSessionCaptureDevice):
        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.h: Added.
        * platform/mediastream/ios/AVAudioSessionCaptureDeviceManager.mm: Added.
        (-[WebAVAudioSessionAvailableInputsListener initWithCallback:]):
        (-[WebAVAudioSessionAvailableInputsListener invalidate]):
        (-[WebAVAudioSessionAvailableInputsListener observeValueForKeyPath:ofObject:change:context:]):
        (WebCore::AVAudioSessionCaptureDeviceManager::singleton):
        (WebCore::AVAudioSessionCaptureDeviceManager::captureDevices):
        (WebCore::AVAudioSessionCaptureDeviceManager::audioSessionCaptureDevices):
        (WebCore::AVAudioSessionCaptureDeviceManager::audioSessionDeviceWithUID):
        (WebCore::AVAudioSessionCaptureDeviceManager::refreshAudioCaptureDevices):
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::deviceConnected):
        (WebCore::AVCaptureDeviceManager::deviceDisconnected):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::devicesChanged):

2017-05-01  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: AccessibilityTable::ariaRowCount() and ariaColumnCount() should not return -1 unless that is the author-provided value
        https://bugs.webkit.org/show_bug.cgi?id=171475

        Reviewed by Chris Fleizach.

        If the author has provided a valid value, return it. Otherwise, return 0.

        No new tests needed. Update existing test expectations to reflect the change.

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::ariaColumnCount):
        (WebCore::AccessibilityTable::ariaRowCount):

2017-05-01  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Implement support for ARIA "figure" and "term" roles; update AXRoleDescription mapping for "feed" role
        https://bugs.webkit.org/show_bug.cgi?id=171183

        Reviewed by Chris Fleizach.

        Create FeedRole, FigureRole, and TermRole and map them on the Mac and Gtk
        ports. Also rename AccessibilityObject::isFigure() to isFigureElement()
        for clarity as this method is specific to the HTML element and not the role.

        No new tests needed: We have existing tests that cover mappings. Add new test cases
        to roles-exposed.html, xml-roles-exposed.html, and roles-computedRoleString.html.

        * English.lproj/Localizable.strings:
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::captionForFigure):
        (WebCore::AccessibilityNodeObject::alternativeText):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::isFigureElement): Added.
        (WebCore::AccessibilityObject::isFigure): Deleted.
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
        (WebCore::AccessibilityRenderObject::titleUIElement):
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper roleDescription]):
        * platform/LocalizedStrings.cpp:
        (WebCore::AXFeedText):
        * platform/LocalizedStrings.h:

2017-04-30  Chris Dumez  <cdumez@apple.com>

        Drop support for legacy ClientRect / ClientRectList
        https://bugs.webkit.org/show_bug.cgi?id=171418

        Reviewed by Sam Weinig.

        Drop support for legacy ClientRect / ClientRectList types now we use
        DOMRect everywhere.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/ClientRect.cpp: Removed.
        * dom/ClientRect.h: Removed.
        * dom/ClientRect.idl: Removed.
        * dom/ClientRectList.cpp: Removed.
        * dom/ClientRectList.h: Removed.
        * dom/ClientRectList.idl: Removed.
        * dom/DOMAllInOne.cpp:
        * dom/Element.cpp:
        * html/HTMLMediaElement.cpp:
        * html/track/VTTRegion.cpp:
        * page/DragController.cpp:

2017-04-30  Zalan Bujtas  <zalan@apple.com>

        Initialize a new layout state while bailing out of simple line layout only when needed.
        https://bugs.webkit.org/show_bug.cgi?id=171481
        <rdar://problem/31906382>

        '-webkit-border-fit: lines' requires inline box tree.
        We normally bail out of simple line layout early when we see this property. 
        When this property is dynamically set and we already have a simple line layout context,
        RenderBlockFlow::ensureLineBoxes() takes care of the switch by calling layoutLineBoxes().
        This patch makes sure that we create the layout state for this (forced)line layout only when
        we don't yet have one.

        Reviewed by Antti Koivisto.

        Test: fast/multicol/simple-line-layout-switch-to-normal-layout-while-inside-layout.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::PaginatedLayoutStateMaintainer::PaginatedLayoutStateMaintainer):
        (WebCore::PaginatedLayoutStateMaintainer::~PaginatedLayoutStateMaintainer):
        (WebCore::RenderBlockFlow::ensureLineBoxes):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::pushLayoutStateForPaginationIfNeeded):
        (WebCore::RenderView::pushLayoutStateForPagination): Deleted.
        * rendering/RenderView.h:

2017-04-30  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build after r215992

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:

2017-04-30  Brady Eidson  <beidson@apple.com>

        Fix r215991
        https://bugs.webkit.org/show_bug.cgi?id=171483

        Unreviewed.

        * platform/spi/cf/CFNetworkSPI.h:

2017-04-30  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build after r215992

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebAVPlayerLayerView_pictureInPicturePlayerLayerView):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):

2017-04-30  Dan Bernstein  <mitz@apple.com>

        [Cocoa] Replaces uses of [get…() alloc] with alloc…Instance()
        https://bugs.webkit.org/show_bug.cgi?id=171485

        Reviewed by Geoffrey Garen.

        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
        (WebCore::CDMSessionAVContentKeySession::contentKeySession):
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::devicePicker):
        * platform/ios/ValidationBubbleIOS.mm:
        (-[WebValidationBubbleTapRecognizer initWithPopoverController:]):
        (WebCore::ValidationBubble::ValidationBubble):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::setUpFullscreen):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebAVPlayerLayerView_pictureInPicturePlayerLayerView):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        * platform/mac/WebVideoFullscreenInterfaceMac.mm:
        (-[WebVideoFullscreenInterfaceMacObjC setUpPIPForVideoView:withFrame:inWindow:]):
        * platform/network/ios/PreviewConverter.mm:
        (WebCore::PreviewConverter::PreviewConverter):
        * rendering/RenderThemeIOS.mm:
        (WebCore::iconForAttachment):

2017-04-30  Brady Eidson  <beidson@apple.com>

        Updates to _WKWebsiteDataStoreConfiguration cookie storage location SPI.
        <rdar://problem/31906397> and https://bugs.webkit.org/show_bug.cgi?id=171483

        Reviewed by Geoff Garen (and kind of Andy Estes).

        No new tests (Covered by API test).

        * platform/spi/cf/CFNetworkSPI.h:

2017-04-30  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/31906525> WebCore-7604.1.19 has failed to build

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard setItemsUsingRegistrationInfoLists:]): Resolved type ambiguity
          by using allocUIItemProviderInstance() instead of [getUIItemProviderClass() alloc].

2017-04-30  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Implement support for aria-autocomplete
        https://bugs.webkit.org/show_bug.cgi?id=171167

        Reviewed by Chris Fleizach.

        Expose ATK_STATE_SUPPORTS_AUTOCOMPLETION in the state set, and the value
        of aria-autocomplete as an object attribute, for elements which indicate
        they support autocompletion.

        Test: accessibility/gtk/aria-autocomplete.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIAAutoComplete):
        (WebCore::AccessibilityObject::ariaAutoCompleteValue):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):
        (setAtkStateSetFromCoreObject):
        * html/HTMLAttributeNames.in:

2017-04-30  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] ARIA treegrid role should be exposed as ATK_ROLE_TREE_TABLE; not ATK_ROLE_TABLE
        https://bugs.webkit.org/show_bug.cgi?id=171170

        Reviewed by Chris Fleizach.

        AccessibilityTable::roleValue() was returning GridRole for both grid and treegrid.
        Change this so that GridRole is returned for grid and TreeGridRole is returned for
        treegrid. Add TreeGridRole to, or call isTable() in, methods where the behavior
        should be the same as GridRole.

        Test: accessibility/gtk/interface-table.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::selectedChildren):
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::roleValue):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        (getInterfaceMaskFromObject):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityTableAncestor]):
        (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):

2017-04-30  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Emit object:state-changed:busy event when aria-busy value changes
        https://bugs.webkit.org/show_bug.cgi?id=171181

        Reviewed by Chris Fleizach.

        Emit object:state-changed:busy for AXElementBusyChanged notifications.

        Test: accessibility/gtk/aria-busy-changed-notification.html

        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::postPlatformNotification):

2017-04-29  Joseph Pecoraro  <pecoraro@apple.com>

        Zero out PerformanceResourceTiming properties for cached cross-origin responses without Timing-Allow-Origin
        https://bugs.webkit.org/show_bug.cgi?id=171394

        Reviewed by Youenn Fablet.

        * loader/ResourceTiming.cpp:
        (WebCore::ResourceTiming::fromCache):
        (WebCore::ResourceTiming::ResourceTiming):
        * loader/ResourceTiming.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        Include the timing-allow-origin check for cached responses.
        Also, avoid including an extra entry for an ongoing cached resource
        load, since when that load completes it should be reported.

2017-04-29  Youenn Fablet  <youenn@apple.com>

        Readd assertion removed accidentally in r215955
        https://bugs.webkit.org/show_bug.cgi?id=171466

        Reviewed by Eric Carlson.

        Unreviewed.

        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSourceMac::orientationChanged): Improved FIXME after review.

2017-04-29  Andy Estes  <aestes@apple.com>

        [macOS] Picture-in-picture should be disabled in WebPlaybackControlsManager during external media playback
        https://bugs.webkit.org/show_bug.cgi?id=171468
        <rdar://problem/31900349>

        Reviewed by Eric Carlson.

        * platform/mac/WebPlaybackControlsManager.h: Declared canTogglePictureInPicture as a
        readwrite property.
        * platform/mac/WebPlaybackControlsManager.mm: Synthesize canTogglePictureInPicture.
        (-[WebPlaybackControlsManager canTogglePictureInPicture]): Deleted.
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::externalPlaybackChanged): Called
        -[WebPlaybackControlsManager setCanTogglePictureInPicture:].

2017-04-29  Simon Fraser  <simon.fraser@apple.com>

        Fix tests broken by r215964.

        Fix copy-paste error that caused the wrong paint phase to get passed to the fire writeLayerRenderers()
        call, causing extra renderer dumping.

        Also remove unused default arguments.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeLayerRenderers):
        (WebCore::writeLayers):

2017-04-28  Zalan Bujtas  <zalan@apple.com>

        iBooks text can overlap, sometimes columns are shifted splitting words.
        https://bugs.webkit.org/show_bug.cgi?id=171472
        <rdar://problem/31096037>

        Reviewed by Antti Koivisto.

        Instead of just checking if the glyph is taller than the line, we need to ensure that both the
        ascent and the descent have enough space (this is for -webkit-line-box-contain: glyph).

        Test: fast/text/simple-line-layout-glyph-overflows-line.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseForText): compute the available space for the ascent/descent
        and check them against the ceil-ed(see FontCascade::floatWidthForSimpleText) glyph min/max y.

2017-04-29  Nan Wang  <n_wang@apple.com>

        AX: Improve performance of addChildren()/childrenChanged()
        https://bugs.webkit.org/show_bug.cgi?id=171443

        Reviewed by Chris Fleizach.

        There's a lot of unnecessary work happening when childrenChanged() is being called.
        Some of the improvements here:
        1. When childrenChanged() is being called on some element, we are marking its parent
           chain dirty. However, in the addChild() method we are then clearing each child of
           that 'dirty' parent, eventually making the entire tree dirty. 
           Added a m_subTreeDirty flag and using the needsToUpdateChildren() check to make sure
           we are only clearing the right chain without updating the unchanged siblings.
        2. In the addChild() method we are calling accessibilityIsIgnored() on each child and that 
           might lead to going up the parent chain again to get necessary information. 
           Since we are already traversing the tree from top to bottom to add children, added a 
           struct to store the information and pass it to the child so to avoid unnecessary traversal.
        3. Reduced the amount work of ARIA text controls perform when updating its parents in childrenChanged() 
           so that we don't update a big portion of the tree while typing.

        No new tests since this didn't change any functionality. 

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::AccessibilityNodeObject):
        (WebCore::AccessibilityNodeObject::childrenChanged):
        (WebCore::AccessibilityNodeObject::insertChild):
        (WebCore::AccessibilityNodeObject::addChildren):
        (WebCore::AccessibilityNodeObject::isDescendantOfBarrenParent):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::AccessibilityObject):
        (WebCore::AccessibilityObject::defaultObjectInclusion):
        (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityIsIgnoredFromParentData::AccessibilityIsIgnoredFromParentData):
        (WebCore::AccessibilityIsIgnoredFromParentData::isNull):
        (WebCore::AccessibilityObject::setNeedsToUpdateSubTree):
        (WebCore::AccessibilityObject::needsToUpdateChildren):
        (WebCore::AccessibilityObject::setIsIgnoredFromParentData):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::updateChildrenIfNecessary):
        (WebCore::AccessibilityRenderObject::addChildren):
        * accessibility/AccessibilityRenderObject.h:
        (WebCore::AccessibilityRenderObject::setRenderObject):
        (WebCore::AccessibilityRenderObject::needsToUpdateChildren): Deleted.

2017-04-29  Yusuke Suzuki  <utatane.tea@gmail.com>

        Move WebCore CPUTime to WTF and implement it in all the platforms
        https://bugs.webkit.org/show_bug.cgi?id=171477

        Reviewed by Chris Dumez.

        Move CPUTime to WTF. And rename getCPUTime to CPUTime::get().

        * CMakeLists.txt:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * page/ChromeClient.h:
        * page/PerformanceMonitor.cpp:
        (WebCore::PerformanceMonitor::PerformanceMonitor):
        (WebCore::PerformanceMonitor::measurePostLoadCPUUsage):
        (WebCore::PerformanceMonitor::measurePostBackgroundingCPUUsage):
        (WebCore::PerformanceMonitor::measureCPUUsageInActivityState):
        * page/PerformanceMonitor.h:
        * platform/CPUMonitor.cpp:
        (WebCore::CPUMonitor::setCPULimit):
        (WebCore::CPUMonitor::timerFired):
        * platform/CPUMonitor.h:

2017-04-28  Per Arne Vollan  <pvollan@apple.com>

        Crash under WebCore::AccessibilityRenderObject::handleAriaExpandedChanged().
        https://bugs.webkit.org/show_bug.cgi?id=171427
        rdar://problem/31863417

        Reviewed by Brent Fulgham.

        The AccessibilityRenderObject object might delete itself in handleAriaExpandedChanged() under the call
        to the parentObject() method. This will cause a crash when accessing the object later in this method.
        Protect the current object while executing arbitrary event code.

        Test: accessibility/accessibility-crash-setattribute.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::handleAriaExpandedChanged):

2017-04-28  Chris Dumez  <cdumez@apple.com>

        Diagnostic logging of navigations is too verbose
        https://bugs.webkit.org/show_bug.cgi?id=171455
        <rdar://problem/31543815>

        Reviewed by Andreas Kling.

        Diagnostic logging of navigation is too verbose. We log things that are not actually user
        navigations (e.g. speculative loads, bookmark icon fetches, ...). To address the issue,
        we now only log *observable* loads. We do so by only logging if the page is visible or
        if it becomes visible.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::logNavigation): Deleted.
        * page/Page.cpp:
        (WebCore::Page::setIsVisibleInternal):
        (WebCore::Page::logNavigation):
        (WebCore::Page::mainFrameLoadStarted):
        * page/Page.h:

2017-04-28  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: ARIA "region" role which lacks an accessible name should not be treated as a landmark
        https://bugs.webkit.org/show_bug.cgi?id=171180

        Reviewed by Chris Fleizach.

        Remove mapping of LandmarkRegionRole for regions which lack an accessible name.
        Doing so had a side effect of causing a number of DPub ARIA roles to stop being
        mapped as ARIA landmarks. This is due to our internal role mappings, namely
        treating the DPub ARIA landmark roles as if they were regions. Because DPub's
        landmarks do not subclass region, and do not have the same name-from-author
        requirement as region, create a new LandmarkDocRegionRole AccessibilityRole and
        map DPub ARIA's generic landmarks to it.

        No new tests because we already have sufficient coverage. Several existing
        tests were given additional test cases to cover named and unnamed regions,
        and test expectations updated accordingly.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::determineAriaRoleAttribute):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::accessibleNameDerivesFromContent):
        (WebCore::AccessibilityObject::isLandmark):
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::computedRoleString):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase ariaLandmarkRoleDescription]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):

2017-04-28  Simon Fraser  <simon.fraser@apple.com>

        Enhance showLayerTree() to show fragments
        https://bugs.webkit.org/show_bug.cgi?id=171469

        Reviewed by Zalan Bujtas.

        Have showLayerTree() dump fragments, like:

             normal flow list(1)
              layer 0x11c1879c0 at (0,0) size 700x1858 backgroundClip at (0,0) size 2120x779 clip at (0,0) size 2120x779
                   fragment 0: bounds in layer at (0,0) size 700x1858 fragment bounds at (0,0) size 700x779
                   fragment 1: bounds in layer at (710,-779) size 700x1858 fragment bounds at (710,0) size 700x779
                   fragment 2: bounds in layer at (1420,-1558) size 700x1858 fragment bounds at (1420,0) size 700x300
                RenderMultiColumnFlowThread 0x11f1f3340 at (0,0) size 700x1858

        We want these to show before the child renderers, so factor that code into writeLayerRenderers().
        
        Overloading of write() for layers doesn't help anyone, so call it writeLayer() for searchability.

        * rendering/RenderLayer.cpp:
        (WebCore::showLayerTree):
        * rendering/RenderLayer.h:
        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeLayer):
        (WebCore::writeLayerRenderers):
        (WebCore::writeLayers):
        * rendering/RenderTreeAsText.h:

2017-04-28  Simon Fraser  <simon.fraser@apple.com>

        Modernize RenderTreeAsText code
        https://bugs.webkit.org/show_bug.cgi?id=171458

        Reviewed by Zalan Bujtas.

        Use modern loops. More references to render objects and layers.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::write):
        (WebCore::writeRenderNamedFlowThreads):
        (WebCore::writeLayers):
        (WebCore::writeSelection):
        (WebCore::externalRepresentation):

2017-04-28  Wenson Hsieh  <wenson_hsieh@apple.com>

        Fix and re-enable data interaction unit tests
        https://bugs.webkit.org/show_bug.cgi?id=171446
        <rdar://problem/31820646>

        Reviewed by Tim Horton.

        Three small tweaks to get all data interaction tests passing again (changes detailed below).
        Fixes a failing unit test: DataInteractionTests.RespectsExternalSourceFidelityRankings.

        * page/mac/DragControllerMac.mm:

        When dropping in a plain text editable area, don't consider kUTTypeText to be a UTI supported by the destination.
        This is because doing so would cause rich text UTIs, such as kUTTypeHTML, to match, so that the plain text area
        would report HTML as a preferred UTI type to load when dropping rich content over it. What we want to check for
        conformance here is really kUTTypePlainText.

        (WebCore::DragController::updatePreferredTypeIdentifiersForDragHandlingMethod):
        * platform/Pasteboard.h:
        * platform/ios/PasteboardIOS.mm:

        The default Pasteboard constructor no longer makes a sync call to the UI process to get the change count.
        Instead, we introduce a new constructor that takes and sets the change count. This default constructor was used
        from three places: Pasteboard::createForCopyAndPaste, Pasteboard::createPrivate and StaticPasteboard::create.

        The first two call sites have been refactored to first fetch the change count from the UI process and then pass
        it in to the constructor.

        (WebCore::changeCountForPasteboard):
        (WebCore::Pasteboard::Pasteboard):
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createPrivate):
        (WebCore::Pasteboard::readString):
        (WebCore::Pasteboard::types):
        * platform/mac/DragDataMac.mm:
        (WebCore::typeIsAppropriateForSupportedTypes):
        (WebCore::DragData::updatePreferredTypeIdentifiers):

        Remove the two-pass heuristic. Instead, we should follow this policy: "select the highest fidelity UTI that
        conforms to one of the destination's supported types".

        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::Pasteboard):

2017-04-28  Dean Jackson  <dino@apple.com>

        App crashing: Dispatch queue: com.apple.root.user-interactive-qos / vBoxConvolve / WebCore::FEGaussianBlur::platformApplySoftware()
        https://bugs.webkit.org/show_bug.cgi?id=171461
        <rdar://problem/30534722>

        Reviewed by Eric Carlson.

        We're getting reports of crashes in this function, caused by null or empty data being
        passed to vImage. Guard against this, in a way that will ASSERT in debug builds if
        anyone comes across it.

        Test: css3/filters/blur-various-radii.html

        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::accelerateBoxBlur): Return early if things don't look good.

2017-04-28  Chris Dumez  <cdumez@apple.com>

        Stop using legacy ClientRect / ClientRectList in Internals
        https://bugs.webkit.org/show_bug.cgi?id=171412

        Reviewed by Simon Fraser.

        Stop using legacy ClientRect / ClientRectList in Internals amd use the
        newer DOMRect instead.

        * dom/DOMRect.idl:
        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects):
        (WebCore::Page::touchEventRectsForEvent):
        (WebCore::Page::passiveTouchEventListenerRects):
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::absoluteCaretBounds):
        (WebCore::Internals::boundingBox):
        (WebCore::Internals::inspectorHighlightRects):
        (WebCore::Internals::layoutViewportRect):
        (WebCore::Internals::visualViewportRect):
        (WebCore::Internals::touchEventRectsForEvent):
        (WebCore::Internals::passiveTouchEventListenerRects):
        (WebCore::Internals::nonFastScrollableRects):
        (WebCore::Internals::selectionBounds):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-28  Youenn Fablet  <youenn@apple.com>

        getUserMedia video streams should follow device orientation
        https://bugs.webkit.org/show_bug.cgi?id=171284

        Reviewed by Eric Carlson.

        Only really affects AVVideoCaptureSource on iOS. Manually testing the following cases:
        - Mac: no change of behavior
        - iOS: page loaded in portrait, video is portrait. page loaded in landscape, video is landscape
        - iOS: changing the device orientation makes the video samples to be moved to landscape/portrait.
        - Same tests as above with peer connection.

        Making Document having an OrientationNotifier that AVVideoCaptureSources get registered to.
        Making AVVideoCaptureSource an OrientationNotifier::Observer so that it can changes width/height if needed.

        Refactoring to specialize CaptureFactory in VideoCaptureFactory and AudioCaptureFactory.
        Refactoring to return a CaptureSourceOrError instead of passing an out parameter plus returning a RefPtr.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::orientationChanged):
        * dom/Document.h:
        * page/Frame.cpp:
        (WebCore::Frame::orientationChanged):
        * platform/OrientationNotifer.h: Copied from Source/WebKit2/UIProcess/Cocoa/UserMediaCaptureManagerProxy.h.
        (WebCore::OrientationNotifier::Observer::setNotifier):
        (WebCore::OrientationNotifier::Observer::~Observer):
        (WebCore::OrientationNotifier::orientationChanged):
        (WebCore::OrientationNotifier::addObserver):
        (WebCore::OrientationNotifier::removeObserver):
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::monitorOrientation):
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/RealtimeMediaSource.h:
        (WebCore::CaptureSourceOrError::CaptureSourceOrError):
        (WebCore::CaptureSourceOrError::operator bool):
        (WebCore::CaptureSourceOrError::source):
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::setAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::setVideoFactory):
        (WebCore::RealtimeMediaSourceCenter::unsetVideoFactory):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        (WebCore::RealtimeMediaSourceCenter::defaultAudioFactory):
        (WebCore::RealtimeMediaSourceCenter::defaultVideoFactory):
        (WebCore::RealtimeMediaSourceCenter::audioFactory):
        (WebCore::RealtimeMediaSourceCenter::videoFactory):
        * platform/mediastream/mac/AVAudioCaptureSource.h:
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        (WebCore::AVAudioCaptureSource::create):
        (WebCore::AVAudioCaptureSource::factory):
        * platform/mediastream/mac/AVVideoCaptureSource.h:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::create):
        (WebCore::AVVideoCaptureSource::factory):
        (WebCore::AVVideoCaptureSource::monitorOrientation):
        (WebCore::AVVideoCaptureSource::orientationChanged):
        (WebCore::AVVideoCaptureSource::processNewFrame):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::factory):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
        (WebCore::MockRealtimeAudioSource::create):
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.h:
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSource::create):
        (WebCore::MockRealtimeVideoSourceMac::orientationChanged):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):
        (WebCore::RealtimeMediaSourceCenterMac::defaultVideoFactory):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::createMediaStream):
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::create):
        (WebCore::MockRealtimeAudioSource::factory):
        * platform/mock/MockRealtimeAudioSource.h:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
        (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
        (WebCore::MockRealtimeMediaSourceCenter::defaultAudioFactory):
        (WebCore::MockRealtimeMediaSourceCenter::defaultVideoFactory):
        * platform/mock/MockRealtimeMediaSourceCenter.h:
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::create):
        (WebCore::MockRealtimeVideoSource::factory):
        * platform/mock/MockRealtimeVideoSource.h:

2017-04-28  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Unify how BitmapImage handles the availability of a decoded for large and animated images
        https://bugs.webkit.org/show_bug.cgi?id=171410

        Reviewed by Simon Fraser.

        Rename some functions which are related to animation frame availability.
        Make BitmapImage call ImageObserver::imageFrameAvailable() whenever a 
        frame is available regardless it is for an animated or for a large image.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isVisibleInViewport):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::autoplayPermitted):
        (WebCore::isMainContentForPurposesOfAutoplay):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::CachedImageObserver::imageFrameAvailable):
        (WebCore::CachedImage::imageFrameAvailable):
        (WebCore::CachedImage::usesImageContainerSize): Deleted.
        (WebCore::CachedImage::imageHasRelativeWidth): Deleted.
        (WebCore::CachedImage::imageHasRelativeHeight): Deleted.
        (WebCore::CachedImage::CachedImageObserver::animationAdvanced): Deleted.
        (WebCore::CachedImage::animationAdvanced): Deleted.
        * loader/cache/CachedImage.h:
        * loader/cache/CachedImageClient.h:
        (WebCore::CachedImageClient::imageFrameAvailable):
        (WebCore::CachedImageClient::newImageAnimationFrameAvailable): Deleted.
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::internalAdvanceAnimation):
        (WebCore::BitmapImage::imageFrameAvailableAtIndex):
        (WebCore::BitmapImage::newFrameNativeImageAvailableAtIndex): Deleted.
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::imageFrameAvailableAtIndex):
        (WebCore::Image::newFrameNativeImageAvailableAtIndex): Deleted.
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex):
        * platform/graphics/ImageObserver.h:
        * platform/graphics/ImageTypes.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        (WebCore::RenderElement::shouldRepaintInVisibleRect):
        (WebCore::RenderElement::imageFrameAvailable):
        (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):
        (WebCore::shouldRepaintForImageAnimation): Deleted.
        (WebCore::RenderElement::newImageAnimationFrameAvailable): Deleted.
        * rendering/RenderElement.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::updateVisibleViewportRect):
        * svg/graphics/SVGImageClients.h:

2017-04-28  Jeremy Jones  <jeremyj@apple.com>

        ARGUMENT BAD: time, time >= 0
        https://bugs.webkit.org/show_bug.cgi?id=164336
        rdar://problem/29314891

        Reviewed by Eric Carlson.

        Handle invalid duration and current time when calculating remaining time.

        Test media/modern-media-controls/pip-support/pip-support-click.html now works without a workaround
        in media/modern-media-controls/pip-support/pip-support-enabled.html

        * platform/mac/WebVideoFullscreenHUDWindowController.mm:
        (-[WebVideoFullscreenHUDWindowController remainingTimeText]):

2017-04-28  Daniel Bates  <dabates@apple.com>

        Add WebCore::protocolIsJavaScript(StringView)
        https://bugs.webkit.org/show_bug.cgi?id=171396

        Reviewed by Alex Christensen.

        Add an overload of WebCore::protocolIsJavaScript() that takes a StringView to
        avoid the need for a caller to allocate a new String object when converting
        from a StringView to a String. We are not using this functionality at the moment,
        but we will in the patch for <https://bugs.webkit.org/show_bug.cgi?id=170925>.

        No functionality has changed. So, no new tests.

        * platform/URL.cpp: Remove an outdated comment about protocolIs(StringView, const char*).
        This overload was removed in r212508.
        (WebCore::protocolIsInternal): Added.
        (WebCore::protocolIs): Implemented in terms of WebCore::protocolIsInternal().
        (WebCore::URL::protocolIs): Ditto.
        (WebCore::protocolIsJavaScript): Added; overload that takes a StringView.
        (WebCore::mimeTypeFromDataURL): Modified to use WebCore::protocolIsInternal().
        * platform/URL.h:

2017-04-28  Andy Estes  <aestes@apple.com>

        [macOS] WebPlaybackControlsManager needs to know when the selected text or audio track changes
        https://bugs.webkit.org/show_bug.cgi?id=171434
        <rdar://problem/31887922>

        Reviewed by Eric Carlson.

        * dom/GenericEventQueue.cpp:
        (WebCore::GenericEventQueue::hasPendingEventsOfType): Added to check if a pending event
        exists of a certain type.
        * dom/GenericEventQueue.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setSelectedTextTrack): Even if no track modes change, fire a
        change event when the track to select is off or automatic so that
        WebPlaybackSessionModelMediaElement detects the change.
        * html/track/TrackListBase.cpp:
        (TrackListBase::isChangeEventScheduled): Returns true if m_asyncEventQueue has a pending
        change event.
        * html/track/TrackListBase.h:
        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::audioMediaSelectionIndexChanged):
        (WebCore::WebPlaybackSessionModelClient::legibleMediaSelectionIndexChanged):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::setMediaElement): Registered/unregistered for
        the change event on the audio and text tracks.
        (WebCore::WebPlaybackSessionModelMediaElement::updateForEventName): Called
        updateMediaSelectionIndices() when the change event fires.
        (WebCore::WebPlaybackSessionModelMediaElement::updateMediaSelectionOptions): Renamed from
        updateLegibleOptions().
        (WebCore::WebPlaybackSessionModelMediaElement::updateMediaSelectionIndices): Called
        audioMediaSelectionIndexChanged() and legibleMediaSelectionIndexChanged() on m_clients with
        the updated indices.
        (WebCore::WebPlaybackSessionModelMediaElement::legibleMediaSelectedIndex): Fixed a bug
        where selectedIndex would never be set to offIndex if offIndex is 0 (which it usually is).
        (WebCore::WebPlaybackSessionModelMediaElement::updateLegibleOptions): Renamed to
        updateMediaSelectionOptions().
        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager setAudioMediaSelectionIndex:]): Set
        _currentAudioTouchBarMediaSelectionOption to the object at selectedIndex and manually
        triggered a KVO notification. We can't call -setCurrentAudioTouchBarMediaSelectionOption:
        here since that will send a message back to the Web process.
        (-[WebPlaybackControlsManager setLegibleMediaSelectionIndex:]): Ditto for
        _currentLegibleTouchBarMediaSelectionOption.
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::audioMediaSelectionIndexChanged): Called
        -[WebPlaybackControlsManager setAudioMediaSelectionIndex:].
        (WebCore::WebPlaybackSessionInterfaceMac::legibleMediaSelectionIndexChanged): Called
        -[WebPlaybackControlsManager setLegibleMediaSelectionIndex:].

2017-04-28  Chris Dumez  <cdumez@apple.com>

        Range.getClientRects() / getBoundingClientRect() should return DOMRect types
        https://bugs.webkit.org/show_bug.cgi?id=171393

        Reviewed by Simon Fraser.

        Range.getClientRects() / getBoundingClientRect() should return DOMRect types:
        - https://drafts.csswg.org/cssom-view/#extensions-to-the-range-interface

        Test: fast/dom/Range/getBoundingClientRect-getClientRects-return-type.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DOMRect.cpp: Copied from Source/WebCore/dom/DOMRect.h.
        (WebCore::createDOMRectVector):
        * dom/DOMRect.h:
        * dom/Element.cpp:
        (WebCore::Element::getClientRects):
        * dom/Range.cpp:
        (WebCore::Range::getClientRects):
        (WebCore::Range::getBoundingClientRect):
        * dom/Range.h:
        * dom/Range.idl:

2017-04-28  Chris Dumez  <cdumez@apple.com>

        Tweak window.open features argument tokenizer to match HTML standard and Edge
        https://bugs.webkit.org/show_bug.cgi?id=170548

        Reviewed by Geoffrey Garen.

        Update window.open() features argument tokenizer to match HTML standard:
        - https://html.spec.whatwg.org/#concept-window-open-features-tokenize

        Also update window.open() to return null instead of the window when
        the 'noopener' feature is activated, as per:
        - https://html.spec.whatwg.org/#dom-open (Step 10)

        No new tests, rebaselined existing test.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        Update window.open() to return null instead of the window when
        the 'noopener' feature is activated, as per:
        - https://html.spec.whatwg.org/#dom-open (Step 10)

        * page/WindowFeatures.cpp:
        (WebCore::isSeparator):
        Treat all ASCII spaces as feature separators, as per:
        - https://html.spec.whatwg.org/#feature-separator
        This has the effect of adding U+000C (FormFeed) as a separator.

        (WebCore::processFeaturesString):
        Align tokenizing code with the specification:
        - https://html.spec.whatwg.org/#concept-window-open-features-tokenize
        In particular, the following changes were made:
        - After the key, skip to first '=', but don't skip past a ',' or a non-separator.
          The "or a non-separator" part is new in the spec (step 3.6.1) and is now implemented.
        - After looking for the '=', only treat what follows as a value if the current character
          is a separator. This is as per step 7 in the spec.
        These changes now cause us to parse 'foo noopener=1' as ('foo', ''), ('noopener', '1').

2017-04-28  Eric Carlson  <eric.carlson@apple.com>

        Implement ondevicechange
        https://bugs.webkit.org/show_bug.cgi?id=169872

        Unreviewed, remove some dead code accidentally committed in r215929.

        * platform/mediastream/CaptureDeviceManager.cpp:

2017-04-28  Chris Dumez  <cdumez@apple.com>

        Update DOMTokenList.replace() to match the latest DOM specification
        https://bugs.webkit.org/show_bug.cgi?id=171388

        Reviewed by Alex Christensen.

        Update DOMTokenList.replace() to match the latest DOM specification after:
        - https://github.com/whatwg/dom/issues/442
        - https://github.com/whatwg/infra/pull/126

        The latest spec text is at:
        - https://dom.spec.whatwg.org/#dom-domtokenlist-replace
        - https://infra.spec.whatwg.org/#set-replace

        The behavior change in this patch causes (a, b, c).replace(a, c) to return
        (c, b) instead of (b, c). This new behavior is aligned with Firefox as well.

        No new tests, updated existing test.

        * html/DOMTokenList.cpp:
        (WebCore::DOMTokenList::replace):

2017-04-28  Brady Eidson  <beidson@apple.com>

        Start of support for multiple WebsiteDataStore/SessionIDs per process
        https://bugs.webkit.org/show_bug.cgi?id=171422

        Reviewed by Geoffrey Garen.

        Covered by API tests.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::ensureSession):
        * platform/spi/cf/CFNetworkSPI.h:

2017-04-28  Chris Dumez  <cdumez@apple.com>

        URLSearchParams should be reflective
        https://bugs.webkit.org/show_bug.cgi?id=171345

        Reviewed by Alex Christensen.

        There was a bug in our implementation of [1] where we would replace
        '+' with 0x20 *after* URL-decoding the string, instead of *before*.
        This was causing us to replace URL-encoded '+' characters with 0x20.

        [1] https://url.spec.whatwg.org/#concept-urlencoded-parser

        No new tests, updated existing test.

        * platform/URLParser.cpp:

2017-04-28  Youenn Fablet  <youenn@apple.com>

        Adding a runtime flag specific to MediaDevices
        https://bugs.webkit.org/show_bug.cgi?id=171433

        Reviewed by Geoffrey Garen.

        Covered by existing tests.

        Adding a preference for MediaDevices.
        Setting media devices runtime flag to false by default.
        Setting peer connection and media stream flags to true by default.
        Activating mediaDevices and getUserMedia Navigator properties based on media devices flag.

        * Modules/mediastream/NavigatorMediaDevices.idl:
        * Modules/mediastream/NavigatorUserMedia.idl:
        * page/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::mediaDevicesEnabled):
        (WebCore::RuntimeEnabledFeatures::setMediaDevicesEnabled):

2017-04-28  Eric Carlson  <eric.carlson@apple.com>

        Implement ondevicechange
        https://bugs.webkit.org/show_bug.cgi?id=169872

        Unreviewed, fix test crash.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::addDevicesChangedObserver): "nextToken" must be static.

2017-04-28  Dean Jackson  <dino@apple.com>

        [WebGPU] Label MTLCommandQueues with a prefix for internal telemetry
        https://bugs.webkit.org/show_bug.cgi?id=171441
        <rdar://problem/31826915>

        Reviewed by Tim Horton.

        Prefix any label that is set by the WebGPU API so that
        our telemetry can identify the use. Don't expose that
        prefix to the API though.

        New API Test: GPUCommandQueue

        * platform/graphics/cocoa/GPUCommandQueueMetal.mm:
        (WebCore::GPUCommandQueue::GPUCommandQueue):
        (WebCore::GPUCommandQueue::label):
        (WebCore::GPUCommandQueue::setLabel):

2017-04-28  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] aria-modal="true" should be exposed via ATK_STATE_MODAL
        https://bugs.webkit.org/show_bug.cgi?id=171188

        Reviewed by Chris Fleizach.

        Include ATK_STATE_MODAL in the AtkObject's state set if the accessible
        element's node is the current ARIA modal node.

        Test: accessibility/gtk/aria-modal-state-exposed.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isAriaModalNode):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (setAtkStateSetFromCoreObject):

2017-04-28  Eric Carlson  <eric.carlson@apple.com>

        Implement ondevicechange
        https://bugs.webkit.org/show_bug.cgi?id=169872
        <rdar://problem/28945035>

        Reviewed by Jer Noble.

        Test: fast/mediastream/device-change-event.html

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::MediaDevices): Register for devicechange callbacks.
        (WebCore::MediaDevices::~MediaDevices): Unregister.
        (WebCore::MediaDevices::scheduledEventTimerFired):
        * Modules/mediastream/MediaDevices.h:
        * Modules/mediastream/MediaDevices.idl:

        * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
        (WebCore::MediaDevicesEnumerationRequest::setDeviceInfo): Remove unnecessary instance variables.
        * Modules/mediastream/MediaDevicesEnumerationRequest.h:

        * Modules/mediastream/MediaDevicesRequest.cpp:
        (WebCore::MediaDevicesRequest::start): Remove m_idHashSalt, it isn't used. RealtimeMediaSourceCenter
        now has the method to hash ids and group IDs.
        (WebCore::hashString): Deleted.
        (WebCore::MediaDevicesRequest::hashID): Deleted.
        * Modules/mediastream/MediaDevicesRequest.h:

        * dom/Document.h:
        (WebCore::Document::setDeviceIDHashSalt):
        (WebCore::Document::deviceIDHashSalt):

        * dom/EventNames.h: Add devicechange.

        * dom/EventTargetFactory.in: Add MediaDevices.

        * html/HTMLAttributeNames.in: Add ondevicechange.

        * platform/mediastream/CaptureDeviceManager.cpp:
        (WebCore::CaptureDeviceManager::captureDeviceFromPersistentID): Renamed from captureDeviceFromDeviceID
        and changed to return a std::optional<CaptureDevice>.
        (WebCore::CaptureDeviceManager::captureDeviceFromDeviceID): Deleted.

        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::addStringToSHA): New, add string bytes to SHA1. Moved from MediaDevicesRequest
        so we can use for in testing.
        (WebCore::RealtimeMediaSourceCenter::hashStringWithSalt): Generate hash for a string with a
        salt. Moved from MediaDevicesRequest so we can use for in testing.
        (WebCore::RealtimeMediaSourceCenter::captureDeviceWithUniqueID): Find a CaptureDevice given 
        a unique ID and the process hash salt.
        (WebCore::RealtimeMediaSourceCenter::setDeviceEnabled): Enable/disable a device. Used for
        layout tests only.
        (WebCore::RealtimeMediaSourceCenter::addDevicesChangedObserver): Add a devices changed listener.
        (WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver): Remove a listener.
        (WebCore::RealtimeMediaSourceCenter::captureDevicesChanged): Notify listeners.
        * platform/mediastream/RealtimeMediaSourceCenter.h:

        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::addDevicesChangedObserver): Update for change to captureDeviceFromDeviceID.

        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::MockRealtimeMediaSource::audioDevices): All devices are enabled by default.
        (WebCore::MockRealtimeMediaSource::videoDevices): Ditto.

        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::createMediaStream): Drive-by cleanup: use the vector
        of devices instead of making assumptions about the number.
        (WebCore::MockRealtimeMediaSourceCenter::getMediaStreamDevices): Only include enabled devices.
        (WebCore::MockRealtimeMediaSourceCenter::setDeviceEnabled): Enable or disable a device.
        * platform/mock/MockRealtimeMediaSourceCenter.h:

        * testing/Internals.cpp:
        (WebCore::Internals::setMediaDeviceState): Enable or disable a mock capture device.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-28  Alex Christensen  <achristensen@webkit.org>

        Fix memory corruption issue after r215883.
        https://bugs.webkit.org/show_bug.cgi?id=171365

        Reviewed by Brady Eidson.

        This fixes a crash when starting WebKit2.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        Initialize m_platformCookieStorage with the default constructor of RetainPtr,
        then call NetworkStorageSession::cookieStorage which checks m_platformCookieStorage
        for null.  It was checking uninitialized memory when we had m_platformCookieStorage
        in the initializer list.

2017-04-28  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Implement aria-value support for focusable separators
        https://bugs.webkit.org/show_bug.cgi?id=171169

        Reviewed by Chris Fleizach.

        Add SplitterRole to the roles which support range value and are considered a range
        control, as long as the SplitterRole element is focusable. Also replace ATK's role-
        based check with a call to supportsRangeValue() when determining if the AtkValue
        interface should be implemented.

        Test: accessibility/separator-values.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isRangeControl):
        (WebCore::AccessibilityObject::supportsRangeValue):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (getInterfaceMaskFromObject):

2017-04-28  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] GridCellRole should implement AtkTableCell (regression?)
        https://bugs.webkit.org/show_bug.cgi?id=171179

        Reviewed by Chris Fleizach.

        Add GridCellRole to the group of roles which should implement AtkTableCell.

        Test: accessibility/gtk/interface-table-cell.html

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (getInterfaceMaskFromObject):

2017-04-28  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r215211): [GTK] Several webgl related tests are failing
        https://bugs.webkit.org/show_bug.cgi?id=170730

        Reviewed by Said Abou-Hallawa.

        There is a wrong situation in the image decoders where the complete data has been assigned
        to them but the size of the image hasn't been decoded yet. This is causing rendering
        issues in webgl when decoding the images used as textures. To fix this, we refactor how the
        encoded data status is stored to avoid that situation: the status is handled completely
        by ImageDecoder.h, and it's the one forcing the decode of the size when data gets assigned
        to the decoders.

        Covered by existent tests.

        * platform/image-decoders/ImageDecoder.h:
        (WebCore::ImageDecoder::isAllDataReceived):
        (WebCore::ImageDecoder::setData):
        (WebCore::ImageDecoder::encodedDataStatus):
        (WebCore::ImageDecoder::isSizeAvailable):
        (WebCore::ImageDecoder::setSize):
        (WebCore::ImageDecoder::setFailed):
        (WebCore::ImageDecoder::failed):
        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::frameBufferAtIndex):
        (WebCore::BMPImageDecoder::decode):
        (WebCore::BMPImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::frameCount):
        (WebCore::GIFImageDecoder::frameBufferAtIndex):
        (WebCore::GIFImageDecoder::decode):
        (WebCore::GIFImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::setData):
        (WebCore::ICOImageDecoder::frameCount):
        (WebCore::ICOImageDecoder::frameBufferAtIndex):
        (WebCore::ICOImageDecoder::setDataForPNGDecoderAtIndex):
        (WebCore::ICOImageDecoder::decode):
        (WebCore::ICOImageDecoder::decodeAtIndex):
        (WebCore::ICOImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::frameBufferAtIndex):
        (WebCore::JPEGImageDecoder::decode):
        (WebCore::JPEGImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::frameBufferAtIndex):
        (WebCore::PNGImageDecoder::decode):
        (WebCore::PNGImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/png/PNGImageDecoder.h:
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::frameBufferAtIndex):
        (WebCore::WEBPImageDecoder::decode):
        (WebCore::WEBPImageDecoder::encodedDataStatus): Deleted.
        * platform/image-decoders/webp/WEBPImageDecoder.h:

2017-04-27  Carlos Garcia Campos  <cgarcia@igalia.com>

        Move UUID from WebCore/platform to WTF
        https://bugs.webkit.org/show_bug.cgi?id=171372

        Reviewed by Michael Catanzaro.

        UUID only contains createCanonicalUUIDString() that is platform independent and doesn't depend on anything from
        WebCore, only from WTF.

        * CMakeLists.txt:
        * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp:
        * Modules/mediacontrols/MediaControlsHost.cpp:
        * Modules/mediastream/RTCPeerConnection.cpp:
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        * Modules/webdatabase/DatabaseTracker.cpp:
        * WebCore.order:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/mac/EditorMac.mm:
        * fileapi/BlobURL.cpp:
        * loader/appcache/ApplicationCacheHost.cpp:
        * loader/appcache/ApplicationCacheStorage.cpp:
        * platform/URL.cpp:
        * platform/glib/FileSystemGlib.cpp:
        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp:
        * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        * platform/mediastream/CaptureDeviceManager.cpp:
        * platform/mediastream/MediaStreamPrivate.h:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        * platform/mediastream/RealtimeMediaSource.cpp:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        * platform/mock/MockRealtimeAudioSource.cpp:
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        * platform/mock/MockRealtimeVideoSource.cpp:
        * testing/MockCDMFactory.cpp:

2017-04-27  Alex Christensen  <achristensen@webkit.org>

        Make navigation policy checking more robust
        https://bugs.webkit.org/show_bug.cgi?id=171409
        <rdar://problem/31489248>

        Reviewed by Geoffrey Garen.

        No change in behavior.  Just added a protectedThis to a lambda and made the functions non-copyable.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        * loader/PolicyCallback.cpp:
        (WebCore::PolicyCallback::set):
        (WebCore::PolicyCallback::clear): Deleted.
        * loader/PolicyCallback.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::cancelCheck):
        (WebCore::PolicyChecker::stopCheck):
        (WebCore::PolicyChecker::continueAfterNavigationPolicy):
        (WebCore::PolicyChecker::continueAfterNewWindowPolicy):
        (WebCore::PolicyChecker::continueAfterContentPolicy):

2017-04-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Data interaction should not load pasteboard content before performing the data operation
        https://bugs.webkit.org/show_bug.cgi?id=171414
        <rdar://problem/31878197>

        Reviewed by Tim Horton.

        When interacting with a link, we should not try to fetch pasteboard contents for the URL UTI type before
        performing the data operation. Teaches DragController to know whether it is allowed to load data from the
        dragging pasteboard, and uses this information in DragController::dragOperation to determine whether to use
        DragData::containsURLTypeIdentifier or DragData::containsURL.

        * page/DragController.cpp:
        (WebCore::DragController::DragController):
        (WebCore::DragController::performDragOperation):
        * page/DragController.h:
        (WebCore::DragController::canLoadDataFromDraggingPasteboard):
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::dragOperation):
        * platform/DragData.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard _preLoadedDataConformingToType:forItemProviderAtIndex:]):
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsURLTypeIdentifier):

2017-04-27  Joseph Pecoraro  <pecoraro@apple.com>

        Support for promise rejection events (unhandledrejection)
        https://bugs.webkit.org/show_bug.cgi?id=150358
        <rdar://problem/28441651>

        Reviewed by Saam Barati.

        Patch by Joseph Pecoraro and Yusuke Suzuki.

        Implement support for the `onunhandledrejection` and `rejectionhandled` events.
        They dispatch a new PromiseRejectionEvent using the ES6 HostPromiseRejectionTracker hook:
        https://tc39.github.io/ecma262/#sec-host-promise-rejection-tracker
        https://html.spec.whatwg.org/multipage/webappapis.html#unhandled-promise-rejections

        This is currently implemented only for Documents and not yet Web Workers.

        Tests: js/dom/unhandled-promise-rejection-basic.html
               js/dom/unhandled-promise-rejection-bindings-type-error.html
               js/dom/unhandled-promise-rejection-console-no-report.html
               js/dom/unhandled-promise-rejection-console-report.html
               js/dom/unhandled-promise-rejection-handle-during-event.html
               js/dom/unhandled-promise-rejection-handle-in-handler.html
               js/dom/unhandled-promise-rejection-handle.html
               js/dom/unhandled-promise-rejection-order.html

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DOMAllInOne.cpp:
        New files.

        * bindings/scripts/CodeGenerator.pm:
        (IsPromiseType):
        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToIncludesForIDLType):
        (GetBaseIDLType):
        Binding support for Promise<T> attributes.

        * bindings/js/JSDOMConvert.h:
        * bindings/js/JSDOMConvertPromise.h: Copied from Source/JavaScriptCore/runtime/JSPromise.h.
        (WebCore::Converter<IDLPromise<T>>::convert):
        (WebCore::JSConverter<IDLPromise<T>>::convert):
        Promise<T> binding conversion is currently unimplemented, which only means
        web developers creating their own PromiseRejectionEvent will not get
        autowrapping of values assigned to `promise` in event initialization.
        Engine generated events will have expected behavior.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::promiseRejectionTracker):
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        Implement HostPromiseRejectionTracker hook for Document but not Worker.
        Passes through to the ScriptExecutionContext's tracker.

        * bindings/js/JSMainThreadExecState.cpp:
        (WebCore::JSMainThreadExecState::didLeaveScriptContext):
        * bindings/js/JSMainThreadExecState.h:
        (WebCore::JSMainThreadExecState::~JSMainThreadExecState):
        When completing script execution and performing microtasks notify
        about rejected promises. Technically this should go inside of
        performing a microtask checkpoint, except lacking EventLoop
        concepts we use ScriptExecutionState.

        * dom/EventNames.h:
        * dom/EventNames.in:
        * dom/PromiseRejectionEvent.cpp: Added.
        (WebCore::PromiseRejectionEvent::PromiseRejectionEvent):
        (WebCore::PromiseRejectionEvent::~PromiseRejectionEvent):
        * dom/PromiseRejectionEvent.h: Added.
        * dom/PromiseRejectionEvent.idl: Added.
        New PromiseRejectionEvent event interface.

        * dom/GlobalEventHandlers.idl:
        New onunhandledrejection and onrejectionhandled.

        * dom/RejectedPromiseTracker.cpp: Added.
        (WebCore::RejectedPromise::RejectedPromise):
        (WebCore::RejectedPromise::globalObject):
        (WebCore::RejectedPromise::promise):
        (WebCore::UnhandledPromise::UnhandledPromise):
        (WebCore::UnhandledPromise::callStack):
        (WebCore::RejectedPromiseTracker::RejectedPromiseTracker):
        (WebCore::RejectedPromiseTracker::~RejectedPromiseTracker):
        (WebCore::createScriptCallStackFromReason):
        (WebCore::RejectedPromiseTracker::promiseRejected):
        (WebCore::RejectedPromiseTracker::promiseHandled):
        (WebCore::RejectedPromiseTracker::processQueueSoon):
        (WebCore::RejectedPromiseTracker::reportUnhandledRejections):
        (WebCore::RejectedPromiseTracker::reportRejectionHandled):
        * dom/RejectedPromiseTracker.h: Added.
        Track and report rejected promises. The promises are tracked weakly
        allowing them to be collected before they are reported. When reporting
        we dispatch PromiseRejectionEvent events, and if the default is not
        prevented we log a message to the console.

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::reportUnhandledPromiseRejection):
        (WebCore::ScriptExecutionContext::ensureRejectedPromiseTrackerSlow):
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::ensureRejectedPromiseTracker):
        Each ScriptExecutionContext can own a rejected promise tracker.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pauseInternal):
        https://html.spec.whatwg.org/multipage/embedded-content.html#internal-pause-steps
        Internal pause steps say to timeupdate, pause, and rejecting pending play promises
        should all happen in a queued task. Here the first two actions are already scheduled
        on tasks, but rejecting play promises was not being done in a task, so this makes
        that change.

        * Modules/streams/ReadableStream.js:
        (pipeThrough):
        * Modules/streams/ReadableStreamInternals.js:
        (readableStreamReaderGenericInitialize):
        (readableStreamError):
        (readableStreamReaderGenericRelease):
        Satisfy parts of the Streams specification which state to set the
        [[PromiseIsHandled]] internal state of promises created internally
        by the Streams APIs. This prevents some internal promises from
        appearing as unhandled promise rejections.

2017-04-27  Chris Dumez  <cdumez@apple.com>

        Align colspan/rowspan limits with the latest HTML specification
        https://bugs.webkit.org/show_bug.cgi?id=171322

        Reviewed by Darin Adler.

        Align colspan/rowspan limits with the latest HTML specification after:
        - https://github.com/whatwg/html/pull/1993

        The following changes were made:
        - Our rowspan limit was raised from 8190 to 65534
        - A colspan limit of 1000 was introduced. Blink has UseCounter data showing that
          colspans over 1000 are extremely rare and Gecko has data showing that when we
          get a colspan greater than 1000, it is usually a bug. Therefore, this change
          should be fine.
        - The limits are now properly reflected via the IDL attributes instead of lying
          to the Web about the colspan / rowspan we are using internally.

        Test: imported/w3c/web-platform-tests/html/semantics/tabular-data/processing-model-1/span-limits.html

        * html/HTMLTableCellElement.cpp:
        (WebCore::HTMLTableCellElement::colSpan):
        (WebCore::HTMLTableCellElement::rowSpan):
        (WebCore::HTMLTableCellElement::rowSpanForBindings):
        (WebCore::HTMLTableCellElement::setColSpan):
        * html/HTMLTableCellElement.h:
        * html/HTMLTableCellElement.idl:
        * html/parser/HTMLParserIdioms.cpp:
        (WebCore::parseHTMLIntegerInternal):
        (WebCore::parseHTMLInteger):
        (WebCore::parseHTMLNonNegativeInteger):
        (WebCore::parseValidHTMLNonNegativeIntegerInternal):
        (WebCore::parseHTTPRefreshInternal):
        * html/parser/HTMLParserIdioms.h:
        (WebCore::parseHTMLInteger):
        (WebCore::parseHTMLNonNegativeInteger):

        (WebCore::clampHTMLNonNegativeIntegerToRange):
        Add utility function to implement:
        - https://html.spec.whatwg.org/#clamped-to-the-range

2017-04-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        WKUIDelegatePrivate needs a hook to vend data used to initialize item providers for data interaction
        https://bugs.webkit.org/show_bug.cgi?id=171386
        <rdar://problem/31557237>

        Reviewed by Beth Dakin.

        Teach WebItemProviderPasteboard to remember what WebItemProviderRegistrationInfoList it was initialized with
        when beginning a drag. This information is cleared out the next time the list of item providers is set to
        something different, which happens when the data interaction session concludes.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard init]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard setItemsUsingRegistrationInfoLists:]):
        (-[WebItemProviderPasteboard registrationInfoAtIndex:]):
        (-[WebItemProviderPasteboard itemProviderAtIndex:]):

2017-04-27  Brady Eidson  <beidson@apple.com>

        Refactor SessionID to support multiple non-ephemeral (persistent) sessions.
        https://bugs.webkit.org/show_bug.cgi?id=171367

        Reviewed by Andy Estes.

        This is also a nice general cleanup of SessionID, including privatizing the "arbitrary number" constructor
        and moving encode/decode into the class.

        No new tests (Refactor, no behavior change yet).

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        
        * page/SessionID.cpp: Added.
        (WebCore::SessionID::generatePersistentSessionID):
        (WebCore::SessionID::generateEphemeralSessionID):
        (WebCore::SessionID::enableGenerationProtection):
        
        * page/SessionID.h:
        (WebCore::SessionID::SessionID):
        (WebCore::SessionID::emptySessionID):
        (WebCore::SessionID::hashTableDeletedValue):
        (WebCore::SessionID::defaultSessionID):
        (WebCore::SessionID::legacyPrivateSessionID):
        (WebCore::SessionID::isValid):
        (WebCore::SessionID::isEphemeral):
        (WebCore::SessionID::encode):
        (WebCore::SessionID::decode):
        (WTF::HashTraits<WebCore::SessionID>::constructDeletedValue):
        (WTF::HashTraits<WebCore::SessionID>::isDeletedValue):

2017-04-27  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Attempt to fix a PLT regression on Mac
        <rdar://problem/31826998>

        Unreviewed.

        Disable passing the TypeIdentifierHint to CGImageSourceCreateIncremental()
        on Mac for now.

        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::ImageDecoder):

2017-04-27  Daniel Bates  <dabates@apple.com>

        Rename callerDOMWindow()/CallerDocument to incumbentDOMWindow()/IncumbentDocument
        https://bugs.webkit.org/show_bug.cgi?id=171145

        Reviewed by Saam Barati.

        Standardize on the terminology "incumbent" to refer to "most-recently-entered author
        function or script on the stack, or the author function or script that originally
        scheduled the currently-running callback" (1).

        [1] <https://html.spec.whatwg.org/multipage/webappapis.html#realms-settings-objects-global-objects> (27 April 2017)

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::incumbentDOMWindow):
        (WebCore::callerDOMWindow): Deleted.
        * bindings/js/JSDOMWindowBase.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateCallWith):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionWithCallerDocumentArgumentCaller):
        (WebCore::jsTestObjPrototypeFunctionWithCallerWindowArgumentCaller):
        * bindings/scripts/test/TestObj.idl:
        * page/DOMWindow.idl:

2017-04-27  Youenn Fablet  <youenn@apple.com>

        LayoutTest webrtc/datachannel/datachannel-event.html is a flaky crash
        https://bugs.webkit.org/show_bug.cgi?id=171092
        <rdar://problem/31748066>

        Reviewed by Eric Carlson.

        Covered by manual testing on iterating on the crashing tests.
        With the patch, they appear to no longer crash.

        The current RTCPeerConnection/RTCController was expecting that peer connections would be stopped before the controller.
        This assumption is sometimes wrong.
        Adding clean-up on both sides so that if controller goes away, it notifies its peer connections that they are unregistered.

        * Modules/mediastream/RTCController.cpp:
        (WebCore::RTCController::~RTCController):
        * Modules/mediastream/RTCController.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::create):
        (WebCore::RTCPeerConnection::~RTCPeerConnection):
        (WebCore::RTCPeerConnection::doStop):
        (WebCore::RTCPeerConnection::registerToController):
        (WebCore::RTCPeerConnection::unregisterFromController):
        (WebCore::RTCPeerConnection::rtcController): Deleted.
        * Modules/mediastream/RTCPeerConnection.h:

2017-04-27  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r213764): Async decoding of animated images is disabled for ImageDocument
        https://bugs.webkit.org/show_bug.cgi?id=170333

        Reviewed by Simon Fraser.

        The way the image drawing settings are transfered from the Settings to
        BitmapImage is problematic. The drawing settings are retrieved from the
        CachedImageObserver which store them in the constructor only if the
        CachedImage as a loader. In the case of ImageDocument, there isn't loader
        set in CachedImage so the settings of ImageDocument are not set. Also
        the CachedImage can be used after loading by another document which may
        have a different drawing settings.

        The fix is to make BitmapImage reads the drawing settings every time it 
        is drawn as a foreground or background image in a RenderElement.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawImage):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::CachedImageObserver::CachedImageObserver):
        * loader/cache/CachedImage.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::setDrawingSettings):
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::shouldUseAsyncDecodingForLargeImages): I was
        trying to disable the async image decoding temporarily but this way will
        even prevent testing it until it is enabled. Disable it through WK1 and
        WK2 preferences.
        (WebCore::BitmapImage::shouldUseAsyncDecodingForAnimatedImages):
        (WebCore::BitmapImage::advanceAnimation):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/ImageObserver.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect):

2017-04-27  Wenson Hsieh  <wenson_hsieh@apple.com>

        Performing data interaction with plain text into a contenteditable does not insert any content
        https://bugs.webkit.org/show_bug.cgi?id=171381

        Reviewed by Tim Horton.

        Attempt to read plain-text-conformant UTI types as kUTTypePlainText before reading them as kUTTypeText.
        This allows WebItemProviderPasteboard to properly materialize an NSString in -valuesForPasteboardType:
        inItemSet: using a pre-loaded NSData blob.

        This scenario is covered by DataInteractionTests.ExternalSourceUTF8PlainTextOnly, but DataInteractionTests
        are temporarily disabled due to incompatibilities with the current internal SDK.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::readPasteboardWebContentDataForType):

2017-04-27  Chris Dumez  <cdumez@apple.com>

        Element.getBoundingClientRect() / getClientRects() should return a DOMRect types
        https://bugs.webkit.org/show_bug.cgi?id=171226

        Reviewed by Simon Fraser.

        Element.getBoundingClientRect() / getClientRects() should return a DOMRect types
        as per:
        - https://drafts.csswg.org/cssom-view/#extension-to-the-element-interface

        DOMRect is compatible with ClientRect, which we used to return so the risk should
        be low.

        Tests: fast/css/DOMRect-attributes-prototype.html
               fast/css/DOMRect-serialization.html
               fast/dom/Element/getClientRects-return-type.html

        * dom/ClientRectList.cpp:
        (WebCore::ClientRectList::ClientRectList):
        * dom/ClientRectList.h:
        (WebCore::ClientRectList::create):
        * dom/DOMRect.h:
        (WebCore::DOMRect::create):
        * dom/DOMRectReadOnly.h:
        * dom/Element.cpp:
        (WebCore::toDOMRectVector):
        (WebCore::Element::getClientRects):
        (WebCore::Element::getBoundingClientRect):
        * dom/Element.h:
        * dom/Element.idl:
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::displayLastTextTrackCueBox):

2017-04-27  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Expose elements with the ARIA "feed" role
        https://bugs.webkit.org/show_bug.cgi?id=171184

        Reviewed by Chris Fleizach.

        Map elements with the "feed" role to the internal ApplicationGroupRole
        AccessibilityRole. This prevents them from being unexpectedly pruned from
        the accessibility tree, and causes them to be exposed with ATK_ROLE_PANEL
        in WebKitGtk and AXGroup in Safari.

        No new tests needed. Instead, add the "feed" role to roles-exposed.html,
        xml-roles-exposed.html, and roles-computedRoleString.html.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::initializeRoleMap):

2017-04-27  Brady Eidson  <beidson@apple.com>

        Update NetworkStorageSession to support multiple persistent sessions and explicitly set cookie storages.
        https://bugs.webkit.org/show_bug.cgi?id=171365

        Reviewed by Andy Estes.

        No new tests (No testable behavior change yet).

        * platform/network/NetworkStorageSession.cpp:
        (WebCore::NetworkStorageSession::destroySession):
        * platform/network/NetworkStorageSession.h:
        
        * platform/network/NetworkStorageSessionStub.cpp:
        (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession):
        (WebCore::NetworkStorageSession::ensureSession):
        
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::createCFStorageSessionForIdentifier):
        (WebCore::NetworkStorageSession::NetworkStorageSession):
        (WebCore::NetworkStorageSession::switchToNewTestingSession):
        (WebCore::NetworkStorageSession::defaultStorageSession):
        (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession):
        (WebCore::NetworkStorageSession::ensureSession):
        (WebCore::NetworkStorageSession::cookieStorage):
        
        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::ensureSession):
        
        * platform/spi/cf/CFNetworkSPI.h:

2017-04-27  Zalan Bujtas  <zalan@apple.com>

        Use text-shadow to visualize simple line layout coverage.
        https://bugs.webkit.org/show_bug.cgi?id=171379

        Reviewed by Antti Koivisto.

        It's more subtle (for everyday use).

        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        (WebCore::SimpleLineLayout::paintDebugBorders): Deleted.

2017-04-27  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] ARIA alertdialogs should be exposed with ROLE_DIALOG
        https://bugs.webkit.org/show_bug.cgi?id=171187

        Reviewed by Chris Fleizach.

        Map ApplicationAlertDialogRole to ATK_ROLE_DIALOG. While ATK_ROLE_ALERT is
        appropriate as far as ATK is concerned, the Core Accessibility API Mappings
        map ARIA's alertdialog role to ATK_ROLE_DIALOG. We should be consistent
        with the spec. The fact that this is an alert dialog can still be obtained
        via the AtkObject attributes.

        No new tests needed. Update the expectations for roles-exposed.html,
        xml-roles-exposed.html, and aria-mappings.html to reflect the change.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2017-04-27  Antti Koivisto  <antti@apple.com>

        Repeated layouts in Mail due to viewport units being used with auto-sizing
        https://bugs.webkit.org/show_bug.cgi?id=171371
        <rdar://problem/28780084>

        Reviewed by Zalan Bujtas.

        Test: css3/viewport-percentage-lengths/vh-auto-size.html

        Auto-sizing code would adjust the size of the view in the beginning of layout(). This would
        end up invalidating style for elements that use vh units and we would perform main layout
        with unclean style. This would result in endless layout loops and hit assert on debug.

        * page/FrameView.cpp:
        (WebCore::FrameView::availableContentSizeChanged):

            Ensure we heve clean style after resize if we are in pre-layout.

2017-04-27  Alex Christensen  <achristensen@webkit.org>

        Modernize Frame.h
        https://bugs.webkit.org/show_bug.cgi?id=171357

        Reviewed by Andy Estes.

        Frame.h has several std::unique_ptrs that are created in the constructor, never null,
        and destroyed in the destructor.  This is what WTF::UniqueRef is for, and using UniqueRef
        allows us to not check for null values because a UniqueRef can never be null.
        An interesting case was the EventHandler, which we explicitly set to nullptr in the destructor
        of MainFrame, a subclass of Frame.  We added this in r199181 to fix a crash tested by
        fast/events/wheel-event-destroys-frame.html and this improved lifetime also does not crash
        or assert in that test.

        Using UniqueRef also requires const correctness, which this patch adds when necessary.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::dispatchTouchEvent):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::calculateTypingStyleAfterDelete):
        * editing/Editor.cpp:
        (WebCore::Editor::isSelectTrailingWhitespaceEnabled):
        (WebCore::Editor::computeAndSetTypingStyle):
        * editing/Editor.h:
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::contains):
        (WebCore::FrameSelection::copyTypingStyle):
        * editing/FrameSelection.h:
        (WebCore::FrameSelection::setTypingStyle):
        * loader/EmptyClients.cpp:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        * page/EditorClient.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::hitTestResultAtPoint):
        * page/EventHandler.h:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::setView):
        (WebCore::Frame::injectUserScripts):
        * page/Frame.h:
        (WebCore::Frame::editor):
        (WebCore::Frame::eventHandler):
        (WebCore::Frame::selection):
        (WebCore::Frame::animation):
        (WebCore::Frame::script):
        (WebCore::Frame::eventHandlerPtr): Deleted.
        * page/MainFrame.cpp:
        (WebCore::MainFrame::~MainFrame):
        * replay/UserInputBridge.cpp:
        (WebCore::UserInputBridge::handleContextMenuEvent):
        * replay/UserInputBridge.h:

2017-04-27  Andy Estes  <aestes@apple.com>

        Fix the macOS build.

        * platform/mac/WebPlaybackControlsManager.h:

2017-04-27  Zalan Bujtas  <zalan@apple.com>

        Text gets cut off when bailing out of simple line layout with widows.
        https://bugs.webkit.org/show_bug.cgi?id=171370
        <rdar://problem/31563414>

        Reviewed by Antti Koivisto.

        Normal line layout requires an extra layout to handle widows. See RenderBlockFlow::relayoutToAvoidWidows. 

        Test: fast/multicol/simple-line-layout-widows-when-switching-over-to-normal-line-layout.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::ensureLineBoxes):

2017-04-27  Dean Jackson  <dino@apple.com>

        Use the correct modern-media-controls
        https://bugs.webkit.org/show_bug.cgi?id=171358

        Reviewed by Antoine Quint.

        * WebCore.xcodeproj/project.pbxproj:

2017-04-26  Dan Bernstein  <mitz@apple.com>

        Reverted r215774.

        That change wasn’t doing what it was intended to do and was inappropriate for WebCore.

        * WebCore.xcodeproj/project.pbxproj:

2017-04-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Attempt to fix a PLT regression.
        <rdar://problem/31826998>

        Unreviewed.

        Disable passing the TypeIdentifierHint to CGImageSourceCreateIncremental()
        on iOS for now.

        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::ImageDecoder):

2017-04-26  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] ARIA buttons which have a popup should be ATK_ROLE_PUSH_BUTTON; not ATK_ROLE_COMBO_BOX
        https://bugs.webkit.org/show_bug.cgi?id=171182

        Reviewed by Chris Fleizach.

        Test: accessibility/gtk/button-with-aria-haspopup-is-not-a-combobox.html

        WebCore Accessibility assigns PopUpButtonRole to collapsed select elements,
        which the ATK code correctly maps to ATK_ROLE_COMBO_BOX. It turns out that
        WebCore Accessibility also maps the ARIA button role to PopUpButtonRole if
        it also has aria-haspopup. Add a check to atkRole() so that the latter case
        is mapped to ATK_ROLE_PUSH_BUTTON.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2017-04-26  Tim Horton  <timothy_horton@apple.com>

        Should not drag x-apple-data-detectors links
        https://bugs.webkit.org/show_bug.cgi?id=171352
        <rdar://problem/31309081>

        Reviewed by Beth Dakin.

        Test: fast/events/do-not-drag-and-drop-data-detectors-link.html

        These links are only meaningful in the context of the original document,
        so they should not be draggable.

        * editing/cocoa/DataDetection.h:
        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::dataDetectorURLProtocol):
        (WebCore::DataDetection::isDataDetectorURL):
        * page/DragController.cpp:
        (WebCore::isDraggableLink):
        Disallow dragging of <a href="x-apple-data-detectors://..."> links.

2017-04-26  Tim Horton  <timothy_horton@apple.com>

        Revert accidentally smushed commit.

        * editing/cocoa/DataDetection.h:
        * editing/cocoa/DataDetection.mm:
        (WebCore::DataDetection::dataDetectorURLProtocol): Deleted.
        (WebCore::DataDetection::isDataDetectorURL): Deleted.
        * page/DragController.cpp:
        (WebCore::isDraggableLink):
        * platform/mac/DragImageMac.mm:
        (WebCore::createDragImageForLink):

2017-04-26  Alex Christensen  <achristensen@webkit.org>

        REGRESSION (r215686): ASSERTION FAILED: data seen with webarchive/loading tests
        https://bugs.webkit.org/show_bug.cgi?id=171340

        Reviewed by Brady Eidson.

        This fixes a flaky assertion in webarchive/loading/missing-data.html

        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::append):
        If there's no CFDataRef, there's no need to append data.
        This happens sometimes.

2017-04-26  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215814.

        The LayoutTest for this change is failing on ios-simulator and
        is flaky on macOS.

        Reverted changeset:

        "Response.blob() does not set the content-type based on the
        header value."
        https://bugs.webkit.org/show_bug.cgi?id=170849
        http://trac.webkit.org/changeset/215814

2017-04-26  Wenson Hsieh  <wenson_hsieh@apple.com>

        WebItemProviderPasteboard should not synchronously load provided data
        https://bugs.webkit.org/show_bug.cgi?id=171341
        <rdar://problem/31614010>

        Reviewed by Tim Horton.

        Refactors WebItemProviderPasteboard to not require asynchronously loading item provider data. To accomplish this,
        we ensure that before performing data interaction, the UTI type that the data operation target should consume is
        propagated to the UI process prior to the web process receiving the signal from the UI process to begin the
        data operation itself. This information is sent via WebPlatformStrategies::updatePreferredTypeIdentifiers, a new
        pasteboard helper function.

        * page/DragController.cpp:
        (WebCore::DragController::DragController):
        (WebCore::dragIsHandledByDocument):
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::dragEnteredOrUpdated):
        (WebCore::DragController::updatePreferredTypeIdentifiersForDragHandlingMethod):
        (WebCore::DragController::tryDocumentDrag):

        Give DragHandlingMethod a richer representation of what type of action will be performed. DragController::
        updatePreferredTypeIdentifiersForDragHandlingMethod uses this to determine what kinds of UTIs are acceptable for
        the current drop session.

        * page/DragController.h:
        (WebCore::DragController::documentIsHandlingNonDefaultDrag):
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::updatePreferredTypeIdentifiersForDragHandlingMethod):

        Updates the data interaction pasteboard's list of preferred type identifiers it should load upon data operation.

        * platform/DragData.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::updatePreferredTypeIdentifiers):
        * platform/ios/WebItemProviderPasteboard.mm:

        Introduce _preferredTypeIdentifiers, which -doAfterLoadingProvidedContentIntoFileURLs: uses as a hint when
        determining which UTI to load for an item provider. In the absence of preferred type identifiers, the default
        behavior is to use the highest fidelity type adhering to "public.content".

        (-[WebItemProviderPasteboard init]):
        (-[WebItemProviderPasteboard updatePreferredTypeIdentifiers:]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard dataForPasteboardType:inItemSet:]):
        (-[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:]):

        Remove calls to -createObjectOfClass: and -copyDataRepresentation:. Instead, rely solely on the loaded file URL
        to read and initialize data and objects from the pasteboard.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):
        (-[WebItemProviderPasteboard _tryToCreateObjectOfClass:usingProvider:]): Deleted.
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::updatePreferredTypeIdentifiers):

2017-04-26  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Elements with a defined, non-false value for aria-current should expose ATK_STATE_ACTIVE
        https://bugs.webkit.org/show_bug.cgi?id=171163

        Reviewed by Chris Fleizach.

        Add ATK_STATE_ACTIVE to the state set of elements which have a valid, non-false
        value for aria-current, expose the value of via the "current" AtkObject attribute,
        and emit state-change notifications when the value of aria-current changes from
        non-false to false, or vice versa.

        Tests: accessibility/gtk/aria-current-changed-notification.html
               accessibility/gtk/aria-current.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::handleAttributeChanged):
        * accessibility/AXObjectCache.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIACurrent):
        (WebCore::AccessibilityObject::ariaCurrentValue):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::postPlatformNotification):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):
        (setAtkStateSetFromCoreObject):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]): Moved code returning
        string value for aria-current into AccessibilityObject:ariaCurrentValue().

2017-04-26  Wenson Hsieh  <wenson_hsieh@apple.com>

        WebItemProviderPasteboard should fetch preloaded assets from disk when possible
        https://bugs.webkit.org/show_bug.cgi?id=171320
        <rdar://problem/31614010>

        Reviewed by Tim Horton.

        Adds a mechanism to WebItemProviderPasteboard to remember the temporary file URLs of assets it has loaded using
        doAfterLoadingProvidedContentIntoFileURLs:. When retrieving data from the pasteboard, we then see if we can
        first fetch serialized data straight from disk instead of having to go through the item provider in both
        -dataForPasteboardType:inItemSet: and -valuesForPasteboardType:inItemSet:.

        See below annotations for more detail.

        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::filenamesForDataInteraction):
        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:

        Introduces _typeToFileURLMaps, an array of dictionaries. A dictionary at the ith index of this array represents
        a mapping of UTIs to loaded temo file URLs for the ith UIItemProvider in the _itemProviders array. Before data
        interaction is performed, all entries in this array will be empty.

        (-[WebItemProviderPasteboard init]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard _preLoadedDataConformingToType:forItemProviderAtIndex:]):
        (-[WebItemProviderPasteboard dataForPasteboardType:inItemSet:]):
        (-[WebItemProviderPasteboard valuesForPasteboardType:inItemSet:]):

        Consult any loaded assets on disk before hitting UIItemProviders via the new
        -_preLoadedDataConformingToType:forItemProviderAtIndex: helper method.

        (-[WebItemProviderPasteboard _tryToCreateObjectOfClass:usingProvider:]):
        (-[WebItemProviderPasteboard fileURLsForDataInteraction]):

        Traverse _typeToFileURLMaps to collect all file URLs.

        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):

        Refactored to populate and set _typeToFileURLMaps when loading completes, rather than an array of file URLs.

        (-[WebItemProviderPasteboard _tryToCreateAndAppendObjectOfClass:toArray:usingProvider:]): Deleted.
        (-[WebItemProviderPasteboard filenamesForDataInteraction]): Deleted.

        Correct an erroneously named method (replaces filenames with fileURLs).

2017-04-26  Youenn Fablet  <youenn@apple.com>

        LayoutTest webrtc/datachannel/basic.html is a flaky crash
        https://bugs.webkit.org/show_bug.cgi?id=170154
        <rdar://problem/31288423>

        Reviewed by Geoffrey Garen.

        Before the patch, we are setting the channel handler client to null and then unregistering from observer to
        libwebrtc data channel. Since this happens in two different threads, there might be a timing issue.

        Removing this risk by first unregistering (done synchronously on the other thread), before setting client to null.
        Made some clean-up related refactoring.

        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::create):
        (WebCore::RTCDataChannel::close):
        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
        (WebCore::LibWebRTCDataChannelHandler::setClient):
        (WebCore::LibWebRTCDataChannelHandler::close):
        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.h:
        * platform/mediastream/RTCDataChannelHandler.h:
        * platform/mock/RTCDataChannelHandlerMock.cpp:
        (WebCore::RTCDataChannelHandlerMock::setClient):
        * platform/mock/RTCDataChannelHandlerMock.h:

2017-04-26  Alex Christensen  <achristensen@webkit.org>

        Make user script injection more robust
        https://bugs.webkit.org/show_bug.cgi?id=171339
        <rdar://problem/30643691>

        Reviewed by Geoffrey Garen.

        * loader/EmptyClients.cpp:
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScripts):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::forEachUserScript):
        (WebCore::UserContentController::forEachUserStyleSheet):
        (WebCore::UserContentController::forEachUserMessageHandler):
        * page/UserContentController.h:
        * page/UserContentProvider.h:

2017-04-26  Zalan Bujtas  <zalan@apple.com>

        RTL: recent searches popover is displayed in incorrect location
        https://bugs.webkit.org/show_bug.cgi?id=171338
        <rdar://problem/31377807>

        Reviewed by Dean Jackson.

        Compute the absolute coordinates for the popup the same way we do for the select dropdown.

        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::showPopup):

2017-04-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Restrict WebKit image formats to a known whitelist
        https://bugs.webkit.org/show_bug.cgi?id=170700

        Reviewed by Tim Horton.

        If the image format is not supported, the load should be canceled and the
        image is marked a broken image.

        Test: fast/images/image-formats-support.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer):
        (WebCore::CachedImage::setImageDataBuffer):
        (WebCore::CachedImage::finishLoading):
        * loader/cache/CachedImage.h:

2017-04-26  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Implement support for new ARIA 1.1 values of aria-haspopup
        https://bugs.webkit.org/show_bug.cgi?id=171164

        Reviewed by Chris Fleizach.

        In ARIA 1.1, aria-haspopup's value type changed from true/false to a token.
        Values: true, false (default, unless it's a combobox), dialog, grid, listbox
        (default for combobox), menu, and tree. Any value of aria-haspopup that is
        not included in the list of allowed values, including an empty string, must
        be treated as if the value false had been provided.

        Add AccessibilityObject::ariaPopupValue() to validate the value, handle implicit
        values, and give platform assistive technologies a means to access that value.

        If there is a valid, non-false value of aria-haspopup, include ATK_STATE_HAS_POPUP
        in the AtkStateSet. Lastly, expose the value (rather than true/false) via the "haspop"
        AtkObject attribute.

        Test: accessibility/gtk/aria-haspopup.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::ariaPopupValue):
        (WebCore::AccessibilityObject::supportsARIAHasPopup):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::ariaHasPopup):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):
        (setAtkStateSetFromCoreObject):

2017-04-26  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build.

        * PlatformMac.cmake:

2017-04-26  Antti Koivisto  <antti@apple.com>

        Enable expired-only reload policy on Mac and iOS
        https://bugs.webkit.org/show_bug.cgi?id=171264
        <rdar://problem/31807637>

        Reviewed by Andreas Kling.

        Limit the behavior to http and data URLs (where we explicitly know about expiration).

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy):

            Pass the URL so we can test for protocol.

        * loader/FrameLoader.h:
        * loader/NavigationAction.cpp:
        (WebCore::navigationType):

            Test for reload navigation type correctly.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        (WebCore::CachedResourceLoader::cachePolicy):
        * loader/cache/CachedResourceLoader.h:

2017-04-26  WebKit Contributor  <webkitcontrib@gmail.com>

        Response.blob() does not set the content-type based on the header value.
        https://bugs.webkit.org/show_bug.cgi?id=170849

        Reviewed by Alex Christensen.

        The Fetch API specification requires setting the blob contentType
        using the Content-Type header value, if present.  Previously the
        FetchResponse class only called updateContentType() when first
        created even though all the headers were not available.  Call
        updateContentType() again after the headers are populated.

        This change allows WebKit to pass the "Consume response's body: from
        fetch to blob" case in the WPT response-consume.html test.

        Test: http://w3c-test.org/fetch/api/response/response-consume.html

        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::BodyLoader::didReceiveResponse): Modified to
        call FetchBodyOwner::updateContentType() after filling m_headers.

2017-04-26  Andy Estes  <aestes@apple.com>

        Try to fix the macOS Sierra build.

        * platform/mac/WebVideoFullscreenInterfaceMac.mm:

2017-04-26  Andy Estes  <aestes@apple.com>

        [macOS] Add picture-in-picture support to WebPlaybackControlsManager
        https://bugs.webkit.org/show_bug.cgi?id=171328
        <rdar://problem/29875010>

        Reviewed by Jer Noble.

        * platform/cocoa/WebPlaybackSessionModel.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::togglePictureInPicture): If the media element
        is currently in PiP fullscreen mode, exit fullscreen. Otherwise, enter PiP fullscreen mode.
        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager canTogglePictureInPicture]): Added. Returns YES if
        -allowsPictureInPicturePlayback returns YES.
        (-[WebPlaybackControlsManager togglePictureInPicture]): Added. Calls
        WebPlaybackSessionModel::togglePictureInPicture().
        * platform/mac/WebVideoFullscreenInterfaceMac.mm:
        (WebCore::WebVideoFullscreenInterfaceMac::enterFullscreen): Added a call to
        -[WebPlaybackControlsManager setPictureInPictureActive:YES].
        (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreen): Added a call to
        -[WebPlaybackControlsManager setPictureInPictureActive:NO].
        (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreenWithoutAnimationToMode): Ditto.
        * platform/spi/cocoa/AVKitSPI.h: Declared new SPI on AVTouchBarPlaybackControlsControlling.

2017-04-25  Dean Jackson  <dino@apple.com>

        [Color] Make gradients work with ExtendedColors
        https://bugs.webkit.org/show_bug.cgi?id=171315
        <rdar://problems/31830177>

        Reviewed by Antoine Quint.

        Allow gradients to hold Color objects, and thus
        handle ExtendedColor. Implement the backend for
        CoreGraphics.

        Test: css3/color/gradients.html

        * platform/graphics/Gradient.cpp:
        (WebCore::Gradient::addColorStop): Just copy the Color now.
        (WebCore::compareStops): Handle rename of stop to offset.
        (WebCore::Gradient::hasAlpha): Use Color's helper.
        * platform/graphics/Gradient.h:
        (WebCore::Gradient::ColorStop::ColorStop): Rename stop
        to offset, and store a Color rather than four floating
        point values.
        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::Gradient::platformGradient):
        * platform/graphics/cg/GradientCG.cpp:
        (WebCore::Gradient::platformGradient): Use the CG method
        that can handle CGColorRefs with ColorSpace values, and
        pass the Extended sRGB space which should be no change for
        all existing gradients but also handle ColorSpaces like
        Display P3.
        * platform/graphics/win/GradientDirect2D.cpp:
        (WebCore::Gradient::generateGradient):
        * svg/SVGGradientElement.cpp:
        (WebCore::SVGGradientElement::buildStops):

2017-04-25  Alex Christensen  <achristensen@webkit.org>

        Encoded filename should be decoded for WKContentExtension.identifier
        https://bugs.webkit.org/show_bug.cgi?id=171316

        Reviewed by Andy Estes.

        * platform/FileSystem.h:

2017-04-26  Frederic Wang  <fwang@igalia.com>

        Fix typo in RenderFrameBase
        https://bugs.webkit.org/show_bug.cgi?id=171324

        Reviewed by Zalan Bujtas.

        No new tests, behavior unchanged.

        * rendering/RenderFrameBase.cpp:
        (WebCore::RenderFrameBase::layoutWithFlattening):
        (WebCore::RenderFrameBase::performLayoutWithFlattening):
        (WebCore::RenderFrameBase::peformLayoutWithFlattening): Deleted.
        * rendering/RenderFrameBase.h:

2017-04-26  Zalan Bujtas  <zalan@apple.com>

        Forced page break on :after triggers infinite loop in column balancing
        https://bugs.webkit.org/show_bug.cgi?id=171309
        rdar://problem/26285884

        Reviewed by David Hyatt.

        Stop trying to balance the columns when the forced page breaks >= the number of
        columns even when this number is 1. Content will always overflow to the next page.
        see https://chromium.googlesource.com/chromium/src/+/fbbebf38cefb2712c912581eccb046ef363ec84e%5E%21/#F2 

        Test: fast/multicol/infinite-loop-when-forced-break.html

        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::calculateBalancedHeight):

2017-04-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Attempt to fix a JetStream regression.
        <rdar://problem/31742414>

        Unreviewed.

        Disable async decoding for large images till the flickering bug wk170640
        is fixed.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::shouldUseAsyncDecodingForLargeImages):

2017-04-26  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215767.

        The LayoutTest for this change is a flaky failure.

        Reverted changeset:

        "Restrict WebKit image formats to a known whitelist"
        https://bugs.webkit.org/show_bug.cgi?id=170700
        http://trac.webkit.org/changeset/215767

2017-04-26  Dave Hyatt  <hyatt@apple.com>

        Improve wavy underline rendering
        https://bugs.webkit.org/show_bug.cgi?id=171281

        Reviewed by Sam Weinig.

        Change wavy underline rendering to use font size instead of stroke
        thickness as a way to tune it. Cut the extra offset from 2 to 1.
        Change the parameters to make the line flatter and to make the proportion
        of the wave that renders underneath a glyph the same.

        * rendering/TextDecorationPainter.cpp:
        (WebCore::strokeWavyTextDecoration):
        (WebCore::TextDecorationPainter::paintTextDecoration):
        * style/InlineTextBoxStyle.cpp:
        (WebCore::getWavyStrokeParameters):
        (WebCore::visualOverflowForDecorations):
        * style/InlineTextBoxStyle.h:
        (WebCore::wavyOffsetFromDecoration):

2017-04-24  Sergio Villar Senin  <svillar@igalia.com>

        [css-grid] Remove most of the usage of SizingOperation
        https://bugs.webkit.org/show_bug.cgi?id=171225

        Reviewed by Darin Adler.

        SizingOperation was added as a way to modify the behaviour of the track sizing algorithm
        with the specifics for intrinsic size computations. The problem is that although intrinsic
        size computation does imply indefinite sizes, the opposite is not always true. For example,
        a grid container with height:auto would compute the row sizes with an indefinite size but is
        not part of the intrinsic size (preferred widths) computation.

        That's why it was wrongly used in some parts of the current code, in most of the cases is
        more than enough to check whether the available space is indefinite or not. In order to do
        that we have to keep both available sizes (height & width) around all the time to properly
        support orthogonal flows.

        This change does not imply any change in behaviour.

        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::GridTrackSizingAlgorithm::setAvailableSpace):
        (WebCore::GridTrackSizingAlgorithm::computeTrackBasedSize):
        (WebCore::GridTrackSizingAlgorithm::initialBaseSize):
        (WebCore::GridTrackSizingAlgorithm::initialGrowthLimit):
        (WebCore::GridTrackSizingAlgorithm::sizeTrackToFitNonSpanningItem):
        (WebCore::GridTrackSizingAlgorithm::increaseSizesToAccommodateSpanningItems):
        (WebCore::GridTrackSizingAlgorithm::assumedRowsSizeForOrthogonalChild):
        (WebCore::GridTrackSizingAlgorithm::gridAreaBreadthForChild):
        (WebCore::GridTrackSizingAlgorithm::gridTrackSize):
        (WebCore::IndefiniteSizeStrategy::findUsedFlexFraction):
        (WebCore::IndefiniteSizeStrategy::recomputeUsedFlexFractionIfNeeded):
        (WebCore::GridTrackSizingAlgorithm::initializeTrackSizes):
        (WebCore::GridTrackSizingAlgorithm::setup):
        (WebCore::GridTrackSizingAlgorithm::reset):
        * rendering/GridTrackSizingAlgorithm.h:
        (WebCore::GridTrackSizingAlgorithmStrategy::availableSpace):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::availableSpaceForGutters):
        (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
        (WebCore::RenderGrid::computeTrackSizesForDefiniteSize):
        (WebCore::RenderGrid::layoutBlock):
        (WebCore::RenderGrid::gridGap):
        (WebCore::RenderGrid::guttersSize):
        (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
        (WebCore::RenderGrid::computeTrackSizesForIndefiniteSize):
        (WebCore::RenderGrid::computeAutoRepeatTracksCount):
        (WebCore::RenderGrid::placeItemsOnGrid):
        (WebCore::RenderGrid::trackSizesForComputedStyle):
        (WebCore::RenderGrid::applyStretchAlignmentToTracksIfNeeded):
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
        (WebCore::RenderGrid::populateGridPositionsForDirection):
        (WebCore::RenderGrid::columnAxisOffsetForChild):
        (WebCore::RenderGrid::rowAxisOffsetForChild):
        (WebCore::RenderGrid::gridGapForDirection): Deleted.
        * rendering/RenderGrid.h:

2017-04-26  Frederic Wang  <fwang@igalia.com>

        Remove Document::*FrameElementsShouldIgnoreScrolling
        https://bugs.webkit.org/show_bug.cgi?id=171271

        Reviewed by Chris Dumez.

        setFrameElementsShouldIgnoreScrolling and frameElementsShouldIgnoreScrolling were
        introduced bug 23072 in order to work around a bug in the Dictionary application.
        However, this was removed in bug 132095 and hence the functions are no longer necessary.

        No new tests.

        * dom/Document.h:
        (WebCore::Document::setFrameElementsShouldIgnoreScrolling): Deleted.
        (WebCore::Document::frameElementsShouldIgnoreScrolling): Deleted.
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::parseAttribute):

2017-04-26  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] CryptoKeyRSA: implement create(), keySizeInBits(), buildAlgorithm(), exportData()
        https://bugs.webkit.org/show_bug.cgi?id=171213

        Reviewed by Michael Catanzaro.

        CryptoKeyRSA::create() validates the specified key type along with the
        provided data. If everything is OK, it then proceeds to build the key
        of the appropriate type through an s-expression that is constructed with
        the necessary data. We don't currently support creating private keys
        with any additional prime information (apart from p and q).

        CryptoKeyRSA::keySizeInBits() calls the helper getRSAModulusLength()
        function that find the modulus MPI in the key s-expression and returns
        the modulus data length in bits.

        CryptoKeyRSA::buildAlgorithm() returns KeyAlgorithm that's constructed
        from the appropriate name, this key's modulus length, and this key's
        public exponent data. It also specifies the hash if there is such a
        restriction for this key.

        CryptoKeyRSA::exportData() returns a properly-constructed
        CryptoKeyDataRSAComponents object. The public modulus and exponent are
        used in case the key is public. If the key is private, the secret
        exponent and the p and q prime numbers are retrieved in MPI format.
        They're then used to calculate the dp, dq and qi parameters that are
        exported in the JWK format. Note that libgcrypt internally switches
        the p and q prime numbers such that p < q, but the Web Crypto
        specification and the dependant RFCs expect that q < p. We address
        this by simply switching the roles of the two primes and follow the
        usual q < p assumption when exporting the primes and computing the
        dependant exponents and coefficients.

        No new tests -- existing ones cover this but don't work yet due to missing
        RSA-related CryptoAlgorithm implementations.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::getRSAModulusLength):
        (WebCore::getParameterMPIData):
        (WebCore::getRSAKeyParameter):
        (WebCore::CryptoKeyRSA::create):
        (WebCore::CryptoKeyRSA::keySizeInBits):
        (WebCore::CryptoKeyRSA::buildAlgorithm):
        (WebCore::CryptoKeyRSA::exportData):

2017-04-25  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Enhance ways to convert an ECDSA signature binary into DER format
        https://bugs.webkit.org/show_bug.cgi?id=171287
        <rdar://problem/31735332>

        Reviewed by Brent Fulgham.

        Covered by existing tests.

        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
        (WebCore::verifyECDSA):

2017-04-25  Brent Fulgham  <bfulgham@apple.com>

        Relax the event firing ASSERT for Attr changes
        https://bugs.webkit.org/show_bug.cgi?id=171236
        <rdar://problem/30516349>

        Reviewed by Dean Jackson.

        The assertions added in Bug 167318 were overly strict, and trigger for valid behavior.
        Relax the assertion preventing event dispatch for the case of Attr elements at the
        end of childrenChanged.

        Test: fast/dom/HTMLLinkElement/event-while-removing-attribute.html

        * dom/Attr.cpp:
        (WebCore::Attr::childrenChanged):

2017-04-25  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Introduce shorter time-to-live for cookie partition whitelisting
        https://bugs.webkit.org/show_bug.cgi?id=171295
        <rdar://problem/31823818>

        Reviewed by Brent Fulgham.

        Test: http/tests/loading/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-with-partitioning-timeout.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::reduceTimeResolutionToOneDay): Deleted.
        (WebCore::reduceTimeResolution):
            Changed name to no longer lock this to a specific resolution.
        (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
            Now calls WebCore::reduceTimeResolution().
        (WebCore::ResourceLoadObserver::setTimeToLiveCookiePartitionFree):
            Added for testing purposes.
        (WebCore::ResourceLoadObserver::fireShouldPartitionCookiesHandler):
            Added for testing purposes.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::shouldPartitionCookies):
            Static inline convenience function.
        (WebCore::ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler):
            Now decides whether a domain should get partitioned cookies
            based on timeToLiveCookiePartitionFree.
            Removed clearFirst parameter since it's not needed here
            and it introduced complexity in keeping the store and the
            network process cache in sync.
        (WebCore::ResourceLoadStatisticsStore::setTimeToLiveCookiePartitionFree):
            Added for testing purposes.
        * loader/ResourceLoadStatisticsStore.h:

2017-04-25  Saam Barati  <sbarati@apple.com>

        JSArray::isArrayPrototypeIteratorProtocolFastAndNonObservable is wrong because it does not do the necessary checks on the base object
        https://bugs.webkit.org/show_bug.cgi?id=171150
        <rdar://problem/31771880>

        Reviewed by Sam Weinig.

        This patch moves the sequence converters to use the now fixed
        JSArray::isArrayPrototypeIteratorProtocolFastAndNonObservable test
        inside JSC.
        
        This patch also fixes a few bugs:
        1. Converting to a sequence of numbers must prove that the JSArray
        is filled only with Int32/Double. If there is a chance the array
        contains objects, the conversion to a numeric IDLType can be observable
        (via valueOf()), and can change the iterator protocol.
        2. There are other conversions that can have side effects a-la valueOf().
        This patch introduces a new static constant in the various Converter
        classes that tell the sequence converter if the conversion operation
        can have JS side effects. If it does have side effects, we fall back to
        the generic conversion that uses the iterator protocol. If not, we can
        do a faster version that iterates over each element of the array,
        reading it directly, and converting it.

        Tests: js/sequence-iterator-protocol-2.html
               js/sequence-iterator-protocol.html

        * bindings/js/JSDOMConvertAny.h: Does not have side effects.
        * bindings/js/JSDOMConvertBase.h: We pessimistically assume inside DefaultConverter that converions have side effects.
        * bindings/js/JSDOMConvertBoolean.h: Does not have side effects.
        * bindings/js/JSDOMConvertCallbacks.h: Does not have side effects.
        * bindings/js/JSDOMConvertObject.h: Does not have side effects.
        * bindings/js/JSDOMConvertSequences.h:
        (WebCore::Detail::NumericSequenceConverter::convert):
        (WebCore::Detail::SequenceConverter::convert):

2017-04-25  Michael Saboff  <msaboff@apple.com>

        Call bmalloc scavenger first when handling a memory pressure event
        https://bugs.webkit.org/show_bug.cgi?id=171289

        Reviewed by Geoffrey Garen.

        Let bmalloc free any pages to the OS that it can before doing anything else.

        * page/MemoryRelease.cpp:
        (WebCore::releaseMemory):

2017-04-25  Dean Jackson  <dino@apple.com>

        Skip WebKitAdditions for Safari Technology Preview media controls
        https://bugs.webkit.org/show_bug.cgi?id=171302
        <rdar://problem/31823256>

        Reviewed by Simon Fraser.

        Safari Technology Preview should use the same controls
        as OpenSource.

        * WebCore.xcodeproj/project.pbxproj:

2017-04-25  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215730.

        The LayoutTest for this change is a flaky timeout on mac-wk1
        debug.

        Reverted changeset:

        "Enable expired-only reload policy on Mac and iOS"
        https://bugs.webkit.org/show_bug.cgi?id=171264
        http://trac.webkit.org/changeset/215730

2017-04-24  Matt Rajca  <mrajca@apple.com>

        Indicate presence of audio when handling autoplay events.
        https://bugs.webkit.org/show_bug.cgi?id=171227

        Reviewed by Alex Christensen.

        Added API tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::handleAutoplayEvent):
        (WebCore::HTMLMediaElement::playInternal):
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
        (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
        (WebCore::HTMLMediaElement::userDidInterfereWithAutoplay):
        (WebCore::HTMLMediaElement::setPlaybackWithoutUserGesture):
        * html/HTMLMediaElement.h:
        * page/AutoplayEvent.h:
        * page/ChromeClient.h:

2017-04-25  Aakash Jain  <aakash_jain@apple.com>

        WebCore.framework should restrict allowable_clients
        https://bugs.webkit.org/show_bug.cgi?id=171260

        Reviewed by Alexey Proskuryakov.

        * Configurations/WebCore.xcconfig: Adding allowable_client to all platform, in order to restrict WebCore
        from being directly linked on any platform.
        Moved WebKitLegacy and WebCoreTestSupport to OTHER_LDFLAGS_BASE.
        Removed WebKit2 as allowable_client from mac.
        Added iTunesU, Casablanca and Remote to OTHER_LDFLAGS_BASE_ios for iTunes related projects.
        Added WebKit, TVBooks, DumpRenderTree, WebKitTestRunner and TestWebKitAPI to OTHER_LDFLAGS_BASE_ios.

2017-04-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Restrict WebKit image formats to a known whitelist
        https://bugs.webkit.org/show_bug.cgi?id=170700

        Reviewed by Tim Horton.

        If the image format is not supported, the load should be canceled and the
        image is marked a broken image.

        Test: fast/images/image-formats-support.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer):
        (WebCore::CachedImage::setImageDataBuffer):
        (WebCore::CachedImage::finishLoading):
        * loader/cache/CachedImage.h:

2017-04-25  Youenn Fablet  <youenn@apple.com>

        CoreAudioCaptureSource::suspend is asserting too often
        https://bugs.webkit.org/show_bug.cgi?id=171285

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::suspend): Moving the assertion to where it might be useful.

2017-04-25  Daniel Bates  <dabates@apple.com>

        Use an OptionSet for compositing reasons bitmask
        https://bugs.webkit.org/show_bug.cgi?id=171153

        Reviewed by Simon Fraser.

        We should make use of OptionSet to represent the bitmask of the reasons a layer
        was composited instead of using an integer and bitwise operations.

        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::reasonsForCompositingLayer):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::reasonsForCompositing):
        (WebCore::RenderLayerCompositor::logReasonsForCompositing): Also fix code style issues;
        an else-if statement should be written as an if-statement when the prior if-statement
        concludes with a return statement.
        * rendering/RenderLayerCompositor.h:

2017-04-25  Myles C. Maxfield  <mmaxfield@apple.com>

        Supplementary Multilingual Plane Complex Scripts Rendered Incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=171272
        <rdar://problem/30966764>

        Reviewed by Zalan Bujtas.

        These scripts need to take the complex text codepath.

        Test: fast/text/kaithi.html

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::characterRangeCodePath):

2017-04-25  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] Revert r215745 (especulative build fix) after r215752.
        https://bugs.webkit.org/show_bug.cgi?id=170842

        Unreviewed.

        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::normalizeCharacters):

2017-04-25  Daniel Bates  <dabates@apple.com>

        [Cocoa][Win] Enable of X-Content-Type-Options: nosniff header
        https://bugs.webkit.org/show_bug.cgi?id=136452
        <rdar://problem/23412620>

        Reviewed by Brent Fulgham.

        Enable support for X-Content-Type-Options: nosniff on Mac, iOS and Windows.

        Additionally, honor X-Content-Type-Options: nosniff header for stylesheets as per
        <https://fetch.spec.whatwg.org/#should-response-to-request-be-blocked-due-to-nosniff%3F> (30 March 2017).

        Test: http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html

        * Configurations/FeatureDefines.xcconfig:
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet): Log an error if the stylesheet
        has the nosniff header and does not have a valid MIME type. Also update code for
        renaming of MIMETypeCheck to MIMETypeCheckHint.
        (WebCore::StyleSheetContents::notifyLoadedSheet): If the stylesheet is blocked by
        nosniff then consider it analogous to a load error so that we dispatch a DOM error
        event at the <style>/<link> element.
        * dom/LoadableClassicScript.cpp:
        (WebCore::LoadableClassicScript::notifyFinished): Modified the wording of the error
        message when a script is disallowed by nosniff so as to more closely match the
        wording used when a stylesheet is disallowed by nonsniff.
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::sheetText): Update for renaming of MIMETypeCheck
        to MIMETypeCheckHint.
        (WebCore::CachedCSSStyleSheet::responseMIMEType): Added.
        (WebCore::CachedCSSStyleSheet::mimeTypeAllowedByNosniff): Added.
        (WebCore::CachedCSSStyleSheet::canUseSheet): Modified to check if the X-Content-Type-Options: nosniff
        header is in the HTTP response for the stylesheet. If it is then we can only use the stylesheet
        if its content-type is "text/css". Otherwise, apply the existing criterion for determining whether
        to to use the stylesheet.
        * loader/cache/CachedCSSStyleSheet.h: Rename MIMETypeCheck to MIMETypeCheckHint to better
        describe its purpose as a hint as to whether to enforce MIME type checking for the stylesheet.
        Processing of the HTTP header X-Content-Type-Options takes precedence over this hint.
        * loader/cache/CachedScript.h: Make mimeType() private.

2017-04-25  Daniel Bates  <dabates@apple.com>

        [Cocoa][Win] Enable of X-Content-Type-Options: nosniff header
        https://bugs.webkit.org/show_bug.cgi?id=136452
        <rdar://problem/23412620>

        Reviewed by Brent Fulgham.

        Part 1

        Enable X-Content-Type-Options: nosniff on Mac, iOS and Windows platforms.

        * Configurations/FeatureDefines.xcconfig:

2017-04-25  Myles C. Maxfield  <mmaxfield@apple.com>

        [GTK] Build fix after r215737
        https://bugs.webkit.org/show_bug.cgi?id=170842

        Unreviewed.

        No new tests because there is no behavior change.

        * platform/graphics/FontCascade.h:
        (WebCore::FontCascade::treatAsZeroWidthSpace):
        (WebCore::FontCascade::treatAsZeroWidthSpaceInComplexScript):

2017-04-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Remove an unnecessary -respondsToSelector: check after r215724

        Rubber-stamped by Tim Horton.

        Addresses review feedback from <https://bugs.webkit.org/show_bug.cgi?id=171156>. -[NSURL _title]
        will always for builds that need to access it.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::readURL):

2017-04-25  Antti Koivisto  <antti@apple.com>

        REGRESSION (r215469): [ios-simulator-wk2] LayoutTest compositing/animation/animation-backing.html is a flaky failure
        https://bugs.webkit.org/show_bug.cgi?id=171060
        <rdar://problem/31771174>

        Reviewed by Simon Fraser.

        Accelerated transform animations move underlying layers without invalidating GraphicsLayers.
        To update tile coverage we need to commit such subtrees even if there are not other changes.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::GraphicsLayerCA::needsCommit):

            Commit subtrees with accelerated transform animations.
            Factor into a function.

        (WebCore::GraphicsLayerCA::recursiveCommitChanges):

            Track if descendants had any accelerated transform animations after commit.

        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::hasDescendantsWithRunningTransformAnimations):
        (WebCore::GraphicsLayerCA::setHasDescendantsWithRunningTransformAnimations):

2017-04-25  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream macOS] Unable to apply frameRate constraint
        https://bugs.webkit.org/show_bug.cgi?id=171279

        Reviewed by Youenn Fablet.

        No new tests, this doesn't affect the mock capture devices.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::supportsSizeAndFrameRate): Cast frame rate
        ranges to int before comparing.

2017-04-25  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] Build fix after r215737
        https://bugs.webkit.org/show_bug.cgi?id=170842

        Unreviewed.

        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::normalizeCharacters):

2017-04-25  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Clear network process cache when clearing store
        https://bugs.webkit.org/show_bug.cgi?id=171256
        <rdar://problem/31802347>

        Reviewed by Brent Fulgham.

        Test that covers this code:
        http/tests/loading/resourceLoadStatistics/clear-in-memory-and-persistent-store.html

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::clearInMemoryStore):
            Better name.
        (WebCore::ResourceLoadObserver::logUserInteraction):
            Now passes on the boolean parameter clearFirst to
            ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler().
        (WebCore::ResourceLoadObserver::fireShouldPartitionCookiesHandler):
            Now takes and passes on the boolean parameter clearFirst to
            ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler().
        (WebCore::ResourceLoadObserver::statisticsStore): Deleted.
            This getter violated abstraction. The way it was used
            is now solved through dedicated functions.
        * loader/ResourceLoadObserver.h:
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
            Now passes on the boolean parameter clearFirst to
            ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler().
        (WebCore::ResourceLoadStatisticsStore::clearInMemory):
            Better name.
            Now triggers clearing of the associated network process cache.
        (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
            Now calls clearInMemory().
        (WebCore::ResourceLoadStatisticsStore::setShouldPartitionCookiesCallback):
            Now expects a handler with the boolean parameter clearFirst.
        (WebCore::ResourceLoadStatisticsStore::fireShouldPartitionCookiesHandler):
            Now takes and passes on the boolean parameter clearFirst to
            m_shouldPartitionCookiesForDomainsHandler().
        * loader/ResourceLoadStatisticsStore.h:
        (WebCore::ResourceLoadStatisticsStore::clear): Deleted.
        * platform/network/NetworkStorageSession.h:
            NetworkStorageSession::setShouldPartitionCookiesForHosts() now
            takes the boolean parameter clearFirst.
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::setShouldPartitionCookiesForHosts):
            Now clears m_topPrivatelyControlledDomainsForCookiePartitioning
            if the boolean parameter clearFirst is true.

2017-04-25  Myles C. Maxfield  <mmaxfield@apple.com>

        Add performance test for FontCache::systemFallbackForCharacters()
        https://bugs.webkit.org/show_bug.cgi?id=170842

        Reviewed by Tim Horton.

        No new tests because there is no behavior change.

        * platform/graphics/FontCascade.h:
        (WebCore::FontCascade::treatAsZeroWidthSpace):
        (WebCore::FontCascade::treatAsZeroWidthSpaceInComplexScript): Deleted.
        * platform/graphics/WidthCache.h:
        (WebCore::WidthCache::add):
        (WebCore::WidthCache::addSlowCase):

2017-04-25  Chris Dumez  <cdumez@apple.com>

        Content-Disposition header filename is ignored when 'download' attribute is specified in HTML
        https://bugs.webkit.org/show_bug.cgi?id=171239
        <rdar://problem/31789855>

        Reviewed by Alex Christensen.

        Add isAttachmentWithFilename() utility method to ResourceResponse to implement:
        - https://html.spec.whatwg.org/#as-a-download (Step 2)

        Test: http/tests/download/anchor-download-attribute-content-disposition.html

        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::isAttachmentWithFilename):
        * platform/network/ResourceResponseBase.h:

2017-04-25  Antti Koivisto  <antti@apple.com>

        Enable expired-only reload policy on Mac and iOS
        https://bugs.webkit.org/show_bug.cgi?id=171264
        <rdar://problem/31807637>

        Reviewed by Andreas Kling.

        * loader/NavigationAction.cpp:
        (WebCore::navigationType):

        Test for reload navigation type correctly.

2017-04-25  Miguel Gomez  <magomez@igalia.com>

        Image decoders must have private constructors to avoid refcount misuse: ASSERTION FAILED: m_deletionHasBegun when destroying ImageDecoder
        https://bugs.webkit.org/show_bug.cgi?id=171211

        Reviewed by Carlos Garcia Campos.

        Add a create method to each of the decoders and set their constructors as private. Change
        ICOImageDecoder to store its internal PNG decoders as RefPtr and use the new create method, and
        change ImageDecoder to use the create methods as well.

        Covered by existent tests.

        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create):
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::decodeAtIndex):
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.h:
        * platform/image-decoders/webp/WEBPImageDecoder.h:

2017-04-25  Myles C. Maxfield  <mmaxfield@apple.com>

        Build fix

        Unreviewed.

        No new tests because there is no behavior change.

        * crypto/mac/SerializedCryptoKeyWrapMac.mm:
        (WebCore::wrapSerializedCryptoKey):
        (WebCore::unwrapSerializedCryptoKey):

2017-04-25  Wenson Hsieh  <wenson_hsieh@apple.com>

        Support reading NSURL titles from the pasteboard when performing data interaction
        https://bugs.webkit.org/show_bug.cgi?id=171156
        <rdar://problem/31356937>

        Reviewed by Tim Horton.

        Support reading link titles from the pasteboard when performing data interaction. To do this, we refactor
        Pasteboard::readURL to take in an additional String& title which is ultimately plumbed to the PlatformPasteboard
        where it is set to the value of -[NSURL _title].

        Test: DataInteractionTests.ExternalSourceTitledNSURL.

        * editing/FrameSelection.h:
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::WebContentReader::readURL):
        * page/DragController.cpp:
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::concludeEditDrag):

        Move calls to clearDragCaret() out of concludeEditDrag and into the call site, in performDragOperation after
        attempting to concludeEditDrag. This is done so that if the WebEditorClient queries whether the drag caret is
        in richly editable content for the purposes of generating a document fragment to insert, the answer will not
        always be false as a drop is occurring.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::respectsUTIFidelities):
        (WebCore::Pasteboard::readString):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::readURL):

2017-04-24  Andy VanWagoner  <thetalecrafter@gmail.com>

        Clean up ICU headers
        https://bugs.webkit.org/show_bug.cgi?id=170997

        Reviewed by JF Bastien.

        Update all icu headers to 55.1

        * icu/LICENSE: Update copyright
        * icu/README: Explain ICU headers for OS X better
        * icu/unicode/localpointer.h:
        (LocalPointer::LocalPointer):
        (LocalPointer::adoptInsteadAndCheckErrorCode):
        * icu/unicode/platform.h:
        * icu/unicode/putil.h:
        * icu/unicode/std_string.h:
        * icu/unicode/ubrk.h:
        * icu/unicode/uchar.h:
        * icu/unicode/ucnv.h:
        * icu/unicode/ucol.h:
        * icu/unicode/ucoleitr.h:
        * icu/unicode/uconfig.h:
        * icu/unicode/ucurr.h:
        * icu/unicode/uidna.h:
        * icu/unicode/uloc.h:
        * icu/unicode/umachine.h:
        * icu/unicode/unistr.h:
        (UnicodeString::getArrayStart):
        (UnicodeString::UnicodeString):
        (UnicodeString::hasShortLength):
        (UnicodeString::getShortLength):
        (UnicodeString::length):
        (UnicodeString::getCapacity):
        (UnicodeString::isBogus):
        (UnicodeString::isWritable):
        (UnicodeString::isBufferWritable):
        (UnicodeString::getBuffer):
        (UnicodeString::isEmpty):
        (UnicodeString::setZeroLength):
        (UnicodeString::setShortLength):
        (UnicodeString::setLength):
        (UnicodeString::setToEmpty):
        (UnicodeString::remove):
        * icu/unicode/urename.h:
        * icu/unicode/uscript.h:
        * icu/unicode/usearch.h:
        * icu/unicode/uset.h:
        * icu/unicode/ustring.h:
        * icu/unicode/utf8.h:
        * icu/unicode/utypes.h:
        * icu/unicode/uvernum.h:

2017-04-24  Jiewen Tan  <jiewen_tan@apple.com>

        LayoutTests crypto/subtle/ecdsa-generate-key-sign-verify-p384.html and crypto/subtle/ecdsa-generate-key-sign-verify-p256.html are flaky failures
        https://bugs.webkit.org/show_bug.cgi?id=171059
        <rdar://problem/31734958>

        Reviewed by Brent Fulgham.

        Covered by existing tests.

        * crypto/mac/CryptoAlgorithmECDSAMac.cpp:
        (WebCore::signECDSA):
        Enhance ways to convert the DER signatures produced from CommonCrypto to r||s.

2017-04-24  Manuel Rego Casasnovas  <rego@igalia.com>

        [selectors4] :focus-within should use the flat tree
        https://bugs.webkit.org/show_bug.cgi?id=170899

        Reviewed by Antti Koivisto.

        This has been discussed in the following CSS WG issue:
        https://github.com/w3c/csswg-drafts/issues/1135

        And the spec has been updated (https://drafts.csswg.org/selectors-4/#the-focus-within-pseudo):
        "An element also matches :focus-within if one of its descendants in the flat tree
         (including non-element nodes, such as text nodes) matches the conditions for matching :focus."

        Test: imported/w3c/web-platform-tests/css/selectors4/focus-within-shadow-006.html

        * dom/Element.cpp:
        (WebCore::Element::setFocus): Use "flat tree" ("composed tree" in WebKit)
        to set focus-within flag.

2017-04-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        Respect fidelity order when reading web content from item providers
        https://bugs.webkit.org/show_bug.cgi?id=171155
        <rdar://problem/31356937>

        Reviewed by Tim Horton.

        Currently, when reading web content from pasteboards, we assume the old UIPasteboard/NSPasteboard model wherein
        the destination must determine which of the items is considered to have the highest fidelity for the purposes of
        inserting into an editable area. This destination-side fidelity ranking is determined solely by the NSArray
        returned from Pasteboard::supportedPasteboardTypes, which lists compatible types in order from highest fidelity
        to lowest fidelity. Pasteboard::read effectively iterates over this list of types in order, attempting to read
        highest fidelity types and bailing when it first successfully reads data.

        However, when our pasteboard is backed by UIItemProviders, we should instead read pasteboard types in order of
        fidelity as specified by the source rather than the destination. To accomplish this, we introduce an alternate
        codepath, Pasteboard::readRespectingUTIFidelities, which we take if Pasteboard::respectsUTIFidelities is true
        (currently, this only applies for the purposes of data interaction). This version follows a different flow:
        for each item in the pasteboard, we ask for just the UTIs for that item, in order of fidelity. For each item,
        we then call readPasteboardWebContentDataForType to try and read data for that type, continuing until either
        all UTIs have been attempted, or reading was successful.

        This patch makes two additional adjustments. First, we introduce Pasteboard::getTypesByFidelityForItemAtIndex,
        which is used by Pasteboard::readRespectingUTIFidelities when querying the list of supported UTIs for each
        pasteboard item, sorted by highest to lowest fidelity.

        Secondly, we refactor logic to write to the item provider pasteboard in PlatformPasteboardIOS. Since we are
        now respecting fidelity rankings on the destination, the source must also register UTI types in the right
        fidelity order. While this was mostly achieved using our existing method of writing a list of object
        representations to the pasteboard and then all of the contents of a NSString => NSData dictionary containing
        private UTI data, this approach has two flaws:
        1.  We are unable to register high-priority custom types, followed by representing objects, followed by more
            lower-priority custom types, since we assume that all custom types follow all representing objects.
        2.  Since we're just iterating over a dictionary of NSString => NSData when registering custom UTI
            representations to the item provider, there cannot inherently be any fidelity ordering for custom types.

        To address both of these issues, we introduce two new objects that encapsulate how we register data to the item
        provider pasteboard. WebItemProviderRegistrationInfo represents some data that can be registered to an item
        provider (either an object conforming to UIItemProviderWriting, or an NSString and NSData).
        WebItemProviderRegistrationInfoList represents a list of WebItemProviderRegistrationInfos in order of highest to
        lowest fidelity. In PlatformPasteboardIOS, we transform PasteboardWebContent, PasteboardImage, and PasteboardURL
        into a WebItemProviderRegistrationInfoList, which we then pass along to the WebItemProviderPasteboard. In
        WebItemProviderPasteboard, we traverse the list of WebItemProviderRegistrationInfos in the list and register
        each WebItemProviderRegistrationInfo's representing object or data to the item provider.

        Test: DataInteractionTests.RespectsExternalSourceFidelityRankings.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/Pasteboard.h:
        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/AbstractPasteboard.mm: Removed.

        Moves WebItemProviderData, formerly implemented in AbstractPasteboard.mm, into WebItemProviderPasteboard.mm.
        We can delete AbstractPasteboard.mm as a result.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::readPasteboardWebContentDataForType):

        Pull out common logic for reading data given a UTI type from the pasteboard into the PasteboardWebContentReader.
        This is invoked from both the existing Pasteboard::read codepath, as well as the readRespectingUTIFidelities
        codepath.

        (WebCore::Pasteboard::read):

        Refactored to call the new readPasteboardWebContentDataForType helper. Behavior should not have changed, unless
        the pasteboard supports UTI fidelities.

        (WebCore::Pasteboard::respectsUTIFidelities):
        (WebCore::Pasteboard::readRespectingUTIFidelities):

        An alternative to Pasteboard::read that considers source-side fidelity rankings of UTIs.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::getTypesByFidelityForItemAtIndex):
        (WebCore::PlatformPasteboard::writeObjectRepresentations):

        Refactored to build a WebItemProviderRegistrationInfoList and pass it to the WebItemProviderPasteboard to
        register items and data.

        (WebCore::PlatformPasteboard::write):
        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderRegistrationInfo initWithRepresentingObject:typeIdentifier:data:]):
        (-[WebItemProviderRegistrationInfo representingObject]):
        (-[WebItemProviderRegistrationInfo typeIdentifier]):
        (-[WebItemProviderRegistrationInfo data]):

        Represents a single calls to register data onto the item provider pasteboard. See
        WebItemProviderPasteboard.h header comments for more info.

        (-[WebItemProviderRegistrationInfoList init]):
        (-[WebItemProviderRegistrationInfoList addData:forType:]):
        (-[WebItemProviderRegistrationInfoList addRepresentingObject:]):
        (-[WebItemProviderRegistrationInfoList numberOfItems]):
        (-[WebItemProviderRegistrationInfoList itemAtIndex:]):
        (-[WebItemProviderRegistrationInfoList enumerateItems:]):

        Represents a series of calls to register representations onto the item provider pasteboard. See
        WebItemProviderPasteboard.h header comments for more info.

        (-[WebItemProviderPasteboard pasteboardTypesByFidelityForItemAtIndex:]):
        (-[WebItemProviderPasteboard setItemsUsingRegistrationInfoLists:]):
        (-[WebItemProviderPasteboard setItemsFromObjectRepresentations:]): Deleted.

2017-04-24  Chris Dumez  <cdumez@apple.com>

        Regression(r204605): support for "cp874" charset alias was inadvertently dropped which may cause issues on certain Thai sites
        https://bugs.webkit.org/show_bug.cgi?id=171128
        <rdar://problem/31526844>

        Reviewed by Alexey Proskuryakov.

        When using Thai as default language on MacOS, defaultTextEncodingNameForSystemLanguage()
        was returning "cp874" encoding with was dropped in r204605 for not being part of the
        encoding specification (https://encoding.spec.whatwg.org/#names-and-labels).

        To address the issue, we map "cp874" encoding to the "dos-874" encoding which is
        properly recognized. Without this, this could lead to issue on WebSites that do not
        specify a charset.

        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::defaultTextEncodingNameForSystemLanguage):

2017-04-24  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [CG] Provide a type identifier hint to the CGImageSource so getting the type identifier is more accurate
        https://bugs.webkit.org/show_bug.cgi?id=171042

        Reviewed by Tim Horton.

        The image URL can be used to get the type identifier hint. Without providing
        this hint, the image type identifier is not accurate for image formats.

        Also add a function to the ImageDecoder class to get the typeIdentifier. Add
        all the pluming from the ImageDecoder till the Image class.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedData):
        (WebCore::BitmapImage::frameImageAtIndexCacheIfNeeded):
        (WebCore::BitmapImage::draw):
        (WebCore::BitmapImage::internalStartAnimation):
        (WebCore::BitmapImage::advanceAnimation):
        (WebCore::BitmapImage::internalAdvanceAnimation):
        (WebCore::BitmapImage::newFrameNativeImageAvailableAtIndex):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.cpp:
        (WebCore::Image::sourceURL):
        * platform/graphics/Image.h: Change the sourceURL() to return a URL so CG can create CFURLRef from it.
        (WebCore::Image::uti):
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex):
        (WebCore::ImageFrameCache::startAsyncDecodingQueue):
        (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex):
        (WebCore::ImageFrameCache::stopAsyncDecodingQueue):
        (WebCore::ImageFrameCache::clearMetadata):
        (WebCore::ImageFrameCache::sourceURL):
        (WebCore::ImageFrameCache::encodedDataStatus):
        (WebCore::ImageFrameCache::uti):
        (WebCore::ImageFrameCache::filenameExtension):
        * platform/graphics/ImageFrameCache.h:
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::ensureDecoderAvailable):
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::uti):
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::ImageDecoder): Pass the type identifier hint to CGImageSourceCreateIncremental().
        (WebCore::ImageDecoder::uti):
        (WebCore::ImageDecoder::filenameExtension):
        (WebCore::ImageDecoder::frameHasAlphaAtIndex):
        (WebCore::ImageDecoder::createFrameImageAtIndex):
        * platform/graphics/cg/ImageDecoderCG.h:
        (WebCore::ImageDecoder::create):
        * platform/graphics/win/ImageDecoderDirect2D.cpp:
        (WebCore::ImageDecoder::encodedDataStatus):
        * platform/graphics/win/ImageDecoderDirect2D.h:
        (WebCore::ImageDecoder::create): Add an argument of type URL.
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create): Add an argument of type URL.
        * platform/image-decoders/ImageDecoder.h:
        (WebCore::ImageDecoder::encodedDataStatus): Make it const.
        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::encodedDataStatus):
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::encodedDataStatus):
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::encodedDataStatus):
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::encodedDataStatus):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::encodedDataStatus):
        * platform/image-decoders/png/PNGImageDecoder.h:
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::encodedDataStatus):
        * platform/image-decoders/webp/WEBPImageDecoder.h:
        * platform/spi/cg/ImageIOSPI.h: Added.

2017-04-24  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed build fix.

        * crypto/mac/CryptoAlgorithmAES_GCMMac.cpp:
        (WebCore::encryptAES_GCM):
        (WebCore::decyptAES_GCM):

2017-04-24  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Whitelist supported image MIME types
        https://bugs.webkit.org/show_bug.cgi?id=171077

        Reviewed by Tim Horton.

        Restrict the CG port image formats to a known whitelist. Build this list from image
        UTI's instead of MIME types, since the image UTI's is a superset of the MIME types.
        Use this list to build the list of supported image MIME types.

        * PlatformAppleWin.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes):
        * platform/graphics/cg/UTIRegistry.cpp: Added.
        (WebCore::allowedImageUTIs):
        (WebCore::isAllowedImageUTI):
        * platform/graphics/cg/UTIRegistry.h: Added.

2017-04-24  Nan Wang  <n_wang@apple.com>

        AX: Crash at WebCore::AXObjectCache::characterOffsetForIndex(int, WebCore::AccessibilityObject const*) + 703
        https://bugs.webkit.org/show_bug.cgi?id=171247

        Reviewed by Chris Fleizach.

        Crashed because we were passing a nil node into rootAXEditableElement(). Fixed it by
        adding a null check.

        Test: accessibility/mac/input-string-for-range-crash.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::characterOffsetForIndex):

2017-04-24  Youenn Fablet  <youenn@apple.com>

        Set defaults video getUserMedia constraints
        https://bugs.webkit.org/show_bug.cgi?id=171127

        Reviewed by Eric Carlson.

        Test: fast/mediastream/getUserMedia-default.html

        Adding default optional constraints for video size and frame rate if none is defined.
        Default is 640x480 30fps.

        Doing some refactoring in MeddiaConstraintsImpl and MeddiaConstraintsData to use more move constructors.

        * Modules/mediastream/MediaConstraintsImpl.cpp:
        (WebCore::defaultVideoConstraints):
        (WebCore::MediaConstraintsData::setDefaultVideoConstraints):
        (WebCore::MediaConstraintsImpl::create): Deleted.
        * Modules/mediastream/MediaConstraintsImpl.h:
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::getUserMedia):
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSourceMac::updateSampleBuffer): Fixing crash when setting frameRate.

2017-04-24  Chris Dumez  <cdumez@apple.com>

        createElementNS() should now throw only InvalidCharacterError, not NamespaceError
        https://bugs.webkit.org/show_bug.cgi?id=171052

        Reviewed by Sam Weinig.

        Validating a qualified name should only throw InvalidCharacterError, not NamespaceError,
        after:
        - https://github.com/whatwg/dom/issues/319
        - https://github.com/w3c/web-platform-tests/issues/5161
        - https://github.com/whatwg/dom/issues/423

        Latest spec:
        - https://dom.spec.whatwg.org/#validate

        No new tests, updated web-platform-tests.

        * dom/Document.cpp:
        (WebCore::Document::parseQualifiedName):

2017-04-24  Chris Dumez  <cdumez@apple.com>

        REGRESSION (214503): Webkit crash under RenderElement::repaintForPausedImageAnimationsIfNeeded() when scrolling giphy pages
        https://bugs.webkit.org/show_bug.cgi?id=171243
        <rdar://problem/31715572>

        Reviewed by Antti Koivisto.

        After r214503, we would frequently crash when scrolling giphy pages because we were failing to call
        RenderView::removeRendererWithPausedImageAnimations(renderer, cachedImage) in some cases. This would
        cause a RenderElement to still be associated to a CachedImage in RenderView but not in practice.
        If the CachedImage then gets destroyed and the user scrolls, we end up calling
        RenderElement::repaintForPausedImageAnimationsIfNeeded() with a bad CachedImage.

        StyleCachedImage was properly calling RenderView::removeRendererWithPausedImageAnimations() before
        unregistering the renderer as a client to the CachedImage. However, RenderImageResource was failing
        to do the same. To make this less error-prone, I added a didRemoveCachedImageClient(CachedImage&)
        function to the CachedImageClient interface. It is overriden in RenderElement only to call
        RenderView::removeRendererWithPausedImageAnimations().

        Test: fast/images/animated-gif-scrolling-crash.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didRemoveClient):
        * loader/cache/CachedImageClient.h:
        (WebCore::CachedImageClient::didRemoveCachedImageClient):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::didRemoveCachedImageClient):
        * rendering/RenderElement.h:
        * rendering/style/StyleCachedImage.cpp:
        (WebCore::StyleCachedImage::removeClient):

2017-04-24  Andy Estes  <aestes@apple.com>

        [macOS] Fix two minor issues with MediaSelectionOption::Type
        https://bugs.webkit.org/show_bug.cgi?id=171235

        Reviewed by Sam Weinig.

        * platform/MediaSelectionOption.h: Gave type a default value, and added explicit
        constructors to make gcc and msvc happy.
        * platform/mac/WebPlaybackControlsManager.mm:
        (toAVTouchBarMediaSelectionOptionType): Added an ASSERT_NOT_REACHED if none of the switch
        cases match.

2017-04-24  Andy Estes  <aestes@apple.com>

        [macOS] Enable media selection button on AVTouchBarScrubber
        https://bugs.webkit.org/show_bug.cgi?id=171149
        <rdar://problem/29875010>

        Reviewed by Beth Dakin.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-24  Alex Christensen  <achristensen@webkit.org>

        Reduce copies and allocations in SharedBuffer::append
        https://bugs.webkit.org/show_bug.cgi?id=170956

        Reviewed by Andreas Kling.

        SharedBuffer was a mess of different data structures added over the years.
        SharedBuffer::append would allocate large Vector<char>s and call memcpy, and that
        is inefficient and causes crashes when large allocations fail, and the allocations
        and copies aren't even necessary.  There were also const correctness problems in
        ResourceLoader::addDataOrBuffer, and iterating a SharedBuffer was strange because
        sometimes we don't want to add unnecessary copies.

        These problems are solved by making SharedBuffer a Vector of read-only data segments,
        which can be contained in various ways but we don't care because all we want to do is
        read them.  Appending SharedBuffers is now const correct because we just add to a
        Vector<Ref<DataSegment>> and neither SharedBuffer can write to the data.  Sometimes,
        though, we want all the data to be in continuous memory, and if there are multiple
        segments then the data needs to be copied once to a new segment.  We should audit the
        call sites of SharedBuffer::data and see if this is really necessary.

        No change in functional behavior.  Fewer copies of the data are made when buffering
        data in the NetworkProcess.  No extra memory is allocated for bytes we think we might
        need to append in the future.  Data is now only copied into one buffer lazily as needed,
        which could slightly change when small delays from memcpy happen, but it's an overall
        improvement.  We could have a performance hit if we were to call append() then data()
        then append() then data() etc. but that doesn't happen in WebKit because we call append
        repeatedly when buffering the data then call data() once when reading the data.

        * editing/cocoa/EditorCocoa.mm:
        (WebCore::archivedDataForAttributedString):
        (WebCore::Editor::selectionInWebArchiveFormat):
        (WebCore::Editor::dataInRTFDFormat):
        (WebCore::Editor::dataInRTFFormat):
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::WebContentReader::readURL):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::imageInWebArchiveFormat):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createResource):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::tryReplaceEncodedData):
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::tryGetFileBackedSharedBufferFromCFURLCachedResponse):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::combineToOneSegment):
        (WebCore::SharedBuffer::data):
        (WebCore::SharedBuffer::createArrayBuffer):
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::clear):
        (WebCore::SharedBuffer::copy):
        (WebCore::SharedBuffer::DataSegment::data):
        (WebCore::SharedBuffer::DataSegment::size):
        (WebCore::segmentIndex): Deleted.
        (WebCore::offsetInSegment): Deleted.
        (WebCore::allocateSegment): Deleted.
        (WebCore::freeSegment): Deleted.
        (WebCore::SharedBuffer::~SharedBuffer): Deleted.
        (WebCore::SharedBuffer::size): Deleted.
        (WebCore::SharedBuffer::duplicateDataBufferIfNecessary): Deleted.
        (WebCore::SharedBuffer::appendToDataBuffer): Deleted.
        (WebCore::SharedBuffer::clearDataBuffer): Deleted.
        (WebCore::SharedBuffer::copyBufferAndClear): Deleted.
        (WebCore::SharedBuffer::buffer): Deleted.
        (WebCore::SharedBuffer::getSomeData): Deleted.
        (WebCore::SharedBuffer::maybeTransferMappedFileData): Deleted.
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        * platform/SharedBuffer.h:
        (WebCore::SharedBuffer::create): Deleted.
        (WebCore::SharedBuffer::isEmpty): Deleted.
        * platform/SharedBufferChunkReader.cpp:
        (WebCore::SharedBufferChunkReader::nextChunk):
        (WebCore::SharedBufferChunkReader::peek):
        * platform/SharedBufferChunkReader.h:
        * platform/URLParser.cpp:
        (WebCore::URLParser::URLParser):
        * platform/cf/KeyedEncoderCF.cpp:
        (WebCore::KeyedEncoderCF::finishEncoding):
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::wrapCFData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::platformDataSize): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        (WebCore::SharedBuffer::copyBufferAndClear): Deleted.
        (WebCore::SharedBuffer::copySomeDataFromDataArray): Deleted.
        (WebCore::SharedBuffer::singleDataArrayBuffer): Deleted.
        (WebCore::SharedBuffer::maybeAppendDataArray): Deleted.
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::replacementData):
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::replacementData):
        * platform/cocoa/SharedBufferCocoa.mm:
        (-[WebCoreSharedBufferData initWithSharedBufferDataSegment:]):
        (-[WebCoreSharedBufferData length]):
        (-[WebCoreSharedBufferData bytes]):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::createFromReadingFile):
        (WebCore::SharedBuffer::createNSDataArray):
        (-[WebCoreSharedBufferData initWithSharedBufferDataBuffer:]): Deleted.
        (WebCore::SharedBuffer::wrapNSData): Deleted.
        (WebCore::SharedBuffer::existingCFData): Deleted.
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::fulfillRequestWithResource):
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::openTypeTable):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (ResourceHandleStreamingClient::didReceiveBuffer):
        * platform/graphics/mac/ImageMac.mm:
        (WebCore::Image::loadPlatformResource):
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::decode):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::readBuffer):
        * platform/mac/PasteboardMac.mm:
        (WebCore::writeFileWrapperAsRTFDAttachment):
        (WebCore::Pasteboard::write):
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::bufferForType):
        * platform/network/BlobResourceHandle.cpp:
        (WebCore::BlobResourceHandle::notifyReceiveData):
        * platform/network/MIMEHeader.cpp:
        * platform/network/MIMEHeader.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData):
        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:]):
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveData:lengthReceived:]):
        * platform/soup/SharedBufferSoup.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::createSoupBuffer):
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::platformDataSize): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Deleted.

2017-04-24  Dan Bernstein  <mitz@apple.com>

        [Cocoa] Some ivars are needlessly @protected
        https://bugs.webkit.org/show_bug.cgi?id=171208

        Reviewed by Anders Carlsson.

        Made ivars @private where possible.

        * platform/mac/WebCoreFullScreenPlaceholderView.h:
        * platform/mac/WebCoreFullScreenWarningView.h:
        * platform/mac/WebPlaybackControlsManager.h:
        * platform/network/cocoa/WebCoreNSURLSession.h:

2017-04-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Switch to use ENABLE_REMOTE_INSPECTOR instead of ENABLE_INSPECTOR_SERVER for the remote inspector
        https://bugs.webkit.org/show_bug.cgi?id=166680

        Reviewed by Michael Catanzaro.

        Add PageDebuggable.cpp to the compilation.

        * CMakeLists.txt:

2017-04-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r215657 and r215676.
        https://bugs.webkit.org/show_bug.cgi?id=171201

        Broke the build (Requested by ap on #webkit).

        Reverted changesets:

        "[macOS] Enable media selection button on AVTouchBarScrubber"
        https://bugs.webkit.org/show_bug.cgi?id=171149
        http://trac.webkit.org/changeset/215657

        "Build fix after r215657."
        http://trac.webkit.org/changeset/215676

2017-04-23  Andy Estes  <aestes@apple.com>

        [macOS] AVTouchBarMediaSelectionOptions should be created with the correct type
        https://bugs.webkit.org/show_bug.cgi?id=171192
        <rdar://problem/29875010>

        Reviewed by Wenson Hsieh.

        AVTouchBarMediaSelectionOption was always being created with type
        AVTouchBarMediaSelectionOptionTypeRegular, but we know if a TextTrack is really the legible
        off or legible auto track. This change plumbs that information into
        WebPlaybackControlsManager so that AVTouchBarMediaSelectionOptions can be created with the
        right AVTouchBarMediaSelectionOptionType. 

        * WebCore.xcodeproj/project.pbxproj:
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::mediaSelectionOptionForTrack):
        * page/CaptionUserPreferences.h:
        * platform/MediaSelectionOption.h: Added.
        * platform/cocoa/WebPlaybackSessionModel.h:
        (WebCore::WebPlaybackSessionModelClient::audioMediaSelectionOptionsChanged):
        (WebCore::WebPlaybackSessionModelClient::legibleMediaSelectionOptionsChanged):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h:
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
        (WebCore::WebPlaybackSessionModelMediaElement::audioMediaSelectionOptions):
        (WebCore::WebPlaybackSessionModelMediaElement::legibleMediaSelectionOptions):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.h:
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm:
        (WebCore::mediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceAVKit::audioMediaSelectionOptionsChanged):
        (WebCore::WebPlaybackSessionInterfaceAVKit::legibleMediaSelectionOptionsChanged):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::audioMediaSelectionOptionsChanged):
        (WebVideoFullscreenControllerContext::legibleMediaSelectionOptionsChanged):
        (WebVideoFullscreenControllerContext::audioMediaSelectionOptions):
        (WebVideoFullscreenControllerContext::legibleMediaSelectionOptions):
        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (toAVTouchBarMediaSelectionOptionType):
        (mediaSelectionOptions):
        (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:withSelectedIndex:]):
        (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:withSelectedIndex:]):
        (-[WebPlaybackControlsManager webPlaybackSessionInterfaceMac]):
        (-[WebPlaybackControlsManager setWebPlaybackSessionInterfaceMac:]):
        * platform/mac/WebPlaybackSessionInterfaceMac.h:
        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::audioMediaSelectionOptionsChanged):
        (WebCore::WebPlaybackSessionInterfaceMac::legibleMediaSelectionOptionsChanged):

2017-04-22  Wenson Hsieh  <wenson_hsieh@apple.com>

        File inputs only accept UTI types that can be inserted into contenteditable areas when dropping
        https://bugs.webkit.org/show_bug.cgi?id=171177
        <rdar://problem/31765379>

        Reviewed by Andy Estes.

        Currently, DragController::canProcessDrag bails immediately with `false` if the drag data does not contain
        compatible content. However, if we are dragging over a file input, we want the presence of files in the drag
        data to take priority. To fix this, we teach DragData::containsCompatibleContent to take the purpose of the drag
        into account (by default, this is Editing, but when dragging over a file input, this becomes FileUpload). We
        then consider DragData to have compatible content for the purpose of file uploading if it contains any files.

        Test: DataInteractionTests.ExternalSourceJSONToFileInput.

        * page/DragController.cpp:
        (WebCore::DragController::canProcessDrag):
        * platform/DragData.h:
        * platform/gtk/DragDataGtk.cpp:
        (WebCore::DragData::containsCompatibleContent):
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsCompatibleContent):
        * platform/win/DragDataWin.cpp:
        (WebCore::DragData::containsCompatibleContent):

2017-04-22  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Fix regression caused by r215626
        https://bugs.webkit.org/show_bug.cgi?id=171168
        <rdar://problem/31774787>

        Reviewed by Antoine Quint.

        No new tests, fixes fast/mediastream/MediaStream-page-muted.html

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::mediaState): Test muted before m_isProducingData because if both are 
        true we want to report that the stream is muted.

2017-04-21  Zalan Bujtas  <zalan@apple.com>

        Do not measure large chunk of text repeatedly during mid-word breaking.
        https://bugs.webkit.org/show_bug.cgi?id=171065
        <rdar://problem/31630245>

        Reviewed by Antti Koivisto.

        This patch reduces redundant text measuring for mid-word breaking by
        1. Adjusting the range for the binary search when the text fragment is longer than the available width
        2. Preserving the width value for the left side of the split fragment (computed during the binary search) so
        that when the fragment is being split we don't need to re-measure it
        3. Checking if the right side fits the next line and only adjust the width (by re-measuring the text) for
        kerning/ligature if it does (if it does not fit, we'll end up re-measuring some part of it
        during the next split)

        Performance test has already been added.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::hyphenPositionForFragment):
        (WebCore::SimpleLineLayout::split): binary search with adjusting the range and preserving the width for the left side.
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator==): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::begin): Deleted.
        (WebCore::SimpleLineLayout::end): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::splitWithHyphen):

2017-04-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Support writing link titles to the pasteboard when beginning data interaction on a link
        https://bugs.webkit.org/show_bug.cgi?id=171154
        <rdar://problem/31356937>

        Reviewed by Andy Estes.

        Currently, when writing NSURLs to the pasteboard, we only write a String to the pasteboard corresponding to
        kUTTypeURL. This means richer data associated with the link (in this case, the title) are not captured when
        writing to the pasteboard. To address this, we introduce a new codepath for writing links to the pasteboard that
        mirrors the way PasteboardImage and PasteboardWebContent are written to the pasteboard.

        Test: Augmented DataInteractionTests.LinkToInput.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:

        Add plumbing support for writing PasteboardURLs.

        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::write):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::writeObjectRepresentations):

        Teach PlatformPasteboard to also set the _title attribute of the NSURL when creating an NSURL representation
        for registering with the shared WebItemProviderPasteboard.

        (WebCore::PlatformPasteboard::write):
        * platform/ios/WebItemProviderPasteboard.mm:

        Remove deprecation guards and replace deprecated method calls with the latest undeprecated versions.

        (-[WebItemProviderPasteboard setItemsFromObjectRepresentations:]):

2017-04-21  Michael Catanzaro  <mcatanzaro@igalia.com>

        Unreviewed, rolling out r215608.

        Hundreds of test failures on GTK bot

        Reverted changeset:

        "Reduce copies and allocations in SharedBuffer::append"
        https://bugs.webkit.org/show_bug.cgi?id=170956
        http://trac.webkit.org/changeset/215608

2017-04-21  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r205374): <li> content inside <ul> should mid-word wrap when word-break: break-word is present.
        https://bugs.webkit.org/show_bug.cgi?id=171108
        <rdar://problem/30271747>

        Reviewed by Dan Bernstein.

        This patch ensures that we search for mid-word breaks when a zero sized element has been committed on the line
        unless it's an image or some other replaced element with special properties (e.g. list-style: inside).  

        Tests: fast/replaced/ul-li-word-break-break-word.html
               fast/replaced/zero-width-image-force-linebreak.html

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleReplaced):
        (WebCore::BreakingContext::handleText): This matches pre-r205374 behaviour, but it's explicit about whether a 
        replaced width has already been committed on the current line.
        * rendering/line/LineWidth.cpp:
        (WebCore::LineWidth::commit):
        * rendering/line/LineWidth.h:
        (WebCore::LineWidth::hasCommittedReplaced):
        (WebCore::LineWidth::addUncommittedReplacedWidth): These 2 last functions were removed with r205374 (and now I am adding them back). 

2017-04-21  Jer Noble  <jer.noble@apple.com>

        [MediaCapture] Improvements to CoreAudioCaptureSource
        https://bugs.webkit.org/show_bug.cgi?id=171146

        Reviewed by Eric Carlson.

        Various interlocking improvements to CoreAudioCaptureSource:

        - Allow the volume, sampleRate, and echoCancellation settings to be applied to the source.
        - Update the values returned via settings() when these values change.
        - Obey the sampleRate and echoCancellation settings when creating the VPIO unit.
        - Because AudioUnitRender() mutates the passed in AudioBufferList, reset it immediately before calling.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::preferredSampleRate):
        (WebCore::CoreAudioCaptureSource::preferredIOBufferSize):
        (WebCore::CoreAudioCaptureSource::configureMicrophoneProc):
        (WebCore::CoreAudioCaptureSource::configureSpeakerProc):
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples):
        (WebCore::CoreAudioCaptureSource::setupAudioUnits):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        (WebCore::CoreAudioCaptureSource::settings):
        (WebCore::CoreAudioCaptureSource::settingsDidChange):
        (WebCore::CoreAudioCaptureSource::preferredIOBufferDuration): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-04-21  Youenn Fablet  <youenn@apple.com>

        com.apple.WebCore: non-virtual thunk to WebCore::LibWebRTCDataChannelHandler::OnBufferedAmountChange + 39
        https://bugs.webkit.org/show_bug.cgi?id=171087
        <rdar://problem/31739051>

        Reviewed by Eric Carlson.

        Covered by existing tests.
        No test added as this behavior is really libwebrtc specific and cannot be triggered easily.

        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::close): Stopping observing libwebrtc data channel before closing it.
        This ensures we will stop getting notified as soon as there is no more interest.
        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
        (WebCore::LibWebRTCDataChannelHandler::OnStateChange): libwebrtc can still notify us even though we said we were
        not interested. Ensuring we do not call the client if we are no longer interested.
        (WebCore::LibWebRTCDataChannelHandler::OnMessage): Ditto.
        (WebCore::LibWebRTCDataChannelHandler::OnBufferedAmountChange): Ditto.

2017-04-21  Andy Estes  <aestes@apple.com>

        [macOS] Enable media selection button on AVTouchBarScrubber
        https://bugs.webkit.org/show_bug.cgi?id=171149
        <rdar://problem/29875010>

        Reviewed by Beth Dakin.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-21  Andy Estes  <aestes@apple.com>

        [macOS] Name WebPlaybackControlsManager delegate methods correctly depending on OS version
        https://bugs.webkit.org/show_bug.cgi?id=171147
        <rdar://problem/29875010>

        Reviewed by Beth Dakin.

        On macOS 10.12, WebPlaybackControlsManager conforms to
        AVFunctionBarPlaybackControlsControlling, but on 10.13 it conforms to
        AVTouchBarPlaybackControlsControlling. These protocols are near-identical, except for
        instances of "FunctionBar" in method names are renamed to "TouchBar". This patch updates to
        the new method names, and generally renames things with "FunctionBar" to "TouchBar".

        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager generateTouchBarThumbnailsForTimes:tolerance:size:thumbnailHandler:]):
        (-[WebPlaybackControlsManager generateTouchBarAudioAmplitudeSamples:completionHandler:]):
        (-[WebPlaybackControlsManager canBeginTouchBarScrubbing]):
        (-[WebPlaybackControlsManager beginTouchBarScrubbing]):
        (-[WebPlaybackControlsManager endTouchBarScrubbing]):
        (-[WebPlaybackControlsManager generateFunctionBarThumbnailsForTimes:size:completionHandler:]):
        (-[WebPlaybackControlsManager generateFunctionBarAudioAmplitudeSamples:completionHandler:]):
        (-[WebPlaybackControlsManager canBeginFunctionBarScrubbing]):
        (-[WebPlaybackControlsManager beginFunctionBarScrubbing]):
        (-[WebPlaybackControlsManager endFunctionBarScrubbing]):
        (-[WebPlaybackControlsManager audioTouchBarMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setAudioTouchBarMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentAudioTouchBarMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentAudioTouchBarMediaSelectionOption:]):
        (-[WebPlaybackControlsManager legibleTouchBarMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setLegibleTouchBarMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentLegibleTouchBarMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentLegibleTouchBarMediaSelectionOption:]):
        (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:withSelectedIndex:]):
        (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:withSelectedIndex:]):
        (-[WebPlaybackControlsManager audioFunctionBarMediaSelectionOptions]): Deleted.
        (-[WebPlaybackControlsManager setAudioFunctionBarMediaSelectionOptions:]): Deleted.
        (-[WebPlaybackControlsManager currentAudioFunctionBarMediaSelectionOption]): Deleted.
        (-[WebPlaybackControlsManager setCurrentAudioFunctionBarMediaSelectionOption:]): Deleted.
        (-[WebPlaybackControlsManager legibleFunctionBarMediaSelectionOptions]): Deleted.
        (-[WebPlaybackControlsManager setLegibleFunctionBarMediaSelectionOptions:]): Deleted.
        (-[WebPlaybackControlsManager currentLegibleFunctionBarMediaSelectionOption]): Deleted.
        (-[WebPlaybackControlsManager setCurrentLegibleFunctionBarMediaSelectionOption:]): Deleted.

2017-04-21  Jer Noble  <jer.noble@apple.com>

        Make CoreAudioCaptureDevice stackable.
        https://bugs.webkit.org/show_bug.cgi?id=171097

        Reviewed by Eric Carlson.

        There's no real reason to keep CoreAudioCaptureDevice from being created on the stack. 
        Make it un-RefCounted, and have it's static factory method return an std::optional rather
        than a RefPtr.

        Drive-by fix: clean up the factory method of CoreAudioCaptureSource a bit.

        * platform/mediastream/mac/CoreAudioCaptureDevice.cpp:
        (WebCore::CoreAudioCaptureDevice::create):
        (WebCore::CoreAudioCaptureDevice::deviceID): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureDevice.h:
        (WebCore::CoreAudioCaptureDevice::deviceID):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:
        (WebCore::CoreAudioCaptureDeviceManager::coreAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::coreAudioDeviceWithUID):
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.h:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-04-21  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Release capture session when not producing data
        https://bugs.webkit.org/show_bug.cgi?id=171148
        <rdar://problem/29265868>

        Reviewed by Jer Noble.

        On iOS, only one AVCaptureSession can be active at a time, so release a session whenever
        it is told to stop producing data. The session will recreated if the capture source if/when
        told to produce data again.

        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::stopProducingData): Clear m_session to release the session.
        It will be re-allocated if startProducingData is called later.

2017-04-21  Aaron Chu  <aaron_chu@apple.com>

        AX: FKA: Buttons need a visible focus indicator
        https://bugs.webkit.org/show_bug.cgi?id=171040
        <rdar://problem/30922548>

        Reviewed by Antoine Quint.

        Added a background color for the focus state of the icon buttons in modern media controls.

        Test: media/modern-media-controls/icon-button/icon-button-focus-state.html

        * Modules/modern-media-controls/controls/icon-button.css:
        (button.icon:focus):

2017-03-22  Matt Rajca  <mrajca@apple.com>

        Consider muting audio hardware a form of autoplay interference.
        https://bugs.webkit.org/show_bug.cgi?id=169971

        Reviewed by Eric Carlson.

        If the user mutes audio hardware and a media element is auto-playing, consider that
        as a form of auto-play interference that we tell clients about.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::hardwareMutedStateDidChange):
        * html/HTMLMediaElement.h:
        * platform/audio/AudioSession.h:
        (WebCore::AudioSession::MutedStateObserver::~MutedStateObserver):
        * platform/audio/mac/AudioSessionMac.cpp:
        (WebCore::AudioSession::isMuted):
        (WebCore::muteProcess):
        (WebCore::AudioSession::handleMutedStateChange):
        (WebCore::AudioSession::addMutedStateObserver):
        (WebCore::AudioSession::removeMutedStateObserver):

2017-04-21  Chris Dumez  <cdumez@apple.com>

        Regression(r206240): XMLSerializer.serializeToString() does not properly escape '<' / '>' in attribute values
        https://bugs.webkit.org/show_bug.cgi?id=171132
        <rdar://problem/31426752>

        Reviewed by Ryosuke Niwa.

        Use XMLSerialization [1] in MarkupAccumulator::appendAttribute() when inXMLFragmentSerialization()
        returns true, even if the node's associated document is an HTML document. When XMLSerializer.serializeToString()
        is called on a Node, we want XML serialization, even if the node comes from an HTML document.

        [1] https://w3c.github.io/DOM-Parsing/#dfn-xml-serialization

        Test: fast/dom/XMLSerializer-serializeToString-entities.html

        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendAttributeValue):
        (WebCore::MarkupAccumulator::appendAttribute):
        * editing/MarkupAccumulator.h:

2017-04-20  Sam Weinig  <sam@webkit.org>

        Split cryptographic digest computation and parsing out of CSP code so it can be reused
        https://bugs.webkit.org/show_bug.cgi?id=171076

        Reviewed by Chris Dumez.

        Factor out cryptographic digest parsing from Content Security Policy code
        so that it can be reused for the Subresource Integrity implementation.

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * html/parser/ParsingUtilities.h:
        (WebCore::skipExactlyIgnoringASCIICase):
        Add parsing helper to match / skip over a constant string, using IgnoringASCIICase semantics.

        * loader/ResourceCryptographicDigest.cpp: Added.
        (WebCore::parseHashAlgorithmAdvancingPosition):
        (WebCore::parseCryptographicDigestImpl):
        (WebCore::parseCryptographicDigest):
        Move parsing of cryptographic-digest strings from ContentSecurityPolicySourceList.cpp
        and optimize it a little by avoiding String allocations and generalizing it so that it
        can parse either UChars or LChars.

        * loader/ResourceCryptographicDigest.h: Added.
        (WebCore::ResourceCryptographicDigest::operator==):
        (WebCore::ResourceCryptographicDigest::operator!=):
        (WTF::DefaultHash<WebCore::ResourceCryptographicDigest>::Hash::hash):
        (WTF::DefaultHash<WebCore::ResourceCryptographicDigest>::Hash::equal):
        (WTF::HashTraits<WebCore::ResourceCryptographicDigest>::emptyValue):
        (WTF::HashTraits<WebCore::ResourceCryptographicDigest>::constructDeletedValue):
        (WTF::HashTraits<WebCore::ResourceCryptographicDigest>::isDeletedValue):
        Add a struct (rather than using a std::pair) to represent the digest + algorithm. And add
        HashTraits so it can be used as HashMap.
        
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies):
        (WebCore::toCryptoDigestAlgorithm): Deleted.
        Move algorithm conversion to ResourceCryptographicDigest.cpp. Make use of new 
        cryptographicDigestForBytes function to do hashing.

        * page/csp/ContentSecurityPolicy.h:
        * page/csp/ContentSecurityPolicyHash.h:
        (WTF::DefaultHash<WebCore::ContentSecurityPolicyDigest>::Hash::hash): Deleted.
        (WTF::DefaultHash<WebCore::ContentSecurityPolicyDigest>::Hash::equal): Deleted.
        Remove HashTraits for the digest, this is now handled by ResourceCryptographicDigest. 
        To keep things relatively straight-forward, redefine ContentSecurityPolicyHashAlgorithm
        and ContentSecurityPolicyHash in terms of ResourceCryptographicDigest, so that less code
        has to be changed all at once. In a later pass, if wanted, we can remove these using 
        declarations.

        * page/csp/ContentSecurityPolicySourceList.cpp:
        (WebCore::isNonceCharacter):
        Use renamed isBase64OrBase64URLCharacter predicate.

        (WebCore::ContentSecurityPolicySourceList::parseHashSource):
        Rework using ResourceCryptographicDigest parsing. Quotation and maximum digest
        length have been kept here, as they are not applicable to other uses of 
        the digest, specifically Subresource Integrity.

2017-04-21  Jer Noble  <jer.noble@apple.com>

        Unreviewed fix after r215624; null-deref crash.

        Make sure to call reset() inside each constructor.

        * platform/audio/WebAudioBufferList.cpp:
        (WebCore::WebAudioBufferList::WebAudioBufferList):

2017-04-21  Anders Carlsson  <andersca@apple.com>

        Stop using deprecated APIs, part 5
        https://bugs.webkit.org/show_bug.cgi?id=171134
        rdar://problem/31589635

        Reviewed by Tim Horton.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        Stop using the toPaymentAuthorizationStatus. Convert the passed in status results to the remaining
        PaymentAuthorizationStatus values, and add errors if needed.

        (WebCore::toPaymentAuthorizationStatus):
        This function is no longer used.

        * Modules/applepay/PaymentAuthorizationStatus.h:
        Remove deprecated status values. We can achieve the same results with errors now.

        * Modules/applepay/PaymentRequest.cpp:
        (WebCore::isFinalStateResult):
        Remove deprecated status values.

        * Modules/applepay/PaymentRequest.h:
        Remove deprecated status values.

2017-04-21  Per Arne Vollan  <pvollan@apple.com>

        Validate vImage arguments
        https://bugs.webkit.org/show_bug.cgi?id=171109
        rdar://problem/30236606

        Reviewed by Brent Fulgham.

        When writing data to a canvas context, clip the source rectangle to the data rectangle
        to make sure we will not attempt to read data outside of the buffer.

        Test: fast/canvas/canvas-crash.html

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::putImageData):

2017-04-21  David Kilzer  <ddkilzer@apple.com>

        Switch from -std=gnu++11 to -std=gnu++14 for consistency in DerivedSources.make
        <https://webkit.org/b/171122>

        Reviewed by Brent Fulgham.

        * DerivedSources.make: Switch to -std=gnu++14 for preprocessing
        headers to check for build settings.

2017-04-21  Jer Noble  <jer.noble@apple.com>

        [MediaCapture][iOS] AVAudioSession must be active and the correct category before IO AudioUnits start producing data.
        https://bugs.webkit.org/show_bug.cgi?id=171095

        Reviewed by Youenn Fablet.

        If an input audio unit is asked to start before the AVAudioSession is in a recording category and active,
        CoreAudio will return an error stating that no input device is available.

        The PlatformMediaSessionManager will automatically set the category of and activate the AVAudioSession when one
        of its associated MediaStreams has a capturing RealtimeMediaSource and is currently producing data.  To solve
        the chicken-or-egg problem of activating the AVAudioSession before the source produces data, move the state bit
        of "producing data" directly into MediaStreams, and notify the PlatformMediaSessionManager that capturing is
        occurring after flipping that bit, but before asking the constituent tracks to begin producing data.

        In places (i.e. UserMediaRequest) where we previously told a stream's tracks to begin producing data, instead
        allow the stream to handle that by telling it to produce data directly.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::startProducingData):
        (WebCore::MediaStream::stopProducingData):
        (WebCore::MediaStream::mediaState):
        (WebCore::MediaStream::mediaType):
        (WebCore::MediaStream::characteristics):
        (WebCore::MediaStream::canProduceAudio):
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-04-21  Jer Noble  <jer.noble@apple.com>

        Add a method to retrieve the current I/O buffer size from AudioSession
        https://bugs.webkit.org/show_bug.cgi?id=171126

        Reviewed by Eric Carlson.

        There is an existing method to get and set the preferred I/O buffer size; add a matching method to return
        the acutal I/O buffer size.

        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::bufferSize):
        * platform/audio/AudioSession.h:
        * platform/audio/ios/AudioSessionIOS.mm:
        (WebCore::AudioSession::bufferSize):
        * platform/audio/mac/AudioSessionMac.cpp:
        (WebCore::AudioSession::bufferSize):

2017-04-21  Jer Noble  <jer.noble@apple.com>

        Make AudioSampleBufferList::reset() less expensive.
        https://bugs.webkit.org/show_bug.cgi?id=171124

        Reviewed by Eric Carlson.

        Previously, AudioSampleBufferList would reallocate its constituent WebAudioBufferList every time reset() was
        called. Instead, add a reset() method to WebAudioBufferList which re-initializes its AudioBufferList (which is a
        simple memcpy of a 24-byte struct), reusing the existing memory buffers.

        While making these changes, we'll also take the opportunity to clean up the AudioSampleBufferList class by
        making some of its members into UniqueRefs instead of unique_ptrs, thus removing the possibility of null-
        dereferences.

        * platform/audio/WebAudioBufferList.cpp:
        (WebCore::WebAudioBufferList::WebAudioBufferList):
        (WebCore::WebAudioBufferList::reset):
        * platform/audio/WebAudioBufferList.h:
        * platform/audio/mac/AudioSampleBufferList.cpp:
        (WebCore::AudioSampleBufferList::AudioSampleBufferList):
        (WebCore::AudioSampleBufferList::applyGain):
        (WebCore::AudioSampleBufferList::mixFrom):
        (WebCore::AudioSampleBufferList::reset):
        (WebCore::AudioSampleBufferList::zero):
        (WebCore::AudioSampleBufferList::~AudioSampleBufferList): Deleted.
        * platform/audio/mac/AudioSampleBufferList.h:
        (WebCore::AudioSampleBufferList::bufferList):

2017-04-21  Jer Noble  <jer.noble@apple.com>

        Fix some spurious ASSERTs when working with capturing media elements
        https://bugs.webkit.org/show_bug.cgi?id=171096

        Reviewed by Youenn Fablet.

        Two related ASSERTS:

        1) When we added a new PlatformMediaSession MediaType (MediaStreamCapturingAudio), we did not update all the
        places that validated the enum. This would lead to spurious ASSERTs when an element capturing audio would
        fail various checks to enusre it's type's validity.

        2) Audio elements will ASSERT when they change page visibility, as they do not have a renderer which implements
        visibleInViewportStateChanged(). So opt out of visibility-state checking for non-video media elements.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::wantsToObserveViewportVisibilityForAutoplay):
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::resetRestrictions):
        (WebCore::PlatformMediaSessionManager::addRestriction):
        (WebCore::PlatformMediaSessionManager::removeRestriction):
        (WebCore::PlatformMediaSessionManager::restrictions):
        * platform/audio/PlatformMediaSessionManager.h:

2017-04-21  Konstantin Tokarev  <annulen@yandex.ru>

        [cmake] WTF target should not have wtf and subdirectries in public interface
        https://bugs.webkit.org/show_bug.cgi?id=171115

        Reviewed by Michael Catanzaro.

        In r209665 WEBCORE_FRAMEWORK macro started to export INCLUDE_DIRECTORIES of
        targets as their public interface, so that linked targets can use them
        implicitly without copying directory lists around. This matches existing
        practice for all targets except WTF, headers from which are always included
        with full path starting from "<wtf/...".

        Since r209665 it became possible to include headers from wtf or its
        subdirectories in CMake builds without using "<wtf/..." path. It should
        not be allowed.

        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp: Fix
        incorrect include of WTF header.

2017-04-21  Gwang Yoon Hwang  <yoon@igalia.com>

        Do not paint the border of the box if the dirty region does not intersect with border area
        https://bugs.webkit.org/show_bug.cgi?id=170988

        Reviewed by Simon Fraser.

        No new tests, since there is no change in behavior.

        * platform/graphics/GeometryUtilities.cpp:
        (WebCore::ellipseContainsPoint):
        Checks if a point is within an ellipse.

        * platform/graphics/GeometryUtilities.h:
        Replace header-guards with #pragma once.

        * platform/graphics/RoundedRect.cpp:
        (WebCore::RoundedRect::contains):
        Implemented to know the dirty rectangle intersects with rounded rectangle or not.
        * platform/graphics/RoundedRect.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintBorder):
        When typing in decorated text box, the dirty rect generated only for the
        inside of the text box, not for the decorations.  So we can avoid the
        calculations to draw borders if the inner border totally covers the
        target surface. It will optimize the rendering process since we don't
        have to render border decorations whenever we type somethings in side of
        the text input element.

2017-04-21  Anders Carlsson  <andersca@apple.com>

        Remove another use of toPaymentAuthorizationStatus
        https://bugs.webkit.org/show_bug.cgi?id=171114

        Reviewed by Dan Bernstein.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::completeShippingContactSelection):

2017-04-21  Alex Christensen  <achristensen@webkit.org>

        Reduce copies and allocations in SharedBuffer::append
        https://bugs.webkit.org/show_bug.cgi?id=170956

        Reviewed by Andreas Kling.

        SharedBuffer was a mess of different data structures added over the years.
        SharedBuffer::append would allocate large Vector<char>s and call memcpy, and that
        is inefficient and causes crashes when large allocations fail, and the allocations
        and copies aren't even necessary.  There were also const correctness problems in
        ResourceLoader::addDataOrBuffer, and iterating a SharedBuffer was strange because
        sometimes we don't want to add unnecessary copies.

        These problems are solved by making SharedBuffer a Vector of read-only data segments,
        which can be contained in various ways but we don't care because all we want to do is
        read them.  Appending SharedBuffers is now const correct because we just add to a
        Vector<Ref<DataSegment>> and neither SharedBuffer can write to the data.  Sometimes,
        though, we want all the data to be in continuous memory, and if there are multiple
        segments then the data needs to be copied once to a new segment.  We should audit the
        call sites of SharedBuffer::data and see if this is really necessary.

        No change in functional behavior.  Fewer copies of the data are made when buffering
        data in the NetworkProcess.  No extra memory is allocated for bytes we think we might
        need to append in the future.  Data is now only copied into one buffer lazily as needed,
        which could slightly change when small delays from memcpy happen, but it's an overall
        improvement.  We could have a performance hit if we were to call append() then data()
        then append() then data() etc. but that doesn't happen in WebKit because we call append
        repeatedly when buffering the data then call data() once when reading the data.

        * editing/cocoa/EditorCocoa.mm:
        (WebCore::archivedDataForAttributedString):
        (WebCore::Editor::selectionInWebArchiveFormat):
        (WebCore::Editor::dataInRTFDFormat):
        (WebCore::Editor::dataInRTFFormat):
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::WebContentReader::readURL):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::imageInWebArchiveFormat):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::createResource):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::tryReplaceEncodedData):
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::tryGetFileBackedSharedBufferFromCFURLCachedResponse):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::combineToOneSegment):
        (WebCore::SharedBuffer::data):
        (WebCore::SharedBuffer::createArrayBuffer):
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::clear):
        (WebCore::SharedBuffer::copy):
        (WebCore::SharedBuffer::DataSegment::data):
        (WebCore::SharedBuffer::DataSegment::size):
        (WebCore::segmentIndex): Deleted.
        (WebCore::offsetInSegment): Deleted.
        (WebCore::allocateSegment): Deleted.
        (WebCore::freeSegment): Deleted.
        (WebCore::SharedBuffer::~SharedBuffer): Deleted.
        (WebCore::SharedBuffer::size): Deleted.
        (WebCore::SharedBuffer::duplicateDataBufferIfNecessary): Deleted.
        (WebCore::SharedBuffer::appendToDataBuffer): Deleted.
        (WebCore::SharedBuffer::clearDataBuffer): Deleted.
        (WebCore::SharedBuffer::copyBufferAndClear): Deleted.
        (WebCore::SharedBuffer::buffer): Deleted.
        (WebCore::SharedBuffer::getSomeData): Deleted.
        (WebCore::SharedBuffer::maybeTransferMappedFileData): Deleted.
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        * platform/SharedBuffer.h:
        (WebCore::SharedBuffer::create): Deleted.
        (WebCore::SharedBuffer::isEmpty): Deleted.
        * platform/SharedBufferChunkReader.cpp:
        (WebCore::SharedBufferChunkReader::nextChunk):
        (WebCore::SharedBufferChunkReader::peek):
        * platform/SharedBufferChunkReader.h:
        * platform/URLParser.cpp:
        (WebCore::URLParser::URLParser):
        * platform/cf/KeyedEncoderCF.cpp:
        (WebCore::KeyedEncoderCF::finishEncoding):
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::wrapCFData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::platformDataSize): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        (WebCore::SharedBuffer::copyBufferAndClear): Deleted.
        (WebCore::SharedBuffer::copySomeDataFromDataArray): Deleted.
        (WebCore::SharedBuffer::singleDataArrayBuffer): Deleted.
        (WebCore::SharedBuffer::maybeAppendDataArray): Deleted.
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::replacementData):
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::replacementData):
        * platform/cocoa/SharedBufferCocoa.mm:
        (-[WebCoreSharedBufferData initWithSharedBufferDataSegment:]):
        (-[WebCoreSharedBufferData length]):
        (-[WebCoreSharedBufferData bytes]):
        (WebCore::SharedBuffer::create):
        (WebCore::SharedBuffer::createCFData):
        (WebCore::SharedBuffer::createFromReadingFile):
        (WebCore::SharedBuffer::createNSDataArray):
        (-[WebCoreSharedBufferData initWithSharedBufferDataBuffer:]): Deleted.
        (WebCore::SharedBuffer::wrapNSData): Deleted.
        (WebCore::SharedBuffer::existingCFData): Deleted.
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::fulfillRequestWithResource):
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::openTypeTable):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (ResourceHandleStreamingClient::didReceiveBuffer):
        * platform/graphics/mac/ImageMac.mm:
        (WebCore::Image::loadPlatformResource):
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::decode):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::readBuffer):
        * platform/mac/PasteboardMac.mm:
        (WebCore::writeFileWrapperAsRTFDAttachment):
        (WebCore::Pasteboard::write):
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::bufferForType):
        * platform/network/BlobResourceHandle.cpp:
        (WebCore::BlobResourceHandle::notifyReceiveData):
        * platform/network/MIMEHeader.cpp:
        * platform/network/MIMEHeader.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData):
        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:]):
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveData:lengthReceived:]):
        * platform/soup/SharedBufferSoup.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::createSoupBuffer):
        (WebCore::SharedBuffer::clearPlatformData): Deleted.
        (WebCore::SharedBuffer::maybeTransferPlatformData): Deleted.
        (WebCore::SharedBuffer::hasPlatformData): Deleted.
        (WebCore::SharedBuffer::platformData): Deleted.
        (WebCore::SharedBuffer::platformDataSize): Deleted.
        (WebCore::SharedBuffer::maybeAppendPlatformData): Deleted.
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Deleted.

2017-04-21  Timothy Horton  <timothy_horton@apple.com>

        Expose obscured insets to web content (as "safe area insets")
        https://bugs.webkit.org/show_bug.cgi?id=171013
        <rdar://problem/31564652>

        Reviewed by Wenson Hsieh and Dave Hyatt.

        Tests: fast/css/variables/constants/invalid-constant-name-fallback.html
               fast/css/variables/constants/ios/safe-area-inset-set.html
               fast/css/variables/constants/safe-area-inset-cannot-override.html
               fast/css/variables/constants/safe-area-inset-zero.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSValueKeywords.in:
        * css/CSSVariableData.cpp:
        (WebCore::CSSVariableData::checkVariablesForCyclesWithRange):
        (WebCore::CSSVariableData::resolveTokenRange):
        * css/parser/CSSVariableParser.cpp:
        (WebCore::isValidConstantName):
        (WebCore::classifyBlock):
        (WebCore::isValidConstantReference):
        Add a constant() function, which takes both custom properties and
        arbitrary idents which are looked up in ConstantPropertyMap, allowing
        fallback from the arbitrary, UA-defined idents to custom properties.

        * dom/ConstantPropertyMap.cpp: Added.
        (WebCore::ConstantPropertyMap::ConstantPropertyMap):
        (WebCore::ConstantPropertyMap::values):
        (WebCore::ConstantPropertyMap::nameForProperty):
        (WebCore::ConstantPropertyMap::setValueForProperty):
        (WebCore::ConstantPropertyMap::buildValues):
        (WebCore::variableDataForSafeAreaInset):
        (WebCore::ConstantPropertyMap::didChangeObscuredInsets):
        * dom/ConstantPropertyMap.h: Added.
        Keep a mapping of UA-defined "constants", which can be looked up
        from CSS via the aforementioned function. For now, this mapping
        includes only safe-area-inset-{top, right, bottom, left}, which
        expose the obscured insets (now that they can be painted into via
        the viewport parameter clip-to-safe-area-inset=no).

        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::didChangeObscuredInsets):
        * dom/Document.h:
        (WebCore::Document::constantProperties):
        * page/Page.cpp:
        (WebCore::Page::setObscuredInsets):
        * page/Page.h:
        (WebCore::Page::setObscuredInsets): Deleted.
        Make setObscuredInsets and related storage not iOS-specific, though
        nothing from the other platforms yet calls this code.

        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):
        Grab the constant properties from ConstantPropertyMap and plop them into
        the CustomPropertyValueMap. Constant properties aren't allowed to start
        with --, and variable properties must, so there is no opportunity here
        for exposing things to var() (or allowing custom properties to override
        UA-defined constant properties).

2017-04-20  Konstantin Tokarev  <annulen@yandex.ru>

        [cmake] Define FORWARDING_HEADERS_DIR in WebKitFS and use it everywhere
        https://bugs.webkit.org/show_bug.cgi?id=171071

        Reviewed by Michael Catanzaro.

        "${DERIVED_SOURCES_DIR}/ForwardingHeaders" path occurs very often in the
        build system files. GTK-specifc FORWARDING_HEADERS_DIR variable should
        be available for all ports.

        * CMakeLists.txt:
        * PlatformMac.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:

2017-04-20  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r215597.
        https://bugs.webkit.org/show_bug.cgi?id=171102

        Made all tests crash under GuardMalloc (Requested by ap on
        #webkit).

        Reverted changeset:

        "Expose obscured insets to web content (as "safe area
        insets")"
        https://bugs.webkit.org/show_bug.cgi?id=171013
        http://trac.webkit.org/changeset/215597

2017-04-20  Dean Jackson  <dino@apple.com>

        Add Web Sharing to the features under consideration.

        * features.json:

2017-04-20  Dean Jackson  <dino@apple.com>

        Add Scroll Anchoring to features under consideration.

        * features.json:

2017-04-20  Konstantin Tokarev  <annulen@yandex.ru>

        Remove unused lamda captures
        https://bugs.webkit.org/show_bug.cgi?id=171098

        Reviewed by Yusuke Suzuki.

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::activateTransactionInBackingStore):
        * loader/ResourceLoadStatisticsStore.cpp:
        (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
        (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):

2017-04-20  Timothy Horton  <timothy_horton@apple.com>

        Expose obscured insets to web content (as "safe area insets")
        https://bugs.webkit.org/show_bug.cgi?id=171013
        <rdar://problem/31564652>

        Reviewed by Wenson Hsieh and Dave Hyatt.

        Tests: fast/css/variables/constants/invalid-constant-name-fallback.html
               fast/css/variables/constants/ios/safe-area-inset-set.html
               fast/css/variables/constants/safe-area-inset-cannot-override.html
               fast/css/variables/constants/safe-area-inset-zero.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSValueKeywords.in:
        * css/CSSVariableData.cpp:
        (WebCore::CSSVariableData::checkVariablesForCyclesWithRange):
        (WebCore::CSSVariableData::resolveTokenRange):
        * css/parser/CSSVariableParser.cpp:
        (WebCore::isValidConstantName):
        (WebCore::classifyBlock):
        (WebCore::isValidConstantReference):
        Add a constant() function, which takes both custom properties and
        arbitrary idents which are looked up in ConstantPropertyMap, allowing
        fallback from the arbitrary, UA-defined idents to custom properties.

        * dom/ConstantPropertyMap.cpp: Added.
        (WebCore::ConstantPropertyMap::ConstantPropertyMap):
        (WebCore::ConstantPropertyMap::values):
        (WebCore::ConstantPropertyMap::nameForProperty):
        (WebCore::ConstantPropertyMap::setValueForProperty):
        (WebCore::ConstantPropertyMap::buildValues):
        (WebCore::variableDataForSafeAreaInset):
        (WebCore::ConstantPropertyMap::didChangeObscuredInsets):
        * dom/ConstantPropertyMap.h: Added.
        Keep a mapping of UA-defined "constants", which can be looked up
        from CSS via the aforementioned function. For now, this mapping
        includes only safe-area-inset-{top, right, bottom, left}, which
        expose the obscured insets (now that they can be painted into via
        the viewport parameter clip-to-safe-area-inset=no).

        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::didChangeObscuredInsets):
        * dom/Document.h:
        (WebCore::Document::constantProperties):
        * page/Page.cpp:
        (WebCore::Page::setObscuredInsets):
        * page/Page.h:
        (WebCore::Page::setObscuredInsets): Deleted.
        Make setObscuredInsets and related storage not iOS-specific, though
        nothing from the other platforms yet calls this code.

        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):
        Grab the constant properties from ConstantPropertyMap and plop them into
        the CustomPropertyValueMap. Constant properties aren't allowed to start
        with --, and variable properties must, so there is no opportunity here
        for exposing things to var() (or allowing custom properties to override
        UA-defined constant properties).

2017-04-20  Anders Carlsson  <andersca@apple.com>

        Remove one use of toPaymentAuthorizationStatus
        https://bugs.webkit.org/show_bug.cgi?id=171086

        Reviewed by Tim Horton.

        Just switch on the individual ApplePaySession::STATUS_ values.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::completeShippingMethodSelection):

2017-04-20  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] Fix build break after updating ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=170980

        Reviewed by Brent Fulgham.

        By stopping using SoftLinking for ANGLE, some changes are needed
        for WebCore and WebKit.
          - Define a macro 'GL_GLEXT_PROTOTYPES' before #include <GLES2/gl2.h> or <GLES2/gl2ext.h>.
          - Link libEGL import library explicitly.

        * PlatformWin.cmake: Link libEGL to WebCore.
        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::initializeEGLDisplay): Removed the code for SoftLinking.
        * platform/graphics/GLContext.cpp: Define GL_GLEXT_PROTOTYPES.
        * platform/graphics/egl/GLContextEGL.cpp: Ditto.
        * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp: Ditto.
        * platform/graphics/opengl/Extensions3DOpenGLES.h: Ditto.
        * platform/graphics/opengl/TemporaryOpenGLSetting.cpp: Ditto.
        * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp: Ditto.

2017-04-20  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Add regular expression support to XHR breakpoints
        https://bugs.webkit.org/show_bug.cgi?id=170099
        <rdar://problem/31558082>

        Reviewed by Joseph Pecoraro.

        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::setXHRBreakpoint):
        (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest):
        Use ContentSearchUtilities for both Text and RegularExpression breakpoints.

        * inspector/InspectorDOMDebuggerAgent.h:
        Associate XHR breakpoint with a type.

2017-04-20  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Cleanup and simplify CoreAudioCaptureSource
        https://bugs.webkit.org/show_bug.cgi?id=171064

        There is no need for a mutex to guard against internal state changes because we
        don't currently change configuration after the audio unit is allocated. Once
        we do support reconfiguration on the fly, we can just stop the output unit before
        changing configuration because the I/O proc isn't called if the output unit
        is stopped, and AudioOutputUnitStop blocks until the audio device has stopped.
        
        Reviewed by Jer Noble.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource): Call cleanupAudioUnits
        instead of duplicating logic. 
        (WebCore::CoreAudioCaptureSource::preferredIOBufferDuration): Change preferred
        duration from 20ms to 40ms.
        (WebCore::CoreAudioCaptureSource::configureMicrophoneProc): Set mSampleRate to the
        preferred sample rate if it is 0.
        (WebCore::CoreAudioCaptureSource::configureSpeakerProc): Ditto.
        (WebCore::CoreAudioCaptureSource::provideSpeakerData): Only increment counter and
        check timestamps in debug builds.
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples): Ditto.
        (WebCore::CoreAudioCaptureSource::cleanupAudioUnits): We only need the audio unit
        name in debug builds.
        (WebCore::CoreAudioCaptureSource::setupAudioUnits): Ditto. No more internal state
        lock. Don't try to get the default input device on iOS.
        (WebCore::CoreAudioCaptureSource::startProducingData): No more internal state lock.
        Assert if not called on the main thread.
        (WebCore::CoreAudioCaptureSource::stopProducingData): Ditto.
        (WebCore::CoreAudioCaptureSource::suspend): Ditto.
        (WebCore::CoreAudioCaptureSource::resume): Ditto.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-04-20  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Hold process assertion while media capture is active
        https://bugs.webkit.org/show_bug.cgi?id=171017
        <rdar://problem/31719177>

        Reviewed by Dean Jackson.

        * page/ActivityState.h: Add IsCapturingMedia flag.

        * page/Page.cpp:
        (WebCore::Page::updateTimerThrottlingState): Enable timer throttling when capture is active
        like we do when playing audio.
        (WebCore::Page::setActivityState): Ditto.

        * page/PerformanceMonitor.cpp:
        (WebCore::PerformanceMonitor::updateProcessStateForMemoryPressure): A process is active when
        capturing media, as it is when playing audio.

2017-04-20  Wenson Hsieh  <wenson_hsieh@apple.com>

        Inline anchor elements cannot be dragged when starting the drag from a block descendant
        https://bugs.webkit.org/show_bug.cgi?id=171062
        <rdar://problem/31697835>

        Reviewed by Tim Horton.

        Tweaks DragController::draggableElement to traverse the DOM instead of the render tree when finding a draggable
        element. This prevents us from skipping elements that are in the DOM ancestor chain, but appear as siblings to
        the hit-tested node's renderer in the render tree.

        There was also previously a check to ensure that we skip anonymous RenderObjects while traversing up the chain,
        but this is no longer necessary fter this change, since all the elements we traverse in the DOM should have
        renderers that are not anonymous.

        Test: fast/events/drag-and-drop-link-containing-block.html

        * page/DragController.cpp:
        (WebCore::DragController::draggableElement):

2017-04-20  Michael Catanzaro  <mcatanzaro@igalia.com>

        -Wformat warning on HistoryController.cpp:295:5
        https://bugs.webkit.org/show_bug.cgi?id=171028

        Reviewed by Daniel Bates.

        Need to cast WebCore::FrameLoadType to int before using it in printf.

        * loader/HistoryController.cpp:
        (WebCore::HistoryController::goToItem):

2017-04-20  Per Arne Vollan  <pvollan@apple.com>

        The toleranceBefore parameter in the AVPlayerItem method seekToTime should not be negative.
        https://bugs.webkit.org/show_bug.cgi?id=171063

        Reviewed by Eric Carlson.

        The AVPlayerItem method seekToTime will throw an exception if toleranceBefore is negative.

        No new tests since the change is a sanity check.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::seekTask):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::seekToTime):

2017-04-20  Anders Carlsson  <andersca@apple.com>

        Replace isFinalStateStatus with isFinalStateResult
        https://bugs.webkit.org/show_bug.cgi?id=171072
        rdar://problem/31589635

        Reviewed by Tim Horton.

        This will let us get rid of some of the status enum declarations.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::completePayment):
        * Modules/applepay/PaymentAuthorizationStatus.h:
        (WebCore::isFinalStateStatus): Deleted.
        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::completePaymentSession):
        * Modules/applepay/PaymentRequest.cpp:
        (WebCore::isFinalStateResult):
        * Modules/applepay/PaymentRequest.h:

2017-04-20  Brent Fulgham  <bfulgham@apple.com>

        [Win] REGRESSION(r215486): Windows Release build is broken
        https://bugs.webkit.org/show_bug.cgi?id=171024
        <rdar://problem/31722618>

        Reviewed by Mark Lam.

        Add missing include needed for clean Release build on Windows (proper
        fix found by Fujii Hironori).

        * bindings/js/JSDOMGlobalObject.h:

2017-04-20  Said Abou-Hallawa  <sabouhallawa@apple.com>

        CachedImage should cancel loading images for unsupported/unknown types
        https://bugs.webkit.org/show_bug.cgi?id=170697

        Reviewed by Youenn Fablet.

        Currently when the image decoder detects an error with the incoming encoded
        data of an image, we mark the image to be a broken image. But the network
        process keeps feeding the web process with the rest of the data. We should
        cancel loading the rest of the data to save network bandwidth and CPU time
        loading and processing useless data.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer):
        (WebCore::CachedImage::finishLoading):

2017-04-20  Aaron Chu  <aaron_chu@apple.com>

        AX: Modern Media Controls Timeline slider should be operable
        https://bugs.webkit.org/show_bug.cgi?id=170250

        Reviewed by Antoine Quint.

        Added a "change" event listener and aria-valuetext to the slider so that when a
        VoiceOver user operates the timeline control, VO speaks the updated timestamp

        Test: media/modern-media-controls/scrubber/scrubber-has-correct-ax-label.html

        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/modern-media-controls/controls/scrubber.js:
        (Scrubber.prototype.set inputAccessibleLabel):
        (Scrubber.prototype._formatTime):
        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.handleEvent):
        (Slider.prototype._handleInputEvent): Deleted.
        * Modules/modern-media-controls/controls/time-control.js:
        (TimeControl.prototype.updateScrubberLabel):
        * Modules/modern-media-controls/controls/time-label.js:
        (TimeLabel.prototype.commitProperty):
        (TimeLabel.prototype._formattedTime):
        * Modules/modern-media-controls/main.js:
        (formatTimeByUnit):
        (unitizeTime):

2017-04-20  Andy Estes  <aestes@apple.com>

        Fix indentation in AVKitSPI.h
        https://bugs.webkit.org/show_bug.cgi?id=171066

        Reviewed by Jer Noble.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-20  Jer Noble  <jer.noble@apple.com>

        [MediaCapture] gUM() with CoreAudio fails if capturing audio in the UIProcess.
        https://bugs.webkit.org/show_bug.cgi?id=171021

        Reviewed by Eric Carlson.

        Refactor the creation of RealtimeMediaSources to take a persistent device ID rather
        than a CaptureDevice directly. This allows WebKit2 to iterate devices in the UIProcess
        rather than the WebProcess.

        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
        (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints):
        * platform/mock/MockRealtimeAudioSource.cpp:
        * platform/mock/MockRealtimeVideoSource.cpp:

2017-04-20  Tim Horton  <timothy_horton@apple.com>

        Make it possible to request the non-expanded scrollbar width from ScrollbarTheme
        https://bugs.webkit.org/show_bug.cgi?id=171047

        Reviewed by Sam Weinig.

        No new tests, new behavior is not exposed in any way.

        * platform/ScrollTypes.h:
        * platform/ScrollbarTheme.h:
        (WebCore::ScrollbarTheme::scrollbarThickness):
        * platform/gtk/ScrollbarThemeGtk.cpp:
        (WebCore::ScrollbarThemeGtk::scrollbarThickness):
        * platform/gtk/ScrollbarThemeGtk.h:
        * platform/ios/ScrollbarThemeIOS.h:
        * platform/ios/ScrollbarThemeIOS.mm:
        (WebCore::ScrollbarThemeIOS::scrollbarThickness):
        * platform/mac/ScrollbarThemeMac.h:
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::scrollbarThickness):
        * platform/mock/ScrollbarThemeMock.cpp:
        (WebCore::ScrollbarThemeMock::scrollbarThickness):
        * platform/mock/ScrollbarThemeMock.h:
        * platform/win/ScrollbarThemeWin.cpp:
        (WebCore::ScrollbarThemeWin::scrollbarThickness):
        * platform/win/ScrollbarThemeWin.h:
        * rendering/RenderScrollbarTheme.h:
        On Mac, when the scrollbar is hovered, it gets bigger.
        Currently, scrollbarThickness always returns the big size.
        It should be possible to request the smaller, "regular" scrollbar size as well.

2017-04-20  Jon Lee  <jonlee@apple.com>

        Update pip placard to "picture in picture"
        https://bugs.webkit.org/show_bug.cgi?id=171036
        rdar://problem/30201536

        Reviewed by Antoine Quint.

        Updated media/modern-media-controls/pip-placard/pip-placard.html

        Update the text shown with the picture in picture placard.

        * English.lproj/mediaControlsLocalizedStrings.js:
        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updatePictureInPicturePlaceholder):
        * Modules/modern-media-controls/controls/pip-placard.js:
        (PiPPlacard):

2017-04-20  Youenn Fablet  <youenn@apple.com>

        RTCPeerConnection is stopping its backend twice sometimes
        https://bugs.webkit.org/show_bug.cgi?id=171043

        Reviewed by Eric Carlson.

        Test: webrtc/closing-peerconnection.html

        Making sure we stop the backend only once.
        Adding an internals API to close the peer connection so as to replicate frame disconnection.

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::doClose):
        (WebCore::RTCPeerConnection::doStop):
        * Modules/mediastream/RTCPeerConnection.h:
        * testing/Internals.cpp:
        (WebCore::Internals::stopPeerConnection):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-20  Antti Koivisto  <antti@apple.com>

        Increase large animation cutoff
        https://bugs.webkit.org/show_bug.cgi?id=171051
        <rdar://problem/31731532>

        Reviewed by Andreas Kling.

        We currently switch to per-frame decoding if the animation is larger than 5MB. This is very
        power-inefficient and such animations are now common. The cutoff originates from 2007 (r20069),
        it is time update it.

        Note that the normal low memory handling will still kill animation frames as needed.

        * platform/graphics/BitmapImage.h:

            Increase cutoff to 30MB. This is enough (with some room to spare) for animations on current
            tumblr.com/search/aww.

            Also remove the separate cutoff value for iOS.

2017-04-20  Zan Dobersek  <zdobersek@igalia.com>

        Register missing AES_CTR, ECDSA and HKDF algorithms in
        GCrypt's CryptoAlgorithmRegistry implementation.

        Rubber-stamped by Carlos Alberto Lopez Perez.

        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):

2017-04-20  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] Implement support for DPub ARIA roles
        https://bugs.webkit.org/show_bug.cgi?id=170679

        Reviewed by Chris Fleizach.

        Create two new WebCore AccessibilityRole values: TextGroup and ApplicationTextGroup.
        These roles make it possible for platforms to distinguish groups which are primarily
        intended to display textual content from groups which are primarily intended to hold
        user-interface objects. Use these roles to fix the ATK mapping of DPub's groups, which
        should be exposed as ATK_ROLE_SECTION; not ATK_ROLE_PANEL.

        Modify the following WebCore AccessibilityRole mappings:
        - doc-abstract changed to ApplicationTextGroupRole because this DPub ARIA role does
          not subclass the ARIA landmark role
        - doc-biblioentry and doc-endnote changed to ListItemRole, because these DPub ARIA
          roles subclass the ARIA listitem role
        - doc-notice and doc-tip changed to DocumentNoteRole because these DPub ARIA roles
          subclass the ARIA note role
        - doc-pagebreak changed to SplitterRole because this DPub ARIA role subclasses the
          ARIA separator role

        No new tests required: New test cases were added to xml-roles-exposed.html, and
        the platform expectations for roles-exposed.html were updated to reflect the
        correct mappings.

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::determineAccessibilityRole):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::isGroup):
        (WebCore::AccessibilityNodeObject::helpText):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::ariaTreeItemContent):
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::computedRoleString):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::helpText):
        (WebCore::AccessibilityRenderObject::shouldFocusActiveDescendant):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):
        (atkRole):
        (roleIsTextType):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        (-[WebAccessibilityObjectWrapper containsUnnaturallySegmentedChildren]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):

2017-04-19  Youenn Fablet  <youenn@apple.com>

        [Mac] Allow customizing H264 encoder
        https://bugs.webkit.org/show_bug.cgi?id=170829

        Reviewed by Alex Christensen.

        Using WebKitAdditions CreateCompressionSession if available.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.h: Added.
        * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm: Added.
        (WebCore::H264VideoToolboxEncoder::CreateCompressionSession):
        * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.cpp:
        (WebCore::VideoToolboxVideoEncoderFactory::CreateSupportedVideoEncoder):

2017-04-19  Eric Carlson  <eric.carlson@apple.com>

        Another deadlock in CoreAudioCaptureSource
        https://bugs.webkit.org/show_bug.cgi?id=171001

        Fix another regression introduced by r215201, plus make changes suggested
        in the review of 170771.

        Reviewed by Youenn Fablet.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::configureSpeakerProc): Assert if the lock is no held.
        (WebCore::CoreAudioCaptureSource::provideSpeakerData): Don't reset the buffer.
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples): Take the state lock. Don't
        reset the buffer. No more microphone callbacks.
        (WebCore::CoreAudioCaptureSource::stopProducingData): Return early if the io unit isn't
        running. Drop the lock before calling setMuted to avoid another deadlock.
        (WebCore::CoreAudioCaptureSource::addMicrophoneDataConsumer): Deleted.
        (WebCore::CoreAudioCaptureSource::removeMicrophoneDataConsumer): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureSource.h:

2017-04-19  Anders Carlsson  <andersca@apple.com>

        Stop using deprecated APIs, part 3
        https://bugs.webkit.org/show_bug.cgi?id=171003
        rdar://problem/31589635
        rdar://problem/31589635

        Reviewed by Tim Horton.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        The status member variable has been removed from ApplePayShippingMethodUpdate.

        (WebCore::ApplePaySession::completeShippingMethodSelection):
        If status is not STATUS_SUCCESS, cancel the payment session.

        (WebCore::ApplePaySession::canSuspendForDocumentSuspension):
        (WebCore::ApplePaySession::canBegin):
        (WebCore::ApplePaySession::canAbort):
        (WebCore::ApplePaySession::canCancel):
        (WebCore::ApplePaySession::canCompleteShippingMethodSelection):
        (WebCore::ApplePaySession::canCompleteShippingContactSelection):
        (WebCore::ApplePaySession::canCompletePaymentMethodSelection):
        (WebCore::ApplePaySession::canCompletePayment):
        (WebCore::ApplePaySession::isFinalState):
        Add State::CancelRequested.

        * Modules/applepay/ApplePayShippingMethodUpdate.h:
        * Modules/applepay/ApplePayShippingMethodUpdate.idl:
        Remove status.

        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::cancelPaymentSession):
        Call through to the client.

        * Modules/applepay/PaymentCoordinator.h:
        * Modules/applepay/PaymentCoordinatorClient.h:
        Add cancelPaymentSession().

        * Modules/applepay/PaymentRequest.h:
        Remove status.

        * loader/EmptyClients.cpp:
        Add new client member function.

2017-04-19  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Limit capture to one tab at a time
        https://bugs.webkit.org/show_bug.cgi?id=171009

        Reviewed by Jon Lee.

        No new tests yet, filed bug 171011.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::stopTrack): Drive-by fix: renamed from stopProducingData
        because stopProducingData is a method in RealtimeMediaSource that does something different.
        (WebCore::MediaStreamTrack::stop): Call stopTrack.
        (WebCore::MediaStreamTrack::stopProducingData): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/MediaStreamTrack.idl:

        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::replaceTrack): Update for rename.

        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::muted): Drive-by fix: a track that has ended but 
        which is not muted will never produce data.

2017-04-19  Alex Christensen  <achristensen@webkit.org>

        Parsing large XML strings fails
        https://bugs.webkit.org/show_bug.cgi?id=170999
        <rdar://problem/17336267>

        Reviewed by Brady Eidson.

        Test: fast/dom/xml-large.html

        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLParserContext::createStringParser):
        (WebCore::XMLParserContext::createMemoryParser):
        Allow huge XML strings. They work fine in Chrome and Firefox.

2017-04-19  Chris Fleizach  <cfleizach@apple.com>

        AX: <hr> should use a different role description than interactive separators
        https://bugs.webkit.org/show_bug.cgi?id=170317
        <rdar://problem/31363024>

        Reviewed by Joanmarie Diggs.

        Users are confused with WebKit's accessibility description of separators. 
        We should call these what they are, horizontal rules.

        Updated test: accessibility/mac/hr-element-expected.txt

        * English.lproj/Localizable.strings:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::orientation):
        * platform/cocoa/LocalizedStringsCocoa.mm:
        (WebCore::AXHorizontalRuleDescriptionText):

2017-04-19  Anders Carlsson  <andersca@apple.com>

        Rename cancelPayment to cancelPaymentSession
        https://bugs.webkit.org/show_bug.cgi?id=171007

        Reviewed by Tim Horton.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::ApplePaySession::didCancelPaymentSession):
        (WebCore::ApplePaySession::didCancelPayment): Deleted.
        * Modules/applepay/ApplePaySession.h:
        * Modules/applepay/PaymentCoordinator.cpp:
        (WebCore::PaymentCoordinator::didCancelPaymentSession):
        (WebCore::PaymentCoordinator::didCancelPayment): Deleted.
        * Modules/applepay/PaymentCoordinator.h:

2017-04-19  Joseph Pecoraro  <pecoraro@apple.com>

        ASAN Crash running LayoutTests/inspector/worker tests
        https://bugs.webkit.org/show_bug.cgi?id=170967
        <rdar://problem/31256437>

        Reviewed by Alex Christensen.

        * workers/WorkerMessagingProxy.h:
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::WorkerMessagingProxy):
        (WebCore::WorkerMessagingProxy::workerGlobalScopeDestroyedInternal):
        Make the MessagingProxy thread safe ref counted. Since it used to
        delete itself, turn this into a ref (implicit on construction)
        and deref (replacing delete this).

        (WebCore::WorkerMessagingProxy::postMessageToPageInspector):
        When dispatching have the lambda implicitly ref/deref with the
        lambda to keep the proxy alive while a lambda is queued.

2017-04-19  Brent Fulgham  <bfulgham@apple.com>

        [iOS, macOS] Guard against passing nullptr to vImagePremultiplyData
        https://bugs.webkit.org/show_bug.cgi?id=170912
        <rdar://problem/30565800>

        Reviewed by Brady Eidson.

        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::affineWarpBufferData): Assert if we passed nullptr buffers.
        (WebCore::transferData): Ditto.
        (WebCore::ImageBufferData::getData): Check for nullptr data member and avoid passing to vImage routines.
        (WebCore::ImageBufferData::putData): Ditto.

2017-04-19  Dave Hyatt  <hyatt@apple.com>

        Remove bogus assert for :not.
        https://bugs.webkit.org/show_bug.cgi?id=170995
        <rdar://problem/29693115>

        Reviewed by Zalan Bujtas.

        * css/parser/CSSSelectorParser.cpp:

2017-04-19  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Allow non-PNG resources
        https://bugs.webkit.org/show_bug.cgi?id=170992
        <rdar://problem/31706590>

        Reviewed by Dean Jackson.

        Instead of passing in a name and a platform to MediaControlsHost::base64StringForIconAndPlatform(),
        we now pass in a name and a type to MediaControlsHost::base64StringForIconNameAndType(). We've removed
        the need to provide a platform by copying the resources directly under "Resources/modern-media-controls"
        insted of "Resources/modern-media-controls/platform-name-here", and now we provide a type so that it
        may be passed down to -[NSBundle pathForResource:ofType:inDirectory:].

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::base64StringForIconNameAndType):
        (WebCore::MediaControlsHost::base64StringForIconAndPlatform): Deleted.
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:
        * Modules/modern-media-controls/controls/icon-service.js:
        (const.iconService.new.IconService.prototype.imageForIconNameAndLayoutTraits):
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::mediaControlsBase64StringForIconNameAndType):
        (WebCore::RenderTheme::mediaControlsBase64StringForIconAndPlatform): Deleted.
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsBase64StringForIconNameAndType):
        (WebCore::RenderThemeIOS::mediaControlsBase64StringForIconAndPlatform): Deleted.
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::mediaControlsBase64StringForIconNameAndType):
        (WebCore::RenderThemeMac::mediaControlsBase64StringForIconAndPlatform): Deleted.

2017-04-19  Antti Koivisto  <antti@apple.com>

        Avoid repaints for invisible animations on tumblr.com/search/aww
        https://bugs.webkit.org/show_bug.cgi?id=170986
        <rdar://problem/28644580>

        Reviewed by Andreas Kling.

        Test: fast/repaint/mutate-non-visible.html

        * rendering/style/RenderStyle.cpp:
        (WebCore::requiresPainting):
        (WebCore::RenderStyle::changeRequiresRepaint):

            If an element is invisible it does not require repaint even if something else changes.

2017-04-19  Dean Jackson  <dino@apple.com>

        Non-muxable GPUs shouldn't allow offline rendering
        https://bugs.webkit.org/show_bug.cgi?id=170984
        <rdar://problem/31614406>

        Reviewed by Myles Maxfield.

        Setting the kCGLPFAAllowOfflineRenderers flag doesn't do any
        harm on devices that only have one GPU. It's also what we
        want on devices that can mux between GPUs. However, we were
        also setting it unconditionally on devices with multiple
        GPUs that have issues muxing.

        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::setPixelFormat): Add a test for hasMuxableGPU.

2017-04-18  Youenn Fablet  <youenn@apple.com>

        RTCOfferOptions iceRestart should be supported
        https://bugs.webkit.org/show_bug.cgi?id=170966

        Reviewed by Alex Christensen.

        No ability to test iceRestart as of now.
        Passing iceRestart value to libwebrtc.
        Passing also voiceActivityDetection value to libwebrtc.
        Updating mock to use the new overloaded CreateOffer method.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::doCreateOffer):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::doCreateOffer):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::doCreateOffer):
        * testing/MockLibWebRTCPeerConnection.cpp:
        (WebCore::MockLibWebRTCPeerConnection::CreateOffer):
        * testing/MockLibWebRTCPeerConnection.h:

2017-04-18  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Support DataTransfer::files() when performing a DHTML data interaction
        https://bugs.webkit.org/show_bug.cgi?id=170880
        <rdar://problem/31314689>

        Reviewed by Tim Horton.

        Adds support for fetching files from the DataTransfer when performing a data interaction operation handled by
        JavaScript. There are two changes we make here to achieve this:

        First, we teach the Pasteboard on iOS to know what file paths hold the item provider contents used in the
        current data interaction operation. On iOS, Pasteboard::readFilenames is currently hard-coded to return an empty
        vector. To fix this, we add logic to the iOS Pasteboard to remember what the paths of all files that were
        successfully loaded from item providers as the data interaction is taking place. This ensures that at the
        WebCore layer, the implementation of Pasteboard::readFilenames on Mac and iOS is similar -- they both call out
        to the client layer in order to read file paths off of their respective pasteboards. Once in the client layer
        (WebKit1 or WebKit2) we then call into PlatformPasteboard::filenamesForDataInteraction, which then calls into
        WebItemProviderPasteboard if applicable.

        The second tweak is to propagate information about whether the document is preventing default data interaction
        behavior to the client layer. This prevents us from having to save pasteboard content when performing data
        interaction in cases where file information is not needed (i.e. the default behavior is being performed, and
        the target is not a file input). This also avoids compatibility issues with insertion animations when performing
        data interaction in editable areas, due to the extra time spent loading item provider data into a temporary
        file.

        Unit tests in <https://bugs.webkit.org/show_bug.cgi?id=170903>.

        * page/DragController.cpp:
        (WebCore::DragController::DragController):
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::dragEnteredOrUpdated):
        (WebCore::DragController::tryDocumentDrag):

        Refactor DragController::tryDocumentDrag to return a DragHandlingMethod. This method currently returns either
        true or false; this patch changes it to return a DragHandlingMethod, which is either None (the equivalent of
        returning false before the patch), Default (indicating that the drop destination is allowing default handling),
        or NonDefault, which indicates that the drop destination has explicitly prevented default.

        * page/DragController.h:
        (WebCore::DragController::documentIsHandlingNonDefaultDrag):

        Used by WebPage when sending an IPC response after handling dragentered or dragupdated.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::readFilenames):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::filenamesForDataInteraction):
        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:

        WebItemProviderPasteboard now remembers the file URLs of successfully loaded item provider content when a data
        interaction is being performed. The new filenamesForDataInteraction property returns the array of data
        interaction file URLs which have been propagated to the web process along with sandbox extensions. This state
        is cleaned up when list of item providers change (i.e. when the data interaction operation is finished, or if
        the web content process crashes, etc.)

        (-[WebItemProviderPasteboard init]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard filenamesForDataInteraction]):
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):

2017-04-18  Dean Jackson  <dino@apple.com>

        Cairo build fix.
        https://bugs.webkit.org/show_bug.cgi?id=170941

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2017-04-18  Ryan Haddad  <ryanhaddad@apple.com>

        Rebaseline bindings tests after r215486.

        Unreviewed test gardening.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjOnfooGetter):
        (WebCore::jsTestObjOnwebkitfooGetter):

2017-04-18  Dean Jackson  <dino@apple.com>

        Attempted build fix. Add/remove some files from ANGLE.

        * CMakeLists.txt:

2017-04-18  Dean Jackson  <dino@apple.com>

        Update ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=170941
        <rdar://problem/31633999>

        Reviewed by Alex Christensen.

        * platform/graphics/ANGLEWebKitBridge.cpp:
        (WebCore::getSymbolInfo):
        (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
        (WebCore::ANGLEWebKitBridge::cleanupCompilers):
        (WebCore::ANGLEWebKitBridge::compileShaderSource):
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::checkVaryingsPacking):

2017-04-18  John Wilander  <wilander@apple.com>

        Make WebCore::topPrivatelyControlledDomain() return "localhost" for localhost
        https://bugs.webkit.org/show_bug.cgi?id=170798
        <rdar://problem/31595108>

        Reviewed by Alex Christensen.

        API test augmented.

        * platform/mac/PublicSuffixMac.mm:
        (WebCore::topPrivatelyControlledDomain):
            Now returns the lowercase top privately controlled
            domain including "localhost" for the host localhost.

2017-04-18  Brent Fulgham  <bfulgham@apple.com>

        JSEventListener::m_isolatedWorld should be a Ref
        https://bugs.webkit.org/show_bug.cgi?id=170910
        <rdar://problem/30470332>

        Reviewed by Alex Christensen.

        Since m_isolatedWorld should never be nullptr, change the implementation of m_isolatedWorld
        from a RefPtr to a Ref, and adjust the various call sites to support this change.

        This should help us catch any changes that permit the isolatedWorld to be set to nullptr.

        No new tests since there should be no change in behavior.

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::initializeJSFunction):
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::cast):
        (WebCore::JSEventListener::isolatedWorld):
        (WebCore::JSEventListener::jsFunction):

2017-04-18  Brent Fulgham  <bfulgham@apple.com>

        Correct handling of isolatedWorld in event handling
        https://bugs.webkit.org/show_bug.cgi?id=65589
        <rdar://problem/24097804>

        Reviewed by Geoffrey Garen.

        This patch was inspired by Adam's original patch as well as the
        following Blink change:
        https://src.chromium.org/viewvc/blink?revision=152377&view=revision

        Thread isolatedWorld state through event handling logic.

        Tests: fast/dom/event-attrs-isolated-world.html
               http/tests/security/isolatedWorld/onclick-attribute.html

        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::initializeJSFunction):
        (WebCore::JSEventListener::world):
        (WebCore::eventHandlerAttribute):
        (WebCore::setEventHandlerAttribute):
        (WebCore::windowEventHandlerAttribute):
        (WebCore::setWindowEventHandlerAttribute):
        (WebCore::documentEventHandlerAttribute):
        (WebCore::setDocumentEventHandlerAttribute):
        * bindings/js/JSEventListener.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * dom/Document.cpp:
        (WebCore::Document::setWindowAttributeEventListener):
        (WebCore::Document::getWindowAttributeEventListener):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::setAttributeEventListener):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::setAttributeEventListener):
        (WebCore::EventTarget::attributeEventListener):
        * dom/EventTarget.h:
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplacementFragment::ReplacementFragment):
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::parseAttribute):
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::parseAttribute):
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::parseAttribute):

2017-04-18  Jeremy Jones  <jeremyj@apple.com>

        Deadlock in CoreAudioCaptureSource
        https://bugs.webkit.org/show_bug.cgi?id=170771
        rdar://problem/31578919

        Reviewed by Eric Carlson.

        Fixes a regression introduced by r215201.

        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):

2017-04-18  Anders Carlsson  <andersca@apple.com>

        Stop using deprecated APIs, part 2
        https://bugs.webkit.org/show_bug.cgi?id=170965
        rdar://problem/31589635

        Reviewed by Tim Horton.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        No need to convert the status anymore.

        (WebCore::ApplePaySession::completeShippingContactSelection):
        Create an ApplePayError given the status.

        * Modules/applepay/ApplePayShippingContactUpdate.h:
        Remove the status member variable.

        * Modules/applepay/PaymentRequest.h:
        Remove the status member variable.

2017-04-18  Tim Horton  <timothy_horton@apple.com>

        Safari crash when clicking phone number data detector popover button
        https://bugs.webkit.org/show_bug.cgi?id=170936
        <rdar://problem/31416570>

        Reviewed by Wenson Hsieh.

        * platform/spi/mac/DataDetectorsSPI.h:
        Soft-link the phone number key from the correct framework.

2017-04-17  Sam Weinig  <sam@webkit.org>

        [WebIDL] Make annotated types first class allowing them to be used in sequences and unions
        https://bugs.webkit.org/show_bug.cgi?id=170926

        Reviewed by Chris Dumez.

        - Adds IDL types for WebIDL annotated types:
            [Clamp] T -> IDLClampAdaptor<T>
            [EnforceRange] T -> IDLEnforceRangeAdaptor<T>
            [TreatNullAs=EmptyString] T -> IDLTreatNullAsEmptyAdaptor<T>
        - Adds additional adaptors for existing specializations
            [AtomicString] T -> IDLAtomicStringAdaptor<T>
            [RequiresExistingAtomicString] T -> IDLRequiresExistingAtomicStringAdaptor<T>
        - Removes the need for IntegerConversionConfiguration and StringConversionConfiguration
          overloads of convert().
        - Allows the use of annotated types as subtypes, such as in sequences and unions.

        * bindings/IDLTypes.h:
        Add new types:
            - IDLClampAdaptor
            - IDLEnforceRangeAdaptor
            - IDLTreatNullAsEmptyAdaptor
            - IDLAtomicStringAdaptor
            - IDLRequiresExistingAtomicStringAdaptor
        Add new predicates for matching strings and strings/enumerations.

        * bindings/js/JSDOMConvertNullable.h:
        Remove now unnecessary overloads of convert that took IntegerConversionConfiguration
        and StringConversionConfiguration.

        * bindings/js/JSDOMConvertNumbers.cpp:
        * bindings/js/JSDOMConvertNumbers.h:
        Replace individually named conversion functions with explicit template specializations
        based on type.
        (WebCore::Converter<IDLByte>::convert):
        (WebCore::Converter<IDLOctet>::convert):
        (WebCore::Converter<IDLShort>::convert):
        (WebCore::Converter<IDLUnsignedShort>::convert):
        (WebCore::Converter<IDLLong>::convert):
        (WebCore::Converter<IDLUnsignedLong>::convert):
        (WebCore::Converter<IDLLongLong>::convert):
        (WebCore::Converter<IDLUnsignedLongLong>::convert):
        Simplify convert functions for normal integer converters to only handle
        the normal case. 

        (WebCore::Converter<IDLClampAdaptor<T>>::convert):
        (WebCore::JSConverter<IDLClampAdaptor<T>>::convert):
        (WebCore::Converter<IDLEnforceRangeAdaptor<T>>::convert):
        (WebCore::JSConverter<IDLEnforceRangeAdaptor<T>>::convert):
        Add converters for the new annotated types that call into the new
        template specialized conversion functions.

        * bindings/js/JSDOMConvertStrings.h:
        (WebCore::Converter<IDLDOMString>::convert):
        (WebCore::Converter<IDLByteString>::convert):
        (WebCore::Converter<IDLUSVString>::convert):
        Remove no longer needed StringConversionConfiguration parameter.

        (WebCore::Converter<IDLTreatNullAsEmptyAdaptor<T>>::convert):
        (WebCore::JSConverter<IDLTreatNullAsEmptyAdaptor<T>>::convert):
        (WebCore::Converter<IDLAtomicStringAdaptor<T>>::convert):
        (WebCore::JSConverter<IDLAtomicStringAdaptor<T>>::convert):
        (WebCore::Converter<IDLRequiresExistingAtomicStringAdaptor<T>>::convert):
        (WebCore::JSConverter<IDLRequiresExistingAtomicStringAdaptor<T>>::convert):
        Add converters for new annotated types. Statically assert that the atomic string
        adaptors only work for DOMString at present.

        * bindings/js/JSDOMConvertUnion.h:
        Update union code to fix a long standing FIXME, treating enumerations as strings
        for the purposes of the union algorithm, and using the new predicate that works
        with the slightly more complicated IDLString type (e.g. it can now either be a String
        or an AtomicString).

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
        * bindings/js/JSDocumentCustom.cpp:
        * bindings/js/JSEventListener.cpp:
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        * bindings/js/JSMockContentFilterSettingsCustom.cpp:
        * bindings/js/JSNodeFilterCustom.cpp:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        Remove explicit passing of Normal for the conversion configuration
        and use new adaptors where appropriate.

        * bindings/scripts/CodeGeneratorJS.pm:
        (IsAnnotatedType):
        (GetAnnotatedIDLType):
        (GetIDLType):
        (JSValueToNative):
        (UnsafeToNative):
        (GetIntegerConversionConfiguration): Deleted.
        (GetStringConversionConfiguration): Deleted.
        Replace passing conversion configuration and specializing for atomic string
        with annotated types.

        * bindings/scripts/IDLParser.pm:
        (parseUnionMemberType):
        Fix parser error where we weren't parsing extended attributes for a union correctly.

        * bindings/scripts/test/JS/JSMapLike.cpp:
        * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
        * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        Update tests for changes to integer and string conversion.

        * domjit/DOMJITIDLConvert.h:
        * domjit/DOMJITIDLType.h:
        * domjit/DOMJITIDLTypeFilter.h:
        Add specializations for AtomicString related adaptors.

        * testing/TypeConversions.h:
        * testing/TypeConversions.idl:
        - Re-arrange integer attributes to be in size order, and add [Clamp] variants. 
        - Replace function taking a dictionary + attributes to inspect it
          with a dictionary attribute. This has been supported for a while
          and makes the test much clearer (this includes the enum used for
          inspecting the union in the dictionary).
        - Add additional test unions that exercise annotated types as subtypes.
        - Add additional dictionary items that exercise annotated types as subtypes.

2017-04-18  Antti Koivisto  <antti@apple.com>

        Enable optimized layer flushes on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170938
        <rdar://problem/31677395>

        Reviewed by Simon Fraser.

        Test: compositing/ios/overflow-scroll-touch-tiles.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setApproximatePosition):

            Make virtual.

        (WebCore::GraphicsLayer::flushCompositingState):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::syncPosition):

            Rename PositionChanged enum value to more descriptive NeedsComputeVisibleAndCoverageRect.

        (WebCore::GraphicsLayerCA::setApproximatePosition):
        (WebCore::GraphicsLayerCA::syncBoundsOrigin):

            Like syncPosition make these invalidate the geometry without scheduling a flush. This is needed
            so when flush happens we don't just optimize it away. Tile coverage depends on position and bounds.

        (WebCore::GraphicsLayerCA::flushCompositingState):

            Remove FlushScope argument.
            Disable optimization on WK1 due to some UIKit interactions.

        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::flushCompositingState):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

2017-04-18  Tim Horton  <timothy_horton@apple.com>

        Try to fix the iOS Debug build

        * platform/LengthBox.h:

2017-04-18  Andreas Kling  <akling@apple.com>

        Break Document::m_associatedFormControls reference cycle.
        <https://webkit.org/b/170946>

        Reviewed by Antti Koivisto.

        There was a race between didAssociateFormControls() and didAssociateFormControlsTimerFired()
        where detaching Document from its frame between the two would lead to an unbreakable reference
        cycle between Document and its form elements.

        Solve this by clearing the set of associated form elements in removedLastRef(), where we clear
        all the other strong smart pointers to elements.

        * dom/Document.cpp:
        (WebCore::Document::removedLastRef):

2017-04-18  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Add support for percentage gaps
        https://bugs.webkit.org/show_bug.cgi?id=170764

        Reviewed by Sergio Villar Senin.

        Part of the code to support percentage gaps was already imported
        from Blink in r213149 (bug #168657). However parsing was not enabled yet,
        so some pieces were missing.

        This patch accepts percentages in the parsing of grid-column-gap and
        grid-row-gap properties, and the grid-gap shorthand.
        On top of that it gets rid of GridTrackSizingAlgorithm::sizingOperation()
        method as it's not needed. And instead it passes the specific operation
        to each call to RenderGrid::guttersSize(), otherwise we would be getting
        wrong results.

        Test: fast/css-grid-layout/grid-gutters-as-percentage.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue): Add support for
        percentage values.
        (WebCore::CSSPropertyParser::parseShorthand): Ditto.
        * rendering/GridTrackSizingAlgorithm.cpp:
        (WebCore::IndefiniteSizeStrategy::recomputeUsedFlexFractionIfNeeded):
        Pass the specific sizing operation.
        * rendering/GridTrackSizingAlgorithm.h: Remove sizingOperation().
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeTrackBasedLogicalHeight): Pass the specific
        sizing operation.
        (WebCore::RenderGrid::computeTrackSizesForDefiniteSize): Ditto.
        (WebCore::RenderGrid::computeTrackSizesForIndefiniteSize): Ditto.
        (WebCore::RenderGrid::populateGridPositionsForDirection): Ditto.

2017-04-18  Per Arne Vollan  <pvollan@apple.com>

        Add fallback fonts to video captions stylesheet.
        https://bugs.webkit.org/show_bug.cgi?id=170495

        Reviewed by Eric Carlson.

        The kCTFontCascadeListAttribute key is used to obtain the cascade list for a font reference.

        I have not added a test, since CaptionUserPreferences::testingMode() returns true when running tests,
        preventing this code path from being executed.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionsDefaultFontCSS):
        * platform/spi/win/CoreTextSPIWin.h:

2017-04-18  Miguel Gomez  <magomez@igalia.com>

        [GTK+] Crash in WebCore::ImageFrame::ImageFrame()
        https://bugs.webkit.org/show_bug.cgi?id=170332

        Reviewed by Carlos Garcia Campos.

        When decoding a PNG image, don't reset the number of frames to 1 when there's a decoding error. Doing
        so causes a crash if the number of frames we reported before is bigger than 1.

        Test: fast/images/bad-png-missing-fdat.html

        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::fallbackNotAnimated):

2017-04-18  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GLIB] Define priorities also for async network IO tasks
        https://bugs.webkit.org/show_bug.cgi?id=170905

        Reviewed by Žan Doberšek.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::redirectSkipCallback):
        (WebCore::sendRequestCallback):
        (WebCore::continueAfterDidReceiveResponse):
        (WebCore::readCallback):
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::SocketStreamHandleImpl::connected):
        (WebCore::SocketStreamHandleImpl::readBytes):

2017-04-17  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed build fix for !ENABLE(MEDIA_STREAM) configurations.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted): Guard the use of
        HTMLMediaElement::hasMediaStreamSrcObject() with ENABLE(MEDIA_STREAM).

2017-04-17  Alex Christensen  <achristensen@webkit.org>

        Allow Variants of RetainPtrs
        https://bugs.webkit.org/show_bug.cgi?id=170923

        Reviewed by Tim Horton and Sam Weinig.

        No change in behavior.  Just updated the one class that used RetainPtr::operator& to cleanly initialize
        RetainPtrs instead of taking the address of a smart pointer and forcing a value inside of it.

        * platform/mac/SSLKeyGeneratorMac.mm:
        (WebCore::signedPublicKeyAndChallengeString):

2017-04-17  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] 'WebCore::GraphicsLayerTextureMapper::flushCompositingStated': method with override specifier 'override' did not override any base class methods
        https://bugs.webkit.org/show_bug.cgi?id=170928

        Reviewed by Simon Fraser.

        Apply the same change of CoordinatedGraphicsLayer.{cpp,h} of r215410 to GraphicsLayerTextureMapper.{cpp,h}.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::flushCompositingState): Added the second argument.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h: Ditto.

2017-04-17  Timothy Horton  <timothy_horton@apple.com>

        Plumb all four obscured insets to WebCore, instead of just top/left
        https://bugs.webkit.org/show_bug.cgi?id=170913

        Reviewed by Wenson Hsieh.

        No new tests, no observable behavior change yet.

        In preparation for a future patch (for rdar://problem/31564652), plumb
        all four obscured insets to WebCore/the Web Content process, instead of
        just the top and left insets.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * history/HistoryItem.h:
        (WebCore::HistoryItem::obscuredInsets):
        (WebCore::HistoryItem::setObscuredInsets):
        (WebCore::HistoryItem::obscuredInset): Deleted.
        (WebCore::HistoryItem::setObscuredInset): Deleted.
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::saveScrollPositionAndViewStateToItem):
        * page/Page.h:
        (WebCore::Page::obscuredInsets):
        (WebCore::Page::setObscuredInsets):
        (WebCore::Page::obscuredInset): Deleted.
        (WebCore::Page::setObscuredInset): Deleted.
        Adopt FloatBoxExtent for obscuredInsets (and adjust pluralization).

2017-04-17  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Doesn't show size of compressed content correctly
        https://bugs.webkit.org/show_bug.cgi?id=155112
        <rdar://problem/25006728>

        Reviewed by Alex Christensen and Timothy Hatcher.

        Tests: http/tests/inspector/network/resource-sizes-disk-cache.html
               http/tests/inspector/network/resource-sizes-memory-cache.html
               http/tests/inspector/network/resource-sizes-network.html

        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::buildObjectForMetrics):
        * platform/network/NetworkLoadMetrics.h:
        (WebCore::NetworkLoadMetrics::isolatedCopy):
        (WebCore::NetworkLoadMetrics::reset):
        (WebCore::NetworkLoadMetrics::clearNonTimingData):
        (WebCore::NetworkLoadMetrics::operator==):
        (WebCore::NetworkLoadMetrics::encode):
        (WebCore::NetworkLoadMetrics::decode):
        * platform/spi/cf/CFNetworkSPI.h:

2017-04-17  Youenn Fablet  <youenn@apple.com>

        Enable video autoplay when getUserMedia is on
        https://bugs.webkit.org/show_bug.cgi?id=170919

        Reviewed by Geoffrey Garen.

        Test: webrtc/video-autoplay.html

        * dom/Document.h:
        (WebCore::Document::isCapturing):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::hasMediaStreamSrcObject):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted): Allowing playback if getUserMedia is capturing audio or video
        on the document and if element is rendering MediaStream based content.
        * page/MediaProducer.h:
        (WebCore::MediaProducer::isCapturing):

2017-04-17  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build.

        * PlatformMac.cmake:

2017-04-17  Anders Carlsson  <andersca@apple.com>

        Stop using deprecated APIs, part 1
        https://bugs.webkit.org/show_bug.cgi?id=170915
        rdar://problem/31589635

        Reviewed by Tim Horton.

        Get rid of the status parameter from ApplePayPaymentMethodUpdate.

        * Modules/applepay/ApplePayPaymentMethodUpdate.h:
        * Modules/applepay/ApplePayPaymentMethodUpdate.idl:
        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        (WebCore::ApplePaySession::completePaymentMethodSelection):
        * Modules/applepay/PaymentRequest.h:

2017-04-17  Youenn Fablet  <youenn@apple.com>

        Disable outdated WritableStream API
        https://bugs.webkit.org/show_bug.cgi?id=170749
        <rdar://problem/31446233>

        Reviewed by Alex Christensen.

        No change of behavior.
        Replacing READABLE_STREAM_API, READABLE_BYTE_STREAM_API and WRITABLE_STREAM_API compilation flag by:
        - A STREAMS_API compilation flag.
        - A ReadableByteStreamAPI and WritableStreamAPI runtime flags, turned off except for RWT and DRT.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/fetch/FetchBody.cpp:
        * Modules/fetch/FetchBody.h:
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::isDisturbedOrLocked):
        (WebCore::FetchBodyOwner::blobLoadingSucceeded):
        (WebCore::FetchBodyOwner::blobLoadingFailed):
        (WebCore::FetchBodyOwner::blobChunk):
        * Modules/fetch/FetchBodyOwner.h:
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::BodyLoader::didSucceed):
        (WebCore::FetchResponse::BodyLoader::didFail):
        (WebCore::FetchResponse::BodyLoader::didReceiveData):
        * Modules/fetch/FetchResponse.h:
        * Modules/fetch/FetchResponse.idl:
        * Modules/fetch/FetchResponseSource.cpp:
        * Modules/fetch/FetchResponseSource.h:
        * Modules/streams/ByteLengthQueuingStrategy.idl:
        * Modules/streams/ByteLengthQueuingStrategy.js:
        * Modules/streams/CountQueuingStrategy.idl:
        * Modules/streams/CountQueuingStrategy.js:
        * Modules/streams/ReadableByteStreamController.idl:
        * Modules/streams/ReadableByteStreamController.js:
        * Modules/streams/ReadableByteStreamInternals.js:
        * Modules/streams/ReadableStream.idl:
        * Modules/streams/ReadableStream.js:
        (initializeReadableStream): Using readableByteStreamAPI runtime flag directly.
        * Modules/streams/ReadableStreamBYOBRequest.idl:
        * Modules/streams/ReadableStreamBYOBRequest.js:
        * Modules/streams/ReadableStreamDefaultController.idl:
        * Modules/streams/ReadableStreamDefaultController.js:
        * Modules/streams/ReadableStreamDefaultReader.idl:
        * Modules/streams/ReadableStreamDefaultReader.js:
        * Modules/streams/ReadableStreamInternals.js:
        * Modules/streams/ReadableStreamSource.h:
        * Modules/streams/ReadableStreamSource.idl:
        * Modules/streams/StreamInternals.js:
        * Modules/streams/WritableStream.idl:
        * Modules/streams/WritableStream.js:
        * Modules/streams/WritableStreamInternals.js:
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::isReadableByteStreamAPIEnabled):
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
        * bindings/js/JSReadableStreamPrivateConstructors.cpp:
        (WebCore::constructJSReadableStreamBYOBRequest):
        (WebCore::JSBuiltinReadableStreamBYOBRequestPrivateConstructor::initializeExecutable):
        (WebCore::createReadableStreamBYOBRequestPrivateConstructor):
        * bindings/js/JSReadableStreamPrivateConstructors.h:
        * bindings/js/JSReadableStreamSourceCustom.cpp:
        * bindings/js/ReadableStreamDefaultController.cpp:
        * bindings/js/ReadableStreamDefaultController.h:
        * bindings/js/WebCoreBuiltinNames.h:
        * page/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setReadableByteStreamAPIEnabled):
        (WebCore::RuntimeEnabledFeatures::readableByteStreamAPIEnabled):
        (WebCore::RuntimeEnabledFeatures::setWritableStreamAPIEnabled):
        (WebCore::RuntimeEnabledFeatures::writableStreamAPIEnabled):
        * testing/Internals.cpp:
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-17  Tim Horton  <timothy_horton@apple.com>

        Provide a viewport parameter to disable clipping to the safe area
        https://bugs.webkit.org/show_bug.cgi?id=170766
        <rdar://problem/31564634>

        Reviewed by Beth Dakin.

        Tests: tiled-drawing/ios/viewport-clip-to-safe-area-no-gets-margin-tiles.html,
               tiled-drawing/ios/viewport-clip-to-safe-area-yes-gets-no-margin-tiles.html,

        * dom/ViewportArguments.cpp:
        (WebCore::ViewportArguments::resolve):
        (WebCore::setViewportFeature):
        * dom/ViewportArguments.h:
        (WebCore::ViewportArguments::operator==):
        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::updateConfiguration):
        (WebCore::operator<<):
        (WebCore::ViewportConfiguration::description):
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::Parameters::Parameters):
        (WebCore::ViewportConfiguration::clipToSafeArea):
        Add viewport parameter.

        * page/ChromeClient.h:
        * page/FrameView.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::enableSpeculativeTilingIfNeeded):
        If not clipping to the safe area, enable "speculative" tiling immediately,
        because the margin tiles can be visible immediately.

        (WebCore::FrameView::hasExtendedBackgroundRectForPainting):
        (WebCore::FrameView::updateTilesForExtendedBackgroundMode):
        Don't check the setting here; just respect the mode that is computed
        by calculateExtendedBackgroundMode.

        (WebCore::FrameView::calculateExtendedBackgroundMode):
        If the viewport parameter was set, add margin tiles on both axes.

        (WebCore::FrameView::setClipToSafeArea):
        Notify ChromeClient of the change, and re-compute the margin tile mode.

        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerCompositor.cpp:
        Factor out code that decides whether the content layer clips to bounds,
        and make it take the new viewport parameter into account.

        * rendering/RenderObject.cpp:
        Don't clip RenderView repaints to RenderView's GraphicsLayer bounds if
        clip-to-safe-area is off, just like we do for slow-repaint objects in
        extended background mode.

2017-04-17  Dan Bernstein  <mitz@apple.com>

        [Cocoa] Move isNullFunctionPointer down into WTF
        https://bugs.webkit.org/show_bug.cgi?id=170892

        Reviewed by Sam Weinig.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::LibWebRTCProvider::webRTCAvailable): Changed to use WTF::isNullFunctionPointer,
          and removed the static variable, so instead of loading from the initialization guard,
          branching, then loading from the variable itself, we just load from the function pointer.
        (WebCore::isNullFunctionPointer): Deleted.

2017-04-14  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Add support for ECDSA
        https://bugs.webkit.org/show_bug.cgi?id=170789
        <rdar://problem/31588604>

        Reviewed by Brent Fulgham.

        This patch implements ECDSA according to the spec: https://www.w3.org/TR/WebCryptoAPI/#ecdsa.
        Supported operations include sign, verify, generateKey, importKey and exportKey.

        Tests: crypto/subtle/ecdh-generate-export-key-pkcs8-p256.html
               crypto/subtle/ecdh-generate-export-key-pkcs8-p384.html
               crypto/subtle/ecdsa-generate-export-jwk-key.html
               crypto/subtle/ecdsa-generate-export-key-pkcs8.html
               crypto/subtle/ecdsa-generate-export-key-raw.html
               crypto/subtle/ecdsa-generate-export-key-spki.html
               crypto/subtle/ecdsa-generate-key-sign-verify-p256.html
               crypto/subtle/ecdsa-generate-key-sign-verify-p384.html
               crypto/subtle/ecdsa-generate-key.html
               crypto/subtle/ecdsa-import-jwk-private-key.html
               crypto/subtle/ecdsa-import-jwk-public-key-alg-256.html
               crypto/subtle/ecdsa-import-jwk-public-key-alg-384.html
               crypto/subtle/ecdsa-import-jwk-public-key.html
               crypto/subtle/ecdsa-import-key-sign-p256.html
               crypto/subtle/ecdsa-import-key-sign-p384.html
               crypto/subtle/ecdsa-import-key-verify-p256.html
               crypto/subtle/ecdsa-import-key-verify-p384.html
               crypto/subtle/ecdsa-import-pkcs8-key.html
               crypto/subtle/ecdsa-import-raw-key.html
               crypto/subtle/ecdsa-import-spki-key.html
               crypto/subtle/ecdsa-verify-malformed-parameters.html
               crypto/workers/subtle/ecdsa-import-key-sign.html
               crypto/workers/subtle/ecdsa-import-key-verify.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::normalizeCryptoAlgorithmParameters):
        (WebCore::jsSubtleCryptoFunctionSignPromise):
        (WebCore::jsSubtleCryptoFunctionVerifyPromise):
        Add missing parameters.
        * crypto/CommonCryptoUtilities.h:
        * crypto/CryptoAlgorithm.cpp:
        (WebCore::CryptoAlgorithm::sign):
        (WebCore::CryptoAlgorithm::verify):
        * crypto/CryptoAlgorithm.h:
        Add missing parameters.
        * crypto/CryptoAlgorithmParameters.h:
        * crypto/algorithms/CryptoAlgorithmECDSA.cpp: Added.
        (WebCore::CryptoAlgorithmECDSA::create):
        (WebCore::CryptoAlgorithmECDSA::identifier):
        (WebCore::CryptoAlgorithmECDSA::sign):
        (WebCore::CryptoAlgorithmECDSA::verify):
        (WebCore::CryptoAlgorithmECDSA::generateKey):
        (WebCore::CryptoAlgorithmECDSA::importKey):
        (WebCore::CryptoAlgorithmECDSA::exportKey):
        * crypto/algorithms/CryptoAlgorithmECDSA.h: Added.
        * crypto/algorithms/CryptoAlgorithmHMAC.cpp:
        (WebCore::CryptoAlgorithmHMAC::sign):
        (WebCore::CryptoAlgorithmHMAC::verify):
        * crypto/algorithms/CryptoAlgorithmHMAC.h:
        Add missing parameters.
        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.cpp:
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::sign):
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::verify):
        * crypto/algorithms/CryptoAlgorithmRSASSA_PKCS1_v1_5.h:
        Add missing parameters.
        * crypto/gcrypt/CryptoAlgorithmECDSAGCrypt.cpp: Added.
        (WebCore::CryptoAlgorithmECDSA::platformSign):
        (WebCore::CryptoAlgorithmECDSA::platformVerify):
        * crypto/mac/CommonCryptoDERUtilities.cpp: Added.
        (WebCore::bytesUsedToEncodedLength):
        (WebCore::extraBytesNeededForEncodedLength):
        (WebCore::addEncodedASN1Length):
        (WebCore::bytesNeededForEncodedLength):
        * crypto/mac/CommonCryptoDERUtilities.h:
        (WebCore::bytesUsedToEncodedLength): Deleted.
        (WebCore::extraBytesNeededForEncodedLength): Deleted.
        (WebCore::addEncodedASN1Length): Deleted.
        (WebCore::bytesNeededForEncodedLength): Deleted.
        Move implementations to a .cpp file.
        * crypto/mac/CryptoAlgorithmECDSAMac.cpp: Added.
        (WebCore::cryptoDigestAlgorithm):
        (WebCore::signECDSA):
        (WebCore::verifyECDSA):
        (WebCore::CryptoAlgorithmECDSA::platformSign):
        (WebCore::CryptoAlgorithmECDSA::platformVerify):
        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        * crypto/parameters/CryptoAlgorithmEcdsaParams.h: Added.
        * crypto/parameters/EcdsaParams.idl: Added.

2017-04-17  Jeremy Jones  <jeremyj@apple.com>

        Refactor enumerateDevices to allow separate CaptureDeviceManagers for audio and video.
        https://bugs.webkit.org/show_bug.cgi?id=170778

        Reviewed by Eric Carlson.

        Add CoreAudioCaptureDeviceManager to enumerate CoreAudio devices.

        Refactor RealtimeMediaSourceCenter and RealtimeMediaSourceCenterMac to provide independent audio and video capture device managers
        and the abiliity to override the capture device managers.

        CoreAudioCaptureSource now uses CoreAudioCaptureDeviceManager to use the specified device instead of the default one. 

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/CaptureDeviceManager.cpp:
        (CaptureDeviceManager::getAudioSourcesInfo):
        (CaptureDeviceManager::getVideoSourcesInfo):
        (CaptureDeviceManager::getSourcesInfo): Deleted.
        * platform/mediastream/CaptureDeviceManager.h:
        * platform/mediastream/RealtimeMediaSourceCenter.cpp:
        (WebCore::RealtimeMediaSourceCenter::setAudioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::unsetAudioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::setVideoCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::unsetVideoCaptureDeviceManager):
        * platform/mediastream/RealtimeMediaSourceCenter.h:
        (WebCore::RealtimeMediaSourceCenter::defaultAudioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::defaultVideoCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::audioCaptureDeviceManager):
        (WebCore::RealtimeMediaSourceCenter::videoCaptureDeviceManager):
        * platform/mediastream/mac/AVCaptureDeviceManager.h:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::refreshAVCaptureDevicesOfType):
        (WebCore::AVCaptureDeviceManager::refreshCaptureDevices):
        (WebCore::AVCaptureDeviceManager::getAudioSourcesInfo):
        (WebCore::AVCaptureDeviceManager::getVideoSourcesInfo):
        (WebCore::AVCaptureDeviceManager::setUseAVFoundationAudioCapture): Deleted.
        (WebCore::AVCaptureDeviceManager::getSourcesInfo): Deleted.
        * platform/mediastream/mac/CoreAudioCaptureDevice.cpp: Added.
        (WebCore::getDeviceInfo):
        (WebCore::CoreAudioCaptureDevice::create):
        (WebCore::CoreAudioCaptureDevice::CoreAudioCaptureDevice):
        (WebCore::CoreAudioCaptureDevice::deviceID):
        (WebCore::CoreAudioCaptureDevice::deviceClock):
        (WebCore::CoreAudioCaptureDevice::isAlive):
        * platform/mediastream/mac/CoreAudioCaptureDevice.h: Copied from Source/WebCore/platform/mediastream/CaptureDeviceManager.h.
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp: Added.
        (WebCore::CoreAudioCaptureDeviceManager::singleton):
        (WebCore::CoreAudioCaptureDeviceManager::captureDevices):
        (WebCore::deviceHasInputStreams):
        (WebCore::CoreAudioCaptureDeviceManager::coreAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):
        (WebCore::CoreAudioCaptureDeviceManager::devicesChanged):
        * platform/mediastream/mac/CoreAudioCaptureDeviceManager.h: Copied from Source/WebCore/platform/mediastream/CaptureDeviceManager.h.
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture):
        (WebCore::RealtimeMediaSourceCenterMac::RealtimeMediaSourceCenterMac):
        (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
        (WebCore::RealtimeMediaSourceCenterMac::getMediaStreamDevices):
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:

2017-04-17  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215366.

        This test is failing on performance bots.

        Reverted changeset:

        "Add performance test for asking the platform for a font for
        U+2060 WORD JOINER"
        https://bugs.webkit.org/show_bug.cgi?id=170842
        http://trac.webkit.org/changeset/215366

2017-04-17  Youenn Fablet  <youenn@apple.com>

        RTCPeerConnection addTrack does not require a stream parameter
        https://bugs.webkit.org/show_bug.cgi?id=170894

        Reviewed by Alex Christensen.

        Test: webrtc/video-addTrack.html

        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::addTrack): Removing obsolete error throwing.

2017-04-17  Youenn Fablet  <youenn@apple.com>

        Add an external libwebrtc encoder factory in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=170883

        Reviewed by Alex Christensen.

        No change of behavior, WebCore factory instantiating the default libwebrtc H264 encoder.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::staticFactoryAndThreads):
        * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.cpp: Added.
        (WebCore::VideoToolboxVideoEncoderFactory::CreateVideoEncoder):
        (WebCore::VideoToolboxVideoEncoderFactory::DestroyVideoEncoder):
        * platform/mediastream/libwebrtc/VideoToolBoxEncoderFactory.h: Added.

2017-04-17  Antti Koivisto  <antti@apple.com>

        GraphicsLayerCA::recursiveCommitChanges should not descend into subtrees without changes
        https://bugs.webkit.org/show_bug.cgi?id=170851

        Reviewed by Simon Fraser.

        With lots of layers this can be very slow as it always traverses the entire layer tree.
        For example GIF animations on tumblr.com trigger expensive commits where almost nothing changes.

        This patch adds m_hasDescendantsWithUncommittedChanges bit to GraphicsLayerCA. With this
        we can avoid descending to branches without changes when committing.

        This patch enabled the optimization on Mac.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA::syncPosition):

            Set PositionChanged flag when syncing layer position. This flag does nothing except makes
            next commit to update the coverage rect (so tiling gets updated).

        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):

            Do all setting of m_uncommittedChanges bits via addUncommittedChanges function.

        (WebCore::GraphicsLayerCA::recursiveCommitChanges):

            Bail out if neither the current layer nor any of its descendants have any uncommited changes
            and none of the ancestors had changes.

        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::ensureStructuralLayer):
        (WebCore::GraphicsLayerCA::changeLayerTypeTo):
        (WebCore::GraphicsLayerCA::addUncommittedChanges):

            Set m_hasDescendantsWithUncommittedChanges bit in ancestors when mutating m_uncommittedChanges.

        (WebCore::GraphicsLayerCA::noteLayerPropertyChanged):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::RenderLayerCompositor::frameViewDidScroll):

            Tell the scrolling layer that it needs to recompute coverage.
            This also schedules a layer flush so no need to do that separately.

2017-04-16  Chris Dumez  <cdumez@apple.com>

        CMD+R / CMD+Q is considered as user interaction and beforeunload alert is shown
        https://bugs.webkit.org/show_bug.cgi?id=169995
        <rdar://problem/23798897>

        Reviewed by Sam Weinig.

        Any key event was considered as user interaction with the page, which meant that they
        would allow beforeunload alerts to be shown even when they do not represent actual
        user interaction (e.g CMD+R / CMD+Q / CMD+T keyboard shortcuts).

        To address the issue, we now only treat as user interaction with the page key events
        that are actually handled by the page (i.e. handled by JS, typed into a field, ...).

        Tests: fast/events/beforeunload-alert-handled-keydown.html
               fast/events/beforeunload-alert-unhandled-keydown.html

        * dom/Document.h:
        (WebCore::Document::setUserDidInteractWithPage):
        (WebCore::Document::userDidInteractWithPage):
        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):
        * loader/FrameLoader.cpp:
        (WebCore::shouldAskForNavigationConfirmation):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::keyEvent):
        (WebCore::EventHandler::internalKeyEvent):
        * page/EventHandler.h:

2017-04-16  Sam Weinig  <sam@webkit.org>

        [WebIDL] Switch IDLAttributes.txt over to a more structured format so that more information can be added for each attribute
        https://bugs.webkit.org/show_bug.cgi?id=170843

        Reviewed by Chris Dumez.

        - Converts IDLAttributes.txt to IDLAttributes.json, and adds additional
          information for each attribute about what contexts they are valid in 
          which is checked by the parser.
        - Removes CustomSetPrototype which was unused, and Immutable which did 
          nothing. 

        * DerivedSources.make:
        Update extension of IDLAttributes to .json

        * WebCore.xcodeproj/project.pbxproj:
        Update project file for new file name and add some missing IDL files.

        * bindings/scripts/CodeGenerator.pm:
        Store the processed IDLAttributes in the code generator, so it can
        be used for any additional Parser instantiations.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        Remove support for CustomSetPrototype. Nobody is using it.

        * bindings/scripts/IDLAttributes.json: Copied from Source/WebCore/bindings/scripts/IDLAttributes.txt.
        * bindings/scripts/IDLAttributes.txt: Removed.
        Rename IDLAttributes.txt -> IDLAttributes.json and move the data
        into a more structured format. For now each extended attribute can
        have the following fields:
            Required:
                'contextsAllowed' -> Non-empty array of strings from the contexts array.

            Optional:
                'values' -> Non-empty array of strings allowed after the equal (=) sign in 
                   the extended attribute. Like before, an empty string indicates it is 
                   ok to not have a value and a star (*) indicates any string is allowed.
                   Not providing a values property at all indicates that no value is
                   allowed.

                'standard' -> An object with information about the standard this attribute
                   comes from. Should only be added to attributes that come from standards.

                'unsupported' -> A boolean with value true, indicating this property is not
                   yet supported. Should only be used for standard attributes.

                'notes' -> A string with notes explaining something about this attribute.
        
        * bindings/scripts/IDLParser.pm:
        Pass and store the processed extended attribute map to the parser, and use it
        validate that extended attributes being added to things are appropriate for the
        context. Fix FIXME in isExtendedAttributeApplicableToTypes by using the map to 
        implement the predicate, rather than hard coding the list.

        * bindings/scripts/generate-bindings.pl:
        (generateEmptyHeaderAndCpp):
        (loadIDLAttributes): Deleted.
        (checkIDLAttributes): Deleted.
        (checkIfIDLAttributesExists): Deleted.
        Make specifying an IDL attributes file required. Switch to processing it
        as a JSON file, and having the parser validate attributes.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/TestImplements.idl:
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/TestSupplemental.idl:
        * bindings/scripts/test/TestTypedefs.idl:
        - Remove use of Immutable extended attribute in the tests, as it does nothing.
        - Remove use of the made up ReadOnly attribute, as the tests now use the IDLAttributes
          file to validate that the attributes are supported, so this would otherwise fail.

        * css/WebKitCSSMatrix.idl:
        * svg/SVGZoomEvent.idl:
        - Remove use of the Immutable extended attribute, as it does nothing.

        * page/NavigatorID.idl:
        * page/NavigatorLanguage.idl:
        - Remove use of the Nondeterministic extended attribute, as it does nothing.

        * Modules/mediasource/SourceBufferList.idl:
        Remove use of CallWith on the interface. It is illegal, and does nothing.

        * animation/KeyframeEffect.idl:
        * animation/WebAnimation.idl:
        Remove use of [Default=Undefined]. This construct does nothing and now
        correctly fails to parse. 

2017-04-15  Alex Christensen  <achristensen@webkit.org>

        Fix Windows build after r215396.
        https://bugs.webkit.org/show_bug.cgi?id=170828

        * platform/graphics/win/FontPlatformDataWin.cpp:
        (WebCore::FontPlatformData::openTypeTable):

2017-04-15  Alex Christensen  <achristensen@webkit.org>

        Remove unused SharedBuffer constructor
        https://bugs.webkit.org/show_bug.cgi?id=170828

        Reviewed by Brady Eidson.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::append):
        * platform/SharedBuffer.h:
        (WebCore::SharedBuffer::create):
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::openTypeTable):
        * platform/graphics/win/FontPlatformDataWin.cpp:
        (WebCore::FontPlatformData::openTypeTable):

2017-04-15  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r215393.
        https://bugs.webkit.org/show_bug.cgi?id=170876

        breaks scrollable iframes on ios (Requested by anttik on
        #webkit).

        Reverted changeset:

        "GraphicsLayerCA::recursiveCommitChanges should not descend
        into subtrees without changes"
        https://bugs.webkit.org/show_bug.cgi?id=170851
        http://trac.webkit.org/changeset/215393

2017-04-14  Antti Koivisto  <antti@apple.com>

        GraphicsLayerCA::recursiveCommitChanges should not descend into subtrees without changes
        https://bugs.webkit.org/show_bug.cgi?id=170851

        Reviewed by Simon Fraser.

        With lots of layers this can be very slow as it always traverses the entire layer tree.
        For example GIF animations on tumblr.com trigger expensive commits where almost nothing changes.

        This patch adds m_hasDescendantsWithUncommittedChanges bit to GraphicsLayerCA. With this
        we can avoid descending to branches without changes when committing.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):

            Do all setting of m_uncommittedChanges bits via addUncommittedChanges function.

        (WebCore::GraphicsLayerCA::recursiveCommitChanges):

            Bail out if neither the current layer nor any of its descendants have any uncommited changes
            and none of the ancestors had changes.

        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::ensureStructuralLayer):
        (WebCore::GraphicsLayerCA::changeLayerTypeTo):
        (WebCore::GraphicsLayerCA::addUncommittedChanges):

            Set m_hasDescendantsWithUncommittedChanges bit in ancestors when mutating m_uncommittedChanges.

        (WebCore::GraphicsLayerCA::noteLayerPropertyChanged):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::RenderLayerCompositor::frameViewDidScroll):

            Tell the scrolling layer that it needs to recompute coverage.
            This also schedules a layer flush so no need to do that separately.

2017-04-15  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Support data interaction of files into file inputs
        https://bugs.webkit.org/show_bug.cgi?id=170803
        <rdar://problem/31286130>

        Reviewed by Tim Horton.

        Adds remaining support to allow data interaction of files onto inputs of type file. See per-change annotations
        for more details. Unit tests to be added in the next patch.

        * platform/PasteboardStrategy.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::numberOfFiles):
        * platform/ios/WebItemProviderPasteboard.mm:

        Implements numberOfFiles by counting the number of item providers that may be represented as a file, which
        includes all item providers that contain at least one content UTI type.

        (-[WebItemProviderPasteboard numberOfFiles]):

        Adds boilerplate plumbing to fetch the number of files available on the pasteboard. On Mac, logic that
        previously existed in DragData::numberOfFiles to query the number of files available in the pasteboard is now
        on PlatformPasteboard instead, which both makes the implementation of DragData::numberOfFiles platform-invariant,
        and also saves us one synchronous IPC call to the UI process in the WebKit2 implementation.

        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::containsFiles):
        (WebCore::DragData::numberOfFiles):
        (WebCore::DragData::asFilenames):

        Add support for recognizing objects in the pasteboard that may be represented by files, and therefore may be
        uploaded via file input. Following suit with behavior elsewhere on the platform, we consider item providers able
        to be represented by a file if they contain at least one content UTI type.

        * platform/mac/PlatformPasteboardMac.mm:

        Logic previously in DragData::numberOfFiles to get and then count all file path names in the pasteboard has been
        moved here instead, and no longer needs to go through the pasteboard proxy.

        (WebCore::PlatformPasteboard::numberOfFiles):

2017-04-15  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the build after r215389

        Use WebCore::createTemporaryDirectory instead of -_webkit_createTemporaryDirectoryWithTemplatePrefix:.

        * platform/ios/WebItemProviderPasteboard.mm:
        (temporaryFileURLForDataInteractionContent):

2017-04-14  Wenson Hsieh  <wenson_hsieh@apple.com>

        Implement a way in WebItemProviderPasteboard to perform actions after file loading completes
        https://bugs.webkit.org/show_bug.cgi?id=170839
        <rdar://problem/31286130>

        Reviewed by Tim Horton, Andy Estes, and Dan Bernstein.

        Introduces -[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:], which performs an action
        after all item providers which are able to provide content are done loading their content into temporary file
        URLs. If no item providers have available data, we will immediately invoke the action with an empty URL array.

        For each item provider with data, we save the local URL returned in the load completion block to a randomly
        generated path in the container's temporary directory. When all files are finished loading, we then invoke the
        action with all file URLs that successfully loaded.

        No new tests, since there is no change in behavior.

        * platform/ios/WebItemProviderPasteboard.h:
        * platform/ios/WebItemProviderPasteboard.mm:
        (temporaryFileURLForDataInteractionContent):
        (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:]):

2017-04-14  Nikita Vasilyev  <nvasilyev@apple.com>

        Web Inspector: WebSockets: messages with non-latin letters are displayed incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=170760

        Reviewed by Joseph Pecoraro.

        Add payloadLength property, which is used to display size. When payloadLength is unavailable,
        it is calculated from payloadData by Web Inspector frontend.

        This fixes <webkit.org/b/170609> Web Inspector: WebSockets: Transferred size is incorrect.

        Tests: http/tests/websocket/tests/hybi/inspector/binary.html
               http/tests/websocket/tests/hybi/inspector/send-and-receive.html

        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::didReceiveWebSocketFrame):
        (WebCore::InspectorNetworkAgent::didSendWebSocketFrame):

2017-04-14  Mark Lam  <mark.lam@apple.com>

        Update architectures in xcconfig files.
        https://bugs.webkit.org/show_bug.cgi?id=170867
        <rdar://problem/31628104>

        Reviewed by Joseph Pecoraro.

        No new tests needed.  Only updating xcconfig files.

        * Configurations/Base.xcconfig:
        * Configurations/FeatureDefines.xcconfig:

2017-04-14  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Support Icon creation from file URLs on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170809
        <rdar://problem/31286130>

        Reviewed by Tim Horton.

        Minor tweaks and refactoring to support displaying a WebCore::Icon from a list of filepaths on iOS. Please see
        below annotations for more details. No new tests yet, as behavior on Mac should not have changed, and behavior
        on iOS will not change until later patches land. Tests will be added in a later patch.

        Most of the changes here remove platform special-casing in FileInputType for iOS and Mac, refactoring the code
        such that it works for both platforms while preserving behavior.

        * html/FileInputType.cpp:
        (WebCore::FileInputType::~FileInputType):
        (WebCore::FileInputType::setFiles):
        (WebCore::FileInputType::filesChosen):
        * html/FileInputType.h:

        Un-guard m_fileIconLoader on iOS, and un-guard m_displayString for Mac. Consolidate logic in both version of
        filesChosen and remove the iOS-specific version. Behavior when passing in an empty display string and null Icon
        will be the same as that of the existing filesChosen method on Mac. Also, introduce a version of setFiles that
        takes an additional RequestIcon enum that indicates whether or not to additionally use the new filepaths to
        request an Icon update. filesChosen invokes this with RequestIcon::No if a non-null Icon was specified, as is
        the case when uploading a file via the image picker on iOS.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::displayString):
        * html/HTMLInputElement.h:
        * html/InputType.cpp:
        * html/InputType.h:
        * loader/EmptyClients.h:
        * page/ChromeClient.h:

        Introduce ChromeClient::createIconForFiles, which generates an icon representing the content at a list of file
        paths. See WebKit and WebKit2 ChangeLogs for more details.

        * platform/FileChooser.h:
        (WebCore::FileChooserClient::filesChosen):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::fileTextValue):

        Remove platform special-casing when generating the text to display when uploading a file. If a displayString
        is specified, then we use the contents of the displayString; otherwise, fall back to using the input element's
        FileList to compute the display string.

2017-04-14  Brady Eidson  <beidson@apple.com>

        Fix basic WKURLSchemeHandler bugs.
        <rdar://problem/30647559> and https://bugs.webkit.org/show_bug.cgi?id=170862

        Reviewed by Andy Estes.

        Covered by new API tests.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveDataOrBuffer):

2017-04-14  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Support HKDF
        https://bugs.webkit.org/show_bug.cgi?id=170636
        <rdar://problem/23539827>

        Reviewed by Brent Fulgham.

        This patch implements HKDF according to the spec: https://www.w3.org/TR/WebCryptoAPI/#hkdf.
        Supported operations include deriveKey, deriveBits, importKey and getKeyLength.

        Tests: crypto/subtle/ecdh-import-key-derive-hkdf-key.html
               crypto/subtle/hkdf-derive-bits-malformed-parametrs.html
               crypto/subtle/hkdf-import-key-derive-bits.html
               crypto/subtle/hkdf-import-key-derive-hmac-key.html
               crypto/subtle/hkdf-import-key-malformed-parameters.html
               crypto/subtle/hkdf-import-key.html
               crypto/workers/subtle/hkdf-import-key-derive-bits.html
               crypto/workers/subtle/hkdf-import-key-derive-hmac-key.html
               crypto/workers/subtle/hkdf-import-key.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForEncrypt):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDecrypt):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForSign):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForVerify):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDigest):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForGenerateKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForDeriveBits):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForImportKey):
        (WebCore::JSCryptoAlgorithmDictionary::createParametersForExportKey):
        Rename HKDF_CTR to HKDF.
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::normalizeCryptoAlgorithmParameters):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::write):
        (WebCore::CloneDeserializer::read):
        Rename HKDF_CTR to HKDF.
        * crypto/CommonCryptoUtilities.h:
        * crypto/CryptoAlgorithmIdentifier.h:
        * crypto/CryptoAlgorithmParameters.h:
        * crypto/algorithms/CryptoAlgorithmHKDF.cpp: Added.
        (WebCore::CryptoAlgorithmHKDF::create):
        (WebCore::CryptoAlgorithmHKDF::identifier):
        (WebCore::CryptoAlgorithmHKDF::deriveBits):
        (WebCore::CryptoAlgorithmHKDF::importKey):
        (WebCore::CryptoAlgorithmHKDF::getKeyLength):
        * crypto/algorithms/CryptoAlgorithmHKDF.h: Added.
        * crypto/gcrypt/CryptoAlgorithmHKDFGCrypt.cpp: Added.
        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
        * crypto/mac/CryptoAlgorithmHKDFMac.cpp: Added.
        (WebCore::CryptoAlgorithmHKDF::platformDeriveBits):
        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        * crypto/parameters/CryptoAlgorithmHkdfParams.h: Added.
        * crypto/parameters/HkdfParams.idl: Added.

2017-04-14  Zalan Bujtas  <zalan@apple.com>

        text-align start / end failure in table cells
        https://bugs.webkit.org/show_bug.cgi?id=141417
        <rdar://problem/31051672>

        Reviewed by Antti Koivisto.

        Apply "text-align: center" on th elements when parent's computed value for the 'text-align' property
        is its initial value, unless it is explicitly set.

        Test: fast/table/center-th-when-parent-has-initial-text-align.html

        * css/CSSProperties.json:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialTextAlign):
        (WebCore::StyleBuilderCustom::applyValueTextAlign):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        (WebCore::StyleResolver::applyProperty):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::hasExplicitlySetTextAlign):
        (WebCore::RenderStyle::setHasExplicitlySetTextAlign):
        (WebCore::RenderStyle::NonInheritedFlags::hasExplicitlySetTextAlign):
        (WebCore::RenderStyle::NonInheritedFlags::setHasExplicitlySetTextAlign):

2017-04-14  Andy Estes  <aestes@apple.com>

        [ios-simulator] API test WebKit2.DataDetectionReferenceDate timing out
        https://bugs.webkit.org/show_bug.cgi?id=161967

        Reviewed by Alexey Proskuryakov.

        DataDetectorsCoreSPI.h defined DDQueryOffset as a struct of two CFIndexes, which is 16 bytes
        on LP64, but the struct is actually defined as two CFIndex-typed 32-bit bitfields, which is
        8 bytes on LP64. This breaks the ABI on Public SDK builds when calling functions that take
        or return DDQueryOffsets.

        * platform/spi/cocoa/DataDetectorsCoreSPI.h: Updated the DDQueryOffset definition for
        Public SDK builds, and added a static_assert to detect future size changes at compile time.

2017-04-14  Konstantin Tokarev  <annulen@yandex.ru>

        Removed unused and unimplemented methods from MediaPlayer
        https://bugs.webkit.org/show_bug.cgi?id=170848

        Reviewed by Jer Noble.

        No new tests needed.

        * platform/graphics/MediaPlayer.h:

2017-04-14  Myles C. Maxfield  <mmaxfield@apple.com>

        Add performance test for asking the platform for a font for U+2060 WORD JOINER
        https://bugs.webkit.org/show_bug.cgi?id=170842

        Reviewed by Tim Horton.

        No new tests because there is no behavior change.

        * platform/graphics/WidthCache.h:
        (WebCore::WidthCache::add):
        (WebCore::WidthCache::addSlowCase):

2017-04-14  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215350.

        This change broke the Windows build.

        Reverted changeset:

        "Remove unused SharedBuffer constructor"
        https://bugs.webkit.org/show_bug.cgi?id=170828
        http://trac.webkit.org/changeset/215350

2017-04-14  Jer Noble  <jer.noble@apple.com>

        [MediaSource] Push capabilities across process boundary during UIProcess capture.
        https://bugs.webkit.org/show_bug.cgi?id=170814

        Reviewed by Eric Carlson.

        There's no real reason for RealtimeMediaSourceCapabilities to be RefCounted nor to keep them from
        being created on the stack. So in addition to making that class coder-compliant, change all the
        classes that vend capabilities to use a unique_ptr<> instead of a RefPtr<>.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        (WebCore::MediaStreamAudioSource::capabilities):
        * Modules/webaudio/MediaStreamAudioSource.h:
        * platform/mediastream/MediaEndpoint.cpp:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::capabilities):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/RealtimeMediaSourceCapabilities.h:
        (WebCore::CapabilityValueOrRange::encode):
        (WebCore::CapabilityValueOrRange::decode):
        (WebCore::RealtimeMediaSourceCapabilities::RealtimeMediaSourceCapabilities):
        (WebCore::RealtimeMediaSourceCapabilities::supportedConstraints):
        (WebCore::RealtimeMediaSourceCapabilities::setSupportedConstraints):
        (WebCore::RealtimeMediaSourceCapabilities::encode):
        (WebCore::RealtimeMediaSourceCapabilities::decode):
        (WebCore::RealtimeMediaSourceCapabilities::create): Deleted.
        * platform/mediastream/RealtimeMediaSourceSettings.h:
        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::initializeCapabilities):
        (WebCore::AVMediaCaptureSource::capabilities):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
        (WebCore::CoreAudioCaptureSource::capabilities):
        * platform/mediastream/mac/CoreAudioCaptureSource.h:
        * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
        (WebCore::RealtimeIncomingAudioSource::capabilities):
        * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::capabilities):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::MockRealtimeMediaSource::initializeCapabilities):
        (WebCore::MockRealtimeMediaSource::capabilities):
        * platform/mock/MockRealtimeMediaSource.h:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h:

2017-04-13  Saam Barati  <sbarati@apple.com>

        WebAssembly: We should be able to postMessage a JSWebAssemblyModule
        https://bugs.webkit.org/show_bug.cgi?id=170573

        Reviewed by Filip Pizlo.

        This patch's main purpose is to implement postMessage of JSWebAssemblyModule.
        The spec text describing the behavior is: https://github.com/WebAssembly/design/blob/master/JS.md#structured-clone-of-a-webassemblymodule
        We only allow for JSWebAssemblyModule to be serialized in the postMessage
        context. More work needs to be done to make it valid to store a module in
        IndexDB.
        
        All that is needed to serialize a JSWebAssemblyModule is grab a Ref
        to its underlying Wasm::Module. So, when doing a postMessage, all we
        do is grab this Ref, and then re-create the JSWebAssemblyModule from
        the Wasm::Module in the new VM/global object. Because the code for
        Wasm::Module is VM-independent, this is all that's needed. This turned
        out nicely, because it requires little knowledge from WebCore about
        what it means to clone a JSWebAssemblyModule.
        
        
        The second significant part of this patch is teaching WorkerRunLoop about
        the various timers inside JSC. Before, the WorkerRunLoop wouldn't always
        wake up to address JSC timers. I noticed this bug when I was writing
        tests to make sure that Wasm was running concurrently in different
        workers. The bug is that the WorkerRunLoop's message queue has no insight
        into a timer being scheduled. This effected the PromiseDeferredTimer that
        Wasm uses, as well as the various GC timers that Heap uses. Now, WorkerRunLoop
        will set itself up to be notified when timers are set. When a timer is
        set, the WorkerRunLoop will perform an iteration to to reset its top
        level MessageQueue timeout to be no longer than the next timer fire date.

        Tests: storage/indexeddb/wasm-exceptions.html
               workers/wasm-hashset-many.html
               workers/wasm-hashset.html
               workers/wasm-long-compile-many.html
               workers/wasm-long-compile.html

        * ForwardingHeaders/heap/GCActivityCallback.h: Added.
        * ForwardingHeaders/runtime/JSRunLoopTimer.h: Added.
        * ForwardingHeaders/runtime/PromiseDeferredTimer.h: Added.
        * ForwardingHeaders/wasm: Added.
        * ForwardingHeaders/wasm/js: Added.
        * ForwardingHeaders/wasm/js/JSWebAssemblyModule.h: Added.
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):
        (WebCore::CloneSerializer::CloneSerializer):
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::deserialize):
        (WebCore::CloneDeserializer::CloneDeserializer):
        (WebCore::CloneDeserializer::readTerminal):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::deserialize):
        * bindings/js/SerializedScriptValue.h:
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::addTimerSetNotification):
        (WebCore::WorkerScriptController::removeTimerSetNotification):
        * bindings/js/WorkerScriptController.h:
        * workers/WorkerRunLoop.cpp:
        (WebCore::WorkerRunLoop::runInMode):

2017-04-13  Dean Jackson  <dino@apple.com>

        Large negative animation-delays may not work depending on machine uptime
        https://bugs.webkit.org/show_bug.cgi?id=166962
        <rdar://problem/30091526>

        Reviewed by Tim Horton.

        If you set a really negative animation delay, it would cause
        AnimationBase::m_startTime to become negative, because the delay
        value was "bigger" than monotonicallyIncreasingTime.

        However, the state machine was using -1 to mean that the start time
        hadn't yet been set. Classic cmarrin!

        Replace all the special values with std::optional, and use nullopt
        to mean the value doesn't exist yet.

        Test: animations/large-negative-delay.html

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine):
        (WebCore::AnimationBase::fireAnimationEventsIfNeeded):
        (WebCore::AnimationBase::getTimeToNextEvent):
        (WebCore::AnimationBase::freezeAtTime):
        (WebCore::AnimationBase::getElapsedTime):
        * page/animation/AnimationBase.h: Use std::optional.
        (WebCore::AnimationBase::paused):

2017-04-13  Alex Christensen  <achristensen@webkit.org>

        Remove unused SharedBuffer constructor
        https://bugs.webkit.org/show_bug.cgi?id=170828

        Reviewed by Brady Eidson.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::append):
        * platform/SharedBuffer.h:
        (WebCore::SharedBuffer::create):

2017-04-13  Antti Koivisto  <antti@apple.com>

        Don't invalidate composition for style changes in non-composited layers
        https://bugs.webkit.org/show_bug.cgi?id=170805
        <rdar://problem/31606185>

        Reviewed by Simon Fraser.

        Test: compositing/updates/animation-non-composited.html

        In most cases they can't affect composition. Composition updates are expensive, this can
        save a lot of work (tumblr.com animations hit this at the moment).

        * rendering/RenderElement.h:
        (WebCore::RenderElement::createsGroup):
        (WebCore::RenderElement::createsGroupForStyle):

            Factor to a static function so we can test style directly.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerStyleChanged):
        (WebCore::RenderLayerCompositor::styleChangeMayAffectIndirectCompositingReasons):

            Test if style change might cause compositing change that can't be determined without compositing update.

        * rendering/RenderLayerCompositor.h:

2017-04-13  JF Bastien  <jfbastien@apple.com>

        WebAssembly: manage memory better
        https://bugs.webkit.org/show_bug.cgi?id=170628

        Reviewed by Keith Miller, Michael Saboff.

        Re-use a VM tag which was intended for JavaScript core, was then
        used by our GC, and is now unused. If I don't do this then
        WebAssembly fast memories will make vmmap look super weird because
        it'll look like multi-gigabyte of virtual memory are allocated as
        part of our process' regular memory!

        Separately I need to update vmmap and other tools to print the
        right name. Right now this tag gets identified as "JS garbage
        collector".

        * page/ResourceUsageData.cpp:
        (WebCore::ResourceUsageData::ResourceUsageData):
        * page/ResourceUsageData.h:
        * page/cocoa/ResourceUsageOverlayCocoa.mm:
        (WebCore::HistoricResourceUsageData::HistoricResourceUsageData):
        * page/cocoa/ResourceUsageThreadCocoa.mm:
        (WebCore::displayNameForVMTag):
        (WebCore::categoryForVMTag):

2017-04-13  Ryosuke Niwa  <rniwa@webkit.org>

        Update the comments for the number of bits in RenderStyle::InheritedFlags.

        Rubber-stamped by Zalan Bujtas

        * rendering/style/RenderStyle.h:

2017-04-13  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comment after r215314.
        https://bugs.webkit.org/show_bug.cgi?id=169015

        Reviewed by Alexey Proskuryakov.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::fontForPostScriptName):

2017-04-13  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add support for extended attributes on types in WebIDL
        https://bugs.webkit.org/show_bug.cgi?id=170759

        Reviewed by Alex Christensen.

        - Update parsing for WebIDL grammar changes.
        - Adds an extended attributes hash to IDLType that is filled according
          to the WebIDL annotated type rules.
        - Updates code generation to take advantage of IDLType's extended attribute
          simplifying some existing code.
        - Update IDLs in the project to adhere to the new grammar.
          
        * Modules/indexeddb/IDBFactory.idl:
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBKeyRange.idl:
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/websockets/WebSocket.idl:
        * crypto/parameters/AesCtrParams.idl:
        * crypto/parameters/AesKeyParams.idl:
        * crypto/parameters/Pbkdf2Params.idl:
        * crypto/parameters/RsaKeyGenParams.idl:
        * testing/TypeConversions.idl:
        Update for grammar change.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDefaultValue):
        (GetBaseIDLType):
        (GetIDLType):
        (GetIntegerConversionConfiguration):
        (GetStringConversionConfiguration):
        (JSValueToNative):
        (UnsafeToNative):
        (NativeToJSValueDOMConvertNeedsState):
        (NativeToJSValueDOMConvertNeedsGlobalObject):
        (NativeToJSValue):
        Remove the need for the type's context in many places since type
        associated extended attributes are now on the type itself.

        * bindings/scripts/IDLParser.pm:
        (copyExtendedAttributes):
        Move up so it can be reused.

        (isExtendedAttributeApplicableToTypes):
        Add temporary predicated to indicate which attributes should be moved to types. This
        logic should be moved to IDLAttributes.txt.

        (moveExtendedAttributesApplicableToTypes):
        Add helper to move attributes to the type's extended attributes hash if applicable.

        (makeSimpleType):
        Use initializer syntax to simplify.

        (cloneType):
        Support cloning types with extended attributes.

        (typeByApplyingTypedefs):
        When constructing the clone for a typedef application, move any applicable attributes
        to the clone from the original type.

        (parseDictionaryMember):
        (parseTypedef):
        (parseAttributeOrOperationRest):
        (parseAttributeRest):
        (parseOperationOrIterator):
        (parseSpecialOperation):
        (parseOptionalIterableInterface):
        (parseMapLikeProperties):
        (parseOptionalOrRequiredArgument):
        (parseType):
        (parseTypeWithExtendedAttributes):
        (parseUnionMemberType):
        (parseNonAnyType):
        Update for new grammar, moving applicable attributes eagerly.

        (assertNoExtendedAttributesInTypedef): Deleted.
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampOnOptional):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClampOnOptionalCaller):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeOnOptional):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithEnforceRangeOnOptionalCaller):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::jsTestTypedefsAttributeWithClamp):
        (WebCore::jsTestTypedefsAttributeWithClampGetter):
        (WebCore::jsTestTypedefsAttributeWithClampInTypedef):
        (WebCore::jsTestTypedefsAttributeWithClampInTypedefGetter):
        (WebCore::setJSTestTypedefsAttributeWithClamp):
        (WebCore::setJSTestTypedefsAttributeWithClampFunction):
        (WebCore::setJSTestTypedefsAttributeWithClampInTypedef):
        (WebCore::setJSTestTypedefsAttributeWithClampInTypedefFunction):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampInTypedef):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClampInTypedefCaller):
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/TestTypedefs.idl:
        Update for new grammar. Add some new tests for uncovered cases.

2017-04-13  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build
        https://bugs.webkit.org/show_bug.cgi?id=170815

        Reviewed by Beth Dakin.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-13  JF Bastien  <jfbastien@apple.com>

        cmake build fix

        Unreviewed build fix. A file was removed but left in the cmake
        build.

        * PlatformMac.cmake:

2017-04-13  Youenn Fablet  <youenn@apple.com>

        Remove RTCSignalingState::Closed
        https://bugs.webkit.org/show_bug.cgi?id=170811

        Reviewed by Eric Carlson.

        Covered by existing and rebased tests.

        Adding RTCPeerConnection::isClosed to better match the isClosed internal slot in webrtc specification.
        Using isClosed instead of checking signalingState value.
        Implementing isClosed in terms of m_connectionState which has a Closed value.

        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
        (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::createOffer):
        (WebCore::PeerConnectionBackend::createOfferSucceeded):
        (WebCore::PeerConnectionBackend::createOfferFailed):
        (WebCore::PeerConnectionBackend::createAnswer):
        (WebCore::PeerConnectionBackend::createAnswerSucceeded):
        (WebCore::PeerConnectionBackend::createAnswerFailed):
        (WebCore::PeerConnectionBackend::setLocalDescription):
        (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
        (WebCore::PeerConnectionBackend::setRemoteDescription):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
        (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
        (WebCore::PeerConnectionBackend::addIceCandidate):
        (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
        (WebCore::PeerConnectionBackend::addIceCandidateFailed):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::create):
        (WebCore::RTCPeerConnection::RTCPeerConnection):
        (WebCore::RTCPeerConnection::addTrack):
        (WebCore::RTCPeerConnection::removeTrack):
        (WebCore::RTCPeerConnection::queuedCreateOffer):
        (WebCore::RTCPeerConnection::queuedCreateAnswer):
        (WebCore::RTCPeerConnection::queuedSetLocalDescription):
        (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):
        (WebCore::RTCPeerConnection::setConfiguration):
        (WebCore::RTCPeerConnection::createDataChannel):
        (WebCore::RTCPeerConnection::doClose):
        (WebCore::RTCPeerConnection::updateIceGatheringState):
        (WebCore::RTCPeerConnection::updateIceConnectionState):
        (WebCore::RTCPeerConnection::scheduleNegotiationNeededEvent):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::signalingState):
        * platform/mediastream/RTCSignalingState.h:

2017-04-13  Zalan Bujtas  <zalan@apple.com>

        BreakingContext::WordTrailingSpace cleanup.
        https://bugs.webkit.org/show_bug.cgi?id=170750

        Reviewed by Myles C. Maxfield.

        No change in functionality.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::computePreferredLogicalWidths):
        * rendering/line/BreakingContext.h:
        (WebCore::WordTrailingSpace::WordTrailingSpace):
        (WebCore::WordTrailingSpace::width):
        (WebCore::BreakingContext::handleText):

2017-04-13  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement cloneArrayBuffer in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=170008

        Reviewed by Youenn Fablet.

        Implemented cloneArrayBuffer based on existing structuredCloneArrayBuffer
        implementation. The code has been factorized so that both cloneArrayBuffer
        and structuredCloneArrayBuffer rely on the same code (which is basically
        the previous implementation of structuredCloneArrayBuffer + the ability
        to clone only a part of considered buffer).

        Test: streams/clone-array-buffer.html

        * Modules/streams/ReadableByteStreamInternals.js: Deleted cloneArrayBuffer JS implementation.
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Add cloneArrayBuffer private declaration.
        * bindings/js/StructuredClone.cpp:
        (WebCore::cloneArrayBufferImpl): Added (mostly based on previous structuredCloneArrayBuffer).
        (WebCore::cloneArrayBuffer): Added.
        (WebCore::structuredCloneArrayBuffer): Updated.
        * bindings/js/StructuredClone.h: Added cloneArrayBuffer declaration.
        * bindings/js/WebCoreBuiltinNames.h: Added cloneArrayBuffer declaration.
        * testing/Internals.cpp: Added support for testing cloneArrayBuffer.
        * testing/Internals.h: Added support for testing cloneArrayBuffer.
        * testing/Internals.idl: Added support for testing cloneArrayBuffer.

2017-04-13  Youenn Fablet  <youenn@apple.com>

        onnegotiationneeded should only be called once
        https://bugs.webkit.org/show_bug.cgi?id=170785

        Reviewed by Alex Christensen.

        Covered by updated test.

        Disabling explicit call to markAsNeedingNegotiation in case libwebrtc is used as libwebrtc is calling it.
        Making sure removeTrack gets notified up to libwebrtc.

        * Modules/mediastream/PeerConnectionBackend.h:
        (WebCore::PeerConnectionBackend::notifyRemovedTrack):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::addTrack):
        (WebCore::RTCPeerConnection::removeTrack):
        (WebCore::RTCPeerConnection::completeAddTransceiver):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::removeTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::notifyRemovedTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:

2017-04-13  Dave Hyatt  <hyatt@apple.com>

        Rendering flexbox children across columns
        https://bugs.webkit.org/show_bug.cgi?id=164166
        <rdar://problem/29055587>

        Reviewed by Zalan Bujtas.

        Added fast/multicol/flexbox-rows.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::adjustForUnsplittableChild):

2017-04-12  Alex Christensen  <achristensen@webkit.org>

        Clean up SharedBuffer public functions
        https://bugs.webkit.org/show_bug.cgi?id=170795

        Reviewed by Andreas Kling.

        Make some member functions that are now only used internally private.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::append):
        (WebCore::SharedBuffer::platformDataSize): Deleted.
        * platform/SharedBuffer.h:

2017-04-12  Dan Bernstein  <mitz@apple.com>

        [Mac] Future-proof .xcconfig files
        https://bugs.webkit.org/show_bug.cgi?id=170802

        Reviewed by Tim Horton.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:

2017-04-12  Brady Eidson  <beidson@apple.com>

        QuotaExceededError when saving to localStorage in private mode.
        https://bugs.webkit.org/show_bug.cgi?id=157010

        Reviewed by Alex Christensen.

        No new tests (Covered by changes to existing test).
        
        LocalStorage in private browsing is now effectively SessionStorage.
        It's ephemeral, per-tab, and copied over to tabs window.open()'ed from the current.

        * loader/EmptyClients.cpp:
        (WebCore::EmptyStorageNamespaceProvider::createEphemeralLocalStorageNamespace):

        * page/Chrome.cpp:
        (WebCore::Chrome::createWindow):

        * page/Page.cpp:
        (WebCore::Page::ephemeralLocalStorage):
        (WebCore::Page::setEphemeralLocalStorage):
        * page/Page.h:

        * page/SecurityOriginData.h:

        * storage/Storage.cpp:
        (WebCore::Storage::length):
        (WebCore::Storage::key):
        (WebCore::Storage::getItem):
        (WebCore::Storage::setItem):
        (WebCore::Storage::removeItem):
        (WebCore::Storage::clear):
        (WebCore::Storage::contains):
        (WebCore::Storage::isDisabledByPrivateBrowsing): Deleted.

        * storage/StorageMap.h:

        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageArea):
        * storage/StorageNamespaceProvider.h:

        * storage/StorageType.h:
        (WebCore::isLocalStorage):
        (WebCore::isPersistentLocalStorage):

2017-04-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Suppress font download dialog in new matching algorithm
        https://bugs.webkit.org/show_bug.cgi?id=169015

        Reviewed by Alexey Proskuryakov.

        Not testable.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::FontDatabase::lookupPostScriptName):

2017-04-12  Eric Carlson  <eric.carlson@apple.com>

        REGRESSION (r215242-215243): [ios-simulator] API test WebKit1.AudioSessionCategoryIOS is failing
        https://bugs.webkit.org/show_bug.cgi?id=170777
        <rdar://problem/31592877>

        Reviewed by Jer Noble.

        No new tests, fixes an existing test.

        * platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
        (PlatformMediaSessionManager::updateSessionState): Pass parameters to lambda by reference.

2017-04-12  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Set correct audio session category when capturing audio
        https://bugs.webkit.org/show_bug.cgi?id=170736
        <rdar://problem/31559405>

        Unreviewed, update an assertion I missed in r215242.

        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::PlatformMediaSession):

2017-04-12  Alex Christensen  <achristensen@webkit.org>

        Remove unused SharedBuffer::wrapCFDataArray
        https://bugs.webkit.org/show_bug.cgi?id=170794

        Reviewed by Brady Eidson.

        It's unused since r215280.

        * platform/SharedBuffer.h:
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::wrapCFDataArray): Deleted.

2017-04-12  Anders Carlsson  <andersca@apple.com>

        Tweak WebCore::setMetadataURL function
        https://bugs.webkit.org/show_bug.cgi?id=170786

        Reviewed by Beth Dakin.

        Get rid of the "referrer" parameter, it isn't used. Make the remaining parameters const. Swap the
        urlString and path parameters since that makes more sense. Use String instead of NSString in the call to WKSetMetadataURL.

        * platform/FileSystem.cpp:
        (WebCore::setMetadataURL): Deleted.
        * platform/FileSystem.h:
        * platform/mac/FileSystemMac.mm:
        (WebCore::setMetadataURL):

2017-04-12  Myles C. Maxfield  <mmaxfield@apple.com>

        Well-known variations should clamp to the values listed in the @font-face block
        https://bugs.webkit.org/show_bug.cgi?id=169260

        Reviewed by Dean Jackson.

        Most of this patch is plumbing the variation ranges from the CSSFontFace object
        to preparePlatformFont() where variation values get applied.

        Beyond that, there is one other piece of this patch - a nonspecified value in an
        @font-face block shouldn't perform any clamping, but a specified value should be
        clamped. This means that we need to retain whether or not a value is specified.
        This patch does this by migrating CSSFontFace from using FontSelectionCapabilities
        to using FontSelectionSpecifiedCapabilities, which has its internals behind
        std::optionals which represent whether or not the value was specified. For the
        purposes of font selection, these unspecified values are replaced with default
        values.

        Test: fast/text/variations/font-face-clamp.html

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::font):
        * css/CSSFontFace.h:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font):
        * css/CSSFontFaceSource.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule):
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::createFont):
        (WebCore::CachedFont::platformDataFromCustomData):
        * loader/cache/CachedFont.h:
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::createFont):
        (WebCore::CachedSVGFont::platformDataFromCustomData):
        * loader/cache/CachedSVGFont.h:
        * platform/graphics/FontCache.cpp:
        (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
        (WebCore::FontPlatformDataCacheKey::operator==):
        (WebCore::FontPlatformDataCacheKeyHash::hash):
        (WebCore::FontCache::getCachedFontPlatformData):
        (WebCore::FontCache::fontForFamily):
        * platform/graphics/FontCache.h:
        (WebCore::FontCache::fontForFamily):
        (WebCore::FontCache::getCachedFontPlatformData):
        (WebCore::FontCache::createFontPlatformDataForTesting):
        * platform/graphics/FontSelectionAlgorithm.h:
        (WebCore::FontSelectionRange::uniqueValue):
        (WebCore::FontSelectionCapabilities::operator==):
        (WebCore::FontSelectionCapabilities::operator!=):
        (WebCore::FontSelectionSpecifiedCapabilities::computeFontSelectionCapabilities):
        (WebCore::FontSelectionSpecifiedCapabilities::operator==):
        (WebCore::FontSelectionSpecifiedCapabilities::operator!=):
        (WebCore::FontSelectionSpecifiedCapabilities::operator=):
        (WebCore::FontSelectionSpecifiedCapabilities::computeWeight):
        (WebCore::FontSelectionSpecifiedCapabilities::computeWidth):
        (WebCore::FontSelectionSpecifiedCapabilities::computeSlope):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        (WebCore::fontWithFamily):
        (WebCore::FontCache::createFontPlatformData):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::lastResortFallbackFont):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/graphics/mac/FontCustomPlatformData.h:

2017-04-12  Beth Dakin  <bdakin@apple.com>

        Speculative open source build fix.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-12  Alex Christensen  <achristensen@webkit.org>

        Stop using didReceiveDataArray callback on El Capitan
        https://bugs.webkit.org/show_bug.cgi?id=170780

        Reviewed by Brady Eidson.

        didReceiveDataArray was an optimization that improved performance on iOS but is not needed any more.
        The only platform where this is used is El Capitan, and didReceiveData works fine on that platform.
        I've left some cleanup still to be done in SharedBuffer, and doing that is the motivation for this change.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/ResourceLoader.h:
        * loader/SubresourceLoader.h:
        * loader/cf/SubresourceLoaderCF.cpp: Removed.
        * loader/mac/ResourceLoaderMac.mm:
        (WebCore::ResourceLoader::didReceiveDataArray): Deleted.
        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::supportsDataArray): Deleted.
        (WebCore::ResourceHandleClient::didReceiveDataArray): Deleted.
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegate::makeConnectionClient):
        (WebCore::ResourceHandleCFURLConnectionDelegate::didReceiveDataArrayCallback): Deleted.
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveDataArray): Deleted.
        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.h:
        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveDataArray): Deleted.
        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.h:
        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveDataArray:]): Deleted.
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveDataArray:]): Deleted.

2017-04-12  Beth Dakin  <bdakin@apple.com>

        Attempted build fix.

        * platform/spi/cocoa/AVKitSPI.h:

2017-04-12  Beth Dakin  <bdakin@apple.com>

        Adopt AVKit name change from AVFunctionBar* to AVTouchBar*
        https://bugs.webkit.org/show_bug.cgi?id=170693
        -and corresponding-
        rdar://problem/31230018

        Reviewed by San Weinig.

        Since the new names only apply to some versions of macOS, this patch uses typedefs 
        for the older OS’s. SO:

        AVFunctionBarScrubber is now AVTouchBarScrubber

        AVFunctionBarPlaybackControlsProvider is now AVTouchBarPlaybackControlsProvider

        AVFunctionBarMediaSelectionOption is now AVTouchBarMediaSelectionOption

        And the protocol AVFunctionBarPlaybackControlsControlling is now 
        AVTouchBarPlaybackControlsControlling

        * platform/mac/WebPlaybackControlsManager.h:
        * platform/mac/WebPlaybackControlsManager.mm:
        (-[WebPlaybackControlsManager audioFunctionBarMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setAudioFunctionBarMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentAudioFunctionBarMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentAudioFunctionBarMediaSelectionOption:]):
        (-[WebPlaybackControlsManager legibleFunctionBarMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setLegibleFunctionBarMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentLegibleFunctionBarMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentLegibleFunctionBarMediaSelectionOption:]):
        (mediaSelectionOptions):

        Here is where the typedefs and #define are declared.
        * platform/spi/cocoa/AVKitSPI.h:

2017-04-12  Alex Christensen  <achristensen@webkit.org>

        Fix WinCairo build after r215265
        https://bugs.webkit.org/show_bug.cgi?id=170502

        m_threadId was removed in the header but not in the constructor implementation.
        Initializer lists are our friends.

        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownloadManager::CurlDownloadManager):
        (WebCore::CurlDownload::CurlDownload): Deleted.
        * platform/network/curl/CurlDownload.h:

2017-04-12  Yusuke Suzuki  <utatane.tea@gmail.com>

        Unreviewed, build fix for Win and GTK
        https://bugs.webkit.org/show_bug.cgi?id=170758

        * platform/posix/SharedBufferPOSIX.cpp:
        (WebCore::SharedBuffer::createFromReadingFile):
        * platform/win/SharedBufferWin.cpp:
        (WebCore::SharedBuffer::createFromReadingFile):

2017-04-12  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Introduce Thread class and use RefPtr<Thread> and align Windows Threading implementation semantics to Pthread one
        https://bugs.webkit.org/show_bug.cgi?id=170502

        Reviewed by Mark Lam.

        Mechanical change. Use Thread:: APIs.

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::IDBServer):
        * Modules/indexeddb/server/IDBServer.h:
        * Modules/webaudio/AsyncAudioDecoder.cpp:
        (WebCore::AsyncAudioDecoder::AsyncAudioDecoder):
        (WebCore::AsyncAudioDecoder::~AsyncAudioDecoder):
        (WebCore::AsyncAudioDecoder::runLoop):
        * Modules/webaudio/AsyncAudioDecoder.h:
        * Modules/webaudio/OfflineAudioDestinationNode.cpp:
        (WebCore::OfflineAudioDestinationNode::OfflineAudioDestinationNode):
        (WebCore::OfflineAudioDestinationNode::uninitialize):
        (WebCore::OfflineAudioDestinationNode::startRendering):
        * Modules/webaudio/OfflineAudioDestinationNode.h:
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::securityOrigin):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::start):
        (WebCore::DatabaseThread::databaseThread):
        (WebCore::DatabaseThread::recordDatabaseOpen):
        (WebCore::DatabaseThread::recordDatabaseClosed):
        * Modules/webdatabase/DatabaseThread.h:
        (WebCore::DatabaseThread::getThreadID):
        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectOnAlternateThreadForDebugging):
        * fileapi/AsyncFileStream.cpp:
        (WebCore::callOnFileThread):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::open):
        (WebCore::IconDatabase::close):
        * loader/icon/IconDatabase.h:
        * page/ResourceUsageThread.cpp:
        (WebCore::ResourceUsageThread::createThreadIfNeeded):
        * page/ResourceUsageThread.h:
        * page/scrolling/ScrollingThread.cpp:
        (WebCore::ScrollingThread::ScrollingThread):
        (WebCore::ScrollingThread::isCurrentThread):
        (WebCore::ScrollingThread::createThreadIfNeeded):
        (WebCore::ScrollingThread::threadCallback):
        * page/scrolling/ScrollingThread.h:
        * platform/audio/HRTFDatabaseLoader.cpp:
        (WebCore::HRTFDatabaseLoader::HRTFDatabaseLoader):
        (WebCore::HRTFDatabaseLoader::loadAsynchronously):
        (WebCore::HRTFDatabaseLoader::waitForLoaderThreadCompletion):
        * platform/audio/HRTFDatabaseLoader.h:
        * platform/audio/ReverbConvolver.cpp:
        (WebCore::ReverbConvolver::ReverbConvolver):
        (WebCore::ReverbConvolver::~ReverbConvolver):
        * platform/audio/ReverbConvolver.h:
        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        (WebCore::createBusFromAudioFile):
        (WebCore::createBusFromInMemoryAudioFile):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (ResourceHandleStreamingClient::ResourceHandleStreamingClient):
        (ResourceHandleStreamingClient::~ResourceHandleStreamingClient):
        * platform/network/cf/LoaderRunLoopCF.cpp:
        (WebCore::loaderRunLoop):
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownloadManager::startThreadIfNeeded):
        (WebCore::CurlDownloadManager::stopThread):
        * platform/network/curl/CurlDownload.h:
        * platform/network/curl/SocketStreamHandleImpl.h:
        * platform/network/curl/SocketStreamHandleImplCurl.cpp:
        (WebCore::SocketStreamHandleImpl::startThread):
        (WebCore::SocketStreamHandleImpl::stopThread):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::WorkerThread):
        (WebCore::WorkerThread::start):
        (WebCore::WorkerThread::workerThread):
        * workers/WorkerThread.h:
        (WebCore::WorkerThread::threadID):

2017-04-10  Antti Koivisto  <antti@apple.com>

        Cache small media resources in disk cache
        https://bugs.webkit.org/show_bug.cgi?id=170676
        <rdar://problem/31532649>

        Reviewed by Andreas Kling.

        Test: http/tests/cache/disk-cache/disk-cache-media-small.html

        Testing support. Functional changes are in WebKit2.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader):
        (WebCore::HTMLMediaElement::lastMediaResourceLoaderForTesting):
        * html/HTMLMediaElement.h:
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::MediaResourceLoader):
        (WebCore::MediaResourceLoader::addResponseForTesting):
        (WebCore::MediaResource::responseReceived):
        * loader/MediaResourceLoader.h:
        * platform/network/cocoa/WebCoreNSURLSession.mm:
        (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):

            We can now receive cached responses.

        * testing/Internals.cpp:
        (WebCore::responseSourceToString):
        (WebCore::Internals::xhrResponseSource):
        (WebCore::Internals::mediaResponseSources):
        (WebCore::Internals::mediaResponseContentRanges):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-12  Alex Christensen  <achristensen@webkit.org>

        Modernize vector adoption
        https://bugs.webkit.org/show_bug.cgi?id=170758

        Reviewed by Geoffrey Garen.

        * Modules/encryptedmedia/InitDataRegistry.cpp:
        (WebCore::extractKeyIDsKeyids):
        * Modules/indexeddb/IDBGetResult.cpp:
        (WebCore::IDBGetResult::dataFromBuffer):
        * Modules/indexeddb/IDBKeyData.cpp:
        (WebCore::IDBKeyData::decode):
        * Modules/indexeddb/server/IDBSerialization.cpp:
        (WebCore::serializeIDBKeyData):
        (WebCore::decodeKey):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):
        (WebCore::IDBServer::SQLiteIDBBackingStore::getAllObjectStoreRecords):
        (WebCore::IDBServer::SQLiteIDBBackingStore::uncheckedGetIndexRecordForOneKey):
        * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
        (WebCore::IDBServer::SQLiteIDBCursor::internalFetchNextRecord):
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::font):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::loadCache):
        * loader/archive/mhtml/MHTMLParser.cpp:
        (WebCore::MHTMLParser::parseNextPart):
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::createCustomFontData):
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::ensureCustomFontData):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::create):
        (WebCore::utf8Buffer):
        (WebCore::SharedBuffer::adoptVector): Deleted.
        * platform/SharedBuffer.h:
        * platform/ThreadSafeDataBuffer.h:
        (WebCore::ThreadSafeDataBufferImpl::ThreadSafeDataBufferImpl):
        (WebCore::ThreadSafeDataBuffer::create):
        (WebCore::ThreadSafeDataBuffer::ThreadSafeDataBuffer):
        (WebCore::ThreadSafeDataBuffer::decode):
        (): Deleted.
        (WebCore::ThreadSafeDataBuffer::adoptVector): Deleted.
        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::registerBlobURL):
        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::decodeBase64):
        (WebCore::DataURLDecoder::decodeEscaped):

2017-04-12  Per Arne Vollan  <pvollan@apple.com>

        Implement stroke-color CSS property.
        https://bugs.webkit.org/show_bug.cgi?id=169352

        Reviewed by Jon Lee.

        Support setting text stroke color using the CSS property stroke-color, see https://drafts.fxtf.org/paint/.
        Text stroke color can currently be set with the -webkit-text-stroke-color property. To make sure this still
        works, I added a check to determine if the stroke-color property has been explicitly set. If it has not been
        set, we fall back to the value of the -webkit-text-stroke-color property.

        Tests: fast/css/stroke-color-fallback.html
               fast/css/stroke-color.html
               fast/css/visited-link-stroke-color.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSProperties.json:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueStrokeColor):
        * css/StyleResolver.cpp:
        (WebCore::isValidVisitedLinkProperty):
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::isColorPropertyID):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::parseSingleValue):
        * rendering/TextDecorationPainter.cpp:
        (WebCore::decorationColor):
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle):
        (WebCore::computeTextSelectionPaintStyle):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresRepaintIfTextOrBorderOrOutline):
        (WebCore::RenderStyle::colorIncludingFallback):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::strokeColor):
        (WebCore::RenderStyle::setStrokeColor):
        (WebCore::RenderStyle::setVisitedLinkStrokeColor):
        (WebCore::RenderStyle::visitedLinkStrokeColor):
        (WebCore::RenderStyle::setHasExplicitlySetStrokeColor):
        (WebCore::RenderStyle::hasExplicitlySetStrokeColor):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator==):
        * rendering/style/StyleRareInheritedData.h:

2017-04-11  Zan Dobersek  <zdobersek@igalia.com>

        [GTK] Use the DisplayRefreshMonitor facilities
        https://bugs.webkit.org/show_bug.cgi?id=170599

        Reviewed by Carlos Garcia Campos.

        * CMakeLists.txt: Add missing files to the build.
        * platform/graphics/DisplayRefreshMonitor.cpp: Build fixes.
        (WebCore::DisplayRefreshMonitor::createDefaultDisplayRefreshMonitor):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::updatePlatformLayer): Mark the
        platform layer as updated in the layer's CoordinatedGraphicsState.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:

2017-04-11  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Allow modern-media-controls to be provided through WebKitAdditions
        https://bugs.webkit.org/show_bug.cgi?id=170722
        <rdar://problem/31553089>

        Reviewed by Dean Jackson.

        If modern media controls source files are provided through WebKitAdditions, use these instead
        of the sources found in the WebCore module.

        * WebCore.xcodeproj/project.pbxproj:

2017-04-11  Dean Jackson  <dino@apple.com>

        Disable outdated WritableStream API
        https://bugs.webkit.org/show_bug.cgi?id=170749
        <rdar://problem/31446233>

        Reviewed by Tim Horton.

        The API we implement is no longer accurate. Disable it until we
        are compatible with the new specification

        * Configurations/FeatureDefines.xcconfig:

2017-04-11  Matt Rajca  <mrajca@apple.com>

        Consider the current document when allowing autoplay quirks.
        https://bugs.webkit.org/show_bug.cgi?id=170744

        Reviewed by Eric Carlson.

        Added API test.

        In addition to checking if the top-level document supports autoplay quirks, we should check
        if the current document supports quirks. This allows all embedded YouTube videos (which use
        iframes) to play correctly if the client allows autoplay quirks on youtube.com.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::dispatchPlayPauseEventsIfNeedsQuirks):

2017-04-11  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215245.

        This change broke internal builds.

        Reverted changeset:

        "[Modern Media Controls] Allow modern-media-controls to be
        provided through WebKitAdditions"
        https://bugs.webkit.org/show_bug.cgi?id=170722
        http://trac.webkit.org/changeset/215245

2017-04-11  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Allow modern-media-controls to be provided through WebKitAdditions
        https://bugs.webkit.org/show_bug.cgi?id=170722
        <rdar://problem/31553089>

        Reviewed by Dean Jackson.

        If modern media controls source files are provided through WebKitAdditions, use these instead
        of the sources found in the WebCore module.

        * WebCore.xcodeproj/project.pbxproj:

2017-04-10  Matt Rajca  <mrajca@apple.com>

        Change autoplay state to "prevented" when media is paused due to restrictions.
        https://bugs.webkit.org/show_bug.cgi?id=170686

        Reviewed by Alex Christensen.

        Added API tests.

        Currently, the autoplay state is set to "prevented" when playback is about to begin without
        user interaction and there are restrictions in place. We should also be setting this flag when
        autoplay is allowed but due to a change in audio tracks, for example, it gets paused.

        This patch also moves some common logic into setPlaybackWithoutUserGesture without changing behavior.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setReadyState):
        (WebCore::HTMLMediaElement::play):
        (WebCore::HTMLMediaElement::mediaPlayerDidAddAudioTrack):
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged):
        (WebCore::HTMLMediaElement::setPlaybackWithoutUserGesture):
        (WebCore::HTMLMediaElement::updateShouldPlay):

2017-04-11  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Set correct audio session category when capturing audio
        https://bugs.webkit.org/show_bug.cgi?id=170736
        <rdar://problem/31559405>

        Reviewed by Jer Noble.

        No new tests yet, filed bug 170737.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream): Initialize m_mediaSession.
        (WebCore::MediaStream::statusDidChange): Call canProduceAudioChanged.
        (WebCore::MediaStream::mediaType): New. Return MediaStreamCapturingAudio when actively
        capturing audio.
        (WebCore::MediaStream::presentationType):
        (WebCore::MediaStream::characteristics):
        (WebCore::MediaStream::mayResumePlayback):
        (WebCore::MediaStream::suspendPlayback):
        (WebCore::MediaStream::sourceApplicationIdentifier):
        (WebCore::MediaStream::canProduceAudio):
        * Modules/mediastream/MediaStream.h:

        * platform/audio/PlatformMediaSession.h: Add MediaStreamCapturingAudio.
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::has): Adjust assert for MediaStreamCapturingAudio.
        (WebCore::PlatformMediaSessionManager::count): Ditto.
        * platform/audio/cocoa/MediaSessionManagerCocoa.cpp:
        (PlatformMediaSessionManager::updateSessionState): Set small preferred buffer size when
        capturing audio. Set audio session category to PlayAndRecord whenever there is a media
        stream that is capturing audio.

2017-04-11  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WebCore][JSC] ResourceUsageData.{timeOfNextEdenCollection,timeOfNextFullCollection} should be MonotonicTime
        https://bugs.webkit.org/show_bug.cgi?id=170725

        Reviewed by Sam Weinig.

        Use MonotonicTime instead of raw doubles.
        Currently, large part of data structures and helper functions are the same in
        ResourceUsageOverlayCocoa.mm and ResourceUsageOverlayLinux.cpp. This should be
        unified in a separate patch.

        * page/ResourceUsageData.h:
        * page/cocoa/ResourceUsageOverlayCocoa.mm:
        (WebCore::gcTimerString):
        (WebCore::ResourceUsageOverlay::platformDraw):
        * page/linux/ResourceUsageOverlayLinux.cpp:
        (WebCore::gcTimerString):

2017-04-11  Youenn Fablet  <youenn@apple.com>

        Activate WebRTC data channel tests for WK1
        https://bugs.webkit.org/show_bug.cgi?id=170710

        Reviewed by Eric Carlson.

        Covered by existing and activated tests.

        Making LibWebRTCProvider::factory not static.
        For that purpose LibWebRTCMediaEndpoint now stores its peer connection factory reference.
        Making LibWebRTCProvider use libebrtc networking by default.

        Removing some no longer needed checks related to libwebrtc availability.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::LibWebRTCMediaEndpoint):
        (WebCore::LibWebRTCMediaEndpoint::addTrack):
        (WebCore::LibWebRTCMediaEndpoint::doCreateOffer):
        (WebCore::LibWebRTCMediaEndpoint::doCreateAnswer):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::LibWebRTCProvider::factory):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:

2017-04-11  Youenn Fablet  <youenn@apple.com>

        MediaStream id should be equal to msid
        https://bugs.webkit.org/show_bug.cgi?id=170712

        Reviewed by Eric Carlson.

        Covered by rebased tests.

        Setting MediaStream id to libwebrtc mediastream label.
        Refactoring to use more Ref<> in MediaStream code.

        Making PeerConnection use the libwebrtc backend by default for layout tests instead of the mock.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        (WebCore::createTrackPrivateVector):
        (WebCore::MediaStream::MediaStream):
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStreamRegistry.cpp:
        (WebCore::MediaStreamRegistry::lookUp):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::allow):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::mediaStreamFromRTCStream):
        (WebCore::LibWebRTCMediaEndpoint::addRemoteStream):
        (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::load):
        * platform/graphics/MediaPlayer.h:
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::MediaStreamPrivate):
        * platform/mediastream/MediaStreamPrivate.h:
        (WebCore::MediaStreamPrivate::create):
        * testing/Internals.cpp:
        (WebCore::Internals::Internals):

2017-04-11  Chris Fleizach  <cfleizach@apple.com>

        AX: Web article navigation does not work (article rotor for Facebook, Twitter, Messages etc.)
        https://bugs.webkit.org/show_bug.cgi?id=170330
        <rdar://problem/31366105>

        Reviewed by Joanmarie Diggs.

        Add a search ability for the "article" role.

        Test: accessibility/mac/search-predicate-article.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isAccessibilityObjectSearchMatchAtIndex):
        * accessibility/AccessibilityObject.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityArticleAncestor]):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (createAccessibilitySearchKeyMap):

2017-04-11  Chris Fleizach  <cfleizach@apple.com>

        AX: PDF plugin needs to support PDF-DOM Mode
        https://bugs.webkit.org/show_bug.cgi?id=170589

        Reviewed by Tim Horton.

        Provide WebCore support for accessibility connect to PDF document.
        This includes the ability to connect a PDF annotation created node within WebKit to 
         its PDFAnnotation parent (through use of shadowPluginParent).

        * accessibility/AXObjectCache.h:
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXPostNotificationWithUserInfo):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper shadowPluginParent]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        * html/HTMLAttributeNames.in:
        * plugins/PluginViewBase.h:
        (WebCore::PluginViewBase::accessibilityShadowPluginParentForElement):

2017-04-11  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r215153): Request Animation Frame broken when building without REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR
        https://bugs.webkit.org/show_bug.cgi?id=170719

        Reviewed by Žan Doberšek.

        This is because when not using the display refresh monitor, the timer is always used, not only when throttling,
        but since r215153 the rAF timer is always aligned to 30ms.

        Fixes: fast/animation/request-animation-frame-too-rapid.html

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::scheduleAnimation): Only do the timer alignment when throttling.

2017-04-11  Yoav Weiss  <yoav@yoav.ws>

        [link preload] Double downloads of preloaded content when it's in MemoryCache
        https://bugs.webkit.org/show_bug.cgi?id=170122

        Reviewed by Antti Koivisto.

        No new tests, but unflaked http/tests/preload/single_download_preload_headers_charset.html.

        The test was flaky because it appears as if MemoryCache is not being evicted between runs,
        and running multiple iterations of the test resulted in preloaded being taken out of MemoryCache
        and not having the unknown encoding flag. In those cases, the result was a double download and
        a failed test.

        * loader/TextResourceDecoder.cpp:
        (WebCore::TextResourceDecoder::setEncoding): Set the m_encodingSet flag.
        * loader/TextResourceDecoder.h: Added an m_encodingSet flag initialized to false.
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::setEncoding): Assert that stylesheets don't maintain decoded text.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource): Remove initialization of hasUnknownEncoding flag.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::hasUnknownEncoding): Remove.
        (WebCore::CachedResource::setHasUnknownEncoding): Remove.
        (WebCore::CachedResource::CachedResource): Remove initialization of hasUnknownEncoding flag.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy): Set the encoding in case it changed.

2017-04-11  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r215211): [GTK] Lots of image related tests are timing out, causing the test bot to exit early
        https://bugs.webkit.org/show_bug.cgi?id=170727

        Reviewed by Carlos Garcia Campos.

        Since r215211 ImageDecoder::isSizeAvailable() calls encodedDataStatus() in the different decoder implementations,
        and those implementations force a partial decoding of the image if the size is not available yet. But
        ImageDecoder::isSizeAvailable() was already being used inside the decoders assuming that it wasn't going to
        force this partial decoding. Due to this, there are some situations where the partial decoding is not
        desired but it's happening anyway. For example, the check in setSize(), which causes the partial decoding
        to happen again and again because no value is actually set to the animation size (which causes the timouts
        in the test bot).

        To avoid this, replace all the calls to ImageDecoder::isSizeAvailable() inside the decoders with calls to
        ImageDecoder::encodedDataStatus(), which doesn't force the partial decoding.

        Covered by existent tests.

        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::setSize):
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::decodeAtIndex):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageReader::decode):
        (WebCore::PNGImageDecoder::frameBufferAtIndex):
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::decode):

2017-04-11  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r215211): [GTK] Lots of image related tests are crashing, causing the test bot to exit early
        https://bugs.webkit.org/show_bug.cgi?id=170721

        Reviewed by Carlos Garcia Campos.

        r215211 caused an infinite loop because of calls between ImageDecoder::isSizeAvailable() and the specializations of
        ImageDecoder::encodedDataStatus(). Change the different decoders so ImageDecoder::encodedDataStatus doesn't call
        ImageDecoder::isSizeAvailable().

        Covered by existent tests.

        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::encodedDataStatus):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::encodedDataStatus):
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::encodedDataStatus):
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::encodedDataStatus):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::encodedDataStatus):
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::encodedDataStatus):

2017-04-10  Alex Christensen  <achristensen@webkit.org>

        Revert r215217
        https://bugs.webkit.org/show_bug.cgi?id=170703

        * Configurations/FeatureDefines.xcconfig:

2017-04-10  Chris Dumez  <cdumez@apple.com>

        Fix bad change in r215167.
        https://bugs.webkit.org/show_bug.cgi?id=170656

        Reviewed by Yusuke Suzuki.

        Revert mistake made in r215167.

        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::caretBlinkInterval):

2017-04-10  Alex Christensen  <achristensen@webkit.org>

        Continue enabling WebRTC
        https://bugs.webkit.org/show_bug.cgi?id=170703

        Reviewed by Youenn Fablet.

        * Configurations/FeatureDefines.xcconfig:

2017-04-10  Jeremy Jones  <jeremyj@apple.com>

        PlayerLayerView +layerClass methods should use return type Class.
        https://bugs.webkit.org/show_bug.cgi?id=165406

        Reviewed by Sam Weinig.

        No new tests because not behavior change.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebAVPictureInPicturePlayerLayerView_layerClass):
        (WebAVPlayerLayerView_layerClass):

2017-04-10  Said Abou-Hallawa  <sabouhallawa@apple.com>

        CachedImage should stop decoding images when unknown type is detected
        https://bugs.webkit.org/show_bug.cgi?id=170530

        Reviewed by Tim Horton.

        If the status of the encoded data is "unknown type", WebKit should stop
        decoding the rest of the data. Ideally WebKit should also cancel loading
        the rest of the encoded data.
        
        To do that we need to add a function to the ImageDecoder to return the
        encodedDataStatus(). We also need to change the return type of Image::setData()
        and Image::dataChanged() form bool to EncodedDataStatus.

        * WebCore.xcodeproj/project.pbxproj: Add ImageTypes.h to the WebCore project.
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer): Replace checking !sizeAvailable 
        by checking if encodedDataStatus isn't an error but it has not reached
        sizeAvailable state
        * loader/cache/CachedResourceClientWalker.h:
        (WebCore::CachedResourceClientWalker::CachedResourceClientWalker): Unrelated clean-up.
        (WebCore::CachedResourceClientWalker::next): Ditto.
        * loader/icon/IconRecord.cpp:
        (WebCore::IconRecord::setImageData): Image::setData() used to return a bool. Now it returns
        an EncodedDataStatus. !setData() now means setData() < EncodedDataStatus::SizeAvailable.
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::dataChanged): Replace the return of dataChanged() from bool
        by EncodedDataStatus.
        * platform/graphics/BitmapImage.h: Replace isSizeAvailable() by a new function
        named encodedDataStatus().
        * platform/graphics/Image.cpp:
        (WebCore::Image::setData): Code clean-up and adding a clarification comment.
        * platform/graphics/Image.h: Change the return of setData() and dataChanged() to be
        EncodedDataStatus.
        (WebCore::Image::dataChanged): Return EncodedDataStatus::Unknown as an indication
        the size is not available but we do not have an error.
        * platform/graphics/ImageTypes.h: Added.
        Image definitions which are shared among Image, ImageDecoder, ImageSource,
        ImageFrameCache and ImageFrame used to be added to ImageFrame.h. This has
        been annoying since these definitions aren't related to ImageFrame only.
        A new header file named ImageTypes.h is to the to include such definitions.
        (WebCore::operator++):
        * platform/graphics/ImageFrame.h:
        (WebCore::operator++): Deleted.
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::ImageFrameCache): This is the case of a BitmapImage without
        a decoder but with a NativeImage. The status has to be EncodedDataStatus::Complete.
        (WebCore::ImageFrameCache::growFrames): Replace if (isSizeAvailable()) by
        if (encodedDataStatus() >= EncodedDataStatus::SizeAvailable).
        (WebCore::ImageFrameCache::metadata): Ditto.
        (WebCore::ImageFrameCache::encodedDataStatus): This is a replacement for isSizeAvailable().
        Don't cache the EncodedDataStatus until it is Complete. Don't call didDecodeProperties()
        until the status >= EncodedDataStatus::SizeAvailable.
        (WebCore::ImageFrameCache::isSizeAvailable): Deleted.
        * platform/graphics/ImageFrameCache.h: Replace isSizeAvailable() by encodedDataStatus().
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::dataChanged): Make return an EncodedDataStatus instead of returning
        a bool for isSizeAvailable.
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::encodedDataStatus): Replace isSizeAvailable() by encodedDataStatus().
        (WebCore::ImageSource::isSizeAvailable): Deleted.
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::encodedDataStatus): Replace isSizeAvailable() by encodedDataStatus().
        The logic of this function is the following:
            -- CGImageSourceGetStatus() can return kCGImageStatusUnexpectedEOF, kCGImageStatusInvalidData
            or kCGImageStatusReadingHeader even if CG will end up recovering form the error and drawing
            the image. Actually CG initializes the status of CGImageSource before receiving any data
            with kCGImageStatusInvalidData. So the status will be considered an error only if all the
            data is received but CG does not move the status of this CGImageSource to Complete.
            -- If CGImageSourceGetStatus() returns Incomplete, this means CG already created the image
            reader and therefore the image type is known.
            -- If CGImageSourceGetStatus() returns UnknownType, this means CG could not create the
            image reader and this should be considered an error.
        (WebCore::ImageDecoder::isSizeAvailable): Deleted.
        * platform/graphics/cg/ImageDecoderCG.h: Replace isSizeAvailable() by encodedDataStatus().
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::dataChanged): The PDFDocument is created only when allDataReceived.
        * platform/graphics/cg/PDFDocumentImage.h: Change the return type from bool to EncodedDataStatus.
        * platform/image-decoders/ImageDecoder.h: 
        (WebCore::ImageDecoder::encodedDataStatus): Add a new function encodedDataStatus(). Deduce the
        status of the encoded data from the flags m_failed, m_isAllDataReceived and m_sizeAvailable in
        this order.
        (WebCore::ImageDecoder::isSizeAvailable): Make this function uses encodedDataStatus().
        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::encodedDataStatus): Replace isSizeAvailable() by encodedDataStatus().
        (WebCore::BMPImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::encodedDataStatus): Ditto.
        (WebCore::GIFImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::encodedDataStatus): Ditto.
        (WebCore::ICOImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::encodedDataStatus): Ditto.
        (WebCore::JPEGImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::encodedDataStatus): Ditto.
        (WebCore::PNGImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/png/PNGImageDecoder.h:
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        (WebCore::WEBPImageDecoder::encodedDataStatus): Ditto.
        (WebCore::WEBPImageDecoder::isSizeAvailable): Deleted.
        * platform/image-decoders/webp/WEBPImageDecoder.h:
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged): m_page is created only when allDataReceived is true.
        * svg/graphics/SVGImage.h:

2017-04-10  Myles C. Maxfield  <mmaxfield@apple.com>

        Mark SVG-Within-OpenType as "Under Consideration"
        https://bugs.webkit.org/show_bug.cgi?id=170706

        Reviewed by Brady Eidson.

        * features.json:

2017-04-10  Jeremy Jones  <jeremyj@apple.com>

        Add CoreAudioCaptureSource.
        https://bugs.webkit.org/show_bug.cgi?id=170112
        rdar://problem/30293338

        Reviewed by Eric Carlson.

        No new tests because this provides the same funcitonality as AVAudioCaptureSource. 
        Funcionality is covered by existing test cases.

        Add CoreAudioCaptureSource for audio capture. And use it by default in AVCaptureDeviceManager.
        Add UseAVFoundationAudioCapture setting to switch back to AVFoundation for audio capture.

        * WebCore.xcodeproj/project.pbxproj:
        * page/Settings.cpp:
        (WebCore::Settings::useAVFoundationAudioCapture):
        (WebCore::Settings::setUseAVFoundationAudioCapture):
        * page/Settings.h:
        * platform/mediastream/mac/AVCaptureDeviceManager.h:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::setUseAVFoundationAudioCapture):
        * platform/mediastream/mac/CoreAudioCaptureSource.cpp: Added.
        (WebCore::CoreAudioCaptureSource::create):
        (WebCore::CoreAudioCaptureSource::factory):
        (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
        (WebCore::CoreAudioCaptureSource::preferredSampleRate):
        (WebCore::CoreAudioCaptureSource::preferredIOBufferDuration):
        (WebCore::CoreAudioCaptureSource::configureMicrophoneProc):
        (WebCore::CoreAudioCaptureSource::configureSpeakerProc):
        (WebCore::CoreAudioCaptureSource::addMicrophoneDataConsumer):
        (WebCore::CoreAudioCaptureSource::removeMicrophoneDataConsumer):
        (WebCore::CoreAudioCaptureSource::addEchoCancellationSource):
        (WebCore::CoreAudioCaptureSource::removeEchoCancellationSource):
        (WebCore::CoreAudioCaptureSource::checkTimestamps):
        (WebCore::CoreAudioCaptureSource::provideSpeakerData):
        (WebCore::CoreAudioCaptureSource::speakerCallback):
        (WebCore::CoreAudioCaptureSource::processMicrophoneSamples):
        (WebCore::CoreAudioCaptureSource::microphoneCallback):
        (WebCore::CoreAudioCaptureSource::defaultOutputDevice):
        (WebCore::CoreAudioCaptureSource::defaultInputDevice):
        (WebCore::CoreAudioCaptureSource::setupAudioUnits):
        (WebCore::CoreAudioCaptureSource::startProducingData):
        (WebCore::CoreAudioCaptureSource::stopProducingData):
        (WebCore::CoreAudioCaptureSource::suspend):
        (WebCore::CoreAudioCaptureSource::resume):
        (WebCore::CoreAudioCaptureSource::capabilities):
        (WebCore::CoreAudioCaptureSource::settings):
        * platform/mediastream/mac/CoreAudioCaptureSource.h: Added.
        * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
        (WebCore::RealtimeMediaSourceCenterMac::RealtimeMediaSourceCenterMac):
        (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):

2017-04-10  Youenn Fablet  <youenn@apple.com>

        Wrap legacy MediaStream API in runtime flag
        https://bugs.webkit.org/show_bug.cgi?id=169877

        Reviewed by Alex Christensen.

        Covered by binding tests.

        Marking navigator.getUserMedia and MediaStreamEvent as runtime enabled if mediastream and webrtclegacy api flags
        are on.
        Updated binding generator to support multiple runtime flags.

        * Modules/mediastream/MediaStreamEvent.idl:
        * Modules/mediastream/NavigatorUserMedia.idl:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GetRuntimeEnableFunctionName):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjPrototype::finishCreation):
        * bindings/scripts/test/TestObj.idl:

2017-04-10  Youenn Fablet  <youenn@apple.com>

        Remove deprecated parts of media stream spec
        https://bugs.webkit.org/show_bug.cgi?id=169879

        Reviewed by Jon Lee.

        Removing MediaStreamTrackState 'new' value which was unused.
        Removing MediaStreamTrack _readonly attribute which was unused.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::readonly): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/MediaStreamTrack.idl:
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::readonly): Deleted.
        * platform/mediastream/MediaStreamTrackPrivate.h:
        * platform/mediastream/RealtimeMediaSource.h:

2017-04-10  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215175.

        This change caused a flaky crash in existing media tests.

        Reverted changeset:

        "Add fallback fonts to video captions stylesheet."
        https://bugs.webkit.org/show_bug.cgi?id=170495
        http://trac.webkit.org/changeset/215175

2017-04-10  Wenson Hsieh  <wenson_hsieh@apple.com>

        Data interaction on an image enclosed by an anchor should vend the anchor's URL
        https://bugs.webkit.org/show_bug.cgi?id=170660
        <rdar://problem/31043220>

        Reviewed by Tim Horton.

        When writing an image embedded inside an anchor to the pasteboard, actually use the enclosing anchor's href if
        it exists. Previously, we were simply dropping this argument on the floor.

        Covered by 2 new DataInteractionTests: ImageInLinkToInput and ImageInLinkWithoutHREFToInput.

        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::writeImageToPasteboard):

2017-04-10  Jon Lee  <jonlee@apple.com>

        Update localizable strings to "full screen" from "fullscreen"
        https://bugs.webkit.org/show_bug.cgi?id=170675
        rdar://problem/28207034

        Reviewed by Antoine Quint.

        For localizable strings, it should consistently be "full screen" instead of "fullscreen".

        * English.lproj/Localizable.strings:
        * English.lproj/modern-media-controls-localized-strings.js:
        * platform/LocalizedStrings.cpp:
        (WebCore::contextMenuItemTagExitVideoFullscreen):
        (WebCore::localizedMediaControlElementString):
        * platform/cocoa/LocalizedStringsCocoa.mm:
        (WebCore::exitFullScreenButtonAccessibilityTitle):

2017-04-10  Andreas Kling  <akling@apple.com>

        Don't generate extra scrolling tiles for non-visible pages.
        https://bugs.webkit.org/show_bug.cgi?id=167213
        <rdar://problem/30105774>

        Reviewed by Antti Koivisto.

        Reduce the tiling coverage to a minimum when the page is non-visible.
        On macOS, this means that fully occluded web views can maintain a smaller set of tiles
        in non-volatile surfaces, reducing net footprint.

        Test: compositing/tiling/non-visible-window-tile-coverage.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::computePageTiledBackingCoverage): If the page's activity state is non-visible, use minimal tile coverage.
        * platform/ScrollView.h:
        * page/FrameView.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::hide): Call adjustTiledBackingCoverage() in hide() since it now takes page visibility into account.

        (WebCore::FrameView::enableSpeculativeTilingIfNeeded):
        * testing/Internals.cpp:
        (WebCore::Internals::setSpeculativeTilingDelayDisabledForTesting):
        * testing/Internals.h:
        * testing/Internals.idl: Add an internals API for disabling the 500ms delay before speculative tiling begins after
        the main frame load finishes. This is needed for reliably testing this change.

2017-04-10  Per Arne Vollan  <pvollan@apple.com>

        Add fallback fonts to video captions stylesheet.
        https://bugs.webkit.org/show_bug.cgi?id=170495

        Reviewed by Myles C. Maxfield.

        The kCTFontCascadeListAttribute key is used to obtain the cascade list for a font reference.

        I have not added a test, since CaptionUserPreferences::testingMode() returns true when running tests,
        preventing this code path from being executed.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionsDefaultFontCSS):

2017-04-10  Chris Dumez  <cdumez@apple.com>

        Drop Timer::startOneShot() overload taking a double
        https://bugs.webkit.org/show_bug.cgi?id=170659

        Reviewed by Yusuke Suzuki.

        Drop Timer::startOneShot() overload taking a double as people should use Seconds type now.

        * Modules/geolocation/GeoNotifier.cpp:
        (WebCore::GeoNotifier::startTimerIfNeeded):
        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::configureWatchdogTimer):
        * Modules/mediasession/WebMediaSessionManager.h:
        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged):
        * Modules/vibration/Vibration.cpp:
        (WebCore::Vibration::timerFired):
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::close):
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::enqueuePasswordValueChangeNotification):
        (WebCore::AXObjectCache::postLiveRegionChangeNotification):
        (WebCore::AXObjectCache::focusAriaModalNode):
        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::setStatus):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::addToMatchedPropertiesCache):
        * dom/Document.cpp:
        (WebCore::Document::setVisualUpdatesAllowed):
        (WebCore::Document::finishedParsing):
        * dom/ScriptedAnimationController.cpp:
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::startAlternativeTextUITimer):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::addBehaviorRestrictionsOnEndIfNecessary):
        (WebCore::HTMLMediaElement::handleSeekToPlaybackPosition):
        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::startSearchEventTimer):
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::setMessageDOMAndStartTimer):
        * html/canvas/WebGLRenderingContextBase.cpp:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::startTimer):
        (WebCore::MediaControlPanelElement::makeTransparent):
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::startTimer):
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::frameScheduledNavigationImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::frameScheduledNavigation):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::frameScheduledNavigation):
        * inspector/InspectorPageAgent.h:
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::startTimer):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::documentDidFinishLoadEvent):
        * loader/icon/IconDatabase.cpp:
        * page/EventHandler.cpp:
        * page/EventSource.cpp:
        (WebCore::EventSource::scheduleReconnect):
        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedElementNeedsRepaint):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollPositionChanged):
        (WebCore::FrameView::enableSpeculativeTilingIfNeeded):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:
        (WebCore::Settings::setTimeWithoutMouseMovementBeforeHidingControls):
        (WebCore::Settings::timeWithoutMouseMovementBeforeHidingControls):
        * page/SuspendableTimer.h:
        * page/animation/CSSAnimationController.cpp:
        * page/mac/EventHandlerMac.mm:
        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::setTextIndicator):
        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::stop):
        * platform/ScrollAnimationSmooth.cpp:
        (WebCore::getAnimationParametersForGranularity):
        (WebCore::ScrollAnimationSmooth::updatePerAxisData):
        (WebCore::ScrollAnimationSmooth::animateScroll):
        (WebCore::ScrollAnimationSmooth::animationTimerFired):
        (WebCore::ScrollAnimationSmooth::startNextTimer):
        * platform/ScrollAnimationSmooth.h:
        * platform/Timer.h:
        (WebCore::TimerBase::startRepeating):
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::scheduleClientDataBufferingCheck):
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::scheduleStatelessScrollSnap):
        * platform/gamepad/cocoa/GameControllerGamepadProvider.mm:
        (WebCore::GameControllerGamepadProvider::gamepadHadInput):
        * platform/gamepad/mac/HIDGamepadProvider.cpp:
        (WebCore::HIDGamepadProvider::openAndScheduleManager):
        (WebCore::HIDGamepadProvider::valuesChanged):
        * platform/glib/MainThreadSharedTimerGLib.cpp:
        (WebCore::MainThreadSharedTimer::setFireInterval):
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::startTimer):
        (WebCore::BitmapImage::internalStartAnimation):
        (WebCore::BitmapImage::advanceAnimation):
        (WebCore::BitmapImage::resetAnimation):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/MediaPlaybackTargetPicker.cpp:
        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
        * platform/graphics/ca/LayerPool.cpp:
        (WebCore::LayerPool::schedulePrune):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3DManager::updateHighPerformanceState):
        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::scheduleReleaseUnusedTextures):
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::scheduleReleaseUnusedBuffers):
        (WebCore::TextureMapperPlatformLayerProxy::releaseUnusedBuffersTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        * platform/gtk/ScrollAnimatorGtk.cpp:
        (WebCore::ScrollAnimatorGtk::overlayScrollbarAnimationTimerFired):
        (WebCore::ScrollAnimatorGtk::showOverlayScrollbars):
        (WebCore::ScrollAnimatorGtk::hideOverlayScrollbars):
        * platform/gtk/ScrollAnimatorGtk.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason):
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::startScrollbarPaintTimer):
        * platform/mock/MediaPlaybackTargetPickerMock.cpp:
        * platform/mock/PlatformSpeechSynthesizerMock.cpp:
        (WebCore::PlatformSpeechSynthesizerMock::speak):
        * platform/mock/TimerEventBasedMock.h:
        (WebCore::TimerEvent::TimerEvent):
        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::add):
        (WebCore::DNSResolveQueue::timerFired):
        * platform/network/PingHandle.h:
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        (WebCore::ResourceHandleManager::add):
        (WebCore::ResourceHandleManager::cancel):
        * platform/network/mac/NetworkStateNotifierMac.cpp:
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::sendPendingRequest):
        * rendering/ImageQualityController.cpp:
        (WebCore::ImageQualityController::restartTimer):
        * rendering/RenderLayerCompositor.cpp:
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::RenderProgress):
        * rendering/RenderProgress.h:
        * rendering/RenderText.cpp:
        (WebCore::SecureTextTimer::restart):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::animationRepeatIntervalForProgressBar):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::mediaControlsFadeOutDuration):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::animationRepeatIntervalForProgressBar):
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::animationRepeatIntervalForProgressBar):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::animationRepeatIntervalForProgressBar):
        (WebCore::RenderThemeMac::animationDurationForProgressBar):
        * replay/EventLoopInputDispatcher.cpp:
        (WebCore::EventLoopInputDispatcher::dispatchInputSoon):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::startTimer):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::setTimeWithoutMouseMovementBeforeHidingControls):
        * testing/InternalSettings.h:
        * testing/Internals.cpp:
        (WebCore::Internals::setImageFrameDecodingDuration):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):

2017-04-10  Miguel Gomez  <magomez@igalia.com>

        REGRESSION(r205841): [GTK] Test fast/images/animated-png.html is failing since r205841
        https://bugs.webkit.org/show_bug.cgi?id=168425

        Reviewed by Said Abou-Hallawa.

        There is a problem with animations that are blending their frames into the previous frame. Due to a change
        in how pixel components are premultiplied (the result is now rounded up), the parameters to the blending
        operation may vary in one unit, causing the result of the blending to be different from the expected result.
        In order to fix this, a new parameter is added to indicate whether we want to use rounding up when
        premultiplying or not, and ImageBackingStore uses that parameter to disable rounding up.

        Adjusted the expectation for fast/images/animated-png.html, as it must pass now.

        * platform/graphics/Color.cpp:
        (WebCore::premultipliedChannel):
        (WebCore::makePremultipliedRGBA):
        * platform/graphics/Color.h:
        * platform/graphics/ImageBackingStore.h:
        (WebCore::ImageBackingStore::blendPixel):
        (WebCore::ImageBackingStore::pixelValue):

2017-04-09  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Add infrastructure to perform actions after an asynchronous position information request finishes
        https://bugs.webkit.org/show_bug.cgi?id=170658
        <rdar://problem/31431450>

        Reviewed by Tim Horton.

        Minor adjustments to fix the build in the newest version of the SDK.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard setItemsFromObjectRepresentations:]):
        (-[WebItemProviderPasteboard _tryToCreateAndAppendObjectOfClass:toArray:usingProvider:]):

2017-04-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        [WTF] Annotate Seconds' member functions and operators with constexpr
        https://bugs.webkit.org/show_bug.cgi?id=170662

        Reviewed by Daniel Bates.

        * page/Frame.cpp:

2017-04-09  Chris Dumez  <cdumez@apple.com>

        Drop Timer::startRepeating() overload taking a double
        https://bugs.webkit.org/show_bug.cgi?id=170656

        Reviewed by Yusuke Suzuki.

        Drop Timer::startRepeating() overload taking a double as people should use Seconds type now.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::startProducingData):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAppearance):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::startProgressEventTimer):
        (WebCore::HTMLMediaElement::scheduleTimeupdateEvent):
        * html/HTMLMediaElement.h:
        * html/MediaController.cpp:
        (MediaController::MediaController):
        (MediaController::scheduleTimeupdateEvent):
        * html/MediaController.h:
        * html/MediaElementSession.cpp:
        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::showPaintRect):
        * loader/ProgressTracker.cpp:
        * page/AutoscrollController.cpp:
        * page/Frame.cpp:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::startFadeAnimation):
        * page/SuspendableTimer.h:
        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::setTestCallbackAndStartNotificationTimer):
        * platform/Theme.h:
        (WebCore::Theme::caretBlinkInterval):
        * platform/Timer.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::startSnapRubberbandTimer):
        (WebCore::ScrollController::startScrollSnapTimer):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::scheduleCohortRemoval):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering):
        * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
        (WebCore::MockRealtimeAudioSourceMac::reconfigure):
        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::startProducingData):
        * platform/mock/MockRealtimeAudioSource.h:
        (WebCore::MockRealtimeAudioSource::renderInterval):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::startProducingData):
        (WebCore::MockRealtimeVideoSource::applyFrameRate):
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::start):
        (WebCore::RenderMarquee::updateMarqueeStyle):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::caretBlinkInterval):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::caretBlinkInterval):
        * rendering/RenderThemeGtk.h:
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::dispatchThrottledProgressEvent):
        * xml/XMLHttpRequestProgressEventThrottle.h:

2017-04-09  Fujii Hironori  <Hironori.Fujii@sony.com>

        generate-bindings-all.pl shouldn't use Perl threads
        https://bugs.webkit.org/show_bug.cgi?id=170106

        Reviewed by Yusuke Suzuki.

        The use of interpreter-based threads in Perl is officially
        discouraged and not all Linux distributions and BSD compile Perl
        with threads support. Use fork instead of threads to run
        generate-bindings.pl in parallel.

        * bindings/scripts/generate-bindings-all.pl:
        (spawnGenerateBindingsIfNeeded): Added.
        (executeCommand): Removed the workaround for Cygwin Perl threads.
        (spawnCommand): Added.
        (worker): Deleted.

2017-04-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(r214635): Calculate image subsampling only for CG
        https://bugs.webkit.org/show_bug.cgi?id=170353

        Reviewed by Simon Fraser.

        In r214635, we needed to calculate the image scaleFactor for all platforms.
        It was needed do the calculation: sizeForDrawing = sizeOfImage * imageScaleFactor.
        This made ImageSource::subsamplingLevelForScale() now returns a SubsamplingLevel
        not equal to SubsamplingLevel::Default if the image scaleFactor is greater
        than {1, 1} for all platforms. The subsamplingLevel should only be used for CG.
        
        This is also a chance to make nativeImageDrawingScale() a across platform
        function and move it to the GraphicsContext class.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw):
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::scaleFactorForDrawing):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::subsamplingLevelForScaleFactor):
        (WebCore::ImageSource::subsamplingLevelForScale): Deleted.
        * platform/graphics/ImageSource.h:
        * platform/graphics/NativeImage.h:
        * platform/graphics/cairo/NativeImageCairo.cpp:
        (WebCore::nativeImageDrawingScale): Deleted.
        * platform/graphics/cg/NativeImageCG.cpp:
        (WebCore::nativeImageDrawingScale): Deleted.
        * platform/graphics/win/NativeImageDirect2D.cpp:
        (WebCore::nativeImageDrawingScale): Deleted.

2017-04-09  Chris Dumez  <cdumez@apple.com>

        Start dropping Timer API dealing with double
        https://bugs.webkit.org/show_bug.cgi?id=170649

        Reviewed by Yusuke Suzuki.

        Start dropping Timer API dealing with double as people should use Seconds now.

        * Modules/encryptedmedia/legacy/WebKitMediaKeySession.cpp:
        (WebCore::WebKitMediaKeySession::generateKeyRequest):
        (WebCore::WebKitMediaKeySession::update):
        * Modules/geolocation/GeoNotifier.cpp:
        (WebCore::GeoNotifier::setFatalError):
        (WebCore::GeoNotifier::setUseCachedPosition):
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::resume):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::schedulePendingOperationTimer):
        (WebCore::IDBTransaction::scheduleCompletedOperationTimer):
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::rangeRemoval):
        (WebCore::SourceBuffer::appendBufferInternal):
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::scheduleActiveStateChange):
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::scheduleDispatchEvent):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::scheduleDispatchEvent):
        * Modules/notifications/Notification.cpp:
        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::requestPermission):
        * Modules/vibration/Vibration.cpp:
        (WebCore::Vibration::vibrate):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::resume):
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::resume):
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::postNotification):
        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectOnNextRunLoop):
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::beginLoadingFontSoon):
        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::updateFocusAppearanceSoon):
        (WebCore::Document::resumeScheduledTasks):
        (WebCore::Document::requestFullScreenForElement):
        (WebCore::Document::webkitDidEnterFullScreenForElement):
        (WebCore::Document::webkitDidExitFullScreenForElement):
        (WebCore::Document::decrementLoadEventDelayCount):
        (WebCore::Document::didAssociateFormControl):
        (WebCore::Document::setCachedDOMCookies):
        * dom/DocumentEventQueue.cpp:
        (WebCore::DocumentEventQueue::enqueueEvent):
        * dom/EventSender.h:
        (WebCore::EventSender<T>::dispatchEventSoon):
        * dom/Microtasks.cpp:
        (WebCore::MicrotaskQueue::append):
        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::resume):
        (WebCore::ScriptRunner::notifyFinished):
        * dom/ScriptableDocumentParser.cpp:
        (WebCore::ScriptableDocumentParser::executeScriptsWaitingForStylesheetsSoon):
        * editing/Editor.cpp:
        (WebCore::Editor::respondToChangedSelection):
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::didCheck):
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::finishRequestAutocomplete):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::scheduleDelayedAction):
        (WebCore::HTMLMediaElement::beginScanning):
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::setDisplayState):
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::scheduleErrorEvent):
        (WebCore::HTMLSourceElement::resume):
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::scheduleLoad):
        * html/MediaController.cpp:
        (MediaController::currentTime):
        (MediaController::scheduleEvent):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::mediaElementSawUnsupportedTracks):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::setMessage):
        (WebCore::ValidationMessage::requestToHideMessage):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::loseContextImpl):
        (WebCore::WebGLRenderingContextBase::forceRestoreContext):
        (WebCore::WebGLRenderingContextBase::dispatchContextLostEvent):
        * html/parser/HTMLParserScheduler.cpp:
        (WebCore::HTMLParserScheduler::continueNextChunkTimerFired):
        (WebCore::HTMLParserScheduler::scheduleForResume):
        (WebCore::HTMLParserScheduler::resume):
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::updateSizes):
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::scheduleLoad):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::ChangeRegionOversetTask::scheduleFor):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::RevalidateStyleAttributeTask::scheduleFor):
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorBackendDispatchTask::dispatch):
        (WebCore::InspectorBackendDispatchTask::timerFired):
        * inspector/WebHeapAgent.cpp:
        (WebCore::SendGarbageCollectionEventsTask::addGarbageCollection):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startDataLoadTimer):
        (WebCore::DocumentLoader::deliverSubstituteResourcesAfterDelay):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::startCheckCompleteTimer):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::updatedHasPendingEvent):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::notifyFinished):
        (WebCore::TextTrackLoader::newCuesParsed):
        (WebCore::TextTrackLoader::fileFailedToParse):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::scheduleReachedMaxAppCacheSizeCallback):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::Callback::Callback):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::loadDone):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneSoon):
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::notify):
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::setInterestedInCaptionPreferenceChanges):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessage):
        * page/DeviceController.cpp:
        (WebCore::DeviceController::addDeviceEventListener):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::scheduleHoverStateUpdate):
        * page/EventSource.cpp:
        (WebCore::EventSource::scheduleInitialConnect):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::performPostLayoutTasks):
        * page/Settings.cpp:
        (WebCore::Settings::setLoadsImagesAutomatically):
        (WebCore::Settings::setImagesEnabled):
        * page/SuspendableTimer.h:
        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::startUpdateStyleIfNeededDispatcher):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::invalidateHighlightsOfType):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll):
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        (WebCore::ScrollingCoordinatorIOS::scheduleTreeStateCommit):
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
        * platform/GenericTaskQueue.cpp:
        (WebCore::TaskDispatcher<Timer>::postTask):
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::autoscrollPressedPart):
        (WebCore::Scrollbar::startTimerIfNeeded):
        * platform/Scrollbar.h:
        * platform/ScrollbarTheme.h:
        (WebCore::ScrollbarTheme::initialAutoscrollTimerDelay):
        (WebCore::ScrollbarTheme::autoscrollTimerDelay):
        * platform/Timer.cpp:
        * platform/Timer.h:
        (WebCore::TimerBase::startRepeating):
        (WebCore::TimerBase::startOneShot):
        (WebCore::TimerBase::augmentFireInterval):
        (WebCore::TimerBase::augmentRepeatInterval):
        * platform/gamepad/mac/HIDGamepadProvider.cpp:
        (WebCore::HIDGamepadProvider::deviceAdded):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::networkStateChanged):
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
        (WebCore::MediaSelectionGroupAVFObjC::setSelectedOption):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekWithTolerance):
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::setNeedsUpdate):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (VideoRenderRequestScheduler::requestRender):
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::scheduleUpdateOnCompositorThread):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::addAnimation):
        * platform/gtk/ScrollAnimatorGtk.cpp:
        (WebCore::ScrollAnimatorGtk::showOverlayScrollbars):
        * platform/gtk/ScrollbarThemeGtk.h:
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::finishedCreatingTiles):
        (WebCore::LegacyTileCache::setSpeculativeTileCreationEnabled):
        * platform/ios/ScrollbarThemeIOS.h:
        * platform/ios/ScrollbarThemeIOS.mm:
        (WebCore::ScrollbarThemeIOS::initialAutoscrollTimerDelay):
        (WebCore::ScrollbarThemeIOS::autoscrollTimerDelay):
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledSoon):
        * platform/mac/ScrollbarThemeMac.h:
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::preferencesChanged):
        (WebCore::ScrollbarThemeMac::initialAutoscrollTimerDelay):
        (WebCore::ScrollbarThemeMac::autoscrollTimerDelay):
        * platform/mock/DeviceOrientationClientMock.cpp:
        (WebCore::DeviceOrientationClientMock::setOrientation):
        * platform/mock/GeolocationClientMock.cpp:
        (WebCore::GeolocationClientMock::asyncUpdatePermission):
        (WebCore::GeolocationClientMock::asyncUpdateController):
        * platform/mock/MockMediaEndpoint.cpp:
        (WebCore::MockMediaEndpoint::dispatchFakeIceCandidates):
        (WebCore::MockMediaEndpoint::iceCandidateTimerFired):
        (WebCore::MockMediaEndpoint::stepIceTransportStates):
        (WebCore::MockMediaEndpoint::iceTransportTimerFired):
        (WebCore::MockMediaEndpoint::unmuteRemoteSourcesByMid):
        (WebCore::MockMediaEndpoint::unmuteTimerFired):
        * platform/network/DataURLDecoder.cpp:
        (WebCore::DataURLDecoder::DecodingResultDispatcher::startTimer):
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::scheduleFailure):
        (WebCore::ResourceHandle::setDefersLoading):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::scheduleCompositingLayerUpdate):
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::dispatchRegionOversetChangeEventIfNeeded):
        * rendering/RenderScrollbarTheme.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::scheduleLazyRepaint):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::scheduleUpdate):
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::sendSVGLoadEventIfPossibleAsynchronously):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::prepareToSend):
        (WebCore::XMLHttpRequest::didFail):
        (WebCore::XMLHttpRequest::resume):
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::resume):

2017-04-08  Myles C. Maxfield  <mmaxfield@apple.com>

        [Variation Fonts] Width values of GX fonts are not mapped correctly
        https://bugs.webkit.org/show_bug.cgi?id=170367

        Reviewed by Simon Fraser.

        For some reason, when I performed my calculations for how to map the 'wdth' axis of GX-style
        variation fonts, I thought that font-stretch: 100% should map to a variation value of 0.0.
        Instead, this should map to 1.0.

        Test: fast/text/variations/gx-width.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::denormalizeSlope):
        (WebCore::denormalizeVariationWidth):
        (WebCore::normalizeVariationWidth):
        (WebCore::normalizeWidth):
        (WebCore::preparePlatformFont):
        (WebCore::variationCapabilitiesForFontDescriptor):
        (WebCore::denormalizeWidth): Deleted.

2017-04-08  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream Mac] Revert change of Mac video capture format
        https://bugs.webkit.org/show_bug.cgi?id=170642
        <rdar://problem/31520492>

        Reviewed by Sam Weinig.

        Revert r214968 which changed macOS video capture format to kCVPixelFormatType_420YpCbCr8BiPlanarFullRange
        from kCVPixelFormatType_420YpCbCr8Planar because AVSampleBufferDisplayLayer sometimes fails
        to display the former.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:

2017-04-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        A synchronous DecodingOptions should be compatible with any asynchronous sizeForDrawing DecodingOptions
        https://bugs.webkit.org/show_bug.cgi?id=170577

        Reviewed by Simon Fraser.

        Once a synchronous decoded frame is found, there is no need to decode it
        again. This decoded frame is suitable for any sizeForDrawing. This will
        prevent double decoding if one image client wants synchronous decoded
        frame while the other needs an asynchronous decode frame for a specific
        sizeForDrawing.

        Test: fast/images/async-image-background-image-repeated.html

        * platform/graphics/DecodingOptions.h:
        (WebCore::DecodingOptions::DecodingOptions):
        (WebCore::DecodingOptions::isNone):
        (WebCore::DecodingOptions::isAsynchronousCompatibleWith):

2017-04-08  Simon Fraser  <simon.fraser@apple.com>

        Align the timers for throttled rAF to reduce power usage
        https://bugs.webkit.org/show_bug.cgi?id=170630
        rdar://problem/31490620

        Reviewed by Chris Dumez.

        Align the timers for all throttled ScriptedAnimationControllers in the process with
        a resolution of 30ms, which reduces process wake-ups and thus saves power.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::scheduleAnimation):

2017-04-08  Chris Dumez  <cdumez@apple.com>

        Drop std::chrono support from Timer class
        https://bugs.webkit.org/show_bug.cgi?id=170645

        Reviewed by Sam Weinig.

        Drop std::chrono support from Timer class now that we prefer using Seconds type.

        * css/CSSImageGeneratorValue.cpp:
        * html/HTMLPlugInImageElement.cpp:
        * html/canvas/WebGLRenderingContextBase.cpp:
        * loader/cache/CachedResource.cpp:
        (WebCore::deadDecodedDataDeletionIntervalForResourceType):
        (WebCore::CachedResource::destroyDecodedDataIfNeeded):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::MemoryCache):
        * loader/cache/MemoryCache.h:
        (WebCore::MemoryCache::setDeadDecodedDataDeletionInterval):
        (WebCore::MemoryCache::deadDecodedDataDeletionInterval):
        * page/PerformanceMonitor.cpp:
        * page/SuspendableTimer.h:
        * page/mac/ServicesOverlayController.h:
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::selectionRectsDidChange):
        (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown):
        (WebCore::ServicesOverlayController::determineActiveHighlight):
        (WebCore::ServicesOverlayController::mouseEvent):
        * platform/Timer.h:
        (WebCore::TimerBase::startRepeating):
        (WebCore::TimerBase::startOneShot):
        (WebCore::TimerBase::augmentFireInterval):
        (WebCore::TimerBase::augmentRepeatInterval):
        (WebCore::DeferrableOneShotTimer::DeferrableOneShotTimer):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::fontForFamily):
        * platform/graphics/ca/TileController.cpp:
        * platform/graphics/cg/IOSurfacePool.cpp:
        * platform/graphics/cg/SubimageCacheWithTimer.cpp:
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::setTimeout):
        (WebCore::XMLHttpRequest::createRequest):
        * xml/XMLHttpRequest.h:

2017-04-08  Simon Fraser  <simon.fraser@apple.com>

        Update CSSProperties.json with correct fill-and-stroke status, and other cleanup
        https://bugs.webkit.org/show_bug.cgi?id=170643

        Reviewed by Chris Dumez.

        Structural changes:
            - move implementation-related "comment" blocks into "codegen-properties"
            - move status-related "comment" blocks into "status"
        
        Add the concept of "obsolete-category" and "obsolete-url" for properties
        like the text-fill-and-stroke properties that used to be specified in SVG but
        now have their own module shared with CSS.
        
        Update the status of paint-order, stroke-linecap, stroke-linejoin, stroke-miterlimit
        and stroke-width to "supported", overriding the default for css-text-fill-and-stroke which
        is "under consideration".
        
        Add display values "flow" and "flow-root" but mark them as unimplemented.
        
        Fix makeprop.pl to ignore comments inside codegen-properties.

        * css/CSSProperties.json:
        * css/makeprop.pl:
        (addProperty):

2017-04-08  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream iOS] Update muted state when interrupted
        https://bugs.webkit.org/show_bug.cgi?id=170605
        <rdar://problem/31503896>

        Reviewed by Youenn Fablet.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setMuted): Don't check both m_stopped and stopped(). Split code
        to  notify observers out into notifyMutedObservers.
        (WebCore::RealtimeMediaSource::notifyMutedObservers): Split from setMuted.
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mediastream/mac/AVMediaCaptureSource.h:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::captureSessionIsRunningDidChange): Set m_muted directly and 
        call notifyMutedObservers because the session has already stopped running.
        (WebCore::AVMediaCaptureSource::isProducingData): Move from .h file to make debugging easier.

2017-04-08  Simon Fraser  <simon.fraser@apple.com>

        Unprefix CSS cursor values grab and grabbing
        https://bugs.webkit.org/show_bug.cgi?id=170543

        Reviewed by Jon Lee.

        Add support for unprefixed "grab" and "grabbing" values for cursor (retaining
        support for the prefixed values) which are now in <https://drafts.csswg.org/css-ui-3/#cursor>

        Canonicalize the order of the values based on the order in the spec in the enums
        and switch statements.

        Tested by fast/css/cursor-parsing.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator ECursor):
        * css/CSSProperties.json:
        * css/CSSValueKeywords.in:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectCursor):
        * rendering/style/RenderStyleConstants.h:

2017-04-08  Youenn Fablet  <youenn@apple.com>

        WebRTC tests gardening
        https://bugs.webkit.org/show_bug.cgi?id=170508

        Reviewed by Eric Carlson.

        * Configurations/FeatureDefines.xcconfig: Changing webrtc enabling for ios.

2017-04-08  Youenn Fablet  <youenn@apple.com>

        MediaStreamTrack id should be preserved by PeerConnection
        https://bugs.webkit.org/show_bug.cgi?id=170624

        Reviewed by Eric Carlson.

        Covered by updated test.

        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::createReceiverForSource): Setting track id according source id.

2017-04-08  Chris Dumez  <cdumez@apple.com>

        Timer's nextFireInterval() / repeatInterval() should return Seconds
        https://bugs.webkit.org/show_bug.cgi?id=170639

        Reviewed by Simon Fraser.

        Timer's nextFireInterval() / repeatInterval() should return Seconds, not double.

        * loader/NavigationScheduler.cpp:
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateTimerIntervalIfNecessary):
        * page/SuspendableTimer.cpp:
        (WebCore::SuspendableTimer::suspend):
        (WebCore::SuspendableTimer::repeatInterval):
        * page/SuspendableTimer.h:
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::timeToNextService):
        (WebCore::AnimationBase::getTimeToNextEvent):
        (WebCore::AnimationBase::goIntoEndingOrLoopingState):
        * page/animation/AnimationBase.h:
        * page/animation/CSSAnimationController.cpp:
        (WebCore::CSSAnimationControllerPrivate::updateAnimations):
        (WebCore::CSSAnimationControllerPrivate::updateAnimationTimerForRenderer):
        (WebCore::CSSAnimationControllerPrivate::updateAnimationTimer):
        (WebCore::CSSAnimationControllerPrivate::animationFrameCallbackFired):
        * page/animation/CSSAnimationControllerPrivate.h:
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::timeToNextService):
        * page/animation/CompositeAnimation.h:
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::timeToNextService):
        * page/animation/ImplicitAnimation.h:
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::timeToNextService):
        * page/animation/KeyframeAnimation.h:
        * platform/ThreadTimers.cpp:
        (WebCore::ThreadTimers::sharedTimerFiredInternal):
        * platform/Timer.cpp:
        (WebCore::TimerBase::nextFireInterval):
        * platform/Timer.h:
        (WebCore::TimerBase::repeatInterval):
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::setIsInWindow):
        (WebCore::TileController::scheduleTileRevalidation):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::revalidateTiles):

2017-04-08  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed Mac cmake buildfix after r215051, just for fun.
        https://bugs.webkit.org/show_bug.cgi?id=169761

        * PlatformMac.cmake:

2017-04-07  Simon Fraser  <simon.fraser@apple.com>

        Build fix: TimerBase::start(double, double) can't be inline and exported,
        so make it non-inline.

        * platform/Timer.cpp:
        (WebCore::TimerBase::start):
        * platform/Timer.h:
        (WebCore::TimerBase::start): Deleted.

2017-04-07  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r203941): iAd Producer widgets fail to play in iBooks
        https://bugs.webkit.org/show_bug.cgi?id=170635
        <rdar://problem/30797958>

        Reviewed by Daniel Bates.

        Extend the MouseEvent::initMouseEvent() workaround we added for iAd Producer
        to iBooks since the iBooks widgets generated by iAd Producer contain the same
        bug.

        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::initMouseEventQuirk):

2017-04-07  Chris Dumez  <cdumez@apple.com>

        Start using MonotonicTime / Seconds in Timer class
        https://bugs.webkit.org/show_bug.cgi?id=170625

        Reviewed by Simon Fraser.

        Start using MonotonicTime / Seconds in Timer class. More work will be needed
        for the transition to be complete. I plan to do this in a follow-up.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::alignedFireTime):
        * page/DOMTimer.h:
        * page/SuspendableTimer.cpp:
        (WebCore::SuspendableTimer::suspend):
        (WebCore::SuspendableTimer::startRepeating):
        (WebCore::SuspendableTimer::startOneShot):
        (WebCore::SuspendableTimer::repeatInterval):
        (WebCore::SuspendableTimer::augmentFireInterval):
        (WebCore::SuspendableTimer::augmentRepeatInterval):
        * page/SuspendableTimer.h:
        (WebCore::SuspendableTimer::startRepeating):
        (WebCore::SuspendableTimer::startOneShot):
        (WebCore::SuspendableTimer::augmentFireInterval):
        (WebCore::SuspendableTimer::augmentRepeatInterval):
        * platform/ThreadTimers.cpp:
        (WebCore::ThreadTimers::ThreadTimers):
        (WebCore::ThreadTimers::setSharedTimer):
        (WebCore::ThreadTimers::updateSharedTimer):
        (WebCore::ThreadTimers::sharedTimerFiredInternal):
        (WebCore::ThreadTimers::fireTimersInNestedEventLoop):
        * platform/ThreadTimers.h:
        * platform/Timer.cpp:
        (WebCore::TimerHeapLessThanFunction::operator()):
        (WebCore::TimerBase::TimerBase):
        (WebCore::TimerBase::start):
        (WebCore::TimerBase::stop):
        (WebCore::TimerBase::nextFireInterval):
        (WebCore::TimerBase::heapPop):
        (WebCore::TimerBase::updateHeapIfNeeded):
        (WebCore::TimerBase::setNextFireTime):
        (WebCore::TimerBase::nextUnalignedFireInterval):
        * platform/Timer.h:
        (WebCore::TimerBase::start):
        (WebCore::TimerBase::startOneShot):
        (WebCore::TimerBase::repeatInterval):
        (WebCore::TimerBase::repeatIntervalSeconds):
        (WebCore::TimerBase::augmentFireInterval):
        (WebCore::TimerBase::augmentRepeatInterval):
        (WebCore::TimerBase::alignedFireTime):
        (WebCore::TimerBase::isActive):
        * testing/Internals.cpp:
        (WebCore::Internals::isTimerThrottled):

2017-04-07  Yuichiro Kikura  <y.kikura@gmail.com>

        WebGPU: implement ComputeCommandEncoder and related components
        https://bugs.webkit.org/show_bug.cgi?id=170444

        Reviewed by Alex Christensen.

        I implemented WebGPUComputeCommandEncoder and related components based on the WebGPU proposal.
        https://webkit.org/wp-content/uploads/webgpu-api-proposal.html

        Test: fast/canvas/webgpu/webgpu-dispatch.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSWebGPUCommandBufferCustom.cpp: Added.
        (WebCore::JSWebGPUCommandBuffer::completed):
        * html/canvas/WebGPUCommandBuffer.cpp:
        (WebCore::WebGPUCommandBuffer::createComputeCommandEncoder):
        * html/canvas/WebGPUCommandBuffer.h:
        * html/canvas/WebGPUCommandBuffer.idl:
        * html/canvas/WebGPUComputeCommandEncoder.cpp: Added.
        (WebCore::GPUSizeMake):
        (WebCore::WebGPUComputeCommandEncoder::create):
        (WebCore::WebGPUComputeCommandEncoder::WebGPUComputeCommandEncoder):
        (WebCore::WebGPUComputeCommandEncoder::~WebGPUComputeCommandEncoder):
        (WebCore::WebGPUComputeCommandEncoder::setComputePipelineState):
        (WebCore::WebGPUComputeCommandEncoder::setBuffer):
        (WebCore::WebGPUComputeCommandEncoder::dispatch):
        (WebCore::WebGPUComputeCommandEncoder::endEncoding):
        * html/canvas/WebGPUComputeCommandEncoder.h: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.h.
        (WebCore::WebGPUComputeCommandEncoder::computeCommandEncoder):
        * html/canvas/WebGPUComputeCommandEncoder.idl: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.
        * html/canvas/WebGPUComputePipelineState.cpp: Copied from Source/WebCore/platform/graphics/gpu/GPUCommandBuffer.cpp.
        (WebCore::WebGPUComputePipelineState::create):
        (WebCore::WebGPUComputePipelineState::WebGPUComputePipelineState):
        (WebCore::WebGPUComputePipelineState::~WebGPUComputePipelineState):
        * html/canvas/WebGPUComputePipelineState.h: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.h.
        (WebCore::WebGPUComputePipelineState::computePipelineState):
        * html/canvas/WebGPUComputePipelineState.idl: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.
        * html/canvas/WebGPURenderingContext.cpp:
        (WebCore::WebGPURenderingContext::createComputePipelineState):
        * html/canvas/WebGPURenderingContext.h:
        * html/canvas/WebGPURenderingContext.idl:
        * html/canvas/WebGPUSize.h: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.
        * html/canvas/WebGPUSize.idl: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.
        * platform/graphics/cocoa/GPUCommandBufferMetal.mm:
        (WebCore::GPUCommandBuffer::completed):
        * platform/graphics/cocoa/GPUComputeCommandEncoderMetal.mm: Added.
        (WebCore::MTLSizeMake):
        (WebCore::GPUComputeCommandEncoder::GPUComputeCommandEncoder):
        (WebCore::GPUComputeCommandEncoder::setComputePipelineState):
        (WebCore::GPUComputeCommandEncoder::setBuffer):
        (WebCore::GPUComputeCommandEncoder::dispatch):
        (WebCore::GPUComputeCommandEncoder::endEncoding):
        (WebCore::GPUComputeCommandEncoder::platformComputeCommandEncoder):
        * platform/graphics/cocoa/GPUComputePipelineStateMetal.mm: Copied from Source/WebCore/platform/graphics/gpu/GPUCommandBuffer.cpp.
        (WebCore::GPUComputePipelineState::GPUComputePipelineState):
        (WebCore::GPUComputePipelineState::platformComputePipelineState):
        * platform/graphics/gpu/GPUCommandBuffer.cpp:
        (WebCore::GPUCommandBuffer::createComputeCommandEncoder):
        * platform/graphics/gpu/GPUCommandBuffer.h:
        * platform/graphics/gpu/GPUComputeCommandEncoder.cpp: Copied from Source/WebCore/platform/graphics/gpu/GPUCommandBuffer.cpp.
        (WebCore::GPUComputeCommandEncoder::create):
        (WebCore::GPUComputeCommandEncoder::~GPUComputeCommandEncoder):
        (WebCore::GPUComputeCommandEncoder::setComputePipelineState):
        (WebCore::GPUComputeCommandEncoder::setBuffer):
        (WebCore::GPUComputeCommandEncoder::endEncoding):
        * platform/graphics/gpu/GPUComputeCommandEncoder.h: Copied from Source/WebCore/platform/graphics/gpu/GPUCommandBuffer.h.
        * platform/graphics/gpu/GPUComputePipelineState.cpp: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.
        (WebCore::GPUComputePipelineState::create):
        (WebCore::GPUComputePipelineState::~GPUComputePipelineState):
        * platform/graphics/gpu/GPUComputePipelineState.h: Copied from Source/WebCore/platform/graphics/gpu/GPUCommandBuffer.h.
        * platform/graphics/gpu/GPUSize.h: Copied from Source/WebCore/html/canvas/WebGPUCommandBuffer.idl.

2017-04-07  Alex Christensen  <achristensen@webkit.org>

        Private browsing sessions should not look in keychain for client certificates
        https://bugs.webkit.org/show_bug.cgi?id=170618
        <rdar://problem/18457427>

        Reviewed by Dan Bernstein.

        Our client certificate testing in WebKit leaves much to be desired.
        See rdar://problem/17694210 for reproduction steps.

        * platform/spi/cf/CFNetworkSPI.h:
        Add some new SPI.

2017-04-07  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: FlowContents::segmentIndexForRunSlow skips empty runs.
        https://bugs.webkit.org/show_bug.cgi?id=170552

        Reviewed by Antti Koivisto.

        The compare function passed to std::lower_bound completely misses empty runs. 

        Test: fast/text/simple-line-layout-hover-over-subsequent-linebreaks.html

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForRunSlow):

2017-04-07  Chris Dumez  <cdumez@apple.com>

        We should log how much CPU a background process was using when killing it due to CPU limiting
        https://bugs.webkit.org/show_bug.cgi?id=170619

        Reviewed by Andreas Kling.

        CPUMonitor now passes the CPU usage to the callback when it exceeds the threashold.

        * platform/CPUMonitor.cpp:
        (WebCore::CPUMonitor::timerFired):
        * platform/CPUMonitor.h:

2017-04-07  Chris Dumez  <cdumez@apple.com>

        Audible autoplay videos should not get paused when outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=170610
        <rdar://problem/31505984>

        Reviewed by Eric Carlson.

        Audible autoplay videos should not get paused when outside the viewport as this
        would be observable by the user.

        Test: media/video-restricted-invisible-autoplay-allowed-if-audible.html

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::autoplayPermitted):

2017-04-07  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r211382): Complex text with justification erroneously overflows containers
        https://bugs.webkit.org/show_bug.cgi?id=170399
        <rdar://problem/31442008>

        Reviewed by Simon Fraser.

        When we perform justification, we adjust glyphs' advances to add extra space between words.
        ComplexTextController maintains an invariant where m_totalWidth is equal to the sum of these
        advances. However, in RTL text, inserting extra justification space to the left of a glyph
        would break that invariant, and would increase the advances of two glyphs instead of just
        one. Then, when we go to draw the text, the sum of the advances is wider than m_totalWidth,
        which means the glyphs would be drawn outside of their container.

        This regressed in r211382 simply because of an oversight and because there were no tests for
        this codepath.

        Test: ComplexTextControllerTest.TotalWidthWithJustification

        * platform/graphics/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * rendering/InlineBox.h:
        (WebCore::InlineBox::InlineBox):

2017-04-07  Chris Dumez  <cdumez@apple.com>

        Throttle / Align DOM Timers in cross-origin iframes to 30fps
        https://bugs.webkit.org/show_bug.cgi?id=170613
        <rdar://problem/31506444>

        Reviewed by Simon Fraser.

        Throttle / Align DOM Timers in cross-origin iframes to 30fps unless the user
        has interacted with them, in order to reduce power use.

        Test: http/tests/frame-throttling/timer-throttle-in-cross-origin-subframe.html

        * dom/Document.cpp:
        (WebCore::Document::domTimerAlignmentInterval):
        (WebCore::Document::updateLastHandledUserGestureTimestamp):
        * page/DOMTimer.h:

2017-04-07  John Wilander  <wilander@apple.com>

        Follow-up fix for Soup platform.
        https://bugs.webkit.org/show_bug.cgi?id=170322

        Unreviewed build fix. Error introduced by me in
        https://trac.webkit.org/changeset/215104/webkit.

        No new tests.

        * platform/network/soup/SocketStreamHandleImpl.h:
            Move parameter change to the right
            SocketStreamHandleImpl::create() function.

2017-04-07  John Wilander  <wilander@apple.com>

        WebSocket streams should have network usage attributed to correct process
        https://bugs.webkit.org/show_bug.cgi?id=170322
        <rdar://problem/26413551>

        Reviewed by Alex Christensen.

        Tested manually since it requires a per-app VPN.

        * page/SocketProvider.cpp:
        (WebCore::SocketProvider::createSocketStreamHandle):
            Sends in an empty struct since it doesn't have access to
            platform dependent sourceApplicationAuditData.
        * platform/network/SocketStreamHandle.h:
            Declaration of a per-platform struct to hold CF data for
            Cocoa platforms.
        * platform/network/cf/SocketStreamHandleImpl.h:
        (WebCore::SocketStreamHandleImpl::create):
            Now takes WebCore::SourceApplicationAuditToken which is
            passed on to the constructor.
        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::SocketStreamHandleImpl::SocketStreamHandleImpl):
            Now takes WebCore::SourceApplicationAuditToken which is
            passed on to the streams once created.
        (WebCore::SocketStreamHandleImpl::createStreams):
            Now sets kCFStreamPropertySourceApplication for the two
            streams.
        * platform/network/curl/SocketStreamHandleImpl.h:
        (WebCore::SocketStreamHandleImpl::create):
            Added unused WebCore::SourceApplicationAuditToken parameter.
        * platform/network/soup/SocketStreamHandleImpl.h:
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::SocketStreamHandleImpl::create):
            Added unused WebCore::SourceApplicationAuditToken parameter.

2017-04-07  Alex Christensen  <achristensen@webkit.org>

        REGRESSION(r204512): WebSocket errors with "Failed to send WebSocket frame."  if too much data is sent
        https://bugs.webkit.org/show_bug.cgi?id=170463

        Reviewed by Michael Catanzaro.

        This only reproduces when using WebSockets to communicate with an external server.
        When communicating with a local server, CFWriteStreamWrite succeeds too reliably, so
        CFWriteStreamCanAcceptBytes returns true, when sometimes it doesn't when communicating
        across the real internet.

        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::SocketStreamHandleImpl::platformSendInternal):
        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
        (WebCore::SocketStreamHandleImpl::platformSendInternal):
        Returning std::nullopt means there was an error, which is not true when the socket stream
        is in a state where it cannot be written to because it is actively communicating.
        Returning 0 means 0 new bytes were sent, so we will try again later.

2017-04-07  Eric Carlson  <eric.carlson@apple.com>

        MediaSample should store video sample rotation instead of orientation
        https://bugs.webkit.org/show_bug.cgi?id=170598

        Reviewed by Youenn Fablet.

        No new tests, no functional change.

        * platform/MediaSample.h:
        (WebCore::MediaSample::videoRotation):
        (WebCore::MediaSample::videoOrientation): Deleted.
        * platform/graphics/avfoundation/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::videoTransformationMatrix):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayLayer):

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::processNewFrame):

        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::OnFrame):
        (WebCore::RealtimeIncomingVideoSource::processNewSample):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:

        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::videoSampleAvailable):

2017-04-07  Brent Fulgham  <bfulgham@apple.com>

        WebKit should percent encode single quotes in query strings
        https://bugs.webkit.org/show_bug.cgi?id=170561
        <rdar://problem/7415154>

        Reviewed by Alex Christensen.

        Modify the characterClassTable to instruct the URLParser to convert
        the single-quote character ' to %27 in URL query strings.

        Tests: URLParserTest in TestWebKitAPI.
            fast/events/popup-blocked-from-unique-frame-via-window-open-named-sibling-frame.html
            fast/frames/xss-auditor-handles-file-urls.html
            http/tests/security/xssAuditor

        * platform/URLParser.cpp:

2017-04-07  Zalan Bujtas  <zalan@apple.com>

        Text insertion cursor disappears after pressing enter
        https://bugs.webkit.org/show_bug.cgi?id=169291
        <rdar://problem/30899611>

        Reviewed by Tim Horton.

        Positon upstream/downstream (as the result of VisiblePosition -> canonicalPosition) require
        linebox tree. In addition to regular text, we need to bail out of simple line layout on line breaks too.

        Test: editing/simple-line-layout-caret-is-gone.html

        * dom/Position.cpp:
        (WebCore::ensureLineBoxesIfNeeded):
        (WebCore::Position::upstream):
        (WebCore::Position::downstream):
        (WebCore::Position::getInlineBoxAndOffset):
        * rendering/RenderLineBreak.cpp:
        (WebCore::RenderLineBreak::ensureLineBoxes):
        (WebCore::RenderLineBreak::positionForPoint):
        (WebCore::RenderLineBreak::setSelectionState):
        (WebCore::RenderLineBreak::collectSelectionRects):
        (WebCore::ensureLineBoxes): Deleted.
        * rendering/RenderLineBreak.h:

2017-04-07  Xan Lopez  <xlopez@igalia.com>

        [GTK] Fix codec name in OWR ASSERT
        https://bugs.webkit.org/show_bug.cgi?id=170600

        Reviewed by Carlos Garcia Campos.

        * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp:
        (WebCore::MediaEndpointOwr::prepareMediaSession): uppercase the
        codec name we are looking for, that's how they appear in the
        vector.

2017-04-07  Per Arne Vollan  <pvollan@apple.com>

        Add hasVideo property to WebAVPlayerController.
        https://bugs.webkit.org/show_bug.cgi?id=170545
        rdar://problem/31325182

        Reviewed by Eric Carlson.

        Add a new "hasVideo" property which can be used to discover if any video content is present in the playback item,
        whether video content is currently enabled or not.

        * platform/ios/WebAVPlayerController.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::hasVideoChanged):

2017-04-07  Miguel Gomez  <magomez@igalia.com>

        [GTK+] Animations not played properly when using synchronous decoding
        https://bugs.webkit.org/show_bug.cgi?id=170591

        Reviewed by Carlos Garcia Campos.

        Fix an index error when destroying decoded frames that was sometimes deleting the frame we wanted
        to keep.

        Covered by exitent tests.

        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::destroyDecodedData):

2017-04-07  Xan Lopez  <xan@igalia.com>

        [GTK] Add message about missing codecs to ASSERT in OWR
        https://bugs.webkit.org/show_bug.cgi?id=170596

        Reviewed by Carlos Garcia Campos.

        * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp:
        (WebCore::MediaEndpointOwr::prepareMediaSession): add a message
        about the missing coded to the ASSERT.

2017-04-07  Tomas Popela  <tpopela@redhat.com>

        AX: Don't crash if no renderer is available for AccessibilityRenderObject
        https://bugs.webkit.org/show_bug.cgi?id=170448

        Reviewed by Chris Fleizach.

        Don't crash or assert if no renderer is available, but early return
        gracefully (as in other places in the AccessibilityRenderObject.cpp).
        Spotted by running some tests through dogtail.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::isOffScreen):
        (WebCore::AccessibilityRenderObject::isUnvisited):
        (WebCore::AccessibilityRenderObject::isVisited):

2017-04-07  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Update the priorities used in glib main loop sources
        https://bugs.webkit.org/show_bug.cgi?id=170457

        Reviewed by Žan Doberšek.

        * platform/glib/MainThreadSharedTimerGLib.cpp:
        (WebCore::MainThreadSharedTimer::MainThreadSharedTimer):
        * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
        (WebCore::TextureMapperPlatformLayerProxy::TextureMapperPlatformLayerProxy):
        (WebCore::TextureMapperPlatformLayerProxy::activateOnCompositingThread):

2017-04-07  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement AES_CBC support
        https://bugs.webkit.org/show_bug.cgi?id=170550

        Reviewed by Michael Catanzaro.

        Implement the CryptoAlgorithmAES_CBC::platform{Encrypt,Decrypt}
        functionality for configurations that use libgcrypt. This is done
        by leveraging the gcry_cipher_* APIs for the AES algorithm that's
        deduced appropriately from the key size and the CBC cipher mode.
        Additionally, the PKCS#7 padding is implemented for each operation,
        as demanded by the Web Crypto specification.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to missing platform-specific SUBTLE_CRYPTO implementations.

        * crypto/gcrypt/CryptoAlgorithmAES_CBCGCrypt.cpp:
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        (WebCore::CryptoAlgorithmAES_CBC::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CBC::platformDecrypt):

2017-04-07  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement raw and JWK imports and exports for EC keys
        https://bugs.webkit.org/show_bug.cgi?id=170546

        Reviewed by Michael Catanzaro.

        Implement import and export operations for EC keys, covering the raw
        and JWK import/export types.

        CryptoKeyEC::platformImportRaw() builds a public-key s-expression,
        providing the curve name and the key data, and yields the gcry_sexp_t
        object to the new CryptoKeyEC.

        CryptoKeyEC::platformImportJWKPublic() first constructs a Vector<uint8_t>
        object that contains the EC point in the uncompressed format. It then
        puts that data into a newly-constructed public-key s-expression that is
        then used to construct the new CryptoKeyEC object.

        CryptoKeyEC::platformImportJWKPrivate() constructs the EC point data just
        the same, but it also lays out the private key field element data into
        the private-key s-expression that's then handed off to the CryptoKeyEC
        object.

        CryptoKeyEC::platformExportRaw() constructs a new EC operations context
        and then uses it to retrieve the q parameter as an MPI. A Vector<uint8_t>
        is retrieved from the MPI data through the extractMPIData() helper
        function.

        CryptoKeyEC::platformAddFieldElements() similarly uses the EC operations
        context to retrieve the q parameter data, which it then splits into the
        x and y field elements and Base64 URL-encodes them into a form that can
        be placed in a JsonWebKey. If the key is private, the d parameter is
        retrieved in the same fashion and again Base64 URL-encoded and stored
        in the JsonWebKey object.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::uncompressedPointSizeForCurve):
        (WebCore::uncompressedFieldElementSizeForCurve):
        (WebCore::extractMPIData):
        (WebCore::CryptoKeyEC::platformImportRaw):
        (WebCore::CryptoKeyEC::platformImportJWKPublic):
        (WebCore::CryptoKeyEC::platformImportJWKPrivate):
        (WebCore::CryptoKeyEC::platformExportRaw):
        (WebCore::CryptoKeyEC::platformAddFieldElements):

2017-04-07  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyRSA::generatePair()
        https://bugs.webkit.org/show_bug.cgi?id=170350

        Reviewed by Michael Catanzaro.

        Start implementing the libgcrypt-based platform bits of CryptoKeyRSA.

        Implement generatePair() by constructing a genkey s-expression
        that requests a generation of an RSA key that should use a modulus
        of the specified bit-length and the specified exponent. The exponent
        is extracted from an uint8_t array through a helper function. The
        modulus length value is checked to be at least 16, since libgcrypt
        does not support generating primes of less than that length in bits.

        The returned s-expression upon request will contain the data for
        both the public and the private key. gcry_sexp_t handles representing
        those s-expressions are then passed to CryptoKeyRSA::create() before
        invoking the success callback with a new CryptoKeyPair object in a
        separate ScriptExecutionContext task.

        The CryptoKeyRSA constructor simply has the notImplemented() call
        removed. The destructor now invokes the HandleDeleter<gcry_sexp_t>
        object instance to destroy the object represented by the
        m_platformKey handle.

        The methods in CryptoKeyRSA.cpp are also reordered to follow the
        declaration order used in the header.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp:
        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
        (WebCore::CryptoKeyRSA::~CryptoKeyRSA):
        (WebCore::exponentVectorToUInt32):
        (WebCore::CryptoKeyRSA::generatePair):
        (WebCore::CryptoKeyRSA::importSpki):
        (WebCore::CryptoKeyRSA::importPkcs8):
        (WebCore::CryptoKeyRSA::exportPkcs8):
        (WebCore::CryptoKeyRSA::buildAlgorithm):
        (WebCore::CryptoKeyRSA::exportData):
        * crypto/keys/CryptoKeyRSA.h:

2017-04-06  Youenn Fablet  <youenn@apple.com>

        [Debug] ASSERT(!throwScope.exception()) on imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-status-worker.html
        https://bugs.webkit.org/show_bug.cgi?id=170395
        <rdar://problem/31394017>

        Reviewed by Mark Lam.

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredPromise::reject): Exiting early in case of scope having an exception.
        Adding an assertion to ensure this is a worker termination exception.

2017-04-06  Andreas Kling  <akling@apple.com>

        Inaudible background tabs should become eligible for memory kill after 8 minutes
        https://bugs.webkit.org/show_bug.cgi?id=170574
        <rdar://problem/31488686>

        Reviewed by Gavin Barraclough.

        Lower the delay for potentially marking background tabs as inactive from 60 minutes to 8 minutes.
        Letting a tab misbehave in the background for an entire hour was overly charitable.

        * page/PerformanceMonitor.cpp:

2017-04-06  Wenson Hsieh  <wenson_hsieh@apple.com>

        Scroll offset jumps after a programmatic scroll in an overflow container with scroll snapping
        https://bugs.webkit.org/show_bug.cgi?id=170560
        <rdar://problem/31484693>

        Reviewed by Tim Horton.

        Test: css3/scroll-snap/scroll-snap-programmatic-overflow-scroll.html

        Logic for maintaining the scroll snap state in ScrollController was previously removed from iOS when refactoring
        ScrollController. This was done because scroll snapping on iOS is driven not by the ScrollController (as it is
        on Mac) but rather by sending scroll snap offsets to the UI process and hooking into UIScrollView delegates to
        handle retargeted scrolling.

        However, on iOS, this ScrollController state is still important for the purposes of keeping the last active
        snap point index in sync with the UI process when the scroll offset changes outside of a user gesture (i.e.
        programmatic scrolling). Since the UI process does not get a chance to update the active snap offset during a
        programmatic scroll, our last active snap offset state was only being updated to the last snap position that the
        user manually scrolled to, making programmatic scrolling jump to this offset.

        To fix this, we need to update scroll snap state on iOS within ScrollController. Also adds a new Layout test
        that exercises programmatic scrolling in an overflow scrolling container on all platforms.

        * platform/cocoa/ScrollController.mm:
        (WebCore::otherScrollEventAxis):
        (WebCore::ScrollController::updateScrollSnapState):
        (WebCore::ScrollController::updateScrollSnapPoints):

2017-04-05  Simon Fraser  <simon.fraser@apple.com>

        Throttle requestAnimationFrame in cross-origin iframes to 30fps
        https://bugs.webkit.org/show_bug.cgi?id=170534

        Reviewed by Dan Bates.

        Add a throttling reason to ScriptedAnimationController which is NonInteractedCrossOriginFrame,
        set on cross-origin iframes whose documents have never seen a user interaction. It's cleared
        as soon as an interaction on this frame or a child frame is detected.

        Move the initialization of the LowPowerMode throttling reason to Document::requestAnimationFrame(),
        since it's more appropriate to compute NonInteractedCrossOriginFrame here than down in ScriptedAnimationController,
        and best to do both in the same place.

        Tests: http/tests/frame-throttling/raf-throttle-in-cross-origin-subframe.html

        * dom/Document.cpp:
        (WebCore::Document::requestAnimationFrame):
        (WebCore::Document::updateLastHandledUserGestureTimestamp):
        * dom/Document.h:
        (WebCore::Document::hasHadUserInteraction):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::throttlingReasonToString):
        (WebCore::ScriptedAnimationController::interval):
        * dom/ScriptedAnimationController.h:
        * loader/FrameLoader.cpp:
        (WebCore::shouldAskForNavigationConfirmation):

2017-04-05  Simon Fraser  <simon.fraser@apple.com>

        Use the Accelerate framework to optimize FEColorMatrix operations
        https://bugs.webkit.org/show_bug.cgi?id=170518

        Reviewed by Tim Horton.

        On macOS and iOS, we can use the Accelerate framework (vImage) to do color matrix
        math to optimize color matrix, hue rotate, saturation and luminosity to alpha filters.
        
        Change ImageBuffer::getUnmultipliedImageData() and getPremultipliedImageData() to
        return the size of the returned Uint8ClampedArray in physical pixels, because we
        need to pass that to vImage.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::getImageData):
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::effectApplyAccelerated):
        (WebCore::effectType):
        (WebCore::FEColorMatrix::platformApplySoftware):
        * platform/graphics/filters/FEDropShadow.cpp:
        (WebCore::FEDropShadow::platformApplySoftware):
        * platform/graphics/win/ImageBufferDirect2D.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):

2017-04-04  Simon Fraser  <simon.fraser@apple.com>

        Do some minor FEColorMatrix code cleanup and optimization
        https://bugs.webkit.org/show_bug.cgi?id=170474

        Reviewed by Dean Jackson.

        Don't switch inside of a pixel processing loop; repeat the loop inside switch (filterType).
        
        Change matrix() and saturateAndHueRotate() to dereference the source pixels once, instead
        of multiple times, which is faster.
        
        This kind of code benefits from aligning things with spaces for readability, so do so,
        violating webkit style.
        
        Add some off-by-default performance logging code.

        Increases pixel processing performance from about 86ms per megapixel to 65ms per megapixel.

        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::matrix):
        (WebCore::saturateAndHueRotate):
        (WebCore::effectType):
        (WebCore::FEColorMatrix::platformApplySoftware):

2017-04-06  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215041.

        The LayoutTest for this change is failing on ios-simulator.

        Reverted changeset:

        "Rendering flexbox children across columns"
        https://bugs.webkit.org/show_bug.cgi?id=164166
        http://trac.webkit.org/changeset/215041

2017-04-06  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r215046.

        This change broke internal builds.

        Reverted changeset:

        "WebRTC tests gardening"
        https://bugs.webkit.org/show_bug.cgi?id=170508
        http://trac.webkit.org/changeset/215046

2017-04-06  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Only Capture Extra Network Load Metrics when there is a Web Inspector Frontend
        https://bugs.webkit.org/show_bug.cgi?id=170525

        Reviewed by Youenn Fablet.

        Covered by existing tests that when Web Inspector is open we enable collecting the extra data.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::firstFrontendCreated):
        (WebCore::InspectorInstrumentation::lastFrontendDeleted):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::frontendCreated):
        (WebCore::InspectorInstrumentation::frontendDeleted):
        When the first frontend is created enable a new loader strategy to
        collect extra network load metrics. When the last frontend is closed
        disable the extra metrics.

        * loader/LoaderStrategy.h:
        * platform/PlatformStrategies.h:
        New load strategy to enable/disable new metrics.

2017-04-06  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Show all headers in the Request Headers section of the Resource details sidebar
        https://bugs.webkit.org/show_bug.cgi?id=16531
        <rdar://problem/5712895>

        Reviewed by Timothy Hatcher.

        Test: http/tests/inspector/network/resource-request-headers.html

        * loader/ResourceTiming.cpp:
        (WebCore::ResourceTiming::ResourceTiming):
        Eliminate unnecessary data from the NetworkLoadTiming object
        when it is used for ResourceTiming. This clears up some memory
        that will otherwise never be used.

        * platform/network/NetworkLoadMetrics.h:
        (WebCore::NetworkLoadMetrics::isolatedCopy):
        (WebCore::NetworkLoadMetrics::reset):
        (WebCore::NetworkLoadMetrics::clearNonTimingData):
        (WebCore::NetworkLoadMetrics::operator==):
        (WebCore::NetworkLoadMetrics::encode):
        (WebCore::NetworkLoadMetrics::decode):
        Include an optional HTTPHeaderMap for a refined list of
        request headers for this network load.

        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::buildObjectForMetrics):
        Include request headers with other optional metrics data
        when the load is completed.

2017-04-06  Tim Horton  <timothy_horton@apple.com>

        Follow up to r209304, remove line numbers from one more StyleRule construction
        https://bugs.webkit.org/show_bug.cgi?id=170564

        Reviewed by Simon Fraser.

        * css/StyleRule.cpp:
        (WebCore::StyleRuleViewport::StyleRuleViewport):
        This one was missed in r209304.

2017-04-06  Timothy Horton  <timothy_horton@apple.com>

        Remove an unused member and constructor parameter from CSSPropertyParser
        https://bugs.webkit.org/show_bug.cgi?id=170562

        Reviewed by Simon Fraser.

        * css/parser/CSSParser.cpp:
        (WebCore::CSSParser::parseSingleValue):
        (WebCore::CSSParser::parseValueWithVariableReferences):
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::consumeDeclarationValue):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::CSSPropertyParser::CSSPropertyParser):
        (WebCore::CSSPropertyParser::parseValue):
        (WebCore::CSSPropertyParser::parseSingleValue):
        * css/parser/CSSPropertyParser.h:
        It is possible to get Clang to complain about the unused member, though
        I'm not sure why it doesn't in the build today.

2017-04-06  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Hittest always returns the first renderer in the block.
        https://bugs.webkit.org/show_bug.cgi?id=170520
        <rdar://problem/30979175>

        Reviewed by Antti Koivisto.

        This is incorrect now with <br> support (multiple renderers within the same block flow).

        Test: fast/dom/Document/CaretRangeFromPoint/simple-line-layout-hittest-with-caret-range-from-point.html

        * rendering/RenderText.cpp:
        (WebCore::RenderText::positionForPoint): Related fix. We don't yet support positionForPoint with multiple renderes. 
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::segmentForRun): Empty runs are all valid.
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::hitTestFlow):
        (WebCore::SimpleLineLayout::collectFlowOverflow):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::LineResolver::Iterator::operator*): This should eventually return a list of renderes.
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::flowContents):

2017-04-06  Jon Davis  <jond@apple.com>

        Updates feature status for recently shipped features
        https://bugs.webkit.org/show_bug.cgi?id=170359

        Reviewed by Brian Burg.

        Added missing Gamepad entry.
        Changed "Done" status to "Supported".
        Also changed status from "In Development" to "Supported" for:
        
        - CSS Grid Layout Level 1
        - CSS Inline Layout Module Level 3
        - CSS Scroll Snap Points Module Level 1
        - CSS Color Level 4
        - Fetch API
        - Indexed Database 2.0
        - Media Capture and Streams
        - Pointer Lock
        - Preload
        - Input Events

        * features.json:

2017-03-31  Jiewen Tan  <jiewen_tan@apple.com>

        [WebCrypto] Add support for AES-CTR
        https://bugs.webkit.org/show_bug.cgi?id=169761
        <rdar://problem/31331321>

        Reviewed by Brent Fulgham.

        This patch adds support for AES-CTR. Operations of AES-CTR include: encrypt, decrypt, generateKey,
        importKey, exportKey, wrapKey, and unwrapKey. This implementation follows the latest WebCryptoAPI
        spec: https://www.w3.org/TR/WebCryptoAPI/#aes-ctr.

        Tests: crypto/subtle/aes-ctr-encrypt-malformed-parameters.html
               crypto/subtle/aes-ctr-encrypt-overflow.html
               crypto/subtle/aes-ctr-generate-export-key-jwk-length-128.html
               crypto/subtle/aes-ctr-generate-export-key-jwk-length-192.html
               crypto/subtle/aes-ctr-generate-export-key-jwk-length-256.html
               crypto/subtle/aes-ctr-generate-export-raw-key.html
               crypto/subtle/aes-ctr-generate-key-encrypt-decrypt.html
               crypto/subtle/aes-ctr-generate-key.html
               crypto/subtle/aes-ctr-import-jwk-key-length-128.html
               crypto/subtle/aes-ctr-import-jwk-key-length-192.html
               crypto/subtle/aes-ctr-import-jwk-key-length-256.html
               crypto/subtle/aes-ctr-import-key-decrypt.html
               crypto/subtle/aes-ctr-import-key-encrypt.html
               crypto/subtle/aes-ctr-import-key-unwrap-jwk-key.html
               crypto/subtle/aes-ctr-import-key-unwrap-raw-key.html
               crypto/subtle/aes-ctr-import-key-wrap-jwk-key.html
               crypto/subtle/aes-ctr-import-key-wrap-raw-key.html
               crypto/subtle/aes-ctr-import-raw-key.html
               crypto/workers/subtle/aes-ctr-import-key-decrypt.html
               crypto/workers/subtle/aes-ctr-import-key-encrypt.html
               crypto/workers/subtle/aes-ctr-import-key-unwrap-key.html
               crypto/workers/subtle/aes-ctr-import-key-wrap-key.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::normalizeCryptoAlgorithmParameters):
        * crypto/CryptoAlgorithmParameters.h:
        * crypto/algorithms/CryptoAlgorithmAES_CTR.cpp: Added.
        (WebCore::usagesAreInvalidForCryptoAlgorithmAES_CTR):
        (WebCore::parametersAreValid):
        (WebCore::CryptoAlgorithmAES_CTR::create):
        (WebCore::CryptoAlgorithmAES_CTR::identifier):
        (WebCore::CryptoAlgorithmAES_CTR::encrypt):
        (WebCore::CryptoAlgorithmAES_CTR::decrypt):
        (WebCore::CryptoAlgorithmAES_CTR::generateKey):
        (WebCore::CryptoAlgorithmAES_CTR::importKey):
        (WebCore::CryptoAlgorithmAES_CTR::exportKey):
        (WebCore::CryptoAlgorithmAES_CTR::getKeyLength):
        * crypto/algorithms/CryptoAlgorithmAES_CTR.h: Added.
        * crypto/gcrypt/CryptoAlgorithmAES_CTRGCrypt.cpp: Added.
        (WebCore::CryptoAlgorithmAES_CTR::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CTR::platformDecrypt):
        * crypto/mac/CryptoAlgorithmAES_CTRMac.cpp: Added.
        (WebCore::bigIntegerToSize):
        (WebCore::transformAES_CTR):
        (WebCore::CryptoAlgorithmAES_CTR::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CTR::platformDecrypt):
        * crypto/mac/CryptoAlgorithmRegistryMac.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        * crypto/parameters/AesCtrParams.idl: Added.
        * crypto/parameters/CryptoAlgorithmAesCtrParams.h: Added.

2017-04-06  Youenn Fablet  <youenn@apple.com>

        WebRTC tests gardening
        https://bugs.webkit.org/show_bug.cgi?id=170508

        Reviewed by Eric Carlson.

        * Configurations/FeatureDefines.xcconfig: Changing webrtc enabling for ios.

2017-04-06  Andreas Kling  <akling@apple.com>

        Stop forcing CA commit when memory pressure changes.
        https://bugs.webkit.org/show_bug.cgi?id=170522
        <rdar://problem/31460236>

        Reviewed by Antti Koivisto.

        Don't force a CA commit when reaching critical memory pressure. We're already doing a ton
        of work in response to the pressure, and this was really a hack to try to react quickly on
        512 MB devices which we don't support anymore.

        * page/MemoryRelease.cpp:
        (WebCore::releaseCriticalMemory):

2017-04-06  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement ReadableStreamBYOBRequest respondWithNewView()
        https://bugs.webkit.org/show_bug.cgi?id=170339

        Reviewed by Youenn Fablet.

        Implemented ReadableStreamBYOBRequest respondWithNewView().

        Added new tests to check respondWithNewView() behaviour.

        * Modules/streams/ReadableByteStreamInternals.js:
        (readableByteStreamControllerRespondWithNewView): Added.
        * Modules/streams/ReadableStreamBYOBRequest.js:
        (respondWithNewView): Updated.

2017-04-06  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Host application should be able to mute and unmute media streams
        https://bugs.webkit.org/show_bug.cgi?id=170519
        <rdar://problem/31174326>

        Unreviewed, fix crash introduced in r214980.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream): NULL-check page.

2017-04-06  Dave Hyatt  <hyatt@apple.com>

        Rendering flexbox children across columns
        https://bugs.webkit.org/show_bug.cgi?id=164166
        <rdar://problem/29055587>

        Reviewed by Zalan Bujtas.

        Added fast/multicol/flexbox-rows.html.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::adjustForUnsplittableChild):
        Treat block-level flexboxes that occur inside block flows the same as replaced
        and unsplittable elements and push them to the next page if they don't fit. We don't
        update the minimum page height though, since the flexbox is not really unsplittable.

2017-04-05  Simon Fraser  <simon.fraser@apple.com>

        Set lastHandledUserGestureTimestamp on all ancestor documents, not just the top document
        https://bugs.webkit.org/show_bug.cgi?id=170479

        Reviewed by Sam Weinig.

        When interacting with a subframe document, set lastHandledUserGestureTimestamp on all ancestor
        documents up to the root.

        This will be used in future for requestAnimationFrame throttling.

        Test: fast/frames/user-gesture-timestamp-propagation.html

        * dom/Document.cpp:
        (WebCore::Document::updateLastHandledUserGestureTimestamp):
        * dom/Document.h:
        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator):
        * testing/Internals.cpp:
        (WebCore::Internals::lastHandledUserGestureTimestamp):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Host application should be able to mute and unmute media streams
        https://bugs.webkit.org/show_bug.cgi?id=170519
        <rdar://problem/31174326>

        Unreviewed, address review comments missed in the initial checkin.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream): Mute the private stream if the page doesn't allow
        capture.
        (WebCore::MediaStream::pageMutedStateDidChange): setMuted -> setCaptureTracksMuted.

        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::addTrack): Don't track muted state, the capture source already does.
        (WebCore::MediaStreamPrivate::startProducingData):  Ditto.
        (WebCore::MediaStreamPrivate::setCaptureTracksMuted): Renamed from setMuted.
        (WebCore::MediaStreamPrivate::setMuted): Deleted.
        * platform/mediastream/MediaStreamPrivate.h:

2017-04-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Host application should be able to mute and unmute media streams
        https://bugs.webkit.org/show_bug.cgi?id=170519
        <rdar://problem/31174326>

        Reviewed by Youenn Fablet.

        No new tests, fast/mediastream/MediaStream-page-muted.html was updated.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::~MediaStream): Fix a typo.
        (WebCore::MediaStream::pageMutedStateDidChange): Don't store muted state, let the private
        stream store it.
        (WebCore::MediaStream::mediaState): Deal with new muted state flags.
        * Modules/mediastream/MediaStream.h:

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Clear media state before the frame is cleared.

        * page/MediaProducer.h: Add muted flags.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack): The display layer
        should not be visible when the video track is muted.

        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::addTrack): Mute the new track if necessary.
        (WebCore::MediaStreamPrivate::startProducingData): Do nothing when muted.
        (WebCore::MediaStreamPrivate::setExternallyMuted): New, mute/unmute tracks.
        * platform/mediastream/MediaStreamPrivate.h:

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::setMuted): Start/stop producing data.

        * testing/Internals.cpp:
        (WebCore::Internals::pageMediaState): Support new media stream muted flags.

2017-04-05  Andreas Kling  <akling@apple.com>

        Make inactive web processes behave as though under memory pressure.
        https://bugs.webkit.org/show_bug.cgi?id=170042
        <rdar://problem/31038445>

        Reviewed by Antti Koivisto.

        Prevent PerformanceMonitor from marking the process as inactive at startup.
        This fixes the API test failure that caused this patch to get rolled out.

        * page/PerformanceMonitor.h:

2017-04-05  Youenn Fablet  <youenn@apple.com>

        Switch to kCVPixelFormatType_420YpCbCr8BiPlanarFullRange for Mac video capture format
        https://bugs.webkit.org/show_bug.cgi?id=170509

        Reviewed by Eric Carlson.

        Covered by existing tests.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:

2017-04-05  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Implement the place-items shorthand
        https://bugs.webkit.org/show_bug.cgi?id=168847

        Reviewed by David Hyatt.

        The CSS Box Alignment specification defines a new shorthand to set the
        Content Alignment properties (align-items and justify-items) at the
        same time.

        This patch provides the implementation of the CSS parsing logic and the
        required regression tests. For the time being, as it happens with the
        rest of the new alignment properties, the new parsing logic is
        implemented behind the CSS Grid Layout runtime flag.

        Test: css3/parse-place-items.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSProperties.json:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::getAlignmentShorthandValue):
        * css/StyleProperties.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::isAutoOrNormalOrStretch):
        (WebCore::consumeSelfPositionOverflowPosition):
        (WebCore::consumeSimplifiedItemPosition):
        (WebCore::CSSPropertyParser::consumePlaceItemsShorthand):
        * css/parser/CSSPropertyParser.h:

2017-04-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214932.

        This change broke an internal build.

        Reverted changeset:

        "[ios-simulator] API test WebKit2.DataDetectionReferenceDate
        timing out"
        https://bugs.webkit.org/show_bug.cgi?id=161967
        http://trac.webkit.org/changeset/214932

2017-04-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214962.

        Roll r214937 back in because it wasn't at fault for the build
        breakage.

        Reverted changeset:

        "Unreviewed, rolling out r214937."
        https://bugs.webkit.org/show_bug.cgi?id=170365
        http://trac.webkit.org/changeset/214962

2017-04-05  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214937.

        This change broke an internal build.

        Reverted changeset:

        "REGRESSION (r202472): Data Detection overwrites existing
        links in detected ranges"
        https://bugs.webkit.org/show_bug.cgi?id=170365
        http://trac.webkit.org/changeset/214937

2017-04-05  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [WebRTC][OpenWebRTC] Add support for SDP BUNDLE ("a:group:BUNDLE" and "a=bundle-only" lines)
        https://bugs.webkit.org/show_bug.cgi?id=170157

        Reviewed by Alejandro G. Castro.

        This implements support on the SDPProcessor for generating an "a=group:BUNDLE"
        attribute with the MID identifiers specified in the bundle group in the most
        recent answer.
        It also implements support for generating "a=bundle-only" attributes on the
        "m=" sections of the SDP according to the bundlePolicy defined.

        Test: fast/mediastream/RTCPeerConnection-inspect-offer-bundlePolicy-bundle-only.html

        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::createOfferTask):
        (WebCore::MediaEndpointPeerConnection::createAnswerTask):
        * Modules/mediastream/SDPProcessor.cpp:
        (WebCore::getBundlePolicyName):
        (WebCore::configurationToJSON):
        * Modules/mediastream/sdp.js:
        (SDP.generate):
        * platform/mediastream/MediaEndpointSessionConfiguration.h:
        (WebCore::MediaEndpointSessionConfiguration::bundlePolicy):
        (WebCore::MediaEndpointSessionConfiguration::setBundlePolicy):
        (WebCore::MediaEndpointSessionConfiguration::clone):

2017-04-05  Jer Noble  <jer.noble@apple.com>

        [MSE] Seeks to currentTime=0 will fail if currentTime is already 0.
        https://bugs.webkit.org/show_bug.cgi?id=170510
        <rdar://problem/30988403>

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-unnecessary-seek-seeked.html

        The AVSampleBufferRenderSynchronizer won't fire a time jumped notification if no seek is actully
        necessary. So short circuit the seek logic if the seek time is identical to the current synchronizer
        time.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekInternal):

2017-04-05  Chris Dumez  <cdumez@apple.com>

        <input type="range"> changing to disabled while active breaks all pointer events
        https://bugs.webkit.org/show_bug.cgi?id=170447
        <rdar://problem/31442875>

        Reviewed by Geoffrey Garen.

        When a range's slider is being moved, we set SliderThumbElement's m_inDragMode flag
        to true and mark the range elements as the CapturingMouseEventsElement. When we get
        the mouseUp event, we are supposed to exit drag mode. However, when the range element
        gets disabled while dragging, we do not get the mouseUp event and we need to make
        sure we exit dragging mode anyway. r112547 tried to fix this by calling stopDragging()
        in SliderThumbElement::defaultEventHandler() when the input element is disabled.
        While this often works, this is fragile and we sometimes fail to exit dragging mode
        when we should.

        This patch addressed the issue by calling stopDragging() in
        SliderThumbElement::disabledAttributeChanged() instead. This is much safer as we
        guarantee will exit dragging mode whenever the range element gets disabled, even
        if SliderThumbElement::defaultEventHandler() does not get called after that.

        Test: fast/forms/range/disabled-while-dragging.html

        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::disabledAttributeChanged):
        * html/RangeInputType.h:
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderThumbElement::defaultEventHandler):
        (WebCore::SliderThumbElement::disabledAttributeChanged):
        * html/shadow/SliderThumbElement.h:

2017-04-05  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Video doesn't render in fullscreen on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170404

        Reviewed by Youenn Fablet.
        
        No new tests, filed https://bugs.webkit.org/show_bug.cgi?id=170512.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Include
        video fullscreen manager on iOS too.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::videoTransformationMatrix): Add paramater
        to force transform recalculation.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample): Restructure code since
        the display layer resize happens elsewhere.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers): Include video fullscreen
        manager on iOS too.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::backgroundLayerBoundsChanged): Change the
        display layer size and position immediately instead of waiting for the next sample buffer
        so the display is correct when fullscreen mode changes when paused.

2017-04-05  Youenn Fablet  <youenn@apple.com>

        Deprecate and remove URL.createObjectURL(mediastream)
        https://bugs.webkit.org/show_bug.cgi?id=167518
        <rdar://problem/31149607>

        Reviewed by Eric Carlson.

        Covered by updated tests.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * Modules/mediastream/DOMURLMediaStream.cpp: Removed.
        * Modules/mediastream/DOMURLMediaStream.h: Removed.
        * Modules/mediastream/DOMURLMediaStream.idl: Removed.
        * WebCore.xcodeproj/project.pbxproj:
        * html/DOMURL.idl:

2017-04-05  Alejandro G. Castro  <alex@igalia.com>

        [Webrtc] Mock realtime sources factories should be static after r213941
        https://bugs.webkit.org/show_bug.cgi?id=170282

        Reviewed by Alex Christensen.

        If we don't make the variables static we would be returning a
        local variable.

        * platform/mock/MockRealtimeAudioSource.cpp:
        (WebCore::MockRealtimeAudioSource::factory):
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::factory):

2017-04-05  Alex Christensen  <achristensen@webkit.org>

        Fix CMake build.

        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        Some JavaScript inline functions were not being accessed from this file with different enable flags.
        * platform/spi/cf/CFNetworkSPI.h:
        * platform/spi/cocoa/NSURLConnectionSPI.h:
        Moved NSURLSession-specific SPI from NSURLConnectionSPI.h to CFNetworkSPI.h.

2017-04-05  Chris Dumez  <cdumez@apple.com>

        _blank / _self / _parent / _top browsing context names should be case-insensitive
        https://bugs.webkit.org/show_bug.cgi?id=169747

        Reviewed by Alex Christensen.

        _blank / _self / _parent / _top browsing context names should be case-insensitive
        as per the HTML specification:
        - https://html.spec.whatwg.org/#browsing-context-names

        This aligns our behavior with Firefox as well. See discussion at:
        - https://github.com/whatwg/html/issues/2443

        Tests: imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-_blank.html
               imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-001.html
               imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-002.html
               imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-003.html
               imported/w3c/web-platform-tests/html/browsers/windows/browsing-context-names/browsing-context-choose-parent-004.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::createWindow):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::open):
        * page/FrameTree.cpp:
        (WebCore::FrameTree::uniqueChildName):
        (WebCore::FrameTree::find):

2017-04-05  Miguel Gomez  <magomez@igalia.com>

        [GTK+] PNG animations that should run once are not played at all
        https://bugs.webkit.org/show_bug.cgi?id=170499

        Reviewed by Carlos Garcia Campos.

        The repetition count reported bu the PNGImageDecoder is wrong. It's returning m_playCount - 1, which
        means 0 for the animations that need to be played once. Change it to return an appropriate value.

        Covered by existent tests.

        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::repetitionCount):
        * platform/image-decoders/png/PNGImageDecoder.h:

2017-04-05  Andy Estes  <aestes@apple.com>

        REGRESSION (r202472): Data Detection overwrites existing links in detected ranges
        https://bugs.webkit.org/show_bug.cgi?id=170365
        <rdar://problem/29205721>

        Reviewed by Tim Horton.

        r202472 changed the node traversal in searchForLinkRemovingExistingDDLinks() to only
        consider nodes that are descendants of startNode, but we need to traverse all nodes between
        startNode and endNode to find existing non-DD links.

        As a result, we'd add a Data Detector link to the following snippet and make the original
        links un-clickable:

            <a href='#'>tomorrow</a> <a href='#'>night</a>

        Fix this by not specifying a stayWithin node when calling NodeTraversal::next(). The loop
        will terminate when we reach endNode.

        Updated WebKit2.DataDetectionReferenceDate API test.

        * editing/cocoa/DataDetection.mm:
        (WebCore::searchForLinkRemovingExistingDDLinks):

2017-04-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        Move WebErrors from WebProcess to Shared and get rid of ErrorsGtk in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=156974

        Reviewed by Sam Weinig.

        Remove ErrorsGtk.

        * PlatformGTK.cmake:
        * platform/gtk/ErrorsGtk.cpp: Removed.
        * platform/gtk/ErrorsGtk.h: Removed.

2017-04-05  Andy Estes  <aestes@apple.com>

        [ios-simulator] API test WebKit2.DataDetectionReferenceDate timing out
        https://bugs.webkit.org/show_bug.cgi?id=161967

        Reviewed by Alexey Proskuryakov.

        DataDetectorsCoreSPI.h defined DDQueryOffset as a struct of two CFIndexes, which is 16 bytes
        on LP64, but the struct is actually defined as two CFIndex-typed 32-bit bitfields, which is
        8 bytes on LP64. This breaks the ABI on Public SDK builds when calling functions that take
        or return DDQueryOffsets.

        * platform/spi/cocoa/DataDetectorsCoreSPI.h: Updated the DDQueryOffset definition for
        Public SDK builds, and added a static_assert to detect future size changes at compile time.

2017-04-04  Jer Noble  <jer.noble@apple.com>

        Move AVSampleBufferDisplayLayer declarations into AVFoundationSPI.h
        https://bugs.webkit.org/show_bug.cgi?id=170471

        Reviewed by Eric Carlson.

        Move the declaration of AVSampleBufferDisplayLayer (and related classes) into AVFoundationSPI.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Youenn Fablet  <youenn@apple.com>

        Canvas is tainted when painting a video with MediaStreamTrack
        https://bugs.webkit.org/show_bug.cgi?id=170486

        Reviewed by Eric Carlson.

        Test: http/tests/media/media-stream/getusermedia-with-canvas.html

        Adding the notion of isolated source so that we can later on implement WebRTC isolated tracks.
        For now, canvas will not be tainted if painted from a MediaStreamTrack.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::didPassCORSAccessCheck):
        * platform/mediastream/MediaStreamTrackPrivate.h:
        (WebCore::MediaStreamTrackPrivate::isIsolated):
        * platform/mediastream/RealtimeMediaSource.h:

2017-04-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r214894, r214895, r214907, r214912,
        and r214918.
        https://bugs.webkit.org/show_bug.cgi?id=170491

        Caused build failures on Mac (Requested by rniwa on #webkit).

        Reverted changesets:

        "Build fix."
        http://trac.webkit.org/changeset/214894

        "Rolling back the build fix, as it broke other builds."
        http://trac.webkit.org/changeset/214895

        "Move AVSampleBufferDisplayLayer declarations into
        AVFoundationSPI.h"
        https://bugs.webkit.org/show_bug.cgi?id=170471
        http://trac.webkit.org/changeset/214907

        "Unreviewed build fix: fix compilation error on Sierra."
        http://trac.webkit.org/changeset/214912

        "More build fixing."
        http://trac.webkit.org/changeset/214918

2017-04-04  Youenn Fablet  <youenn@apple.com>

        [Mac] Add back web audio support for getUserMedia MediaStreamTrack
        https://bugs.webkit.org/show_bug.cgi?id=170482

        Reviewed by Eric Carlson.

        ´Covered by reenabled test.

        Exporting method and class used in WebKit2.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/audio/mac/CAAudioStreamDescription.h:
        * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.h:

2017-04-04  Alexey Proskuryakov  <ap@apple.com>

        More build fixing.

        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Simon Fraser  <simon.fraser@apple.com>

        Do some minor FEColorMatrix code cleanup and optimization
        https://bugs.webkit.org/show_bug.cgi?id=170474

        Reviewed by Dean Jackson.

        Don't switch inside of a pixel processing loop; repeat the loop inside switch (filterType).
        
        Change matrix() and saturateAndHueRotate() to dereference the source pixels once, instead
        of multiple times, which is faster.
        
        This kind of code benefits from aligning things with spaces for readability, so do so,
        violating webkit style.
        
        Add some off-by-default performance logging code.

        Increases pixel processing performance from about 86ms per megapixel to 65ms per megapixel.

        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::matrix):
        (WebCore::saturateAndHueRotate):
        (WebCore::effectType):
        (WebCore::FEColorMatrix::platformApplySoftware):

2017-04-04  Brent Fulgham  <bfulgham@apple.com>

        Do not assert when CharacterData representing an Attr fires events
        https://bugs.webkit.org/show_bug.cgi?id=170454
        <rdar://problem/30979320>

        Reviewed by Ryosuke Niwa.

        Make the NoEventDispatchAssertion in CharacterData::notifyParentAfterChange conditional
        since Attr elements should be allowed to fire events.

        Tests: fast/dom/no-assert-for-malformed-js-url-attribute.html

        * dom/CharacterData.cpp:
        (WebCore::CharacterData::notifyParentAfterChange):

2017-04-04  Youenn Fablet  <youenn@apple.com>

        LayoutTest webrtc/libwebrtc/descriptionGetters.html is a flaky failure
        https://bugs.webkit.org/show_bug.cgi?id=169481

        Reviewed by Eric Carlson.

        No need to enumerate all network interfaces in most layout tests.
        Adding an Internals API for that in case we want to use TCP localhost candidates.

        * testing/Internals.cpp:
        (WebCore::Internals::Internals):
        (WebCore::Internals::setEnumeratingAllNetworkInterfacesEnabled):
        * testing/Internals.h:
        * testing/Internals.idl:


2017-04-04  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix: fix compilation error on Sierra.

        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Jer Noble  <jer.noble@apple.com>

        Move AVSampleBufferDisplayLayer declarations into AVFoundationSPI.h
        https://bugs.webkit.org/show_bug.cgi?id=170471

        Reviewed by Eric Carlson.

        Move the declaration of AVSampleBufferDisplayLayer (and related classes) into AVFoundationSPI.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Saam Barati  <sbarati@apple.com>

        WebAssembly: JSWebAssemblyCallee should not be a JSCell
        https://bugs.webkit.org/show_bug.cgi?id=170135

        Reviewed by Michael Saboff.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::callerDOMWindow):

2017-04-04  Simon Fraser  <simon.fraser@apple.com>

        Change Document's lastHandledUserGestureTimestamp to be a MonotonicTime
        https://bugs.webkit.org/show_bug.cgi?id=170468

        Reviewed by Zalan Bujtas.
        
        Change the double to MonotonicTime. No behavior change.

        * dom/Document.cpp:
        (WebCore::Document::updateLastHandledUserGestureTimestamp):
        * dom/Document.h:
        (WebCore::Document::lastHandledUserGestureTimestamp):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::documentHadRecentUserGesture):
        * loader/FrameLoader.cpp:
        (WebCore::shouldAskForNavigationConfirmation):

2017-04-04  Youenn Fablet  <youenn@apple.com>

        [Debug] ASSERT(!throwScope.exception()) on imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-status-worker.html
        https://bugs.webkit.org/show_bug.cgi?id=170395
        <rdar://problem/31394017>

        Reviewed by Mark Lam.

        No change of behavior.

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredPromise::reject): Adding early ASSERT that creating an exception is happening correctly.

2017-04-04  Alexey Proskuryakov  <ap@apple.com>

        Rolling back the build fix, as it broke other builds.

        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        Rubber-stamped by Jer Noble.

        * platform/spi/mac/AVFoundationSPI.h:

2017-04-04  Tim Horton  <timothy_horton@apple.com>

        [Mac] -[WKWebView findMatchesForString:relativeToMatch:findOptions:maxResults:resultCollector:] invokes the resultCollector with didWrap = NO even when it wraps
        https://bugs.webkit.org/show_bug.cgi?id=165801
        <rdar://problem/29649535>

        Reviewed by Wenson Hsieh.

        New API tests: WebKit2.FindInPageWrapping*

        * page/FrameTree.cpp:
        (WebCore::FrameTree::traverseNextWithWrap):
        (WebCore::FrameTree::traversePreviousWithWrap):
        (WebCore::FrameTree::traverseNextInPostOrderWithWrap):
        * page/FrameTree.h:
        Add CanWrap and DidWrap boolean enums, and add an optional out argument
        to traverse*WithWrap indicating whether a wrap actually occurred.

        * history/CachedPage.cpp:
        (WebCore::firePageShowAndPopStateEvents):
        * history/PageCache.cpp:
        (WebCore::destroyRenderTree):
        Adjust to the new CanWrap enum.
        
        * page/Page.cpp:
        (WebCore::incrementFrame):
        (WebCore::Page::findString):
        (WebCore::Page::findStringMatchingRanges):
        (WebCore::Page::rangeOfString):
        (WebCore::Page::findMatchesForText):
        (WebCore::Page::unmarkAllTextMatches):
        * page/Page.h:
        Adjust to the new CanWrap enum, and optionally plumb DidWrap through
        to callers of findString().

2017-04-04  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] PLATFORM(GTK) && !USE(COORDINATED_GRAPHICS_THREADED) is no longer possible
        https://bugs.webkit.org/show_bug.cgi?id=170458

        Reviewed by Carlos Alberto Lopez Perez.

        That is not supported anymore, so we can remove dead code from VideoSinkGStreamer.cpp

        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (VideoRenderRequestScheduler::VideoRenderRequestScheduler):

2017-04-04  Per Arne Vollan  <pvollan@apple.com>

        Unreviewed Windows build fix.

        * bindings/js/JSDOMGuardedObject.h:

2017-04-03  Wenson Hsieh  <wenson_hsieh@apple.com>

        Data interaction should register type identifiers in order of priority
        https://bugs.webkit.org/show_bug.cgi?id=170428
        <rdar://problem/30633296>

        Reviewed by Tim Horton.

        Currently, due to the shared logic for writing to a UIPasteboard (in the case of copy/paste) and the shared
        UIItemProvider-based pasteboard wrapper (in the case of data interaction), we don't enforce any particular
        ordering in which type identifiers are registered in the generated item provider. This is because
        -[UIPasteboard setItems:] only takes an unordered mapping of type identifiers to objects.

        To fix this, we introduce a separate way to set pasteboard data that first writes a list of object
        representations in order of priority (which is dependent on the content being interacted with) and then register
        individual type-data mappings at the end.

        Augmented existing API tests in DataInteractionTests to check for the existence and priority of type identifiers
        in the UIItemProviders created upon starting data interaction. Also adds a new unit test:
        DataInteractionTests.TextAreaToInput.

        * WebCore.xcodeproj/project.pbxproj:
        * editing/cocoa/EditorCocoa.mm:
        (WebCore::archivedDataForAttributedString):
        (WebCore::Editor::writeSelectionToPasteboard):
        (WebCore::Editor::writeSelection):
        * platform/Pasteboard.h:
        * platform/PasteboardWriterData.h:
        * platform/PlatformPasteboard.h:
        * platform/ios/AbstractPasteboard.h:
        * platform/ios/AbstractPasteboard.mm: Copied from Source/WebCore/platform/ios/AbstractPasteboard.h.

        Introduce WebPasteboardItemData, a wrapper around a list of objects representating the pasteboard data in order
        of priority, and a dictionary containing additional NSData blobs that contain data useful for private clients.

        (+[WebPasteboardItemData itemWithRepresentingObjects:additionalData:]):
        (-[WebPasteboardItemData initWithRepresentingObjects:additionalData:]):
        (-[WebPasteboardItemData representingObjects]):
        (-[WebPasteboardItemData additionalData]):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::richTextRepresentationsForPasteboardWebContent):
        (WebCore::PlatformPasteboard::writeObjectRepresentations):
        (WebCore::PlatformPasteboard::write):

        Tweaked to check whether the pasteboard responds to -setItemsFromObjectRepresentations:. If so, uses the
        PlatformPasteboard::writeObjectRepresentations codepath to write data to the pasteboard, respecting type
        priority.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard pasteboardTypes]):
        (-[WebItemProviderPasteboard setItemProviders:]):
        (-[WebItemProviderPasteboard setItemsFromObjectRepresentations:]):

        Replaces -setItems: with -setItemsFromObjectRepresentations:, which respects the priority of each object
        representation of the data in the pasteboard.

        (-[WebItemProviderPasteboard setItems:]): Deleted.

2017-04-03  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Adapt place-content alignment shorthand to the new baseline syntax
        https://bugs.webkit.org/show_bug.cgi?id=170340

        Reviewed by David Hyatt.

        Now that the align-content and justify-content CSS properties are
        adapted to the new baseline-position CSS values syntax we can adapt the
        shorthand that controls such properties to the new syntax as well.

        No new tests, just adding some additional cases to the tests we already have.

        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::placeContentPropertyValue):
        * css/StyleProperties.h:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::isContentDistributionKeyword):
        (WebCore::isContentPositionKeyword):
        (WebCore::isOverflowKeyword):
        (WebCore::getBaselineKeyword):
        (WebCore::consumeContentDistributionOverflowPosition):
        (WebCore::consumeSimplifiedContentPosition):

2017-04-03  Nan Wang  <n_wang@apple.com>

        AX: Expose link children when doing search predication on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170424
        <rdar://problem/31413335>

        The children of links are accessible elements on iOS instead of the link itself, 
        so we should expose the children when doing predicated searches as well.

        Reviewed by Chris Fleizach.

        Test: accessibility/ios-simulator/ios-search-predicate-link-children.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isAccessibilityObjectSearchMatchAtIndex):

2017-04-03  Jer Noble  <jer.noble@apple.com>

        No audio output for MediaStream-backed audio elements on iOS
        https://bugs.webkit.org/show_bug.cgi?id=170427

        Reviewed by Eric Carlson.

        The logic for setting the output timestamp offset in AudioSampleDataSource was reversed; instead of
        subtracting out the timestamp of the first pull request, it effectively doubled it.

        * platform/audio/mac/AudioSampleDataSource.mm:
        (WebCore::AudioSampleDataSource::pullSamplesInternal):

2017-04-03  Dave Hyatt  <hyatt@apple.com>

        Japanese fonts in vertical text should support synthesized italics
        https://bugs.webkit.org/show_bug.cgi?id=169301

        Reviewed by Simon Fraser.

        Updated test in fast/text/international.

        * platform/graphics/Font.cpp:
        (WebCore::Font::nonSyntheticItalicFont): Deleted.
        * platform/graphics/Font.h:
        Removed the non-synthetic italic font member, since it's not used.

        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::glyphDataForNonCJKCharacterWithGlyphOrientation):
        Patched to ensure that a text-orientation-fallback font data is always
        returned in the synthetic oblique case, so that non-CJK and CJK are
        guaranteed to be broken up so that their slants can be applied differently.

        (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
        (WebCore::FontCascadeFonts::glyphDataForNormalVariant):
        (WebCore::glyphDataForCJKCharacterWithoutSyntheticItalic): Deleted.
        Patched to no longer turn off synthetic oblique for CJK.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::drawGlyphs):
        Apply the correct italic transform to CJK when in vertical text.

2017-04-03  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r206744): CSS background-image in style attribute ignored when using createHTMLDocument method of DOM parsing
        https://bugs.webkit.org/show_bug.cgi?id=170285
        <rdar://problem/31378543>

        Reviewed by Andy Estes.

        r206744 caused up to stop trying to resolve relative URLs when trying to load an image
        referred to by CSS. We already try to resolve the relative URL when parsing the CSS
        property so this will usually work fine. However, in the case when the CSS property
        is parsed in detached document and then moved to another document, we will not have
        the complete URL.

        Test: fast/images/background-image-relative-url-changes-document.html

        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::loadImage):

2017-04-03  Jeremy Jones  <jeremyj@apple.com>

        Do not set WebAVPlayerLayerView background to black in fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=170132
        rdar://problem/30839278

        Reviewed by Tim Horton.

        No new tests because no behavior change.

        The black background on WebAVPlayerLayerView interferes with the fullscreen animation
        and has been removed.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen):
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard):

2017-04-03  Antti Koivisto  <antti@apple.com>

        REGRESSION (r207669): FileMaker Pro Help pages do not render correctly
        https://bugs.webkit.org/show_bug.cgi?id=170402
        <rdar://problem/31004344>

        Reviewed by Simon Fraser.

        If a new stylesheet load is started from the load event the document.styleSheets does not
        always reflect the already loaded stylesheets.

        Test: fast/css/document-stylesheets-dynamic.html

        * style/StyleScope.cpp:
        (WebCore::Style::Scope::updateActiveStyleSheets):

            Remove an old optimization where we would not update active stylesheets if there were pending
            (head) stylesheet loads and they had not been updated already.
            This is probably not a valuable optimization anymore with the new lazy stylesheet update strategy.

        * style/StyleScope.h:

2017-04-03  Anders Carlsson  <andersca@apple.com>

        Tweak ApplePaySession API
        https://bugs.webkit.org/show_bug.cgi?id=170409
        rdar://problem/31405459

        Reviewed by Tim Horton.

        Rename "address" to "addressLines". Add "postalAddress". Reorder the ApplePayError constructor parameters.

        * Modules/applepay/ApplePayError.cpp:
        (WebCore::ApplePayError::create):
        (WebCore::ApplePayError::ApplePayError):
        * Modules/applepay/ApplePayError.h:
        * Modules/applepay/ApplePayError.idl:
        * Modules/applepay/PaymentRequest.h:

2017-04-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement CryptoKeyEC::keySizeInBits(), ::platformGeneratePair()
        https://bugs.webkit.org/show_bug.cgi?id=170345

        Reviewed by Michael Catanzaro.

        Start implementing the libgcrypt-based platform bits of CryptoKeyEC.

        Implement keySizeInBits() by returning the appropriate size for this
        object's curve type. An assertion is added to ensure that this size
        matches the one that's returned by gcry_pk_get_nbits() for this
        object's EC key as represented by the m_platformKey gcry_sexp_t object.

        Implement platformGeneratePair() by constructing a genkey s-expression
        that requests a generation of an EC key for the specified curve type.
        The s-expression is then passed to gcry_pk_genkey(), and the public
        and private key data is then retrieved from the returned s-expression
        upon success and used to create the public and private CryptoKeyEC
        objects.

        The PlatformECKey type alias is changed to match gcry_sexp_t. The
        CryptoKeyEC destructor releases the gcry_sexp_t object through
        a PAL::GCrypt::HandleDeleter<gcry_sexp_t> instance.

        The method definitions in the CryptoKeyECGCrypt.cpp file are also
        sorted to match the declaration order in the header.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoKeyECGCrypt.cpp:
        (WebCore::curveSize):
        (WebCore::curveName):
        (WebCore::CryptoKeyEC::~CryptoKeyEC):
        (WebCore::CryptoKeyEC::keySizeInBits):
        (WebCore::CryptoKeyEC::platformGeneratePair):
        (WebCore::CryptoKeyEC::platformImportSpki):
        (WebCore::CryptoKeyEC::platformImportPkcs8):
        (WebCore::CryptoKeyEC::platformExportRaw):
        (WebCore::CryptoKeyEC::platformAddFieldElements):
        (WebCore::CryptoKeyEC::platformExportSpki):
        * crypto/keys/CryptoKeyEC.h:

2017-04-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement AES_KW support
        https://bugs.webkit.org/show_bug.cgi?id=170274

        Reviewed by Michael Catanzaro.

        Implement the CryptoAlgorithmAES_KW::platform{Wrap,Unwrap}Key()
        functionality for configurations that use libgcrypt. This is done
        by leveraging the gcry_cipher_* APIs for the AES algorithm that's
        deducted appropriately from the key size and the AESWRAP cipher mode.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoAlgorithmAES_KWGCrypt.cpp:
        (WebCore::gcryptWrapKey):
        (WebCore::gcryptUnwrapKey):
        (WebCore::CryptoAlgorithmAES_KW::platformWrapKey):
        (WebCore::CryptoAlgorithmAES_KW::platformUnwrapKey):

2017-04-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement AES_GCM support
        https://bugs.webkit.org/show_bug.cgi?id=170271

        Reviewed by Michael Catanzaro.

        Implement the CryptoAlgorithmAES_GCM::platform{Encrypt,Decrypt}
        functionality for configurations that use libgcrypt. This is done
        by leveraging the gcry_cipher_* APIs for the AES algorithm that's
        deducted appropriately from the key size and the GCM cipher mode.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp:
        (WebCore::gcryptEncrypt):
        (WebCore::gcryptDecrypt):
        (WebCore::CryptoAlgorithmAES_GCM::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_GCM::platformDecrypt):

2017-04-03  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Implement PBKDF2 support
        https://bugs.webkit.org/show_bug.cgi?id=170270

        Reviewed by Michael Catanzaro.

        Implement the CryptoAlgorithmPBKDF2::platformDeriveBits() functionality
        for configurations that use libgcrypt. This is done by leveraging the
        gcry_kdf_derive() API, using GCRY_KDF_PBKDF2 as the preferred KDF
        along with the properly deducted SHA algorithm.

        No new tests -- current ones cover this sufficiently, but are not yet
        enabled due to other missing platform-specific SUBTLE_CRYPTO
        implementations.

        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp:
        (WebCore::gcryptDeriveBits):
        (WebCore::CryptoAlgorithmPBKDF2::platformDeriveBits):

2017-04-01  Simon Fraser  <simon.fraser@apple.com>

        Clean up touch event handler registration when moving nodes between documents
        https://bugs.webkit.org/show_bug.cgi?id=170384
        rdar://problem/30816694

        Reviewed by Chris Dumez.

        Make sure that Node::didMoveToNewDocument() does the correct unregistration on the
        old document, and registration on the new document for nodes with touch event listeners,
        and gesture event listeners. Touch "handler" nodes (those for overflow and sliders) are
        already correctly moved via renderer-related teardown.

        Add assertions that fire when removal was not complete.

        Use references in more places.

        Tests: fast/events/touch/ios/gesture-node-move-between-documents.html
               fast/events/touch/ios/overflow-node-move-between-documents.html
               fast/events/touch/ios/slider-node-move-between-documents.html
               fast/events/touch/ios/touch-node-move-between-documents.html

        * dom/EventNames.h:
        (WebCore::EventNames::gestureEventNames):
        * dom/Node.cpp:
        (WebCore::Node::willBeDeletedFrom):
        (WebCore::Node::didMoveToNewDocument):
        (WebCore::tryAddEventListener):
        (WebCore::tryRemoveEventListener):
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderThumbElement::registerForTouchEvents):
        (WebCore::SliderThumbElement::unregisterForTouchEvents):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::registerAsTouchEventListenerForScrolling):
        (WebCore::RenderLayer::unregisterAsTouchEventListenerForScrolling):

2017-04-03  Youenn Fablet  <youenn@apple.com>

        captureStream is getting black frames with webgl canvas
        https://bugs.webkit.org/show_bug.cgi?id=170325

        Reviewed by Dean Jackson.

        Test: fast/mediastream/captureStream/canvas3d.html

        Changing the webgl context to save buffers in case the canvas is captured.
        Adding a canvas changed notification in case of clear.
        In the future, we might want to change this notification and do it when endPaint or similar is called.

        Adding an Internals API to grab the RGBA equivalent of the next track frame.
        For that purpose, adding a bunch of WEBCORE_EXPORT.

        * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
        (WebCore::CanvasCaptureMediaStreamTrack::Source::Source): Adding constraints support so that track settings
        getter actually transmits the width and height of the source.
        (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged): ensuring webgl canvas context keep their drawing buffer.
        * Modules/mediastream/MediaStreamTrack.h:
        * bindings/js/JSDOMGuardedObject.h:
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredPromise::resolve):
        (WebCore::DeferredPromise::reject):
        * dom/ActiveDOMCallback.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::captureStream):
        * html/ImageData.h:
        * html/ImageData.idl:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::clear): ensuring canvas observers get notified in case of clear calls.
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::WebGLRenderingContextBase::preserveDrawingBuffer): Added to allow canvas capture to update this property.
        * platform/MediaSample.h:
        (WebCore::MediaSample::getRGBAImageData): Added for internals API.
        * platform/graphics/avfoundation/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::getRGBAImageData):
        * platform/graphics/cv/PixelBufferConformerCV.cpp:
        (WebCore::PixelBufferConformerCV::convert): Helper routine for getRGBAImageData.
        * platform/graphics/cv/PixelBufferConformerCV.h:
        * platform/mediastream/RealtimeMediaSourceSettings.h:
        (WebCore::RealtimeMediaSourceSettings::setSupportedConstraints):
        (WebCore::RealtimeMediaSourceSettings::setSupportedConstraits): Deleted.
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::initializeSettings):
        * platform/mediastream/openwebrtc/RealtimeAudioSourceOwr.h:
        * platform/mediastream/openwebrtc/RealtimeVideoSourceOwr.h:
        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::MockRealtimeMediaSource::initializeSettings):
        * testing/Internals.cpp:
        (WebCore::Internals::grabNextMediaStreamTrackFrame):
        (WebCore::Internals::videoSampleAvailable):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-04-03  Per Arne Vollan  <pvollan@apple.com>

        Implement stroke-miterlimit.
        https://bugs.webkit.org/show_bug.cgi?id=169078

        Reviewed by Dean Jackson.

        Support stroke-miterlimit for text rendering, see https://drafts.fxtf.org/paint/.

        Tests: fast/css/stroke-miterlimit-default.html
               fast/css/stroke-miterlimit-large.html
               fast/css/stroke-miterlimit-zero.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSProperties.json:
        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::svgPropertyValue):
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle):
        (WebCore::updateGraphicsContext):
        * rendering/TextPaintStyle.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::diff):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::strokeMiterLimit):
        (WebCore::RenderStyle::setStrokeMiterLimit):
        (WebCore::RenderStyle::initialStrokeMiterLimit):
        (WebCore::RenderStyle::setStrokeDashOffset):
        * rendering/style/RenderStyleConstants.cpp:
        * rendering/style/RenderStyleConstants.h:
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::SVGRenderStyle::diff):
        * rendering/style/SVGRenderStyle.h:
        (WebCore::SVGRenderStyle::initialStrokeDashArray):
        (WebCore::SVGRenderStyle::strokeDashArray):
        (WebCore::SVGRenderStyle::initialStrokeMiterLimit): Deleted.
        (WebCore::SVGRenderStyle::strokeMiterLimit): Deleted.
        (WebCore::SVGRenderStyle::setStrokeMiterLimit): Deleted.
        * rendering/style/SVGRenderStyleDefs.cpp:
        (WebCore::StyleStrokeData::StyleStrokeData):
        (WebCore::StyleStrokeData::operator==):
        * rendering/style/SVGRenderStyleDefs.h:
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::StyleRareInheritedData):
        (WebCore::StyleRareInheritedData::operator==):
        * rendering/style/StyleRareInheritedData.h:
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::hasSmoothStroke):
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::applyStrokeStyleToContext):
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):

2017-04-03  Alejandro G. Castro  <alex@igalia.com>

        [OWR] Fix class structure for the OWR mock classes after last modifications
        https://bugs.webkit.org/show_bug.cgi?id=170173

        Reviewed by Youenn Fablet.

        In case of OWR MockRealtimeMediaSource inherits from
        RealtimeMediaSourceOwr, so we have to change some of the function
        interfaces.

        * platform/mock/MockRealtimeMediaSource.h:

2017-04-02  Alexey Proskuryakov  <ap@apple.com>

        Build fix for
        Add missing text styles
        https://bugs.webkit.org/show_bug.cgi?id=170295

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::cachedSystemFontDescription):
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

2017-04-01  Zalan Bujtas  <zalan@apple.com>

        Long Arabic text in ContentEditable with css white-space=pre hangs Safari
        https://bugs.webkit.org/show_bug.cgi?id=170245

        Reviewed by Myles C. Maxfield.

        While searching for mid-word break, we measure the text by codepoints in a loop until the accumulated width > available width.
        When we see that the accumulated width for the individual codepoints overflows, we join the codepoints and re-measure them.
        These 2 widths could be considerably different for number of reasons (ligatures is a prime example). When we figure that
        the run still fits, we go back to the main loop (since we are not supposed to wrap the line here) and take the next codepoint.
        However this time we start the measurement from the last whitespace, so we end up remeasuring a potentially long chuck of text
        until we hit the wrapping point. This is way too expensive.
        This patch changes the logic so that we just go back to measuring individual codepoints until we hit the constrain again.  

        Covered by existing tests.

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleText): canUseSimpleFontCodePath() is just to mitigate the potential risk of regression and
        complex text is more likely to fall into this category. 

2017-04-01  Jon Lee  <jonlee@apple.com>

        Add missing text styles
        https://bugs.webkit.org/show_bug.cgi?id=170295
        rdar://problem/30219503

        Reviewed by Dean Jackson.

        Updated existing test to include new text styles.

        * css/CSSValueKeywords.in: Add title0 and title4.
        * platform/spi/cocoa/CoreTextSPI.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::cachedSystemFontDescription):
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

2017-04-01  Dan Bernstein  <mitz@apple.com>

        [iOS] <input type=file> label should be specified using plural rules
        https://bugs.webkit.org/show_bug.cgi?id=170388

        Reviewed by Alexey Proskuryakov.

        * English.lproj/Localizable.strings: Updated using update-webkit-localizable-strings.

        * English.lproj/Localizable.stringsdict: Added an entry for the new key "%lu photo(s) and
          %lu video(s)", with plural rules covering all the different combinations in English.
          Other localizations may specify additional combinations as needed.

2017-04-01  Alexey Proskuryakov  <ap@apple.com>

        Rolling back <https://trac.webkit.org/r214697>, as it made WebKit2.DataDetectionReferenceDate time out.

        Was REGRESSION (r202472): Data Detection overwrites existing links in detected ranges
        https://bugs.webkit.org/show_bug.cgi?id=170365

        * editing/cocoa/DataDetection.mm:
        (WebCore::searchForLinkRemovingExistingDDLinks):

2017-04-01  Chris Dumez  <cdumez@apple.com>

        We should pause silent WebAudio rendering in background tabs
        https://bugs.webkit.org/show_bug.cgi?id=170299
        <rdar://problem/31289132>

        Reviewed by Eric Carlson.

        We should pause silent WebAudio rendering in background tabs since it uses CPU and is
        not observable by the user. Such silent WebAudio rendering seems to be used by
        doubleclick ads.

        Test: webaudio/silent-audio-interrupted-in-background.html

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::lazyInitialize):
        (WebCore::AudioContext::uninitialize):
        Have AudioContext register / unregister itself with the Document to get
        visibility change notifications, similarly to what HTMLMediaElement was
        already doing.

        (WebCore::AudioContext::visibilityStateChanged):
        Begin / End session interruption whenever the page visiblity changes.

        * Modules/webaudio/AudioContext.h:
        * WebCore.xcodeproj/project.pbxproj:

        * dom/Document.cpp:
        (WebCore::Document::registerForVisibilityStateChangedCallbacks):
        (WebCore::Document::unregisterForVisibilityStateChangedCallbacks):
        (WebCore::Document::visibilityStateChanged):
        * dom/Document.h:
        * dom/Element.h:
        * dom/VisibilityChangeClient.h: Added.
        (WebCore::VisibilityChangeClient::~VisibilityChangeClient):
        * html/HTMLMediaElement.h:
        Introduce a new VisibilityChangeClient interface and have both AudioContext
        and HTMLMediaElement subclass it. Previously, the visibilityStateChanged()
        function was on Element but this prevented AudioContext from registering
        itself since AudioContext is not an Element.

2017-04-01  Dan Bernstein  <mitz@apple.com>

        [Cocoa] A couple of UI strings use three periods instead of an ellipsis
        https://bugs.webkit.org/show_bug.cgi?id=170386

        Reviewed by Tim Horton.

        * English.lproj/Localizable.strings: Updated using update-webkit-localizable-strings.

        * platform/LocalizedStrings.cpp:
        (WebCore::mediaElementLoadingStateText): Changed "Loading..." to "Loading…".

        * platform/cocoa/LocalizedStringsCocoa.mm:
        (WebCore::contextMenuItemTagStyles): Changed "Styles..." to "Styles…".

2017-04-01  Dan Bernstein  <mitz@apple.com>

        Localizable strings files are out of date
        https://bugs.webkit.org/show_bug.cgi?id=170383

        Reviewed by Tim Horton.

        Ran update-webkit-localizable-strings.

        * English.lproj/Localizable.strings:

2017-04-01  Dan Bernstein  <mitz@apple.com>

        [Xcode] In engineering builds, linker warns about libwebrtc.dylib’s install name being invalid
        https://bugs.webkit.org/show_bug.cgi?id=170385

        Reviewed by Tim Horton.

        * Configurations/DebugRelease.xcconfig: Set WK_RELOCATABLE_FRAMEWORKS to YES like we do
          in some other projects’ DebugRelease.xcconfig. Engineering builds are always relocatable.
        * Configurations/WebCore.xcconfig: When WebCore is relocatable, tell the linker that it’s
          not going to be in the shared cache, even if its install name implies that it might be.

2017-04-01  Alexey Proskuryakov  <ap@apple.com>

        Rolling back http://trac.webkit.org/r214663 - memory corruption

        * Modules/streams/ReadableByteStreamInternals.js:
        (cloneArrayBuffer):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
        * bindings/js/StructuredClone.cpp:
        (WebCore::structuredCloneArrayBuffer):
        (WebCore::cloneArrayBufferImpl): Deleted.
        (WebCore::cloneArrayBuffer): Deleted.
        * bindings/js/StructuredClone.h:
        * bindings/js/WebCoreBuiltinNames.h:
        * testing/Internals.cpp:
        (WebCore::markerTypeFrom):
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::isLoadingFromMemoryCache):
        (WebCore::Internals::setImageFrameDecodingDuration):
        (WebCore::deferredStyleRulesCountForList):
        (WebCore::deferredGroupRulesCountForList):
        (WebCore::deferredKeyframesRulesCountForList):
        (WebCore::Internals::eventThrottlingBehaviorOverride):
        (WebCore::Internals::enableMockSpeechSynthesizer):
        (WebCore::Internals::rangeForDictionaryLookupAtLocation):
        (WebCore::Internals::nodesFromRect):
        (WebCore::Internals::layerIDForElement):
        (WebCore::Internals::setElementUsesDisplayListDrawing):
        (WebCore::Internals::setElementTracksDisplayListReplay):
        (WebCore::Internals::styleRecalcCount):
        (WebCore::Internals::compositingUpdateCount):
        (WebCore::Internals::setCaptionDisplayMode):
        (WebCore::Internals::endMediaSessionInterruption):
        (WebCore::Internals::postRemoteControlCommand):
        (WebCore::appendOffsets):
        (WebCore::Internals::scrollSnapOffsets):
        (WebCore::Internals::setShowAllPlugins):
        (WebCore::Internals::cloneArrayBuffer): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2017-03-31  Zalan Bujtas  <zalan@apple.com>

        <table>: Including <caption>, <thead> or <tbody> causes clipping across page breaks
        https://bugs.webkit.org/show_bug.cgi?id=170348
        <rdar://problem/24727151>

        Reviewed by David Hyatt.

        1. In RenderFlowThread::offsetFromLogicalTopOfFirstRegion() we need to take table section offset into account (they are skipped
        during the containing block traversal).
        2. Trigger paginated relayout when body is moved vertically due to caption/thead etc.

        Test: fast/multicol/table-section-page-break.html

        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::offsetFromLogicalTopOfFirstRegion):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):

2017-03-31  Simon Fraser  <simon.fraser@apple.com>

        Rename DOMWindow's m_touchEventListenerCount to m_touchAndGestureEventListenerCount
        https://bugs.webkit.org/show_bug.cgi?id=170371

        Reviewed by Tim Horton.

        This count tracks touch and gesture event listeners, so name it appropriately.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):
        (WebCore::DOMWindow::removeEventListener):
        (WebCore::DOMWindow::removeAllEventListeners):
        * page/DOMWindow.h:

2017-03-31  Simon Fraser  <simon.fraser@apple.com>

        When destroying a Node, assert that it's been removed from all the touch handler maps
        https://bugs.webkit.org/show_bug.cgi?id=170363
        rdar://problem/31377469

        Reviewed by Tim Horton.

        Assert that the Node has been removed from the touch handler maps in all documents on destruction.

        * dom/Document.h:
        (WebCore::Document::hasTouchEventHandlers):
        (WebCore::Document::touchEventTargetsContain):
        * dom/Node.cpp:
        (WebCore::Node::~Node):

2017-03-31  Alexey Proskuryakov  <ap@apple.com>

        Rolling back https://trac.webkit.org/r214689, as it caused many crashes.

        Was:
        Fix memory leak in CreateSessionDescriptionObserver::OnSuccess
        https://bugs.webkit.org/show_bug.cgi?id=170357

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionSucceeded):

2017-03-31  Youenn Fablet  <youenn@apple.com>

        Fix memory leak in RealtimeVideoIncomingSource
        https://bugs.webkit.org/show_bug.cgi?id=170356

        Reviewed by Eric Carlson.

        No change of behavior.

        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::OnFrame): Adopting the newly created pointer.

2017-03-31  Andy Estes  <aestes@apple.com>

        REGRESSION (r202472): Data Detection overwrites existing links in detected ranges
        https://bugs.webkit.org/show_bug.cgi?id=170365
        <rdar://problem/29205721>

        Reviewed by Tim Horton.

        r202472 changed the node traversal in searchForLinkRemovingExistingDDLinks() to only
        consider nodes that are descendants of startNode, but we need to traverse all nodes between
        startNode and endNode to find existing non-DD links.

        As a result, we'd add a Data Detector link to the following snippet and make the original
        links un-clickable:

            <a href='#'>tomorrow</a> <a href='#'>night</a>

        Fix this by not specifying a stayWithin node when calling NodeTraversal::next(). The loop
        will terminate when we reach endNode.

        Updated WebKit2.DataDetectionReferenceDate API test.

        * editing/cocoa/DataDetection.mm:
        (WebCore::searchForLinkRemovingExistingDDLinks):

2017-03-31  Eric Carlson  <eric.carlson@apple.com>

        Incoming video source doesn't propogate frame rotation
        https://bugs.webkit.org/show_bug.cgi?id=170364

        Reviewed by Youenn Fablet.

        No new tests, the mock video source doesn't support rotation. Test will be added when
        this is fixed in https://bugs.webkit.org/show_bug.cgi?id=169822. The changes were 
        verified manually.

        * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
        (WebCore::RealtimeIncomingVideoSource::OnFrame): Convert frame rotation to sample
        orientation and swap width and height when necessary.
        (WebCore::RealtimeIncomingVideoSource::processNewSample):
        * platform/mediastream/mac/RealtimeIncomingVideoSource.h:

2017-03-31  Chris Dumez  <cdumez@apple.com>

        Possible null dereference under SourceBuffer::sourceBufferPrivateDidReceiveSample()
        https://bugs.webkit.org/show_bug.cgi?id=159639

        Reviewed by Eric Carlson.

        Add a null check for trackBuffer.description before dereferencing as it seems
        it can be null.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

2017-03-31  Youenn Fablet  <youenn@apple.com>

        Fix memory leak in CreateSessionDescriptionObserver::OnSuccess
        https://bugs.webkit.org/show_bug.cgi?id=170357

        Reviewed by Geoffrey Garen.

        No change of behavior.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createSessionDescriptionSucceeded): Adopting the raw pointer parameter.

2017-03-31  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] WebCore::PlatformDisplay::terminateEGLDisplay causes a crash in libGLESv2.dll while processing atexit
        https://bugs.webkit.org/show_bug.cgi?id=170331

        Reviewed by Michael Catanzaro.

        WebCore::PlatformDisplay uses atexit to destruct EGL displays
        while exiting process. But, when the atexit will be processed,
        heap of libGLESv2.dll would be already destructed and causing a
        crash on Windows. Do not use atexit for Windows.

        AppleWin port does not use PlatformDisplay. Thus, it does not have
        this bug.

        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::initializeEGLDisplay): Do not use atexit for Windows.
        (WebCore::PlatformDisplay::shutDownEglDisplays): Added.
        * platform/graphics/PlatformDisplay.h: Added a declaration of shutDownEglDisplays.

2017-03-31  Yoav Weiss  <yoav@yoav.ws>

        Remove PRELOAD_DEBUG related code.
        https://bugs.webkit.org/show_bug.cgi?id=170352

        Reviewed by Youenn Fablet.

        As the PRELOAD_DEBUG related code stopped building and it seems like no one noticed,
        it seems safe to assume that we can remove that code. This patch removes it.

        No new tests as there's no functional change.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::preload):
        (WebCore::CachedResourceLoader::clearPreloads):
        (WebCore::CachedResourceLoader::printPreloadStats): Deleted.

2017-03-31  Brady Eidson  <beidson@apple.com>

        Clean up the "StorageType" enum.
        https://bugs.webkit.org/show_bug.cgi?id=170349

        Reviewed by Tim Horton.

        - Make this `enum` into an `enum class`
        - Add a new type specific for "transient local storage"

        No new tests (No behavior change).

        * WebCore.xcodeproj/project.pbxproj:
        
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::didDispatchDOMStorageEvent):
        
        * inspector/InspectorInstrumentation.h:
        
        * loader/EmptyClients.cpp:
        
        * storage/Storage.cpp:
        (WebCore::Storage::isDisabledByPrivateBrowsing):
        
        * storage/StorageArea.h:
        (): Deleted.
        
        * storage/StorageEventDispatcher.cpp:
        (WebCore::StorageEventDispatcher::dispatchSessionStorageEventsToFrames):
        (WebCore::StorageEventDispatcher::dispatchLocalStorageEventsToFrames):
        
        * storage/StorageType.h:
        (WebCore::isLocalStorage):

2017-03-31  Chris Dumez  <cdumez@apple.com>

        Unreviewed, Mark "HTML interactive form validation" as done.

        It is shipping in Safari 10.1.
 
        * features.json:

2017-03-31  Csaba Osztrogonác  <ossy@webkit.org>

        Mac cmake buildfix after r214666
        https://bugs.webkit.org/show_bug.cgi?id=170342

        Unreviewed buildfix.

        * PlatformMac.cmake:
        * testing/MockPreviewLoaderClient.h:

2017-03-31  Sam Weinig  <sam@webkit.org>

        Remove unneeded custom constructors include.

        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/ios: Removed.
        * bindings/js/ios/TouchConstructors.cpp: Removed.

2017-03-31  John Wilander  <wilander@apple.com>

        Resource Load Statistics: Check if the store exists before clearing it
        https://bugs.webkit.org/show_bug.cgi?id=170324
        <rdar://problem/31258505>

        Reviewed by Brent Fulgham.

        No new tests. Added a null check.

        * loader/ResourceLoadObserver.cpp:
        (WebCore::ResourceLoadObserver::clearInMemoryAndPersistentStore):
            Added a null check.

2017-03-31  Romain Bellessort  <romain.bellessort@crf.canon.fr>

        [Readable Streams API] Implement cloneArrayBuffer in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=170008

        Reviewed by Youenn Fablet.

        Implemented cloneArrayBuffer based on existing structuredCloneArrayBuffer
        implementation. The code has been factorized so that both cloneArrayBuffer
        and structuredCloneArrayBuffer rely on the same code (which is basically
        the previous implementation of structuredCloneArrayBuffer + the ability
        to clone only a part of considered buffer).

        Added test to check cloneArrayBuffer behaviour.

        * Modules/streams/ReadableByteStreamInternals.js: Deleted cloneArrayBuffer JS implementation.
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Add cloneArrayBuffer private declaration.
        * bindings/js/StructuredClone.cpp:
        (WebCore::cloneArrayBufferImpl): Added (mostly based on previous structuredCloneArrayBuffer).
        (WebCore::cloneArrayBuffer): Added.
        (WebCore::structuredCloneArrayBuffer): Updated.
        * bindings/js/StructuredClone.h: Added cloneArrayBuffer declaration.
        * bindings/js/WebCoreBuiltinNames.h: Added cloneArrayBuffer declaration.
        * testing/Internals.cpp: Added support for testing cloneArrayBuffer.
        * testing/Internals.h: Added support for testing cloneArrayBuffer.
        * testing/Internals.idl: Added support for testing cloneArrayBuffer.

2017-03-31  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409
        <rdar://problem/30799198>

        Unreviewed. Yet more logging to determine under what circumstance ScriptedAnimationController gets suspended.

        * dom/Document.cpp:
        (WebCore::Document::requestAnimationFrame):

2017-03-30  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed GTK+ build fix. Add missing ANGLE build targets
        to the build.

        * CMakeLists.txt:

2017-03-30  Simon Fraser  <simon.fraser@apple.com>

        Ensure that Node::willBeDeletedFrom() always removes touch event handlers from the document
        https://bugs.webkit.org/show_bug.cgi?id=170323
        rdar://problem/23647630

        Reviewed by Chris Dumez.

        There are two instances where nodes are registered as touch event handlers without
        having normal touch event listeners: slider thumb elements, and elements with overflow scrolling,
        on iOS.

        For such nodes, hasEventTargetData() will be false, but we want to ensure
        that they are removed from the Document's touchEventHandler set, so move the
        call to document.removeTouchEventHandler() outside of the conditional block.

        This should be cheap in most cases when the touchEventHandler is empty.

        * dom/Node.cpp:
        (WebCore::Node::willBeDeletedFrom):

2017-03-30  Simon Fraser  <simon.fraser@apple.com>

        Minor cleanup checking for gesture event names
        https://bugs.webkit.org/show_bug.cgi?id=170319

        Reviewed by Tim Horton.

        Just use isGestureEventType() in a couple of places.

        * dom/Node.cpp:
        (WebCore::tryAddEventListener):
        (WebCore::tryRemoveEventListener):

2017-03-30  Simon Fraser  <simon.fraser@apple.com>

        Rename a touch event function, and new touch region test results
        https://bugs.webkit.org/show_bug.cgi?id=170309
        rdar://problem/31329520

        Reviewed by Chris Dumez.

        Adapt to a naming change in WebKitAdditions.

        * dom/Document.cpp:
        (WebCore::Document::removeAllEventListeners):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):
        (WebCore::RenderLayer::calculateClipRects):

2017-03-30  Matt Rajca  <mrajca@apple.com>

        YouTube sometimes does not respect "user gesture" restriction for videos.
        https://bugs.webkit.org/show_bug.cgi?id=170297

        I discovered a code path that does not honor the "user gesture" requirement and playback is able to begin
        even though we have a restriction in place. When using Media Source Extensions, which YouTube does, we transition
        from a "Have Metadata" to a "Future Data" state that causes playback to begin, however, we never check
        if we have a playback restriction in place.

        Reviewed by Eric Carlson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setReadyState):

2017-03-30  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION (r213764): Background image from sprite sheet incorrectly scaled
        https://bugs.webkit.org/show_bug.cgi?id=169547

        Reviewed by Simon Fraser.

        The bug happens when drawing only a rectangle of an image not the whole
        image. In BitmapImage::draw(), sizeForDrawing was calculated as the destRect
        scaled by the transformation which is applied to the GraphicsContext. Two
        problems with this approach. The first one is destRect can be only part of
        the image. The second problem is, the ratio destRect / srcRect is another
        scaling that needs to be considered.

        To fix this issue, first the base size has to be size of the image and not
        destRect.size(). Secondly, we need to scale this base size with the context
        transformation multiplied by the ratio destRect / srcRect. This scaling is
        exactly the same scaling which is calculated in subsamplingScale(). Finally
        we use this scaled size as the sizeForDrawing to send to the ImageDecoder.

        Test: fast/images/sprite-sheet-image-draw.html

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::draw): Fix the bug.
        (WebCore::BitmapImage::stopAnimation): Stops the async image decoding for animated images only.
        The decoding for large images will be stopped when BitmapImage::newFrameNativeImageAvailableAtIndex()
        is called and the decoding queue is idle.
        (WebCore::BitmapImage::newFrameNativeImageAvailableAtIndex): Add image logging.
        * platform/graphics/BitmapImage.h: Move sourceURL() to the Image class.
        * platform/graphics/GraphicsContext.cpp: Pass imagePaintingOptions.m_decodingMode to Image::drawTiled().
        (WebCore::GraphicsContext::drawTiledImage): Pass imagePaintingOptions.m_decodingMode) to Image::drawTiled().
        * platform/graphics/Image.cpp:
        (WebCore::Image::sourceURL): Moved from BitmapImage.
        (WebCore::Image::drawTiled): Add a DecodingMode argument instead of calling always with DecodingMode::Synchronous.
        * platform/graphics/Image.h:
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): Add image logging.
        (WebCore::ImageFrameCache::startAsyncDecodingQueue): Ditto,
        (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Ditto.
        (WebCore::ImageFrameCache::stopAsyncDecodingQueue): Ditto.
        (WebCore::ImageFrameCache::sourceURL): A helper function to avoid checking the value of m_image.
        * platform/graphics/ImageFrameCache.h:
        * platform/graphics/NativeImage.h: Rename subsamplingScale() to nativeImageDrawingScale() and return image scaling instead.
        * platform/graphics/cairo/NativeImageCairo.cpp:
        (WebCore::nativeImageDrawingScale): Ditto.
        (WebCore::subsamplingScale): Deleted.
        * platform/graphics/cg/NativeImageCG.cpp:
        (WebCore::nativeImageDrawingScale): Ditto.
        (WebCore::subsamplingScale): Deleted.
        * platform/graphics/win/NativeImageDirect2D.cpp:
        (WebCore::nativeImageDrawingScale): Ditto.
        (WebCore::subsamplingScale): Deleted.

2017-03-30  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Assertion failure in InspectorStyleProperty::setRawTextFromStyleDeclaration
        https://bugs.webkit.org/show_bug.cgi?id=170279
        <rdar://problem/30200492>

        Reviewed by David Hyatt.

        The SourceRange for a CSSPropertySourceData should be relative to the start
        of the declaration body, not the start of the StyleSheetHandler’s parsed
        text. This only affected the ranges of unparsed (parsedOK == false) properties
        lacking a trailing semi-colon.

        This patch doesn't change the behavior of InspectorStyleSheet other than
        silencing an irksome assert, as String::substring does a safety check on
        the passed in length.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::fixUnparsedProperties):

2017-03-30  Youenn Fablet  <youenn@apple.com> and Jon Lee <jonlee@apple.com>

        Clean up RTCDataChannel
        https://bugs.webkit.org/show_bug.cgi?id=169732

        Reviewed by Chris Dumez.

        Test: webrtc/datachannel/datachannel-event.html
              webrtc/datachannel/bufferedAmountLowThreshold.html

        Making RTCDataChannel interface closer to the spec updating implementation accordingly.
        See https://w3c.github.io/webrtc-pc/#rtcdatachannel.
        In particular adding RTCDataChannelEvent constructor, and missing bufferedAmount related attributes.
        Doing some additional cleaning refactoring.

        Making bufferedAmountIsDecreasing take a bufferedAmount argument so that we get the actual value passed by
        libwebrtc without needing to get it from the libwebrtc network thread again.
        In the future, we should store the bufferedAmount value in RTCDataChannel and update its value on each libwebrtc
        OnBufferedAmountChange. Special treatment may be needed when the data channel is closed, in which case the bufferedAmount should just be
        updated to increase in the send method.

        Added some FIXMEs as RTCDataChannel is not aligned with the spec related to send and bufferedAmount.

        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::send):
        (WebCore::RTCDataChannel::close):
        (WebCore::RTCDataChannel::didChangeReadyState):
        (WebCore::RTCDataChannel::bufferedAmountIsDecreasing):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCDataChannel.idl:
        * Modules/mediastream/RTCDataChannelEvent.cpp:
        (WebCore::RTCDataChannelEvent::create):
        (WebCore::RTCDataChannelEvent::RTCDataChannelEvent):
        (WebCore::RTCDataChannelEvent::channel):
        * Modules/mediastream/RTCDataChannelEvent.h:
        * Modules/mediastream/RTCDataChannelEvent.idl:
        * Modules/mediastream/RTCPeerConnection.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp:
        (WebCore::LibWebRTCDataChannelHandler::OnStateChange):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::addDataChannel):
        * WebCore.xcodeproj/project.pbxproj:
        * dom/EventNames.h:
        * platform/mediastream/RTCDataChannelHandler.h:
        * platform/mediastream/RTCDataChannelHandlerClient.h:
        * platform/mediastream/RTCDataChannelState.h: Added.
        * platform/mediastream/RTCPeerConnectionHandlerClient.h:
        * platform/mock/RTCDataChannelHandlerMock.cpp:
        (WebCore::RTCDataChannelHandlerMock::setClient):
        (WebCore::RTCDataChannelHandlerMock::close):
        * platform/mock/RTCNotifiersMock.cpp:
        (WebCore::IceConnectionNotifier::IceConnectionNotifier):
        (WebCore::SignalingStateNotifier::SignalingStateNotifier):
        (WebCore::DataChannelStateNotifier::DataChannelStateNotifier):
        * platform/mock/RTCNotifiersMock.h:

2017-03-30  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Adapt content-alignment properties to the new baseline syntax
        https://bugs.webkit.org/show_bug.cgi?id=170262

        Reviewed by David Hyatt.

        The baseline-position syntax has changed recently, so we need to update
        the CSS properties using the old syntax. This patch address only the
        content-alignment (align-content and justify-content).

        I used this patch to adapt the implementation of the parsing logic for
        these properties to the new Blink's CSS Parsing Design.

        The new baseline syntax is "[first | last ]? baseline" which implies
        modifying the parsing and computed value logic.

        There are several layout tests affected by this change, so I'll update
        them accordingly.

        No new tests, just added/modified some cases to the tests we
        already have using the new baseline values.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForContentPositionAndDistributionWithOverflowAlignment):
        * css/CSSContentDistributionValue.cpp:
        (WebCore::CSSContentDistributionValue::customCSSText):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator ItemPosition):
        (WebCore::CSSPrimitiveValue::operator ContentPosition):
        * css/CSSValueKeywords.in:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::isBaselineKeyword):
        (WebCore::consumeBaselineKeyword):
        (WebCore::consumeContentDistributionOverflowPosition):
        (WebCore::consumeSelfPositionOverflowPosition):

2017-03-30  James Craig  <jcraig@apple.com>

        AX: Expose a new AXSubrole for explicit ARIA "group" role
        https://bugs.webkit.org/show_bug.cgi?id=169810
        <rdar://problem/31039693>

        Reviewed by Chris Fleizach.

        Split GroupRole into generics (GroupRole) and explicit groups 
        (ApplicationGroupRole) so we can expose a subrole on the explicit 
        groups. Account for the change in ARIA Tree and Menu hierachies. 
        Update the computedRoleValue for WebKit Inspector usage, too.

        Updated existing tests.

        Test: accessibility/list-detection2.html:
        Test: accessibility/roles-computedRoleString.html:
        Test: inspector/dom/getAccessibilityPropertiesForNode.html:
        Test: inspector/dom/highlightFrame.html:
        Test: inspector/dom/highlightSelector.html:

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::helpText):
        (WebCore::AccessibilityNodeObject::hierarchicalLevel):
        (WebCore::AccessibilityNodeObject::remapAriaRoleDueToParent):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::accessibleNameDerivesFromContent):
        (WebCore::AccessibilityObject::ariaTreeItemContent):
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::computedRoleString):
        * accessibility/AccessibilityObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):

2017-03-30  Chris Dumez  <cdumez@apple.com>

        We are spending a lot of time bzero'ing AudioChannel buffers on uni-watch.com
        https://bugs.webkit.org/show_bug.cgi?id=170288
        <rdar://problem/31289132>

        Reviewed by Eric Carlson.

        We are spending a lot of time bzero'ing AudioChannel buffers on uni-watch.com due
        to doubleclick ads using WebAudio with a 0-gain GainNode. We should optimize the
        0-gain case as much as possible.

        No new tests, only an optimization.

        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::processIfNecessary):
        Drop call to unsilenceOutputs() before calling AudioNode::process(). The AudioChannel
        API already takes care of clearing its 'silent' flag whenever its buffer changes so
        there should be no need to explicitly clearing the 'silent' flag before calling
        process(). This was causing us to zero out buffers that were already filled with
        zeros because AudioChannel::zero() would no longer return early, not knowing the
        channel is already silent. This reduces the number of bzero() calls by ~3.5x on
        uni-watch.com (from 100 calls every ~20ms to 100 calls every ~70ms.

        * Modules/webaudio/AudioNode.h:
        * platform/audio/mac/AudioDestinationMac.cpp:
        (WebCore::AudioDestinationMac::render):
        Avoid clamping the values in the channel buffer if the channel is silent since this
        will have no effect (given that the buffer only contains zeros).

2017-03-30  Eric Carlson  <eric.carlson@apple.com>

        [Crash] WebCore::AudioBuffer::AudioBuffer don't checking illegal value
        https://bugs.webkit.org/show_bug.cgi?id=169956

        Reviewed by Youenn Fablet.

        Test: webaudio/audiobuffer-crash.html

        * Modules/webaudio/AudioBuffer.cpp:
        (WebCore::AudioBuffer::AudioBuffer): Invalidate the object and return early if the channel 
        array allocation fails.
        (WebCore::AudioBuffer::AudioBuffer): Ditto.
        (WebCore::AudioBuffer::invalidate): Invalidate the object.
        * Modules/webaudio/AudioBuffer.h:

2017-03-30  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409
        <rdar://problem/30799198>

        Unreview. Print the backtrace when we suspend scripted animations.

        * page/Page.cpp:
        (WebCore::Page::suspendScriptedAnimations):

2017-03-30  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409
        <rdar://problem/30799198>

        Unreview. Pring the backtrace when we suspend ScriptedAnimationController.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):

2017-03-30  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Invalid placard icon is not visible for short video
        https://bugs.webkit.org/show_bug.cgi?id=170277
        <rdar://problem/31327955>

        Reviewed by Eric Carlson.

        Make the minimum dimension needed to display a placard icon configurable and let the
        invalid placard use a 50pt dimension. We also make a drive-by fix to reset "text-align"
        for media controls as having a "text-align: center" inherited value would mess up
        positioning of the placard icon and make it flush to the right of the placard.

        Test: media/modern-media-controls/invalid-placard/invalid-placard-constrained-metrics.html

        * Modules/modern-media-controls/controls/invalid-placard.js:
        (InvalidPlacard):
        * Modules/modern-media-controls/controls/media-controls.css:
        (.media-controls):
        * Modules/modern-media-controls/controls/placard.js:
        (Placard.prototype.layout):

2017-03-30  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Register missing algorithms in CryptoAlgorithmRegistry::platformRegisterAlgoritmhs()
        https://bugs.webkit.org/show_bug.cgi?id=170273

        Reviewed by Michael Catanzaro.

        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp:
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        Add registerAlgorithm<> calls for AES_CFB, AES_GCM, ECDH and
        PBKDF2 algorithms.

2017-03-30  Brent Fulgham  <bfulgham@apple.com>

        Remove unused MediaControlsApple implementation
        https://bugs.webkit.org/show_bug.cgi?id=170258
        <rdar://problem/31331056>

        Reviewed by Eric Carlson.

        Remove dead code related to old media controls. We switched to HTML5-based media controls
        several years ago.

        No new tests. Removing this dead code should have no change in behavior.

        * WebCore.xcodeproj/project.pbxproj: Remove unused files.
        * dom/EventListener.h: Remove unused event type.
        * html/shadow/MediaControlsApple.cpp: Removed.
        * html/shadow/MediaControlsApple.h: Removed.

2017-03-30  Fujii Hironori  <Hironori.Fujii@sony.com>

        [WinCairo] ImageCairoWin.cpp: error C2660: 'WebCore::BitmapImage::draw': function does not take 6 arguments
        https://bugs.webkit.org/show_bug.cgi?id=170275

        Reviewed by Said Abou-Hallawa.

        Apply the similar change of ImageCGWin.cpp of r214450 to ImageCairoWin.cpp.

        * platform/graphics/win/ImageCairoWin.cpp:
        (WebCore::BitmapImage::getHBITMAPOfSize): Pass DecodingMode::Synchronous to Image::draw().
        (WebCore::BitmapImage::drawFrameMatchingSourceSize): Ditto.

2017-03-27  Sergio Villar Senin  <svillar@igalia.com>

        [css-grid] Clamp the number of autorepeat tracks
        https://bugs.webkit.org/show_bug.cgi?id=170120

        Reviewed by Manuel Rego Casasnovas.

        As suggested by the specs we do clamp the maximum number of tracks per grid in order to
        minimize potential OOM situations. However we were not considering the case of the recently
        added auto repeat syntax. Abnormally huge values for the width/height on the grid container
        could lead to a number of auto repeat tracks higher than the maximum.

        A new API was added to Internals in order to test limits without having to create huge
        grids. This new API allows clients to set an arbitrary limit to the number of tracks. The
        addition of this new API forced us to add GridPosition.cpp to the project to define the
        global variable we use for testing. We took the chance to move part of the implementation
        from the header file to the source file.

        Last but not least, several new ASSERTs were added to Grid.cpp implementation to ensure that
        we do not surpass the grid track limits.

        Test: fast/css-grid-layout/grid-auto-repeat-huge-grid.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeGridTrackRepeatFunction):
        * rendering/Grid.cpp:
        (WebCore::Grid::ensureGridSize): Added ASSERT.
        (WebCore::Grid::setSmallestTracksStart): Ditto.
        (WebCore::Grid::setAutoRepeatTracks): Ditto.
        (WebCore::Grid::setAutoRepeatEmptyColumns): Ditto.
        (WebCore::Grid::setAutoRepeatEmptyRows): Ditto.
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::clampAutoRepeatTracks): New method.
        (WebCore::RenderGrid::placeItemsOnGrid): Clamp the number of auto repeat tracks before
        passing them to the Grid.
        * rendering/RenderGrid.h:
        * rendering/style/GridArea.h:
        (WebCore::GridSpan::GridSpan):
        * rendering/style/GridPosition.cpp: Added.
        (WebCore::GridPosition::setExplicitPosition):
        (WebCore::GridPosition::setAutoPosition):
        (WebCore::GridPosition::setSpanPosition):
        (WebCore::GridPosition::setNamedGridArea):
        (WebCore::GridPosition::integerPosition):
        (WebCore::GridPosition::namedGridLine):
        (WebCore::GridPosition::spanPosition):
        (WebCore::GridPosition::operator==):
        * rendering/style/GridPosition.h:
        (WebCore::GridPosition::shouldBeResolvedAgainstOppositePosition):
        (WebCore::GridPosition::max):
        (WebCore::GridPosition::min):
        (WebCore::GridPosition::setMaxPositionForTesting):
        (WebCore::GridPosition::setExplicitPosition): Deleted.
        (WebCore::GridPosition::setAutoPosition): Deleted.
        (WebCore::GridPosition::setSpanPosition): Deleted.
        (WebCore::GridPosition::setNamedGridArea): Deleted.
        (WebCore::GridPosition::integerPosition): Deleted.
        (WebCore::GridPosition::namedGridLine): Deleted.
        (WebCore::GridPosition::spanPosition): Deleted.
        (WebCore::GridPosition::operator==): Deleted.
        * rendering/style/GridPositionsResolver.cpp:
        (WebCore::GridPositionsResolver::explicitGridColumnCount):
        (WebCore::GridPositionsResolver::explicitGridRowCount):
        * testing/Internals.cpp:
        (WebCore::Internals::setGridMaxTracksLimit):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-03-29  Ryosuke Niwa  <rniwa@webkit.org>

        Disconnecting a HTMLObjectElement does not always unload its content document
        https://bugs.webkit.org/show_bug.cgi?id=169606

        Reviewed by Andy Estes.

        When removing a node, we first disconnect all subframes then update the focused element as we remove each child.
        However, when the removed element is a focused object element with a content document, removeFocusedNodeOfSubtree
        can update the style tree synchronously inside Document::setFocusedElement, and reload the document.

        Avoid this by instantiating a SubframeLoadingDisabler on the parent of the focused element.

        Test: fast/dom/removing-focused-object-element.html

        * dom/Document.cpp:
        (WebCore::Document::removeFocusedNodeOfSubtree):

2017-03-29  Myles C. Maxfield  <mmaxfield@apple.com>

        Migrate to kCTFontCSSWidthAttribute
        https://bugs.webkit.org/show_bug.cgi?id=170265

        Reviewed by Darin Adler.

        Previously, we were mapping from Core Text widths to CSS widths in WebKit.
        However, on some OSes, Core Text can directly tell us what the CSS width
        value is.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::getCSSAttribute):
        (WebCore::capabilitiesForFontDescriptor):
        * platform/spi/cocoa/CoreTextSPI.h:

2017-03-28  Simon Fraser  <simon.fraser@apple.com>

        Make it possible to dump touch event regions for testing
        https://bugs.webkit.org/show_bug.cgi?id=170209
        <rdar://problem/31309258>

        Reviewed by Tim Horton.

        Expose internals.touchEventRectsForEvent() and internals.passiveTouchEventListenerRects(), which
        fetch data via Page.

        Because the regions are normally updated on a timer, we have to force an eager update via Document::updateTouchEventRegions().

        Test: fast/events/touch/ios/touch-event-regions.html

        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects):
        (WebCore::Page::touchEventRectsForEvent):
        (WebCore::Page::passiveTouchEventListenerRects):
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::touchEventRectsForEvent):
        (WebCore::Internals::passiveTouchEventListenerRects):
        * testing/Internals.h:
        * testing/Internals.idl:

2017-03-29  Zalan Bujtas  <zalan@apple.com>

        RenderBlockFlow::addFloatsToNewParent should check if float is already added to the object list.
        https://bugs.webkit.org/show_bug.cgi?id=170259
        <rdar://problem/31300584>

        Reviewed by Simon Fraser.

        r210145 assumed that m_floatingObjects would simply ignore the floating box if it was already in the list.  

        Test: fast/block/float/placing-multiple-floats-crash.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::addFloatsToNewParent):

2017-03-29  Myles C. Maxfield  <mmaxfield@apple.com>

        Try to normalize variation ranges
        https://bugs.webkit.org/show_bug.cgi?id=170119

        Unreviewed.

        Addressing post-review comment.

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::isGXVariableFont):

2017-03-29  Myles C. Maxfield  <mmaxfield@apple.com>

        Try to normalize variation ranges
        https://bugs.webkit.org/show_bug.cgi?id=170119

        Reviewed by Simon Fraser.

        TrueType GX-style variation fonts use one particular scale for values on their
        weight/width/slope axes - usually the values lie between -1 and 1 on that scale.
        However, OpenType 1.8-style fonts use the CSS scale for values on these axes.
        For the purposes of font selection, these values need to lie on the same scale.
        However, when font selection is completed and the variation values are actually
        being applied to the fonts, values which lie on the font's actual scale need to
        be applied. This patch adds normalize*() and denormalize*() functions to perform
        both of these operations. 

        The conversion itself between the two scales isn't an exact mapping. Mapping
        slope is just a linear relationship with 0deg <=> 0 and 20deg <=> 1 (as per the
        CSS Fonts spec). Mapping widths is similar, it uses a 2-component piecewise
        linear relationship which includes the values given in the Microsoft OpenType
        spec for the OS/2 table's usWidthClass field. Weights are more difficult, so I
        plotted the CSS weights and the GX-style weights for every style of San
        Francisco, saw that the relationship appears to be linear, and ran a linear
        regression to compute the line equation.

        As for the actual discrimination of determining whether a font is a GX-style
        font or not, we can use the presence of the 'STAT' table. This table didn't
        exist when GX fonts were being created, and OpenType 1.8 variable fonts are
        required to have this table.

        Facebook uses the string ".SFNSText" in their @font-face blocks. This font is
        a variation font, but uses the GX-style values. Facebook asks us to create
        this font with a weight of 700, and because the values in the font are around
        1.0, we were erroneously thinking that the font wasn't bold, so we were then
        applying synthetic bold. This was causing text on facebook to look fuzzy and
        ugly.

        Test: fast/text/variations/font-selection-properties-expected.html

        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::isGXVariableFont):
        (WebCore::normalizeWeight):
        (WebCore::normalizeSlope):
        (WebCore::denormalizeWeight):
        (WebCore::denormalizeWidth):
        (WebCore::denormalizeSlope):
        (WebCore::normalizeWidth):
        (WebCore::preparePlatformFont): Instead of using FontSelectionValues for the
        intermediate values, we should use floats instead. This is because
        FontSelectionValues are fixed-point numbers with the denominator having 2 bits.
        When using this data type to represent values on the GX scale, which are usually
        between 0 and 1, you lose a lot of fidelity. Instead, our intermediate
        calculations should be done with floats, and converted to FontSelectionValues at
        the end when they are representative of values on the CSS scale.
        (WebCore::stretchFromCoreTextTraits):
        (WebCore::fontWeightFromCoreText):
        (WebCore::extractVariationBounds):
        (WebCore::variationCapabilitiesForFontDescriptor):
        (WebCore::capabilitiesForFontDescriptor):

2017-03-29  Saam Barati  <sbarati@apple.com>

        LinkBuffer and ExecutableAllocator shouldn't have anything to do with VM
        https://bugs.webkit.org/show_bug.cgi?id=170210

        Reviewed by Mark Lam.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::compileSelector):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):

2017-03-29  Javier Fernandez  <jfernandez@igalia.com>

        [css-align] Adapt self-alignment properties to the new baseline syntax
        https://bugs.webkit.org/show_bug.cgi?id=170235

        Reviewed by David Hyatt.

        The baseline-position syntax has changed recently, so we need to update
        the CSS properties using the old syntax. This patch address only the
        self-alignment (align-self and justify-self) and default-alignment
        (align-items and justify-items).

        The content-distribution properties (align-content and justify-content)
        will be updated in a follow up patch.

        The new baseline syntax is "[first | last ]? baseline" which implies
        modifying the parsing and computed value logic.

        There are several layout tests affected by this change, so I'll update
        them accordingly.

        No new tests, just added/modified some cases to the tests we already have using the new baseline values.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForItemPositionWithOverflowAlignment):
        * css/CSSValueKeywords.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSelfOrDefaultAlignmentData):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeBaselineKeyword):
        (WebCore::consumeSelfPositionOverflowPosition):

2017-03-29  Chris Dumez  <cdumez@apple.com>

        Animated SVG images are not paused in pages loaded in the background
        https://bugs.webkit.org/show_bug.cgi?id=170043
        <rdar://problem/31234412>

        Reviewed by Simon Fraser.

        Animated SVG images are not paused in pages loaded in the background. We rely
        on FrameView::isOffscreen() to stop images animations in background tab (See
        logic in RenderElement's shouldRepaintForImageAnimation()). This works fine
        if a tab is visble and then becomes hidden (i.e. by switching to another
        tab). However, in the case where the tab gets loaded while in the background
        (e.g. opening link in new background tab, or session restore), then the
        animations would not be paused, due to FrameView::isOffscreen() erroneously
        returning false in this case.

        Normally, the following chain of events happens:
        - Page is visible, we construct a main frame and its FrameView for loading
          the page. When a FrameView is constructed, we call FrameView::show() to
          make it visible. Then, if the page becomes non-visible, we call
          Page::setIsVisibleInternal(false) which calls FrameView::hide(). After
          that, FrameView::isOffscreen() correctly returns true because we properly
          called FrameView::hide().

        However, when doing a load while the Page is hidden, the following was
        happening:
        - Page is not visible, we call Page::setIsVisibleInternal(false) which tries
          to call FrameView::hide() for the main frame but it does not have a FrameView
          yet (because the load has not started). We start the load and end up creating
          a FrameView. The FrameView constructor was calling FrameView::show()
          unconditionally, thus making the FrameView think is visible, even though its
          page isn't. At this point, FrameView::isOffscreen() was returning false
          and animations would keep running, even though the page is not visible.

        To address the issue, we now call FrameView::show() in FrameView::create() only
        if the Page is actually visible, instead of calling it unconditionally. If the
        page ever becomes visible, Page::setIsVisibleInternal(true) will be called and
        it will take care of calling FrameView::show() then.

        Tests: svg/animations/animations-paused-in-background-page-iframe.html
               svg/animations/animations-paused-in-background-page.html

        * page/FrameView.cpp:
        (WebCore::FrameView::create):

2017-03-29  Wenson Hsieh  <wenson_hsieh@apple.com>

        Links with empty hrefs should not be drag sources
        https://bugs.webkit.org/show_bug.cgi?id=170241
        <rdar://problem/31305505>

        Reviewed by Tim Horton.

        The m_dragSouceAction member of DragController represents the drag source actions that are available to the
        document, rather than the available actions given the dragging element. Thus, it is not correct to only check
        that (m_dragSourceAction & DragSourceActionAttachment) before proceeding down the attachment dragging codepath.
        This should be additionally guarded with a check that the element being dragged is, in fact, an attachment
        element.

        New API test (see Tools/ChangeLog).

        * page/DragController.cpp:
        (WebCore::DragController::startDrag):

2017-03-29  Jeremy Jones  <jeremyj@apple.com>

        WebVideoFullscreenInterfaceAVKit needs a strong self ref before dispatching to the main thread.
        https://bugs.webkit.org/show_bug.cgi?id=170129

        Reviewed by David Kilzer.

        No new tests becuase no new behavior.

        Hold a strong reference to WebVideoFullscreenInterfaceAVKit when dispatching to the main thread.
        Make WebVideoFullscreenInterfaceAVKit safe to retain from non-main thread.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen):

2017-03-29  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Add a Handle<> class to help with GCrypt object lifetime control
        https://bugs.webkit.org/show_bug.cgi?id=170238

        Reviewed by Michael Catanzaro.

        The platform-specific CryptoAlgorithmHMAC implementation is modified
        to showcase the GCrypt::Handle<> use. HandleDeleter<gcry_mac_hd_t>
        is added accordingly.

        * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp:
        (WebCore::calculateSignature):

2017-03-29  Myles C. Maxfield  <mmaxfield@apple.com>

        Variation fonts: Make sure that feature detection and preprocessor macros are right
        https://bugs.webkit.org/show_bug.cgi?id=169518

        Reviewed by Simon Fraser.

        When I added variable fonts support, I made all OSes parse the newly accepted values,
        instead of just the OSes which support variable fonts.

        Test: fast/text/font-variations-feature-detection.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontStretch):
        (WebCore::consumeFontStyle):
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::divisibleBy100):
        (WebCore::CSSPropertyParserHelpers::consumeFontWeightNumber):

2017-03-29  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Controls bar may disappear while captions menu is visible (redux)
        https://bugs.webkit.org/show_bug.cgi?id=170239
        <rdar://problem/31320685>

        Reviewed by Dean Jackson.

        We did some work in webkit.org/b/168751 to prevent the controls bar from disappearing while the
        captions menu is visible. But there were two cases where the behavior was not as intended:

            1. the controls bar would hide upon exiting the video.
            2. clicking on the controls bar while the caption panel is up would hide the controls bar
               as well as the captions panel.

        Instead of determining that the "userInteractionEnabled" property being set to "false" is indicative
        of secondary UI, such as the tracks panel, being attached to the controls bar, we now have an
        explicit property to specify this. Now, when "hasSecondaryUIAttached" is "true", we prevent the
        controls bar from fading when exiting the media.

        Additionally, when dismissing the tracks panel, we check whether a mouse event lead to this and check
        if the mouse was positioned over the controls bar. If that is the case, we no longer hide the controls
        bar and only dismiss the tracks panel.

        Test: media/modern-media-controls/tracks-panel/tracks-panel-controls-bar-remains-visible-after-clicking-over-it.html

        * Modules/modern-media-controls/controls/controls-bar.js:
        (ControlsBar.prototype.set userInteractionEnabled):
        (ControlsBar.prototype.handleEvent):
        (ControlsBar.prototype._autoHideTimerFired):
        * Modules/modern-media-controls/controls/macos-media-controls.js:
        (MacOSMediaControls.prototype.showTracksPanel):
        (MacOSMediaControls.prototype.hideTracksPanel):

2017-03-29  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Volume slider is initially empty
        https://bugs.webkit.org/show_bug.cgi?id=170237
        <rdar://problem/31319077>

        Reviewed by Dean Jackson.

        Fixing fallout from https://bugs.webkit.org/show_bug.cgi?id=167935 where we changed the behavior
        of layout() to happen prior to a commit. In this one instance, we were overriding layout() to run
        after a commit, so we now override commit(). Otherwise, the <canvas> that we draw the volume slider
        into would have its "width" and "height" properties set after we drew, which would clear the <canvas>.

        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.commit):
        (Slider.prototype.layout): Deleted.

2017-03-29  Zan Dobersek  <zdobersek@igalia.com>

        [GCrypt] Move over empty GnuTLS-based SUBTLE_CRYPTO implementation files
        https://bugs.webkit.org/show_bug.cgi?id=170232

        Reviewed by Michael Catanzaro.

        Migrate the GnuTLS SUBTLE_CRYPTO implementation files to the gcrypt/
        directory. The implementation files themselves are no-op, so this is
        a simple move-and-rename operation that will enable proceeding with
        the libgcrypt-based implementation of SUBTLE_CRYPTO functionality.

        No change in behavior. The SUBTLE_CRYPTO feature should build as it
        did before, and the implementations are empty anyway.

        * PlatformGTK.cmake:
        * crypto/gcrypt/CryptoAlgorithmAES_CBCGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_CBCGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmAES_CFBGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_CFBGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmAES_GCMGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_GCMGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmAES_KWGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmECDHGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmECDHGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmPBKDF2GCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmPBKDF2GnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmRSAES_PKCS1_v1_5GCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmRSAES_PKCS1_v1_5GnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmRSASSA_PKCS1_v1_5GCrypt.cpp: This one already exists.
        * crypto/gcrypt/CryptoAlgorithmRSA_OAEPGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmRSA_OAEPGnuTLS.cpp.
        * crypto/gcrypt/CryptoAlgorithmRegistryGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoAlgorithmRegistryGnuTLS.cpp.
        * crypto/gcrypt/CryptoKeyECGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoKeyECGnuTLS.cpp.
        * crypto/gcrypt/CryptoKeyRSAGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/CryptoKeyRSAGnuTLS.cpp.
        * crypto/gcrypt/SerializedCryptoKeyWrapGCrypt.cpp: Renamed from Source/WebCore/crypto/gnutls/SerializedCryptoKeyWrapGnuTLS.cpp.
        * crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp: Removed.

2017-03-29  Zan Dobersek  <zdobersek@igalia.com>

        [GnuTLS] Remove unused CryptoDigestGnuTLS, CryptoAlgorithmHMACGnuTLS implementation files
        https://bugs.webkit.org/show_bug.cgi?id=170231

        Reviewed by Michael Catanzaro.

        * crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp: Removed. The GCrypt counterpart
        is already in use, and this file wasn't even being built.

2017-03-29  Youenn Fablet  <youenn@apple.com>

        Move DTMF WebRTC extension behind its own compile flag
        https://bugs.webkit.org/show_bug.cgi?id=170226

        Reviewed by Eric Carlson.

        Moving RTCDTMFSender and RTCDTMFToneChangeEvent behinf a WEB_RTC_DTMF compile flag.
        This compile flag is not set on any supported platform yet.
        Disabling related test and updated test expectations.

        * Modules/mediastream/RTCDTMFSender.cpp:
        * Modules/mediastream/RTCDTMFSender.h:
        * Modules/mediastream/RTCDTMFSender.idl:
        * Modules/mediastream/RTCDTMFToneChangeEvent.cpp:
        * Modules/mediastream/RTCDTMFToneChangeEvent.h:
        * Modules/mediastream/RTCDTMFToneChangeEvent.idl:
        * dom/EventNames.in:
        * dom/EventTargetFactory.in:
        * platform/mediastream/RTCDTMFSenderHandler.h:
        * platform/mediastream/RTCDTMFSenderHandlerClient.h:

2017-03-29  Antoine Quint  <graouts@apple.com>

        [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
        https://bugs.webkit.org/show_bug.cgi?id=168409
        <rdar://problem/30799198>

        Reviewed by Dean Jackson.

        Add a new internals setting to opt into ScriptedAnimationController logging through DOM events dispatched
        through the document. This should allow this flaky test to get information as to why the frame isn't
        firing when it times out.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::suspend):
        (WebCore::ScriptedAnimationController::resume):
        (WebCore::ScriptedAnimationController::addThrottlingReason):
        (WebCore::ScriptedAnimationController::removeThrottlingReason):
        (WebCore::ScriptedAnimationController::registerCallback):
        (WebCore::ScriptedAnimationController::cancelCallback):
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::dispatchLoggingEventIfRequired):
        * dom/ScriptedAnimationController.h:
        * page/Settings.in:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::shouldDispatchRequestAnimationFrameEvents):
        (WebCore::InternalSettings::setShouldDispatchRequestAnimationFrameEvents):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2017-03-28  Youenn Fablet  <youenn@apple.com>

        [WebRTC] After r214441 addIceCandidate no longer accepts an RTCIceCandidateInit dictionary
        https://bugs.webkit.org/show_bug.cgi?id=170192

        Reviewed by Jon Lee.

        Covered by updated tests.

        * Modules/mediastream/RTCIceCandidate.idl: Candidate is no longer a required field in RTCIceCandidateInit.
        * Modules/mediastream/RTCPeerConnectionInternals.js: Reworking defaultsToNull to handle both undefined and null cases.

2017-03-28  Youenn Fablet  <youenn@apple.com>

        LibWebRTCProvider should allow setting encoder and decoder factories
        https://bugs.webkit.org/show_bug.cgi?id=170212

        Reviewed by Eric Carlson.

        No change of behavior.
        Adding the ability to set encoder/decoder libwebrtc factory getters.
        Setting default cocoa factory getters.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::staticFactoryAndThreads):
        (WebCore::initializePeerConnectionFactoryAndThreads):
        (WebCore::LibWebRTCProvider::setDecoderFactoryGetter):
        (WebCore::LibWebRTCProvider::setEncoderFactoryGetter):
        (WebCore::LibWebRTCProvider::setPeerConnectionFactory):
        * platform/mediastream/libwebrtc/LibWebRTCProvider.h:

2017-03-27  Brent Fulgham  <bfulgham@apple.com>

        Only attach Attributes to a given element one time
        https://bugs.webkit.org/show_bug.cgi?id=170125
        <rdar://problem/31279676>

        Reviewed by Chris Dumez.

        Attach the attribute node to the Element before calling 'setAttributeInternal', since that method may cause
        arbitrary JavaScript events to fire. 

        Test: fast/dom/Attr/only-attach-attr-once.html

        * dom/Element.cpp:
        (WebCore::Element::attachAttributeNodeIfNeeded): Added.
        (WebCore::Element::setAttributeNode): Use new method. Revise to attach attribute before calling 'setAttributeInternal'. 
        (WebCore::Element::setAttributeNodeNS): Ditto.
        * dom/Element.h:

2017-03-28  Youenn Fablet  <youenn@apple.com>

        Stop RTCDataChannel when closing page
        https://bugs.webkit.org/show_bug.cgi?id=170166

        Reviewed by Eric Carlson.

        Test: webrtc/datachannel/datachannel-gc.html

        Making RTCDataChannel an ActiveDOMObject.
        Closing the data channel backend and freeing upon close and stop.

        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::create):
        (WebCore::RTCDataChannel::RTCDataChannel):
        (WebCore::RTCDataChannel::close):
        (WebCore::RTCDataChannel::stop):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCDataChannel.idl:
        * Modules/mediastream/RTCPeerConnection.h:

2017-03-28  Myles C. Maxfield  <mmaxfield@apple.com>

        Ranges for variation font properties are not enforced
        https://bugs.webkit.org/show_bug.cgi?id=169979

        Reviewed by David Hyatt.

        The spec specifies that:
        - Font weights less than or equal to 0, or greater than or equal to 1000 are parse errors
        - Font stretch values less than or equal to 0% are parse errors
        - Font style values less than or equal to -90deg or greater than or equal to 90deg are parse errors

        Test: fast/text/variations/out-of-bounds-selection-properties.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontWeightRange):
        (WebCore::fontStretchIsWithinRange):
        (WebCore::consumeFontStretch):
        (WebCore::consumeFontStretchRange):
        (WebCore::fontStyleIsWithinRange):
        (WebCore::consumeFontStyle):
        (WebCore::consumeFontStyleRange):

2017-03-28  Andy Estes  <aestes@apple.com>

        [iOS] Crash in -[WebPreviewLoader failed] when running http/tests/multipart/policy-ignore-crash.php
        https://bugs.webkit.org/show_bug.cgi?id=170197
        <rdar://problem/30314067>

        Reviewed by Brady Eidson.

        If QuickLook conversion fails, we call ResourceLoader::didFail() with the NSError from
        QuickLook, which will call back into PreviewLoader::didFail(). We only care about network
        failures in PreviewLoader, not conversion failures, so check if
        m_finishedLoadingDataIntoConverter is set before continuing (like we do in
        PreviewLoader::didFinishLoading()).

        Fixes crash in http/tests/multipart/policy-ignore-crash.php.

        * loader/ios/PreviewLoader.mm:
        (WebCore::PreviewLoader::didFail):

2017-03-28  Chris Dumez  <cdumez@apple.com>

        Audio indicator is visible on uni-watch.com but there is no audible audio
        https://bugs.webkit.org/show_bug.cgi?id=170200
        <rdar://problem/31289132>

        Reviewed by Eric Carlson.

        Cherry-pick the following patch from Blink by <rtoy@chromium.org>:
        - https://chromium.googlesource.com/chromium/src.git/+/439de5bb2a31384666db1a0e2dadb2b97d2f3ce4

        When the gain of a GainNode is 0 or 1, the operation of the node can
        be optimized.  When gain = 1, just copy the input to the output.  When
        gain = 0; just zero out the output.  Currently, the input is
        multiplied by the gain to produce the output.  This just optimizes the
        multiplication away for the two special cases.

        Also, have the GainNode set the silence hint if the gain is 0.

        And fix a bug in processIfNecessary when unsilenceOutputs was causing the
        silence hint to be cleared after the node's process method was finished
        and may have set the silence hint.  The processing should come after
        unsilenceOutputs to preserve any hints from processing the node.

        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::processIfNecessary):
        * Modules/webaudio/GainNode.cpp:
        (WebCore::GainNode::process):
        * platform/audio/AudioBus.cpp:
        (WebCore::AudioBus::copyWithGainFrom):

2017-03-28  Chris Dumez  <cdumez@apple.com>

        Animated SVG images are not paused when outside viewport
        https://bugs.webkit.org/show_bug.cgi?id=170155
        <rdar://problem/31288893>

        Reviewed by Antti Koivisto.

        Make sure animated SVG images get paused when outside the viewport,
        similarly to what was already done for animated GIF images. Also
        make sure they are paused when they no longer have any renderers
        using them.

        Tests: svg/animations/animated-svg-image-outside-viewport-paused.html
               svg/animations/animated-svg-image-removed-from-document-paused.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didAddClient):
        Restart the animation whenever a new CachedImage client is added. This
        will cause us the re-evaluate if the animation should run. The animation
        will pause again if the new renderer is not inside the viewport.

        (WebCore::CachedImage::animationAdvanced):
        Add a flag to newImageAnimationFrameAvailable() so that the renderers can
        let us know if we can pause the animation. Pause the animation if all no
        renderer requires it (i.e. they are all outside the viewport, or there
        are no renderers).

        * loader/cache/CachedImageClient.h:
        (WebCore::CachedImageClient::newImageAnimationFrameAvailable):
        By default, the CachedImageClients allow pausing. Only renderer will
        potentially prevent pausing if they are inside the viewport.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::isAnimating):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::isAnimating):
        Add isAnimating() flag on Image for layout testing purposes.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::newImageAnimationFrameAvailable):
        Set canPause flag to true if the renderer is not inside the viewport.

        (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):
        Call startAnimation() if the renderer is now visible to resume SVG
        animations. Repainting is enough for GIF animations but not for SVG
        animations, we have to explicitly resume them.

        * rendering/RenderElement.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::addRendererWithPausedImageAnimations):
        (WebCore::RenderView::removeRendererWithPausedImageAnimations):
        (WebCore::RenderView::resumePausedImageAnimationsIfNeeded):
        * rendering/RenderView.h:
        Store CachedImages with the renderers that have paused animations.
        This is required for SVG where we need to explicitly resume the
        animation on the CachedImage when the renderer becomes visible
        again. Having access to the Image will also allow us to do smarter
        visibility checks in RenderElement's shouldRepaintForImageAnimation(),
        in the future.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::hasActiveAnimation):
        * svg/SVGSVGElement.h:
        Add hasActiveAnimation() method.

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::startAnimation):
        Check that animations are paused before starting them. This avoid
        jumping due to unnecessary calls to rootElement->setCurrentTime(0).

        (WebCore::SVGImage::isAnimating):
        Add isAnimating() method for layout tests purposes.

        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageClients.h:
        Call animationAdvanced() on the observer instead of the generic
        changedInRect() when the SVGImage is animating. This way, we go
        through the same code path as GIF animations and we end up calling
        CachedImage::animationAdvanced() which calls newImageAnimationFrameAvailable()
        on RenderElement, which determines if the animation should keep
        running or not.

        * testing/Internals.cpp:
        (WebCore::Internals::isImageAnimating):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add layout testing infrastructure.

2017-03-28  Antti Koivisto  <antti@apple.com>

        Missing render tree position invalidation when tearing down renderers for display:contents subtree
        https://bugs.webkit.org/show_bug.cgi?id=170199
        <rdar://problem/31260856>

        Reviewed by Zalan Bujtas.

        Test: fast/shadow-dom/slot-renderer-teardown.html

        * style/RenderTreeUpdater.cpp:
        (WebCore::RenderTreeUpdater::updateElementRenderer):

            Invalidate the render tree position in case we do a teardown for an element without renderer.

2017-03-28  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214485.

        This change caused LayoutTest crashes.

        Reverted changeset:

        "Stop RTCDataChannel when closing page"
        https://bugs.webkit.org/show_bug.cgi?id=170166
        http://trac.webkit.org/changeset/214485

2017-03-28  Anders Carlsson  <andersca@apple.com>

        ApplePayShippingContactUpdate.idl shouldn't have status field
        https://bugs.webkit.org/show_bug.cgi?id=170202
        rdar://problem/31307106

        Reviewed by Beth Dakin.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):
        If status isn't set, infer it based on whether there are errors present or not.

        * Modules/applepay/ApplePayShippingContactUpdate.h:
        Make status optional here; it's still used by the old code path.

        * Modules/applepay/ApplePayShippingContactUpdate.idl:
        Remove status here.

2017-03-28  Brian Burg  <bburg@apple.com>

        Web Inspector: Add "Disable Caches" option that only applies to the inspected page while Web Inspector is open
        https://bugs.webkit.org/show_bug.cgi?id=169865
        <rdar://problem/31250573>

        Reviewed by Joseph Pecoraro.

        Rewrite the network agent's command for disabling resource caching to use Page::setResourceCachingEnabled.
        The old implementation was doing weird stuff like setting no-cache headers and evicting the
        contents of the memory cache, neither of which is correct. The new approach has no side effects
        on the network, disk, or memory cache so it can be turned on temporarily without causing problems.

        New tests:
        - http/tests/inspector/network/set-resource-caching-disabled-disk-cache.html
        - http/tests/inspector/network/set-resource-caching-disabled-memory-cache.html

        * inspector/InspectorNetworkAgent.h:
        * inspector/InspectorNetworkAgent.cpp:
        (WebCore::InspectorNetworkAgent::setCacheDisabled): Deleted.
        (WebCore::InspectorNetworkAgent::setResourceCachingDisabled): Added.
        Implement new command.

        (WebCore::InspectorNetworkAgent::willSendRequest):
        (WebCore::InspectorNetworkAgent::mainFrameNavigated):
        Remove crufty attempts to break caches. I believe these are intended to defeat caching
        proxies and similar middlemen, but this is just as likely to cause unusual loading behavior.

        * page/Page.h:
        (WebCore::Page::isResourceCachingDisabled):
        (WebCore::Page::setResourceCachingDisabledOverride):
        Add an override setting so that Web Inspector's override does not mess up the value
        of isResourceCachingDisabled that may have been set by a WebKit API client.

2017-03-28  Youenn Fablet  <youenn@apple.com>

        Fix addIceCandidate after r214441
        https://bugs.webkit.org/show_bug.cgi?id=170146

        Reviewed by Chris Dumez.

        Covered by rebased test.

        * Modules/mediastream/RTCPeerConnection.js:
        (addIceCandidate): Setting function length to 1 and throwing if no parameter is passed.

2017-03-28  Youenn Fablet  <youenn@apple.com>

        Stop RTCDataChannel when closing page
        https://bugs.webkit.org/show_bug.cgi?id=170166

        Reviewed by Eric Carlson.

        Test: webrtc/datachannel/datachannel-gc.html

        Making RTCDataChannel an ActiveDOMObject.
        Closing the data channel backend and freeing upon close and stop.

        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::create):
        (WebCore::RTCDataChannel::RTCDataChannel):
        (WebCore::RTCDataChannel::close):
        (WebCore::RTCDataChannel::stop):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCDataChannel.idl:
        * Modules/mediastream/RTCPeerConnection.h:

2017-03-27  Simon Fraser  <simon.fraser@apple.com>

        Enhance the touch region debug overlay to show regions for the different events
        https://bugs.webkit.org/show_bug.cgi?id=170162

        Reviewed by Tim Horton.

        Have NonFastScrollableRegionOverlay use a different color for each region in EventTrackingRegions,
        and to draw a legend showing what the colors mean.
        
        On Mac, this overlay displays the non-fast scrollable region (which we don't keep separate from the wheel event
        region).

        * page/DebugPageOverlays.cpp:
        (WebCore::NonFastScrollableRegionOverlay::updateRegion):
        (WebCore::touchEventRegionColors):
        (WebCore::drawRightAlignedText):
        (WebCore::NonFastScrollableRegionOverlay::drawRect):
        (WebCore::RegionOverlay::drawRect):
        (WebCore::RegionOverlay::drawRegion):

2017-03-27  Simon Fraser  <simon.fraser@apple.com>

        Make sure the non-fast scrolling debug overlay is correctly updated
        https://bugs.webkit.org/show_bug.cgi?id=170142

        Reviewed by Tim Horton.

        AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged() is called on a timer
        from Document code, so the existing DebugPageOverlays::didLayout() call at the end
        of FrameView::layout() wasn't sufficient to keep the non-fast scrollable region up-to-date
        on iOS.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged):

2017-03-28  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] AirPlay placard text looks bad on 1x displays
        https://bugs.webkit.org/show_bug.cgi?id=170183
        <rdar://problem/30663416>

        Reviewed by Dean Jackson.

        Use subpixel antialiasing for all text in modern media controls.

        * Modules/modern-media-controls/controls/media-controls.css:
        (.media-controls-container,):

2017-03-28  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Improve appearance of tracks panel on macOS
        https://bugs.webkit.org/show_bug.cgi?id=168929
        <rdar://problem/30741589>

        Reviewed by Eric Carlson.

        We use a solid color for the focus state that matches the style used on macOS
        and blend the titles the same way we blend other non-solid labels in the controls bar.

        * Modules/modern-media-controls/controls/tracks-panel.css:
        (.tracks-panel section):
        (.tracks-panel section > h3):
        (.tracks-panel section > ul > li:focus):

2017-03-28  Yoav Weiss  <yoav@yoav.ws>

        Add a warning for unused link preloads.
        https://bugs.webkit.org/show_bug.cgi?id=165670

        Reviewed by Youenn Fablet.

        Tests: http/tests/preload/single_download_preload_headers_charset.php
               http/tests/preload/unused_preload_warning.html

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Stop the timer once the document is destructed.
        * loader/LinkPreloadResourceClients.h: Add shouldMarkAsReferenced overides for the LinkPreloadResourceClient classes.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::addClientToSet): Make sure LinkPreloadResourceClients don't set resource to be referenced.
        * loader/cache/CachedResourceClient.h:
        (WebCore::CachedResourceClient::shouldMarkAsReferenced): Make sure that ResourceClients mark preloads as referenced by default.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::CachedResourceLoader): Initialize timer.
        (WebCore::CachedResourceLoader::~CachedResourceLoader): Stop timer.
        (WebCore::CachedResourceLoader::documentDidFinishLoadEvent): Trigger a timer if preloads weren't cleared at load time.
        (WebCore::CachedResourceLoader::stopUnusedPreloadsTimer): Stop the timer.
        (WebCore::CachedResourceLoader::warnUnusedPreloads): Iterate over m_preloads and issue a warning for non-referenced preloads.
        * loader/cache/CachedResourceLoader.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::willDetachDocumentFromFrame): Clear Resource Timing buffer when document detaches, to avoid test flakiness.

2017-03-28  Antoine Quint  <graouts@apple.com>

        REGRESSION: Double-clicking the captions button while the captions popover is open prevents the popover from being opened again
        https://bugs.webkit.org/show_bug.cgi?id=170171
        <rdar://problem/31095500>

        Reviewed by Dean Jackson.

        We used to consider that the tracks panel was presented as long as it had a parent, but since we were using for the animated
        transition to complete before actually removing the panel from the node hierarchy, consecutive calls to hide then present
        would fail to present the panel. We now use a private instance variable to track the presented state which is set immediately
        as presentInParent() and hide() are called.

        Test: media/modern-media-controls/tracks-support/tracks-support-show-panel-then-double-click-on-tracks-button.html

        * Modules/modern-media-controls/controls/tracks-panel.js:
        (TracksPanel.prototype.get presented):
        (TracksPanel.prototype.presentInParent):
        (TracksPanel.prototype.hide):

2017-03-28  Aaron Chu  <aaron_chu@apple.com>

        AX: Media controls should be able to be re-activated after faded away
        https://bugs.webkit.org/show_bug.cgi?id=170048
        <rdar://problem/30157179>

        Reviewed by Antoine Quint.

        Added a "foucsin" listener for the controls bar so that when an element
        within fires a "focusin" event, the controls bar reappears if it is faded.

        Test: media/modern-media-controls/media-controls/media-controls-appear-when-focus.html

        * Modules/modern-media-controls/controls/controls-bar.js:
        (ControlsBar.prototype.handleEvent):

2017-03-28  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Improve media documents across macOS, iPhone and iPad
        https://bugs.webkit.org/show_bug.cgi?id=169145
        <rdar://problem/17048858>

        Reviewed by Dean Jackson.

        There were a variety of issues with media documents, some longstanding, and some specifically
        about modern media controls.

        One issue was that fullscreen and picture-in-picture buttons would show for audio media documents,
        due to using a <video> element to load the audio file. We now have additional logic in MediaController
        to identify if the loaded media is really an audio file, and using this information to hide the
        fullscreen and picture-in-picture buttons.

        Another issue was that we would inject style in MediaDocument.cpp that was specific to modern media
        controls when we could have the modern-media-controls module injected CSS handle this styling. We now
        use the injected style in the shadow root to size media documents based on the device characteristics
        and ensuring that page styles are overridden.

        We also simplify how MediaDocument.cpp sets the source of the media element to simply use the "src"
        attribute and not a <source> element.

        Finally, we introduce a MediaDocumentController class that is instantiated when we're dealing with
        a media document to hide the controls while we determine the type of media we're loading (audio vs.
        video) in order to apply the appropriate styling without flashes.

        As a result of the new styles applied by the modern-media-controls module, media documents have a
        similar behavior on macOS and iPad, where we only enforce a min-width for video allowing them
        to play at their natural size otherwise, and enforcing a fixed width for audio. On iPhone however,
        we want to always play the media at full width, with some padding in the case of audio.

        Tests: media/modern-media-controls/fullscreen-support/fullscreen-support-disabled-video-with-audio-tracks-only.html
               media/modern-media-controls/media-documents/ipad/media-document-audio-ios-sizing.html
               media/modern-media-controls/media-documents/ipad/media-document-video-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-audio-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-audio-mac-sizing.html
               media/modern-media-controls/media-documents/media-document-video-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-video-mac-sizing.html
               media/modern-media-controls/pip-support/pip-support-disabled-video-with-audio-tracks-only.html

        * Modules/modern-media-controls/controls/ios-inline-media-controls.css:
        (:host(audio) .media-controls.ios.inline > .controls-bar:before,):
        (:host(audio) .media-controls.ios.inline > .controls-bar:before): Deleted.
        * Modules/modern-media-controls/controls/macos-media-controls.css:
        (:host(audio) .media-controls.mac.inline > .controls-bar,):
        (:host(audio) .media-controls.mac.inline > .controls-bar > .background-tint,):
        (:host(audio) .media-controls.mac.inline > .controls-bar): Deleted.
        (:host(audio) .media-controls.mac.inline > .controls-bar > .background-tint): Deleted.
        * Modules/modern-media-controls/controls/media-document.css: Copied from Source/WebCore/Modules/modern-media-controls/controls/macos-media-controls.css.
        (:host(.media-document)):
        (:host(.media-document.ready)):
        (:host(.media-document.audio.mac)):
        (:host(.media-document.audio.ipad)):
        (:host(.media-document.audio.iphone)):
        (:host(.media-document.video.mac)):
        (:host(.media-document.video.ipad)):
        (:host(.media-document.video.iphone)):
        * Modules/modern-media-controls/js-files:
        * Modules/modern-media-controls/media/fullscreen-support.js:
        (FullscreenSupport.prototype.syncControl):
        (FullscreenSupport):
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):
        (MediaController.prototype.get isAudio):
        * Modules/modern-media-controls/media/media-document-controller.js: Copied from Source/WebCore/Modules/modern-media-controls/media/fullscreen-support.js.
        (MediaDocumentController):
        (MediaDocumentController.prototype.handleEvent):
        (MediaDocumentController.prototype._mediaDocumentHasMetadata):
        (MediaDocumentController.prototype._mediaDocumentHasSize):
        * Modules/modern-media-controls/media/pip-support.js:
        (PiPSupport.prototype.syncControl):
        (PiPSupport):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):

2017-03-28  Myles C. Maxfield  <mmaxfield@apple.com>

        Follow-up patch after r214364.
        https://bugs.webkit.org/show_bug.cgi?id=168895

        Unreviewed.

        * platform/graphics/FontDescription.cpp:
        (WebCore::FontDescription::FontDescription):

2017-03-27  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(213764): Large images should not be decoded asynchronously when they are drawn on a canvas
        https://bugs.webkit.org/show_bug.cgi?id=169771

        Reviewed by Simon Fraser.

        Sometimes we have to draw the image immediately like when a canvas calls  
        drawImage. In this case we have to decode the image synchronously to guarantee
        the drawing. Other times we need to decode with the native size of the image.
        The animated images have to be decoded with native size always. Otherwise
        the frame cache will be messed up if the same image is animated with different
        sizes. Currently we always decode asynchronously with sizeForDrawing. We need
        to decouple the decoding mode from the sizeForDrawing.

        This patch introduce the DecodingOptions class which can store and compare the
        following four cases:
            -- Synchronous: The frame has be decoded with native size only.
            -- Asynchronous + anySize: This is passed from the Image::draw() callers.
            -- Asynchronous + fullSize: The image has to be decoded with its full size.
            -- Asynchronous + sizeForDrawing: The image can be decoded with sizeForDrawing unless
            it was decoded with either a full size or sizeForDrawing which is larger than the
            requested sizeForDrawing.
            
        A new argument of type DecodingMode will be added to Image::draw() function.
        Only when the drawing comes from the render tree, it will be Asynchronous.
        Otherwise it will be Synchronous.

        Tests: fast/images/animated-image-different-dest-size.html
               fast/images/async-image-background-image.html
               fast/images/async-image-canvas-draw-image.html

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::frameImageAtIndexCacheIfNeeded): Gets the frame image, cache it synchronously if
        the current one is invalid. frameImageAtIndex() returns whatever stored in the cache.
        (WebCore::BitmapImage::nativeImage): Call frameImageAtIndexCacheIfNeeded() instead of frameImageAtIndex().
        (WebCore::BitmapImage::nativeImageForCurrentFrame): Ditto.
        (WebCore::BitmapImage::nativeImageOfSize): Ditto.
        (WebCore::BitmapImage::framesNativeImages): Ditto.
        (WebCore::BitmapImage::draw): Change the logic to do the following:
        -- The animated image has to be decoded with its full size.
        -- The animated image expects the current frame to be ready for drawing.
        -- The large image decoding does not need to call internalStartAnimation().
        -- The large image has to request async image decoding but draw the current one if it exists.
        (WebCore::BitmapImage::drawPattern): Draw the pattern synchronously.
        (WebCore::BitmapImage::shouldUseAsyncDecodingForLargeImages): Delete the call to shouldUseAsyncDecodingForTesting()
        since it is only applied for animated images.
        (WebCore::BitmapImage::shouldUseAsyncDecodingForAnimatedImages): Call shouldUseAsyncDecodingForAnimatedImageForTesting().
        (WebCore::BitmapImage::internalStartAnimation): Request decoding with the full size.
        (WebCore::BitmapImage::advanceAnimation): Call shouldUseAsyncDecodingForAnimatedImageForTesting().
        (WebCore::BitmapImage::internalAdvanceAnimation): Assert the current frame is not being decoding asynchronously for any size.
        (WebCore::BitmapImage::frameImageAtIndex): Deleted. Moved to the header file but with a new purpose: return
        the current frame from the frame cache as is; do not cache a new one.
        (WebCore::BitmapImage::shouldUseAsyncDecodingForLargeImage): Deleted. Function was renamed to shouldUseAsyncDecodingForLargeImages.
        (WebCore::BitmapImage::shouldUseAsyncDecodingForAnimatedImage): Deleted. Function was renamed to shouldUseAsyncDecodingForAnimatedImages.
        * platform/graphics/BitmapImage.h:
        * platform/graphics/CrossfadeGeneratedImage.cpp:
        (WebCore::CrossfadeGeneratedImage::draw): Add a new argument of type DecodingMode.
        * platform/graphics/CrossfadeGeneratedImage.h:
        * platform/graphics/DecodingOptions.h: Added.
        (WebCore::DecodingOptions::DecodingOptions): Default constructor: Synchronous mode.
        (WebCore::DecodingOptions::operator==): Compares two DecodingOptions for equality.
        (WebCore::DecodingOptions::isSynchronous): Is the frame decoded synchronously?
        (WebCore::DecodingOptions::isAsynchronous): Is the frame decoded asynchronously?
        (WebCore::DecodingOptions::isAsynchronousCompatibleWith): Is this DecodingOptions compatible with another one?
        (WebCore::DecodingOptions::hasFullSize): Is the decoding mode asynchronous but for the image full size?
        (WebCore::DecodingOptions::hasSizeForDrawing): Is this decoding mode asynchronous but for a sizeForDrawing?
        (WebCore::DecodingOptions::sizeForDrawing): Returns the sizeForDrawing. m_decodingModeOrSize has to hold an IntSize.
        (WebCore::DecodingOptions::maxDimension): Moved form ImageFrame.cpp.
        (WebCore::DecodingOptions::has): A helper function.
        (WebCore::DecodingOptions::hasDecodingMode): Does m_decodingModeOrSize a DecodingMode?
        (WebCore::DecodingOptions::hasSize): Does m_decodingModeOrSize an IntSize?
        * platform/graphics/GeneratedImage.h: Add a new argument of type DecodingMode.
        * platform/graphics/GradientImage.cpp:
        (WebCore::GradientImage::draw): Ditto.
        * platform/graphics/GradientImage.h: Ditto.
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::drawImage): Pass the ImagePaintingOptions::m_DecodingMode to Image::draw().
        * platform/graphics/GraphicsContext.h:
        (WebCore::ImagePaintingOptions::ImagePaintingOptions): Add a new member of type DecodingMode to ImagePaintingOptions.
        * platform/graphics/Image.cpp:
        (WebCore::Image::drawTiled): Pass DecodingMode::Synchronous to Image::draw().
        * platform/graphics/Image.h: Add a new argument of type DecodingMode to Image::draw().
        * platform/graphics/ImageFrame.cpp:
        (WebCore::ImageFrame::operator=): Replace m_sizeForDrawing by m_decodingOptions.
        (WebCore::ImageFrame::hasNativeImage): Check if m_nativeImage is valid and the subsamplingLevels match.
        (WebCore::ImageFrame::hasFullSizeNativeImage): Checks hasNativeImage() and whether the image frame was
        decoded for the image full size.
        (WebCore::ImageFrame::hasDecodedNativeImageCompatibleWithOptions): Checks hasNativeImage() and the DecodingOptions match.
        (WebCore::maxDimension): Deleted. Moved to DecodingOptions.h.
        (WebCore::ImageFrame::isBeingDecoded): Deleted. The check for having an ImageFrame being decoded is
        moved to ImageFrameCache.
        (WebCore::ImageFrame::hasValidNativeImage): Deleted. No need to this function.
        * platform/graphics/ImageFrame.h:
        (WebCore::ImageFrame::hasNativeImage): Add an std::optional<SubsamplingLevel> argument.
        (WebCore::ImageFrame::hasFullSizeNativeImage): Checks whether the ImageFrame was decoded for the image full size.
        (WebCore::ImageFrame::enqueueSizeForDecoding): Deleted.
        (WebCore::ImageFrame::dequeueSizeForDecoding): Deleted.
        (WebCore::ImageFrame::clearSizeForDecoding): Deleted.
        (WebCore::ImageFrame::isBeingDecoded): Deleted.
        (WebCore::ImageFrame::sizeForDrawing): Deleted.
        (WebCore::ImageFrame::hasDecodedNativeImage): Deleted.
        The logic of knowing whether an ImageFrame is being decoded is moved to ImageFrameCache.
        * platform/graphics/ImageFrameCache.cpp:
        (WebCore::ImageFrameCache::cacheFrameMetadataAtIndex): Caches the metadata of an ImageFrame. If the NativeImage
        was decoded for a sizeForDrawing, the size of the ImageFrame will be the nativeImageSize(). Otherwise, the
        frameSizeAtIndex() will be called.
        (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Cache a new NativeImage which involves caching new
        metadata and updating the memory cache. No need to check if the existing native image is valid or not for the
        DecodingOptions. Actually it would be a bug if it happens. This is why cacheNativeImageForFrameRequest() asserts
        !frame.hasAsyncNativeImage() before calling cacheFrameNativeImageAtIndex().
        (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): Cache new NativeImage which was decoded asynchronously.
        (WebCore::ImageFrameCache::startAsyncDecodingQueue): Call cacheAsyncFrameNativeImageAtIndex() instead of
        cacheNativeImageForFrameRequest() for clarity.
        (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Call hasAsyncNativeImage() instead of hasValidNativeImage()
        Call frameIsDecodingCompatibleWithOptionsAtIndex() instead of frame.isBeingDecoded(). Replace the call to enqueueSizeForDecoding()
        by appending the same ImageFrameRequest to m_frameCommitQueue.
        (WebCore::ImageFrameCache::isAsyncDecodingQueueIdle): Use m_frameCommitQueue to answer the question whether the decodingQueue is idle.
        (WebCore::ImageFrameCache::stopAsyncDecodingQueue): Use m_frameCommitQueue to loop through all the ImageFrames which are currently being decoded.
        (WebCore::ImageFrameCache::frameAtIndexCacheIfNeeded): For getting the metadata, this function needs a valid frame. If it is requested
        to decode the nativeImage, it has to do it synchronously.
        (WebCore::ImageFrameCache::singlePixelSolidColor): Don't cache the frame if it is an animated image or the size is not a single pixel.
        (WebCore::ImageFrameCache::frameIsBeingDecodedAndIsCompatibleWithOptionsAtIndex): Use m_frameCommitQueue to answer the question whether an ImageFrame
        is being decoded and is compatible with DecodingOptions.
        (WebCore::ImageFrameCache::frameHasFullSizeNativeImageAtIndex): Calls ImageFrame::hasFullNativeImage() for a frame. 
        (WebCore::ImageFrameCache::frameHasDecodedNativeImageCompatibleWithOptionsAtIndex): Calls ImageFrame::hasDecodedNativeImageCompatibleWithOptions() for a frame.
        (WebCore::ImageFrameCache::frameImageAtIndex): Returns the current NativeImage without caching.
        (WebCore::ImageFrameCache::frameImageAtIndexCacheIfNeeded): Returns the current NativeImage but cache it synchronously if needed.
        (WebCore::ImageFrameCache::setFrameNativeImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::setFrameMetadataAtIndex): Deleted.
        (WebCore::ImageFrameCache::replaceFrameNativeImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::frameIsBeingDecodedAtIndex): Deleted.
        (WebCore::ImageFrameCache::frameHasImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::frameHasValidNativeImageAtIndex): Deleted.
        (WebCore::ImageFrameCache::frameHasDecodedNativeImage): Deleted.
        * platform/graphics/ImageFrameCache.h: Two ImageFrameRequest queues will be used.
        -- The existing one m_frameRequestQueue which is shared between the main thread and decoding thread. The requests will be
        dequeued from it before starting the decoding. The decoded NativeImage will be cached only on the main thread. The decoding
        thread is not blocked by the callOnMainThread(). This means there might be multiple ImageFrameRequests which were dequeued
        while their NativeImages have not been cached yet.
        -- A new one m_frameCommitQueue which is track all the ImageFrameRequests whose NativeImages have not been cached yet.
        (WebCore::ImageFrameCache::frameAtIndexCacheIfNeeded): Be explicit about caching the image frame. frameImageAtIndex()
        returns the current image frame without caching. frameAtIndexCacheIfNeeded(). returns the current image frame but cache
        it if needed.
        (WebCore::ImageFrameCache::ImageFrameRequest::operator==): Compares two ImageFrameRequests for equality.
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::frameImageAtIndexCacheIfNeeded): 
        (WebCore::ImageSource::frameImageAtIndex): Deleted.
        * platform/graphics/ImageSource.h:
        (WebCore::ImageSource::requestFrameAsyncDecodingAtIndex): Change the type of the argument from IntSize to be const std::optional<IntSize>.
        (WebCore::ImageSource::frameIsBeingDecodedAndIsCompatibleWithOptionsAtIndex): Rename of frameIsBeingDecodedAtIndex(). Replace the argument of type
        std::optional<IntSize> by an argument of type DecodingOptions.
        (WebCore::ImageSource::frameHasFullSizeNativeImageAtIndex): A wrapper around the ImageFrameCache function.
        (WebCore::ImageSource::frameHasDecodedNativeImageCompatibleWithOptionsAtIndex): Ditto.
        (WebCore::ImageSource::frameImageAtIndex): Ditto.
        (WebCore::ImageSource::frameIsBeingDecodedAtIndex): Deleted.
        (WebCore::ImageSource::frameHasValidNativeImageAtIndex): Deleted.
        (WebCore::ImageSource::frameHasDecodedNativeImage): Deleted.
        * platform/graphics/NamedImageGeneratedImage.cpp:
        (WebCore::NamedImageGeneratedImage::draw): Add a new argument of type DecodingMode.
        * platform/graphics/NamedImageGeneratedImage.h: Ditto.
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::draw): Add a new argument of type DecodingMode.
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::createFrameImageAtIndex): Replace the sizeForDrawing argument by a DecodingMode argument. Add a new handling
        for decoding asynchronously for the image full size.
        * platform/graphics/cg/ImageDecoderCG.h: Change the prototype of the function.
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::draw): Add a new argument of type DecodingMode.
        * platform/graphics/cg/PDFDocumentImage.h:
        * platform/graphics/win/ImageCGWin.cpp:
        (WebCore::BitmapImage::getHBITMAPOfSize): Pass DecodingMode::Synchronous to Image::draw().
        (WebCore::BitmapImage::drawFrameMatchingSourceSize): Ditto.
        * platform/graphics/win/ImageDecoderDirect2D.cpp:
        (WebCore::ImageDecoder::createFrameImageAtIndex): Replace the sizeForDrawing argument by a DecodingMode argument.
        * platform/graphics/win/ImageDecoderDirect2D.h: Change the prototype of the function.
        * platform/image-decoders/ImageDecoder.cpp: 
        (WebCore::ImageDecoder::createFrameImageAtIndex): Replace the sizeForDrawing argument by a DecodingMode argument.
        * platform/image-decoders/ImageDecoder.h: Change the prototype of the function.
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended): Draw the background image asynchronously if the image size is large.
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::paintIntoRect): Draw the background image element asynchronously if the image size is large.
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawForContainer): Pass DecodingMode::Synchronous to draw().
        (WebCore::SVGImage::nativeImageForCurrentFrame): Ditto.
        (WebCore::SVGImage::nativeImage): Ditto.
        (WebCore::SVGImage::draw): Add a new argument of type DecodingMode.
        * svg/graphics/SVGImage.h: Change the prototype of the function.
        * svg/graphics/SVGImageForContainer.cpp:
        (WebCore::SVGImageForContainer::draw): Add a new argument of type DecodingMode.
        * svg/graphics/SVGImageForContainer.h: Change the prototype of the function.

2017-03-27  Youenn Fablet  <youenn@apple.com>

        Activate release libwebrtc logging when WebRTC log channel is on
        https://bugs.webkit.org/show_bug.cgi?id=169659

        Reviewed by Alex Christensen.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::initializePeerConnectionFactoryAndThreads):

2017-03-27  Antti Koivisto  <antti@apple.com>

        Move visibleInViewportStateChanged callback from Element to render tree
        https://bugs.webkit.org/show_bug.cgi?id=170039

        Reviewed by Zalan Bujtas.

        Make it easier to use from the render tree.

        Also for simplicity move the bits from RenderObject rare data to RenderElement.
        There is plenty of space there.

        * dom/Element.h:
        (WebCore::Element::isVisibleInViewportChanged): Deleted.
        * html/HTMLMediaElement.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        (WebCore::RenderElement::willBeDestroyed):
        (WebCore::RenderElement::registerForVisibleInViewportCallback):
        (WebCore::RenderElement::unregisterForVisibleInViewportCallback):
        (WebCore::RenderElement::setVisibleInViewportState):
        (WebCore::RenderElement::visibleInViewportStateChanged):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::visibleInViewportState):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::setIsRegisteredForVisibleInViewportCallback): Deleted.
        (WebCore::RenderObject::setVisibleInViewportState): Deleted.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::hasOutlineAutoAncestor):
        (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
        (WebCore::RenderObject::isRegisteredForVisibleInViewportCallback): Deleted.
        (WebCore::RenderObject::visibleInViewportState): Deleted.
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::visibleInViewportStateChanged):
        * rendering/RenderVideo.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::updateVisibleViewportRect):

2017-03-27  Youenn Fablet  <youenn@apple.com>

        addIceCandidate should not throw if passed null or undefined
        https://bugs.webkit.org/show_bug.cgi?id=170118

        Reviewed by Eric Carlson.

        Covered by updated test.

        A null/undefined candidate passed to addIceCandidate means end of Ice candidate..

        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::addIceCandidate):
        * Modules/mediastream/PeerConnectionBackend.h:
        (WebCore::PeerConnectionBackend::endOfIceCandidates):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::queuedAddIceCandidate):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCPeerConnection.idl:
        * Modules/mediastream/RTCPeerConnection.js:
        (addIceCandidate):

2017-03-27  Antti Koivisto  <antti@apple.com>

        Allow the page to render before <link> stylesheet tags in body
        https://bugs.webkit.org/show_bug.cgi?id=149157
        <rdar://problem/24658830>

        Reviewed by Simon Fraser.

        Currently we block style and renderer building completely if document has any loading
        stylesheets. In case a script queries something layout dependent we construct the render
        tree with whatever style we have but block painting in it.

        This patch changes behavior so that a loading stylesheet in body only blocks rendering for elements
        that are after it. The expectation is that such stylesheets rarely affect elements before them
        and the elements can be rendered without causing ugly visible styling changes.

        The patch replaces the old flash-of-unstyled-content (FOUC) preventation mechanism with a more
        fine-grained one. Paint blocking is now done on per-renderer basis with based on isNonFinal flag in
        RenderStyle.

        For stylesheets in head the behavior should be largely unchanged.

        Test: http/tests/incremental/stylesheet-body-incremental-rendering.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::pseudoStyleRulesForElement):
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::resolveStyle):
        (WebCore::Document::updateLayoutIgnorePendingStylesheets):

            Remove the old FOUC preventation state tracking.

        (WebCore::Document::shouldScheduleLayout):
        (WebCore::Document::didRemoveAllPendingStylesheet):

            Repaints will now get triggered by the normal style mechanism.

        * dom/Document.h:
        (WebCore::Document::hasNodesWithNonFinalStyle):
        (WebCore::Document::setHasNodesWithNonFinalStyle):

            Track if we need to recompute the style later because non-final or unstyled elements.

        (WebCore::Document::didLayoutWithPendingStylesheets): Deleted.
        (WebCore::Document::hasNodesWithPlaceholderStyle): Deleted.
        (WebCore::Document::setHasNodesWithPlaceholderStyle): Deleted.
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::rendererIsNeeded):
        * page/FrameView.cpp:
        (WebCore::FrameView::qualifiesAsVisuallyNonEmpty):

            Don't qualify as visually non-empty if we have loading stylesheets in head (even if there is
            a fouc-prevented render tree).

        (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintContents):

            Instead of a global test, block painting if isNonFinal is set in the renderer's style.

        * rendering/RenderLayer.cpp:
        (WebCore::shouldSuppressPaintingLayer):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresRepaint):

            The isNonFinal flag prevents painting so we need to trigger repaint when it gets cleared.

        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::isNotFinal):
        (WebCore::RenderStyle::setIsNotFinal):
        (WebCore::RenderStyle::isPlaceholderStyle): Deleted.
        (WebCore::RenderStyle::setIsPlaceholderStyle): Deleted.

            There is no need for placeholder styles anymore. Reuse the bit for isNotFinal.

        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::analyzeStyleSheetChange):
        (WebCore::Style::Scope::updateActiveStyleSheets):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::TreeResolver::styleForElement):
        (WebCore::Style::TreeResolver::resolveElement):

            If we have seens a loading stylesheet and don't have a renderer yet don't style the element.
            In case there is a renderer or we are ignoring pending sheets, resolve the style normally
            but mark it as non-final.

        (WebCore::Style::makePlaceholderStyle): Deleted.

2017-03-27  Myles C. Maxfield  <mmaxfield@apple.com>

        Test variation font ranges in the CSS Font Loading API
        https://bugs.webkit.org/show_bug.cgi?id=170022

        Reviewed by Dean Jackson.

        Test: fast/text/variations/font-loading-api-parse-ranges.html

        Don't use keywords when reporting font variation range values.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::fontNonKeywordWeightFromStyleValue):
        (WebCore::ComputedStyleExtractor::fontWeightFromStyleValue):
        (WebCore::ComputedStyleExtractor::fontNonKeywordStretchFromStyleValue):
        (WebCore::ComputedStyleExtractor::fontStretchFromStyleValue):
        (WebCore::ComputedStyleExtractor::fontNonKeywordStyleFromStyleValue):
        (WebCore::ComputedStyleExtractor::fontStyleFromStyleValue):
        * css/CSSComputedStyleDeclaration.h:
        * css/FontFace.cpp:
        (WebCore::FontFace::style):
        (WebCore::FontFace::weight):
        (WebCore::FontFace::stretch):

2017-03-27  Anders Carlsson  <andersca@apple.com>

        Propagate shipping contact update errors
        https://bugs.webkit.org/show_bug.cgi?id=170141
        rdar://problem/31276576

        Reviewed by Tim Horton.

        * Modules/applepay/ApplePaySession.cpp:
        (WebCore::convertAndValidate):

2017-03-27  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214411.

        Two of the LayoutTests for this change time out on ios-
        simulator.

        Reverted changeset:

        "[Modern Media Controls] Improve media documents across macOS,
        iPhone and iPad"
        https://bugs.webkit.org/show_bug.cgi?id=169145
        http://trac.webkit.org/changeset/214411

2017-03-27  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Clicking on the tracks button when the tracks panel is up in a media document pauses the video
        https://bugs.webkit.org/show_bug.cgi?id=168517
        <rdar://problem/30577636>

        Reviewed by Dean Jackson.

        We completely turn off default event handling in MediaDocument.cpp since we're implementing the
        behavior we expect to pause and resume the video in the modern-media-controls module already. This
        gets rid of this odd case where the content would not see the "click" event while the C++ side would
        handle it and pause the video.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):
        (MediaController.prototype.handleEvent):
        (MediaController.prototype._containerWasClicked): Deleted.
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::defaultEventHandler):

2017-03-27  Youenn Fablet  <youenn@apple.com>

        Tighten RTCDatachannel creation and parameter getters
        https://bugs.webkit.org/show_bug.cgi?id=170081

        Reviewed by Eric Carlson.

        Covered by updated tests.

        Adding some parameter checks when creating data channels.
        Making some getters nullable as per the spec.

        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCDataChannel.idl:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::createDataChannel):
        * Modules/mediastream/RTCPeerConnection.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::createDataChannel):
        (WebCore::LibWebRTCMediaEndpoint::addDataChannel):
        * platform/mediastream/RTCDataChannelHandler.h:
        (): Deleted.

2017-03-27  Youenn Fablet  <youenn@apple.com>

        Add support for RTCRtpReceiver/RTCRtpSender getParameters
        https://bugs.webkit.org/show_bug.cgi?id=170057

        Reviewed by Alex Christensen.

        Test: webrtc/video-getParameters.html

        getParameters returns a dictionary of values taken from libwebrtc RtpReceiverInterface/RtpSenderInrterface objects.
        Added a direct link between WebCore RTCRtpReceiver and libwebrtc RtpReceiverInterface object.
        Making the link between WebCore RTCRtpSender and libwebrtc RtpSenderInrterface object through
        PeerConnectionBackend to keep the current architecture shared with OpenWebRTC.
        In the future, we should try to make the link more direct.

        Added routines to support the conversion from libwebrtc to WebCore.
        Ensured that RTCRtpReceiver is cleaning its backend when being stopped.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
        * Modules/mediastream/PeerConnectionBackend.h:
        (WebCore::PeerConnectionBackend::getParameters):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::doClose):
        (WebCore::RTCPeerConnection::getParameters):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCRtpParameters.h: Added.
        * Modules/mediastream/RTCRtpParameters.idl: Added.
        * Modules/mediastream/RTCRtpReceiver.cpp:
        (WebCore::RTCRtpReceiver::RTCRtpReceiver):
        * Modules/mediastream/RTCRtpReceiver.h:
        (WebCore::RTCRtpReceiver::Backend::~Backend):
        (WebCore::RTCRtpReceiver::Backend::getParameters):
        (WebCore::RTCRtpReceiver::create):
        (WebCore::RTCRtpReceiver::stop):
        (WebCore::RTCRtpReceiver::setBackend):
        (WebCore::RTCRtpReceiver::getParameters):
        * Modules/mediastream/RTCRtpReceiver.idl:
        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::create):
        (WebCore::RTCRtpSender::RTCRtpSender):
        (WebCore::RTCRtpSender::replaceTrack):
        (WebCore::RTCRtpSender::getParameters):
        * Modules/mediastream/RTCRtpSender.h:
        (WebCore::RTCRtpSender::Backend::~Backend):
        (WebCore::RTCRtpSender::isStopped):
        (WebCore::RTCRtpSender::stop):
        * Modules/mediastream/RTCRtpSender.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::LibWebRTCMediaEndpoint::addTrack):
        (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack):
        (WebCore::LibWebRTCMediaEndpoint::OnAddTrack):
        (WebCore::LibWebRTCMediaEndpoint::stop):
        (WebCore::fillEncodingParameters):
        (WebCore::fillHeaderExtensionParameters):
        (WebCore::fillCodecParameters):
        (WebCore::fillRtpParameters):
        (WebCore::RTCRtpReceiverBackend::getParameters):
        (WebCore::LibWebRTCMediaEndpoint::getRTCRtpSenderParameters):
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::notifyAddedTrack):
        (WebCore::LibWebRTCPeerConnectionBackend::getParameters):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:

2017-03-27  Myles C. Maxfield  <mmaxfield@apple.com>

        font variation properties don't need to accept numbers
        https://bugs.webkit.org/show_bug.cgi?id=169357

        Reviewed by Antti Koivisto.

        The CSS Fonts level 4 spec stabilized the grammar accepted by font-weight,
        font-style, and font-stretch. The changes are that font-style and
        font-stretch no longer accept raw numbers, and the @font-face descriptor
        ranges are now separated by spaces instead of slashes.

        Tests: fast/text/font-selection-font-face-parse.html
               fast/text/font-selection-font-loading-api-parse.html
               fast/text/font-stretch-parse.html
               fast/text/font-style-parse.html
               fast/text/variations/font-selection-properties.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::fontWeightFromStyleValue):
        (WebCore::fontWeightFromStyle):
        (WebCore::ComputedStyleExtractor::fontStretchFromStyleValue):
        (WebCore::fontStretchFromStyle):
        (WebCore::ComputedStyleExtractor::fontStyleFromStyleValue):
        (WebCore::fontStyleFromStyle):
        * css/CSSComputedStyleDeclaration.h:
        * css/FontFace.cpp:
        (WebCore::FontFace::style):
        (WebCore::FontFace::weight):
        (WebCore::FontFace::stretch):
        (WebCore::rangeIsSingleValue): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFontStretchFromValue):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontWeightRange):
        (WebCore::consumeFontStretch):
        (WebCore::consumeFontStretchRange):
        (WebCore::consumeFontStyle):
        (WebCore::consumeFontStyleRange):

2017-03-27  Youenn Fablet  <youenn@apple.com>

        Further optimize checkWebRTCAvailability
        https://bugs.webkit.org/show_bug.cgi?id=169147

        Reviewed by Alex Christensen.

        Tested locally by removing libwebrtc.dylib.
        Replacing dlopen check by checking an exported symbol, rtc::LogMessage::LogToDebug.
        This check is more efficient and accurate. It should work in more configurations than the previous one.

        * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
        (WebCore::isNullFunctionPointer):
        (WebCore::LibWebRTCProvider::webRTCAvailable):

2017-03-27  Myles C. Maxfield  <mmaxfield@apple.com>

        Implement format specifier for variation fonts
        https://bugs.webkit.org/show_bug.cgi?id=169327

        Reviewed by Simon Fraser.

        Variation fonts require the format("woff-variations"), format("truetype-variations"),
        and format("opentype-variations") format specifies in @font-face rules.

        Test: fast/text/variations/font-face-format.html

        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::supportsFormat):

2017-03-27  Myles C. Maxfield  <mmaxfield@apple.com>

        Make sure animation works for font-weight, font-stretch, and font-style
        https://bugs.webkit.org/show_bug.cgi?id=169683

        Reviewed by Simon Fraser.

        Hook up animation code for FontSelectionValues.

        Tests: animations/font-variations/font-stretch.html
               animations/font-variations/font-style.html
               animations/font-variations/font-weight.html

        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setFontWeight):
        (WebCore::RenderStyle::setFontStretch):
        (WebCore::RenderStyle::setFontItalic):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::fontWeight):
        (WebCore::RenderStyle::fontStretch):
        (WebCore::RenderStyle::fontItalic):

2017-03-27  Alex Christensen  <achristensen@webkit.org>

        Make WebSockets work in network process
        https://bugs.webkit.org/show_bug.cgi?id=169930

        Reviewed by Youenn Fablet.

        Covered by 136 existing tests in http/tests/websocket/tests/hybi
        This also does fine with the 544 websocket tests in the web-platform-tests which we have not yet imported.
        Also added http/tests/websocket/tests/hybi/network-process-crash-error.html
        to test a new condition that couldn't happen before this move: the NetworkProcess crashing.

        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::fail):
        We were asserting that didCloseSocketStream was called.  It is still called,
        but not synchronously like it used to.  This assertion is now invalid, but tests
        that would hit it still pass.
        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::SocketStreamHandleImpl::platformSendInternal):
        CFWriteStreamCanAcceptBytes crashes if you give it a null parameter, and that can happen now.
        If we have no write stream, then we cannot write.  Tests that hit this pass still.

2017-03-27  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Improve media documents across macOS, iPhone and iPad
        https://bugs.webkit.org/show_bug.cgi?id=169145
        <rdar://problem/17048858>

        Reviewed by Dean Jackson.

        There were a variety of issues with media documents, some longstanding, and some specifically
        about modern media controls.

        One issue was that fullscreen and picture-in-picture buttons would show for audio media documents,
        due to using a <video> element to load the audio file. We now have additional logic in MediaController
        to identify if the loaded media is really an audio file, and using this information to hide the
        fullscreen and picture-in-picture buttons.

        Another issue was that we would inject style in MediaDocument.cpp that was specific to modern media
        controls when we could have the modern-media-controls module injected CSS handle this styling. We now
        use the injected style in the shadow root to size media documents based on the device characteristics
        and ensuring that page styles are overridden.

        We also simplify how MediaDocument.cpp sets the source of the media element to simply use the "src"
        attribute and not a <source> element.

        Finally, we introduce a MediaDocumentController class that is instantiated when we're dealing with
        a media document to hide the controls while we determine the type of media we're loading (audio vs.
        video) in order to apply the appropriate styling without flashes.

        As a result of the new styles applied by the modern-media-controls module, media documents have a
        similar behavior on macOS and iPad, where we only enforce a min-width for video allowing them
        to play at their natural size otherwise, and enforcing a fixed width for audio. On iPhone however,
        we want to always play the media at full width, with some padding in the case of audio.

        Tests: media/modern-media-controls/fullscreen-support/fullscreen-support-disabled-video-with-audio-tracks-only.html
               media/modern-media-controls/media-documents/ipad/media-document-audio-ios-sizing.html
               media/modern-media-controls/media-documents/ipad/media-document-video-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-audio-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-audio-mac-sizing.html
               media/modern-media-controls/media-documents/media-document-video-ios-sizing.html
               media/modern-media-controls/media-documents/media-document-video-mac-sizing.html
               media/modern-media-controls/pip-support/pip-support-disabled-video-with-audio-tracks-only.html

        * Modules/modern-media-controls/controls/ios-inline-media-controls.css:
        (:host(audio) .media-controls.ios.inline > .controls-bar:before,):
        (:host(audio) .media-controls.ios.inline > .controls-bar:before): Deleted.
        * Modules/modern-media-controls/controls/macos-media-controls.css:
        (:host(audio) .media-controls.mac.inline > .controls-bar,):
        (:host(audio) .media-controls.mac.inline > .controls-bar > .background-tint,):
        (:host(audio) .media-controls.mac.inline > .controls-bar): Deleted.
        (:host(audio) .media-controls.mac.inline > .controls-bar > .background-tint): Deleted.
        * Modules/modern-media-controls/controls/media-document.css: Added.
        (:host(.media-document)):
        (:host(.media-document.ready)):
        (:host(.media-document.audio.mac)):
        (:host(.media-document.audio.ipad)):
        (:host(.media-document.audio.iphone)):
        (:host(.media-document.video.mac)):
        (:host(.media-document.video.ipad)):
        (:host(.media-document.video.iphone)):
        * Modules/modern-media-controls/js-files:
        * Modules/modern-media-controls/media/fullscreen-support.js:
        (FullscreenSupport.prototype.syncControl):
        (FullscreenSupport):
        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):
        (MediaController.prototype.get isAudio):
        * Modules/modern-media-controls/media/media-document-controller.js: Added.
        (MediaDocumentController):
        (MediaDocumentController.prototype.handleEvent):
        (MediaDocumentController.prototype._mediaDocumentHasMetadata):
        (MediaDocumentController.prototype._mediaDocumentHasSize):
        * Modules/modern-media-controls/media/pip-support.js:
        (PiPSupport.prototype.syncControl):
        (PiPSupport):
        * html/MediaDocument.cpp:
        (WebCore::MediaDocumentParser::createDocumentStructure):

2017-03-25  Chris Dumez  <cdumez@apple.com>

        REGRESSION(r214195): zillow.com header video doesn't resume when switching to another tab and back
        https://bugs.webkit.org/show_bug.cgi?id=170080
        <rdar://problem/31252522>

        Reviewed by Eric Carlson.

        The video header on zillow.com would pause when switching to another tab after r214195. On
        switching back to the zillow.com tab, we would resume the video but fail to take the poster
        away, making it look like the video is still paused.

        We normally take the poster away when HTMLMediaElement::mediaPlayerFirstVideoFrameAvailable()
        is called. However, mediaPlayerFirstVideoFrameAvailable() was only ever called once because of
        the m_haveReportedFirstVideoFrame flag in MediaPlayerPrivateAVFoundation::updateStates().
        We now reset m_haveReportedFirstVideoFrame to false in updateStates() if hasAvailableVideoFrame()
        return false, so that we call mediaPlayerFirstVideoFrameAvailable() again when the return
        value of asAvailableVideoFrame() becomes true again (e.g. after the media session interruption
        has ended).

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::updateStates):

2017-03-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        [WK2] Add a UI delegate SPI hook to enable or disable navigation on drop
        https://bugs.webkit.org/show_bug.cgi?id=169168
        <rdar://problem/30688374>

        Reviewed by Tim Horton.

        Refactor client hooks for the drag destination action in WebCore to ask for the drag destination action mask
        upon initializing the DragData. In DragController, rather than setting m_dragDestinationAction to the result of
        m_client.actionMaskForDrag, we instead set it to the DragData's destination action.

        Tests to come in a future patch.

        * loader/EmptyClients.cpp:
        * page/DragClient.h:

        Rather than pass in a DragData, pass in only the platform data that we need to hand to the delegate. This is
        because we now ask for drag destination actions prior to creating the DragData.

        * page/DragController.cpp:
        (WebCore::DragController::dragEnteredOrUpdated):

        Update the available drag destination actions in WebCore using the destination actions stored in DragData rather
        than calling out to the client delegate.

        * loader/EmptyClients.cpp:
        * platform/DragData.cpp:
        (WebCore::DragData::DragData):
        * platform/DragData.h:
        (WebCore::DragData::dragDestinationAction):
        (WebCore::DragData::operator =):
        * platform/mac/DragDataMac.mm:
        (WebCore::DragData::DragData):

2017-03-25  Aaron Chu  <aaron_chu@apple.com>

        AX: Media controls are unlabeled
        https://bugs.webkit.org/show_bug.cgi?id=169947
        <rdar://problem/30153323>

        Reviewed by Antoine Quint.

        Added a "label" property for Icons, which are used to set
        the aria-label for the controls in modern media controls.

        Test: Addition to all existing modern media controls tests.

        * English.lproj/modern-media-controls-localized-strings.js:
        * Modules/modern-media-controls/controls/icon-button.js:
        (IconButton.prototype.set iconName):
        (IconButton.prototype.handleEvent):
        (IconButton.prototype._loadImage):
        * Modules/modern-media-controls/controls/icon-service.js:
        * Modules/modern-media-controls/controls/start-button.js:
        (StartButton):
        * Modules/modern-media-controls/js-files:

2017-03-25  Carlos Garcia Campos  <cgarcia@igalia.com>

        [XDG] MIMETypeRegistry::getMIMETypeForExtension should return a null/empty string when mime type is unknown
        https://bugs.webkit.org/show_bug.cgi?id=170050

        Reviewed by Michael Catanzaro.

        That's what the callers expect, but we alre always returning XDG_MIME_TYPE_UNKNOWN which is
        application/octet-stream.

        Fixes: plugins/no-mime-with-valid-extension.html

        * platform/xdg/MIMETypeRegistryXdg.cpp:
        (WebCore::MIMETypeRegistry::getMIMETypeForExtension):

2017-03-24  Myles C. Maxfield  <mmaxfield@apple.com>

        Add font-optical-sizing to CSSComputedStyleDeclaration
        https://bugs.webkit.org/show_bug.cgi?id=170083

        Reviewed by Joseph Pecoraro.

        Covered by existing tests.

        * css/CSSComputedStyleDeclaration.cpp:

2017-03-24  Daniel Bates  <dabates@apple.com>

        media/restore-from-page-cache.html causes NoEventDispatchAssertion::isEventAllowedInMainThread() assertion failure
        https://bugs.webkit.org/show_bug.cgi?id=170087
        <rdar://problem/31254822>

        Reviewed by Simon Fraser.

        Reduce the scope of code that should never dispatch DOM events so as to allow updating contents size
        after restoring a page from the page cache.

        In r214014 we instantiate a NoEventDispatchAssertion in FrameLoader::commitProvisionalLoad()
        around the call to CachedPage::restore() to assert when a DOM event is dispatched during
        page restoration as such events can cause re-entrancy into the page cache. As it turns out
        it is sufficient to ensure that no DOM events are dispatched after restoring all cached frames
        as opposed to after CachedPage::restore() returns.

        Also rename Document::enqueue{Pageshow, Popstate}Event() to dispatch{Pageshow, Popstate}Event(),
        respectively, since they synchronously dispatch events :(. We hope in the future to make them
        asynchronously dispatch events.

        * dom/Document.cpp:
        (WebCore::Document::implicitClose): Update for renaming.
        (WebCore::Document::statePopped): Ditto.
        (WebCore::Document::dispatchPageshowEvent): Renamed; formerly named enqueuePageshowEvent().
        (WebCore::Document::dispatchPopstateEvent): Renamed; formerly named enqueuePopstateEvent().
        (WebCore::Document::enqueuePageshowEvent): Deleted.
        (WebCore::Document::enqueuePopstateEvent): Deleted.
        * dom/Document.h:
        * history/CachedPage.cpp:
        (WebCore::firePageShowAndPopStateEvents): Moved logic from FrameLoader::didRestoreFromCachedPage() to here.
        (WebCore::CachedPage::restore): Modified to call firePageShowAndPopStateEvents().
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad): Removed use of NoEventDispatchAssertion RAII object. We
        will instantiate it in CachedPage::restore() with a smaller scope.
        (WebCore::FrameLoader::didRestoreFromCachedPage): Deleted; moved logic from here to WebCore::firePageShowAndPopStateEvents().
        * loader/FrameLoader.h:

2017-03-24  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214361.

        This change caused flakiness in http/tests/preload tests.

        Reverted changeset:

        "Add a warning for unused link preloads."
        https://bugs.webkit.org/show_bug.cgi?id=165670
        http://trac.webkit.org/changeset/214361

2017-03-24  Antoine Quint  <graouts@webkit.org>

        [Modern Media Controls] Remove placard icon if height is compressed
        https://bugs.webkit.org/show_bug.cgi?id=167935
        <rdar://problem/30397128>

        Reviewed by Dean Jackson.

        We make the addition of certain Placard children conditional on the placard's metrics. Whenever the
        media controls metrics changes, the placard, if any, is set to have the same metrics and layout() is
        called where we ensure that there is enough space, per designs, to have the icon, description and even
        the title visible. We also make some CSS improvements to guarantee that the description is laid out on
        two lines at most and that both text labels are trimmed elegantly with an ellipsis shold the width be
        insufficient to display the whole text.

        Since we would have needed to have more width/height setter overrides to trigger layout, we now make
        LayoutNode trigger layout() directly and remove the need for subclasses to do this on a per-class basis.
        We also make layout() a method that can be called safely anytime as it's now no longer part of the DOM
        commit step, a new commit() method is used instead of that.

        Tests: media/modern-media-controls/layout-node/node-made-dirty-during-commit.html
               media/modern-media-controls/media-controls/media-controls-placard-compressed-metrics.html

        * Modules/modern-media-controls/controls/layout-node.js:
        (LayoutNode.prototype.set width):
        (LayoutNode.prototype.set height):
        Trigger a call to layout() anytime "width" or "height" is set on any LayoutNode.

        (LayoutNode.prototype.layout):
        (LayoutNode.prototype.commit):
        (performScheduledLayout):
        Make layout() an empty method that subclasses can override easily outside of the DOM commit cycle,
        its previous implementation is now called "commit()" which is a more accurate name.

        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.get placard):
        (MediaControls.prototype.get showsPlacard):
        (MediaControls.prototype.showPlacard):
        (MediaControls.prototype.hidePlacard):
        (MediaControls.prototype.layout):
        (MediaControls.prototype.get width): Deleted.
        (MediaControls.prototype.set width): Deleted.
        Add a "placard" property to make it simpler to reference the placard instead of making assumptions in
        several places in that class on the children order. Anytime we run a layout or show the placard, ensure
        that the placard metrics are synced with the media controls metrics.

        * Modules/modern-media-controls/controls/placard.css:
        (.placard .container):
        (.placard .title,):
        (.placard .description):
        We now ensure that both the title and description are trimmed with an ellipsis when we run out of space
        to display them fully.

        * Modules/modern-media-controls/controls/placard.js:
        (Placard.):
        (Placard.prototype.layout):
        We add new constraints to only show the icon, title and description if the placard is tall and wide enough.

        * Modules/modern-media-controls/controls/slider.js:
        (Slider.prototype.get width): Deleted.
        (Slider.prototype.set width): Deleted.
        Removed custom "width" getters and setters now we can just override layout() in case node metrics change.

        * Modules/modern-media-controls/controls/time-control.js:
        (TimeControl.prototype.set useSixDigitsForTimeLabels):
        (TimeControl.prototype.layout):
        (TimeControl.prototype.get width): Deleted.
        (TimeControl.prototype.set width): Deleted.
        (TimeControl.prototype._availableWidthHasChanged): Deleted.
        Removed custom "width" getters and setters now we can just override layout() in case node metrics change.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController):
        Ensure we flush pending updates at construction time so that we match the size of the media controls right
        at the first media layout.

2017-03-24  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] "ideal" constraints passed to getUserMedia should affect fitness score
        https://bugs.webkit.org/show_bug.cgi?id=170056

        Reviewed by Youenn Fablet.

        Include the fitness score calculated for ideal constraints in the calculation of a capture
        overall device fitness score. 

        No new tests, existing tests updated.

        * platform/mediastream/MediaConstraints.cpp:
        (WebCore::StringConstraint::fitnessDistance): Drive-by fix: return early if ideal is empty,
        not exact.

        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::supportsSizeAndFrameRate): Return fitness distance.
        (WebCore::RealtimeMediaSource::selectSettings): Include the fitness distance of supported
        ideal constraints.
        (WebCore::RealtimeMediaSource::supportsConstraint): New.
        (WebCore::RealtimeMediaSource::applyConstraints):
        * platform/mediastream/RealtimeMediaSource.h:

        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints): Sort candidate sources
        by their fitness score.

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::initializeCapabilities): Each video source should support
        one facing mode, not both.

2017-03-24  Dean Jackson  <dino@apple.com>

        Serialization of custom props in longhand should be "" not value of shorthand
        https://bugs.webkit.org/show_bug.cgi?id=167699
        <rdar://problem/30324200>

        Reviewed by Sam Weinig.

        https://www.w3.org/TR/css-variables/#variables-in-shorthands says
        "Pending-substitution values must be serialized as the empty string, if
        an API allows them to be observed."

        We were returning the cssText instead.

        Test: fast/css/variables/rule-property-get.html has been updated.

        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue): Return the empty string
        if we're a pending substitution value.

2017-03-24  Wenson Hsieh  <wenson_hsieh@apple.com>

        Unreviewed, fix the ToT build on the latest SDK.

        Add deprecated declaration guards around two synchronous UIItemProvider methods in WebItemProviderPasteboard.
        <rdar://problem/30451096> tracks adoption of the asynchronous versions of these methods.

        * platform/ios/WebItemProviderPasteboard.mm:
        (-[WebItemProviderPasteboard dataForPasteboardType:inItemSet:]):
        (-[WebItemProviderPasteboard _tryToCreateAndAppendObjectOfClass:toArray:usingProvider:]):

2017-03-24  Antoine Quint  <graouts@webkit.org>

        [Modern Media Controls] Captions don't move with the appearance of the inline controls
        https://bugs.webkit.org/show_bug.cgi?id=170051
        <rdar://problem/30754428>

        Reviewed by Dean Jackson.

        We now size the captions container to account for the controls bar height when visible. To do this,
        we use CSS variables to specify the height of the controls bar in default inline mode, compact inline
        mode and fullscreen mode.

        Test: media/modern-media-controls/tracks-support/tracks-support-captions-offset-with-controls-bar.html

        * Modules/modern-media-controls/controls/controls-bar.js:
        (ControlsBar.prototype.set faded):
        Notify the hosting MediaControls that the "faded" property changed.

        * Modules/modern-media-controls/controls/ios-inline-media-controls.css:
        (.media-controls.ios.inline > .controls-bar):
        Use the new --inline-controls-bar-height CSS variable to specify the inline bar height.

        * Modules/modern-media-controls/controls/macos-compact-inline-media-controls.css:
        (.media-controls.mac.inline.compact > .controls-bar):
        Use the new --inline-compact-controls-bar-height CSS variable to specify the inline bar height.

        * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css:
        (.media-controls.mac.fullscreen > .controls-bar):
        Use the new --fullscreen-controls-bar-height CSS variable to specify the inline bar height.

        * Modules/modern-media-controls/controls/macos-inline-media-controls.css:
        (.media-controls.mac.inline > .controls-bar):
        Use the new --inline-controls-bar-height CSS variable to specify the inline bar height.

        * Modules/modern-media-controls/controls/media-controls.css:
        (*):
        Specify new CSS variables for the various controls bar heights.

        * Modules/modern-media-controls/controls/media-controls.js:
        (MediaControls.prototype.controlsBarFadedStateDidChange):
        Notify the delegate of a controls bar "faded" property change. 

        * Modules/modern-media-controls/controls/text-tracks.css:
        (video::-webkit-media-text-track-container):
        (video::-webkit-media-text-track-container.visible-controls-bar):
        (video::-webkit-media-text-track-container.visible-controls-bar.compact-controls-bar):
        (video::-webkit-media-text-track-display):
        Shorten the height of the captions container when the controls bar is visible. We also
        fix a couple of prefixed properties that didn't need to be.

        * Modules/modern-media-controls/media/media-controller.js:
        (MediaController.prototype.controlsBarFadedStateDidChange):
        (MediaController.prototype._updateControlsIfNeeded):
        (MediaController.prototype._updateTextTracksClassList):
        (MediaController):
        Ensure we reflect the "faded" state of the controls bar on the captions container using
        a CSS class, as well as whether the controls bar mode is compact.

2017-03-24  Brent Fulgham  <bfulgham@apple.com>

        Handle recursive calls to ProcessingInstruction::checkStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=169982
        <rdar://problem/31083051>

        Reviewed by Antti Koivisto.

       See if we triggered a recursive load of the stylesheet during the 'beforeload'
       event handler. If so, reset to a valid state before completing the load.

       We should also check after 'beforeload' that we were not disconnected from (or
       moved to a new) document.

       I also looked for other cases of this pattern and fixed them, too.

       Tests: fast/dom/beforeload/image-removed-during-before-load.html
               fast/dom/beforeload/recursive-css-pi-before-load.html
               fast/dom/beforeload/recursive-link-before-load.html
               fast/dom/beforeload/recursive-xsl-pi-before-load.html

        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::clearExistingCachedSheet): Added.
        (WebCore::ProcessingInstruction::checkStyleSheet): Prevent recursive calls into
        this function during 'beforeload' handling. Also, safely handle the case where
        the element was disconnected in the 'beforeload' handler (similar to what
        we do in HTMLLinkElement).
        (WebCore::ProcessingInstruction::setCSSStyleSheet): Drive-by Fix: Protect the
        current document to match what we do in setXSLStyleSheet.
        * dom/ProcessingInstruction.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process): Prevent recursive calls into
        this function during 'beforeload' handling.
        * html/HTMLLinkElement.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::dispatchPendingBeforeLoadEvent): safely handle the case where
        the element was disconnected in the 'beforeload' handler (similar to what
        we do in HTMLLinkElement).
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::hasPendingSheet): Added.
        * style/StyleScope.h:

2017-03-24  Brady Eidson  <beidson@apple.com>

        A null compound index value crashes the Databases process.
        <rdar://problem/30499831> and https://bugs.webkit.org/show_bug.cgi?id=170000

        Reviewed by Alex Christensen.

        Test: storage/indexeddb/modern/single-entry-index-invalid-key-crash.html

        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::createKeyPathArray): Fix the bug by rejecting arrays with any invalid keys in them.
        
        Add some logging:
        * Modules/indexeddb/IDBKeyPath.cpp:
        (WebCore::loggingString):
        * Modules/indexeddb/IDBKeyPath.h:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::createIndex):
        * Modules/indexeddb/shared/IDBIndexInfo.cpp:
        (WebCore::IDBIndexInfo::loggingString):

2017-03-24  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r214360.

        This change caused 20+ LayoutTest failures.

        Reverted changeset:

        "Handle recursive calls to
        ProcessingInstruction::checkStyleSheet"
        https://bugs.webkit.org/show_bug.cgi?id=169982
        http://trac.webkit.org/changeset/214360

2017-03-24  Youenn Fablet  <youenn@apple.com>

        Add support for qpSum in WebRTC stats
        https://bugs.webkit.org/show_bug.cgi?id=170060

        Reviewed by Eric Carlson.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillRTCRTPStreamStats): exposing libwebrtc qpSum value.

2017-03-24  Daniel Bates  <dabates@apple.com>

        Prevent new navigations during document unload
        https://bugs.webkit.org/show_bug.cgi?id=169934
        <rdar://problem/31247584>

        Reviewed by Chris Dumez.

        Similar to our policy of preventing new navigations from onbeforeunload handlers
        we should prevent new navigations that are initiated during the document unload
        process.

        The significant part of this change is the instantiation of the RAII object NavigationDisabler
        in Document::prepareForDestruction(). The rest of this change just renames class
        NavigationDisablerForBeforeUnload to NavigationDisabler now that this RAII class is
        used to prevent navigation from both onbeforeunload event handlers and when unloading
        a document.

        Test: fast/frames/frame-unload-navigate-and-setTimeout-assert-fail.html

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Disable new navigations when disconnecting
        subframes. Also assert that the document is not in the page cache before we fall off
        the end of the function.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::isNavigationAllowed): Update for renaming below.
        (WebCore::FrameLoader::shouldClose): Ditto.
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::shouldScheduleNavigation): Ditto.
        * loader/NavigationScheduler.h:
        (WebCore::NavigationDisabler::NavigationDisabler): Renamed class; formerly named NavigationDisablerForBeforeUnload.
        (WebCore::NavigationDisabler::~NavigationDisabler): Ditto.
        (WebCore::NavigationDisabler::isNavigationAllowed): Ditto.
        (WebCore::NavigationDisablerForBeforeUnload::NavigationDisablerForBeforeUnload): Deleted.
        (WebCore::NavigationDisablerForBeforeUnload::~NavigationDisablerForBeforeUnload): Deleted.
        (WebCore::NavigationDisablerForBeforeUnload::isNavigationAllowed): Deleted.

2017-03-24  Myles C. Maxfield  <mmaxfield@apple.com>

        Implement font-optical-sizing
        https://bugs.webkit.org/show_bug.cgi?id=168895

        Reviewed by Dean Jackson.

        Upon advice from Microsoft, the only input to optical sizing is just the
        font-size computed value. It is implemented by setting the 'opsz' font
        variation axis. Because the propery has such a simple grammar, the
        implementation is quite straightforward.

        Test: fast/text/variations/optical-sizing.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator FontOpticalSizing):
        * css/CSSProperties.json:
        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionKey::makeFlagsKey):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::opticalSizing):
        (WebCore::FontDescription::setOpticalSizing):
        (WebCore::FontDescription::operator==):
        (WebCore::FontCascadeDescription::initialOpticalSizing):
        * platform/graphics/cocoa/FontCacheCoreText.cpp:
        (WebCore::preparePlatformFont):
        (WebCore::fontWithFamily):
        (WebCore::FontCache::createFontPlatformData):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData):
        * platform/text/TextFlags.h:

2017-03-24  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r214329.

        Significantly regressed Speedometer

        Reverted changeset:

        "window.crypto.getRandomValues() uses the insecure RC4 RNG"
        https://bugs.webkit.org/show_bug.cgi?id=169623
        http://trac.webkit.org/changeset/214329

2017-03-24  Yoav Weiss  <yoav@yoav.ws>

        Add a warning for unused link preloads.
        https://bugs.webkit.org/show_bug.cgi?id=165670

        Reviewed by Youenn Fablet.

        This patch adds a warning message, to warn developers that are using
        link preloads in cases where the downloaded resource is likely to
        remain unused.

        Test: http/tests/preload/unused_preload_warning.html

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Stop the timer once the document is destructed.
        * loader/LinkPreloadResourceClients.h: Add shouldMarkAsReferenced overides for the LinkPreloadResourceClient classes.
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::addClientToSet): Make sure LinkPreloadResourceClients don't set resource to be referenced.
        * loader/cache/CachedResourceClient.h:
        (WebCore::CachedResourceClient::shouldMarkAsReferenced): Make sure that ResourceClients mark preloads as referenced by default.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::CachedResourceLoader): Initialize timer.
        (WebCore::CachedResourceLoader::~CachedResourceLoader): Stop timer.
        (WebCore::CachedResourceLoader::warnUnusedPreloads): Iterate over m_preloads and issue a warning for non-referenced preloads.
        (WebCore::CachedResourceLoader::documentDidFinishLoadEvent): Trigger a timer if preloads weren't cleared at load time.
        (WebCore::CachedResourceLoader::warnUnusedPreloads): Triggered by the timer, and called CachedResourceLoader::warnUnusedPreloads.
        (WebCore::CachedResourceLoader::stopUnusedPreloadsTimer): Stop the timer.

2017-03-24  Brent Fulgham  <bfulgham@apple.com>

        Handle recursive calls to ProcessingInstruction::checkStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=169982
        <rdar://problem/31083051>

        Reviewed by Antti Koivisto.

        See if we triggered a recursive load of the stylesheet during the 'beforeload'
        event handler. If so, reset to a valid state before completing the load.

        We should also check after 'beforeload' that we were not disconnected from (or
        moved to a new) document.

        I also looked for other cases of this pattern and fixed them.

        Tests: fast/dom/beforeload/image-removed-during-before-load.html
               fast/dom/beforeload/recursive-css-pi-before-load.html
               fast/dom/beforeload/recursive-link-before-load.html
               fast/dom/beforeload/recursive-xsl-pi-before-load.html

        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::clearExistingCachedSheet): Added.
        (WebCore::ProcessingInstruction::checkStyleSheet): Reset to valid state
        if necessary after the 'beforeload' handler. Also, safely handle the case where
        the element was disconnected in the 'beforeload' handler (similar to what
        we do in HTMLLinkElement).
        (WebCore::ProcessingInstruction::setCSSStyleSheet): Drive-by Fix: Protect the
        current document to match what we do in setXSLStyleSheet.
        * dom/ProcessingInstruction.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::selectMediaResource): Safely handle the case where
        the element was disconnected in the 'beforeload' handler.
        (WebCore::HTMLMediaElement::selectNextSourceChild): Ditto.
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::dispatchPendingBeforeLoadEvent): Ditto.

2017-03-24  Myles C. Maxfield  <mmaxfield@apple.com>

        font-style needs a new CSSValue to make CSSRule.cssText work correctly
        https://bugs.webkit.org/show_bug.cgi?id=169258

        Reviewed by David Hyatt.

        With variation fonts, font-style's value can't be captured in a CSSPrimitiveValue (nor any other subclass
        off CSSValue) any more. Instead, we need to create two new CSSValues which represent the grammar that font-
        style and it's associated @font-face descriptor accept.

        The grammar of the font-style property is "normal | italic | oblique [ <<angle>> ]?"
        The grammar of the font-style descriptor is "normal | italic | oblique [ <<angle>> | <<angle>> <<angle>> ]?"

        We currently still support numbers in place of the <<angle>> value (contrary to the spec). We will remove
        this support in https://bugs.webkit.org/show_bug.cgi?id=169357.

        Tests: fast/text/font-selection-font-face-parse.html:
               fast/text/font-style-parse.html:

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSAllInOne.cpp:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::fontStyleFromStyle):
        (WebCore::fontShorthandValueForSelectionProperties):
        * css/CSSFontFace.cpp:
        (WebCore::calculateWeightRange):
        (WebCore::calculateStretchRange):
        (WebCore::calculateItalicRange):
        * css/CSSFontFaceSet.cpp:
        (WebCore::computeFontSelectionRequest):
        (WebCore::CSSFontFaceSet::matchingFaces):
        (WebCore::calculateWeightValue): Deleted.
        (WebCore::calculateStretchValue): Deleted.
        (WebCore::calculateStyleValue): Deleted.
        * css/CSSFontFaceSet.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule):
        * css/CSSFontStyleRangeValue.cpp: Added.
        (WebCore::CSSFontStyleRangeValue::customCSSText):
        (WebCore::CSSFontStyleRangeValue::equals):
        * css/CSSFontStyleRangeValue.h: Added.
        * css/CSSFontStyleValue.cpp: Added.
        (WebCore::CSSFontStyleValue::customCSSText):
        (WebCore::CSSFontStyleValue::equals):
        * css/CSSFontStyleValue.h: Added.
        * css/CSSFontValue.cpp:
        (WebCore::CSSFontValue::customCSSText):
        * css/CSSFontValue.h:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::equals):
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isFontStyleValue):
        (WebCore::CSSValue::isFontStyleRangeValue):
        * css/FontFace.cpp:
        (WebCore::FontFace::style):
        (WebCore::FontFace::weight):
        (WebCore::FontFace::stretch):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFontWeightFromValue):
        (WebCore::StyleBuilderConverter::convertFontStretchFromValue):
        (WebCore::StyleBuilderConverter::convertFontStyleFromValue):
        (WebCore::StyleBuilderConverter::convertFontWeight):
        (WebCore::StyleBuilderConverter::convertFontStretch):
        (WebCore::StyleBuilderConverter::convertFontStyle):
        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontStyle):
        (WebCore::consumeFontStyleRange):
        (WebCore::CSSPropertyParser::consumeSystemFont):
        (WebCore::CSSPropertyParser::consumeFont):
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::parseAttribute):

2017-03-24  Alex Christensen  <achristensen@webkit.org>

        REGRESSION: Content Blocker: Blocking "a[href*=randomString]" doesn't work
        https://bugs.webkit.org/show_bug.cgi?id=169167

        Reviewed by Simon Fraser.

        When testing content extensions, we have always called an API function that internally
        has called AtomicString::init somewhere before we start compiling the content extension.
        On iOS, though, we call [_WKUserContentExtensionStore compileContentExtensionForIdentifier:...]
        without having already called anything that calls AtomicString::init.  The new CSS parser is now
        failing to parse some selectors because CSSSelectorParser::defaultNamespace is returning starAtom,
        which is a null atomic string before AtomicString::init is called.

        Covered by a new API test.

        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::isValidCSSSelector):
        (WebCore::ContentExtensions::loadAction):
        (WebCore::ContentExtensions::isValidSelector): Deleted.
        * contentextensions/ContentExtensionParser.h:
        Call AtomicString::init before checking if a css selector is valid.

2017-03-24  Youenn Fablet  <youenn@apple.com>

        Add libwebrtc backend support for RTCRtpSender::replaceTrack
        https://bugs.webkit.org/show_bug.cgi?id=169841

        Reviewed by Alex Christensen.

        Tests: webrtc/audio-replace-track.html
               webrtc/video-replace-track.html

        Adding support for replaceTrack for audio and video sources.
        Replacing tracks will always succeed for audio sources.
        For video tracks, it will only succeed if the video resolution is not greater.
        LibWebRTCPeerConnectionBackend will delegate the track replacing by replacing the source of the outgoing sources with the source wrapped in the replacing track.

        Video test is not fully passing as size constraints for mock video sources are not providing the right video stream resolution.

        * Modules/mediastream/RTCRtpSender.cpp:
        (WebCore::RTCRtpSender::replaceTrack):
        * Modules/mediastream/RTCRtpSender.h:
        * Modules/mediastream/RTCRtpSender.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
        (WebCore::LibWebRTCPeerConnectionBackend::replaceTrack):
        * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
        (WebCore::RealtimeOutgoingAudioSource::setSource):
        * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
        (WebCore::RealtimeOutgoingVideoSource::setSource):
        * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::drawText):
        (WebCore::MockRealtimeVideoSource::generateFrame):

2017-03-24  Jon Lee  <jonlee@apple.com>

        Remove comment from RTCStatsReport.idl to convert ssrc to DOMString.
        Unreviewed.

        Latest available Editor's Draft of WebRTC Statistics API is from 14 December 2016,
        but since then, in https://github.com/w3c/webrtc-stats/pull/157, it was changed to become
        unsigned long.

        * Modules/mediastream/RTCStatsReport.idl:

2017-03-24  Youenn Fablet  <youenn@apple.com>

        Add support for DataChannel and MediaStreamTrack stats
        https://bugs.webkit.org/show_bug.cgi?id=170031

        Reviewed by Eric Carlson.

        Tests: webrtc/datachannel/datachannel-stats.html
               webrtc/video-mediastreamtrack-stats.html

        Exposing libwebrtc stats through WebRTC stats API, gathered for data channel and media stream tracks.

        * Modules/mediastream/RTCStatsReport.h:
        (WebCore::RTCStatsReport::MediaStreamTrackStats::MediaStreamTrackStats):
        (WebCore::RTCStatsReport::DataChannelStats::DataChannelStats):
        * Modules/mediastream/RTCStatsReport.idl:
        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillRTCMediaStreamTrackStats):
        (WebCore::fillRTCDataChannelStats):
        (WebCore::LibWebRTCMediaEndpoint::StatsCollector::OnStatsDelivered):

2017-03-24  Youenn Fablet  <youenn@apple.com>

        Fix framesEncoded/framesDecoded RTC stats
        https://bugs.webkit.org/show_bug.cgi?id=170024

        Reviewed by Eric Carlson.

        Test: webrtc/video-stats.html

        Adding access to these fields now that they are available.

        * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
        (WebCore::fillInboundRTPStreamStats):
        (WebCore::fillOutboundRTPStreamStats):

2017-03-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix GTK+ test /webkit2/WebKitWebView/default-menu after r214244.

        Fix mnemonic string of contextMenuItemTagOpenAudioInNewWindow() that I copy pasted from
        contextMenuItemTagOpenVideoInNewWindow().

        * platform/LocalizedStrings.cpp:
        (WebCore::contextMenuItemTagOpenAudioInNewWindow):

2017-03-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] MediaPlayerPrivateGStreamerOwr shouldn't be the default engine
        https://bugs.webkit.org/show_bug.cgi?id=170049

        Reviewed by Žan Doberšek.

        This is causing several media tests to fail after r214338. When trying to load something like this:

        http://127.0.0.1:8000/media/resources/serve-video.php?name=../../../../media/content/silence.wav&type=audio/wav&content-length=no&icy-data=yes

        since r214338, the content type is known and inferred from the extension in this case, what ends up calling
        nextMediaEngine() in MediaPlayer::loadWithNextMediaEngine. That returns the first registered media engine, that
        is Owr that doesn't know how to load that and fails.

        Fixes: http/tests/media/media-play-stream-chunked-icy.html
               http/tests/media/media-seeking-no-ranges-server.html
               http/tests/media/video-auth.html
               http/tests/media/video-play-stall-before-meta-data.html
               http/tests/security/contentSecurityPolicy/audio-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/audio-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/video-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/video-redirect-blocked.html

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::buildMediaEnginesVector):

2017-03-24  Per Arne Vollan  <pvollan@apple.com>

        Text stroke is sometimes clipped on video captions.
        https://bugs.webkit.org/show_bug.cgi?id=170006

        Reviewed by Eric Carlson.

        Set 'overflow' property to 'visible' on cue element to avoid clipping of text stroke.

        Updated test media/track/track-css-stroke-cues.html.

        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::applyCSSProperties):

2017-03-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Add MIMETypeRegistry implementation using xdgmime and remove the GTK+ one
        https://bugs.webkit.org/show_bug.cgi?id=170001

        Reviewed by Michael Catanzaro.

        The XDG implementation could be used by any port where shared-mime-info is expected to be available. It also
        improves the current GTK+ implementation that is based on a very small map of mime types and extensions.

        * CMakeLists.txt:
        * PlatformGTK.cmake:
        * platform/xdg/MIMETypeRegistryXdg.cpp: Renamed from Source/WebCore/platform/gtk/MIMETypeRegistryGtk.cpp.
        (WebCore::MIMETypeRegistry::getMIMETypeForExtension):
        (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):

2017-03-23  Jon Lee  <jonlee@apple.com>

        Update createDataChannel on RTCPeerConnection
        https://bugs.webkit.org/show_bug.cgi?id=170044

        Reviewed by Youenn Fablet.

        * Modules/mediastream/RTCPeerConnection.idl: Change label to USVString.

2017-03-23  Antti Koivisto  <antti@apple.com>

        Revert r213712, caused iPad PLT regression
        https://bugs.webkit.org/show_bug.cgi?id=170040

        Unreviewed.

        A few subtests have big regressions.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::pseudoStyleRulesForElement):
        * dom/Document.cpp:
        (WebCore::Document::resolveStyle):
        (WebCore::Document::updateLayoutIgnorePendingStylesheets):
        (WebCore::Document::shouldScheduleLayout):
        (WebCore::Document::didRemoveAllPendingStylesheet):
        * dom/Document.h:
        (WebCore::Document::didLayoutWithPendingStylesheets):
        (WebCore::Document::hasNodesWithPlaceholderStyle):
        (WebCore::Document::setHasNodesWithPlaceholderStyle):
        (WebCore::Document::hasNodesWithNonFinalStyle): Deleted.
        (WebCore::Document::setHasNodesWithNonFinalStyle): Deleted.
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::rendererIsNeeded):
        * page/FrameView.cpp:
        (WebCore::FrameView::qualifiesAsVisuallyNonEmpty):
        (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintContents):
        * rendering/RenderLayer.cpp:
        (WebCore::shouldSuppressPaintingLayer):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresRepaint):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::isPlaceholderStyle):
        (WebCore::RenderStyle::setIsPlaceholderStyle):
        (WebCore::RenderStyle::isNotFinal): Deleted.
        (WebCore::RenderStyle::setIsNotFinal): Deleted.
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::analyzeStyleSheetChange):
        (WebCore::Style::Scope::updateActiveStyleSheets):
        * style/StyleTreeResolver.cpp:
        (WebCore::Style::makePlaceholderStyle):
        (WebCore::Style::TreeResolver::styleForElement):
        (WebCore::Style::TreeResolver::resolveElement):

2017-03-23  Wenson Hsieh  <wenson_hsieh@apple.com>

        Dragging on a large image should not revert to a file icon if data interaction is enabled
        https://bugs.webkit.org/show_bug.cgi?id=170018
        <rdar://problem/31184508>

        Reviewed by Tim Horton.

        If data interaction is enabled, don't fall back to showing a file icon when initiating a drag on an image element.

        New API tests:  DataInteractionTests.LargeImageToTargetDiv
                        DataInteractionTests.AttachmentElementItemProviders

        * page/DragController.cpp:
        (WebCore::DragController::doImageDrag):
        (WebCore::DragController::shouldUseCachedImageForDragImage):
        * page/DragController.h:

2017-03-23  Youenn Fablet  <youenn@apple.com>

        Rename RTCIceCandidateEvent to RTCPeerConnectionIceEvent
        https://bugs.webkit.org/show_bug.cgi?id=169981

        Reviewed by Eric Carlson.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/mediastream/MediaEndpointPeerConnection.cpp:
        * Modules/mediastream/PeerConnectionBackend.cpp:
        (WebCore::PeerConnectionBackend::fireICECandidateEvent):
        (WebCore::PeerConnectionBackend::doneGatheringCandidates):
        * Modules/mediastream/RTCPeerConnection.cpp:
        * Modules/mediastream/RTCPeerConnectionIceEvent.cpp: Renamed from Source/WebCore/Modules/mediastream/RTCIceCandidateEvent.cpp.
        (WebCore::RTCPeerConnectionIceEvent::create):
        (WebCore::RTCPeerConnectionIceEvent::RTCPeerConnectionIceEvent):
        (WebCore::RTCPeerConnectionIceEvent::~RTCPeerConnectionIceEvent):
        (WebCore::RTCPeerConnectionIceEvent::candidate):
        (WebCore::RTCPeerConnectionIceEvent::eventInterface):
        * Modules/mediastream/RTCPeerConnectionIceEvent.h: Renamed from Source/WebCore/Modules/mediastream/RTCIceCandidateEvent.h.
        * Modules/mediastream/RTCPeerConnectionIceEvent.idl: Renamed from Source/WebCore/Modules/mediastream/RTCIceCandidateEvent.idl.
        * WebCore.xcodeproj/project.pbxproj:
        * dom/EventNames.in:

2017-03-23  Michael Catanzaro  <mcatanzaro@igalia.com>

        window.crypto.getRandomValues() uses the insecure RC4 RNG
        https://bugs.webkit.org/show_bug.cgi?id=169623

        Reviewed by Alex Christensen.

        * PlatformMac.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * crypto/CryptoKey.cpp:
        (WebCore::CryptoKey::randomData): Use this on Mac now.
        * crypto/mac/CryptoKeyMac.cpp: Removed.
        * page/Crypto.cpp:
        (WebCore::Crypto::getRandomValues): Rollout r214188.

2017-03-23  Chris Dumez  <cdumez@apple.com>

        SVG animations are not paused when their <svg> element is removed from the document
        https://bugs.webkit.org/show_bug.cgi?id=170030
        <rdar://problem/31230252>

        Reviewed by Dean Jackson.

        SVG animations were not paused when their <svg> element was removed from the document.
        This patch fixes the issue.

        Test: svg/animations/animations-paused-when-removed-from-document.html

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::insertedInto):
        (WebCore::SVGSVGElement::removedFrom):

2017-03-22  Myles C. Maxfield  <mmaxfield@apple.com>

        font shorthand should accept variation values
        https://bugs.webkit.org/show_bug.cgi?id=168998

        Reviewed by Simon Fraser.

        The CSS Fonts 4 spec has stabilized as to which variation values are allowed in
        the font shorthand property. Weights are allowed because a 0 weight is considered
        as a parse error, so there is no conflict with a unitless font-size of 0.
        font-style accepts angles, so there is no conflict there. However, font-stretch
        accepts percentages, which are also accepted by font-size, which means the newly
        extended grammar for font-stretch can't be accepted in the shorthand.

        Tests: fast/text/font-style-parse.html
               fast/text/font-weight-parse.html

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeFontWeight):
        (WebCore::consumeFontStyle):
        (WebCore::CSSPropertyParser::consumeFont):
        (WebCore::consumeFontWeightCSS21): Deleted.
        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::consumeFontWeightNumber):
        * css/parser/CSSPropertyParserHelpers.h:

2017-03-23  Chris Dumez  <cdumez@apple.com>

        SVG animations are not paused when inserted into a hidden page
        https://bugs.webkit.org/show_bug.cgi?id=170026
        <rdar://problem/31228704>

        Reviewed by Andreas Kling.

        SVG animations were not paused when inserted into a hidden page. We would pause
        animations in a page when the page becomes hidden. However, new animations
        inserted in the page after this point would start, despite the page being
        hidden.

        Tests:
        - svg/animations/animations-paused-when-inserted-in-hidden-document.html
        - svg/animations/animations-paused-when-inserted-in-hidden-document2.html

        * dom/Document.cpp:
        (WebCore::Document::accessSVGExtensions):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::SVGDocumentExtensions):
        (WebCore::SVGDocumentExtensions::addTimeContainer):
        (WebCore::reportMessage):
        * svg/SVGDocumentExtensions.h:
        * testing/Internals.cpp:
        (WebCore::Internals::areSVGAnimationsPaused):
        * testing/Internals.h:
        * testing/Internals.idl:

== Rolled over to ChangeLog-2017-03-23 ==